Nodemailer and Gmail after May 30 2022 - javascript

Sending an email using NodeMailer & Gmail
Google has reported that after May 30 third party apps cannot use username and password for signing in. Does this affect nodemailer. We usually allow less secure APP in the gsuit gmail setting before using it in nodemailer.
var transporter = nodemailer.createTransport({
service: 'gmail',
auth: {
user: 'youremail#address.com',
pass: 'yourpassword'
}
});

It would help if you generated an app password to use nodemailer.
First, you need to turn on two-factor-authentication.
And then in your manage account go to security.
You can see the app password below two-step verification.
Go to app password select app other and write custom app name (example project name) and click on generate.
You get a password use that password instead of your mail password.

I've been digging all over for this. Their docs are pretty woeful about the change. Found this, not definitive...I'm in the "set up app password let's see if it still works" camp.
Note the reply "Second, yes, the best information we have is that App Passwords will continue to work."
https://support.google.com/mail/thread/157808790/will-imap-work-after-may-30th?hl=en

I had the same issue and solved it.
Follow these steps:
1)Go to the google account security section
2) turn on 2-step verification under "singing in" to google (else 3rd step is not possible)
3) under signing in to google you will find App passwords, click it
4) select the "select app" and click custom app
5) Type any name of your choice and generate a password.
Now use the same email account and instead of your real password use the generated password.

Related

Is there a way I can add users with phone number to firebase admin sdk

I am building a react app with firebase backend.
I would like an administrator to be able to add users to the app using the Firebase admin sdk.
Usually I would do that using a cloud function like this:
return admin.auth().createUser({
email: data.email,
password: data.password,
displayName: data.name,
disabled: false
})
How can I achieve the same using just the phone number and not the email and or password?
Please help.
Thanks.
I think phone auth support is not available in Firebase Admin SDK directly.It does not provide end user authentication methods in the Admin SDK.
As this document mentioned by frank in the above comment,if you create with just phone number by excluding email and password fields.you will get a warning, you are creating user with email without giving email and password fields that are filled with blank fields.But this should not done as per best practices I have tried in the past and it worked but with a warning
phone auth support available in Firebase client SDKs. The FirebaseUser object you get when you complete the phone number sign in contains the unique ID of the user. It also takes care of creating the user account in the Firebase project:
From this document
"After a user signs in for the first time, a new user account is
created and linked to the credentials—that is, the username and
password, phone number, or auth provider information—the user signed
in with. This new account is stored as part of your Firebase project,
and can be used to identify a user across every app in your project,
regardless of how the user signs in."

How to use gmail in smtpJS

When trying to use Gmail in smtpJS, I get the message "Only elasticemail is supported as an SMTP host". Is this a new rule or am I doing something wrong? It seems to have worked before. The code is same as in the documentation
as you can see now only Elastic Email is allowed as a reliable host with smtpjs so you have to create an account at first to use it. You can create a new account here and use a free trial of up to 100 emails/day. For more, you have to pay.

Nodemailer, Heroku, Gmail, invalid login - works locally

I have been having this issue for the past couple of weeks, it works every time locally, however once I deploy it to my heroku server, it will give me an invalid login error. I have gone into the account and givin access to less secure apps. And the credentials are correct, and it works on localhost every time. Is there something I am missing?
quickSendMail: function(routeBody, callback) {
//configuring the nodemailer for email notifications
var smtpConfig = {
host: 'smtp.gmail.com',
port: 465,
secure: true, // use SSL
auth: {
user: 'mysmtpemail123',
pass: '******'
}
};
var mailOptions = {
from: 'SageStorm Site <mysmtpemail123#gmail.com>',
to: ['my email'],
subject: routeBody.subject,
html: 'my message'
};
var transporter = nodemailer.createTransport(smtpConfig);
transporter.verify(function(error, success) {
if (error) {
console.log(error);
} else {
console.log('server is ready to send emails');
}
})
transporter.sendMail(mailOptions, function(error, info) {
if (error) {
console.log(error);
return callback(err, null);
} else {
console.log('Message sent: ' + info.response);
return callback(null, info);
}
})
}
You can allow machines to access your gmail remotely using this link, but keep in mind that Google will affect your default account (even if you are connected with another one).
The easy way: use a incognito / private window (to have no google account connected) and log in your google account and then use the link above.
If that doesn't work try updating your nodemailer to the latest version.
According to https://support.google.com/accounts/answer/6009563, Go to https://accounts.google.com/b/0/DisplayUnlockCaptcha and allow access and try again ..
Also according to docs at nodemailer (https://github.com/nodemailer/nodemailer#delivering-bulk-mail)
I'm having issues with Gmail Gmail either works well or it does not
work at all. It is probably easier to switch to an alternative service
instead of fixing issues with Gmail. If Gmail does not work for you
then don't use it.
I set a bounty to this question, but after looking through the Nodemailer docs/Github, it seems that using Gmail will only lead to headaches.
According to the Nodemailer docs...
"...Gmail expects the user to be an actual user not a robot so it runs a lot of heuristics for every login attempt and blocks anything that looks suspicious to defend the user from account hijacking attempts.
For example you might run into trouble if your server is in another geographical location – everything works in your dev machine but messages are blocked in production."
I believe the second thing was my issue; my Nodemailer ran without issue on my machine, but immediately failed when I pushed the app to Heroku.
As for a fix, my only fix was to use a different email provider. All email accounts I've tried using have been fully authorized to allow other sign-ins and less safe apps; I've gone through every method Google has to offer to allow usage of the account, and I fully believe that it's simply not possible to get consistent results with Nodemailer and Gmail.
Using Outlook/Hotmail worked for me. I also tried switching to a different Gmail account. It worked successfully a couple times, then returned to the previous state.
Most times when one ends up with this kinda error from Nodemailer, one of these options listed by Google gets to fix it, take your time to go through the google account to be used has the required setting.
Google has listed all the potential problems and fixes for us. In as much as you turned on less secure apps setting. Be sure you are applying these to the correct account.
Step 1: Check your password
If you have these problems or can’t sign in, first check to make sure you’re using the right password.
Step 2: Try these troubleshooting steps
If you've turned on 2-Step Verification for your account, you might need to enter an App password instead of your regular password.
Sign in to your account from the web version of Gmail at https://mail.google.com. Once you’re signed in, try signing in to the mail app again.
Visit Display Unlock Captcha and sign in with your Gmail username and password. If asked, enter the letters in the distorted picture.
Your app might not support the latest security standards. Try changing a few settings to allow less secure apps access to your account.
Make sure your mail app isn't set to check for new email too often. If your mail app checks for new messages more than once every 10 minutes, the app’s access to your account could be blocked.

express-stormpath login not working for email-authenticated users

i have a basic node.js / Express server using express-stormpath for user authentication. everything works beautifully without email verification. obviously, email verification is desirable for many reasons, but my email-verified users are unable to use the standard login flow for restricted routes.
specific example on a custom route i have:
app.get('/myaccount', stormpath.loginRequired, function(req,
res.send('Your email address is: ' + req.user.email);});
this route works perfectly for users that registered before email verification.
however, it's broken for users that signed up after email verification. these users received an email, clicked the link, got the confirmation screen ("You account was successfully verified and is ready for use"), and are marked as 'Enabled' in my Stormpath dashboard.
specifically, if they enter the correct password, they are sent to http://glacial-hollows-8156.herokuapp.com/login?next=%2Fmyaccount again, which presents the login screen once more, ad infinitum. if they enter an incorrect password, they get the standard error telling them so
any ideas? perhaps email-verified accounts are not being initialized correctly? the behavior is also the same for Stormpath-provided routes like '/me', so i don't think its my route. as i turn email verification on and off, /myaccount keeps working for non email-verified users, and always breaks in this manner for the email-verified users
this was a config issue with 'Link Base URL' on the stormpath dashboard
it had defaulted to 'https://api.stormpath.com/emailVerificationTokens', which verifies users - although they can't actually log in
instead, change 'Link Base URL' to http://localhost:3000/verify
note that this link is totally out of date, despite being only 3 months old... https://stormpath.com/blog/how-to-add-billing-to-your-api/ do not bother trying to use /verified

NodeMailer Invalid Login

I am new to node.js programming .I am using nodemailer module for sending emails.
const nodemailer = require ('nodemailer'),
credentials=require('./credentials.js');
var mailTransport=nodemailer.createTransport({
service:'Gmail',
auth: {
user : credentials.gmail.user,
pass : credentials.gmail.password,
}
});
function sendMail(mail_id){
mailTransport.sendMail({
from: ' "my name" <myname#gmail.com>',
to : mail_id, //user#gmail.com
subject : 'Hello',
text: "Hello How do u do ?",
},function(err,info){
if(err){
console.log('Unable to send the mail :'+err.message);
}
else{
console.log('Message response : '+info.response);
}
});
}
exports.sendMail=sendMail;
This is my program for sending emails to different users. But I am getting Invalid Login . I don't have any idea why this is coming . I am new to node.js and server side scripting.
I am using my gmail username and password for credentials.
Please help me.
One reason could be the 'modern security standard' protection from Gmail.
Check you gmail inbox for any new mail having subject "Google Account: sign-in attempt blocked"
If yes, open the mail and click on the link https://www.google.com/settings/security/lesssecureapps
set 'Access for less secure apps' to 'Turn on'. Try again, it should be working now.
Particularly 2 issues: or you don't have enabled Less Secure Apps https://myaccount.google.com/lesssecureapps or you don't have enabled Display Unlock Captcha https://accounts.google.com/DisplayUnlockCaptcha, you need to turn on both of them.
U need to Enable Security for Apps :
|*| If u r using gmail,
Use :
service: 'gmail',
Goto :
https://myaccount.google.com/lesssecureapps
Enable :
Allow less secure apps: ON
|*| If u r using yahoo,
Use :
service: 'yahoo',
Goto :
https://login.yahoo.com/account/security
Enable :
Allow apps that use less secure sign in
|*| If u r using Live or Hotmail, No need to enable anything.
Use :
service: 'hotmail',
Did you double-check your login credentials? Also did you double-check your "from" adress to match your email?
I used the nodemailer for some tests 3 weeks ago with the gmail example given on the github page and it worked like a charm:
https://github.com/andris9/Nodemailer
Invalid login indicates mistyped/wrong credentials.
In my case,
turning on less secure apps only was not enough: https://myaccount.google.com/lesssecureapps
I had to enable display unlock captcha also: https://accounts.google.com/DisplayUnlockCaptcha
This solved my issue and i was able to send emails using nodemail and gmail.
This thing is not random actually nodemailer community site itself says to perform the second step to enable captcha, if turning on the less secure apps do not work alone.
https://community.nodemailer.com/using-gmail/
Above image is taken from the nodemailer article link i have shared.
Adding this as a separate answer, since the accepted answer no longer works.
Since May 30, 2022, Google no longer supports less secure apps. There is a nodemailer GitHub issue on this (https://github.com/nodemailer/nodemailer/issues/1424) with the updated steps:
Go to https://myaccount.google.com/security
Enable 2FA
Create App Password for Email
Copy that password (16 characters) into the pass parameter in Nodemailer auth.
...,
auth: {
user: 'yourmail#gmail.com',
pass: 'your_new_app_password',
},
...
if you have a workspace user account you may need to, as an admin:
Create a user group
Add the user to that group
Go to the user group settings and enable unsecure apps under Security so that other groups emails won't be affected
If that isn't enough (this worked for me after everything was fine for months with first three steps), go to myaccount.google.com and log in with the specific user email and password, go to Security again and turn on less secure apps.

Categories

Resources