Hi I ve been trying to implement a phone+otp registration fl Ory Community #ory-selfhosting

Hi. I've been trying to implement a phone+otp regi...

swift-fountain-14586

12/04/2024, 9:38 PM

Hi. I've been trying to implement a phone+otp registration flow in ORY Kratos for the past day and am facing an issue while fetching the code through the pre-built UI: Expected sms template but got nil I tried adding this to my templates:

Copy code

courier:
  templates:
    registration_code:
      valid:
        sms:
          body:
            plaintext: "<base64://WW91ciBjb2RlIGlzOiB7eyAuUmVnaXN0cmF0aW9uQ29kZSB9fQo>="
        email:
          body:
            plaintext: "<base64://WW91ciBjb2RlIGlzOiB7eyAuUmVnaXN0cmF0aW9uQ29kZSB9fQo>="

But then I get the error that sms is not allowed in registration_code Kratos documentation also mentions that sms templates are only allowed for verification_code and login_code. I'm running v1.3.1. Does this mean registration flow using phone and OTP is not supported yet?

magnificent-energy-493

12/05/2024, 9:24 AM

Hey, yea I think OTP/code strategy is only for login, verification, and recovery. However if you have a use case where you have "login via code" as the only authentication option, then there are probably workarounds. Have you considered passwords or other auth methods as fallback as well? I mean it is a subjective thing and depends on your audience, but I personally would never use a service that only lets me authenticate through my email/sms.

swift-fountain-14586

12/12/2024, 4:14 AM

I see. But there is a pull request that seems to enable this: https://github.com/ory/kratos/pull/4104 It's not in the official release but is merged to master. I've built from master but I running into some errors with the flow. Could you confirm the functionality with this PR?

magnificent-energy-493

12/12/2024, 2:14 PM

Hey @swift-fountain-14586 I was wrong previously - I just checked and registration flow also works using SMS or Email OTP. The feature will be included in the next release as far as I can tell. If you need it right now I would suggest looking into the managed service or getting an Enterprise License for Ory Kratos.

most-train-86113

12/13/2024, 4:07 AM

I have encountered the same problem, just created an issue on github https://github.com/ory/kratos/issues/4243

swift-fountain-14586

12/14/2024, 5:14 PM

@most-train-86113 @magnificent-energy-493 Except the limitation of setting a custom template, I've gotten the flow working after building from master. The only caveat is that when you update the registration/login flow with the values required for phone+code, you get a 400 error but the flow works

swift-fountain-14586

12/14/2024, 5:26 PM

@most-train-86113 In case you need to handle the error:

Copy code

if resp.StatusCode == http.StatusBadRequest {
		trueError := false
		stateRaw, ok := responseBody["state"]
		if !ok {
			trueError = true
		}
		state, ok := stateRaw.(string)
		if !ok {
			trueError = true
		}
		if state != "sent_email" {
			trueError = true
		}
		if trueError {
			return fmt.Errorf("unexpected status code: %d", resp.StatusCode)
		}
}

44 Views

Open in Slack

Previous Next