search

mestafrica / mobile-wallet-fraud-database

Currently, curbing mobile money fraud in the country is nearly impossible. To tackle this issue, we propose developing a real-time database that allows users to query and determine if a phone number is likely fraudulent based on public contributions, especially from those who have experienced fraud.
MIT License
0 stars 10 forks source link

Check Number Status #16

Closed alexboateng closed 1 month ago

alexboateng commented 1 month ago

Endpoint: /api/fraud/check/{phone} Method: GET Description: Allows users to query the database to check if a phone number is reported as fraudulent. Authorization Required: Yes

Path Parameter: Phone Number: The phone number to check for fraud reports.

Validations: Phone Number: Must be in a valid format and typically normalized to ensure consistency in database queries. Security Measures:

Authorization Check: Verify that the user is authenticated to access this service. This helps in monitoring and limiting access to sensitive data.

Input Sanitization: Ensure that the input phone number is sanitized to prevent SQL injection and other forms of attacks.

Feedback: Success: If the number has been reported, return a detailed report including dates, network, status, and any user comments. If the number has not been reported, a message like "No reports found for this number."

Failure: If the phone number is invalid, return an error message such as "Invalid phone number format." If unauthorized access is attempted, a message like "You do not have permission to access this information."

Note: Add test cases for all scenarios

muchinon commented 1 month ago

@alexboateng I want to pick up this issue

muchinon commented 1 month ago

https://github.com/mestafrica/mobile-wallet-fraud-database/pull/54