From the course: React: Authentication
The basic email verification process - React.js Tutorial
From the course: React: Authentication
The basic email verification process
- [Instructor] At this point in our application, we have a working authentication flow that allows users to both sign up and log into our application. And it also uses JWTs to keep our users logged in and make sure users can only access their own data. Now the next thing that we're going to look at adding to our application is an email verification flow. You see, at the point their application is currently at, users can create accounts with any email address they want, regardless of whether or not they actually own that email address. And that's obviously not ideal because we need a valid email address to communicate with our users and do things like allow them to reset their password, which we'll look at later in the course. And obviously, we also don't want users to be able to use each other's emails to create accounts. So what we're going to do is implement our own full stack email verification flow, basically, from scratch. But the first thing you might be wondering is, how exactly does this whole flow work? Well, just to make sure we're on the same page, let's walk through the basic email verification flow step by step. Now, the email verification process begins when a user creates a new account on our application. At this point, they've entered their email and password, and this information will then be sent to the signup endpoint on our server, which creates a new user account and then stores the user's information in the database, right? We've seen this so far. Now, here's where email verification comes in. In addition to the email and password that the user created their account with, our server is going to create a randomly generated verification hash that the user can't see, and this will be used to prove that the user actually has access to that email address. So once we've generated that verification hash, we're going to send an email to the email address that the user provided, and this email will contain a link with the verification hash that the user can click. And next, if the user actually owns that email address, they'll be able to access this link, which will send them to a special page in our application that takes this verification hash and sends it to the server to see if it's the hash that we actually generated for the user. And of course, if it is, we're going to show the user a message saying that their email was successfully verified, at which point, the user's account will be marked as verified in the database, and they'll be able to access all of our application's features. Well, those are the basics of email verification. Obviously, there are many different variations of this flow that we could implement, and if you're familiar with any of those, feel free to implement them yourself once we walk through implementing this one here.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
The basic email verification process2m 46s
-
Setting up an email provider3m 6s
-
(Locked)
Creating an email provider API key3m 58s
-
(Locked)
Sending emails from Node7m 22s
-
(Locked)
Integrating verification tokens8m 3s
-
(Locked)
Adding a "please verify email" page2m 2s
-
(Locked)
Adding a verify email route4m 18s
-
(Locked)
Creating a verification landing page4m
-
-
-
-
-
-
-