Django-allauth: Lost email confirmation link

Created on 17 Mar 2013  路  5Comments  路  Source: pennersr/django-allauth

When the user has accidentally lost his email confirmation. There is no way to resend the confirmation. When the user tries to login:

  • It says that the confirmation email is already sent without a resend button.
    or create an account with the same email
  • it complains that the user already exists

With login i think you should provide a resend confirmation button and when user already exists then we should send the confirmation email again..

Thoughts ?

Most helpful comment

I still don't know why the first mail doesn't arrive, I don't even know where to start to debug the issue as it doesn't happen consistently. I do know however that re-sending the e-mail works.

My current assumption is that I have a bug somewhere else on my website or on the server that prevents the mail from being sent sometime when you create an account. But doesn't stop it from being sent again.

I understand that the real fix is to find the problem and correct it, but the whole point of a "resend" button is to handle cases where something goes wrong. (If things never go wrong, we don't need such button)

Right now, I had to add some text to the "Verify your email" message, to explain to users that a new message is sent everytime they try to login. But this means that I expect them to understand the underlying mechanics of the website. I believe a "re-send" button is more clear and instinctive, as users are already trained to use it.

All 5 comments

This shouldn't be an issue. As long as you set ACCOUNT_EMAIL_VERIFICATION to "mandatory", the email will be resent when the unverified user tries to login. And one more thing you need to remember. There is a cool down period for re-sending the email may be I guess it's 3 minutes.

And you're saying that it complains that the user already exists. Which means the user has been created and email has been sent. Probably you could've entered wrong email or it was received in bulk or spam folder. To create an another account with same email you need to set ACCOUNT_UNIQUE_EMAIL to False. Django allows the user to create multiple accounts with same email and unique username.

Anyway I welcome the author's corrections if I made any points wrongly.

@babus is fully correct -- an explicit resend button is therefore not needed. The cooldown period is there such that impatient users who keep on trying to login are not bombarded with e-mail verification requests.

It's great that the mail is automatically sent but most websites do provide a "resend" button. Users won't assume that they should try to reconnect after a certain cooldown to have a new chance of getting the mail.

Here is a practical case that happens to several of my users:
User creates an account and doesn't receive a verification mail. He then tries to connect again, but within the default 180 seconds cooldown. Nothing happens, and there is no "resend" button. He then assumes that his access to this website with this mail won't be possible and gives up/uses a different address.

To solve it, I had to reduce the cooldown to something very small (10 seconds)

@divonelnc I don't think the cooldown is the problem in your scenario. If the mail from less than 180s ago does not arrive, why do you think that sending a new one would arrive?

I still don't know why the first mail doesn't arrive, I don't even know where to start to debug the issue as it doesn't happen consistently. I do know however that re-sending the e-mail works.

My current assumption is that I have a bug somewhere else on my website or on the server that prevents the mail from being sent sometime when you create an account. But doesn't stop it from being sent again.

I understand that the real fix is to find the problem and correct it, but the whole point of a "resend" button is to handle cases where something goes wrong. (If things never go wrong, we don't need such button)

Right now, I had to add some text to the "Verify your email" message, to explain to users that a new message is sent everytime they try to login. But this means that I expect them to understand the underlying mechanics of the website. I believe a "re-send" button is more clear and instinctive, as users are already trained to use it.

Was this page helpful?
0 / 5 - 0 ratings