From 32764c95d19327282c33d11299a43c2b61292206 Mon Sep 17 00:00:00 2001
From: groovecoder <luke.crouch@gmail.com>
Date: Sat, 21 Dec 2019 23:53:47 -0600
Subject: [PATCH] initial twilio proxy code

---
 .env-dist                                     |   3 +
 phones/__init__.py                            |   0
 phones/admin.py                               |  10 ++
 phones/apps.py                                |   5 +
 phones/migrations/0001_initial.py             |  22 +++
 .../0002_session_initiating_real_number.py    |  19 +++
 ...0003_session_initiating_participant_sid.py |  19 +++
 phones/migrations/0004_auto_20191223_1815.py  |  24 +++
 phones/migrations/__init__.py                 |   0
 phones/models.py                              |   9 ++
 phones/sequence-diagram.mmd                   |  17 +++
 phones/sequence-diagram.svg                   |   4 +
 phones/tests.py                               |   3 +
 phones/urls.py                                |   9 ++
 phones/views.py                               | 140 ++++++++++++++++++
 privaterelay/settings.py                      |   1 +
 privaterelay/urls.py                          |   1 +
 requirements.txt                              |   4 +-
 18 files changed, 289 insertions(+), 1 deletion(-)
 create mode 100644 phones/__init__.py
 create mode 100644 phones/admin.py
 create mode 100644 phones/apps.py
 create mode 100644 phones/migrations/0001_initial.py
 create mode 100644 phones/migrations/0002_session_initiating_real_number.py
 create mode 100644 phones/migrations/0003_session_initiating_participant_sid.py
 create mode 100644 phones/migrations/0004_auto_20191223_1815.py
 create mode 100644 phones/migrations/__init__.py
 create mode 100644 phones/models.py
 create mode 100644 phones/sequence-diagram.mmd
 create mode 100644 phones/sequence-diagram.svg
 create mode 100644 phones/tests.py
 create mode 100644 phones/urls.py
 create mode 100644 phones/views.py

diff --git a/.env-dist b/.env-dist
index 1d698f56d..3c8159546 100644
--- a/.env-dist
+++ b/.env-dist
@@ -2,3 +2,6 @@ FXA_OAUTH_ENDPOINT=https://oauth-stable.dev.lcip.org/v1
 FXA_PROFILE_ENDPOINT=https://stable.dev.lcip.org/profile/v1
 SECRET_KEY=
 SENDGRID_API_KEY=
+TWILIO_ACCOUNT_SID=
+TWILIO_AUTH_TOKEN=
+TWILIO_SERVICE_ID=
diff --git a/phones/__init__.py b/phones/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/phones/admin.py b/phones/admin.py
new file mode 100644
index 000000000..5583dbf8c
--- /dev/null
+++ b/phones/admin.py
@@ -0,0 +1,10 @@
+from django.contrib import admin
+
+from .models import Session
+
+
+class SessionAdmin(admin.ModelAdmin):
+    pass
+
+
+admin.site.register(Session, SessionAdmin)
diff --git a/phones/apps.py b/phones/apps.py
new file mode 100644
index 000000000..46bb7dd65
--- /dev/null
+++ b/phones/apps.py
@@ -0,0 +1,5 @@
+from django.apps import AppConfig
+
+
+class PhonesConfig(AppConfig):
+    name = 'phones'
diff --git a/phones/migrations/0001_initial.py b/phones/migrations/0001_initial.py
new file mode 100644
index 000000000..4e60d53b3
--- /dev/null
+++ b/phones/migrations/0001_initial.py
@@ -0,0 +1,22 @@
+# Generated by Django 2.2.9 on 2019-12-22 19:53
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='Session',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('twilio_sid', models.CharField(max_length=34, unique=True)),
+                ('initiating_proxy_number', models.CharField(max_length=20)),
+            ],
+        ),
+    ]
diff --git a/phones/migrations/0002_session_initiating_real_number.py b/phones/migrations/0002_session_initiating_real_number.py
new file mode 100644
index 000000000..c129a95d9
--- /dev/null
+++ b/phones/migrations/0002_session_initiating_real_number.py
@@ -0,0 +1,19 @@
+# Generated by Django 2.2.9 on 2019-12-22 20:47
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('phones', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='session',
+            name='initiating_real_number',
+            field=models.CharField(default='', max_length=20),
+            preserve_default=False,
+        ),
+    ]
diff --git a/phones/migrations/0003_session_initiating_participant_sid.py b/phones/migrations/0003_session_initiating_participant_sid.py
new file mode 100644
index 000000000..7243fd4a9
--- /dev/null
+++ b/phones/migrations/0003_session_initiating_participant_sid.py
@@ -0,0 +1,19 @@
+# Generated by Django 2.2.9 on 2019-12-23 15:14
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('phones', '0002_session_initiating_real_number'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='session',
+            name='initiating_participant_sid',
+            field=models.CharField(default='', max_length=20),
+            preserve_default=False,
+        ),
+    ]
diff --git a/phones/migrations/0004_auto_20191223_1815.py b/phones/migrations/0004_auto_20191223_1815.py
new file mode 100644
index 000000000..4a9d5d728
--- /dev/null
+++ b/phones/migrations/0004_auto_20191223_1815.py
@@ -0,0 +1,24 @@
+# Generated by Django 2.2.9 on 2019-12-23 18:15
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('phones', '0003_session_initiating_participant_sid'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='session',
+            name='status',
+            field=models.CharField(default='', max_length=20),
+            preserve_default=False,
+        ),
+        migrations.AlterField(
+            model_name='session',
+            name='initiating_participant_sid',
+            field=models.CharField(max_length=34),
+        ),
+    ]
diff --git a/phones/migrations/__init__.py b/phones/migrations/__init__.py
new file mode 100644
index 000000000..e69de29bb
diff --git a/phones/models.py b/phones/models.py
new file mode 100644
index 000000000..52780d2b5
--- /dev/null
+++ b/phones/models.py
@@ -0,0 +1,9 @@
+from django.db import models
+
+
+class Session(models.Model):
+    twilio_sid = models.CharField(max_length=34, unique=True, blank=False)
+    initiating_proxy_number = models.CharField(max_length=20, blank=False)
+    initiating_real_number = models.CharField(max_length=20, blank=False)
+    initiating_participant_sid = models.CharField(max_length=34, blank=False)
+    status = models.CharField(max_length=20, blank=False)
diff --git a/phones/sequence-diagram.mmd b/phones/sequence-diagram.mmd
new file mode 100644
index 000000000..546b3ab65
--- /dev/null
+++ b/phones/sequence-diagram.mmd
@@ -0,0 +1,17 @@
+sequenceDiagram
+    User->>Relay Phone Number: TXT {minutes}
+    Relay Phone Number->>Proxy Number: Creates {minutes} session
+    Relay Phone Number->>User: TXT {proxy number}
+    User->>3rd Party: give {proxy number} as phone number
+    loop proxied TXT conversation
+        3rd Party->>Proxy Number: TXT
+        Proxy Number->>User: TXT
+        User->>Proxy Number: TXT
+        Proxy Number->>3rd Party: TXT
+    end
+    opt TODO: manual stop
+        User->>Proxy Number: TXT "stop"
+    end
+    opt manual reset
+        User->>Relay Phone Number: TXT "reset"
+    end
diff --git a/phones/sequence-diagram.svg b/phones/sequence-diagram.svg
new file mode 100644
index 000000000..853f10ee9
--- /dev/null
+++ b/phones/sequence-diagram.svg
@@ -0,0 +1,4 @@
+<svg id="mermaid-1577127125844" width="100%" xmlns="http://www.w3.org/2000/svg" height="100%" style="max-width:850px;" viewBox="-50 -10 850 616"><style>#mermaid-1577127125844 .label{font-family:trebuchet ms,verdana,arial;color:#333}#mermaid-1577127125844 .node circle,#mermaid-1577127125844 .node ellipse,#mermaid-1577127125844 .node polygon,#mermaid-1577127125844 .node rect{fill:#ececff;stroke:#9370db;stroke-width:1px}#mermaid-1577127125844 .node.clickable{cursor:pointer}#mermaid-1577127125844 .arrowheadPath{fill:#333}#mermaid-1577127125844 .edgePath .path{stroke:#333;stroke-width:1.5px}#mermaid-1577127125844 .edgeLabel{background-color:#e8e8e8}#mermaid-1577127125844 .cluster rect{fill:#ffffde!important;stroke:#aa3!important;stroke-width:1px!important}#mermaid-1577127125844 .cluster text{fill:#333}#mermaid-1577127125844 div.mermaidTooltip{position:absolute;text-align:center;max-width:200px;padding:2px;font-family:trebuchet ms,verdana,arial;font-size:12px;background:#ffffde;border:1px solid #aa3;border-radius:2px;pointer-events:none;z-index:100}#mermaid-1577127125844 .actor{stroke:#ccf;fill:#ececff}#mermaid-1577127125844 text.actor{fill:#000;stroke:none}#mermaid-1577127125844 .actor-line{stroke:grey}#mermaid-1577127125844 .messageLine0{marker-end:"url(#arrowhead)"}#mermaid-1577127125844 .messageLine0,#mermaid-1577127125844 .messageLine1{stroke-width:1.5;stroke-dasharray:"2 2";stroke:#333}#mermaid-1577127125844 #arrowhead{fill:#333}#mermaid-1577127125844 #crosshead path{fill:#333!important;stroke:#333!important}#mermaid-1577127125844 .messageText{fill:#333;stroke:none}#mermaid-1577127125844 .labelBox{stroke:#ccf;fill:#ececff}#mermaid-1577127125844 .labelText,#mermaid-1577127125844 .loopText{fill:#000;stroke:none}#mermaid-1577127125844 .loopLine{stroke-width:2;stroke-dasharray:"2 2";marker-end:"url(#arrowhead)";stroke:#ccf}#mermaid-1577127125844 .note{stroke:#aa3;fill:#fff5ad}#mermaid-1577127125844 .noteText{fill:#000;stroke:none;font-family:trebuchet ms,verdana,arial;font-size:14px}#mermaid-1577127125844 .section{stroke:none;opacity:.2}#mermaid-1577127125844 .section0{fill:rgba(102,102,255,.49)}#mermaid-1577127125844 .section2{fill:#fff400}#mermaid-1577127125844 .section1,#mermaid-1577127125844 .section3{fill:#fff;opacity:.2}#mermaid-1577127125844 .sectionTitle0,#mermaid-1577127125844 .sectionTitle1,#mermaid-1577127125844 .sectionTitle2,#mermaid-1577127125844 .sectionTitle3{fill:#333}#mermaid-1577127125844 .sectionTitle{text-anchor:start;font-size:11px;text-height:14px}#mermaid-1577127125844 .grid .tick{stroke:#d3d3d3;opacity:.3;shape-rendering:crispEdges}#mermaid-1577127125844 .grid path{stroke-width:0}#mermaid-1577127125844 .today{fill:none;stroke:red;stroke-width:2px}#mermaid-1577127125844 .task{stroke-width:2}#mermaid-1577127125844 .taskText{text-anchor:middle;font-size:11px}#mermaid-1577127125844 .taskTextOutsideRight{fill:#000;text-anchor:start;font-size:11px}#mermaid-1577127125844 .taskTextOutsideLeft{fill:#000;text-anchor:end;font-size:11px}#mermaid-1577127125844 .taskText0,#mermaid-1577127125844 .taskText1,#mermaid-1577127125844 .taskText2,#mermaid-1577127125844 .taskText3{fill:#fff}#mermaid-1577127125844 .task0,#mermaid-1577127125844 .task1,#mermaid-1577127125844 .task2,#mermaid-1577127125844 .task3{fill:#8a90dd;stroke:#534fbc}#mermaid-1577127125844 .taskTextOutside0,#mermaid-1577127125844 .taskTextOutside1,#mermaid-1577127125844 .taskTextOutside2,#mermaid-1577127125844 .taskTextOutside3{fill:#000}#mermaid-1577127125844 .active0,#mermaid-1577127125844 .active1,#mermaid-1577127125844 .active2,#mermaid-1577127125844 .active3{fill:#bfc7ff;stroke:#534fbc}#mermaid-1577127125844 .activeText0,#mermaid-1577127125844 .activeText1,#mermaid-1577127125844 .activeText2,#mermaid-1577127125844 .activeText3{fill:#000!important}#mermaid-1577127125844 .done0,#mermaid-1577127125844 .done1,#mermaid-1577127125844 .done2,#mermaid-1577127125844 .done3{stroke:grey;fill:#d3d3d3;stroke-width:2}#mermaid-1577127125844 .doneText0,#mermaid-1577127125844 .doneText1,#mermaid-1577127125844 .doneText2,#mermaid-1577127125844 .doneText3{fill:#000!important}#mermaid-1577127125844 .crit0,#mermaid-1577127125844 .crit1,#mermaid-1577127125844 .crit2,#mermaid-1577127125844 .crit3{stroke:#f88;fill:red;stroke-width:2}#mermaid-1577127125844 .activeCrit0,#mermaid-1577127125844 .activeCrit1,#mermaid-1577127125844 .activeCrit2,#mermaid-1577127125844 .activeCrit3{stroke:#f88;fill:#bfc7ff;stroke-width:2}#mermaid-1577127125844 .doneCrit0,#mermaid-1577127125844 .doneCrit1,#mermaid-1577127125844 .doneCrit2,#mermaid-1577127125844 .doneCrit3{stroke:#f88;fill:#d3d3d3;stroke-width:2;cursor:pointer;shape-rendering:crispEdges}#mermaid-1577127125844 .activeCritText0,#mermaid-1577127125844 .activeCritText1,#mermaid-1577127125844 .activeCritText2,#mermaid-1577127125844 .activeCritText3,#mermaid-1577127125844 .doneCritText0,#mermaid-1577127125844 .doneCritText1,#mermaid-1577127125844 .doneCritText2,#mermaid-1577127125844 .doneCritText3{fill:#000!important}#mermaid-1577127125844 .titleText{text-anchor:middle;font-size:18px;fill:#000}#mermaid-1577127125844 g.classGroup text{fill:#9370db;stroke:none;font-family:trebuchet ms,verdana,arial;font-size:10px}#mermaid-1577127125844 g.classGroup rect{fill:#ececff;stroke:#9370db}#mermaid-1577127125844 g.classGroup line{stroke:#9370db;stroke-width:1}#mermaid-1577127125844 .classLabel .box{stroke:none;stroke-width:0;fill:#ececff;opacity:.5}#mermaid-1577127125844 .classLabel .label{fill:#9370db;font-size:10px}#mermaid-1577127125844 .relation{stroke:#9370db;stroke-width:1;fill:none}#mermaid-1577127125844 #compositionEnd,#mermaid-1577127125844 #compositionStart{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-1577127125844 #aggregationEnd,#mermaid-1577127125844 #aggregationStart{fill:#ececff;stroke:#9370db;stroke-width:1}#mermaid-1577127125844 #dependencyEnd,#mermaid-1577127125844 #dependencyStart,#mermaid-1577127125844 #extensionEnd,#mermaid-1577127125844 #extensionStart{fill:#9370db;stroke:#9370db;stroke-width:1}#mermaid-1577127125844 .branch-label,#mermaid-1577127125844 .commit-id,#mermaid-1577127125844 .commit-msg{fill:#d3d3d3;color:#d3d3d3}</style><style>#mermaid-1577127125844 {
+    color: rgb(0, 0, 0);
+    font: normal normal 400 normal 16px / normal "Times New Roman";
+  }</style><g></g><g><line id="actor0" x1="75" y1="5" x2="75" y2="605" class="actor-line" stroke-width="0.5px" stroke="#999"></line><rect x="0" y="0" fill="#eaeaea" stroke="#666" width="150" height="65" rx="3" ry="3" class="actor"></rect><text x="75" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor" style="text-anchor: middle;"><tspan x="75" dy="0">User</tspan></text></g><g><line id="actor1" x1="275" y1="5" x2="275" y2="605" class="actor-line" stroke-width="0.5px" stroke="#999"></line><rect x="200" y="0" fill="#eaeaea" stroke="#666" width="150" height="65" rx="3" ry="3" class="actor"></rect><text x="275" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor" style="text-anchor: middle;"><tspan x="275" dy="0">Relay Phone Number</tspan></text></g><g><line id="actor2" x1="475" y1="5" x2="475" y2="605" class="actor-line" stroke-width="0.5px" stroke="#999"></line><rect x="400" y="0" fill="#eaeaea" stroke="#666" width="150" height="65" rx="3" ry="3" class="actor"></rect><text x="475" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor" style="text-anchor: middle;"><tspan x="475" dy="0">Proxy Number</tspan></text></g><g><line id="actor3" x1="675" y1="5" x2="675" y2="605" class="actor-line" stroke-width="0.5px" stroke="#999"></line><rect x="600" y="0" fill="#eaeaea" stroke="#666" width="150" height="65" rx="3" ry="3" class="actor"></rect><text x="675" y="32.5" dominant-baseline="central" alignment-baseline="central" class="actor" style="text-anchor: middle;"><tspan x="675" dy="0">3rd Party</tspan></text></g><defs><marker id="arrowhead" refX="5" refY="2" markerWidth="6" markerHeight="4" orient="auto"><path d="M 0,0 V 4 L6,2 Z"></path></marker></defs><defs><marker id="crosshead" markerWidth="15" markerHeight="8" orient="auto" refX="16" refY="4"><path fill="black" stroke="#000000" stroke-width="1px" d="M 9,2 V 6 L16,4 Z" style="stroke-dasharray: 0, 0;"></path><path fill="none" stroke="#000000" stroke-width="1px" d="M 0,1 L 6,7 M 6,1 L 0,7" style="stroke-dasharray: 0, 0;"></path></marker></defs><g><text x="175" y="93" class="messageText" style="text-anchor: middle;">TXT {minutes}</text><line x1="75" y1="100" x2="275" y2="100" class="messageLine0" stroke-width="2" stroke="black" marker-end="url(#arrowhead)" style="fill: none;"></line></g><g><text x="375" y="128" class="messageText" style="text-anchor: middle;">Creates {minutes} session</text><line x1="275" y1="135" x2="475" y2="135" class="messageLine0" stroke-width="2" stroke="black" marker-end="url(#arrowhead)" style="fill: none;"></line></g><g><text x="175" y="163" class="messageText" style="text-anchor: middle;">TXT {proxy number}</text><line x1="275" y1="170" x2="75" y2="170" class="messageLine0" stroke-width="2" stroke="black" marker-end="url(#arrowhead)" style="fill: none;"></line></g><g><text x="375" y="198" class="messageText" style="text-anchor: middle;">give {proxy number} as phone number</text><line x1="75" y1="205" x2="675" y2="205" class="messageLine0" stroke-width="2" stroke="black" marker-end="url(#arrowhead)" style="fill: none;"></line></g><g><text x="575" y="258" class="messageText" style="text-anchor: middle;">TXT</text><line x1="675" y1="265" x2="475" y2="265" class="messageLine0" stroke-width="2" stroke="black" marker-end="url(#arrowhead)" style="fill: none;"></line></g><g><text x="275" y="293" class="messageText" style="text-anchor: middle;">TXT</text><line x1="475" y1="300" x2="75" y2="300" class="messageLine0" stroke-width="2" stroke="black" marker-end="url(#arrowhead)" style="fill: none;"></line></g><g><text x="275" y="328" class="messageText" style="text-anchor: middle;">TXT</text><line x1="75" y1="335" x2="475" y2="335" class="messageLine0" stroke-width="2" stroke="black" marker-end="url(#arrowhead)" style="fill: none;"></line></g><g><text x="575" y="363" class="messageText" style="text-anchor: middle;">TXT</text><line x1="475" y1="370" x2="675" y2="370" class="messageLine0" stroke-width="2" stroke="black" marker-end="url(#arrowhead)" style="fill: none;"></line></g><g><line x1="65" y1="215" x2="685" y2="215" class="loopLine"></line><line x1="685" y1="215" x2="685" y2="380" class="loopLine"></line><line x1="65" y1="380" x2="685" y2="380" class="loopLine"></line><line x1="65" y1="215" x2="65" y2="380" class="loopLine"></line><polygon points="65,215 115,215 115,228 106.6,235 65,235" class="labelBox"></polygon><text x="72.5" y="230" fill="black" class="labelText"><tspan x="72.5" fill="black">loop</tspan></text><text x="375" y="230" fill="black" class="loopText" style="text-anchor: middle;"><tspan x="375" fill="black">[ proxied TXT conversation ]</tspan></text></g><g><text x="275" y="433" class="messageText" style="text-anchor: middle;">TXT "stop"</text><line x1="75" y1="440" x2="475" y2="440" class="messageLine0" stroke-width="2" stroke="black" marker-end="url(#arrowhead)" style="fill: none;"></line></g><g><line x1="65" y1="390" x2="485" y2="390" class="loopLine"></line><line x1="485" y1="390" x2="485" y2="450" class="loopLine"></line><line x1="65" y1="450" x2="485" y2="450" class="loopLine"></line><line x1="65" y1="390" x2="65" y2="450" class="loopLine"></line><polygon points="65,390 115,390 115,403 106.6,410 65,410" class="labelBox"></polygon><text x="72.5" y="405" fill="black" class="labelText"><tspan x="72.5" fill="black">opt</tspan></text><text x="275" y="405" fill="black" class="loopText" style="text-anchor: middle;"><tspan x="275" fill="black">[ TODO: manual stop ]</tspan></text></g><g><text x="175" y="503" class="messageText" style="text-anchor: middle;">TXT "reset"</text><line x1="75" y1="510" x2="275" y2="510" class="messageLine0" stroke-width="2" stroke="black" marker-end="url(#arrowhead)" style="fill: none;"></line></g><g><line x1="65" y1="460" x2="285" y2="460" class="loopLine"></line><line x1="285" y1="460" x2="285" y2="520" class="loopLine"></line><line x1="65" y1="520" x2="285" y2="520" class="loopLine"></line><line x1="65" y1="460" x2="65" y2="520" class="loopLine"></line><polygon points="65,460 115,460 115,473 106.6,480 65,480" class="labelBox"></polygon><text x="72.5" y="475" fill="black" class="labelText"><tspan x="72.5" fill="black">opt</tspan></text><text x="175" y="475" fill="black" class="loopText" style="text-anchor: middle;"><tspan x="175" fill="black">[ manual reset ]</tspan></text></g><g><rect x="0" y="540" fill="#eaeaea" stroke="#666" width="150" height="65" rx="3" ry="3" class="actor"></rect><text x="75" y="572.5" dominant-baseline="central" alignment-baseline="central" class="actor" style="text-anchor: middle;"><tspan x="75" dy="0">User</tspan></text></g><g><rect x="200" y="540" fill="#eaeaea" stroke="#666" width="150" height="65" rx="3" ry="3" class="actor"></rect><text x="275" y="572.5" dominant-baseline="central" alignment-baseline="central" class="actor" style="text-anchor: middle;"><tspan x="275" dy="0">Relay Phone Number</tspan></text></g><g><rect x="400" y="540" fill="#eaeaea" stroke="#666" width="150" height="65" rx="3" ry="3" class="actor"></rect><text x="475" y="572.5" dominant-baseline="central" alignment-baseline="central" class="actor" style="text-anchor: middle;"><tspan x="475" dy="0">Proxy Number</tspan></text></g><g><rect x="600" y="540" fill="#eaeaea" stroke="#666" width="150" height="65" rx="3" ry="3" class="actor"></rect><text x="675" y="572.5" dominant-baseline="central" alignment-baseline="central" class="actor" style="text-anchor: middle;"><tspan x="675" dy="0">3rd Party</tspan></text></g></svg>
\ No newline at end of file
diff --git a/phones/tests.py b/phones/tests.py
new file mode 100644
index 000000000..7ce503c2d
--- /dev/null
+++ b/phones/tests.py
@@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
diff --git a/phones/urls.py b/phones/urls.py
new file mode 100644
index 000000000..f5e95784a
--- /dev/null
+++ b/phones/urls.py
@@ -0,0 +1,9 @@
+from django.urls import path
+
+from . import views
+
+
+urlpatterns = [
+    path('main-twilio-webhook', views.main_twilio_webhook),
+    path('twilio-proxy-out-of-session', views.twilio_proxy_out_of_session),
+]
diff --git a/phones/views.py b/phones/views.py
new file mode 100644
index 000000000..d2e5ae5bb
--- /dev/null
+++ b/phones/views.py
@@ -0,0 +1,140 @@
+from decouple import config
+from phonenumbers import parse, format_number
+from phonenumbers import PhoneNumberFormat
+from twilio.rest import Client
+from twilio.twiml.messaging_response import MessagingResponse
+
+from django.core.exceptions import MultipleObjectsReturned
+from django.http import HttpResponse, HttpResponseNotFound
+from django.shortcuts import render
+from django.views.decorators.csrf import csrf_exempt
+
+from .models import Session
+
+
+account_sid = config('TWILIO_ACCOUNT_SID', None)
+auth_token = config('TWILIO_AUTH_TOKEN', None)
+client = Client(account_sid, auth_token)
+service = client.proxy.services(config('TWILIO_SERVICE_ID'))
+
+
+PROMPT_MESSAGE = "For how many minutes do you need a relay number?"
+
+
+@csrf_exempt
+def main_twilio_webhook(request):
+    resp = MessagingResponse()
+    from_num = request.POST['From']
+    body = request.POST['Body'].lower()
+
+    if body == 'reset':
+        from_num_sessions = Session.objects.filter(
+            initiating_real_number=from_num
+        )
+        for session in from_num_sessions:
+            service.sessions(session.twilio_sid).update(status='closed')
+        from_num_sessions.delete()
+        resp.message(
+            "Relay session reset. \n%s" % PROMPT_MESSAGE
+        )
+        return HttpResponse(resp)
+
+    # TODO: remove this check; allow users to have multiple sessions at once?
+    if body != 'reset':
+        existing_sessions = Session.objects.filter(
+            initiating_real_number=from_num
+        )
+        if existing_sessions:
+            pretty_proxy = format_number(
+                parse(existing_sessions[0].initiating_proxy_number),
+                PhoneNumberFormat.NATIONAL
+            )
+            resp.message(
+                "You already have a relay number: \n%s. \n"
+                "Reply 'reset' to reset it." % pretty_proxy
+            )
+            return HttpResponse(resp)
+
+    try:
+        ttl_minutes = int(body)
+    except ValueError:
+        resp.message(PROMPT_MESSAGE)
+        return HttpResponse(resp)
+
+    session = service.sessions.create(ttl=ttl_minutes*60,)
+    participant = service.sessions(session.sid).participants.create(
+        identifier=from_num
+    )
+    proxy_num = participant.proxy_identifier
+
+    # store this half-way open session in our local DB,
+    # so when the next number texts the proxy number,
+    # we can add them as the 2nd participant and open the session
+    Session.objects.create(
+        twilio_sid = session.sid,
+        initiating_proxy_number=proxy_num,
+        initiating_real_number=from_num,
+        initiating_participant_sid=participant.sid,
+        status='waiting-for-party',
+    )
+
+    # reply back with the number and minutes it will live
+    pretty_from = format_number(parse(from_num), PhoneNumberFormat.NATIONAL)
+    pretty_proxy = format_number(parse(proxy_num), PhoneNumberFormat.NATIONAL)
+    resp.message(
+        '%s will forward to this number for %s minutes' %
+        (pretty_proxy, ttl_minutes)
+    )
+    return HttpResponse(resp)
+
+
+@csrf_exempt
+def twilio_proxy_out_of_session(request):
+    """
+    By design, Relay doesn't know who the 2nd participant is before they text
+    the 1st participant.
+
+    Twilio requires both participants be added to a session before either can
+    communicate with the other. When the 2nd participant sends their first text
+    to a 1st participant, it triggers an "out-of-session" hook.
+
+    So, we use this to add the 2nd participant to the existing session, relay
+    the 2nd participant's message, and the 2 parties can begin communicating
+    thru the proxy number.
+
+    TODO: detect real out-of-session messages - i.e., not first messages
+    """
+    resp = MessagingResponse()
+
+    try:
+        db_session = Session.objects.get(
+            initiating_proxy_number=request.POST['To'],
+            status='waiting-for-party',
+        )
+    except (Session.DoesNotExist, MultipleObjectsReturned) as e:
+        print(e)
+        resp.message('The person you are trying to reach is unavailable.')
+        return HttpResponse(resp)
+
+    twilio_session = service.sessions(db_session.twilio_sid).fetch()
+    if (twilio_session.status in ['closed', 'failed', 'unknown']):
+        error_message = ('Twilio session %s status: %s' %
+                         (db_session.twilio_sid, twilio_session.status))
+        print(error_message)
+        return HttpResponseNotFound(error_message)
+
+    from_num = request.POST['From']
+    new_participant = service.sessions(twilio_session.sid).participants.create(
+        identifier=from_num
+    )
+    db_session.status = 'connected-to-party'
+    db_session.save()
+    # Now that we've added the 2nd participant,
+    # send their first message to the 1st participant
+    message = (
+        service.sessions(twilio_session.sid)
+        .participants(db_session.initiating_participant_sid)
+        .message_interactions.create(body=request.POST['Body'])
+    )
+
+    return HttpResponse(status=201, content="Created")
diff --git a/privaterelay/settings.py b/privaterelay/settings.py
index fb7801ac4..e7896fc35 100644
--- a/privaterelay/settings.py
+++ b/privaterelay/settings.py
@@ -62,6 +62,7 @@ INSTALLED_APPS = [
     'allauth.socialaccount.providers.fxa',
 
     'emails.apps.EmailsConfig',
+    'phones.apps.PhonesConfig',
 ]
 
 MIDDLEWARE = [
diff --git a/privaterelay/urls.py b/privaterelay/urls.py
index f91c3e6d7..dd7ec36e1 100644
--- a/privaterelay/urls.py
+++ b/privaterelay/urls.py
@@ -24,5 +24,6 @@ urlpatterns = [
     path('admin/', admin.site.urls),
     path('accounts/', include('allauth.urls')),
     path('emails/', include('emails.urls')),
+    path('phones/', include('phones.urls')),
     path('', views.home),
 ]
diff --git a/requirements.txt b/requirements.txt
index fe9942b75..a4c09ba36 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,8 +1,10 @@
-Django==2.2.2
+Django==2.2.9
 django-allauth==0.39.1
 django-csp==3.5
 django-heroku==0.3.1
 django-referrer-policy==1.0
 gunicorn==19.9.0
+phonenumbers==8.11.1
 python-decouple==3.1
 sendgrid==6.0.5
+twilio==6.35.1