Hey there,
I’m working on a site where in I’ll be allowing my users to login into my website. While testing this I realised that anyone with fake email can also login.
How can I implement email verification process just as corvid has ?
(When I signed up in corvid they send me a mail which I have to click in order to verify my id)
Have you read about the Wix Users API?
https://www.wix.com/corvid/reference/wix-users.html
https://www.wix.com/corvid/reference/wix-users-backend.html
If you look in the Wix Users Backend API you will see an approveByEmail or an approveByToken function there that you can use.
https://www.wix.com/corvid/reference/wix-users-backend.html#approveByEmail
https://www.wix.com/corvid/reference/wix-users-backend.html#approveByToken
Register a user sending an email for confirmation
This example demonstrates a common email verification flow. A user is initially registered but not yet approved. At registration, a verification email is sent with a link to a verification page. When a user goes to the verification page, the approval is granted and the user is logged into the site.
The code is split between three locations:
-
A backend web module named register.jsw .
-
The page code for the page where users register.
-
The page code for the page where users confirm their registration.
/*******************************
* backend code - register.jsw *
*******************************/
import wixUsersBackend from 'wix-users-backend';
export function doRegistration(email, password, firstName, lastName) {
// register the user
return wixUsersBackend.register(email, password, {
"contactInfo": {
"firstName": firstName,
"lastName": lastName
}
} )
.then( (results) => {
// user is now registered and pending approval
// send a registration verification email
wixUsersBackend.emailUser('verifyRegistration', results.user.id, {
"variables": {
"name": firstName,
"verifyLink": `http://yourdomain.com/post-register?token=${results.approvalToken}`
}
} );
} );
}
export function doApproval(token) {
// approve the user
return wixUsersBackend.approveByToken(token)
// user is now active, but not logged in
// return the session token to log in the user client-side
.then( (sessionToken) => {
return {sessionToken, "approved": true};
} )
.catch( (error) => {
return {"approved": false, "reason": error};
} );
}
/*********************************
* client-side registration code *
*********************************/
import wixUsers from 'wix-users';
import {doRegistration} from 'backend/register';
export function button_click(event) {
let email = // the user's email address
let password = // the user's password
let firstName = // the user's first name
let lastName = // the user's last name
doRegistration(email, password, firstName, lastName)
.then( () => {
console.log("Confirmation email sent.");
} );
}
/**************************************
* client-side post-registration code *
**************************************/
import wixLocation from 'wix-location';
import wixUsers from 'wix-users';
import {doApproval} from 'backend/register';
$w.onReady( () => {
// get the token from the URL
let token = wixLocation.query.token;
doApproval(token)
.then( (result) => {
if (result.approved){
// log the user in
wixUsers.applySessionToken(result.sessionToken);
console.log("Approved");
}
else {
console.log("Not approved!");
}
} );
} );
It doesnt work, because the new user is not logged in, so the wixUsersBackend . emailUser function will not send an email.
I totally relate to your struggle with fake emails—it’s frustrating when people can just slip through without verification. When I set up my site, I also wanted to ensure my users were legit. I found that implementing a verification email is super effective. It’s similar to what you mentioned with Corvid; sending a clickable link is a straightforward approach. Also, I stumbled upon this handy tool called the Email Checker Tool. You can check it out at bulkemailchecker.com. It’s pretty useful for validating emails before sending verification links.
Since this topic was created, it’s now possible to require new members to confirm their email address before gaining access to your site - Site Members: About the Confirmation Email Sent to Your Members | Help Center | Wix.com