How to implement the email authentication function at the time of user registration

Introduction

I will introduce the flow of the mail authentication function implemented when creating the web service. All you need to do is register the DB and check for duplicates. However, at first it took time to get an image of the implementation method, so I would like to introduce mainly the implementation flow.

Overall flow:

  1. (User) Enter your email address and password
  2. (System) Generate UUID and save it in temporary table with user information
  3. (System) Send the authentication URL to the user
  4. Click the authentication URL from the (user) email address
  5. Officially register the user of the temporary table corresponding to (system) UUID

1. Enter your email address and password

Pass user information to the server side in any way you like, either Ajax or Post.

スクリーンショット 2018-05-13 17.20.36.png

2.3. Save user information in temporary table & send authentication URL to user

We will process in the following flow.

  1. Receive the entered user information
  2. Check if the entered email address is already registered
  3. Save user in temporary table with UUID if confirmed
  4. Generate an authentication URL and email it to the user. The authentication URL is / validate / id = UUID.

To identify that the user clicked on the URL It is necessary to add the information associated with the user saved in the temporary table to the URL. If you can batting or predict, you can authenticate other temporary users, so Use UUID.

RegisterUserController


boolean isMember = memberRepository.existsByUsername(user);


			if(!isMember){
			String vali = UuidUtil.generateUUID();
			BCryptPasswordEncoder passEncoder = new BCryptPasswordEncoder();




			try {
				TmpMember tmpMember = new TmpMember(user, passEncoder.encode(pass), displyname, vali);
				tmpMemberRepository.saveAndFlush(tmpMember);
			} catch (Exception e) {
				e.printStackTrace();
				//status = "Error: DB save failure";
				return status;
			}

			String IPadnPort = myIP.getYourIP();
			String from = "Sender's email address";
			String title = "Request for Tobidemo account confirmation";
			String content = displyname + "Mr." + "\n" + "\n" + "Please follow the link below to authenticate your account" + "\n"
					+"http://" + IPadnPort
					+ "/validate"+ "?id=" + vali ;

			try {
				SimpleMailMessage msg = new SimpleMailMessage();

				msg.setFrom(from);
				msg.setTo(user);
				msg.setSubject(title);//Title setting
				msg.setText(content); //Body settings
				mailSender.send(msg);
			} catch (Exception e) {
				e.printStackTrace();
				//status = "Error: Email sending failure";
				return status;
			}

			status = "ok";
			}
			return status; //ng

		}
		;
		return status; //ng

	}

4. Click the authentication URL from your email address

The following email will be sent to the user.

スクリーンショット 2018-05-13 17.36.51.png

5. Officially register the user of the temporary table corresponding to the UUID

If the user clicks on the URL to access it, they will receive a UUID with id =. Check if the received UUID is stored in a temporary table. If confirmed, in the table that stores the authenticated user information, Re-register. You are then redirected to the service login page.

ValidateUserController.java


@CrossOrigin
	@RequestMapping(value = "/validate", method = RequestMethod.GET)
	public String validate(RedirectAttributes redirectAttributes,ModelAndView mav, @RequestParam("id") String id) throws Exception {

		String isRegisterd = "false";
		boolean isExist = tmpMemberRepository.existsByValidation(id);


		//System.out.println(isExist);

		if (isExist) {
			try {
				TmpMember tmp = tmpMemberRepository.findByValidation(id);
				String username = tmp.getUsername();
				String displyname = tmp.getDisplyname();
				String password = tmp.getPassword();


				Member member = new Member();
				member.setDisplyname(displyname);
				member.setPassword(password);
				member.setUsername(username);

				memberRepository.saveAndFlush(member);

				isRegisterd = "true";

			} catch (Exception e) {
				//TODO auto-generated catch block
				e.printStackTrace();
				 isRegisterd = "false";
			}


		}
		redirectAttributes.addFlashAttribute("isRegisterd", isRegisterd);
		 return "redirect:/edit/begin";
	}

Summary

It's a minimal feature, but it was surprisingly easy to implement email authentication. Since it is my own email authentication logic, there may be something strange, but since it is personal development, it is important to work!

Recommended Posts

How to implement the email authentication function at the time of user registration
Email sending function with Action Mailer at the time of new registration
[Swift] How to implement the countdown function
[Swift] How to implement the LINE login function
[swift5] How to implement the Twitter share function
How to implement the breadcrumb function using gretel
[For beginners] How to implement the delete function
How to delete the tweet associated with the user when you delete it at the same time
[Swift] I tried to implement the function of the vending machine
How to add the delete function
How to create a registration / update function where the table crosses
[Swift] How to implement the Twitter login function using Firebase UI ①
[Behavior confirmed in December 2020] How to implement the alert display function
[Swift] How to implement the Twitter login function using Firebase UI ②
Implementation of user authentication function using devise (2)
[Java] How to use the hasNext function
How to determine the number of parallels
Implementation of user authentication function using devise (1)
[Java] How to set the Date time to 00:00:00
Implementation of user authentication function using devise (3)
How to sort the List of SelectItem
How to implement TextInputLayout with validation function
[Processing × Java] How to use the function
[Spring Boot] I investigated how to implement post-processing of the received request.
How to access Socket directly with the TCP function of Spring Integration
How to change the value of a variable at a breakpoint in intelliJ
[Rails] How to solve the time lag of created_at after save method
How to find the cause of the Ruby error
[Rails 6] Change redirect destination at the time of new registration / login by devise
Customize how to divide the contents of Recyclerview
How to get the ID of a user authenticated with Firebase in Swift
[Rails6] How to connect the posting function generated by Scaffold with the user function generated by devise
Set the time of LocalDateTime to a specific time
[Ruby on Rails] Rails tutorial Chapter 14 Summary of how to implement the status feed
Output of how to use the slice method
How to display the result of form input
[Java] How to get the authority of the folder
I tried to create a log reproduction script at the time of apt install
How to implement authentication process by specifying user name and password in Spring Boot
How to delete child elements associated with a parent element at the same time
Let's implement a function to limit the number of access to the API with SpringBoot + Redis
[Java] How to get the URL of the transition source
How to delete / update the list field of OneToMany
How to set the display time to Japan time in Rails
How to write Scala from the perspective of Java
Speed comparison at the time of generation at the time of date conversion
[Ruby] How to find the sum of each digit
How to install the root certificate of Centos7 (Cybertrust)
[Java] How to get the maximum value of HashMap
[Rails] How to change the column name of the table
[SwiftUI] How to specify the abbreviated position of Text
[Android] How to get the setting language of the terminal
[Rails] How to get the contents of strong parameters
Summary of how to implement default arguments in Java
How to download the old version of Apache Tomcat
Rails learning How to implement search function using ActiveModel
[Swift] How to get the document ID of Firebase
How is the next value of the Time object correct?
How to study kotlin for the first time ~ Part 2 ~
How to study kotlin for the first time ~ Part 1 ~
Introduction of user authentication