When a user signs up I want them to confirm their email before using the site. By default, Bubble immediately logs the user in when they sign up. I don’t want them immediately logged in, so I’m logging them out after sign up.
If they were to try to login and haven’t confirmed their email, then they’re redirected to an account activation page informing them to activate their account by clicking on the link in the email.
In case they deleted the confirmation/activation email, I want to include a button to send a new confirmation email.
This is where I’ve run into an issue, Bubble is saying the user needs to be logged in, in order to resend the confirmation email.
It’s a bit safer to do this that way (to be logged in to send this email). Prevents from people sending such emails to different users, marking them as non confirmed, etc. Can’t you change your flow instead? It’s more standard that way.
The only way the user gets to the “Activation” page is when they’ve just signed up, or correctly login, but haven’t confirmed their email.
A hacker would have to guess the Unique Identifier to even get to the activation/confirmation page. While not impossible, I think it’s highly unlikely. Even if they did, it’s only sending an additional email to the registered email, which cannot be changed, for verification.
In addition, I’ve built logic into my “Activation” page to redirect that Unique ID to the home page once it’s been activated the first time.
Otherwise I think I would have to build logic into every page of my app to deny/redirect the user, versus hooking it into the login workflow.
I feel like you could have the button to resend the confirmation email to the page that the user is redirected to, and prevent him to go somewhere else if he hasn’t confirmed. Again, that’s how most sites (if not all) do.
@emmanuel, OK, I’m trying to rework it so the user performs the actions while logged in. So my current issue is with the workflow that evaluates if the email is confirmed. I have confirmed the email, but the highlighted workflow below is still getting evaluated as if it’s not confirmed. Could you add the “Email Confirmed” field to the database view so I can see if the value is set to “yes”?
Thanks Emmanuel, that was easy! And I realized that my event would never work. I moved the “when Current User’s email confirmed” into a custom event that gets evaluated after the “Log the user in” action.
I have read this like 5 times and it still doesn’t make sense to me. Why would a user have to be “logged in” to receive a confirmation email? The whole point of a confirmation email is to confirm the email BEFORE they are logged in.
I’m totally lost and can’t make sense of why this concept in bubble is so confusing. Bots would be signing in all day without confirming an email. I have spent 6+ hours just try to get the user to confirm their email.
I completely agree, the discussion doesn’t make much sense. Why would you require to login in order to confirm that you are allowed to login. catch 22 anyone.
My solution to this hole mess is (maybe that’s what they meant somehow?) that I create a workflow which 1. log the user in. 2. send the activation code again in the workflow. and 3. log them out directly. I’m sure it’s possible to kind of stop this process as it is client side. Maybe doing it as a backend workflow would make this even safer. But it Does work.
Dear all
I see that the issue is solved, but I also understand nothing.
I search on the Internet a way to authorise user to log in only if email is confirmed. I found nothing.
This does not solve the issue this post is talking about - we’re trying to resend a verification email to a user if they are logged out (for example, if they can’t find the email)
Any updates on this topic?
Same situation here…
Also the confirmation_email ID does not match User ID and Email Confirmed property does not show “YES”.
I really dont know what to do.
This is completely back to front.
The whole singnup/login needs to be thought out properly and redone.
I dont want users automatically logged in. I want the user to first confirm their email - Emmanuel is completely wrong on this.
I am now spending more hours trying to get this working the way it should.
And I realized that my event would never work. I moved the “when Current User’s email confirmed” into a custom event that gets evaluated after the “Log the user in” action.
