Unable to verify email

[ThatStella7922]

Describe the issue Cannot verify email if I set email verification to mandatory and require the user to login to view the mediacms instance.

1. Visit the site
2. Get redirected to the login page (normal)
3. Enter login details and submit (normal)
4. Email verification is requested and the following email is sent to my inbox:

   
   Hello from localhost!

You're receiving this e-mail because user ThatStella7922 has given yours as an e-mail address to connect their account.

To confirm this is correct, go to https://mydomain.com/accounts/confirm-email/MQ:1q04hz:blcQByPe82mRChAZTI6gr8IJeIMVuNeRTzuIwFWFoSA/

Thank you from localhost! localhost

5. After clicking the given link in the email, the sign-in page is shown once again.
6. I enter my login credentials at this sign-in page once again
7. Another email is sent and steps 5, 6 and 7 repeat infinitely.

(Side note, how do I change the `localhost` string in the sent emails? `FRONTEND_HOST` has been set to http://mydomain.com in `/home/mediacms.io/mediacms/cms/local_settings.py` as instructed in the guide.)

**Environment (please complete the following information):**
 - OS: Debian Bullsye x86_64
 - Installation method: Single server
 - Browser, if applicable: Edge 113 and Safari 16.3 both tried

**Additional context**
I am running MediaCMS through an external reverse proxy and SSL does work.

[ThatStella7922]

I ended up reading other related issues and came up with the following:

if GLOBAL_LOGIN_REQUIRED:
    # this should go after the AuthenticationMiddleware middleware
    MIDDLEWARE.insert(5, "login_required.middleware.LoginRequiredMiddleware")
    LOGIN_REQUIRED_IGNORE_PATHS = [
        r'/accounts/login/$',
        r'/accounts/logout/$',
        r'/accounts/signup/$',
        r'/accounts/password/.*/$',
        r'/accounts/confirm-email/.*/$',
        r'/api/v[0-9]+/',
    ]

I added this new section at the bottom of my mediacms config (at cms/local_settings.py) while making sure that there weren't any other instances of LOGIN_REQUIRED_IGNORE_PATHS configuration in the config file.

It adds a few more pages to the whitelist, and the password/confirm-email matching allows anything after those pages to be whitelisted as well, such as /accounts/password/reset/ or /accounts/password/change/, as well as the tokens used in the email confirmation system.

This fixes email verification as well as password resets for recently created accounts (my process works where I create the user's account with their email, and the user resets their password via email to set their password and gain access.)

I recommend making a polished version of this part of the default configuration to avoid confusion in the future.

[ThatStella7922]

(Side note, how do I change the localhost string in the sent emails? FRONTEND_HOST has been set to http://mydomain.com/ in /home/mediacms.io/mediacms/cms/local_settings.py as instructed in the guide.)

Also another comment regarding the above in my initial issue comment, I didn't end up figuring out how to change the string so my emails still say "Hello from localhost!" and "Thank you from localhost!" but eh it works well enough

[mgogoulos]

Hi, regarding "Hello from localhost" I believe you have to set the Site on the administration panel, go to https://your_portal/admin/sites/site/ and make sure that domain name and display name are set correctly

If you create a PR with the above patch with the extra URLs I can merge it!

[ThatStella7922]

PR created, thanks for the help with the Site name and display name.

Quick tip for others reading, for the domain name don't include a connection prefix (http/https), mediacms will add the correct one as needed