search

LeoneBacciu / django-email-verification

A Django app that takes care of verifying a users's email address and activating their profile.
MIT License
356 stars 56 forks source link

Invalid Token #84

Open FarhanMushtaq95 opened 1 year ago

FarhanMushtaq95 commented 1 year ago

I am using mail hog for email testing . Email is sent successfully but when I click the link it says invalid token every time .

I have change token life time to 1 hour but still same issue .

LeoneBacciu commented 1 year ago

Hello, do you have any logs?

FarhanMushtaq95 commented 1 year ago

Mail hog logs are : Sending content: { "ID": "9LAuukyHR6PkWiZ_PVMJxlinv8JtoyaehHppnno-XAA=@mailhog.example", "From": { "Relays": null, "Mailbox": "noreply", "Domain": "aliasaddress.com", "Params": "" }, "To": [ { "Relays": null, "Mailbox": "test", "Domain": "gmail.com", "Params": "" } ], "Content": { "Headers": { "Content-Type": [ "multipart/alternative; boundary=\"===============1339787043231239006==\"" ], "Date": [ "Wed, 13 Sep 2023 08:02:00 -0000" ], "From": [ "noreply@aliasaddress.com" ], "LINK": [ " http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY" ], "MIME-Version": [ "1.0" ], "Message-ID": [ "\u003c169459212046.30276.13088278431826859422@Farhan-Pc\u003e" ], "Received": [ "from Farhan-Pc by mailhog.example (MailHog)\r\n id 9LAuukyHR6PkWiZ_PVMJxlinv8JtoyaehHppnno-XAA=@mailhog.example; Wed, 13 Sep 2023 13:02:00 +0500" ], "Return-Path": [ "\u003cnoreply@aliasaddress.com\u003e" ], "Subject": [ "Confirm your email farhan" ], "TOKEN": [ " eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY" ], "To": [ "test@gmail.com" ] }, "Body": "--===============1339787043231239006==\r\nContent-Type: text/plain; charset=\"utf-8\"\r\nMIME-Version: 1.0\r\nContent-Transfer-Encoding: 7bit\r\n\r\nYou are almost there, farhan!\r\nPlease click the following link to confirm your account: http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\r\nThe token expires on 2:02 p.m.\r\n--===============1339787043231239006==\r\nContent-Type: text/html; charset=\"utf-8\"\r\nMIME-Version: 1.0\r\nContent-Transfer-Encoding: 7bit\r\n\r\n\u003ch1\u003eYou are almost there, farhan!\u003c/h1\u003e\u003cbr\u003e\r\n\u003ch2\u003ePlease click \u003ca href=\"http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\"\u003ehere\u003c/a\u003e to confirm your account\u003c/h2\u003e\r\n\u003ch2\u003eThe token expires on 2:02 p.m.\u003c/h2\u003e\r\n--===============1339787043231239006==--", "Size": 1663, "MIME": null }, "Created": "2023-09-13T13:02:00.4724129+05:00", "MIME": { "Parts": [ { "Headers": { "Content-Transfer-Encoding": [ "7bit" ], "Content-Type": [ "text/plain; charset=\"utf-8\"" ], "MIME-Version": [ "1.0" ] }, "Body": "You are almost there, farhan!\r\nPlease click the following link to confirm your account: http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\r\nThe token expires on 2:02 p.m.", "Size": 412, "MIME": null }, { "Headers": { "Content-Transfer-Encoding": [ "7bit" ], "Content-Type": [ "text/html; charset=\"utf-8\"" ], "MIME-Version": [ "1.0" ] }, "Body": "\u003ch1\u003eYou are almost there, farhan!\u003c/h1\u003e\u003cbr\u003e\r\n\u003ch2\u003ePlease click \u003ca href=\"http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\"\u003ehere\u003c/a\u003e to confirm your account\u003c/h2\u003e\r\n\u003ch2\u003eThe token expires on 2:02 p.m.\u003c/h2\u003e", "Size": 441, "MIME": null }, { "Headers": {}, "Body": "--", "Size": 2, "MIME": null } ] }, "Raw": { "From": "noreply@aliasaddress.com", "To": [ "test@gmail.com" ], "Data": "Content-Type: multipart/alternative;\r\n boundary=\"===============1339787043231239006==\"\r\nMIME-Version: 1.0\r\nSubject: Confirm your email farhan\r\nFrom: noreply@aliasaddress.com\r\nTo: test@gmail.com\r\nDate: Wed, 13 Sep 2023 08:02:00 -0000\r\nMessage-ID: \u003c169459212046.30276.13088278431826859422@Farhan-Pc\u003e\r\nLINK: \r\n http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\r\nTOKEN: \r\n eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\r\n\r\n--===============1339787043231239006==\r\nContent-Type: text/plain; charset=\"utf-8\"\r\nMIME-Version: 1.0\r\nContent-Transfer-Encoding: 7bit\r\n\r\nYou are almost there, farhan!\r\nPlease click the following link to confirm your account: http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\r\nThe token expires on 2:02 p.m.\r\n--===============1339787043231239006==\r\nContent-Type: text/html; charset=\"utf-8\"\r\nMIME-Version: 1.0\r\nContent-Transfer-Encoding: 7bit\r\n\r\n\u003ch1\u003eYou are almost there, farhan!\u003c/h1\u003e\u003cbr\u003e\r\n\u003ch2\u003ePlease click \u003ca href=\"http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\"\u003ehere\u003c/a\u003e to confirm your account\u003c/h2\u003e\r\n\u003ch2\u003eThe token expires on 2:02 p.m.\u003c/h2\u003e\r\n--===============1339787043231239006==--", "Helo": "Farhan-Pc" } }

2023/09/13 13:02:00 [SMTP 127.0.0.1:61663] Session ended

On django site function is called when link is clicked : image

this return invalid token every time . if we debug and see what is return by verify_token we get . image

LeoneBacciu commented 1 year ago

Thanks, can you debug inside verify_token to see where it goes wrong?

FarhanMushtaq95 commented 1 year ago

Yeah Sure.

hmeza commented 1 year ago

Faced same problem here.

In my case I fixed it by sending a datetime to send_email in the expiry parameter, so I call it this way:

expiry_date = datetime.datetime.now() + datetime.timedelta(hours=24)
send_email(instance, thread=False, expiry=expiry_date)

I tried forcing sending 86400 in the expiry parameter expecting token expiration date would be the next day but it appeared as epoch + 1 day. Tested locally and in a prod environment, both with Python 3.11.

I would open a PR to create this timestamp inside send_inner, but preferred to discuss previously as I find it strange that this only fails this way to me. Let me know and I can open it.