(fix): show a better error message for invalid phones

1bb52381 · Marcelo Rivera · c28af3ce · 1bb52381 · 1bb52381 · 1bb52381
Commit 1bb52381 authored 8 minutes ago by Marcelo Rivera
Hide whitespace changes
Inline Side-by-side

Showing with 34 additions and 15 deletions
--- a/Controllers/api/v1/rewards/phone.php
+++ b/Controllers/api/v1/rewards/phone.php
@@ -24,7 +24,7 @@ class phone implements Interfaces\Api
            switch ($pages[0]) {
                case 'check':
                    return Factory::response([
-                        'onboarded' => (bool) Core\Session::getLoggedinUser()->getPhoneNumberHash()
+                        'onboarded' => (bool) Core\Session::getLoggedinUser()->getPhoneNumberHash(),
                    ]);
                    break;
                case 'verify':
@@ -52,7 +52,7 @@ class phone implements Interfaces\Api
                        $user->save();
                        return Factory::response([
                            'status' => 'success',
-                            'message' => 'You have successfully onboarded to Minds Rewards System'
+                            'message' => 'You have successfully onboarded to Minds Rewards System',
                        ]);
                    } else {
                        return Factory::response(['status' => 'error', 'message' => 'Wrong code']);
@@ -73,11 +73,18 @@ class phone implements Interfaces\Api
        /** @var Core\SMS\SMSServiceInterface $sms */
        $sms = Core\Di\Di::_()->get('SMS');

-        if (!$sms->verify($phone)) {
-            return Factory::response(['status' => 'success', 'message' => 'voip phones not allowed']);
+        try {
+            if (!$sms->verify($phone)) {
+                return Factory::response(['status' => 'success', 'message' => 'voip phones not allowed']);
+            }
+        } catch (\Exception $e) {
+            return Factory::response([
+                'status' => 'error',
+                'message' => 'Invalid phone number',
+            ]);
        }

-        $message = 'From Minds.com: Your code is '. $code;
+        $message = 'From Minds.com: Your code is ' . $code;
        $sms->send($phone, $message);

        return Factory::response(['status' => 'success', 'secret' => $secret]);

--- a/Controllers/api/v1/twofactor.php
+++ b/Controllers/api/v1/twofactor.php
@@ -63,8 +63,15 @@ class twofactor implements Interfaces\Api
                /** @var Core\SMS\SMSServiceInterface $sms */
                $sms = Core\Di\Di::_()->get('SMS');

-                if (!$sms->verify($_POST['tel'])) {
-                    return Factory::response(['status' => 'error', 'message' => 'voip phones are not supported']);
+                try {
+                    if (!$sms->verify($_POST['tel'])) {
+                        return Factory::response(['status' => 'success', 'message' => 'voip phones not allowed']);
+                    }
+                } catch (\Exception $e) {
+                    return Factory::response([
+                        'status' => 'error',
+                        'message' => 'Invalid phone number',
+                    ]);
                }

                $message = 'From Minds.com: Your code is '. $twofactor->getCode($secret);
@@ -111,12 +118,12 @@ class twofactor implements Interfaces\Api
                if ($twofactor->verifyCode($secret, $_POST['code'], 1)) {
                    global $TWOFACTOR_SUCCESS;
                    $TWOFACTOR_SUCCESS = true;
-                    
+
                    $sessions = Core\Di\Di::_()->get('Sessions\Manager');
                    $sessions->setUser($user);
                    $sessions->createSession();
                    $sessions->save(); // save to db and cookie
-                    
+
                    //\login($user, true);

                    $response['status'] = 'success';
@@ -129,14 +136,14 @@ class twofactor implements Interfaces\Api
                break;
            case "remove":
                $validator = Di::_()->get('Security\Password');
-            
+
                if (!$validator->check(Core\Session::getLoggedinUser(), $_POST['password'])) {
                    return Factory::response([
                        'status' => 'error',
                        'message' => 'Password incorrect'
                    ]);
                }
-        
+
                $user = Core\Session::getLoggedInUser();
                $user->twofactor = false;
                $user->telno = false;

--- a/Core/Rewards/Join.php
+++ b/Core/Rewards/Join.php
@@ -115,10 +115,14 @@ class Join

        $user_guid = $this->user->guid;
        $this->db->insert("rewards:verificationcode:$user_guid", compact('code', 'secret'));
-
-        if (!$this->sms->verify($this->number)) {
-            throw new \Exception('voip phones not allowed');
+        try {
+            if (!$this->sms->verify($this->number)) {
+                throw new \Exception('voip phones not allowed');
+            }
+        } catch (\Exception $e) {
+            throw new \Exception('Invalid phone number');
        }
+
        $this->sms->send($this->number, $code);

        return $secret;

--- a/Core/SMS/Services/Twilio.php
+++ b/Core/SMS/Services/Twilio.php
@@ -30,6 +30,7 @@ class Twilio implements SMSServiceInterface
     * Verifies the number isn't a voip line
     * @param $number
     * @return boolean
+     * @throws \Exception
     */
    public function verify($number)
    {
@@ -40,8 +41,8 @@ class Twilio implements SMSServiceInterface
            return $phone_number->carrier['type'] !== 'voip';
        } catch (\Exception $e) {
            error_log("[guard] Twilio error: {$e->getMessage()}");
+            throw $e;
        }
-        return false;
    }

    /**