OTP verification in Django rest framework

[Salima Begum]

Hi, 

I completed OTP verification in Django. With html form and django views and I am saving otp in the user model itself. There I was successfully  completed. Here is a code snippet.

`HTML form`

```

 <form method="post" name="passwordResetForm" action="/phone-otp-verify/{{id}}" onsubmit="return myfn()">
                {% csrf_token %}
                <input id="codeBox1" class="secure_code" type="number" name="security_1" maxlength="1" onkeyup="onKeyUpEvent(1, event)" onfocus="onFocusEvent(1)" autofocus/>
                <input id="codeBox2" class="secure_code" type="number" name="security_2" maxlength="1" onkeyup="onKeyUpEvent(2, event)" onfocus="onFocusEvent(2)"/>
                <input id="codeBox3" class="secure_code" type="number" name="security_3" maxlength="1" onkeyup="onKeyUpEvent(3, event)" onfocus="onFocusEvent(3)"/>
                <input id="codeBox4" class="secure_code" type="number" name="security_4" maxlength="1" onkeyup="onKeyUpEvent(4, event)" onfocus="onFocusEvent(4)"/>
                <input id="codeBox5" class="secure_code" type="number" name="security_5" maxlength="1" onkeyup="onKeyUpEvent(5, event)" onfocus="onFocusEvent(5)"/>

                <input type="submit">
               
            </form>

```

`Views.py`

```

def phone_otp_verify(request, id):
    Qurycustomer = customer.objects.get(id=id)
    email = Qurycustomer.email
    email_split = email.split('@')
    email_list = email_split[0]
    email_hide = email_list[:2] + "*****" + email_split[1]
    phone_number = Qurycustomer.phonenumber
    phone_hide = phone_number[-4:]
    modified_date = Qurycustomer.modified_date
    date_now = timezone.now()
    date_total = date_now - modified_date
    minutes = date_total.seconds / 60
    OTP = Qurycustomer.phone_OTP

    if minutes < 11:
        OTP = Qurycustomer.phone_OTP
        # To get server side IP address. We are using ipware django package.
        client_ip, is_routable = get_client_ip(request)
        ip_address = client_ip
        #  here we took one variable as osname and concatenated os name and version
        osname = request.user_agent.os.family + " " + request.user_agent.os.version_string
        webname = request.user_agent.browser.family + " " + request.user_agent.browser.version_string
        if request.method == 'POST':
            security_1 = request.POST['security_1']
            security_2 = request.POST['security_2']
            security_3 = request.POST['security_3']
            security_4 = request.POST['security_4']
            security_5 = request.POST['security_5']
            # password = request.POST['password']
            # repassword = request.POST['repassword']
            OTP_entered = str(security_1) + str(security_2) + str(security_3) + str(security_4) + str(security_5)
            # OTP_entered = str(security_1) + str(security_2) + str(security_3) + str(security_4)
            OTP_en = int(OTP_entered)
            if OTP == OTP_en:
                # Here, encrypting password by using hashers library in django.
                # enc_password = pbkdf2_sha256.encrypt(password, rounds=12000, salt_size=32)
                # enc_repassword = pbkdf2_sha256.encrypt(repassword, rounds=12000, salt_size=32)
                Qurycustomer.cust_status = 1
                Qurycustomer.phone_verify = 1
                # Qurycustomer.password = enc_password
                # Qurycustomer.repassword = enc_repassword
                Qurycustomer.phone_OTP = 00000
                Qurycustomer.os_name = osname
                Qurycustomer.browser = webname
                Qurycustomer.ip_address = ip_address
                Qurycustomer.history.change_by_reason = "Phone number verified"
                Qurycustomer.save()
                # Welcome back! your membership activation is completed.
                success = "Thank you for registering with Vikreya. Your membership activation is completed. "
                # success = "Security code has been validated and Phone number verification is completed. You can now "
                return redirect('/home')
            else:
                messages.add_message(request, messages.ERROR,
                                     """You enter Security code is not valid.
                                Try once again with correct Security code.""", fail_silently=False)
                return render(request, 'phone_otp_verify.html', {'id': Qurycustomer.id, 'otp': OTP,
                                                                 'fullname': fullname(email),
                                                                 'name': first_last_initial(email),
                                                                 'time': settings.SESSION_IDLE_TIMEOUT,
                                                                 'phone_hide': phone_hide})
    else:
        Qurycustomer.phone_OTP = 00000
        Qurycustomer.save()
        messages.add_message(request, messages.ERROR, "Sorry the OTP is expired, please click Re-send OTP to generate new OTP.")
        return render(request, 'phone_otp_verify.html', {'id': Qurycustomer.id, 'otp': OTP,
                                                       'fullname': fullname(email),
                                                       'name': first_last_initial(email),
                                                       'time': settings.SESSION_IDLE_TIMEOUT,
                                                         'phone_hide': phone_hide})
    return render(request, 'phone_otp_verify.html', {'id': Qurycustomer.id, 'otp': OTP,
                                                    'fullname': fullname(email),
                                                    'name': first_last_initial(email),
                                                    'time': settings.SESSION_IDLE_TIMEOUT,
                                                   'phone_hide': phone_hide})

````

 and how to write in Django rest framework for otp verification. 

Please help me.

Thank you

~Salima