I try to send email to users every time they login to their account in case if someone else is using their account so they can be notified,
so basically I want send this kind of information to logged user email:
account: user email (which this email sends to)
time: timestamp of loggin
ip address: ip of logged user
browser: information of logged user browser
PS:
In matter of fact currently I am storing all these information to my database for analytics purpose so I do have user last login time stamp, ip address, browser info but they are in separate tables, for example user last login time and ip are storing to users table while browser info + user_id are stored in another table named user_trackers so I need the way to gather all these info and send them by email.
Question
How can I collect these info from 2 tables and send them to logged user email address?
So, your problem is in getting database? I suggest making a foreign key and take them relationships . After that, you can load and separately call in App/Mail::build()
Related
In the spring boot rest application (frontend end is Angular), Looking to implement OTP-based login. without any password.
Every time a user needs to log in using a mobile/email number and the OTP sends it to the mobile/email.
The first-time login, treat as registration and create a user in DB, and further same user login will fetch profile data from DB.
Similar to
https://www.cowin.gov.in/
Upon registration, get the user's email and create a user entry in your DB.
When user clicks Login present them with a screen to enter their email. Upon submitting email, check if it exists in the backend. If it does, generate an OTP and save it to the user e.g if using a SQL DB, save the OTP in a column in the user's row. Send the user an email with the OTP and update the UI to display the input field for the OTP.
When the user enters the OTP, verify that what they entered is what is stored in DB. If they match, fetch profile data. If not, display error message.
In my Spring Boot I'd like to have both social login and signup with user and password.
Let's say the user signs-up via Google. After some time, he forgets that he signed-in via Google and tried to register using the same email.
What should happen in this case?
Should I save user info (returned by Google) in a "users" table of my database to prevent the same user to register twice?
Is there an article or something that explains a similar login/registration flow?
you can save all the users(OAuth or signup) in the user table. you can maintain a column by which you will be able to identify them if a user is signed in via OAuth or email. then if a user tries to signup via the same email you can show a message. or you can design your signup process using multiple steps. at first, the user needs to enter her email address, then you can send her an email where she needs to click some link that has some token in the url, if she previously logged in using some oath provider then she will be automatically logged in otherwise she needs to set her password.
A user can have multiple emails. I got two tables "users" and "user_emails". Registration is working fine and it writes the email to user_emails.
Later the users shell be able to add more email-adresses within a backend gui. Now i am stuck with the verification at login, as a user should be able to use any of the email adresses out of "user_emails" with the passwort out of "users".
What do i have to do to get this working?
Thank you.
i am confuse about database relationship...I am creating website like classified ads..without registartion how user can post??
Registration users and without registration users form are same...but how to store data without registartion user
This is form
This is database
user.id is required on your Advertise table only. So, what you can do is first set the user_id on Advertise table that way you can have advertises from registered users and non users.
So if a particular user can check his ads then he can check his ads.
About the unauthenticated users they wont have the deligacy of viewing their ads.
Or you can do something like :
Check auth()->check() if auth exists then give that form if doesn't then get the unregistered user email and give the services of checking ads with email
I want to Create a user screen with Two authentications (SMS and Email)
User will receive email to verify and activate his account first.
After that he set password and he will receive SMS massage to verify the password.I want to do this in Oracle apex.I have tried Custom Authentication but i didn't found fruitful, Any one have some good idea to achieve this.
after u take care of the email and sms verification, u should store that data in the data base and create a function to use in your custom authentication that verifies if the user is already validated.
put the function in shared components -> authentication schemes -> settings -> Authentication Function Name
(the function must return true or false to allow the login)
I'm not a fan of using SMS for Two-Factor Authentication, but if you must, perhaps this might demo implementation for Time-based One Time Password (TOTP) might give you some ideas: https://github.com/fuzziebrain/orclapex-tfa-demo
I provided some background information here as well: https://fuzziebrain.com/content/id/1718/
Good luck!
I have achieved this in one of my APEX project but only with the e-mail. For the sms I use it in another context but you could still do it. You will need a smtp server ( you can run one on your server ) and for the sms you will need an external provider. In your oracle database, create a table called OTP ( one time password ).
This table contains a foreign key to a user. When the user creates an account, run a dynamic action in pl/sql that will generate a random 6 digit number that will be encrypt in your OTP table. This dynamic action will also send an email to the user with APEX_MAIL. The full documentation for how to use APEX-MAIL is here and it is pretty easy to use. You can send the user the password for authentication trough email.
Create a new session user called user_na (not authenticated) and make it so that when he connects, the only page he can see is a page with a text field to enter the password he receive through email. After he enters it, encrypt it the same way you did when he created an account and compare the password in the OTP table. If they match , change his account type to user and then he will be able to access every page that you made accessible for the users.
If you also want to send an sms, I recommend using this tutorial. The sms provider have a free trial if you want to test. If you have any questions don’t hesitate to ask I can easily help you with this.
NOTE: if you don’t want to create different session_users you can just add a column in your user table named authenticated. Set it to 0 by default and to 1 when he enters the email password. Then, when he log in, check if this value is 0 or 1 to know which page you should redirect him to.