This diagram illustrates the architecture and flow of an OTP (One-Time Password) generation and verification system. The system ensures secure email-based OTP delivery and verification, leveraging Redis for temporary storage and a Bull queue for job processing.

Components and Flow

1. User Interaction

  • Generate OTP:
    • The user initiates the OTP generation process by hitting the otp/generate endpoint (a POST request).
  • Verify OTP:
    • Once the user receives the OTP via email, they enter it and call the otp/verify endpoint (a POST request) for verification.

2. Generate OTP Endpoint

  • When the user calls the otp/generate endpoint:
    1. A request is sent to the Bull Queue Producer, which is responsible for queuing the task.
    2. The Bull Queue Producer adds the job to the OTP Jobs Queue.
    3. The expected body is
      {
          email : "example@gamil.com"
      }

3. OTP Jobs Queue

  • The OTP Jobs Queue acts as a middleware between job creation and processing. It:
    1. Receives queued tasks from the Bull Queue Producer.
    2. Passes the tasks to the Processor for execution.

4. Processor

  • The Processor is a critical component responsible for:
    1. Generating the OTP.
    2. Temporarily storing the OTP in Redis with a Time-to-Live (TTL) value with 10 minute expiry.
    3. Forwarding the OTP and email details to the Mailer.

5. Mailer

  • The Mailer calls an external email service to send the generated OTP to the user’s submitted email address. Once the email is sent:
    1. The mailer service uses an otp.hbs file for the mail template located in mailer folder.
    2. The OTP is stored in Redis (TTL ensures automatic deletion after expiry).
    3. A success acknowledgment is returned.

6. Verify OTP Endpoint

  • The otp/verify endpoint:
    1. Retrieves the user-submitted OTP.
    2. Checks the OTP stored in Redis.
    3. If the OTP matches and is valid (not expired), it returns a positive response (e.g., OTP is correct).
    4. If the OTP does not match or is expired, it returns an error response (e.g., OTP is incorrect).
    5. Expected payload in body
      {
          email : "test@gmail.com",
          otp : "456123"
      }