Sign in attempt blocked by Google while using Gmail to send verification emails

[ashar-7]

Describe the bug
Google doesn't allow sign from the app for sending verification emails due to "less secure sign-in technology".

Solution
Turning on less secure apps access solves this issue. This problem may occur while using other email providers too. So it would be great to have some documentation to help new users.

To Reproduce
Steps to reproduce the behavior:

1. Use a Gmail account as the verification email sender (make sure less secure apps access is turned off)
2. Register a new user (or resend a verification email) in the app
3. You'll get an internal server error response in the app and a critical security alert in Gmail.

Screenshots

[sara-02]

Just adding a note, this option to turn on the less secure apps is not available if you have enabled 2-step verification on Google. So one will have to disbale that first and then enbale the less secure app feature.

Quick update: Had to generate and add app password as a workaround.

[sara-02]

Should get fixed by documenting a temporary email via this issue: #233

[isabelcosta]

we should document this in a markdown file I think 🤔 and then also have this in the Wiki, for troubleshooting purposes

[sumit-badsara]

@isabelcosta @sara-02 We also have another another option which is much better and safer.

We can just go to Gmail and enable 2 step verification, and then go to App Passwords and generate a password for Mail app. Using that, even your email is secure and you don't need to configure anything else.

Reference : https://support.google.com/accounts/answer/185833?hl=en

I can create a PR regrading that in case you need it (We can add that in readme I guess 🤔 )

[sara-02]

@BadduCoder I did the same. But something did not work, I finally had to switch off the 2 step Auth.
Do look into it and see if these steps work as expected.

[sumit-badsara]

@sara-02 could you tell me what error are you getting and what steps have you followed ?

[mtreacy002]

@BadduCoder I did the same. But something did not work, I finally had to switch off the 2 step Auth.
Do look into it and see if these steps work as expected.

@sara-02, I had this issue as well (#461) and switching 'OFF' 2 step verification and switch 'ON' Less secure app access fixed it for me. But I noticed you mentioned this already been done in your previous post.

[sumit-badsara]

Ohkay!
@mtreacy002 just try this once and tell me if this works:

1. Go to https://myaccount.google.com/
2. Go to Security
3. Turn on 2-Step Verification
4. Come back to Settings
5. Go to App Passwords
6. Generate a new password (app: Mail, device:Any)
7. Copy that password and use it as password in .env file.

LESS SECURE APPS: OFF
2 FACTOR AUTH: ON

Just try this once and let me know the results.

[mtreacy002]

Thanks, @BadduCoder. I gave it a try as you suggested above, and it works!! 👍.

[isabelcosta]

@BadduCoder @mtreacy002 @sara-02 @ashar-7 I was thinking that there are some issues that could be documented in a doc as markdown file inside the docs folder. Something dedicated to troubleshooting some common problems developers face. I see this as one of them. I will create an issue for it.

[isabelcosta]

OMG I just found another little step that made this go away at least for my Heroku deployment. Its here: https://www.twilio.com/blog/2018/03/send-email-programmatically-with-gmail-python-and-flask.html 🙌

These 2 steps

[isabelcosta]

To fix the issue of the email internal server error, that i am getting from using a Gmail address to send email (caused by the security that Gmail provides), I will use another email.
I created a new email on https://www.mail.com/mail/

I am letting you know so you can also check this out for testing, I tested locally and so far, no issues. I will update the environment variables on Heroku app and hopefully this will be solved.
Here's the article I researched for Gmail alternatives: https://www.hongkiat.com/blog/gmail-alternatives/

Here's an example of how to set the env variables (if you are using https://www.mail.com/mail/):

MAIL_DEFAULT_SENDER=YOUR_MAIL_EMAIL
MAIL_SERVER='smtp.mail.com'
APP_MAIL_USERNAME='YOUR_MAIL_EMAIL'
APP_MAIL_PASSWORD='YOUR_MAIL_PASSWORD'

[mtreacy002]

Hi @isabelcosta, just curious, I can't reproduce the same error (internal server error) that caused by this Gmail blocking. I now need it to be blocked to test my #463 PR 🤣. I've posted a comment on that PR. And I also have pushed the changes requested by @ramitsawhney27 even though I couldn't test it coz that Gmail being so 'forgiving' to me... 😆.

[vj-codes]

@ashar-7 @isabelcosta closing since this issue cannot be reproduced by other new contributors