⚠️ Require a pro account (needed to send email to users)
Create an http server, and wrap it in the emailAuth middleware.
Create valimport { emailAuth } from "https://www.val.town/v/pomdtr/email_auth"
export default emailAuth((req, ctx) => {
return new Response(`your mail is ${ctx.email}`);
});
When an user access the val, he will need to input his mail, then confirm it through a confirmation code.
You can limit how can access your vals through an allowList:
Create valimport { emailAuth } from "https://www.val.town/v/pomdtr/email_auth"
export default emailAuth((req, ctx) => {
return new Response(`your mail is ${ctx.email}`);
}, {
allowList: ["steve@val.town"]
});
If someone tries to access your val but is not in the allowlist, he will be blocked.
If you want to allow user to request for access, you can mix allowList
with allowSignup
:
Create valimport { emailAuth } from "https://www.val.town/v/pomdtr/email_auth"
export default emailAuth((req, ctx) => {
return new Response(`your mail is ${ctx.email}`);
}, {
allowList: ["steve@val.town"],
allowSignup: true
});
Each time a new user not present in the allowList try to login to a val, you will receive an email containing:
- the email of the user trying to log in
- the name of the val the he want to access
You can then just add the user to your whitelist to allow him in (and the user will not need to confirm his email again) !
If you don't want to put your email in clear text, you can just use an env variable:
Create valimport { emailAuth } from "https://www.val.town/v/pomdtr/email_auth"
export default emailAuth((req, ctx) => {
return new Response(`your mail is ${ctx.email}`);
}, {
allowList: [Deno.env.get("email")]
});
Or just setup a forward val (see @pomdtr/inbox):
Create valimport { emailAuth } from "https://www.val.town/v/pomdtr/email_auth"
export default emailAuth((req, ctx) => {
return new Response(`your mail is ${ctx.email}`);
}, {
allowList: ["pomdtr.inbox@valtown.email"]
});
- Add expiration for verification codes and session tokens
- use links instead of code for verification
- improve errors pages