Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By neerajsingh on
I am facing an issue with "one time login URL" on one of my Drupal site. When I try to access the "one time login URL" from my mail, it says.. it is been already used, i.e.
You have tried to use a one-time login link that has either been used or is no longer valid. Please request a new one using the form below.
But, I have not tried accessing it before.
After analysis I found that, my Inbox tries to fetch a preview of the link(one time login URL) present in the mail body. And hence the bot from my mail server accesses this URL before I can use it to reset my password.
As a work around I have marked the domain of my site as not safe(Spam), in turn my mail box is not crawling the "one time login URL", and hence I am able to reset my password.
What would be a better way to handle this situation, how can I restrict this default crawling from my Drupal application?
Comments
Disable link preview
Instead of marking the sender site as spam, user can opt out from "link preview" in the mailbox settings. It works!!!
disable link preview
Instead of marking the sender site as spam, user can opt out from "link preview" in the mailbox settings. It works!!!
Looking for a Drupal solution
Thanks sanghamitra.swain, This trick works fine..!!
But am looking for a solution that can be integrated at Drupal application, so that my application users need not make any changes at their end(on their mail box).
Using drush
Have you already tried using drush ?
drush uliLike : http://www.drupal8.ovh/en/tutoriels/98/useful-drush-commands
Yes.
Yes, NuWans.. I have tried Drush..
I am getting a valid "one time login URL", but once this URL is sent via mail and lands on the users' mailbox; the mail server crawls this URL to get a preview of the same, which in turns makes the URL invalid, when the user tries to use it.
send the url with anchor tag
Instead of sending the one-time login link directly in the email body, it can be inserted as anchor tag, something like this:
<a href="[user:one-time-direct-login-url]">click here to reset your password</a>This will prevent the crawling of the url by the mail server. This change can be done in "account settings" inside drupal application or custom email template (if used).
Perfect..!!
Thanks a ton @sanghamitra.swain,
This solution works perfectly fine for me.!!
Also tested on google mail server(Gmail) and Microsoft mail server(Outlook/live/hotmail).