Skip to contentSkip to navigationSkip to topbar
Rate this page:
On this page

Verify Phone Verification Python Django Quickstart


(warning)

Warning

Verify v1 API has reached End of Sale. It is now closed to new customers and will be fully deprecated in the future.

For new development, we encourage you to use the Verify v2 API. v2 has an improved developer experience and new features, including:

  • Twilio helper libraries in multiple languages
  • PSD2 Secure Customer Authentication Support
  • Improved Visibility and Insights

Existing customers will not be impacted at this time until Verify v1 API has reached End of Life. For more information about migration, see Migrating from 1.x to 2.x.

Phone Verification is an important, high-confidence step in a registration flow to verify that a user has the device they claim to have. Adding Twilio Verify to your application to validate new accounts will greatly reduce your number of fraudulent registrations and protect future application users from having their numbers registered by scammers.

This quickstart guides you through creating a Python, Django app that requires a Phone Verification step to create an account. Two channels of Phone Verification are demoed: SMS and Voice.

Ready to add Twilio Verify to a demo app and keep the bad actors away?


Sign Into (or Create) a Twilio Account

sign-into-or-create-a-twilio-account page anchor

Either sign up for a free Twilio trial, or sign into an existing Twilio account(link takes you to an external page).

Create a New Account Security Application

create-a-new-account-security-application page anchor

Once logged in, visit the Verify Console(link takes you to an external page). Click on the red 'Create New Application' (or big red plus ('+') if you already created one) to create a new Verify application then name it something memorable.

verify create application.

Twilio will redirect you to the Settings page next:

verify reveal keys.

Click the eyeball icon to reveal your Production API Key, and copy it somewhere safe. You will use the API Key during the application setup step below.


Clone and Setup the Verification Application

clone-and-setup-the-verification-application page anchor

Start by cloning our Django repository.(link takes you to an external page) Enter the directory and use pip to install all of our dependencies:


_10
pip install -r requirements.txt

  1. Open the file .env.example
  2. Change ACCOUNT_SECURITY_API_KEY to the API Key from the above step
  3. Now, save the file as .env

Enter an Application API Key

enter-an-application-api-key page anchor

Enter the API Key from the Verify console and optionally change the port.


_10
# You can get/create one here :
_10
# https://www.twilio.com/console/authy/applications
_10
ACCOUNT_SECURITY_API_KEY='ENTER_SECRET_HERE'

Run the app migrations to get everything up to date:


_10
./manage.py migrate

That's all the setup you'll need.

Now, launch the application with:


_10
./manage.py runserver

Assuming your API Key is correctly entered, you'll soon get a message that the app is up!


Use the Django Twilio Verify Demo

use-the-django-twilio-verify-demo page anchor

Keeping your phone at your side, visit the Phone Verification page of the demo at http://localhost:8000/verification/(link takes you to an external page)

Enter a Country Code and Phone Number, then choose which channel to request verification over, 'SMS' or 'CALL' (Voice). Finally, hit the blue 'Request Verification' button and wait.

Phone Verification by SMS or Voice.

You'll either receive a phone call or an SMS with the verification token. If you requested a phone call, as an additional security feature you may need to interact to proceed (enter a number on the phone keypad).

Phone Verification Start Verification

phone-verification-start-verification page anchor

_51
from authy.api import AuthyApiClient
_51
from django.conf import settings
_51
from django.shortcuts import render, redirect
_51
_51
from .forms import VerificationForm, TokenForm
_51
_51
_51
authy_api = AuthyApiClient(settings.ACCOUNT_SECURITY_API_KEY)
_51
_51
_51
def phone_verification(request):
_51
if request.method == 'POST':
_51
form = VerificationForm(request.POST)
_51
if form.is_valid():
_51
request.session['phone_number'] = form.cleaned_data['phone_number']
_51
request.session['country_code'] = form.cleaned_data['country_code']
_51
authy_api.phones.verification_start(
_51
form.cleaned_data['phone_number'],
_51
form.cleaned_data['country_code'],
_51
via=form.cleaned_data['via']
_51
)
_51
return redirect('token_validation')
_51
else:
_51
form = VerificationForm()
_51
return render(request, 'phone_verification.html', {'form': form})
_51
_51
_51
def token_validation(request):
_51
if request.method == 'POST':
_51
form = TokenForm(request.POST)
_51
if form.is_valid():
_51
verification = authy_api.phones.verification_check(
_51
request.session['phone_number'],
_51
request.session['country_code'],
_51
form.cleaned_data['token']
_51
)
_51
if verification.ok():
_51
request.session['is_verified'] = True
_51
return redirect('verified')
_51
else:
_51
for error_msg in verification.errors().values():
_51
form.add_error(None, error_msg)
_51
else:
_51
form = TokenForm()
_51
return render(request, 'token_validation.html', {'form': form})
_51
_51
_51
def verified(request):
_51
if not request.session.get('is_verified'):
_51
return redirect('phone_verification')
_51
return render(request, 'verified.html')

Either way you requested the passcode, enter the token into the Verification entry form and click 'Verify Phone':

Phone Verification Entry Box.

Phone Verification Check Verification

phone-verification-check-verification page anchor

_51
from authy.api import AuthyApiClient
_51
from django.conf import settings
_51
from django.shortcuts import render, redirect
_51
_51
from .forms import VerificationForm, TokenForm
_51
_51
_51
authy_api = AuthyApiClient(settings.ACCOUNT_SECURITY_API_KEY)
_51
_51
_51
def phone_verification(request):
_51
if request.method == 'POST':
_51
form = VerificationForm(request.POST)
_51
if form.is_valid():
_51
request.session['phone_number'] = form.cleaned_data['phone_number']
_51
request.session['country_code'] = form.cleaned_data['country_code']
_51
authy_api.phones.verification_start(
_51
form.cleaned_data['phone_number'],
_51
form.cleaned_data['country_code'],
_51
via=form.cleaned_data['via']
_51
)
_51
return redirect('token_validation')
_51
else:
_51
form = VerificationForm()
_51
return render(request, 'phone_verification.html', {'form': form})
_51
_51
_51
def token_validation(request):
_51
if request.method == 'POST':
_51
form = TokenForm(request.POST)
_51
if form.is_valid():
_51
verification = authy_api.phones.verification_check(
_51
request.session['phone_number'],
_51
request.session['country_code'],
_51
form.cleaned_data['token']
_51
)
_51
if verification.ok():
_51
request.session['is_verified'] = True
_51
return redirect('verified')
_51
else:
_51
for error_msg in verification.errors().values():
_51
form.add_error(None, error_msg)
_51
else:
_51
form = TokenForm()
_51
return render(request, 'token_validation.html', {'form': form})
_51
_51
_51
def verified(request):
_51
if not request.session.get('is_verified'):
_51
return redirect('phone_verification')
_51
return render(request, 'verified.html')

And with that, your demo app is protected with Twilio's Phone Verification! You can now log out to try the untried channel.


Your demo app is now keeping fraudulent users from registering with your business and polluting your database. Next, check out all of the variables and options available to you in the Phone Verification API Reference. Also, to protect your customers in an ongoing manner (with this same codebase) try the Python Django Authy Two-Factor Authentication Quickstart.

After that, visit the Docs for more Account Security demos and tutorials and web applications using all of Twilio's products.


Rate this page: