Skip to main content

Voca defines SMTPs for Decidim.

Trying to use Decidim without the correct SMTP configurations can be a nightmare. Administrators rely on emails to accept invitations, and users need to confirm their email addresses, not to mention resetting passwords. Configuring SMTPs correctly is crucial.

To ensure that Decidim is set up with working SMTPs, we have implemented several strategies:

  1. Working default: In case anything goes wrong, all instances have SMTP credentials for the email address hello@voca.city. This default email configuration ensures that you won't start with a faulty SMTP configuration.
  2. SMTP confirmation flow: When a user adds custom SMTP values, we attempt to send an email from the specified SMTP server. This verifies that the configuration is correct.

SMTP confirmation flow:

The process is straightforward. We take the credentials provided by the user and use them to configure a node-mailer from the Strapi backend. Then, the backend sends an email to the user's account using these credentials. The email contains a confirmation link. Once the credentials are verified, we apply them to the Decidim instance.

To achieve this, we create a Strapi model called api::decidim::smtp-credential, which is linked to an instance model (api::decidim::instance). The smtp-credential model includes a syncedAt attribute. If the confirmation is not received, this attribute remains null. Once updated with a date, it triggers an update of the organization's SMTP settings in Decidim using the gRPC SetSettings query.

You can observe this logic in the lifecycle of the smtp-credential, and the confirmation route is available in the smtp-credential controller (api::decidim.smtp-credential#confirm).

Manually updating SMTP configurations:

For support purposes, if you ever need to change the SMTP settings manually, follow these steps:

  1. Retrieve your system password from the Strapi backend environment variables: DECIDIM_SYSTEM_EMAIL and DECIDIM_SYSTEM_PASSWORD.
  2. Sign in to the client instance's /system using these credentials.
  3. Access the advanced settings of the organization and update the SMTP settings.

Please note that this action is considered an intervention and should be documented in your intervention records. Include the time of the operation and a description.

info