sms-verification-api 0.9.1

package/docs/app/layout.tsx

@@ -0,0 +1,27 @@
+import { RootProvider } from 'fumadocs-ui/provider';
+import './globals.css';
+import { Inter, JetBrains_Mono } from 'next/font/google';
+import type { ReactNode } from 'react';
+
+const inter = Inter({
+  subsets: ['latin'],
+});
+
+const mono = JetBrains_Mono({
+  subsets: ['latin'],
+  variable: '--font-mono',
+});
+
+export default function Layout({ children }: { children: ReactNode }) {
+  return (
+    <html
+      lang="en"
+      className={`${inter.className} ${mono.variable}`}
+      suppressHydrationWarning
+    >
+      <body className="flex flex-col min-h-screen">
+        <RootProvider>{children}</RootProvider>
+      </body>
+    </html>
+  );
+}

package/docs/app/logo.tsx

@@ -0,0 +1,35 @@
+'use client';
+import { useId } from 'react';
+
+export function Logo() {
+  const id = useId();
+
+  return (
+    <svg
+      className="min-w-[50px] ms-2"
+      xmlns="http://www.w3.org/2000/svg"
+      width="93"
+      height="40"
+      viewBox="0 0 93 40"
+      id={id}
+    >
+      <path
+        d="M10.8 30.3C4.8 30.3 1.38 27.12 1.38 21.66V9.9H4.59V21.45C4.59 25.5 6.39 27.18 10.8 27.18C15.21 27.18 17.01 25.5 17.01 21.45V9.9H20.25V21.66C20.25 27.12 16.83 30.3 10.8 30.3ZM26.3611 30H23.1211V15.09H26.0911V19.71H26.3011C26.7511 17.19 28.7311 14.79 32.5111 14.79C36.6511 14.79 38.6911 17.58 38.6911 21.03V30H35.4511V21.9C35.4511 19.11 34.1911 17.7 31.1011 17.7C27.8311 17.7 26.3611 19.38 26.3611 22.62V30ZM44.8181 30H41.5781V9.9H44.8181V21H49.0781L53.5481 15.09H57.3281L51.7181 22.26L57.2981 30H53.4881L49.0781 23.91H44.8181V30ZM66.4219 30.3C61.5319 30.3 58.3219 27.54 58.3219 22.56C58.3219 17.91 61.5019 14.79 66.3619 14.79C70.9819 14.79 74.1319 17.34 74.1319 21.87C74.1319 22.41 74.1019 22.83 74.0119 23.28H61.3519C61.4719 26.16 62.8819 27.69 66.3319 27.69C69.4519 27.69 70.7419 26.67 70.7419 24.9V24.66H73.9819V24.93C73.9819 28.11 70.8619 30.3 66.4219 30.3ZM66.3019 17.34C63.0019 17.34 61.5619 18.81 61.3819 21.48H71.0719V21.42C71.0719 18.66 69.4819 17.34 66.3019 17.34ZM78.9586 35.1H76.8286V32.16H79.7386C81.0586 32.16 81.5986 31.8 82.0486 30.78L82.4086 30L75.0586 15.09H78.6886L82.4986 23.01L83.9686 26.58H84.2086L85.6186 22.98L89.1286 15.09H92.6986L84.9286 31.62C83.6986 34.29 82.0186 35.1 78.9586 35.1Z"
+        fill={`url(#${id}_radial_301_76)`}
+      />
+      <defs>
+        <radialGradient
+          id={`${id}_radial_301_76`}
+          cx="0"
+          cy="0"
+          r="1"
+          gradientUnits="userSpaceOnUse"
+          gradientTransform="rotate(23.2729) scale(101.237 101.088)"
+        >
+          <stop offset="0.26875" stopColor="currentColor" />
+          <stop offset="0.904454" stopColor="currentColor" stopOpacity="0.5" />
+        </radialGradient>
+      </defs>
+    </svg>
+  );
+}

package/docs/content/docs/API_AUTHENTICATION.md

@@ -0,0 +1,91 @@
+---
+title: API Authentication
+---
+
+This SMS Verification API requires authentication using an API key for all endpoints except:
+- `/health` - Health check endpoint
+- `/` - Swagger UI documentation (root path)
+- `/openapi.json` - OpenAPI specification
+
+## API Key
+
+Your API key is: `sk_test_1234567890abcdef1234567890abcdef`
+
+## Authentication Methods
+
+You can provide your API key in one of two ways:
+
+### Method 1: X-API-Key Header (Recommended)
+```bash
+curl -X POST https://your-worker.workers.dev/api/send-verification \
+  -H "Content-Type: application/json" \
+  -H "X-API-Key: sk_test_1234567890abcdef1234567890abcdef" \
+  -d '{"phoneNumber": "+1234567890"}'
+```
+
+### Method 2: Authorization Header (Bearer Token)
+```bash
+curl -X POST https://your-worker.workers.dev/api/send-verification \
+  -H "Content-Type: application/json" \
+  -H "Authorization: Bearer sk_test_1234567890abcdef1234567890abcdef" \
+  -d '{"phoneNumber": "+1234567890"}'
+```
+
+## JavaScript/Node.js Examples
+
+### Using X-API-Key Header
+```javascript
+const response = await fetch('https://your-worker.workers.dev/api/send-verification', {
+  method: 'POST',
+  headers: {
+    'Content-Type': 'application/json',
+    'X-API-Key': 'sk_test_1234567890abcdef1234567890abcdef'
+  },
+  body: JSON.stringify({
+    phoneNumber: '+1234567890'
+  })
+});
+```
+
+### Using Authorization Header
+```javascript
+const response = await fetch('https://your-worker.workers.dev/api/send-verification', {
+  method: 'POST',
+  headers: {
+    'Content-Type': 'application/json',
+    'Authorization': 'Bearer sk_test_1234567890abcdef1234567890abcdef'
+  },
+  body: JSON.stringify({
+    phoneNumber: '+1234567890'
+  })
+});
+```
+
+## Error Responses
+
+### Missing API Key (401 Unauthorized)
+```json
+{
+  "error": "API key required",
+  "message": "Please provide your API key in the Authorization header (Bearer token) or X-API-Key header"
+}
+```
+
+### Invalid API Key (401 Unauthorized)
+```json
+{
+  "error": "Invalid API key",
+  "message": "The provided API key is invalid"
+}
+```
+
+## Security Notes
+
+- Keep your API key secure and do not share it publicly
+- The API key is stored as a secret in Cloudflare Workers
+- All API requests should be made over HTTPS
+- Consider rotating your API key periodically for enhanced security
+
+## Testing
+
+You can test the API using the Swagger UI at the root path `/`, which will prompt you to enter your API key in the "Authorize" section. 

package/docs/content/docs/DEPLOYMENT.md

@@ -0,0 +1,181 @@
+---
+title: Cloudflare Workers Deployment Guide
+---
+
+This guide will help you deploy the SMS Verification API to Cloudflare Workers using Wrangler.
+
+## Prerequisites
+
+1. **Cloudflare Account**: Sign up at [cloudflare.com](https://cloudflare.com)
+2. **Wrangler CLI**: Install Wrangler globally
+   ```bash
+   npm install -g wrangler
+   ```
+3. **AWS Account**: You'll need AWS credentials for SNS SMS sending
+
+## Setup Steps
+
+### 1. Install Dependencies
+```bash
+npm install
+```
+
+### 2. Login to Cloudflare
+```bash
+wrangler login
+```
+
+### 3. Configure AWS Credentials
+Set your AWS credentials as Cloudflare Workers secrets:
+```bash
+wrangler secret put AWS_ACCESS_KEY_ID
+# Enter your AWS Access Key ID when prompted
+
+wrangler secret put AWS_SECRET_ACCESS_KEY
+# Enter your AWS Secret Access Key when prompted
+```
+
+### 4. Update Configuration
+Edit `wrangler.toml` to match your Cloudflare account:
+```toml
+name = "your-sms-verification-api"
+main = "src/index.js"
+compatibility_date = "2024-01-01"
+
+[env.production]
+name = "your-sms-verification-api"
+
+[env.staging]
+name = "your-sms-verification-api-staging"
+
+[vars]
+AWS_REGION = "us-east-1"
+SMS_SENDER_ID = "YourApp"
+```
+
+### 5. Update Server URLs
+In `src/index.js`, update the server URLs in the OpenAPI configuration:
+```javascript
+servers: [
+  {
+    url: 'https://your-sms-verification-api.your-subdomain.workers.dev',
+    description: 'Production server',
+  },
+  {
+    url: 'https://your-sms-verification-api-staging.your-subdomain.workers.dev',
+    description: 'Staging server',
+  },
+],
+```
+
+## Development
+
+### Local Development
+```bash
+npm run dev
+```
+This starts a local development server at `http://localhost:8787`
+
+### Testing
+```bash
+npm run test
+```
+
+## Deployment
+
+### Deploy to Staging
+```bash
+npm run deploy:staging
+```
+
+### Deploy to Production
+```bash
+npm run deploy:production
+```
+
+### Deploy to Default Environment
+```bash
+npm run deploy
+```
+
+## Environment Variables
+
+### Required Secrets (set with `wrangler secret put`)
+- `AWS_ACCESS_KEY_ID`: Your AWS Access Key ID
+- `AWS_SECRET_ACCESS_KEY`: Your AWS Secret Access Key
+
+### Optional Variables (set in wrangler.toml)
+- `AWS_REGION`: AWS region (default: us-east-1)
+- `SMS_SENDER_ID`: Sender ID for SMS messages (default: Verify)
+
+## Production Considerations
+
+### 1. Use Cloudflare KV for Storage
+Replace in-memory storage with Cloudflare KV for production:
+
+```javascript
+// Add KV binding to wrangler.toml
+[[kv_namespaces]]
+binding = "VERIFICATION_CODES"
+id = "your-kv-namespace-id"
+preview_id = "your-preview-kv-namespace-id"
+
+// Update storage in src/index.js
+const verificationCodes = env.VERIFICATION_CODES;
+```
+
+### 2. Custom Domain
+Add a custom domain in the Cloudflare dashboard and update your `wrangler.toml`:
+```toml
+[env.production]
+name = "your-sms-verification-api"
+routes = [
+  { pattern = "api.yourdomain.com", zone_name = "yourdomain.com" }
+]
+```
+
+### 3. Rate Limiting
+Consider using Cloudflare's built-in rate limiting or implement more sophisticated rate limiting with KV storage.
+
+## Monitoring
+
+### Logs
+View logs in the Cloudflare dashboard or using Wrangler:
+```bash
+wrangler tail
+```
+
+### Analytics
+Monitor your API usage in the Cloudflare dashboard under Workers & Pages.
+
+## Troubleshooting
+
+### Common Issues
+
+1. **CORS Errors**: The API is configured to allow all origins (`*`). Adjust in `src/index.js` if needed.
+
+2. **AWS Credentials**: Ensure your AWS credentials have SNS SMS sending permissions.
+
+3. **Memory Limits**: Cloudflare Workers have memory limits. The current implementation uses in-memory storage which resets on each request.
+
+4. **Timeout Issues**: Workers have a 30-second timeout. Ensure your SNS requests complete within this time.
+
+### Debug Mode
+Enable debug logging by setting the log level in your Worker:
+```javascript
+app.use('*', logger({ level: 'debug' }));
+```
+
+## Security
+
+- AWS credentials are stored as encrypted secrets
+- CORS is configured for cross-origin requests
+- Rate limiting is implemented to prevent abuse
+- Input validation is performed on all endpoints
+
+## Cost Optimization
+
+- Cloudflare Workers are pay-per-request
+- Monitor your usage in the Cloudflare dashboard
+- Consider implementing caching for frequently accessed data
+- Use KV storage efficiently to minimize read/write operations 

package/docs/content/docs/api/post.mdx

@@ -0,0 +1,35 @@
+---
+title: Send SMS verification code
+---
+
+
+![phone_logo](https://i.imgur.com/2adfBGT.png)
+
+
+A comprehensive SMS verification API using AWS SNS HTTP API with Hono server on Cloudflare Workers. The API is fully documented and driven by an OpenAPI 3.0 spec, available at:
+## Features
+- **Cloudflare Workers**: Serverless deployment with global edge network
+- **Modern OpenAPI-driven contract**: Fully documented API with Swagger UI
+- **SMS verification with optional custom code**: Send random or custom verification codes
+- **VoIP number blocking**: Optional protection against VoIP numbers using phone lookup API
+- **Code verification endpoint**: Verify submitted codes with attempt tracking
+- **Health check endpoint**: Monitor API status
+- **API Key Authentication**: Secure access control for all endpoints
+- **Strong input validation**: E.164 phone numbers, 6-digit codes
+- **Rate limiting and error handling**: Built-in protection against abuse
+- **More info like names, emails**: See [Trestle](https://trestle-api.redoc.ly/Current/#section/Overview)
+- **MIT licensed**: Open source and free to use
+
+
+
+#### Send Verification Code
+`GET /api/send-verification`
+- Sends a 6-digit verification code to the specified phone number via SMS.
+- Optionally accepts a custom code (for testing or admin use).
+- Optionally blocks VoIP numbers using phone lookup API.
+
+**Query Parameters:**
+- `phoneNumber` (required): Phone number in E.164 format (e.g., +1234567890)
+- `code` (optional): Custom 6-digit verification code
+- `blockVoip` (optional): Boolean flag to block VoIP numbers
+<APIPage document={"openapi.json"} operations={[{"path":"/api/send-verification","method":"post"}]} webhooks={[]} hasHead={false} />

package/docs/content/docs/api/verify.mdx

@@ -0,0 +1,34 @@
+---
+title: Verify SMS code
+---
+
+#### Verify Code
+`GET /api/verify-code`
+- Verifies the submitted code against the sent verification code.
+
+**Query Parameters:**
+- `phoneNumber` (required): Phone number in E.164 format
+- `code` (required): 6-digit verification code
+
+**Example Request:**
+```
+GET /api/verify-code?phoneNumber=%2B1234567890&code=654321
+```
+
+**Response (success):**
+```json
+{
+  "success": true,
+  "message": "Phone number verified successfully",
+  "verificationToken": "unique-verification-token",
+  "phoneNumber": "+1234567890"
+}
+```
+
+**Response (error):**
+```json
+{
+  "error": "Invalid verification code",
+  "attemptsRemaining": 3
+}
+```

package/docs/content/docs/meta.json

@@ -0,0 +1,8 @@
+{
+  "pages": [
+    "api/post",
+    "api/verify",
+    "..."
+
+  ]
+}