powered by Jive Software

Registration verify by email


#1

Hello guys,

im developing an xmpp app for iOS bound to my openfire server. It is already running perfectly, even the user registration, BUT i really couldn’t find a way to let new users verify their account with an email they receive before their account can go online. that can be a link with a token or just a code with 4 or 6 digits. Any possibilities for openfire?

And how do i prevent user registration with other clients or self-written bots?

I mentioned its for iOS, that means i don’t want users to register on any website or something, it has to be easy, open the app, register, get an email or sms with a code and continue in the app with login.

The funny thing: igniterealtime uses this function for their own user registrations? lol and in open fire its not possible?


#2

The funny thing: igniterealtime uses this function for their own user registrations? lol and in open fire its not possible?

The forums are completely unrelated to Openfire and other software provided here. Forums are made by a commercial firm - JiveSoftware. I’m not a developer, but it seems that adding an email confirmation for a web based service is much easier than integrating it with a different platform like xmpp is. Openfire and other software here are driven by a few volunteers, so do not expect ground braking features.


#3

I do understand that very well, but what i mean what openfire should do is really not that complicated. shoot an email with a random token, waiting for the new registered user to verify his access to this email. openfire is so great already, has so many functionalities, even clustering and ssl support, but what i need is really essential for a server like this. i am really surprised nobody ever asked for this function.


#4

I remember someone asking about it maybe once or twice, but it is not a common thing being asked here. If that sounds easy, then provide a patch Or find/hire Java developer to add such thing. Clustering base has been added by JiveSoftware as a commercial plugin when they were still owning Openfire (open sourced since). A few devoted users have customized it to use free Hazelcast solution instead of commercial base. SSL is pretty much standard everywhere today and it has been added by JiveSoftware also. Of course, a few developers today are tinkering and updating it. But again, they are interested in that feature for their businesses/needs. If no developer is interested in email confirmation feature, it will never be implemented. No matter how easy or hard it is.

Now about the feature itself. You probably know that Openfire can’t shoot emails just like that. Yes, there is Email settings and you can provide a SMTP server configuration there. So, you will need a SMTP server for that and one with good reputation (spf, etc.) so spam filters of your users won’t filter its messages. Then the url link in such email. It should lead to some web service. In case of the forums this is rather simple. As web service is working directly with forums database, so it can update it when a user opens a link and it detects that. Web service can’t have a direct access to Openfire’s database. There is a Registration plugin for Openfire, which provides web registration form, which talks to Openfire via jsp pages (forms). I’m not a developer, so i’m not sure how it works exactly. There is also REST API plugin which can operate with Openfire via url commands. So combination of those two can be used for this probably. Though i don’t like the idea of exposing Openfire’s internal Jetty web service to the Internet (it is updated not so often and Admin Console itself has various security vulnerabilities).

Here, i have filed a ticket for this, but as i’ve said, with no interest from the developers (i mean not just ones working with Openfire, but globally) it won’t get anywhere OF-1276