OTP & Email verification page redesign and rewriting

On the OTP verification page show progress bar
1. Mobile verification
2. Email verification

Mobile Verification tab:

Have timer to resend otp only after 120 seconds
Resend otp or receive call button shouldn't be this big and both are greyed out till time is done
Allow maximum 3 resend in 24 hours
Display message incase they didn't receive otp to contact customer support
Call button should be displayed only after 2 resend sms attempts
Allow maximum 3 calls attempts in 24 hours

On Email verification tab:

PS:

URL for verification has to be unique. Currently some jugaad has ben done on this page and URL is same as login page
This URL will open only for those users who's mobile or email is not verified
Pass username and unique random string to this page for verification/security. Using this username and security key, pick user details from database for further processing
Don't display API structure, through which OTP is being sent
If anyone is opening this page directly or passing wrong parameters to this page, just redirect them to login page
There are 2 scenarios when user will land on verification page
1. After registration page
2. After login and when email or mobile is not verified
Don't allow to send OTP or verification email via API on a different phone no or email address which is not registerd with this user

Admin Panel:

Give option to disable email or phone verification or both. If disabled, user can login to system without verification and will not be prompted for verification

Remove:

Remove the option on the verification screen to change email or phone no
Incase someone wants to change email or phone no. They can always raise ticket and admin can change it for them

ladybirdweb / agora-invoicing-community