RCSZilla Versiunea 1.0

API de verificare OTP

Ghid de integrare aplicație mobilă

Trimiteți parole de unică folosință prin SMS sau email și verificați-le din orice aplicație.

*
Acest endpoint necesită un token Bearer sau X-API-Token — generați o cheie API din Setări → Cheie API.

Trimite OTP

POST /api/?endpoint=send_otp

Generează un cod, îl trimite destinatarului și înregistrează încercarea. Limitat la un trimitere per 60 de secunde per destinatar.

Corp cerere

Câmp Tip Descriere
recipient string obligatoriu Număr de telefon (format E.164) sau adresă de email.
channel string opțional "sms" sau "email". Implicit: canalul configurat în Setări OTP.
lang string opțional Codul limbii șablonului: en, ro, bg, fr, de, uk. Implicit "en".
ref_id string opțional Referința ta opțională (ID comandă, sesiune…) — returnată în răspunsul de verificare.

Exemplu cerere

cURL
curl -X POST "https://api.rcszilla.com/api/?endpoint=send_otp" \
  -H "Authorization: Bearer YOUR-API-TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"recipient":"+40700000000","channel":"sms","lang":"en","ref_id":"order_42"}'
PHP
$ch = curl_init('https://api.rcszilla.com/api/?endpoint=send_otp');
curl_setopt_array($ch, [
    CURLOPT_POST           => true,
    CURLOPT_POSTFIELDS     => json_encode([
        'recipient' => '+40700000000',
        'channel'   => 'sms',
        'lang'      => 'en',
        'ref_id'    => 'order_42',
    ]),
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER     => ['Authorization: Bearer YOUR-API-TOKEN', 'Content-Type: application/json'],
]);
$result = json_decode(curl_exec($ch), true);
// $result = ['success' => true, 'otp_id' => 42]
Python
import requests

r = requests.post(
    "https://api.rcszilla.com/api/",
    params={"endpoint": "send_otp"},
    json={"recipient": "+40700000000", "channel": "sms", "lang": "en", "ref_id": "order_42"},
    headers={"Authorization": "Bearer YOUR-API-TOKEN"},
    timeout=10,
)
print(r.json())  # {'success': True, 'otp_id': 42}
Node.js
const res = await fetch("https://api.rcszilla.com/api/?endpoint=send_otp", {
  method: "POST",
  headers: { "Authorization": "Bearer YOUR-API-TOKEN", "Content-Type": "application/json" },
  body: JSON.stringify({ recipient: "+40700000000", channel: "sms", lang: "en", ref_id: "order_42" }),
});
const data = await res.json();
// data = { success: true, otp_id: 42 }
Ruby
require 'net/http'; require 'json'
uri = URI("https://api.rcszilla.com/api/?endpoint=send_otp")
req = Net::HTTP::Post.new(uri, 'Authorization' => 'Bearer YOUR-API-TOKEN', 'Content-Type' => 'application/json')
req.body = {recipient: '+40700000000', channel: 'sms', lang: 'en'}.to_json
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == 'https') { |h| h.request(req) }
puts JSON.parse(res.body)
Go
payload, _ := json.Marshal(map[string]string{"recipient": "+40700000000", "channel": "sms", "lang": "en"})
req, _ := http.NewRequest("POST", "https://api.rcszilla.com/api/?endpoint=send_otp", bytes.NewBuffer(payload))
req.Header.Set("Authorization", "Bearer YOUR-API-TOKEN")
req.Header.Set("Content-Type", "application/json")
resp, _ := http.DefaultClient.Do(req)
// read resp.Body...
Java
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
    .uri(URI.create("https://api.rcszilla.com/api/?endpoint=send_otp"))
    .header("Authorization", "Bearer YOUR-API-TOKEN")
    .header("Content-Type", "application/json")
    .POST(HttpRequest.BodyPublishers.ofString(
        "{\"recipient\":\"+40700000000\",\"channel\":\"sms\",\"lang\":\"en\"}"
    ))
    .build();
HttpResponse<String> response = client.send(request, HttpResponse.BodyHandlers.ofString());
// parse response.body() as JSON

Răspuns

JSON200 OK
{
  "success": true,
  "message": "OTP sent.",
  "otp_id": 42
}
JSON429 Rate Limited
{
  "success": false,
  "message": "Please wait 45 seconds before requesting a new code.",
  "retry_after": 45
}

Verifică OTP

POST /api/?endpoint=verify_otp

Verifică codul trimis față de cel mai recent OTP activ pentru acest destinatar.

Corp cerere

Câmp Tip Descriere
recipient string obligatoriu Același telefon/email folosit la trimitere.
code string obligatoriu Codul introdus de utilizator.

Exemplu cerere

cURL
curl -X POST "https://api.rcszilla.com/api/?endpoint=verify_otp" \
  -H "Authorization: Bearer YOUR-API-TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"recipient":"+40700000000","code":"123456"}'
PHP
$ch = curl_init('https://api.rcszilla.com/api/?endpoint=verify_otp');
curl_setopt_array($ch, [
    CURLOPT_POST           => true,
    CURLOPT_POSTFIELDS     => json_encode(['recipient' => '+40700000000', 'code' => '123456']),
    CURLOPT_RETURNTRANSFER => true,
    CURLOPT_HTTPHEADER     => ['Authorization: Bearer YOUR-API-TOKEN', 'Content-Type: application/json'],
]);
$result = json_decode(curl_exec($ch), true);
if ($result['success']) {
    // phone verified — proceed with user action
}
Python
r = requests.post(
    "https://api.rcszilla.com/api/",
    params={"endpoint": "verify_otp"},
    json={"recipient": "+40700000000", "code": "123456"},
    headers={"Authorization": "Bearer YOUR-API-TOKEN"},
)
if r.json().get("success"):
    pass  # verified — continue
Node.js
const res = await fetch("https://api.rcszilla.com/api/?endpoint=verify_otp", {
  method: "POST",
  headers: { "Authorization": "Bearer YOUR-API-TOKEN", "Content-Type": "application/json" },
  body: JSON.stringify({ recipient: "+40700000000", code: "123456" }),
});
const { success, message, otp_id, ref_id, verified_at } = await res.json();
Ruby
require 'net/http'; require 'json'
uri = URI("https://api.rcszilla.com/api/?endpoint=verify_otp")
req = Net::HTTP::Post.new(uri, 'Authorization' => 'Bearer YOUR-API-TOKEN', 'Content-Type' => 'application/json')
req.body = {recipient: '+40700000000', code: '123456'}.to_json
res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == 'https') { |h| h.request(req) }
puts JSON.parse(res.body)
Go
payload, _ := json.Marshal(map[string]string{"recipient": "+40700000000", "code": "123456"})
req, _ := http.NewRequest("POST", "https://api.rcszilla.com/api/?endpoint=verify_otp", bytes.NewBuffer(payload))
req.Header.Set("Authorization", "Bearer YOUR-API-TOKEN")
req.Header.Set("Content-Type", "application/json")
resp, _ := http.DefaultClient.Do(req)
// read resp.Body...

Răspuns

JSON200 OK
{
  "success": true,
  "message": "OTP verified successfully.",
  "otp_id": 42,
  "ref_id": "order_42",
  "verified_at": "2026-05-05T14:30:00+00:00"
}
JSON422 Wrong Code
{
  "success": false,
  "message": "Wrong code. 2 attempt(s) remaining.",
  "attempts_remaining": 2
}

Coduri de eroare

HTTP Descriere
400Cerere invalidă sau acțiune necunoscută.
401Token API invalid sau lipsă.
403Prea multe încercări greșite — OTP invalidat.
404Niciun OTP activ găsit pentru acest destinatar.
410OTP-ul a expirat.
422Cod greșit — răspunsul include attempts_remaining.
429Limită de rată — răspunsul include retry_after (secunde).
500Eroare de livrare — verificați setările canalului.