Invalid Token

Question

Invalid Token

Opened this issue a year ago · 5 comments

I am using mail hog for email testing .
Email is sent successfully but when I click the link it says invalid token every time .

I have change token life time to 1 hour but still same issue .

Answer 1 · 2023-09-12T19:14:59.000Z

Hello, do you have any logs?

Answer 2 · 2023-09-13T08:15:01.000Z

Mail hog logs are :
Sending content: {
"ID": "9LAuukyHR6PkWiZ_PVMJxlinv8JtoyaehHppnno-XAA=@mailhog.example",
"From": {
"Relays": null,
"Mailbox": "noreply",
"Domain": "aliasaddress.com",
"Params": ""
},
"To": [
{
"Relays": null,
"Mailbox": "test",
"Domain": "gmail.com",
"Params": ""
}
],
"Content": {
"Headers": {
"Content-Type": [
"multipart/alternative; boundary="===============1339787043231239006==""
],
"Date": [
"Wed, 13 Sep 2023 08:02:00 -0000"
],
"From": [
"noreply@aliasaddress.com"
],
"LINK": [
" http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY"
],
"MIME-Version": [
"1.0"
],
"Message-ID": [
"\u003c169459212046.30276.13088278431826859422@Farhan-Pc\u003e"
],
"Received": [
"from Farhan-Pc by mailhog.example (MailHog)\r\n id 9LAuukyHR6PkWiZ_PVMJxlinv8JtoyaehHppnno-XAA=@mailhog.example; Wed, 13 Sep 2023 13:02:00 +0500"
],
"Return-Path": [
"\u003cnoreply@aliasaddress.com\u003e"
],
"Subject": [
"Confirm your email farhan"
],
"TOKEN": [
" eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY"
],
"To": [
"test@gmail.com"
]
},
"Body": "--===============1339787043231239006==\r\nContent-Type: text/plain; charset="utf-8"\r\nMIME-Version: 1.0\r\nContent-Transfer-Encoding: 7bit\r\n\r\nYou are almost there, farhan!\r\nPlease click the following link to confirm your account: http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\r\nThe token expires on 2:02 p.m.\r\n--===============1339787043231239006==\r\nContent-Type: text/html; charset="utf-8"\r\nMIME-Version: 1.0\r\nContent-Transfer-Encoding: 7bit\r\n\r\n\u003ch1\u003eYou are almost there, farhan!\u003c/h1\u003e\u003cbr\u003e\r\n\u003ch2\u003ePlease click \u003ca href="http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\"\u003ehere\u003c/a\u003e to confirm your account\u003c/h2\u003e\r\n\u003ch2\u003eThe token expires on 2:02 p.m.\u003c/h2\u003e\r\n--===============1339787043231239006==--",
"Size": 1663,
"MIME": null
},
"Created": "2023-09-13T13:02:00.4724129+05:00",
"MIME": {
"Parts": [
{
"Headers": {
"Content-Transfer-Encoding": [
"7bit"
],
"Content-Type": [
"text/plain; charset="utf-8""
],
"MIME-Version": [
"1.0"
]
},
"Body": "You are almost there, farhan!\r\nPlease click the following link to confirm your account: http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\r\nThe token expires on 2:02 p.m.",
"Size": 412,
"MIME": null
},
{
"Headers": {
"Content-Transfer-Encoding": [
"7bit"
],
"Content-Type": [
"text/html; charset="utf-8""
],
"MIME-Version": [
"1.0"
]
},
"Body": "\u003ch1\u003eYou are almost there, farhan!\u003c/h1\u003e\u003cbr\u003e\r\n\u003ch2\u003ePlease click \u003ca href="http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY"\u003ehere\u003c/a\u003e to confirm your account\u003c/h2\u003e\r\n\u003ch2\u003eThe token expires on 2:02 p.m.\u003c/h2\u003e",
"Size": 441,
"MIME": null
},
{
"Headers": {},
"Body": "--",
"Size": 2,
"MIME": null
}
]
},
"Raw": {
"From": "noreply@aliasaddress.com",
"To": [
"test@gmail.com"
],
"Data": "Content-Type: multipart/alternative;\r\n boundary="===============1339787043231239006=="\r\nMIME-Version: 1.0\r\nSubject: Confirm your email farhan\r\nFrom: noreply@aliasaddress.com\r\nTo: test@gmail.com\r\nDate: Wed, 13 Sep 2023 08:02:00 -0000\r\nMessage-ID: \u003c169459212046.30276.13088278431826859422@Farhan-Pc\u003e\r\nLINK: \r\n http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\r\nTOKEN: \r\n eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\r\n\r\n--===============1339787043231239006==\r\nContent-Type: text/plain; charset="utf-8"\r\nMIME-Version: 1.0\r\nContent-Transfer-Encoding: 7bit\r\n\r\nYou are almost there, farhan!\r\nPlease click the following link to confirm your account: http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\r\nThe token expires on 2:02 p.m.\r\n--===============1339787043231239006==\r\nContent-Type: text/html; charset="utf-8"\r\nMIME-Version: 1.0\r\nContent-Transfer-Encoding: 7bit\r\n\r\n\u003ch1\u003eYou are almost there, farhan!\u003c/h1\u003e\u003cbr\u003e\r\n\u003ch2\u003ePlease click \u003ca href="http://127.0.0.1:8085/email/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InRlc3RAZ21haWwuY29tIiwiZXhwIjoxNjk0NTk1NzIwLjQ1MDUwMywia2luZCI6Ik1BSUwifQ.j7ZA2yDzzoNi6699hTkmeMP7e_Dh31WZU3QiL8wfpHY\"\u003ehere\u003c/a\u003e to confirm your account\u003c/h2\u003e\r\n\u003ch2\u003eThe token expires on 2:02 p.m.\u003c/h2\u003e\r\n--===============1339787043231239006==--",
"Helo": "Farhan-Pc"
}
}

2023/09/13 13:02:00 [SMTP 127.0.0.1:61663] Session ended

On django site function is called when link is clicked :

this return invalid token every time . if we debug and see what is return by verify_token we get .

Answer 3 · 2023-09-15T10:07:39.000Z

Thanks, can you debug inside verify_token to see where it goes wrong?

Answer 4 · 2023-09-15T13:13:28.000Z

Yeah Sure.

Answer 5 · 2023-11-04T13:29:33.000Z

Faced same problem here.

In my case I fixed it by sending a datetime to send_email in the expiry parameter, so I call it this way:

expiry_date = datetime.datetime.now() + datetime.timedelta(hours=24)
send_email(instance, thread=False, expiry=expiry_date)

I tried forcing sending 86400 in the expiry parameter expecting token expiration date would be the next day but it appeared as epoch + 1 day.
Tested locally and in a prod environment, both with Python 3.11.

I would open a PR to create this timestamp inside send_inner, but preferred to discuss previously as I find it strange that this only fails this way to me.
Let me know and I can open it.