-
Notifications
You must be signed in to change notification settings - Fork 145
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Email Verification Problems #1613
Comments
@ArthurHetem , @nabeelio any thoughts or ideas about this ? |
Any chance of an update for this? Email verification email is not automatically sent. User must click the "click here to request another" link. |
can there be a user management where email verification can be done by an
officer manually or users created manually? I've been having the same
problem but since I don't have an option in the admin area to manually
bypass this or to create users manually I been going to the database and
creating them and approving that way.
…On Sun, Oct 15, 2023 at 2:47 PM B.Fatih KOZ ***@***.***> wrote:
@ArthurHetem <https://github.com/ArthurHetem> , @nabeelio
<https://github.com/nabeelio> any thoughts or ideas about this ?
—
Reply to this email directly, view it on GitHub
<#1613 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACUOLKKDSOUN2L76MHOQHKTX7Q4WZAVCNFSM6AAAAAA43ZL6YOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONRTGQ4DOMRUGM>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
--
Regards,
Jose Ariel Mejia
917-670-7519
***@***.***
|
This needs lots of changes (or improvements) like;
And as I wrote in the first post, order should be different for new users, they should verify their email before being accepted to the va, not after. |
We can easily send the verification email when the user registers (at the same time as the pending email etc). I think that the event that is listened to automatically send the verficiation email when the user registers is not the right one, if we change it we fix it. However, blocking the pending flow (sending email to admins, offering the ability of accepting it, etc...) as long as the email has not been verfied seems more complicated. |
Sure, but why should an admin gets an email about a non verified user? It may be hard to change things but if we are introducing something critical like this we need to consider all options and provide the best solution. Currently this is not something running fine (considering device differences and 503 errors) :( Anyway, maybe dev needs to add a new event like |
I agree. I would suggest correcting the EventServiceProvider to automatically send the verification email upon registration. Then when verified we send the pending email/the email to admins/ we display the user as pending... As for device changes, this is probably a Laravel security system and I don't know how we could disable it. Finally adding a button which allows admin to request a new email verification / request a new one if the email is changed should be possible since we just have to edit a field in the db. I can try todo all this tomorrow if I find some time otherwise Tuesday maybe |
It may be us (I mean v7) forcing auth for that verification route... Just thinking :) If I can find some time, I can inspect this too (probably tomorrow afternoon in the office as I will be working on another laravel project using email verification) |
I'm taking a look at this right now, the event of registration apparently is the wrong, i've added the verification email on the NotificationEventsHandler before the acceptance e-mail. For the error when the user tries on another device, i can't undestand exactly why this is happening, as in the RouteServiceProvider its group don't have the auth middleware
I and @nabeelio talked about it on the PR, and we concluded that it will not be fine to make db calls when the application is starting (the email verification needs a middleware on the RouteServiceProvider) |
Currently email verification works in below logic;
Here the problem starts (base of this issue)
Version
beta-5 and up
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Technically speaking, I think the verification should happen just after registering the VA, not after being accepted. Admins should be sure that the pending application is valid and ready to be accepted.
So in theory;
Register > Verification Mail > E-Mail Verification > Pending Mail > Accept or Reject (auto or by admin/staff) > Result Mail
should be the order of things.
And users should not be forced to click "send verification link" after waiting it to arrive, this process should be automated fully. Something like `We have send your verification link at 18:59 to your ...@.... address, if you do not receive it, please check spam folder and request a new one after ... minutes" would be nice in that blade.
Additional context
Email verification should be tied to an admin setting (like auto accept), people may want to disable it at all. This should not be a forced feature.
Also we may consider adding a second field to double check the mail entered during registration, like the password... Password + Confirm Password , Email + Confirm Email fields to be sure it is entered properly twice.
The text was updated successfully, but these errors were encountered: