Simple Steps To Require Email Verification In Your AdonisJS App

Learn how to require your users to verify their email address using a Token model with AdonisJS and Lucid ORM.

Published
Dec 04, 22
Duration
23m 30s

Developer, dog lover, and burrito eater. Currently teaching AdonisJS, a fully featured NodeJS framework, and running Adocasts where I post new lessons weekly. Professionally, I work with JavaScript, .Net C#, and SQL Server.

Adocasts

Burlington, KY

Requiring email verification is a common practice among many websites. It usually involves the website asking the user to enter their email address and then clicking on a link that is sent to their email address. This link can be clicked or opened in the browser, and it will take them to a page that confirms that they are who they say they are.

This process ensures that only real people with a valid email address can sign up for an account on the site. It also prevents people from using fake accounts or using someone else’s account without permission.


🕑 Chapters

00:00 - Intro
00:30 - Project Review
01:10 - Tracking User Email Verification
02:15 - Verify Email Token Methods
04:45 - VerifyEmailController.index
07:20 - VerifyEmail Mailer
09:58 - Generate Verify Email Token
11:00 - Send Verify Email User Method
12:09 - VerifyEmailController.verify
15:15 - Testing Verify Email Send & Functionality
17:20 - Resend Verify Email On Invalid Token
18:20 - Restricting App Access For Unverified Users
22:54 - Outro

Join The Discussion! (9 Comments)

Please sign in or sign up for free to join in on the dicussion.

  1. Commented 9 months ago

    Hi, I want to send email from an email like this [email protected] , So when i call the send mail api if i provide an email like this [email protected] i receive the email in my inbox, but if provide a gmail email account, I do not receive the email not in inbox or in spam, actually i do not face to kind of error while providing gmail account.

    1

    Please sign in or sign up for free to reply

    1. Commented 9 months ago

      Hi Mohammad! If I'm following you correctly, you're looking to have emails sent to [email protected] also be received at [email protected], is that correct?

      If so, this is something you'd need to configure within your email registrar, if they support it. For example, within Zoho Mail, you would set up [email protected] as a group email, then add any/all [email protected] emails you want to receive the group's emails.

      1

      Please sign in or sign up for free to reply

      1. Commented 9 months ago

        Hi sir Thanks for answer.
        this is the configuration of mail.ts in my project.
        const mailConfig = defineConfig({ default: 'smtp', mailers: { smtp: transports.smtp({ host: env.get('SMTP_HOST'), port: env.get('SMTP_PORT'), secure:false, auth: { type: 'login', user: env.get('SMTP_USERNAME'), pass: env.get('SMTP_PASSWORD'), }, }), }, })

        Copied!
        0

        Please sign in or sign up for free to reply

        1. Commented 9 months ago

          When i call sendMail route or api i want to send the user password to the provided user email. for instance when i register myself with my gmail account i don't receive my password, But when i register myself with an email like this [email protected] i receive my password.
          So my question is this that why don't receive my password in my gmail inbox or spam.

          0

          Please sign in or sign up for free to reply

          1. Commented 9 months ago

            If it's sending to one inbox but not another, it's likely not a code issue but rather something invalid with how your email provider is set up. You could use a test service, like MailTrap, to verify locally that everything is okay with your code.

            Once you verify that, you should be able to log in to your account with your email provider and check the logs to get more details on why it failed to send. It could be a DNS issue or even a requirements issue. For example, Yahoo and Google, have DMARC requirements.

            Also, I'm not sure what your reasons are so just as a heads-up, sending user passwords via email isn't very secure as emails can be intercepted, and should their email become compromised, that password is also compromised.

            0

            Please sign in or sign up for free to reply

  2. Commented 1 month ago

    In AdonisJS v6, when using the access token authentication guard, the auth_access_token table is created. Can we extend this table to store verification and password reset tokens? It seems to have similar columns as you described in your video. Additionally, can we change the type column to an enum type?

    1

    Please sign in or sign up for free to reply

    1. Commented 1 month ago

      So long as the underlying data columns remain the same and the changes you're looking to do adhere to the type requirements set by the @adonisjs/auth package I don't think there would be any issues with reusing the table for other tokens. I don't foresee an enum column type causing issues either, so long as you include auth_token as one of the values in the enum.

      If you give it a try, let me know how it goes! 😊

      1

      Please sign in or sign up for free to reply

      1. Commented 1 month ago

        Hi Tomgobich, thanks for your advice! It seems like verification token might be included in the new versions of Adonis Js. I noticed an "verification token" being added in a recent commit: https://github.com/adonisjs/core/commit/ec313c2#diff-27097477616ec1c7452fb13b5a8af858ae077b251697870c765bb64b1da013e6

        1

        Please sign in or sign up for free to reply

        1. Commented 1 month ago

          Anytime! Yep, definitely some movement there!! 😊

          0

          Please sign in or sign up for free to reply