How to Integrate Automatically verify OTP system in Android App

How to Integrate Automatically verify OTP: You can use Firebase authentication to enable the user to sign in to your app by sending an SMS to the user’s device with a one-time password. The user then enters this OTP into your app, if the OTP matches then the sign in is successful and the user can access your app.

How to Integrate Automatically verify OTP system in Android App?

  • The latest version of Android Studio Installed on your PC or Laptop.
  • A smartphone, as OTP cannot be sent to an emulator.
  • A Gmail ID to enable Firebase and add your project to Firebase console.

How to Integrate Automatically verify OTP

In fact, there are many ways to automatically fill in the OTP field by reading messages on our phone using READ_SMS permissions. However, Google has strictly prohibited the use of such permissions for security reasons. You can read the full explanation here.

Since we can no longer use the Read_SMS permission, Google has offered some other options for implementing automatic SMS verification using the SMS Verification API, including automatic and one-tap SMS verification. Let’s find out how they work!

Note*

  1. Messages that are sent to the user’s device must be no longer than 140 bytes.
  2. Message must contains a one-time code that user’s will send back to the server.
  3. Message must contain an 11-character hash string.

This only works in Android devices with play service version 10.2 or latest.

Import Library

  • implementation ‘com.google.android.gms:play-services-auth:19.2.0’
  • implementation ‘com.google.android.gms:play-services-auth-api-phone:17.5.1’

When a client’s phone receives a message containing a unique string, the SMS Retriever API will broadcast the message with the intent of SmsRetriever.SMS_RETRIEVED_ACTION. Then, you should use a broadcast receiver to get the verification message.

public class OTP_Receiver extends BroadcastReceiver {

    private OtpReceiverListener otpReceiverListener;

    public OTP_Receiver() {
    }

    public void initListener(OtpReceiverListener otpReceiverListener) {
        this.otpReceiverListener = otpReceiverListener;
    }

    @Override
    public void onReceive(Context context, Intent intent) {
        if (SmsRetriever.SMS_RETRIEVED_ACTION.equals(intent.getAction())) {
            Bundle bundle = intent.getExtras();
            if (bundle != null) {
                Status status = (Status) bundle.get(SmsRetriever.EXTRA_STATUS);
                if (status != null) {
                    switch (status.getStatusCode()) {
                        case CommonStatusCodes
                                .SUCCESS:
                            String message = (String) bundle.get(SmsRetriever.EXTRA_SMS_MESSAGE);
                            if (message != null) {
                                Pattern pattern = Pattern.compile("\\d{6}");
                                Matcher matcher = pattern.matcher(message);

                                if (matcher.find()) {
                                    String myOtp = matcher.group(0);

                                    if (this.otpReceiverListener != null) {
                                        this.otpReceiverListener.onOtpSuccess(myOtp);
                                    } else {
                                        if (this.otpReceiverListener != null) {
                                            this.otpReceiverListener.onOtpTimeout();
                                        }
                                    }
                                }
                            }
                            break;
                        case CommonStatusCodes.TIMEOUT:
                            if (this.otpReceiverListener != null) {
                                this.otpReceiverListener.onOtpTimeout();
                            }
                            break;
                    }
                }
            }
        }
    }

    public interface OtpReceiverListener {
        void onOtpSuccess(String otp);

        void onOtpTimeout();
    }
}

Don’t forget to register your Broadcast Receiver to manifest.

<receiver android:name=".MySMSBroadcastReceiver" android:exported="true"
          android:permission="com.google.android.gms.auth.api.phone.permission.SEND">
    <intent-filter>
        <action android:name="com.google.android.gms.auth.api.phone.SMS_RETRIEVED"/>
    </intent-filter>
</receiver>

Then you are ready to start the SMS Retriever to listen to SMS that contains a unique string to identify your app for up to 5 minutes.

otp_receiver = new OTP_Receiver();
        this.registerReceiver(otp_receiver, new IntentFilter(SmsRetriever.SMS_RETRIEVED_ACTION));
        otp_receiver.initListener(new OTP_Receiver.OtpReceiverListener() {
            @Override
            public void onOtpSuccess(String otp) {
                //String otp --> is your OTP
            }

            @Override
            public void onOtpTimeout() {
                Toast.makeText(OtpVerifyActivity.this, "Something went wrong!", Toast.LENGTH_SHORT).show();
            }
        });

If you want full source code of this project then you can download this project from GitHub for free.

Read More:

Leave a Comment

Your email address will not be published.

Shopping Cart