I'm using the default settings of the accounts-password package for MeteorJS. Using the default {{> loginbuttons}}, I'm able to add login functionality out of the box. The one thing that doesn't seem to be working is the reset password feature. I've configured the MAIL_URL variable correctly as I can send emails using the email package and when I click on reset password, it pops up on the UI to say that an email was sent. However I am not getting any emails sent to my inbox.
I'd be grateful for any help you give me on this matter. I think it's probably something small I'm missing...
All the best
There is a function that you can call to send this:
Accounts.sendResetPasswordEmail(userId, [email])
http://docs.meteor.com/api/passwords.html#Accounts-sendResetPasswordEmail
Call it from your server code to verify that it works (or not). If this does, it is perhaps something in your styling or html that is preventing it
Related
so I have recently implemented a reset password feature in my App, which sends a email to the user with the reset password link. Something looking like this
https://myfirebaseapp.firebaseapp.com/__/auth/action?mode=resetPassword&oobCode=XXXX&apiKey=XXXX&lang=en
But then when I click on this link, the page freezes up and doesn't load at all. So then I thought maybe its caused due to API Restrictions to allow only certain domains which I preconfigure. So I went to fix it by adding the websites to the allowed sections in the "edit API key " section. But it still doesn't work. So is there any other setting that I need to change or add?:
Please include https://<app-name>.firebaseapp.com as well.
I have implemented the reset password link for my app (using exactly the same firebase code provided at https://firebase.google.com/docs/auth/web/manage-users). It works well when I tried it using a gmail account that I have registered previously on the app (I received the reset password link on gmail and able to change for a new password). However, when I tried it with other email domains (like professional work or school domains e.g #mycompany.com or #school.edu), it does not seem to receive the email (not in junk/spam too). It is very weird because I do receive the 'email verification' link (from firebase) using other domains when I registered using the app but not when I tried to reset the password? Any ideas on how to approach this problem?
As an FYI, currently in Jan 2023, Microsoft 365 business blocks these emails from ever reaching the target mailbox, even if you change the SMTP settings in firebase.
They still appear in your own SMTP sent section, they just never get delivered by MS
Open firebase console goto Authentication then click on Templates > Password Reset then copy given email address (it seems like, 'noreply#YOUR-PROJECT-NAME.firebaseapp.com') then open your Gmail account and paste that email id in search section the tap on 'view message > move to not spam'
This will surly help you
Thanks
Meet Patel
If the code is the same and you don't get an error message, it is extremely likely that the email gets blocked somewhere along to the way to the target mailbox. You'd have to reach out to the system administrator and see if they can find the message somewhere in their spam filters, and ask them to modify the configuration of those to no longer block these messages.
As ganey stated, the problem is that certain email filters such as MS 365 do not accept mails that contain links that are not in pair with the sender domain.
The solution is to add a customized action url that points to the same domain as your sender domain.
Then you need to redirect from that url to the url generated by firebase.
Note:
If you do this in react or another SPA, don't forget to append the query params.
I am trying to send a verification email to users upon registration. I'm using Accounts.createUser to add users to the database and that works fine without any email verification system. HThen, when I try implementing email verification by using Accounts.sendVerificationEmail, it does not send any email. I have set MAIL_URL and I'm using Mailgun. When I try sending an email within terminal, it sends as expected. I have tried using the process provided here: https://themeteorchef.com/snippets/sign-up-with-email-verification/ where the method is server-side and then I use Meteor.call to call that method but that isn't sending the verification email. I have also tried implementing Accounts.onCreateUser() and calling Accounts.sendVerificationEmail(user._id) from within but that is also not sending the email.
In my server code I have the following in the startup function: Accounts.config({sendVerificationEmail: true, forbidClientAccountCreation: false}); I've also noticed that when I add in any kind of email verification code server-side, createUser fails and tells me the username is not defined but works 100% as expected without any email verification.
Here are some links to various sources I have been trying to use in order to get this working:
verify email using accounts.ui package
https://themeteorchef.com/snippets/sign-up-with-email-verification/
Meteor 1.3 verify email when creating user
I've also been using the Meteor docs but I can't seem to get it working. I also have installed related packages (email, accounts, accounts-ui). Any help is appreciated!
Thank you to #PankajJatav for asking me to read through the server console more carefully! The problem for me was that I am using mailgun as my smtp service. I was using the default sandbox domain when trying to implement my email verification system but the sandbox domain is only for testing purposes. In order to actually get emails sent, I had to go to mailgun and add in the recipients as an authorized recipient. If you set up mailgun with your own domain right from the start, this shouldn't be an issue.
Once again, thank you to #PankajJatav
On my Meteor site, users can log in using an OAuth authentication from a particular provider (vKontakte). After logging in, on a special page of my site users can specify also their email address to receive notifications. Obviously, I want to verify the address before any notification sent.
Standard instructions for email verification that I find in Meteor docs and in other sites use accounts-password package. That's OK, and I can call sendVerificationEmail() from my email update code, but the problem is that accounts-password also adds possibility for local (non-OAuth) registration. My site is rather tightly coupled with the OAuth provider, so I do not want to have any other way to login to my site except via this OAuth provider, and so I do not want to have accounts-password package on my site. Or at least I want accounts-password to have no effect from the user point of view except the possibility to send verification emails (no register buttons etc.)
Is there any way to send verification emails without accounts-password package? Or to disable all accounts-password functionality except email verification?
Of course, I can implement email verification completely manually (generate a token, send an email, setup a route for verification), but if there is some more standard way to do this, I'd better stick to it.
I finally solved this by copying the accounts-password.js file to server/lib and removing all code that I did not need. I do not like this solution because if accounts-password wil be updated, I will have to update my file manually, but I see no other way to do this.
I am not sure that all of what you are describing is needed. Granted, the code would exist on the server, but if you were to add accounts-password and call sendVerificationEmail() there is really nothing to say that you will have to have the signup and password functionality that it allows. Are you using the accounts-ui-unstyled to handle the front end portion of the accounts? If so, you can simply not give the user the ability to see or use the functionality you don't want them to have.
I have my site configured to login with email/password (no user name).
I have login, forgot password, and password reset pages working as expected, largely based off of this guide and a lot of poking around. I'm at a bit of a loss looking for a more comprehensive or "advanced" guide for controlling user account behavior.
Currently, a registered user can "invite" another user by simply putting in their email address. This person receives an email which brings them to the login screen, but since there is no password set yet, this person must
Click on the forgot password link
Input their email
Follow the link from the reset email and set their password.
I'm trying to work out how I would get the initial invite email to land the person on a "set password" page.
Even a link to the relevant material is greatly appreciated! I have a feeling I may just be searching for the wrong things.
I haven't done it myself, but off top of my head, as an idea (requires Iron-Router ($ meteor add iron:router)):
1) Send a link to an invited user with the query in the link that equals this user's email (q=email#address.com).
2) Use Iron Router to fetch that query (this.params.query using, perhaps, onBeforeAction method).
3) Put the query into a Session.
4) Within Template.myTemplate.helpers() create a new helper that will display the session.
5) Inside your template: <input type="text" name="user_email_from_session" value="{{helper}}">
Hopefully my approach is not too newbie, but even if so, maybe it will serve you as an anti-inspiration :)
Meteor calls "invite" emails "enrollment" emails.
1) Create a new user on the server (doesn't need a password set).
2) Call Accounts.sendEnrollmentEmail(userId) on the server.
3) User receives an email with a link to set their initial password.
Docs: http://docs.meteor.com/api/passwords.html#Accounts-sendEnrollmentEmail