e-Mail/account activation reports invalid/expired link/code #1631

fbender commented 2024年08月13日 18:33:17 +02:00

Comment

I've just signed up to Codeberg via Github auth in my macOS Safari private browsing window. The sign up flow ultimately had me input an email address and then asked to confirm via the link received via email within 3 hrs.

It took a few minutes (maybe 10 min?) for the mail to be received. Because I like it needlessly complicated, I found the mail on my phone (link preview is disabled) and sent the link to my Mac via AirDrop to open in Safari.

I was then greeted with an error message from Codeberg saying the link was invalid or expired (also after trying multiple different ways to open the link). Since this all happened within maybe 15-20 min max., the link should have been valid. I assume my phone did in fact not preview/prefetch the link before it was opened in my browser's window.

I've then tried to log in to my profile via Github, which was evidently successful. I don't see a way to confirm whether my email was successfully confirmed. Did I miss something?

If it was not confirmed: Is it possible that there's an (e.g. timing) issue with email link validation code?

If the email was confirmed without me ever seeing a success message (e.g. there was in fact a prefetch by my phone of some sort): Maybe it would be better to show a better error, or rather success message for more-or-less-recent validation codes that were registered as successful? E.g. "The confirmation was already successful, please continue to login." or similar.

Or maybe it's something weird involving the register/login-with-Github flow, or the fact that it's Safari or a private browsing session?

### Comment I've just signed up to Codeberg via Github auth in my macOS Safari private browsing window. The sign up flow ultimately had me input an email address and then asked to confirm via the link received via email within 3 hrs. It took a few minutes (maybe 10 min?) for the mail to be received. Because I like it needlessly complicated, I found the mail on my phone (link preview is disabled) and sent the link to my Mac via AirDrop to open in Safari. I was then greeted with an error message from Codeberg saying the link was invalid or expired (also after trying multiple different ways to open the link). Since this all happened within maybe 15-20 min max., the link should have been valid. I assume my phone did in fact not preview/prefetch the link before it was opened in my browser's window. I've then tried to log in to my profile via Github, which was evidently successful. I don't see a way to confirm whether my email was successfully confirmed. Did I miss something? If it was not confirmed: Is it possible that there's an (e.g. timing) issue with email link validation code? If the email was confirmed without me ever seeing a success message (e.g. there was in fact a prefetch by my phone of some sort): Maybe it would be better to show a better error, or rather success message for more-or-less-recent validation codes that were registered as successful? E.g. "The confirmation was already successful, please continue to login." or similar. Or maybe it's something weird involving the register/login-with-Github flow, or the fact that it's Safari or a private browsing session?

fnetX commented 2024年08月18日 14:17:21 +02:00

It looks like all your email addresses are actually activated. To me, this sounds like a bug (maybe it generates the activation email when there is no need to do this).

You don't have to worry, but I'll leave this open for further investigation.

It looks like all your email addresses are actually activated. To me, this sounds like a bug (maybe it generates the activation email when there is no need to do this). You don't have to worry, but I'll leave this open for further investigation.

ZealousCynic commented 2025年06月19日 17:31:36 +02:00

Facing something that sounds quite similar.

I get the activation email, get to a page with a Password prompt and a confirmation button. On clicking the button I'm hit with a 500 Internal Server Error.

As far as I can see, in my case the activation actually does fail.

Facing something that sounds quite similar. I get the activation email, get to a page with a Password prompt and a confirmation button. On clicking the button I'm hit with a 500 Internal Server Error. As far as I can see, in my case the activation actually does fail.

fnetX commented 2025年06月23日 16:42:40 +02:00

We have observed this becoming an increasing pattern, indeed. My no-background-suspicion would be a deadlock or some other issue while actually writing to the email address. So the user account is marked as activated, and works afterwards. But the actual email is not marked as activated.

@ashimokawa Can you try to find the cause for this?

We have observed this becoming an increasing pattern, indeed. My no-background-suspicion would be a deadlock or some other issue while actually writing to the email address. So the user account is marked as activated, and works afterwards. But the actual email is not marked as activated. @ashimokawa Can you try to find the cause for this?

ZealousCynic commented 2025年06月23日 16:50:38 +02:00

@fnetX wrote in #1631 (comment):

We have observed this becoming an increasing pattern, indeed. My no-background-suspicion would be a deadlock or some other issue while actually writing to the email address. So the user account is marked as activated, and works afterwards. But the actual email is not marked as activated.

@ashimokawa Can you try to find the cause for this?

I've opened a separate ticket for the issue here:

#1992

Sorry for the duplication.

@fnetX wrote in https://codeberg.org/Codeberg/Community/issues/1631#issuecomment-5537018: > We have observed this becoming an increasing pattern, indeed. My no-background-suspicion would be a deadlock or some other issue while actually writing to the email address. So the user account is marked as activated, and works afterwards. But the actual email is not marked as activated. > > @ashimokawa Can you try to find the cause for this? I've opened a separate ticket for the issue here: https://codeberg.org/Codeberg/Community/issues/1992 Sorry for the duplication.

ashimokawa commented 2025年06月23日 22:34:15 +02:00

@fnetX wrote in #1631 (comment):

We have observed this becoming an increasing pattern, indeed. My no-background-suspicion would be a deadlock or some other issue while actually writing to the email address. So the user account is marked as activated, and works afterwards. But the actual email is not marked as activated.

@ashimokawa Can you try to find the cause for this?

Yes, I will investigate.

This does indeed happen often it seems.

@fnetX wrote in https://codeberg.org/Codeberg/Community/issues/1631#issuecomment-5537018: > We have observed this becoming an increasing pattern, indeed. My no-background-suspicion would be a deadlock or some other issue while actually writing to the email address. So the user account is marked as activated, and works afterwards. But the actual email is not marked as activated. > > @ashimokawa Can you try to find the cause for this? Yes, I will investigate. This does indeed happen often it seems.

fnetX commented 2025年06月30日 01:13:34 +02:00

FYi, another issue regarding email was traced back to a problem with capital letters in email addresses. Only lower-case emails seem to work right now. @fbender can you check if this also addresses your issue?

FYi, another issue regarding email was traced back to a problem with capital letters in email addresses. Only lower-case emails seem to work right now. @fbender can you check if this also addresses your issue?

ashimokawa commented 2025年07月02日 13:36:13 +02:00

This issue says they got an expired link code error.
I tried to reproduce this many times and failed.

@fbender
Then this issue also talks about github.com login.

Did you register another account using github and that worked?
also it should be possible to open the same link multiple times.
So prefetching should not be an issue...

This issue says they got an expired link code error. I tried to reproduce this many times and failed. @fbender Then this issue also talks about github.com login. Did you register another account using github and that worked? also it should be possible to open the same link multiple times. So prefetching should not be an issue...

fnetX commented 2025年07月02日 23:00:06 +02:00

I understand the original issue that it is specific to registering via GitHub.

I understand the original issue that it is specific to registering via GitHub.