The use case:
User makes order his payment gets accepted and his details are getting post to a django's view. Using these details django's view creates user and everything that is necessary (Username and password is provided by me). Then before returning it sends email to clients email with his data (Username and password for now).
But sometimes I get a gateway timeout error from apache(app is deployed on openshift). Because the user is created I assume that the timeout comes from the email sending part. How can I make sure everything went ok and inform the user? How can I make sure that if the email isn't sent I can resend it? What is the best practice at that?
If you have timeouts with an API or Service, you should fire your POST / sendmail request with AJAX...
Serialize the whole form (like jQuery's serialize())
Send that data via AJAX (with jQuery's ajax())
Inform the User of success or error (alert() or jQuery UI dialog)
You can find a lot of examples on this website.
Another "dirty" approach would be to add the attribute target="_blank" to your form tag what opens your lazy request in a new tab / window.
Related
I'm working on a scenario when the user never got (or lost) the registration email with the temporary password. Now common sense will drive the user to the "forgot password" process. But here, he'll get an error saying "User password cannot be reset in the current state." What now? I'm trying to find a way to re-send the email with the temporary password FROM the client-side.
I know there's the option of AdminCreateUser with "MessageAction": "RESEND" but that involves the back-end and I would prefer keeping this logic in a component in client-side (where the rest of the authentication logic already is).
I've been trying with the method "resendConfirmationCode" of CognitoUser but I get a "NotAuthorizedException" error with the message "Can't resend confirmation code for this user"
Every other post I've read regarding this very scenario ultimately proposes the AdminCreateUser option without even trying to explain why "resendConfirmationCode" doesn't work.
Even if it can't be done, any help with this issue will be greatly appreciated.
G'day all,
Does anyone have any experience with the Waterlock flow for passsword resets? I've hit a wall which I can see a work-around for, but it seems really in-elegant, so I'm probably missing something.
When I send through an auth/reset POST with an email element, the system proceeds to shoot the email out as planned.
When I then submit the received link in a POST request, with a password element, I see a "404" response.
HOWEVER
If I submit that link as a GET request first, and then submit the POST it works.
When I look into the waterlock-local-auth source, the reset POST action is testing for the presence of a decrypted token in the request object before allowing it to proceed.
SO
Either I code my front end to send a get request (which doesn't respond properly) and then resubmit as a POST, or I go in and hack the waterlock-local-auth code to include a decode of the token (which is what I'm thinking is the most elegant solution).
Any clues?
Thanks,
Andy
I have got a similar problem, but I use angularjs as my frontend. This discussion thread is very helpful:
https://github.com/waterlock/waterlock-local-auth/issues/7
Basically, you are expected to submit a GET request to the url received in the password reset email. After you click the link with the token, you will find in your database that a new ResetToken record has been created and the value in the token column is exactly the one you see in the url. Then you should be redirected to the forwardUrl in waterlock.js setting, where there should be a form or anything that can make you post to:
http://yourdomain.com/auth/reset?password=newpassword
Then the password is reset and the ResetToken record will be removed from your database.
If you look at the handlePost function here:
https://github.com/waterlock/waterlock-local-auth/blob/master/lib/controllers/actions/reset.js#L68
This can explain why POSTing to the url sent to you in the reset password email returns 404. The resetToken must exist in session already in order that issuePasswordReset to be invoked. And the only place to set req.session.resetToken is within validateToken method:
https://github.com/waterlock/waterlock-local-auth/blob/master/lib/controllers/actions/reset.js#L188
So you need a get request first. Hope this helps.
I am trying to integrate SAML with ColdFusion 9 Enterprise. The problem I am facing is related to the SAML request I am doing. I am using CFLOCATION to make the request. When I am making the request the request to the server is made as GET request, and I SAML server expects it to be a POST request, which eventually ends up no matching the tokens sent from my server to SAML server.
I am not sure what is causing this. I also tried make the request using the CFHTTP making redirect = "yes" in this case it would not redirect to the url and would not give any error in firebug or in SAML tracer.
Can any one please help me?
eagerly waiting for a response.
Thank you :)
If the server receiving the SAML requires a POST, then a GET will not suffice, obviously. Since you are doing a <cflocation>, I'm assuming you're trying to redirect the user (and their browser) after building the SAML assertion to the screen.
You either have to:
a) Build your SAML as a form, and include Javascript to force the form to "post" (submit) after it shows on the page.... or
b) You can leave the form on the screen, typically with the SAML assertion embedded in a hidden field, probably named "samlResponse", and let the user click a Submit button to actually go.
YOU (the CF server) can't push the SAML for them. The user has to do it, either with an automated form post via Javascript or by allowing the user to submit the form manually.
Start there, report back.
I'm currently designing a solution with this pretty standard pattern:
1 web-app using Django (it hosts the one and only DB)
1 client mobile app using AngularJS
This client app uses a REST API (implemented on the Django Server with Tastypie) to get and set data.
As a beginner in these architectures, I'm just asking myself where the logic should go and I'd like to use a simple example case to answer my concerns:
On the mobile client App, a client is asked to subscribe by entering only an email address in a form.
a) If the address is unused, inscription is done (stuff is written on the DB).
b) If the address is used, an error is raised, and the user is asked to try again.
What is the workflow to perform these simple operations?
I'm asking for example how to compare the entered e-mail address in the mobile app with the existing e-mail adresses in my DB:
Should I GET the list of all email adresses from the server, then perform the logic in my client app to state if the entered address already exists ? This seems really a bad way to do because getting lots of elements isn't performant with web services, and client should not be able to see all email adresses.
Should I send the entered e-mail address to the server and let it make the comparison? But if yes, how am I supposed to send the data? As far as I know, PUT/POST are made to write in the DB, not to just send data to server to analyse it and proceed some logic.
I have the feeling I am clearly missing something here...
Thanks a lot for help.
PUT and POST are designed to be used to create and update resources. The server may or may not have a database behind it. It might use a local filesystem, or it might handle anything in memory. It's none of the client's business. It is certainly common to have business logic on most servers which provide APIs.
Use PUT/POST to send up the email address to the server. The server checks to see if the email address is (a) valid, and (b) allowed. If it fails either check, return a relevant response to the client as documented in the RFC. I would go with 403 Forbidden, which indicates a problem with the data being sent up to the server. Use the entity in the response to detail what the problem was with the request.
I had done similar thing in a angular web app,
I have disabled the submit button, and added a check availability button beside the email field.
I have send the email to server and checked if it already exist and got the result to client,
then asked the user to enter an alternate email if not valid or enable the form's submit button
Alternatively
when the user leaves the email field, You can send the email to a service that validates the email, and get the response, and show a message that this email already exist and disable the submit, or enable the submit button otherwise
I am creating a form through web form from marketers and on submit button's save action I have added a 'Send Email Action' for sending a email. And I have also changed 'Send Email Message' action's parameters and . But still it is not sending email. Please tell me how to resolve this problem?
here is the error:
We experienced a technical difficulty while processing your request.
There are two things you should check.
Does the SMTP server you have configured, actually pass mail through?
Are there any exceptions showing in the Sitecore logs?
This blog post: http://intothecore.cassidy.dk/2012/05/email-confusion-configuring-smtp.html takes you through pretty much everything in relation to setting SMTP options for your Sitecore solution and for Webforms for Marketers. It's easy to get confused as to how these work.