Is there a way, a function with Lucce, to get an identification of member through the mobile phone number ?
I suppose, all social network run like this ?
Thanks for any advise.
Pierre.
I already posted in “DEV” with no replies. Then, I try in “support” category.
May be, I did not explain well what I want ?
Or it is not a Lucee code, has to see with Phone development.
Thanks anyway to Lucee.
Linux debian 10
apache 2.4
Lucee 5.4.1.8
Ucanaccess 5 (driver Lucee-Access mdb through JDBC)
This is a very open ended question, and not specifically a Lucee but a programming question.
If you want to just have a form where someone inputs some number string and then you query against the number string, if you receive a record match do something with it.
<!--- lookup the record --->
<cfquery name="qryMobilePhone" datasource="myDataSource"
select * from MyTableNameC
where MobilePhone = <cfqueryparam cfsqltype="cf_sql_varchar" value="#trim(form.mobileNumber)
>
<!--- Now you have your result, its either there or not so now do something if it matched --->
<cfif qryMobilePhone.recordCount eq 1>
</cfif>
I assume you wish to send some code via text message to a phone number and ask the user to confirm receiving the message by entering the code you sent, so you could use this flow in cell phone number verification and/or SMS based two factor authentication, right?
You won’t find any language or framework that supports something like that out of the box, as you’ll need to send the text message via some sort of gateway. It should however be really easy to implement a service like Plivo (Verify API - SMS and Voice OTP Verification) or Twilio (SMS API | Twilio), both of which offer APIs to that effect.
It depends very much on what you want to achieve?
You usually always need to do the 1. just to be sure the mobile number used really belongs to the user registering it. However, depending on the audience, there might be a need to validate those numbers with strengthness. I’d make a pre-validation for those numbers, because each country/state has its own numbering plan, and you want to be sure that the number the user has submitted is a valid private mobile phone number, and NOT some sort of expensive privat sms service charging you for submitting the actual wheather for 3Euros/SMS or similar. That can get very expensive quickly. I have added such a validation to the site I was managing back in 2007, and there weren’t such services like twilio. We had to group all numbering plans country by country and whitelist/blacklist the first digits of the mobile numbers. Today the majority of the services like @Markus_Wollny mentioned offer such a pre-validation on the fly.
if you also want to use SMS for 2FA, I’d do it after mobile number validation only. An alternative to sending a SMS on each login would be to use some sort of OATH-based authentication e.g. Google Authenticator or similar.
i can see how sms is more useful for ‘casual’ users rather than employees, for that I’d use Microsoft Entra or 2factor code like google, otherwise sms is better for those who dont use the site much or are non-technical end users.
a quick way to do this is to store in your db the ‘code’ you are sending along with a datetime stamp, and then use a scheduled task to cleanup those records from the db. then send sms though any gateway (or your phone via rest api app)
I rolled my own and have a AU 3c (most international are 5-6c) (~1.80USD atm) per sms here in AU (international rate) though an sms gateway, but US only is a lot cheaper through twilio by the looks (0.007c) so not worried about costs. There are other options like getting a super cheap sim with unlimited sms and using android rest api on the phone to send messages. For this to be cheap you need a super cheap plan and be sending volume. #somanyoptions