AdonisJS User Roles: Simple Steps To Require Email Verification In Your AdonisJS App

Simple Steps To Require Email Verification In Your AdonisJS App

Learn how to require your users to verify their email address using a Token model with AdonisJS and Lucid ORM.

Author: Tom Gobich
Published: Dec 04, 22
Duration: 23m 30s
Comments: 9

Developer, dog lover, and burrito eater. Currently teaching AdonisJS, a fully featured NodeJS framework, and running Adocasts where I post new lessons weekly. Professionally, I work with JavaScript, .Net C#, and SQL Server.

Adocasts

Burlington, KY

Visit Website

Requiring email verification is a common practice among many websites. It usually involves the website asking the user to enter their email address and then clicking on a link that is sent to their email address. This link can be clicked or opened in the browser, and it will take them to a page that confirms that they are who they say they are.

This process ensures that only real people with a valid email address can sign up for an account on the site. It also prevents people from using fake accounts or using someone else’s account without permission.

🕑 Chapters

00:00 - Intro
00:30 - Project Review
01:10 - Tracking User Email Verification
02:15 - Verify Email Token Methods
04:45 - VerifyEmailController.index
07:20 - VerifyEmail Mailer
09:58 - Generate Verify Email Token
11:00 - Send Verify Email User Method
12:09 - VerifyEmailController.verify
15:15 - Testing Verify Email Send & Functionality
17:20 - Resend Verify Email On Invalid Token
18:20 - Restricting App Access For Unverified Users
22:54 - Outro

Join The Discussion! (9 Comments)

Please sign in or sign up for free to join in on the dicussion.

mohammadali

Commented 8 months ago

Hi, I want to send email from an email like this [email protected] , So when i call the send mail api if i provide an email like this [email protected] i receive the email in my inbox, but if provide a gmail email account, I do not receive the email not in inbox or in spam, actually i do not face to kind of error while providing gmail account.

1

Please sign in or sign up for free to reply
1. tomgobich
  
  Commented 8 months ago
  
  Hi Mohammad! If I'm following you correctly, you're looking to have emails sent to [email protected] also be received at [email protected], is that correct?
  If so, this is something you'd need to configure within your email registrar, if they support it. For example, within Zoho Mail, you would set up [email protected] as a group email, then add any/all [email protected] emails you want to receive the group's emails.
  
  1
  
  Please sign in or sign up for free to reply
  1. mohammadali
    
    Commented 8 months ago
    Hi sir Thanks for answer.
    this is the configuration of mail.ts in my project.
    const mailConfig = defineConfig({ default: 'smtp', mailers: { smtp: transports.smtp({ host: env.get('SMTP_HOST'), port: env.get('SMTP_PORT'), secure:false, auth: { type: 'login', user: env.get('SMTP_USERNAME'), pass: env.get('SMTP_PASSWORD'), }, }), }, })
    
    Copied!
    
    0
    
    Please sign in or sign up for free to reply
    1. mohammadali
      
      Commented 8 months ago
      
      When i call sendMail route or api i want to send the user password to the provided user email. for instance when i register myself with my gmail account i don't receive my password, But when i register myself with an email like this [email protected] i receive my password.
      So my question is this that why don't receive my password in my gmail inbox or spam.
      
      0
      
      Please sign in or sign up for free to reply
      1. tomgobich
        
        Commented 8 months ago
        
        If it's sending to one inbox but not another, it's likely not a code issue but rather something invalid with how your email provider is set up. You could use a test service, like MailTrap, to verify locally that everything is okay with your code.
        Once you verify that, you should be able to log in to your account with your email provider and check the logs to get more details on why it failed to send. It could be a DNS issue or even a requirements issue. For example, Yahoo and Google, have DMARC requirements.
        Also, I'm not sure what your reasons are so just as a heads-up, sending user passwords via email isn't very secure as emails can be intercepted, and should their email become compromised, that password is also compromised.
        
        0
        
        Please sign in or sign up for free to reply
epenflow

Commented 18 days ago

In AdonisJS v6, when using the access token authentication guard, the auth_access_token table is created. Can we extend this table to store verification and password reset tokens? It seems to have similar columns as you described in your video. Additionally, can we change the type column to an enum type?

1

Please sign in or sign up for free to reply
1. tomgobich
  
  Commented 13 days ago
  
  So long as the underlying data columns remain the same and the changes you're looking to do adhere to the type requirements set by the @adonisjs/auth package I don't think there would be any issues with reusing the table for other tokens. I don't foresee an enum column type causing issues either, so long as you include auth_token as one of the values in the enum.
  If you give it a try, let me know how it goes! 😊
  
  1
  
  Please sign in or sign up for free to reply
  1. epenflow
    
    Commented 12 days ago
    
    Hi Tomgobich, thanks for your advice! It seems like verification token might be included in the new versions of Adonis Js. I noticed an "verification token" being added in a recent commit: https://github.com/adonisjs/core/commit/ec313c2#diff-27097477616ec1c7452fb13b5a8af858ae077b251697870c765bb64b1da013e6
    
    1
    
    Please sign in or sign up for free to reply
    1. tomgobich
      
      Commented 8 days ago
      
      Anytime! Yep, definitely some movement there!! 😊
      
      0
      
      Please sign in or sign up for free to reply