Email send using app password - Username and Password not accepted? - django

I can't figure out why I can't send email in Django.
I've enabled 2-step verification and generated App Password for this connection.
But Gmail smtp returns:
SMTPAuthenticationError: (535, b'5.7.8 Username and Password not accepted. Learn more at\n5.7.8 https://support.google.com/mail/?p=BadCredentials q29sm16257362qtc.10 - gsmtp')
I thought that using App Password will not cause such errors.
EDIT:
The email uses a custom domain but I guess this is not a problem. I think that smtp.gmail.com should work.
I haven't allowed less secured apps since I think it is not needed with App Password.

I had the same problem with two-factor authentication and allowed less secured apps. It is necessary to use App password ! there is still one last feature to activate: https://accounts.google.com/DisplayUnlockCaptcha
If you have a Gsuite domain click on this link : https://admin.google.com/ac/security/lsa and "Allow users to manage their access to less secure applications"

Related

Unable to reset password in Django

I have an app which allows the user to reset password. I user the django authentification system but everytime I want to send an email I get the error ' 535, b'5.7.8 Username and Password not accepted. '.
I have already generated and app password and replace the password in my "settings.py" but I still get this error.
have you
tried sending passwords with a separate python script or application like the REST Client in VSC to assure the credentials are working? At least when using gmail I know you have to adapt the security settings in the gmail account used.
checked e.g. by using print statements (ONYL in you dev environment!) that the credentials are available as expected?

Sending email with Django using Gmail not working

I'm new to Django and I want to send the email through my Django server using my Gmail account but unfortunately, I'm getting an error while sending emails even though I've put all credentials correctly there is one thing more in my Gmail account which is "less secure apps" that has to be enabled but this feature is no longer available in Gmail so now how can I send the emails in Django?
error while sending the email
b'5.7.8 Username and Password not accepted. Learn more at\n5.7.8 https://support.google.com/mail/?p=BadCredentials f14-20020a05600c4e8e00b0039c5642e430sm4688852wmq.20 - gsmtp'
Since May 30 2022 the less secure apps feature has been disabled. Now, to let 3rd party apps access gmail you must generate an App password and to generate an app password you must first enable 2-factor authentication for your account:
https://myaccount.google.com/apppasswords
Once you have the app password you can simply replace your host account password with the app password:
EMAIL_HOST_PASSWORD = '<app_password>'
You can find the complete email integration process wonderfully explained here: https://github.com/CoreyMSchafer/code_snippets/tree/master/Django_Blog/12-Password-Reset/django_project
im looking forward for an answer too, as i am experiencing the same problem.
In the meantime, i had to change the email provider to another company, for me it worked with mailjet, they have a free plan and no card info needed, hope this helps you!

How to verify users email with token generator link for signup in django webapp

I am doing a web app in Django. I hardly tried to create a TokenGenerator for verifying the user's email to activate the user's account
coming to the problem,
how to send the verification email to the user account while
signup. while signup, users can receive a verification link email
with a token generator
the user has to input the password at the time of account signup
After verifying the email user can log in to the respective page via their mail id and password
while login it should check whether an email is present in the DB
(DB will be updated with user emails )
for the first question, Django has built-in functions and classes for sending emails, you can check them here: https://docs.djangoproject.com/en/3.2/topics/email/ and this post will help you send and email: https://dev.to/yash2115/how-to-send-e-mail-in-django-37ge, and if you want sen an email for any user's sign up you have to use signals, check it here: https://docs.djangoproject.com/en/3.2/ref/signals/
other questions are all related and they are pre-built in Django, these links will help you: https://learndjango.com/tutorials/django-login-and-logout-tutorial
https://developer.mozilla.org/en-US/docs/Learn/Server-side/Django/Authentication
repositories which may help:
https://github.com/shoukreytom/pdfstack
https://github.com/shoukreytom/notes
https://github.com/shoukreytom/blog (advanced - apis)
https://github.com/mitchtabian/Food2Fork

Is it possible on Drupal 8 to allow users register themselves and receive confirmation email?

On Drupal8 board /admin/config/account setting, I've checked box that allow users to register themselves and get approve from admin.
I’ve created a new user account and got confirmation as below:
“Thank you for applying for an account. Your account is currently pending approval by the site administrator.
In the meantime, a welcome message with further instructions has been sent to your email address.”
I’ve never got welcome message even so I could see the user that I’ve created under /admin/people - it was blocked.
I’ve checked spam folders, used different browsers but there were no confirmation email as such…
So, I as admin, unblocked this account - but I still could not login since I don’t have any confirmation email with password.
I could only login user if I, as admin will provide login id and password for user.
Is it possible on Drupal 8 to allow users register themselves and receive confirmation email?
If so, how to do so?
Or there is only admin could register the users and users could not register themself?
Thanks.
SMTP server requires authentication to be enabled.
I’ve tried to send and test sending mail using account that is not connected to my hosting - it wouldn’t work.
So, I have set up a mailbox in the account, updated its details in SMTP AUTHENTICATION section as well as in E-MAIL OPTIONS section.
I sent an email to my test account by saving the configuration and it was successfully delivered.
So, the users could sign up, get confirmations by email and register themselves by changing their passwords.

Why to use mod_auth_kerb for authenticating?

I am facing a problem understanding the reason why to use mod_auth_kerb for authentication to a Kerberos server.
I am developing a website using Django + mod_wsgi + Apache .
The first page of my website asks the user to enter username/password and one of my Django app will take the username/password and use Python kerberos module to authenticate the user to the kerberos server.
Where do I need to use mod_auth_kerb here ?
I understand that I will have the power to use the username/password to my advantage,is this the reason of using mod_auth_kerb ?
mod_auth_kerb can do two things:
Prompt the user for a username and password via HTTP Basic and validate them using Kerberos on the server side, or
Allow the browser to authenticate using Kerberos on both sides, via HTTP Negotiate. If the client supports Kerberos, this provides single-signon: the client automatically authenticates to the server via the Kerberos system without prompting for a password, via credentials obtained when the user logged in.
You are doing #1 in your application. It might be useful to move that into Apache, where it can be done once consistently for all apps. #2 you're not doing at all, but it's only useful in an environment in which Kerberos infrastructure is available.
A word of warning: I don't know about the "Python kerberos module," but it's very possible that it is not doing password validation securely. Many things which claim to do this do the equivalent of "kinit": they use the username and password to obtain an initial Kerberos credential (TGT), and claim success if it appears to work. The problem is that they have asked a third party (the Kerberos authentication server (key distribution center), or KDC) to validate the password -- but they have not checked that they are actually talking to a real KDC. They might just have received a message from the same user who gave them the password, and the message of course says, "the password is right." In order to do this properly the verifier needs its own identity in the Kerberos realm (a "principal"), and to take the extra step of using the TGT to obtain a ticket for itself and verifying it; this ensures that the reply is from a genuine KDC.
Another common way of doing this, if your KDCs are Windows domain controllers, is to use LDAP: connect to a domain controller via LDAP and authenticate with the password; the DC will check the password against Kerberos itself. Of course, you have the same problem: you need to verify that you're talking to a genuine domain controller -- but you can do that with TLS via certificates, which may be easier.