Flask Email verification

Email verification

We all know that email-verification plays a significant role in today's world for security reasons. In the process of email verification, a random number, text, and combination of both sent to the user mail id. This verification code sometimes also comes with the time limit, which is mostly in between 5-15 minutes only. After that period of time, code gets expired, and the web application also denies to accept that code. To complete the verification, the user has to start the process of confirmation again by requesting the new one verification code, or we can call it  “one-time password.”  Nowadays, several websites use the mobile number in the place of mail id and also use both them as an alternate of each other.

Example

In this example, there are three files. Two of them are html files, and they must be saved in the template folder. The main python script file is saved in the root folder.

  1. Homepage.html
<!DOCTYPE html>  
 <html>  
 <head>  
     <title>index</title>  
 </head>  
 <body>   
 <form action = "http://localhost:5000/verify" method = "POST">  
 Email address: <input type="email" name="email">  
 <input type = "submit" value="Submit">  
 </form>  
 </body>  
 </html> 
  • Verify.html
<!DOCTYPE html>
 <html>  
 <head>  
     <title>OTP Verification</title>  
 </head>  
   <body>  
  <form action = "/validate" method="post">   
 <h4> OTP has been sent to the email id. Please check the email for the confirmation.</h4>  
 Enter OTP(One-time password): <input type="text" name="otp">  
 <input type="submit" value="Submit">  
 </form>  
 </body>  
 </html>   
  • Mail.py
from flask import *  
 from flask_mail import *  
 from random import *  
 app = Flask(__name__)  
 mail = Mail(app)  
 app.config["MAIL_SERVER"]='smtp.gmail.com'  
 app.config["MAIL_PORT"] = 465      
 app.config["MAIL_USERNAME"] = '[email protected]'  
 app.config['MAIL_PASSWORD'] = '*************'  
 app.config['MAIL_USE_TLS'] = False  
 app.config['MAIL_USE_SSL'] = True  
 mail = Mail(app)  
 otp = randint(000000,999999)   
 @app.route('/')  
 def index():  
 return render_template("homepage.html")  
 @app.route('/verify',methods = ["POST"])  
 def verify():  
 email = request.form["email"]   
 msg = Message('OTP',sender = '[email protected]', recipients = [email])  
 msg.body = str(otp)  
 mail.send(msg)  
 return render_template('verify.html')  
 @app.route('/validate',methods=["POST"])   
 def validate():  
 user_otp = request.form['otp']  
 if otp == int(user_otp):  
 return "<h3> Email  verification is  successful </h3>"  
 return "<h3>failure, OTP does not match</h3>"   
 if __name__ == '__main__':  
 app.run(debug = True) 

Output

The above script displays a prompt to the user to enter the e-mail id for sending the mail containing the one-time password(OTP), as shown below.

Flask Email verification

After clicking on the submit button, another template is displayed that asks for the one time password that comes in the received mail. Enter the one-time password, as shown below.

Flask Email verification

In the background, the validate() function compares the user-entered password or OTP with the password that was randomly generated and mailed to the user. If both the password are matched, then a message of  “success" is displayed to the user.