How to create a custom form with confirmation of action by Email or CMS

With the help of the JS code and RequestJS requests, we can create the functionality of a custom form in which the action will be confirmed by Email or SMS.

The JS code on the page: 

$(function(){
            $(document).delegate('.ae-sendCode', 'click', function(e){
              e.preventDefault();
              var contact = $('.ae-contact').val();
              if(!contact) {
                $('.ae-contact').focus();
              	return;
              }
              // we request the code for the user
              as.sys.request("auth", "sendCode", {
   		         data: { contact:contact },
        	     onSuccess: function (data) {
                   if (data.result && data.data && data.data.length) {
                     console.log(data.data);
                     var s = '';
                     as.sys.showDialog("Введите код", s, "OK", function () {
                        var code = $('.ae-code').val();
                        if(!code) {
                          $('.ae-code').focus();
                          return;
                        }
                        // we check the code and perform the target action
                       	as.sys.request("auth", "verifyCode", {
   		         			data: { contact:contact, code: code },
        	     			onSuccess: function (data) {
                   				if (data.result && data.data && data.data.length) {
                                  location.href='/';
                                }else{
                                   as.sys.bootstrapAlert(data.msg || "Invalid code, or the user is blocked", {type: "warning"});
                                }
                            }
                        });
                     });
                   }else {
                   	 as.sys.bootstrapAlert(data.msg || "Something went wrong. Check the specified contact.", {type: "warning"})
                   }
                 }
			  });
            });
        });	

The code of the first SQL procedure (sending the code to the user via email via an external action): 

CREATE OR ALTER   PROCEDURE [dbo].[request_auth_sendCode]
	@parameters DictionaryParameter READONLY,  -- or ExtendedDictionaryParameter
	@username nvarchar(32)
AS
BEGIN
	declare @code nvarchar(32) =  upper(left(convert(nvarchar(36), newid()), 5))   -- 'xxx12'

	declare @contact nvarchar(128)
	select @contact = Value from @parameters where [Key]='contact'



	declare @userID int, @email nvarchar(128)
	select @userID = id, @email = email from as_users where lower(email)=lower(@contact)

	if(@userID is null) begin
		select 'The specified email address was not found' Msg, 0 Result
		return
	end

	update as_users set sessionCode=@code, sessionCodeCreated = getdate()
	where id = @userID

	    -- SELECT 1 Msg, Result
	select '' Msg, 1 Result



    -- SELECT 2 Basic data in the form of an arbitrary table
    select 1 tst
    -- SELECT 3 External actions

	declare @body nvarchar(max) = 'Code to enter on the site - ' + @code
	select 'email' type, @email [to], 'Confirmation of the action' subject, @body body

END

Second SQL procedure (checking the code and executing the target action): 

CREATE OR ALTER   PROCEDURE [dbo].[request_auth_verifyCode]
	@parameters DictionaryParameter READONLY,  -- or ExtendedDictionaryParameter
	@username nvarchar(32)
AS
BEGIN
	declare @contact nvarchar(128)
	select @contact = Value from @parameters where [Key]='contact'
	declare @code nvarchar(128)
	select @code = Value from @parameters where [Key]='code'

	declare @userID int,@date datetime , @user nvarchar(128)
	select @userID = id, @date = sessionCodeCreated, @user = username  from as_users where lower(email)=lower(@contact) and lower(sessionCode)=lower(@code)

	if(@userID is null) begin
		select 'Неверный код' Msg, 0 Result
		return
	end

	if(datediff(minute, getdate(), @date) > 20) begin
		select 'The waiting time has expired. Try sending the code again' Msg, 0 Result
		return
	end

	-- SELECT 1 Msg, Result
	select '' Msg, 1 Result

    -- SELECT 2 Basic data in the form of an arbitrary table
    select 1 tst
    -- SELECT 3 External actions

    --- if everything is OK, then we execute the target action ....

END

Note:

  • in the table as_users 2 additional fields sessionCode and SessionCodeCreated - to store the current requested code and the time when the code was created (so that it is valid for a short period of time)
Falcon Space is a functional web development platform on a narrow stack MS SQL/Bootstrap. Falcon Space Gettting started
{sp-shortDemostandLinks}

Falcon Space Platform

This is a reduction in the cost of ownership

at the expense of fewer people to support

This is a quick change

while using the program

This is a modern interface

full adaptation for mobile devices

Note