When a user completes registration and logs in for the first time, they are forwarded to some page and are told to go to their email and click the verification link.
We're using DNN 7 and Up.
Sometimes, users don't get the verification email, and as administrators, we'll have to manually verify them via the admin/host UI.
What DNN functions are there to resend the verification email to the user logged in? (I don't want to rebuild the entire verification email body from scratch getting into tabs, skins, and other DNN entities.)
What page/module do I go to to add a button to resend the email verification (and add the verification code textbox and submit button for it)?
Suppose they want to enter the verification code in a text box on the same page (their preference instead of clicking the verification link in their email) - what function[s] do I need to call to do this? (What happened to this verification code textbox that showed up on the login control/module when the user tries to log in for the first time?)
Related
I have a multipage (3 pages) account signup that contains
Email verification (ONLY enter the email, click send button then verify)
Choose the interest categories (if the email is verify)
Enter the major and graduation year
I previously used a package that sends OTP to the email that is entered in the textfield and it is no longer supported. So now I am looking at sendEmailVerification that sends the verification link to the email. However, all the examples I have looked are having both email address AND password in their sign up page. Can I still use that method for my case (passwordlessly)? Please help.
you can use Email-link-auth if you want an email-only login.
We have a PHP/MySQL based User Management System and are integrating it with Keycloak version 16 where we will store users credentials.
Our application does not allow users to self register. We create user accounts on the system. When we do this we do NOT specify a password because we want users to set up their own password.
The current system sends 2 separate emails in 2 different circumstances regarding passwords:
If it's a completely new user who does NOT have an existing password, we send them a link to set up a password.
If it's an existing user who already has a password, the system allows them to reset it, e.g. if they forget their password and can't login.
Keycloak seems to cater for scenario (2) because the login forms have a forgotten password link which opens a form where the user can enter their email address and receive a link which lets them do (2).
Unfortunately it doesn't deal with scenario (1) very well and that's where our problem starts. This has been asked a while ago Send password forgotten mail but it seems that Keycloak didn't support this very well in 2020 and perhaps still doesn't now.
Our "workaround" to this was that we added custom email templates and a custom page (reference: Themes on https://www.keycloak.org/docs/latest/server_development/#emails) which includes wording that caters for both scenarios, e.g. "set your password" rather than "reset your (existing) password". The result of this is that our email and form now reads appropriately for both scenarios (1) and (2).
The problem
We want to be able to send a link to the user that allows them to set their initial password to cover scenario (1).
We know that this page exists because on the login page for Keycloak there is a link to the forgotten password form that handles scenario (2). However, the form requires the user to enter their email address and submit the form. The user then receives an email from Keycloak which contains a URL to the page where they can do this. The URL has the following format:
https://example.com/auth/realms/foo/login-actions/action-token?key=...
The key= contains a ~945 character token. Going to the URL above redirects to the form where the user can reset their password. This next URL does not contain a token but a cookie has been set in the browser - by the previous URL - which makes it functional:
https://example.com/auth/realms/foo/login-actions/required-action?execution=UPDATE_PASSWORD
We can't send either of these URLs to the user because the first one (containing key=) has no API method for us to find out what it is - it's only possible to generate this by going through the "forgotten password" step during login, in the browser.
The second URL (/login-actions/required-action...) won't work either because it relies on the previous URL (containing key=) setting the cookie in the browser. If you try and go to this second URL directly (i.e. bypassing the first URL) it will error.
So neither of these URLs will work because we can't find what the first one is programmatically, and we can't use the second one without knowing the first one.
I found https://lists.jboss.org/pipermail/keycloak-user/2018-October/015910.html and the suggestion is using the Keycloak API to trigger a password reset email. This works - sending an HTTP PUT request containing 'UPDATE_PASSWORD' along with the relevant user ID sends the user an email. The request endpoint has the format PUT /{realm}/users/{id}/execute-actions-email which is documented on the link above.
Up to here all is fine - the user gets an email. However, this email does NOT contain a link that goes directly to the "reset password" page! Instead it sends them an email containing the following text:
Your administrator has just requested that you update your account by performing the following action(s): Update Password. Click on the link below to start this process.
Link to account update
When the user clicks "Link to account update" it then shows them a web page like this:
It is only when they click on the link on this page (the one that says "click here to proceed" on the screenshot) that they arrive at the form where they can reset their password.
This is a really poor user experience because the user gets sent a (badly worded) email with a link to... a page with another link! It should just take them to the password reset page directly. What's more frustrating is the fact that Keycloak is clearly capable of generating/sending the exact email we'd like in this scenario: the one which gets sent when a user manually does a password reset via their browser.
So the problem seems that Keycloak's API doesn't support this incredibly important and common use-case of a user being able to set an initial password, in a user-friendly manner.
I am adding the js script in the template to automatically click "click here to proceed". It's ugly but at least the user doesn't see the page
I'm using Drupal 7. When I add a user via Peoples > + Add User, I want the user to receive a notification e-mail.
If I tick the box: " Notify user of new account ", and then click "Create New Account", the page redirects to a blank page at "/admin/people/create". The user IS created, but no message is sent. There isn't even a log for an attempt to send an SMTP message in Drupal, or a failure etc. But the user exists.
If I DON'T tick the box, then the user is still properly created, but I don't get stuck at a blank page (the page is refreshed and I can see the green checkmark saying my changes have been applied)
How can I investigate this problem? I would like the e-mail to be sent (and I assume the blank page problem is related/the same issue) Like I said, I see no logs of e-mail trying to be sent, but it only crashes when I try to do so. Perhaps there's some other logs/debugging info I can enable?
Thank you very much,
Found my problem. The Token module was broken, and my user registration message used tokens, so this is why it crashed on user registration but not SMTP test.
Re-installing a fresh copy of the Token module fixed it.
I'm writing an app to prepare an email message with data provided by the user in a form. Upon the user clicking "finish" in the form, the email message gets prepared on the email card, but the user still has to click Send.
I used this method to prepare the message: blackberry.invoke.card.invokeEmailComposer. How do I get the message to send immediately after the message is prepared?
That behavior is currently not available. As you describe, the invokeEmailComposer() method opens a new screen (named a 'Card') where the user can confirm/modify/cancel/submit an email.
One of the benefits of the emailComposer card is that you give the user the ability to select which email account they wish to send it from (e.g. if they have both a personal and work account on the device).
I am pretty new to joomla. I have been working on the maintenance of our company's website.
Coming to the issue, the website has a 2-step user registration process where users will fill up the registration form, once they submit, a verification mail will be sent to them with the activation link. Once they click on the activation link in their mail, they will be activated.
Now, since this is getting us a lot of junk users we want to change this process.
What we want to do is :
When a user wants to register, he will be asked for his email-id.
Once the email is provided and submitted, a mail will be sent to him along with the activation link.
After the activation link is clicked he is brought to the website for further registration.
Only after this, the user will be put in our database as a valid user.
So basically, first I want to check if the email is a valid one and only then proceed with registration because email-ids are very important for our business
Please help.
Thanks in advance,
Akshay
In the Database table where he will provide his email ID create a field namely "Status" that will only take Active and Inactive only. And you can use that to determine if user is active or not.