How do I create an iOS app with email verification for signup?

Question

You would think that people would have answered this questions dozens or even hundreds of times, but to my surprise it seems that people perhaps are not interested in this in iOS development?

I am creating an app (Xcode, Swift 4) that is going to require people to login. The credentials once they are verified are going to be stored in a database of sorts, but before the account exists users must sign up. The registration process is supposed to consist of an email verification and later a phone number verification.

How can I verify someone's email address using a confirmation email sent from the app or some server attached to the app? I specifically do not want to use outside libraries such as Parse or Firebase that I have found online. If there is a library in the Apple Dev API that I am missing I would greatly appreciate a nudge in the right direction.

Thank you to anyone who can help me out.

Answer 1

You can't programmatically send an email on behalf of the user, using user's credentials and targeting user's SMTP server choice. Even if you figured out a trick to it, Apple would never allow it in the App Store due to user privacy & security risks.

You could try putting an entire stack of code into your app to communicate with your own SMTP server, using hardcoded credentials in your app, but to do so securely is a lot of work, and I suspect it'd be a lot of work in general.

Your best bet is to just have your app communicate (NSURLSession) with your server to send up user's registration info and have the server then do whatever it needs, including emailing the user a confirmation email.

These tutorials may help you:

• iOS Registration Form Example using PHP and MySQL
• User login and register/sign up example using Swift on iOS.

As for how to have your server send a text message, see this SO answer

Answer 2

(Assuming you have some type of server management knowledge) yes you don't need to Firebase or Parse to achieve that but it's pain free :(

Do you want a Server or (Google Cloud Functions or AWS Lambda)?

(Keep in mind that your app 'd need to talk to each choice via HTTP or HTTPS request).

(you can get that VM anywhere AWS EC2, Google Cloud VM, Digital Ocean)

Let's start with the server, you need to create some REST API and running it from a specific port 80 or 443(secured one). Instead of learning a new language, you can use Swift (look at library such as Vapor that would help create that rest api, or check for other library).

**if you are not using swift, then use javascript (Node.js library such as Express would help you create that api) **

Email or Phone Verification Logic (server side, your api has a specific route that handles verification):

(look for library that let's send email on the server side. )

• in this route/path you'd receive from your app a Dictionary that contains an email or phone number
• compute some random number
• 2 cases here: (email) send an email to the user's email with a message body containing that random code. (phone number) you using Twillio api to send code via text message.

• To end your api route/path's response, send this random code to app ( cache it into UserDefault or whatever you preferred, because when the user inputs the received code, you need to verify it (since the code generated from server side is cached, I mean now you get the gist )

  Managing that VM:

• keep vm port lock from the outside meaning firewall

• you need to update the system
• what if your system reboots (what happens to your api)

• what if you get a lot of requests at once (you should have load balancing))

  Cloud functions or AWS Lambda (ELB + Api Gateway + Lambda instead):

• no need to manage a server

• can't use swift, you'd need to learn javascript or python
• same Verification logic applies here

To secure connection between from your app to your api, look at JWT Token, you need to make sure nobody else can't access any routes from your api