-
Notifications
You must be signed in to change notification settings - Fork 73
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
1853 id verification consent sms #2094
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the BE here generally looks good to me, pretty clean updates! just a couple of minor points that i don't think are necessary to address, but wanted to call attention to them.
i also ran through manual testing of the basic functionality here, and covered regression testing with email verification too. it may be worth noting the privacy center config flags used to determine whether email
or phone_number
are required identity inputs, since that did catch my attention for a sec. i'm not sure if we've got any spot to document privacy center configurability, but at least putting a note in the PR or issue may be helpful if people run into questions when they try to use this in the wild?
a couple of other asides that i noticed along the way, which we may want to create follow ups for:
- i found the setup docs generally good, but lacking a crucial detail that indicates the actual URL/path that needs to be hit for the given steps. am i missing something obvious? there do seem to be other points in the docs where we've also omitted the URL/path, so perhaps this is a deliberate decision? from the POV of a client, i think i'd find this pretty confusing. what do you think?
- i also noticed what seems to be a bug in our caching of verification codes - i don't think we're actually setting our verification codes to expire in the cache using the
identity_verification_code_ttl_seconds
setting, i think we're just relying on thedefault_ttl_seconds
expiration time. i created a follow up ticket for this one (theredis.identity_verification_code_ttl_seconds
config property is not being respected #2104)
src/fides/api/ops/api/v1/endpoints/consent_request_endpoints.py
Outdated
Show resolved
Hide resolved
src/fides/api/ops/api/v1/endpoints/consent_request_endpoints.py
Outdated
Show resolved
Hide resolved
694db27
to
0df61f1
Compare
Thanks so much for the thorough testing and review @adamsachs ! A couple things:
|
nice, this all looks good to me on the backend pieces - thanks for addressing everything i brought up in a thoughtful way! not sure if we want to go ahead and merge without further FE code review? things certainly seem functional, but can't comment much on the code itself :) |
Closes #1853
Code Changes
Steps to Confirm
fides.toml
setsubject_identity_verification_required = true
andnotification_service_type = "twilio_text"
nox -s dev
cd
intoclients/privacy-center
, runnpm install
,npm run build
, thennpm run dev
Pre-Merge Checklist
CHANGELOG.md
Description Of Changes
Write some things here about the changes and any potential caveats