Johnny
Johnny
Explore posts from servers
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
Thats why I have mentioned multiple fields, so it cant be traced back - lets say the userid+usermail+password to create the hash. The same mechanism could be used for a email change token etc.
22 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
After the user changes the password and would use the same token again, the hash wouldnt match with the newly generated one - due to the already changed password -> the token would immadetly be "invalidated" once it was sucesfully used
22 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
To check if the password is the dame as it was, once the password reset token got requested
22 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
Just add a validation hash to the payload once it is being generated
22 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
Sogn it, check if it is signed by thr backend etc.
22 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
You would do everything like it is done now
22 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
Otherwise it isnt
22 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
It would be validated on sending, is the hash matches the current data, it is a valid token
22 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
Into the jwt payload
22 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Password Reset token invalidation
@miho My idea would be, to insert a hash value that is a combination of user/userid+his current password
22 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
For anyone having simillar problems - solved it. It seems to only work with port 587 via hetzner (465 isn't)
26 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
Password, username etc. is correct
26 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
Anyone an idea why SMTP isn't working?
26 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
And
import { type GetVerificationEmailContentFn, type GetPasswordResetEmailContentFn } from "wasp/server/auth";

export const getVerificationEmailContent: GetVerificationEmailContentFn = ({ verificationLink }) => ({
subject: 'Verify your email',
text: `Click the link below to verify your email: ${verificationLink}`,
html: `
<p>Click the link below to verify your email</p>
<a href="${verificationLink}">Verify email</a>
`,
});

export const getPasswordResetEmailContent: GetPasswordResetEmailContentFn = ({ passwordResetLink }) => ({
subject: 'Password reset',
text: `Click the link below to reset your password: ${passwordResetLink}`,
html: `
<p>Click the link below to reset your password</p>
<a href="${passwordResetLink}">Reset password</a>
`,
});
import { type GetVerificationEmailContentFn, type GetPasswordResetEmailContentFn } from "wasp/server/auth";

export const getVerificationEmailContent: GetVerificationEmailContentFn = ({ verificationLink }) => ({
subject: 'Verify your email',
text: `Click the link below to verify your email: ${verificationLink}`,
html: `
<p>Click the link below to verify your email</p>
<a href="${verificationLink}">Verify email</a>
`,
});

export const getPasswordResetEmailContent: GetPasswordResetEmailContentFn = ({ passwordResetLink }) => ({
subject: 'Password reset',
text: `Click the link below to reset your password: ${passwordResetLink}`,
html: `
<p>Click the link below to reset your password</p>
<a href="${passwordResetLink}">Reset password</a>
`,
});
26 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
And with "Dummy" I am only getting
[ Server ] GET /auth/me 401 0.520 ms - 43
[ Server ] POST /auth/email/request-password-reset 200 1856.935 ms - 16
[ Server ] GET /auth/me 401 0.656 ms - 43
[ Server ] GET /auth/me 401 0.520 ms - 43
[ Server ] POST /auth/email/request-password-reset 200 1856.935 ms - 16
[ Server ] GET /auth/me 401 0.656 ms - 43
26 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
I have no clue what I am doing wrong tbh. đŸ˜„
26 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
db: {
system: PostgreSQL,
seeds: [
import { devSeedUsers } from "@src/server/scripts/usersSeed.js",
]
},
client: {
rootComponent: import App from "@src/client/App",
},
emailSender: {
provider: SMTP,
},
}
db: {
system: PostgreSQL,
seeds: [
import { devSeedUsers } from "@src/server/scripts/usersSeed.js",
]
},
client: {
rootComponent: import App from "@src/client/App",
},
emailSender: {
provider: SMTP,
},
}
26 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
auth: {
// 1. Specify the user entity (we'll define it next)
userEntity: User,
methods: {
// 2. Enable email authentication
email: {
// 3. Specify the email from field
fromField: {
name: "xx",
},
// 4. Specify the email verification and password reset options (we'll talk about them later)
emailVerification: {
clientRoute: EmailVerificationRoute,
getEmailContentFn: import { getVerificationEmailContent } from "@src/server/auth/email.ts",

},
passwordReset: {
clientRoute: PasswordResetRoute,
getEmailContentFn: import { getPasswordResetEmailContent } from "@src/server/auth/email.ts",
},
},

auth: {
// 1. Specify the user entity (we'll define it next)
userEntity: User,
methods: {
// 2. Enable email authentication
email: {
// 3. Specify the email from field
fromField: {
name: "xx",
},
// 4. Specify the email verification and password reset options (we'll talk about them later)
emailVerification: {
clientRoute: EmailVerificationRoute,
getEmailContentFn: import { getVerificationEmailContent } from "@src/server/auth/email.ts",

},
passwordReset: {
clientRoute: PasswordResetRoute,
getEmailContentFn: import { getPasswordResetEmailContent } from "@src/server/auth/email.ts",
},
},

26 replies
WWasp-lang
Created by Johnny on 4/2/2024 in #đŸ™‹questions
Mails not being sent (Mailgun and Sendgrid tested => both haven't even got an API request)
Could it be that password reset is not set up by default?
26 replies