(fix): show a better error message for invalid phones

13c805eb · Marcelo Rivera · c28af3ce · 13c805eb · 13c805eb · 13c805eb
Commit 13c805eb authored 17 hours ago by Marcelo Rivera
Hide whitespace changes
Inline Side-by-side

Showing with 67 additions and 14 deletions
--- a/Controllers/api/v1/rewards/phone.php
+++ b/Controllers/api/v1/rewards/phone.php
@@ -7,6 +7,7 @@ namespace Minds\Controllers\api\v1\rewards;

 use Minds\Api\Factory;
 use Minds\Core;
+use Minds\Core\SMS\Exceptions\VoIpPhoneException;
 use Minds\Interfaces;

 class phone implements Interfaces\Api
@@ -24,7 +25,7 @@ class phone implements Interfaces\Api
            switch ($pages[0]) {
                case 'check':
                    return Factory::response([
-                        'onboarded' => (bool) Core\Session::getLoggedinUser()->getPhoneNumberHash()
+                        'onboarded' => (bool) Core\Session::getLoggedinUser()->getPhoneNumberHash(),
                    ]);
                    break;
                case 'verify':
@@ -52,7 +53,7 @@ class phone implements Interfaces\Api
                        $user->save();
                        return Factory::response([
                            'status' => 'success',
-                            'message' => 'You have successfully onboarded to Minds Rewards System'
+                            'message' => 'You have successfully onboarded to Minds Rewards System',
                        ]);
                    } else {
                        return Factory::response(['status' => 'error', 'message' => 'Wrong code']);
@@ -73,11 +74,18 @@ class phone implements Interfaces\Api
        /** @var Core\SMS\SMSServiceInterface $sms */
        $sms = Core\Di\Di::_()->get('SMS');

-        if (!$sms->verify($phone)) {
-            return Factory::response(['status' => 'success', 'message' => 'voip phones not allowed']);
+        try {
+            if (!$sms->verify($phone)) {
+                throw new VoIpPhoneException();
+            }
+        } catch (\Exception $e) {
+            return Factory::response([
+                'status' => 'error',
+                'message' => $e->getMessage(),
+            ]);
        }

-        $message = 'From Minds.com: Your code is '. $code;
+        $message = 'From Minds.com: Your code is ' . $code;
        $sms->send($phone, $message);

        return Factory::response(['status' => 'success', 'secret' => $secret]);

--- a/Controllers/api/v1/twofactor.php
+++ b/Controllers/api/v1/twofactor.php
@@ -12,6 +12,7 @@ use Minds\Api\Factory;
 use Minds\Core;
 use Minds\Core\Di\Di;
 use Minds\Core\Security;
+use Minds\Core\SMS\Exceptions\VoIpPhoneException;
 use Minds\Entities;
 use Minds\Interfaces;

@@ -63,8 +64,15 @@ class twofactor implements Interfaces\Api
                /** @var Core\SMS\SMSServiceInterface $sms */
                $sms = Core\Di\Di::_()->get('SMS');

-                if (!$sms->verify($_POST['tel'])) {
-                    return Factory::response(['status' => 'error', 'message' => 'voip phones are not supported']);
+                try {
+                    if (!$sms->verify($_POST['tel'])) {
+                        throw new VoIpPhoneException();
+                    }
+                } catch (\Exception $e) {
+                    return Factory::response([
+                        'status' => 'error',
+                        'message' => $e->getMessage(),
+                    ]);
                }

                $message = 'From Minds.com: Your code is '. $twofactor->getCode($secret);
@@ -111,12 +119,12 @@ class twofactor implements Interfaces\Api
                if ($twofactor->verifyCode($secret, $_POST['code'], 1)) {
                    global $TWOFACTOR_SUCCESS;
                    $TWOFACTOR_SUCCESS = true;
-                    
+
                    $sessions = Core\Di\Di::_()->get('Sessions\Manager');
                    $sessions->setUser($user);
                    $sessions->createSession();
                    $sessions->save(); // save to db and cookie
-                    
+
                    //\login($user, true);

                    $response['status'] = 'success';
@@ -129,14 +137,14 @@ class twofactor implements Interfaces\Api
                break;
            case "remove":
                $validator = Di::_()->get('Security\Password');
-            
+
                if (!$validator->check(Core\Session::getLoggedinUser(), $_POST['password'])) {
                    return Factory::response([
                        'status' => 'error',
                        'message' => 'Password incorrect'
                    ]);
                }
-        
+
                $user = Core\Session::getLoggedInUser();
                $user->twofactor = false;
                $user->telno = false;

--- a/Core/Rewards/Join.php
+++ b/Core/Rewards/Join.php
@@ -2,11 +2,13 @@
 /**
 * Join the rewards program
 */
+
 namespace Minds\Core\Rewards;

 use Minds\Core\Di\Di;
 use Minds\Core;
 use Minds\Core\Referrals\Referral;
+use Minds\Core\SMS\Exceptions\VoIpPhoneException;
 use Minds\Entities\User;
 use Minds\Core\Util\BigNumber;

@@ -108,6 +110,10 @@ class Join
        return $this;
    }

+    /**
+     * @return string
+     * @throws VoIpPhoneException
+     */
    public function verify()
    {
        $secret = $this->twofactor->createSecret();
@@ -117,8 +123,9 @@ class Join
        $this->db->insert("rewards:verificationcode:$user_guid", compact('code', 'secret'));

        if (!$this->sms->verify($this->number)) {
-            throw new \Exception('voip phones not allowed');
+            throw new VoIpPhoneException();
        }
+
        $this->sms->send($this->number, $code);

        return $secret;
@@ -131,7 +138,7 @@ class Join

        if (!empty($row)) {
            if (!$this->sms->verify($this->number)) {
-                throw new \Exception('voip phones not allowed');
+                throw new VoIpPhoneException();
            }
            $this->sms->send($this->number, $row['code']);


--- a/Core/SMS/Exceptions/InvalidPhoneException.php
+++ b/Core/SMS/Exceptions/InvalidPhoneException.php
+<?php
+/**
+ * @author: eiennohi.
+ */
+
+namespace Minds\Core\SMS\Exceptions;
+
+class InvalidPhoneException extends \Exception
+{
+}
--- a/Core/SMS/Exceptions/VoIpPhoneException.php
+++ b/Core/SMS/Exceptions/VoIpPhoneException.php
+<?php
+/**
+ * @author: eiennohi.
+ */
+
+namespace Minds\Core\SMS\Exceptions;
+
+class VoIpPhoneException extends \Exception
+{
+    public function __construct($message = null, \Throwable $previous = null)
+    {
+        $this->message = $message ?? 'voip phones are not allowed';
+        parent::__construct($this->message, 0, $previous);
+    }
+}
--- a/Core/SMS/SMSServiceInterface.php
+++ b/Core/SMS/SMSServiceInterface.php
 <?php
 namespace Minds\Core\SMS;

+use Minds\Core\SMS\Exceptions\InvalidPhoneException;
+
 interface SMSServiceInterface
 {
    /**
     * Verifies the number isn't from a voip line
     * @param $number
     * @return boolean
+     * @throws InvalidPhoneException
     */
    public function verify($number);


--- a/Core/SMS/Services/Twilio.php
+++ b/Core/SMS/Services/Twilio.php
@@ -6,6 +6,7 @@
 namespace Minds\Core\SMS\Services;

 use Minds\Core\Di\Di;
+use Minds\Core\SMS\Exceptions\InvalidPhoneException;
 use Minds\Core\SMS\SMSServiceInterface;
 use Twilio\Rest\Client as TwilioClient;

@@ -30,6 +31,7 @@ class Twilio implements SMSServiceInterface
     * Verifies the number isn't a voip line
     * @param $number
     * @return boolean
+     * @throws InvalidPhoneException
     */
    public function verify($number)
    {
@@ -40,8 +42,8 @@ class Twilio implements SMSServiceInterface
            return $phone_number->carrier['type'] !== 'voip';
        } catch (\Exception $e) {
            error_log("[guard] Twilio error: {$e->getMessage()}");
+            throw new InvalidPhoneException('Invalid Phone Number', 0, $e);
        }
-        return false;
    }

    /**