We used cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it. What For?

« Back to Blogs

Auto Login on Email Verification Liferay

It is now a common practice to verify the user’s email address at the time of account creation in any portal or the site. Liferay also provides email verification out of the box once the account is successfully created.

 

All you have to do is configure the following mail properties and account verification property in the portal-ext.properties file. Do not forget to restart the Liferay, if you put these properties in portal-ext.properties file:

 

To configure the mail:

mail.session.mail.smtp.auth=true
mail.session.mail.smtp.host=smtp.gmail.com
mail.session.mail.smtp.password=*******
mail.session.mail.smtp.port=465
mail.session.mail.smtp.user=EMAIL_ID
mail.session.mail.smtp.starttls.enable=true
mail.session.mail.transport.protocol=smtp
mail.session.mail.smtp.socketFactory.class=javax.net.ssl.SSLSocketFactory

 

To configure account verification:

company.security.strangers.verify=true

 

A verification link is sent to the email address entered at time of registration process. When the user clicks on the verification link, an account is verified and user is asked to login again to the portal.

There might be a requirement to automatically login the user when the verification link is clicked instead of forcing the user to login again. It is obvious that security vs user convenience is always debatable in such cases. I am just explaining here how to login the user automatically when the verification link is clicked after user is successfully verified.

You should implement such feature based on your requirement considering all the use cases.

To implement this scenario, we can use a Hook plugin. We need to override a struts action for this. You should be familiar with the process of overriding the struts action. If not, you can visit this link .

1. Override the email verification Struts action. Add following in liferay-hook.xml file

 

<struts-action>
      <struts-action-path>/portal/verify_email_address</struts-action-path>
      <struts-action-impl>com.surekhatech.hook.CustomEmailVerificationAction</struts-action-impl>
</struts-action>

 

2. In the CustomEmailVerificationAction class, extend the BaseStrutsAction class.

 

3. Add following code in the execute method.

 

@Override 
public String execute(StrutsAction originalStrutsAction, HttpServletRequest request, HttpServletResponse response) throws Exception {  
		   
	String responseFromSuperMehtod;
	String cmd = ParamUtil.getString(request, Constants.CMD);
	String ticketKey = ParamUtil.getString(request, "ticketKey");

	if (cmd.equals(Constants.UPDATE) && !ticketKey.isEmpty()) {
			Ticket ticket = null;
			User user = null;
			try{
				ticket = TicketLocalServiceUtil.getTicket(ticketKey);
				} catch(NoSuchTicketException e){
					// process the exception as per your need
			}
				
		responseFromSuperMehtod = originalStrutsAction.execute(request, response);
				
		if(ticket != null){
			user = UserLocalServiceUtil.fetchUserById(ticket.getClassPK());
					if(user.isEmailAddressVerified()){
						login(user,request);
					}
				}
			}
			
			else{
				responseFromSuperMehtod = originalStrutsAction.execute(request, response);
			}
			
			return responseFromSuperMehtod;
		}

 

4. Add login method for logging in the user automatically.

 

public static void login(User user, HttpServletRequest request) throws Exception {

    String username = String.valueOf(user.getUserId());
    String password = user.getPassword();
              
    HttpSession session = request.getSession();
    session.setAttribute("j_username", username);
    session.setAttribute("j_password", password);
    session.setAttribute("j_remoteuser", username);
}

 

 

5. Deploy the hook.

 

6. Create a new account. It will generate the email verification link. Click on the link you receive in email account and you will find yourself directly logged into Liferay.

 

No need to enter the credentials again..!!

 

For reference, please refer CustomEmailVerificationAction.java file attched at the end of the blog.

 

Attachment:

CustomEmailVerificationAction.java

For any query or implementation details, you may contact us at [email protected]

contact-us Request a callback WhatsApp