I’m rather new to the programming world, and I’ve searched for this for a while and haven’t found a solution yet.
Question is - How to do an email check/confirmation/validation with Phoenix? I was looking for something like sending a link to the email for confirmation, because it seems that that’s the way it’s done by virtually all websites/companies.
Have you looked at the Coherence package? It has a Confirmable
module that is designed to confirm email addresses.
Haven’t come across it, no. I’ll check it out. Thanks!
Coherence is a full login library, you’d probably want something like just a mailer like mailer or any of the others or so.
Yeah I was struggling a bit… I have a basic login and it works well, so I’m thinking of adding the missing bits instead of throwing it all out and go with a full library.
I’ve used bamboo [0] with mailgun and it worked well for me. There are a few tutorials about it [1][2], it integrates well into phoenix and has pretty good docs.
[0] https://hex.pm/packages/bamboo
[1] https://thoughtbot.com/upcase/videos/elixir-and-phoenix-in-production
[2] https://lpil.uk/blog/sending-email-via-smtp-with-elixir-phoenix/
openmaize is a simple enough library to understand it’s working. @riverrun has also made an [example application] (https://github.com/riverrun/openmaize-phoenix-example) to showcase it’s usage.
If you plan to DIY you will find a lot of inspiration in those two repos.
I used gen_smtp with a sengrid-account.
Just want to add, because you said that you are rather new to the programming world…
The basic flow of confirming email address is as follows:
-
User registered into your app
-
Your app inserts the user into the DB (perhaps table
accounts
or something) with averified
field set tofalse
or0
-
Your app generates a verify token (usually some random string), and
-
inserts it into a database (another table, such as
verify_tokens
) and the associated user ID -
constructs a verify link with the token and send it to the user (might also want to include the user ID in it)
-
The user receives the email and clicks on the link
-
In the handler, your app will:
-
check the request params and look up for a verify token belonging to the user ID in the DB and
-
if found, update the
verified
field of your user on tableaccounts
I hope that makes sense!
That one is very hard to proof… Double-Opt-In does only prrof that the person registering also has at least reading access to the given email account.
This only ensures that the e-mail is valid and exists, right? It doesn’t proof that the person registering is the owner of the email account.
Still narrows down a lot, though
Your app generates a verify token (usually some random string), and
inserts it into a database (another table, such as verify_tokens) and the associated user ID
I wouldn’t put short-lived data into a database, I would store it either in a process or an ets table with some kind of time-to-llive, probably Process.send_after(self(), {:clean, verify_token}, @ttl)
.
I would store it either in a process or an ets table.
Indeed! I still need to remind myself to think in Elixir sometimes.
I wouldn’t put short-lived data into a database, I would store it either in a process or an ets table with some kind of time-to-llive, probably
Process.send_after(self(), {:clean, verify_token}, @ttl)
.
Haven’t reached that part of the book yet :p. Isn’t there some package to handle that confirmation flow?
I don’t know if there is a package for it, but I can try and outline the code needed for this flow if you want. It’s not that difficult …
I don’t know if there is a package for it, but I can try and outline the code needed for this flow if you want. It’s not that difficult …
If you don’t mind. Thanks!
I only scratched the surface of processes yet.
https://github.com/idi-ot/mailer
I’ll refactor it later though. If you have any questions, I’m happy to answer.
It’s just a stock phoenix 1.3 app right now.
The important bits are:
EDIT: Refactored it a little. Now it’s an umbrella project. Need to put send_verification
into ecto multi.
I wouldn’t put short-lived data into a database, I would store it either in a process or an ets table with some kind of time-to-llive, probably Process.send_after(self(), {:clean, verify_token}, @ttl).
I’d definitely put it in the database! They may not get around to checking their email soon and the server could restart before then! o.O