I am using Meteor Accounts in my application to send welcome emails with verification link, I wonder if there is any way to configure the number of hours/ days after which the verification link expires?
Also I noticed that whenever I click on verification links, I get message that the verification link expired. I noticed this is also reported by many other developers so I was wondering if there were any fix for this issue?
Related
Would like to seek help as to why am I constantly receiving password changed notification from different users despite security and bot trap plugin are installed.
Anyone has any idea as in why this is happening or is it normal?
I can't get Firebase to send verification emails, anyone with the same issue?
I've created an account, enabled Email/Password, and added users.
However, when I go to the Users tab in Authentication, chooses a user and presses Reset password, Firebase tells me, that the email is send, however I never receive it?
I've tried with multiple different emails (gmail, hotmail etc) and looked through spam etc, however I never receive the email. What am I doing wrong? Some setting somewhere I need to tick-off? Rookie question, I know, but frustrating. Thanks!!
I get the same problem with an user, he didn't receive any email with his work email address from Firebase magic link authentication.
I'm still using Firebase as provider but I think to integrate with sendgrid soon.
I have built an app that uses email & password authentication from Firebase, to enable users to log in, as per the Firebase documentation. The app itself uses Flutter as the coding language. I also have email verification enabled, to prevent spam accounts.
When a user adds their email address and password and clicks 'submit', they're given a notification telling them to check their emails for the verification link, which they must do before being allowed to log in.
The problem I am having is that users do not receive the verification email, so cannot log in. I've come across similar questions on this forum, where the answers have centred around checking spam/junk folders. I have asked the users to do this but they still have not received the email.
I've also tried using my own SMTP server, which is one from which I know I can send emails. Even with this, the users do not receive their verification email. This makes me think the emails aren't being generated/sent, as opposed to them being sent and not being received.
Can anyone suggest why this might be the case? Why is it that users are not receiving the verification email and what can I do to correct this?
If you don't use custom domain, sometimes emails go in spam folder
I am creating a messenger app. In order to register a new user what I want is to get email and password from the user and before creating the account I want to verify the email provided by the user.
But the problem with firebase email verification is that you have to create account/user first then you can send the email verification link to the user.
Now this can lead to major problem: Suppose if some fake user used my email and created account but failed to verify email. But still he manages to create an account with my email.
So if later I will try to register my self to the app then I am firebase is going to show me Email already used.
To solve this issue I want to delete account created if user fails to verify his email just after he tried to register himself.
To do this I created an email verification screen which is pushed as soon as new user register through his email and password. Now here app will be waiting for user to verify his/her email by clicking the link send by firebase. I have also provided a cancel verification button. So if user cancel the verification I am just deleting the account which was already created. I am also handling if user press back key without verifying email which will also delete the user account.
Main Problem: Now the the last thing I need to handle is if user force quit the app. In order to handle this I tried to delete the account in dispose method as well as I used WidgetsBindingObserver. But both of them doesn't work for me.
Please help me to solve this!
The idea of email Link verification was created to solve this problem. Instead of creating an account and then verifying the email after, the account is just directly created from your email. So obviously you must have access to the email to create the account. See https://firebase.flutter.dev/docs/auth/usage/#email-link-authentication for details on how to implement this style of link authentication.
A similar discussion of how to handle quitting the app is occurring here How to execute code before app exit flutter . However abrupt quits from an app whether done by the user or the system are hard to handle by nature.
I wouldn't recommend deleting the account when quitting/ closing etc. the app since it is something legitimate users may do before confirming their email (especially if the email is delayed in being sent for whatever reason). This will cause a lot of frustration.
You could setup a Cloud Http Task to trigger the deletion of that account after a certain time (e.g. a few hours) of the account not being registered.
If they do register in time, you can cancel the task before it runs.
I am using Google Analytics API to fetch analytics data. I tried to authenticate it using following steps:
Created OAuth client ID in https://console.developers.google.com/ credentials section.
In consent screen I had set publishing status as testing
In OAuth 2.0 Playground I got the refresh token using above generated client id and client secret
Then I am using it to generate access token through it.
But after a few days, the refresh token expires although it is mentioned that the refresh token's validity is life long.
If your app is in testing mode then user tokens will expire in 7 days. Please find this explanations here: https://support.google.com/cloud/answer/10311615#zippy=%2Ctesting
I needed to send mails from a gmail account that I have access to, using nodemailer. It works for a couple of days before my refresh token is mysteriously revoked, even though the account belongs to me. A google search brought me here and I had been watching for a while hoping someone would help with a solution.
As you mentioned, this seems to happen with only test/unverified apps and I'm guessing google revokes tokens for such applications in your account after a few days. After much trials and errors, here is what I did.
NOTE: This is solution is only applicable to accounts you own, otherwise you must verify your app to access other people's accounts
Generate a new refresh token (existing one is most likely revoked) as described in this SO post
Go to the security tab of your google account dashboard
Under the Recent security activity section, you should see a security alert for your app.
Click on the context menu next to the notification and click DISMISS
At this point you'll be presented with a dialog of options where you indicate the level of trust you have for the app. I just went ahead and said I trusted the developer/app, obviously. And that's it! The refresh token should persist after this.
I could not find anything related anywhere else.
The other answer pointed me in the right direction but for me the option was located somewhere else: security > security checkup/security issues found > context menu next to your app > dismiss
This issue seems to be for unverified apps, Simply delete the token file from your project and rerun the project, it will create a new token.
My problem was when I've added access_token instead of refresh_token.
What I did:
Go to https://console.cloud.google.com/apis/credentials/consent and change from the testing status to published.
Delete the current token file.
Authorize the API again by signing into your gmail account. You will be sent to a warning screen. From there, you can choose to proceed.
When done you'll get a new token file
The solution is to delete your token.json file to force Google to find a new token.
I was able to get it to work WITHOUT a verified app. Perhaps the refresh() method will work once my app is verified. Not sure on that one.