Closed piyush-gangrade closed 1 month ago
Congratulations, @piyush-gangrade! 🎉 Thank you for creating your issue. Your contribution is greatly appreciated and we look forward to working with you to resolve the issue. Keep up the great work!
We will promptly review your changes and offer feedback. Keep up the excellent work! Kindly remember to check our contributing guidelines
@Latish705 Can you verify this?
@govind-kumarr on it @piyush-gangrade verifying it
@govind-kumarr this issue is arising because of we need to add domain in resend
then we can send email
@govind-kumarr and @Latish705, According to the GSSoC rules, the first-come, first-served principle applies. If an issue is raised and considered valid, the person who reported the issue has the first opportunity to resolve it.
@piyush-gangrade really sorry I have recently worked on this functionality in this project and I am also working on frontend for this so thought give a try didn't saw u r assigned I am closing my pull request now
I would like to work on this issue as I am experienced cloud engineer and python developer would you like to asign this issue to me under GSSoC24
Hey @govind-kumarr,
I have a doubt regarding the implementation of email verification for your project. There are several ways to do this, and I need clarification on your preference. Here are the options:
OTP Verification at Signup: When a user signs up, we send an OTP to their email. The user must enter the correct OTP to sign in. If the OTP is incorrect, they cannot sign in.
Email Verification before Access: When a user signs up, we create a user record in the database but only allow them to sign in once their email is verified. Alternatively, we can verify the user first and then allow them to sign in.
Post-Signup Email Verification: When a user signs up, we allow them to sign in immediately. However, they need to verify their email to access certain main features of the website. This allows users to explore the website with limited access until they verify their email.
The purpose of options 1 and 2 is to avoid temporary email accounts and ensure we only allow genuine users. Option 3, however, provides some access to the website for unverified users, which might defeat the purpose of email verification if the main facilities are accessible without verification.
Based on your project needs, I believe options 1 or 2 are more suitable. After reviewing the frontend email verification merge, I am a bit confused. Could you please clarify? If we implement the third option, it diminishes the value of email verification, as there would be no significant difference between verified and unverified users.
Thank you!
Hi @piyush-gangrade Great assessments. yes I agree with you But if we will force user to first verify their email and then only we will allow access to our website that is not a good user experience. Instead what we can do is check if their email exists or not there are various method for that maybe sending a welcome email or test email. If the email they entered is valid and exists then we can allow them to access our website but we can lock some features and unlock them only when they verifies their email. I am also thinking to add a demo user using which someone can take a tour of our website.
All these things are in my bucket list I will work on them.
@govind-kumarr, thank you for the clarification
Detail: The send-verification-email server route should send a verification email to the email address provided by the user. However, it is currently only able to send an email to the email address associated with the Resend API key.
Expected Behavior: The send-verification-email server route should send a verification email to the email address specified by the user.
Current Behavior: The send-verification-email server route sends the verification email only to the email address linked to the Resend API key, instead of the user's provided email address.
https://github.com/govind-kumarr/simple_rag_dashboard/assets/133166222/c28d3617-46b1-4876-9ce9-6f45779333a1