Verified email in Spring Boot/Security registration - spring-boot

How to verify an email provided during registration is a real one? Confirmation link is an obvious choice, but I've seen websites where some kind of email verification happens right after you click 'register'. If email is fake, the process stops. How can this be done in Spring?
(example: safaribooksonline)

You have to check if the mail got bounced. If it does, it's not a valid email. You can use an api provided by neverbounce and here is the github link for that in java.

You can try the MailboxValidator API.
Just sign up for the free API key at https://www.mailboxvalidator.com/plans#api
Then you can use the Java code at https://github.com/MailboxValidator/mailboxvalidator-java or use Maven https://mvnrepository.com/artifact/com.mailboxvalidator/mailboxvalidator-java/1.0.0

Related

How to change the default message text of OTP message sent by twilio verify

I am using Twillio API in my laravel application to send users an OTP, when they try to login through their mobile number. It is working fine, it is sending a message like "Your verification code is XXXXXX". My question is, is there any way so that I can customize the message text?? I want to greet my users when they try to login through the phone. I want to add the greeting line with the default line of verifying the message. Any suggestion is appreciable. Thanks in Advance.
Twilio developer evangelist here.
By default you cannot customise the message. As Alan points out, the application name can be set as the service friendly name, which inserts the name in the message
Your {Service Friendly Name} verification code is: {code}
But this does not allow you to directly customize the text on a per user basis.
There are customization options available but you need to talk to Twilio sales to enable them.
Just the Verify Application/Service Name which is conveyed in the message.
Friendly Name (used in the Verification message templates)
If You want message like this :
Your Grocery-store verification code is : ******
then change your verify service name from twilio console as Grocery-store

Parse Email Verification inverse

There is a method in Parse to send the confirmation e-mail with a link to not confirm? Because in the app is uncomfortable to go out and confirm and return.
Something like "If you decided to signup here, please ignore this link, otherwise if you not, click on the link"
Thanks
If you are using the Parse SDK, you aren't forced to use the email verification. It's just an option. So your user are able to register without the need of email verification and they will get the pass recovery mail if they don't have verified address.

Approval link in email body

Need help in implementing email based approval system. Ex: Manager gets an auto triggered mail for his/her approval with a approval link in email body, when the manager clicks on the the link, it should validate the manager and then approve it. I tried searching on the internet but didn't find relevant resource.
Request you to Please help me with your ideas, suggestions or how I should proceed, or any plugin or jar is available??? It would be very helpful to me... Thanking you...
EDIT: Thanking you for replying. We have a java web app build using spring framework (MVC) where in employees can apply leaves which has to be approved by his/her manager. If an employee applies leave then a mail is triggered for approval to his/her manager with the leave details. After looking the mail, the manager logs-in to the application to approve or reject the leaves. So request you to Please help me in how to give a direct link in the mail to approve or reject the leaves.
For one of our applications we had the same requirements - employees can submit vacation requests and supervisors will be notified via mail. We have written an article about the exact way we did it - available here.
So in a nutshell, we are using Spring Integration and GMail. Each new vacation request yields an email send to all supervisors. Supervisors can reply with either approve or reject. We only accept email addresses from our domain, but since these can be faked we introduced a shared secret - a UUID added to the mail's subject which then relates to the id of the vacation request.
Once an email comes in we run the business logic to figure out whether a request shall be approved or rejected.
As I stated in my comment, I used Velocity to template my email message. You don't have to use it, but it made my job easier. You should be able to read up on it.
Java itself has the ability to send emails in it's Java EE framework using JavaMail, or you can use Spring's wrappers. You will need access to a mail server of some sorts, and would highly recommend that you setup an email box specifically for this process. I actually used my gmail account during testing, but I wouldn't recommend that for a long-term solution. I assume your company would have an email server setup somewhere you can use.
The process flow would be:
Employee fills out request
System generates an email to employee's manager(s) with a link to approve
Manager clicks on link, taken to approval page
Manager approves/denies request
The next question is how to build the URL. I would suggest using something like a UUID or something like that, or the request ID if that makes it easier. You can generate a UUID from any seed String or set of bytes. I like UUID because it obviscates the data being sent.
Anyway, the URL will basically point to a Spring form that will allow the user to approve that request. So, thinking about what you would need, I would expect some DB record that relates the information in the incoming request to the time off request that was filled out. Read in the record, load the page and display it. Simple enough.
The next issue is locking it down so only the authorized people can approve. Again, making a huge assumption here, but I am guessing you are using Spring Security? If you are, you should be able to add a condition to the Controller's handler for this approval form that requires the user to be authenticated (read here) and add a java.security.Principal to the handler methods arguments (read 15.3.2.3 here for what you can pass into a Controller's handler). With the Principal object in-hand, you should be able to compare that to a list of approvers associated with the request record in the DB. I would then have the system generate approval/denial emails that code to all concerned parties.
Let me reiterate that this is NOT the only solution, only one possible solution. This is why I feel this is not a good question for StackOverflow, as it asks a very broad question that doesn't really have a single right answer.

Joomla : Could not instantiate mail function

I have developed a website in joomla, and I have a contact us page, in that the form works fine only when I use to send an email from the same domain
Eg :
From : rimaz#abcd.com
To : john#abcd.com
But when I send to a different domain the form gives an error as "Could not instantiate mail function."
Eg :
From : rimaz#abcd.com
To : john#gmail.com
Can anyone explain me about this problem ??
Instead of debugging your providers SMTP / email setup you can use the new mandrill service from the guys who do mailchimp - Mandrill ( http://blog.mailchimp.com/public-beta-of-mandrill-smtp-email-service/ ) with the plugin :
http://extensions.joomla.org/extensions/content-sharing/mailing-a-distribution-lists/20624
Mandrill is a plugin that allows your Joomla installation to send transactional emails. The only thing you need to do is to provide your Mandrill API key and enable the plugin. After that all emails (new user registration, password reset etc) will be send through the Mandrill service.
Mandrill Features:
Uses MailChimp's awesome email delivery engine instead of your server
Tracks opens and clicks so you know how effective these emails are to your users . Now you can > see what you need to change to make them
more effective.
Has pretty, visual reports of the email results
Allows you to tag the emails and see your stats filtered by tag
Why would understanding transactional emails be important for you. An example is when a user signs > up on your site an email is sent via Joomla. But, you get no reports to understand how effective that email did. These emails are sent as instructions to your users telling them a message you want them to understand. Where they designed good? Was the content well written? Was it structured properly? This is hard to say when it goes thru Joomla but now you will understand all this when the emails goes thru Mandrill.
This is a setting from your host. YOu can ask them for help in figuring out how to make it work, but they are trying to prevent you from using their hosting to spam people.
Sometimes it is possible to work around it but not always.
This usually happens due to restrictive mail server settings, which you most likely don't have influence on with shared hosting.
If you have more control over the server, you should fix the mail server settings.
If not, the easiest way is to use Joomla's ability to send mails using any SMTP mail account. Create a mail account for Joomla, and enter the credentials in Joomla's configuration. Joomla will then use that account to send mails. So will extensions, if they are properly written.

Contact-Me from webpage without using email client

help out a noob with a simple web development question??
I want to create a Contact-Me form on my website, but I'd like it to not go through the email client that's installed on the user's machine, in case they're at a public terminal. I don't mind if the email comes from "me" to "me", as long as nobody can use it to spam me! Is there a way to get it to safely use the SMTP server it uses when I myself send an email? (This is a Yahoo-hosted website, and I have a Yahoo email account associated with it.)
Sure. You want a simple contact form that posts to some .php/.asp/.whatever script. That script should be able to use the SMTP server from your host (Yahoo!). You may end up sending from a different email than your personal #yahoo.com one, but just look up the info for your host.
I Googled "yahoo hosting send email" and the first result looks very relevant: http://help.yahoo.com/l/us/yahoo/smallbusiness/webhosting/php/php-17.html
As for wanting to stop spam from coming in through the form, just implement a captcha. I'd recommend using reCAPTCHA - it's free and has sample code that you can basically just plug in.

Resources