Front end login code not being sent via Mailjet

The CMS Questions
1

I have setup a front end registration using the cookbook guide with the password and code auth methods.

However the email with the code in it to login with never arrives. Locally i can trap it using Mailhog and see the code and login that way, but on the test server and using Mailjet for SMPT (verified the API connection works via https://smtpdebug.com/).

No matter what i try, the email with the login code never arrives, i cant see any errors at all.

Here is my entire controller..

<?php

use Kirby\Cms\Auth\Status;
use Kirby\Exception\PermissionException;
use Kirby\Toolkit\V;

return function ($page, $pages, $kirby, $site) {

    // SEO
    $seo = $kirby->controller('seo', compact('page', 'site', 'kirby'));

    // Override Meta Title
    $metatitle = $page->title() . ' | ' . $site->title();
    $sm = $page->shareimage()->toFile();
    $metaimage = $sm ? $sm->crop(1200, 630)->url() : url('assets/images/social.webp');
    // Login

    // send already logged-in user somewhere else
    $error = null;

    // get authentication status
    $status = $kirby->auth()->status();

    // user is already logged in, send them elsewhere
    if ($status->status() === 'active') {
        go('home');
    }

    // form is submitted
    if (get('login') && $kirby->request()->is('POST') ) {
        // check CSRF token
        if (csrf(get('csrf')) === true) {

            // if we get an email address, we send an authentication challenge
            if (get('email')) {
                $email = get('email');
                if (V::email($email)) {
                    try {
                        $status = $kirby->auth()->createChallenge($email, false, 'login');
                    } catch (PermissionException $e) {
                        $error = $e->getMessage();
                    }
                } else {
                    $error = 'Please provide a valid email address';
                }

            // if we get a code, we validate the code
            } elseif (get('code')) {
                $code = get('code');
                try {
                    // if successful, the user will be logged in
                    // `verifyChallenge()` either returns a user or throws an exception
                    $user = $kirby->auth()->verifyChallenge($code);
                    // if the user is logged-in, redirect them
                    if ($user) {
                        go('hone');
                    }
                } catch (Exception $e) {
                    $error = $e->getMessage();
                    // set new status object with inactive status
                    $status = new Status([
                        'kirby' => $kirby,
                        'status' => 'inactive'
                    ]);
                }
            }

        } else {
            $error = 'Invalid CSRF token';
        }
    }

    $loginform = [
        'email'  => $email ?? '',
        'error'  => $error,
        'status' => $status->status(),
    ];
    // Pass on data...
    $pagedata = compact('metatitle', 'metaimage');

    return array_merge($seo, $pagedata, $loginform);
};
``
2

Still trying to get to the bottom of this one. I have checked the server can reach the port at Mailjet,just cant understand why the email with the login code never arrives.

Hoping someone has an idea here :slight_smile:

3

I have just solved this, and it turned out to be something unbelivably silly, and would have saved hours of debugging had Mailjet mentioned it in the guide for the SMTP relay.

I will leave this here for anyone else who needs this…

What was missing was that you need to verify the email used to send the login codes via the Mailjet dashboard. So given the following email transport settings in the kirby config.php file using the Mailjet API keys..

'email' => [
  'transport' => [
    'type' => 'smtp',
    'host' => 'in-v3.mailjet.com',
    'port' => 587,
    'security' => 'tls',
    'auth' => true,
    'username' => MAILJET_PUBLIC_KEY,
    'password' => MAILJET_PRIVATE_KEY,

  ],
],

The crucial bit is this - Kirby by defualt will use the email address noreply@yourdomain.com as the sender for the login codes when you do a front end login or panel login via access code.

Before it will actually send anything you need to go into your Mailjet dashboard under “Domains and senders” and verify the email address noreply@yourdomain.com as an allowed sender. That means setting up that mailbox on your hosting because Mailjet will send a verfication email. Once you click the link in that email, then registration emails will send just fine.

4

Thanks for sharing the solution! There’s also a config option if you would prefer a different sender email address: auth | Kirby CMS

5

Ahh thanks @distantnative i had a feeling that was something that probably be altered :slight_smile: