- Published on
Sending emails via Nodemailer using Gmail with xoauth2
- Authors
- Name
- Code Smarter
- @codesmarter_dev
Nodemailer and xoauth2
Nodemailer is a Node.js module that allows you to send emails.
In this context, Nodemailer will be configured to send emails via the Gmail server.
⚠️ Gmail requires authorization to use its SMTP server. The xoauth2 module allows you to authenticate on the Gmail server so you can send emails from a Gmail address.
Registering the application on the Google API Console
The first step is to register the application on the Google APIs Console.
- Log in to your Gmail account in your browser.
- Open the Google APIs Console link.
- Click the icon in the top left corner of the screen.
- Go to the API Manager.
- Click the Credentials menu (Create a project if you don't have one).
- Click Create Credentials. In the list that appears, select OAuth Client ID.
- Click Configure Login Screen, complete the form, and then Save.
After these steps, a client ID and client secret will be created.
Obtaining Tokens
Two tokens are required to ensure security when sending emails.
Step 1:
Click the Settings button.
Enter the client ID and the client secret retrieved previously.
Step 2:
Select from the Gmail API v1 list and select the actions you want to authorize on the account.
Then click on Authorize API and select the Gmail account to which you want to add the authorization (in case multiple accounts are open in the browser).
Accept the OAuth2 module's access to the Gmail account.
Step 3:
Click on Exchange authorization code for tokens to retrieve the refreshToken and accessToken.
A setting, set by Gmail, allows the refresh token to be changed at each time interval.
For persistent authentication on the server, only Accestoken must be used when configuring the xoauth2 connection.
Example of a mail sending script
If you haven't yet installed nodemailer and xoauth2, you can do so with the following commands:
Installing nodemailer
npm install nodemailer — save
Installing xoauth2
npm install xoauth2 — save
Server-side, the mail sending script looks like this:
var nodemailer = require('nodemailer');
var xoauth2 = require('xoauth2');
module.exports = function(app, route){
return function(req, res, next){
var data = req.body;
// login
var transporter = nodemailer.createTransport({
service: 'gmail',
auth: {
xoauth2: xoauth2.createXOAuth2Generator({
user: 'adresse_origine@gmail.com',
clientId: 'client_id',
clientSecret: 'client_secret',
refreshToken: 'refreshtoken'
})
}
});
var message = {
from: 'adresse_origine@gmail.com', // sender address
to: 'adresse_destinataire', // list of receivers
subject: data.objet, // Subject line
text: data.contenu, // plaintext body
html: '<b>Contact Nom</b>: ' + data.nom + '<br/><b>Contact Email</b>: ' + data.email + '<br/><b>Contact Sujet</b>: ' + data.objet + '<br/><br/>' + data.contenu // html body
}
if(typeof data.objet !== 'undefined' && typeof data.objet !== 'undefined' && typeof data.nom !== 'undefined' && typeof data.contenu !== 'undefined'){
// send mail with defined transport object
transporter.sendMail(message, function(error, info){
if(error){
console.log(error);
res.status(400);
res.json(data);
next();
}
else{
res.json(data);
next();
}
});
}
else{
res.status(400);
res.json(data);
next();
}
};
};
Less Secure Apps
There is another method to send an email without using OAuth2.
This is to enable "Less Secure Apps" access. This