About ten to fifteen percent of my users that attempt to login with facebook are unable to do so. Rails give an "email can not be blank" error when trying to create the user.
I used to get a "password can not be blank" error... but I simply had a random password generated whenever facebook wasn't passing one. So I was wondering if there was a way I could generate a random email whenever facebook fails to pass it on?
It was actually easier than I thought:
user.email = auth.info.email = "#{auth.uid}#facebook.com"
That way it works both ways. If it finds the email from omniauth... then it uses that. If it doesn't find it in omniauth... then it takes the user id... put it in front of "#facebook.com" and VOILA! Not-so-randomly generated email address.
Related
I've extended the User model in my loopback application, and added phone number as a login method, I use the username field to do this, the only deal is that on login I get the 'email not verified' error, I have my own phoneNumberVerified field, and have overwritten the confirm method to validate the token against the emailVerificationToken and against the phoneNumberVerificationToken and update the corresponding flag, I thought of overwriting the original login method to not allow login only if both emailVerified and phoneNumberVerified fields are false (not just the email) but I don't know how to actually do the login the way loopback does it (I believe it creates an AccessToken or something), and I'm asking for some help on how to do this, thanks XD. I can do the overwriting and validations myself I just need to know how to do the actual login without using the original login method, since I'll be rewriting it.
So I figured out that I actually don't need email or phone number verified validation at all on login (later on the workflow will be required, but that'll be another use case, so it's irrelevant on login to me now XD). So when I was looking on how to overwrite the login method I realized that all the models code it's on the node_modules folder xD
node_modules/loopback/common/models/user.js
And found there in the login method a flag that validates if should check email verified or not, so on my startup script I just put this:
app.models.MyUser.settings.emailVerificationRequired = false;
That stops the email verified validation on login.
And maybe if some of you would like to override the login method I believe copying the whole method from the original user model up there and attaching it to your model and doing some modifications might work xD, it invokes the createAccessToken from the user model (itself) and that's what I believe creates the 'login', what I came to understand is that there is no "session" data, it creates an accesstoken when you successfully login, and as I've been doing just sending the token id to every request 'authenticates' your logged user.
Thanks for reading, have a nice day :)
I have one test case like,when I forget password in any application like facebook or myAT&T site,i have to click forget password link and then I will enter email and click submit.After that a temporary password is send to the email.My task is that,to get that temporary password and switch to the old tab and paste that text in the temporary password text box.
Is there any solution for this,please help me to solve this.
Thanks in advance,
Santhosh
I'll never do it the way you want to do. Meaning, launching gmail and copying the password from the browser. It consumes more time and i'm not testing gmail. There are two possible solutions I can think of.
In regression environment, set the password generated to a constant value if possible. And use the same in the test. in this approach we are not testing "email send" mechanism of the app, if that is not the intent of the test use this approach. Most simple one.
Use a email client library, they are available in all the languages (eg: https://stackoverflow.com/a/8293945/1520443). Use it to assess the password mail that is sent to your gmail.
Why would you want to open a new tab ? You can create a new instance of the browser,work on it(in your case get the password) and then destroy it.
Having multiple instances will give you more control rather than same instance with multiple tabs (unless you test case really means to do that).
On Joomla! 2.5.4 I'm using the JomSocial 2.6.0 extension. Looking for the code that is sending the first registration notification email "welcome email containing username+password" so that I can remove it.
Currently there are two emails sent upon registration, the first which contains the username and password, second that contains the verification link. However I think that having two emails is totally unnecessary.. Thanks!
I found the code from com_community/controllers/register.php
$this->_sendEMail('registration_uncomplete', $tmpUser, $password);
Is it safe or a good idea to just null this?
//$this->_sendEMail('registration_uncomplete', $tmpUser, $password);
$var = NULL;
seems to be working...
I have this account creation email that is sent out to anyone who is trying to create an account as I need to authenticate that they are who they say they are.
However, my issue here is that the URL where they need to click when they receive my email is too long and some email clients do not handle that very well and sometimes truncates the URL thus making the URL invalid when clicked.
Because the URL contains the domain name, the hashed email and a long activation code. It looks something like this.
http://domain.com/activation?email=75a5867d3df134bededbaf24ff17624d&key=8fecb20817b3847419bb3de39a609afe
While some email clients are ok with this but some are not...And I don't want to use HTML email and rather stick with plain/text email. Also I heard horrible stories using URL shorteners so I am not sure if I should use them...
Any insights in this area is appreciated!
I would definitely agree with Jason: shorten your url.
Think of what you really need.
Most likely the email address is in the database already, so you can refer to if with a short ID (let's say 7 numbers max). Your signature can be something very simple as substring (base64_url(md5(email+salt)), 0, 5). 5 base64 characters are 64^5=about 1 billion possibilities. This is probably secure enough (and what would the real damage be if someone registered with a wrong email address). So your url would be http://domain.com/activation?email=1234&key=aD5Y_, http://domain.com/activation?e=1234&k=aD5Y_ or even http://domain.com/activation?e=1234aD5Y_ . In the last format you know the last 5 characters are the key, so the rest is the id. Note that the code example assumes md5 to return in an 8-bit string format (and not hex string format), and base64_url uses a url safe base64 method. Also, some background info on a salt.
If your email address has a long id or needs to be encoded in the url as well, or the above is not short enough yet, consider an even shorter form. Basically this will result in making your own url shortener. Just before you insert the link into the email, generate some random 5 character string. Insert this string as key into memcached (or the database), with as value the original url. Then your url could be http://domain.com/redirect?key=rT-tW . When you see this in your app, just retrieve the original url from the database/memcached and redirect there.
Do make sure that your system is robust against the following:
Someone enters an email address (their real email), you send the link
That person changes their email address into something fake on the website before clicking the link, you send a new email to the new (fake) email address
They now click the link from the first email and your website confirms their email address in the second (fake) form.
One way to do this is make sure to use the email address itself (and not for instance just the user id) in the key generation, as suggested above.
I'm using Joomla 1.5 to create a local site for my office. The site will be accessed locally via intranet, and my PC will be the localhost for the site.
I'm using a Login pluggin, so that anyone who wanted to enter the site should create an account.
In JOOMLA, all user who created their account for the first time will receive a notification e-mail like :
"Hello pras,
You have been added as a User to Information Center by an
Administrator.
This e-mail contains your username and password to log in to
http://localhost/yaddayadda/
Username: hadisuryo.prasetio Password: xxxx
Please do not respond to this message as it is automatically generated
and is for information purposes only."
but if the user click the URL in the mail, which is, "localhost/yaddayadda/" they will not be directed to my site, but to their own PC's localhost....
My question is : How can I Modified the e-mail or the site configuration so that the URL will not be "localhost/yaddayadda/" anymore, but will be "(My-IP address)/yaddayadda"
I'm not going to host my site to a web hosting service, just using my PC as a host.
I've been trying to trace on each config and .ini files...it seems that i have to do something with the "JURI" function or the "$mosConfig_live_site" on the backlink.php file
$mosConfig_absolute_path = JPATH_SITE;
$mosConfig_live_site = JURI :: base();
$url_array = explode('/', $_SERVER['REQUEST_URI']);
Can anyone give me assistance ?
actually what the joomla does it takes the value as $_SERVER for the host so what you have to do u just append "/yaddayadda" at the email template of the joomla
You could edit:
%SITE_ROOT%/administrator/language/en-GB.com_users.ini at around LINE 28, which reads
NEW_USER_MESSAGE=Hello %s,\n\n\nYou have been added as a User to %s by an Administrator.\n\nThis e-mail contains your username and password to log in to %s\n\nUsername: %s\nPassword: %s\n\n\nPlease do not respond to this message as it is automatically generated and is for information purposes only.
Be careful with the '%s' variable as it appears to insert different values in each instance. First instance renders their NAME, second SITE NAME, third one is the USER NAME, etc, etc.
-Dennis
You can find those values in root/components/com_users/models/registration.php on line 88. It appears it pulls it out of the array that is being created their.