This process describes adding an additional authentication method to an existing person, update authentication method and delete it.
Use GET persom/{id}/ authentication_method to find authentication method' id of person
Specification
Authorize
Verify the validity of access token
Check user scope authentication_method:write in order to perform this action
Get global parameters
Invoke Global parameters to get following parameter:
phone_number_auth_limit - Check if in table person_authentication_methods with type =
OTP> N, thenerror 422, such a phone already exists more N timesthird_person_limit - In table person_auth_methods with type =
THIRD_PERSON> N, then error 422third_person_term
cURL example
curl -X GET \
{:host}/prm/api/global_parameters
|
Validate request
if action = deactivate
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"action": "deactivate",
"authentication_methods": {
"id": "057413fb-2c2e-4f33-b2d6-433469212744"
}
}
}
if action = update
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"action": "update",
"authentication_methods": {
"id": "057413fb-2c2e-4f33-b2d6-433469212744",
"alias": "roksolana",
"default": "true"
}
}
}
if action = insert
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"action": "insert",
"authentication_methods": {
"type": "THIRD_PERSON",
"value": "d12888c0-1159-4296-8f03-a592c136f673",
"phone_number` : "+380656779678",
"alias": "roksolana"
}
}
}
Validate ids
Fiend value is person.id
validate person.id UUID
in case error return 422
search person by person.id in MPI
in case error return 422, "Such person doesn't exist"
Search auth requests by person id
To prevent requests duplication search in il.auth_method_requests.person_id = $.person_id and il.auth_method_requests.status = NEW or APPROVED, then
Change status of all found person requests:
SET IL_DB.authentication_method_requests.status = 'CANCELED' WHERE IL_DB.authentication_method_requests.id IN (:LIST) |
Validate by actions
if action = deactivate
Field
typemust beTHIRD_PERSON. (where person_auth_method.id = $authentication_method.id)If person < 14, check this auth_method.default=False
if action = update
validate authentication_methods.id belong to this person. Search auth method of this person where MPI.person_authentication_method.person_id = $.person.id
in case error return 422, "such authentication method does not belong to this person"
set it only for auth_method.type = THIR_PERSON
optional field
defaultmust be only = TRUE
if action = insert
if type = OTP or OFFLINE,
phone_numberis required and don’t setvalue. And fieldaliasis optional.if type = THIRD_PERSON,
valueis required and don’t setphone_number. And fieldaliasis required.validate value:
validate person.id is UUID
in case error return 422
search person by person.id in MPI
in case error return 422, "such person doesn't exist"
search person by person.id in MPI
in case error return 422, "third person must be active"
search third_person.age > 18 years:
in case error return 422, "third person must be adult"
validate third_person.auth_method !=N/A
in case error return 422, "third person must has ayjth method OTP or OFFLINE"
Generate verification code
If action = insert
Invoke Initialize OTP to generate one time password and send it where auth_method_requests.auth_method_current = OTP. (Use function in mpi, that returm default auth method)
cURL example
curl -X POST \
http://localhost:4000/verifications \
-H 'content-type: application/json' \
-d '{
"phone_number": "+380936235985"
}'
|
Generate upload URL
Where auth_method_requests.auth_method_current = OFFLINE
Generate URL's with type person.{$.person.documents.[:].type} (or Generate URL's with type third_person.{$.third_person.documents.[:].type})