Optimize the usage of OTP

[josmilan]

There have been cases of Twilio SMS messaging being misused, resulting in companies getting huge bills. We also could optimize our Twilio login as it’s doesn’t make sense how it works today. Here are some suggestions from Twilio: Implement a basic anti-flooding or rate limiting system on your app (For example, make sure your app will not send more than 1 message per X minutes to the same mobile number, to the same number range, to the same IP in your system). Example: tie with session tokens. Recommendations: 1) We recommend implementing an exponential delay between unconfirmed messages that can be sent to the same number. 2) We recommend signing up for a DDOS mitigation/bot detection service to help you detect malicious scripts and repeating bad actors in your system. 3) Detect when repeat bad actors are using your platform to make requests at scale

Implemented functionality: To address the risk of potential misuse, a rate-limiting mechanism has been implemented, restricting the number of messages that can be sent to the same mobile number within a one-minute window. The set limit is three messages per minute, serving as a safeguard against flooding, unauthorized access, and associated cost escalation.

[josmilan]

@lijogeorgep if this issue is completed, can you retest and raise a PR

[lijogeorgep]

@josmilan Done .

[josmilan]

Done