Base solution for your next web application
Open Closed

Email Activation Error #7346


User avatar
0
firnas created

When i click on the email confirmation link send when registering a user, sometimes it thorws a error and sometimes it passes. Can i please know why this is hapenning? The error occures when user clicks the activation link from mobile. After retrying sometimes then it passes.

Please see the audit logs,

If i click the link from the computer web application it pasees.

below is the error received,

Can anyone help on understanding why this issue happens?


27 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team

    Can you modify your code to write the detailed reason in the log? Such as: user == null, or user.EmailConfirmationCode.IsNullOrEmpty()

    You can also write the UserId and ConfirmationCode to the log at the same time to help you find the cause of the problem.

    https://github.com/aspnetzero/aspnet-zero-core/blob/f4ac9540a18a5446f6843277e0bd0b046daa51ff/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Application/Authorization/Accounts/AccountAppService.cs#L161

  • User Avatar
    0
    firnas created

    sure i will try that out and update my findings.

  • User Avatar
    0
    firnas created

    Hi,

    public async Task ActivateEmail(ActivateEmailInput input)
            {
                var user = await UserManager.GetUserByIdAsync(input.UserId);
                Logger.InfoFormat("user is null: {0}", user == null);
                if (user != null)
                {
                    Logger.InfoFormat("user confirmaion code: {0}", user.EmailConfirmationCode);
                    Logger.InfoFormat("input confirmaion code: {0}", input.ConfirmationCode);
                    Logger.InfoFormat("confirmaion code match: {0}", user.EmailConfirmationCode == input.ConfirmationCode);
                }
                if (user == null || user.EmailConfirmationCode.IsNullOrEmpty() || user.EmailConfirmationCode != input.ConfirmationCode)
                {
                    throw new UserFriendlyException(L("InvalidEmailConfirmationCode"), L("InvalidEmailConfirmationCode_Detail"));
                }
    
                user.IsEmailConfirmed = true;
                user.EmailConfirmationCode = null;
    
                await UserManager.UpdateAsync(user);
            }
            
    

    I added logging. The issue occures only sometimes. The issue comes frequently on chrome incognito mode.

    INFO  2019-07-22 08:46:45,059 [28   ] Authorization.Accounts.AccountAppService - user is null: False
    INFO  2019-07-22 08:46:45,059 [28   ] Authorization.Accounts.AccountAppService - user confirmaion code: 
    INFO  2019-07-22 08:46:45,059 [28   ] Authorization.Accounts.AccountAppService - input confirmaion code: 9d347ae77dfb4cddb9dc0d5f1219280f
    INFO  2019-07-22 08:46:45,059 [28   ] Authorization.Accounts.AccountAppService - confirmaion code match: False
    

    Any idea why this happens?

  • User Avatar
    0
    maliming created
    Support Team

    It is possible that the ActivateEmail method was called multiple times (the link was clicked multiple times or requested multiple times). Can you look at the audit log?

  • User Avatar
    0
    firnas created

    I could not find any duplicate records for ActivateEmail method in audit logs. i have created a mobile application and when the user is created the email is send to their email address. When they click on the link from the mobile borwser sometime this issue happens.

  • User Avatar
    0
    maliming created
    Support Team

    When they click on the link from the mobile borwser sometime this issue happens.

    I guess even if this problem occurs, the user will actually be activated, right?

  • User Avatar
    0
    firnas created

    yes. Did you figure out what is causing the issue?

  • User Avatar
    0
    maliming created
    Support Team

    I still think that the ActivateEmail method has been called multiple times. There is no other reason other than this.

    You can also get a link and then open it multiple times, and the same error should occur.

  • User Avatar
    0
    firnas created

    ok i will investigate further and let you know the results

  • User Avatar
    0
    firnas created

    I am using has based routing in the angular application.

    [RouterModule.forRoot(routes,{useHash:true})]

    so the email confirmation url contains a #. Is this causing the issue of multiple times the method to be called?

  • User Avatar
    0
    maliming created
    Support Team

    I am not quite sure, no one mentioned this in google search. Have you tried using the history api?

  • User Avatar
    0
    firnas created

    what is the history API? I think this is due to the # in the url. I had to change the confirmation code generating code becuse it was not generating the correct encryption.

     private string EncryptQueryParameters(string link, string encrptedParameterName = "c")
            {
                if (!link.Contains("?"))
                {
                    return link;
                }
    
                var basePath = link.Substring(0, link.IndexOf('?'));
                if (link.Contains("#/"))
                {
                    link = link.Replace("#/", string.Empty);
                }
    
                var uri = new Uri(link);
                var query = uri.Query.TrimStart('?');
    
                return basePath + "?" + encrptedParameterName + "=" + HttpUtility.UrlEncode(SimpleStringCipher.Instance.Encrypt(query));
            }
            
    
  • User Avatar
    0
    maliming created
    Support Team

    what is the history API?

    I mean using PathLocationStrategy to see if the above problem still occurs.

    I think this is due to the # in the url. I had to change the confirmation code generating code becuse it was not generating the correct encryption.

    Does this solve your problem?

  • User Avatar
    0
    firnas created

    i am clicking on the confirmation email url which has a # in it. That is where the problem happens. i will check PathLocationStrategy and see.

  • User Avatar
    0
    maliming created
    Support Team

    hi firnas I will modify the EncryptQueryParameters method. It currently does not consider the case where there is a # in the url. . I believe this should be the cause of the problem.

    https://github.com/aspnetzero/aspnet-zero-core/issues/2523

  • User Avatar
    0
    firnas created

    Above link is not working

  • User Avatar
    0
    maliming created
    Support Team

    If link is 404, please see:

    https://aspnetzero.com/LicenseManagement

    You can invite anyone to become a member of the ASP.NET Zero organization using their GitHub username. And they can access the ASP.NET Zero private GitHub repositories. Your license plan allows you to add up to 20 users. Right after you add a GitHub user, the user will receive an invitation email. If there is problem receiving the invitation email, alternatively user can visit github.com/orgs/aspnetzero page and accept the invitation.

  • User Avatar
    0
    firnas created

    Ok. so when you click on a email confirmation link with a # it throws the error. Can you please check that as well.

  • User Avatar
    0
    maliming created
    Support Team

    I will fix it today and close the issue of github. Please follow the issue of github.

  • User Avatar
    0
    firnas created

    When i navigate to https://aspnetzero.com/LicenseManagement i get the below error.

  • User Avatar
    0
    alper created
    Support Team

    hi @firnas, contact to [email protected] for your license issue.

  • User Avatar
    0
    maliming created
    Support Team

    hi firnas.

    Try replace the EncryptQueryParameters method with the following code.

    private string EncryptQueryParameters(string link, string encrptedParameterName = "c")
    {
    	if (!link.Contains("?"))
    	{
    		return link;
    	}
    
    	var basePath = link.Substring(0, link.IndexOf('?'));
    	var query = link.Substring(link.IndexOf('?')).TrimStart('?');
    
    	return basePath + "?" + encrptedParameterName + "=" + HttpUtility.UrlEncode(SimpleStringCipher.Instance.Encrypt(query));
    }
    
  • User Avatar
    0
    firnas created

    Hi maliming,

    I replace the code and now it generates the correct email confirmation link even when the # is in the link. I will check if i still get the error when clicking on the link and update here.

  • User Avatar
    0
    firnas created

    The error when clicking on the email activation link is still coming. When clicked on the link the routing happens twice it seems. Is there a way how to stop this?

  • User Avatar
    0
    maliming created
    Support Team

    I guess this may be related to your browser.

    If you can't solve the problem that the link is accessed multiple times, you can modify the ActivateEmail method.

    Skip detection logic if the user's mail has been activated.

    public async Task ActivateEmail(ActivateEmailInput input)
    {
    	var user = await UserManager.GetUserByIdAsync(input.UserId);
    	if(user != null && user.IsEmailConfirmed)
    	{
    		return;
    	}
    	
    	if (user == null || user.EmailConfirmationCode.IsNullOrEmpty() || user.EmailConfirmationCode != input.ConfirmationCode)
    	{
    		throw new UserFriendlyException(L("InvalidEmailConfirmationCode"), L("InvalidEmailConfirmationCode_Detail"));
    	}
    
    	user.IsEmailConfirmed = true;
    	user.EmailConfirmationCode = null;
    
    	await UserManager.UpdateAsync(user);
    }