I looked around for a plugin that would allow me to log my users in with sms instead of email, but did not find anything. So I built it myself. This post is just a reference in case someone would like to do the same (or of course comment on problems they see with the solution)
I use a combination of backend workflows and Magic Login URL to make it work.
A data type “SMS token” has 4 key values; pin hidden, Magic URL hidden, pin entered, Magic URL exposed. The two hidden fields has privacy settings that hides them for everyone.
The user enters the mobile number in the browser. A data entry for “SMS token” is created in the database with a randomly created pin hidden, plus a Magic URL hidden. The pin is sent as sms to the mobile number entered, and the Magic URL is created based on a search for user matching the mobile number.
The SMS token is also kept in the browser as a state.
The page changes dynamically to a “enter pin” state. The entered pin is returned to a backend workflow that matches the entered pin to the pin hidden. If it is a match then Magic URL hidden is copied over to Magic URL exposed (no privacy setting for this field), and the user is redirected to this URL.
The SMS token also has logic for signup (no users found in search). This prevents multiple users per mobile number, plus that it makes sure that the mobile number is confirmed (we need to be able to reach each client via mobile, so this is value adding)