How to do an email check/confirmation/validation with Phoenix?

I’m rather new to the programming world, and I’ve searched for this for a while and haven’t found a solution yet.
Question is - How to do an email check/confirmation/validation with Phoenix? I was looking for something like sending a link to the email for confirmation, because it seems that that’s the way it’s done by virtually all websites/companies.

2 Likes

Have you looked at the Coherence package? It has a Confirmable module that is designed to confirm email addresses.

2 Likes

Haven’t come across it, no. I’ll check it out. Thanks!

Coherence is a full login library, you’d probably want something like just a mailer like mailer or any of the others or so.

2 Likes

Yeah I was struggling a bit… I have a basic login and it works well, so I’m thinking of adding the missing bits instead of throwing it all out and go with a full library.

1 Like

I’ve used bamboo [0] with mailgun and it worked well for me. There are a few tutorials about it [1][2], it integrates well into phoenix and has pretty good docs.

[0] https://hex.pm/packages/bamboo
[1] https://thoughtbot.com/upcase/videos/elixir-and-phoenix-in-production
[2] https://lpil.uk/blog/sending-email-via-smtp-with-elixir-phoenix/

4 Likes

openmaize is a simple enough library to understand it’s working. @riverrun has also made an [example application] (https://github.com/riverrun/openmaize-phoenix-example) to showcase it’s usage.

If you plan to DIY you will find a lot of inspiration in those two repos.

3 Likes

I used gen_smtp with a sengrid-account.

2 Likes

Just want to add, because you said that you are rather new to the programming world…

The basic flow of confirming email address is as follows:

  1. User registered into your app

  2. Your app inserts the user into the DB (perhaps table accounts or something) with a verified field set to false or 0

  3. Your app generates a verify token (usually some random string), and

  • inserts it into a database (another table, such as verify_tokens) and the associated user ID

  • constructs a verify link with the token and send it to the user (might also want to include the user ID in it)

  1. The user receives the email and clicks on the link

  2. In the handler, your app will:

  • check the request params and look up for a verify token belonging to the user ID in the DB and

  • if found, update the verified field of your user on table accounts

I hope that makes sense!

12 Likes

I will recommend email_checker. It’s quite straightforward to use.

That one is very hard to proof… Double-Opt-In does only prrof that the person registering also has at least reading access to the given email account.

This only ensures that the e-mail is valid and exists, right? It doesn’t proof that the person registering is the owner of the email account.

Still narrows down a lot, though :grin:

I wouldn’t put short-lived data into a database, I would store it either in a process or an ets table with some kind of time-to-llive, probably Process.send_after(self(), {:clean, verify_token}, @ttl).

2 Likes

Indeed! I still need to remind myself to think in Elixir sometimes.

1 Like

Haven’t reached that part of the book yet :p. Isn’t there some package to handle that confirmation flow?

1 Like

I don’t know if there is a package for it, but I can try and outline the code needed for this flow if you want. It’s not that difficult …

1 Like

If you don’t mind. Thanks!
I only scratched the surface of processes yet.

https://github.com/idi-ot/mailer

I’ll refactor it later though. If you have any questions, I’m happy to answer.

It’s just a stock phoenix 1.3 app right now.

The important bits are:

EDIT: Refactored it a little. Now it’s an umbrella project. Need to put send_verification into ecto multi.

2 Likes

I’d definitely put it in the database! They may not get around to checking their email soon and the server could restart before then! o.O

8 Likes