Hi anyone help me?
I integrate email verification ...
# talk-kratosf
fierce-toothbrush-41957
12/01/2022, 1:31 PMHi anyone help me?
I integrate email verification with one-time password, so I need to render ui for user to enter the code which he received via verification email
But after signup, it send verification email automatically, so I don't have flow id for verification flow after signup and cannot get verification flow
How can I get verification flow id after signup?
b
bland-eye-99092
12/01/2022, 1:43 PMHi, this is not possible yet.
The intention is that there is a link in the email that the user clicks. But it might be a good idea to show the verification flow right after the sign up. Feel free to create an issue. 🙂
f
fierce-toothbrush-41957
12/01/2022, 1:45 PMThanks for your reply
fierce-toothbrush-41957
12/01/2022, 1:46 PMThen, how can users enter the code with one-time password?
b
bland-eye-99092
12/01/2022, 1:46 PMThey click on the link and it’s prefilled in the resulting form.
Users can also initiate a new verification flow where they are shown the form immediately.
f
fierce-toothbrush-41957
12/01/2022, 1:48 PMI see, thanks for your help
fierce-toothbrush-41957
12/01/2022, 1:48 PMLet me try again
fierce-toothbrush-41957
12/01/2022, 1:56 PMSo without clicking the link, he can not verify account even with one-time password?
He cannot verify account just entering the code?
b
bland-eye-99092
12/01/2022, 2:11 PMThe code is part of the link. But other than that, no, there is no way for the user to enter the code from a registration. But as I said, we will probably change that.
f
fierce-toothbrush-41957
12/01/2022, 2:24 PMJust tried to click the link
Copy code
/self-service/verification?code=544477&flow=e990ba03-3de1-4c6f-8ac5-feb8d7a9e336fierce-toothbrush-41957
12/01/2022, 2:24 PMBut doesn't work verification
b
bland-eye-99092
12/01/2022, 2:25 PMDid you click “Submit” in the form that’s shown when accessing the link?
f
fierce-toothbrush-41957
12/01/2022, 2:27 PMNo, I didn't even render the form after click the link
fierce-toothbrush-41957
12/01/2022, 2:27 PMWith flow id, I should get verification flow and render the form with the nodes, right?
b
bland-eye-99092
12/01/2022, 2:27 PMYes, that’s correct.
f
fierce-toothbrush-41957
12/01/2022, 2:28 PMBut I cannot get verification flow with the id
fierce-toothbrush-41957
12/01/2022, 2:30 PMI get csrf token error
b
bland-eye-99092
12/01/2022, 2:31 PMCan you post the error, please?
f
fierce-toothbrush-41957
12/01/2022, 2:32 PM Copy code
{
"error": {
"id": "security_csrf_violation",
"code": 403,
"status": "Forbidden",
"request": "de4f7227-b1fc-9c65-b354-3914d2156bd7",
"reason": "Please retry the flow and optionally clear your cookies. The request was rejected to protect you from Cross-Site-Request-Forgery (CSRF) which could cause account takeover, leaking personal information, and other serious security issues.",
"details": {
"docs": "<https://www.ory.sh/kratos/docs/debug/csrf>",
"hint": "The anti-CSRF cookie was found but the CSRF token was not included in the HTTP request body (csrf_token) nor in the HTTP Header (X-CSRF-Token).",
"reject_reason": "The HTTP Cookie Header was set and a CSRF token was sent but they do not match. We recommend deleting all cookies for this domain and retrying the flow."
},
"message": "the request was rejected to protect you from Cross-Site-Request-Forgery"
}
}b
bland-eye-99092
12/01/2022, 2:36 PMPlease try clearing your cookies. See also https://www.ory.sh/docs/kratos/debug/csrf
19 Views