AWS Cognito ResendConfirmationCode not emailing code - Node / JS - node.js

I am using the AWS Cognito and trying to allow for users to resend the initial registration confirmation email (aka they register, and lose/forget/wait too long on the email verification link). When they register it sends the email no problem. When I use the code below for users that are registered and confirmed it works.
However, if i use below to try to resend that initial email confirmation link for a user that is not confirmed, it returns the right result but the email is never delivered. Can you please help with the right way to resend the initial email confirmation. Thanks!
{
"CodeDeliveryDetails": {
"AttributeName": "email",
"DeliveryMedium": "email",
"Destination": "the email address is here"
}
}
resendConfirmationCode(userName: string): Promise<any> {
return new Promise((resolve, reject) => {
const cognitoUser = this.getUserByUsername(userName);
cognitoUser.resendConfirmationCode((error: any, result: any) => {
if (error) {
reject(error);
} else {
resolve(result);
}
});
});
}

Related

how to send the auth verification email using sendgrid in node js?

I am a new person learning Node.js and also building a project at the same time. I want that as soon as the user provides their email, it should be verified first. For that, I am using SendGrid, but I am not understanding the errors that SendGrid is giving. Can someone please provide me with the code for how to verify the email using SendGrid for authentication in node js.
below is the code that I found on google
import mail from "#sendgrid/mail";
export const registerEmail = (to) => {
try {
mail.setApiKey(api_key);
const msg = {
to: to,
from: "no-reply#example.com",
subject: "Authentication Code",
text: `Your authentication code is:`,
};
// send the email
mail
.send(msg)
.then(() => {
console.log(`Authentication code sent to ${to}`);
})
.catch((error) => {
console.error(error);
});
} catch (err) {
console.log("this is the error", err);
}
};
error

async await not working if sendgrid failed to sent email

I have a question.
I am trying to sent the user a email when they have created an account.
But when Sendgrid fails to sent the email the async await function didn't notice that and the code runs further.
This is my email module
const sgMail = require('#sendgrid/mail')
sgMail.setApiKey(process.env.SENDGRID_API_KEY)
module.exports = {
FreshleafVerificationEmail: async(receiver) => {
const msg = {
to: receiver,
from: 'xxxx#xxxx.com',
subject: 'Verifieer uw email adres - FreshLeaf',
text: 'Verifieer uw email adres door te klikken op de onderstaande link'
}
await sgMail
.send(msg)
.then((response) => {
console.log(response[0].statusCode)
console.log(response[0].headers)
})
.catch((error) => {
console.log(error)
})
}
}
And this is where the method gets executed
try {
//Save settings and user in the database
await FreshleafVerificationEmail(newUser.email)
await newSetting.save();
const user = await newUser.save();
res.status(201).json({message: 'Er is een nieuwe gebruiker aangemaakt', user: user})
}
catch(error) {
res.status(400).json({message: 'Er is een probleem opgetreden', error: error})
}
Can someone help me with this problem
I agree that the answer by #Matt covers the error situation when Sendgrid does not accept the email. As #O.Jones does suggest, the API would be the way to go. I do not work with this particular library, but Sendgrid should return a uniq ID of the email if it was accepted. That can be used to search for the status of the email via API.
Sendgrid provides multiple statuses:
https://docs.sendgrid.com/ui/analytics-and-reporting/email-activity-feed
You should look for Delivered or in case of Deferred you should wait more.
I assume that this may be a bad news, but Sendgrid copies hear a behavior of any other standard email server. With a simpler interface.
The catch is handling the error condition and allows the code to continue. If you want other error handlers to see the error then it needs to throw again:
FreshleafVerificationEmail: async(receiver) => {
const msg = {
to: receiver,
from: 'xxxx#xxxx.com',
subject: 'Verifieer uw email adres - FreshLeaf',
text: 'Verifieer uw email adres door te klikken op de onderstaande link'
}
try {
const response = await sgMail.send(msg)
console.log('Email sent', response[0].statusCode, response[0].headers)
}
catch (error) {
console.log('Email failed to send', msg, error)
throw error
}
}

disable verification code being sent on email verification on cognito

userPool.signUp(
userData.email,
userData.password,
attributeList,
[],
async (err, result) => {
if (err) {
failure(new HttpException(500, err.message));
}
let myCredentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId: process.env.USER_POOL_ID!,
});
new AWS.Config({
credentials: myCredentials,
region: process.env.AWS_REGION,
});
let cognitoIdentityServiceProvider = new AWS.CognitoIdentityServiceProvider();
cognitoIdentityServiceProvider.adminConfirmSignUp(
{
UserPoolId: process.env.USER_POOL_ID!,
Username: userData.email,
},
function (err, _data) {
if (err) {
failure(err);
}
cognitoIdentityServiceProvider.adminUpdateUserAttributes(
{
UserPoolId: process.env.USER_POOL_ID!,
Username: userData.email,
UserAttributes: [
{
Name: 'email_verified',
Value: 'true',
},
],
},
() => {
console.log('done');
}
);
}
);
if (result) {
const cognitoUser = result.user;
success({ user: cognitoUser, sub: result.userSub });
} else {
failure(
new HttpException(
500,
'Authentication server error, please try again later'
)
);
}
}
);
This is the code by which I am signing up a user and auto verify that user on cognito.
Problem being I have 2 different set of user roles, and one user i am auto confirming but for the other i want them to manually confirm, using the code that is sent by cognito.
Now for the one type of user for which the auto_confirmation is done the email and cofirm user is working perfectly, with one caveat.
The code for verification is being sent even if it's auto verified by admincognito.
How can i disable this on this particualr set of code, so that the other user role can confirm with the code that is being sent via email
Cognito isn't really configurable in this regard. Your escape hatch in this case is the lightly documented custom email sender lambda trigger. Perform whatever checks you want before sending the email through SES (or not).
I solved this issue by creating a pre-signup lambda trigger. And passing in the role to it as a user attribute and then auto verifying email and user based on the role.

AWS SES Error: Email address is not verified

I am trying to send email using aws-sdk ses in nodejs.
While executing the code the response I am getting is:
message:
'Email address is not verified. The following identities failed the check in region US-EAST-1:xxxtestemailxxx#gmail.com',
code: 'MessageRejected'
I have already verified the sender as well as receiver email(destination email in a array).
On SES settings of aws console, it is showing the email is verified. I removed the email and then once again successfully verified it.
Last time(few months back) when I used it, everything was working fine.
Below is the screenshot of my aws console related to SES:
Also when I am sending the test email using aws console, its working fine. This is only happening when I am trying to send email using aws-sdk.
Does anyone knows what is wrong, just to be clear I am also posting the code below:
const send_email = function (email, subject, source, payload) {
console.log(email, subject, source, payload);
let email_param = {
Destination: {
ToAddresses: email
},
// ConfigurationSetName: 'XXXRANDOMTEXT_PLATFORM',
Message: {
Body: {
Html: {
Charset: "UTF-8",
Data: payload
}
// Text: {
// Charset: "UTF-8",
// Data: payload
// }
},
Subject: {
Charset: "UTF-8",
Data: subject
}
},
Source: source
};
let send_email = SES.sendEmail(email_param).promise();
send_email
.then(data => {
return true;
})
.catch(error => {
console.log('sending email error:', error);
return false
});
}
If your AWS account is still in the sandbox mode then you have to verify your sender, receiver etc. Go to the prod mod to have access to the full features.

Firebase : How to send a password reset email backend with NodeJs

I'm trying to impliment the code as found here: https://firebase.google.com/docs/auth/web/manage-users#send_a_password_reset_email
var auth = firebase.auth();
var emailAddress = "user#example.com";
auth.sendPasswordResetEmail(emailAddress).then(function() {
// Email sent.
}).catch(function(error) {
// An error happened.
});
But I can't find the sendPasswordResetEmail method in firebase admin.
Anyway I can do this on the backend?
ORIGINAL JULY 2018 ANSWER:
The sendPasswordResetEmail() method is a method from the client-side auth module, and you're right, the Admin-SDK doesn't have it - or anything comparable. Most folks call this function from the front-end...
With that said, it is possible to accomplish on the backend... but you'll have to create your own functionality. I've done this sort of thing before, I'll paste some of my code from my cloud functions to help you along... should you choose to go down this road. I create my own JWT, append it to a URL, and then use NodeMailer to send them an email with that link... when they visit that link (a password reset page) they enter their new password, and then when they click the submit button I pull the JWT out of the URL and pass it to my 2nd cloud function, which validates it and then resets their password.
const functions = require('firebase-functions');
const admin = require('firebase-admin');
var jwt = require('jsonwebtoken');
admin.initializeApp()
// Email functionality
const nodemailer = require('nodemailer');
// Pull the gmail login info out of the environment variables
const gmailEmail = functions.config().gmail.email;
const gmailPassword = functions.config().gmail.password;
// Configure the nodemailer with our gmail info
const mailTransport = nodemailer.createTransport({
service: 'gmail',
auth: {
user: gmailEmail,
pass: gmailPassword,
},
});
// Called from any login page, from the Forgot Password popup
// Accepts a user ID - finds that user in the database and gets the associated email
// Sends an email to that address containing a link to reset their password
exports.forgotPassword = functions.https.onRequest( (req, res) => {
// Make a query to the database to get the /userBasicInfo table...
admin.database().ref(`userBasicInfo`).once('value').then( dataSnapshot => {
let allUsers = dataSnapshot.val() ? dataSnapshot.val() : {};
let matchingUid = '';
let emailForUser = '';
// Loop over all of the users
Object.keys(allUsers).forEach( eachUid => {
// See if their email matches
allUsers[eachUid]['idFromSis'] = allUsers[eachUid]['idFromSis'] ? allUsers[eachUid]['idFromSis'] : '';
if (allUsers[eachUid]['idFromSis'].toUpperCase() === req.body.userIdToFind.toUpperCase()) {
// console.log(`Found matching user! Uid: ${eachUid} with idFromSis: ${allUsers[eachUid]['idFromSis']}... setting this as the matchingUid`);
matchingUid = eachUid;
emailForUser = allUsers[eachUid]['email'] ? allUsers[eachUid]['email'] : '';
}
})
// After loop, see if we found the matching user, and make sure they have an email address
if (matchingUid === '' || emailForUser == '') {
// Nothing found, send a failure response
res.send(false);
} else {
// Send an email to this email address containing the link to reset their password
// We need to generate a token for this user - expires in 1 hour = 60 minutes = 3600 seconds
jwt.sign({ uid: matchingUid }, functions.config().jwt.secret, { expiresIn: 60 * 60 }, (errorCreatingToken, tokenToSend) => {
if (errorCreatingToken) {
console.log('Error creating user token:');
console.log(errorCreatingToken);
let objToReplyWith = {
message: 'Error creating token for email. Please contact an adminstrator.'
}
res.json(objToReplyWith);
} else {
// Send token to user in email
// Initialize the mailOptions variable
const mailOptions = {
from: gmailEmail,
to: emailForUser,
};
// Building Email message.
mailOptions.subject = 'LMS Password Reset';
mailOptions.text = `
Dear ${req.body.userIdToFind.toUpperCase()},
The <system> at <company> has received a "Forgot Password" request for your account.
Please visit the following site to reset your password:
https://project.firebaseapp.com/home/reset-password-by-token/${tokenToSend}
If you have additional problems logging into LMS, please contact an adminstrator.
Sincerely,
<company>
`;
// Actually send the email, we need to reply with JSON
mailTransport.sendMail(mailOptions).then( () => {
// Successfully sent email
let objToReplyWith = {
message: 'An email has been sent to your email address containing a link to reset your password.'
}
res.json(objToReplyWith);
}).catch( err => {
// Failed to send email
console.log('There was an error while sending the email:');
console.log(err);
let objToReplyWith = {
message: 'Error sending password reset email. Please contact an adminstrator.'
}
res.json(objToReplyWith);
});
}
})
}
}).catch( err => {
console.log('Error finding all users in database:');
console.log(err);
res.send(false);
})
});
// Called when the unauthenticated user tries to reset their password from the reset-password-by-token page
// User received an email with a link to the reset-password-by-token/TOKEN-HERE page, with a valid token
// We need to validate that token, and if valid - reset the password
exports.forgotPasswordReset = functions.https.onRequest( (req, res) => {
// Look at the accessToken provided in the request, and have JWT verify whether it's valid or not
jwt.verify(req.body.accessToken, functions.config().jwt.secret, (errorDecodingToken, decodedToken) => {
if (errorDecodingToken) {
console.error('Error while verifying JWT token:');
console.log(error);
res.send(false);
}
// Token was valid, pull the UID out of the token for the user making this request
let requestorUid = decodedToken.uid;
admin.auth().updateUser(requestorUid, {
password: req.body.newPassword
}).then( userRecord => {
// Successfully updated password
let objToReplyWith = {
message: 'Successfully reset password'
}
res.json(objToReplyWith);
}).catch( error => {
console.log("Error updating password for user:");
console.log(error)
res.send(false);
});
});
});
JANUARY 2019 EDIT:
The Admin SDK now has some methods that allow you to generate a "password reset link" that will direct people to the built-in Firebase password reset page. This isn't exactly the solution OP was looking for, but it's close. You will still have to build and send the email, as my original answer shows, but you don't have to do everything else... i.e.: generate a JWT, build a page in your app to handle the JWT, and another backend function to actually reset the password.
Check out the docs on the email action links, specifically the "Generate password reset email link" section.
// Admin SDK API to generate the password reset link.
const email = 'user#example.com';
admin.auth().generatePasswordResetLink(email, actionCodeSettings)
.then((link) => {
// Do stuff with link here
// Construct password reset email template, embed the link and send
// using custom SMTP server
})
.catch((error) => {
// Some error occurred.
});
Full disclosure - I haven't actually used any of those functions, and I'm a little concerned that the page in question refers a lot to mobile apps - so you might have to pass it the mobile app config.
const actionCodeSettings = {
// URL you want to redirect back to. The domain (www.example.com) for
// this URL must be whitelisted in the Firebase Console.
url: 'https://www.example.com/checkout?cartId=1234',
// This must be true for email link sign-in.
handleCodeInApp: true,
iOS: {
bundleId: 'com.example.ios'
},
android: {
packageName: 'com.example.android',
installApp: true,
minimumVersion: '12'
},
// FDL custom domain.
dynamicLinkDomain: 'coolapp.page.link'
};
On the other hand, the page also says these features provide the ability to:
Ability to customize how the link is to be opened, through a mobile
app or a browser, and how to pass additional state information, etc.
Which sounds promising, allowing it to open in the browser... but if you are developing for web - and the function errors out when not provided iOS/Android information... then I'm afraid you'll have to do it the old fashioned approach and create your own implementation... but I'm leaning towards this .generatePasswordResetLink should work now.
Unlike other client features which work on the user object (e.g. sending a verification mail), sending a password reset email works on the auth module and doesn't require a logged-in user. Therefore, you can simply use the client library from the backend (provided you have the user's email address):
const firebase = require('firebase');
const test_email = "test#test.com";
const config = {} // TODO: fill
const app = firebase.initializeApp(config);
app.auth().sendPasswordResetEmail(test_email).then(() => {
console.log('email sent!');
}).catch(function(error) {
// An error happened.
});
public void resetpasswoord()
{
string emailaddress = resest_email.text;
FirebaseAuth.DefaultInstance.SendPasswordResetEmailAsync(emailaddress).ContinueWith((task =>
{
if (task.IsCompleted)
{
Debug.Log("Email sent.");
}
if (task.IsFaulted)
{
Firebase.FirebaseException e =
task.Exception.Flatten().InnerExceptions[0] as Firebase.FirebaseException;
GetErrorMessage((AuthError)e.ErrorCode);
errorpanal = true;
return;
}
}));
}
void GetErrorMessage(AuthError errorcode)
{
string msg = "";
msg = errorcode.ToString();
print(msg);
errorpanal = true;
ErrorText.text = msg;
}

Resources