How to send email confirmation from authenticated user to anonymous user

Created on 11 January 2024, 12 months ago
Updated 25 January 2024, 11 months ago

Problem/Motivation

I am trying to send a confirmation link from a authenticated account for confirmation of an anonymous user. As expected, the anonymous user gets a 403 error when trying to access the link.

The authenticated account is actually an API method that I have created, and it's trying to confirm the authenticity of the email address before allowing access.

According to this post, https://www.drupal.org/project/email_confirmer/issues/3019765#comment-12... β†’ , I should be able to do it like this:

/**
 * Implements hook_ENTITY_TYPE_presave().
 */
function mycustommodule_email_confirmer_confirmation_presave(Drupal\Core\Entity\EntityInterface $entity) {
  /** @var \Drupal\email_confirmer\Entity\EmailConfirmation $entity */
  if ($entity->getRealm() == 'email_confirmer_user') {
    $entity->setPrivate(FALSE);
  }
}

But this does not work at all.

Steps to reproduce

Created a REST API method which is accessed using an api-key. That api-key loads the API user I use to manage verification of API calls. One verification step is to make sure the email address submitted is confirmed. Trying to use email confirmer to do this, but every time it sends a link, the anonymous user gets a 403 error when trying to access it.

My understanding is that this fails because an authenticated account cannot send a confirmation link to an anonymous account. The solution, as presented above, was to set the privacy status of the $entity to FALSE.

I tried to resolve the situation with this code:

function solrai_email_confirmer_confirmation_presave(Drupal\Core\Entity\EntityInterface $entity) {
  // Ensure this is an EmailConfirmation entity.
  if ($entity instanceof \Drupal\email_confirmer\Entity\EmailConfirmation) {
    // Get the current user.
    $currentUser = \Drupal::currentUser();

    // Check if the current user's username is 'api'.
    if ($currentUser->getAccountName() === 'api') {
      // Set the privacy status of the entity.
      $entity->setPrivate(FALSE);

      // Optional: Log this action for debugging.
      $logger = \Drupal::service('logger.factory')->get('solrai');
      $logger->debug('Email confirmer privacy status set to FALSE for user api');
    }
  }
}

However, anonymous users still get 403 errors when following the returned links.

How to resolve?

Proposed resolution

I just need to know the correct method to accomplish this task.

πŸ’¬ Support request
Status

Fixed

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States somebodysysop

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Production build 0.71.5 2024