|
Description: |
Background and Objectives
Our website is currently running on Drupal 10. As our company is subject to competitive online gaming space regulated by UKGC, we need to enhance our platform with additional security, user engagement, and communication features. This project is being executed as a side project while our in-house developer focuses on core application development.
Objectives:
• Enhance User Account Management:
Develop a robust “My Account” section where users can:
o View and update their profiles (personal details, addresses, and passwords, excluding Birthdate).
o Manage referrals by inviting friends and family to join our online gaming club.
o Display count of approved referred members.
• Implement Multi-Factor Authentication (MFA/2FA):
Introduce a multi-factor authentication process for secure logins, incorporating:
o TOTP (e.g., Google Authenticator, Authy)
o Supported by SMS-based and/or WhatsApp-based pin code delivery
• Integrate SMS & WhatsApp API:
Enable automated communications for:
o Two-factor authentication notifications.
o Account activity alerts (e.g., profile changes, password resets).
o Event reminders and alerts related to gaming competitions.
________________________________________
3. Scope of Work
In-Scope
1. New Module Integrations on Existing Drupal 10.2 Framework
o User Account Enhancements:
Develop or integrate a “My Account” dashboard for profile viewing and editing.
o Include functionality to manage addresses, update passwords, and send confirmation notifications.
o Implement referral/invitation functionality for users to invite others.
o Multi-Factor Authentication (MFA/2FA):
o Integrate an MFA solution that supports TOTP, SMS, and WhatsApp. (Email confirmation is a natural byproduct if needed.)
o Ensure that every login (or sensitive account change) triggers a second-factor authentication step.
o SMS/WhatsApp API Integration:
o Integrate an SMS service (e.g., Intellisms) and/or official WhatsApp API for:
o Delivery of 2FA/MFA verification codes/links.
o Sending transactional notifications such as password resets and order confirmations.
o Dispatching event-related reminders (e.g., race alerts, qualification updates).
2. Configuration and Compliance Adjustments
o Configure the new modules to work seamlessly within the existing Drupal 10.2 environment.
o Ensure all new features comply with GDPR, UK data protection laws, and the regulations for UK certified gaming operators.
PROVEN EXPERIENCED DRUPAL DEVELOPERS WITH 2FA/SMS INSTALLTION ONLY PLEASE. |
