hi @patrick,
When the user logs in, “security login action” returns 200 OK. So everything is very good. but what I want to implement is to send an sms (OTP) with “API Action” right after the user is logged in. But since “security login action” returns 200 ok response, “API Action” does not work. Is there a way to use OTP without creating a new server action?
(php spa)
1 Like
Hi Serhat,
I’d suggest a different workflow using 2 server actions.
Server action 1 - having a database query, which checks the user and password if correct -> run the api send the OTP and store the OTP in the users table.
The other one, run on form submit, where the user enters the OTP. Then first check the OTP with a database query and run the login step after that using the query results.
hi @teodor ,
I tried this way but the problem is . When the user sends a correct password and username to the first server connect, he is already logged in. and the user’s id and 200 response are returned. In this case the user is actually logged in. In this case, OTP does not make much sense.
(I hope I explained the problem correctly.)
But don’t put the security provider in the first server action. Use a database query to check if the user/pass are correct and then run the API for the OTP.
Use the security provider in the second server action, when the user submits the correct OTP.
Hi @s.alpaslan did you manage to create otp? If you don’t mind, would you share how to do it. Especially on the api action part. I saw there is ‘if else’ executed there.