After clicking verify email address button in the email, I got 403 invalid signature.
I'm using shared hosting
I have read these
Laravel 5.7 email verification throws 403
https://laracasts.com/discuss/channels/laravel/403-invalid-signature-every-time-i-try-to-verify-email-in-laravel-57
https://laracasts.com/discuss/channels/laravel/email-verification-403-invalid-signature
but still can't solve my problem
Same happen to me, but only in production while using FORCE_HTTPS to set all my routes to https,
if I disable Force_https it works, but my routes go back to https.
Maybe the verification link is already expired.
Referring to UrlGenerator.php,
public function hasValidSignature(Request $request, $absolute = true)
{
return $this->hasCorrectSignature($request, $absolute)
&& $this->signatureHasNotExpired($request);
}
Related
I'm trying to register a webhook url on twitter app and I'm using this package twitteroauth.
Here's what I've code.
$cbUrl = 'https://123456.ngrok.io';
$envName = 'myDevEnvironment';
$connection = new TwitterOAuth(OAUTH_CONSUMER_KEY, OAUTH_CONSUMER_SECRET, OAUTH_TOKEN, OAUTH_TOKEN_SECRET);
$data = $connection->post('account_activity/all/' . $envName . '/webhooks', ['url' => urlencode($cbUrl)]);
I'm using ngrok to get https of my localhost webhook url. But still getting error code 214 in response and below error message.
{"errors":[{"code":214,"message":"Webhook URL does not meet the requirements. Please use HTTPS."}]}
Any help would be appreciated.
Thank you.
['url' => urlencode($cbUrl)]
Their check for whether the supplied URL starts with https:// probably fails, because you URL-encoded the value. Your package likely takes care of encoding any parameter values in API calls itself, so in this case, you would have encoded it twice now.
If they look for https:// at the start of https%3A%2F%2F123456.ngrok.io, that will fail.
Please use HTTPS..
The error is self explanitory, your requests are being denied because you are not on an secure connetcion. Install an SSL certificate on your server.
Here's the ngrok docs on Transport Layer Security
https://ngrok.com/docs#tls
I am developing website using php/codeigniter.
I have downloaded a list of temporary email domains from github (https://gist.github.com/adamloving/4401361)
I integrated this to my website to filter and validate email address.But I noticed that some domains are garbage and cannot detect by the list provided.
Please image below.
Currently Im using this code to filter/validate emails:
public function is_temp_mail($mail='')
{
$this->db->select('domain');
$this->db->from('table_disposal_email_domains');
$domains=$this->db->get()->result();
foreach($domains as $domain)
{
list(,$mail_domain) = explode('#',$mail);
if(strcasecmp($mail_domain, $domain->domain) == 0){
return true;
}
}
return false;
}
How to block garbage domains.Please help.
One of the issue with disposable emails is that new domains are added daily. So, maintaining your own list isn't gonna be enough after a few days.
You can use the validator.pizza API, which is free and updated frequently.
Disclaimer: I made this API 😊
I wrote a simple API for determining the domains of temporary mails, all you need to determine the temporary mail is to send a GET request:
https://api.testmail.top/domain/check/data=example#mail.com&ip=8.8.8.8
with authorization header:
Authorization: Bearer XXXXXXXXXX.XXXXXXXXXX.XXXXXXXXXX
and in response you will receive a message like this if the mail turns out to be temporary:
{
"error": 0,
"result": false,
"message": "This domain is in Blacklist"
}
you will receive such an answer if the mail turns out to be trusted (something like gmail.com or yahoo.com):
{
"error": 0,
"result": true,
"message": "This domain is in Whitelist"
}
I have described error codes and more detailed instructions on this page
It would be good if you use a third party package to help you on blocking temporary email domains. You can use MailboxValidator API, which had 300 free API credits per month. You can use the free API key with MailboxValidator CodeIgniter Email Validation Package after sign up.
Disclaimer: I am working at MailboxValidator.
I'm implementing OpenId Connect into my Yii2 app using the yii2-authclient library. I can login and exchange the code for a token with no problems. I've followed most of the code examples on the web and set a successCallback function that gets called once a user successfully logs in. It looks like this:
public function successCallback(ClientInterface $client)
{
$attributes = $client->getUserAttributes();
}
This code gets called, but calling getUserAttributes() results in the following error:
Exception – yii\authclient\InvalidResponseException
Request failed with code: 400, message:
{"error":"invalid_request","error_description":"Token not provided"}
The logs on the id server show a blank client and user, with an error of invalid_token.
I took a close look at the request I make and I see an access_token element. Any ideas what the problem might be? I can provide more information if necessary.
I figured it out. The problem was that the yii2-authclient library was sending the token as a GET parameter and the ID server was expecting it as a POST param. I upgraded the yii2-authclient library and that solved the problem since a recent change sends the parameter as POST instead of GET.
I'm writing a single page web application.
I'm using Vue.js in the frontend and Laravel in the backend.
I included Passport token authentication and I'm getting the auth token sending
var login_data = {
client_id : 2,
client_secret : "SECRET_KEY",
grant_type : "password",
username : "mail",
password : "pass"
}
To this Passport endpoint http://IPADDRESS/oauth/token. Then I authenticate my AJAX requests including this header
{ 'Authorization': 'Bearer ' + ACC_TOKEN }
Most of the time everything works fine but sometimes I get 401 unauthorized. Usually, if I simply do it again the request goes through.
I removed the VerifyCsrfToken middleware from Kernel.php and also added the API route to the exceptions so I don't think that's the problem.
The frequency the error appears seems to change from network to network, meaning when connected to certain networks it almost never happens while sometimes it's constant.
I honestly have no idea why this happens.
My problem was in PROJECTDIR/vendor/lcobucci/jwt/src/Signer/Rsa.php.
Here an openssl function (openssl_get_publickey) sometimes returns something wrong despite the certificate being valid.
I did not manage to find a real solution.
My hack for now is simply changing the code to always return 1.
This does not change the way the token auth works but removes the Rsa check and the 401 errors caused by such malfunction.
I am trying to learn how to send emails using Mailgun in Laravel. When I try to send the email I get a timeout that says: Maximum execution time of 60 seconds exceeded
The application times out here:
$line = fgets($this->_out);
I have a route that activates when I click a button on my email page:
Route::post('/email', 'MainController#sendEmail');
Here is my controller function (replaced my email for privacy reasons):
public function sendEmail() {
$data = [
'title'=>'Email'
];
Mail::send('emails.hello', $data, function($message) {
$message->from('example#gmail.com', 'Example Person');
$message->to('example#gmail.com')->subject('we made it');
});
return Redirect::to('/');
}
Any ideas on what I may do be doing wrong?
This generally happens if the SMTP port used in the app/config/mail.php config file is not opened by your hosting provider. Please check and ask them to open the port. This should resolve the issue.
Sending emails through mailgun could not be simpler, just add the API package, publish and update the config and use the custom facade to send them (changing Mail::send() to Mailgun::send())
You can find the package here: http://packalyst.com/packages/package/vtalbot/mailgun
I know this doesn't really address the error your getting (would need more information to help with that), but using the package does simplify the whole thing!