Generate verify account email token/key for testing verify-account request

[FelipeBodelon]

Hello,

I have been testing my app with rodauth functionality via requests. I recently delegated the whole "complete account registration" for the verify action. I want to test this verify-account action, but I can't figure out how to get access to the key param needed.

I've tried a number of approaches:
1.- From the example repo Getting the key from the sent email:
This approach is not working for me as I send a custom email with Sendgrid's SDK and templates, can't find a way to get the template data which contains the link (and the key).

2.- Using rodauth instance:

def verify_account_key(unverified_account_email)
  unverified_account = Account.find_by(email: unverified_account_email)
  rodauth = Rodauth::Rails.rodauth(account: unverified_account)
  
  unverified_account.verification_key.key # -> this returns the key correctly
  rodauth.verify_account_email_link # -> this returns the link with only the account ID as the key (ID_)
end

And the output:

"j25L-6zHsvxSc7wwv2xPjUhut4QztN0mzR3NaEABRgg"
"https://example.com/auth/verify-account?key=689_"

Is there way I could handle this? I can't think of any other rodauth methods available for getting the correct key.

[pboling]

I had the same exact question a few months ago. I'll see if I can find it.

[pboling]

Found it! #254 (comment)

[FelipeBodelon]

Thanks for your contribution! I guess you too went for a mail-checking solution, sadly unavailable for me.

I did solve it tho, by replicating the rodauth implementation on simple aux method. It isn't pretty but it works for me.

def verify_account_token(unverified_account_email)
    unverified_account = Account.find_by(email: unverified_account_email)
    token = transform_key_to_verification_token(unverified_account.verification_key.key)
    "#{unverified_account.id}_#{token}"
  end

  def transform_key_to_verification_token(key)
    hmac = OpenSSL::HMAC.digest(OpenSSL::Digest.new('SHA256'),  <SECRET>)
    s = [hmac].pack('m')
    s.chomp!("=\n")
    s.tr!('+/', '-_')
    s
  end

[janko]

You can set the @verify_account_key_value instance variable to the raw token, which the #verify_account_email_link method uses to append the token to the URL.

rodauth = Rodauth::Rails.rodauth(account: unverified_account)
rodauth.instance_variable_set(:@verify_account_key_value, unverified_account.verification_key.key)
rodauth.verify_account_email_link