Meteor Accounts.createUser not sending verification email - meteor

I am using Meteor accounts core package to create new users and send them verification email, but I am facing a problem as when I call Accounts.createUser from server side as a method, no verification email is sent, however if I called Accounts.createUser from the client side new accounts are created and a verification link is sent to the client...can someone please tell me what I might be missing / doing wrong here? Thanks
Accounts.createUser({email: adminData.email, password : adminData.password});

So some clues and tips. Normally Accounts.createUser will not sent out verification emails and that it does that in one case (client side) and not in the other case (server side) is a little strange. Normally it would only sent out verification emails when you have
Accounts.config({
sendVerificationEmail: true
});
on the server side (see http://docs.meteor.com/#/full/accounts_config). So first you should check that and maybe that already solves your problem.
When this isn't set the only other way an verification email got sent out should be calling Accounts.sendVerificationEmail (see http://docs.meteor.com/#/full/accounts_sendverificationemail) but this is only possible server side. So to make use of that client side you would need to write a server side method with it and call that via Meteor.call from the client side. However if you can't find your problem you could also use that to work around it by using Accounts.sendVerificationEmail within Accounts.onCreateUser (see http://docs.meteor.com/#/full/accounts_oncreateuser) on the server side. Or after you call Accounts.createUser server side as at that point you already know the users email address and the account already got created so that should work really well.
Oh and obviously the email package needs to be installed (http://docs.meteor.com/#/full/email) but as some mails already get sent out I guess that's the case.

Related

firebase.auth().signInWithEmailAndPassword is exposing my email and password

I am new to firebase and I was wondering why my email and password is being shown after signing in.
Why does it happen?
Is there any other way to hide this?
Image:
Your browser will always be able to show you the data sent by API calls before they get encrypted and sent over the network. There is not an issue at all. This can't be used to see other people's passwords or network call details.

Firebase Authentication: Emails sent but not received on special email addresses such as *#gmx.at

I am using Firebase Authentication in my Ionic App. Some users have reported to not receive the verification email which is sent after a user signs up, or when the resendVerificationEmail is triggered.
This works fine for email providers like #gmail.com or #live.de, but for those other users with special providers like #gmx.at it's not working. The emails are sent successfully according to firebase but they are never received.
Possibly the emails get filtered?
Has anyone else ran into this problem? The message template can not be modified but would using a custom SMTP server possibly help?
The problem is solved by using my own private SMTP server for sending the Authentication emails.
I am using a hosting service for my domain that comes with email service so I am using that one. Using other services such as Mailgun or Mailjet etc. might also solve the problem.
You can set up your custom SMTP server right in the firebase console under Authentication/Templates.
I had the same problem with others emails providers (orange.fr sfr.fr free.fr ...). After deeper analysis, it appeared that it is the domain address inside the (generated) link that is detected as SPAM by emails providers (maybe everything that sounds like *.firebaseapp.com)
https://your-subdomain.firebaseapp.com/__/auth/action...
I changed it to a custom one of mine (through Authentication->templates->"Customize action URL" (bottom right)):
https://www.my-custom-domain.com/__/auth/action
and no more problem!
Some doc (note on blue background):
https://firebase.google.com/docs/auth/custom-email-handler?hl=en&authuser=0#link_to_your_custom_handler_in_your_email_templates

Verifying Email in Meteor Application

I am trying to send a verification email to users upon registration. I'm using Accounts.createUser to add users to the database and that works fine without any email verification system. HThen, when I try implementing email verification by using Accounts.sendVerificationEmail, it does not send any email. I have set MAIL_URL and I'm using Mailgun. When I try sending an email within terminal, it sends as expected. I have tried using the process provided here: https://themeteorchef.com/snippets/sign-up-with-email-verification/ where the method is server-side and then I use Meteor.call to call that method but that isn't sending the verification email. I have also tried implementing Accounts.onCreateUser() and calling Accounts.sendVerificationEmail(user._id) from within but that is also not sending the email.
In my server code I have the following in the startup function: Accounts.config({sendVerificationEmail: true, forbidClientAccountCreation: false}); I've also noticed that when I add in any kind of email verification code server-side, createUser fails and tells me the username is not defined but works 100% as expected without any email verification.
Here are some links to various sources I have been trying to use in order to get this working:
verify email using accounts.ui package
https://themeteorchef.com/snippets/sign-up-with-email-verification/
Meteor 1.3 verify email when creating user
I've also been using the Meteor docs but I can't seem to get it working. I also have installed related packages (email, accounts, accounts-ui). Any help is appreciated!
Thank you to #PankajJatav for asking me to read through the server console more carefully! The problem for me was that I am using mailgun as my smtp service. I was using the default sandbox domain when trying to implement my email verification system but the sandbox domain is only for testing purposes. In order to actually get emails sent, I had to go to mailgun and add in the recipients as an authorized recipient. If you set up mailgun with your own domain right from the start, this shouldn't be an issue.
Once again, thank you to #PankajJatav

Meteor Change the sender info on reset password email

When you leave the accounts-password email template as is it shows the sender of the reset password email as Meteor Accounts.
When I try to change it like this
Accounts.emailTemplates.from = "Myself <me#myself.com>";
then the email never gets sent. Does anyone know what the correct way to change this is?
I've just tried to reproduce and think I know what the problem is.. first off I put that line in my client startup (didn't work) but as soon as I moved it to the server startup function the emails were being sent from the correct name/address.
See if that works for you.
David
Does your SMTP provider allow you to send email from that address?
If you're running from meteor.com using they're default SMPT service then I doubt they'll let you set the from address to anything you like for security reasons.

Web service to check existence of email?

I have my little web application, with simple registration strategy - provide email and password and you are done.
Recently bot's starting to attack my application, registering big number of users from non existent emails using the same passwords.
I want to prevent that. My idea is to extend login verification, but check the existance of email address. Do you know any web services (prefereably WCF) that could do that?
This is definitely not the way to solve this problem. Try one of these
Allow user to enter only username and send auto-generated password to their email.
Send a verification link to the user email and approve him/her only after verification
This has been discussed on How to check if an email address exists without sending an email? . Basically there are ways verify email addresses, but in practice none of them is reliable. However, you can still check via SMTP, and if the server denies the existence of the expected user, send him an email with a verification link anyway. This does not prevent spammers from setting up fake servers that acknowledge the existence of any user, of using other peoples email addresses, but it's probably the closest you can get to your initial requirement of having no verification email.
I would recommend you to update your registration form. Try to use something tricky for bots. For example, post the form via AJAX with JSON object wrapper.
Try a service like: http://elasticemail.com/
You can use the api to check if the email was delivered. There is also a 'bouce list' you can check.

Resources