Redirecting after email verification

[MarcoWilliamsPF]

Description

As a developer, I would like to be able to control where the page navigates to after a user verify's their email address.

Optionally wanted: Event to override from a plugin that would allow me to set the redirect.

Steps to reproduce

1. Enable Verification emails from the CP, or make sure they are enabled.
2. Register as a new user
3. Receive verification email and click on the link.
4. it is forced to redirect to admin/login (CP/Root)

Code POI

UserController -> actionVerifyEmail

Only Redirects if the request accepts JSON

Content Types of the request when activation link is clicked.

Therefore the following is never called, resulting in null returning from the method.
return $this->_redirectUserAfterAccountActivation($user);

Solutions

I'm not 100% what the proper fix is for this issue. There is not a situation where you can set the content type for "application/json" in which it expects.

I have replaced the return of UserController -> actionVerifyEmail to the following
return $this->redirectToPostedUrl();

And I am overriding the 'redirect' in body params in the EVENT_AFTER_ACTIVATE_USER event from my plugin.

However, there is probably a more elegant solution.

Additional info

• Craft version: 3.0.0-beta.26
• PHP version: 7.1.x

[brandonkelly]

This is what the activateAccountSuccessPath config setting is for.

[romainpoirier]

@brandonkelly, sorry to re-open the discussion, but still today (Craft CMS 3.1.19), the activateAccountSuccessPath config setting seems to only works after an account creation but not on email change (which still redirect to siteUrl instead). It would be also very useful to be able to customized this setting in this case.

[brandonkelly]

@romainpoirier Good point!

So currently activateAccountSuccessPath comes into play when:

• A user has registered an account on the front-end, on a site where “Verify email addresses?” is disabled and “Allow public registration?” is enabled (so their account gets activated immediately).
• A user has verified their email address for a previously-inactive account, thus activating their account, on a site where “Verify email addresses?” is enabled.

Verifying a new email address for an already-active account isn’t quite the same thing as verifying an email for a previously-inactive account, and I imagine some people will want that to redirect to a different page than the one that newly-activated users are sent to, so I think it warrants a new config setting.

[brandonkelly]

A new verifyEmailSuccessPath config setting has been added for the next release!

[romainpoirier]

@brandonkelly, sorry to re-open the discussion, but after defined verifyEmailSuccessPath, when the confirmation email is sent:

1. On first click, this works, and the redirect happens;
2. On following clicks, the redirect doesn't work anymore, and the error bellow happens;

[-][50592][-][warning][craft\services\Users::isVerificationCodeValidForUser] The verification code (jAPyb3OmIIUR2HEWvV1vz9izo48XsJnM) given for userId: 50592 does not match the hash in the database.
[-][50592][-][info][application] $_GET = [
    'p' => 'fr/actions/users/verify-email'
    'code' => 'jAPyb3OmIIUR2HEWvV1vz9izo48XsJnM'
    'id' => '023a4f1f-e598-4c6e-9646-2ee52c4a82da'
]

Is it normal? If not, how to prevent this?

In my case, a lot of users are registrating and keep their confirmation email in their email box as a reference for later. The confirmation link in this email is a starting point for a lot of them.

[brandonkelly]

@romainpoirier I took a close look at how email verification requests are handled today and determined there were a couple bugs with the current behavior. The user is supposed to be redirected based on your invalidUserTokenPath config setting, however that wasn’t happening if it was set to an empty string (as it is by default), which is supposed to represent the homepage.

We just released 3.3.3 which fixes that, so now invalidUserTokenPath is always taken into account for front-end users.

[yellostudio]

@brandonkelly is there any way of generating the activateAccountSuccessPath dynamically for each user? Or is it just a static path?

[brandonkelly]

It’s static, but you could potentially set it to the URL of a template that redirects them again based on the user account, via the {% redirect %} tag.