ambuda icon indicating copy to clipboard operation
ambuda copied to clipboard

Published 20 hours ago verified publisher icon ambuda-org

Require email confirmations for account sign ups

Open epicfaace opened this issue 3 years ago • 7 comments

For security

epicfaace avatar Aug 07 '22 03:08 epicfaace

Agreed -- I think to do this we need a mail server, and since sending emails is slow we need an async method for that as well. The best practice I've seen mentioned is to do all of this in Celery, which is the blocker. Once we have Celery in place, we can use something like Sendgrid's 100 emails/day free quota.

akprasad avatar Aug 08 '22 05:08 akprasad

If we use a service like Sendgrid, it should be fast enough (just an HTTP / API request) that we shouldn't need to use Celery.

epicfaace avatar Aug 08 '22 14:08 epicfaace

I had thought so as well, but with this simple test script it takes almost 4 seconds to create the Message object, before the message is actually sent. Not sure why:

# ambuda/mail.py
from flask_mail import Mail, Message

mailer = Mail()

# temp.py
from ambuda import create_app
from ambuda.mail import mailer
from flask_mail import Message

print("0")
app = create_app("development")
print("1")
mailer.init_app(app)

print("1.5")
with app.app_context():
    print("2")
    for i in range(10):
        msg = Message(
            "Twilio SendGrid Test Email", recipients=["<username>@gmail.com"]
        )
        print("3")
    msg.body = "This is a test email!"
    msg.html = "<p>This is a test email!</p>"

    print("4")
    mailer.send(msg)
    print("5")

# .env template
MAIL_SERVER="smtp.sendgrid.net"
MAIL_PORT=587
MAIL_USERNAME="apikey"
MAIL_PASSWORD="<sendgrid api key>"
MAIL_DEFAULT_SENDER="[email protected]"

akprasad avatar Aug 09 '22 01:08 akprasad

@akprasad maybe use another library instead of flask_mail? you could try just using the python email lib https://docs.python.org/3/library/email.examples.html

Note, also, that there are two ways to send mail using SendGrid: one using SMTP and another using an HTTP API. I'd guess both would be pretty fast though.

epicfaace avatar Aug 09 '22 14:08 epicfaace

I have some other things on my plate right now, but would love if you have the time and inclination to take a crack at it! 🙏

akprasad avatar Aug 09 '22 15:08 akprasad

Root cause is this line in the Message constructor:

self.msgId = make_msgid()

which calls:

    if domain is None:
        domain = socket.getfqdn()

which takes 5 seconds if the host name can't be resolved. Flask-Mail has no option to pass a manual domain. :(

I think I'll just use the Sendgrid API directly.

akprasad avatar Aug 13 '22 16:08 akprasad

Sendgrid API sounds good. However, to fix the issues with getfqdn -- maybe try switching DNS services to use 8.8.8.8? See https://stackoverflow.com/questions/16424621/pythons-email-sending-slow-only-on-certain-net-connections-getfqdn-takes-30-s

epicfaace avatar Aug 14 '22 03:08 epicfaace