Can the confirmation email be manually re-sent in ash_authentication?

Is it possible to manually re-send the confirmation email?

I’m curious if this can be done through code.

Also curious if there is a way to enable this in ash_authentication_phoenix so the user can re-send the email themself (without having to build out custom UI for this).

There definitely isn’t a built in UI for this, so something custom would need to be added on your end. With that said, are you storing all tokens using the store_all_tokens? config? If so you can lookup the old token and send it, something like:

Token
|> Ash.Query.filter(subject == ^"user_#{^user.id}" and purpose == "confirm" and expires_at < now())
|> Ash.read_one()
|> case do
  ... # call your sender with the user and the token
end

If you aren’t storing tokens, then you’d do something like

claims = %{"act" => "confirm"}
strategy = AshAuthentication.Info.strategy(User, :confirmation)

{:ok, token, _claims} = Jwt.token_for_user(user, claims, token_lifetime: strategy.token_lifetime)

# call your sender with the user and the token

This definitely isn’t as ergonomic as it could be, but adding resend with a nice interface (likely via an update action on the user, like resend_confirmation, would likely take some time, so I’m looking to provide ways you can achieve this in the short term. If you could open an issue requesting first-class support for this that would be great :slight_smile:

1 Like

Thanks for the quick response @zachdaniel, I’ll give this a try.

I’m finally digging into Ash and +1’ing this as a not-yet-but-probably-will-be user :upside_down_face:

1 Like

I dug into this a bit this morning. I am storing the tokens. I think this will work as long as the token hasn’t yet expired. If the token has expired, I think I would still need a way to programmatically generate a new token. Is there a way to do this?

I suppose I could also extend the expiration on the token but that doesn’t seem ideal from a security perspective.

Generating a new token is definitely doable :slight_smile: There re actions on the token resource to generate new ones, so you can create a new confirm token at any point.

To see the actions available on the token resource:

Ash.Resource.Info.actions(YourApp.Accounts.Tokens)