How to Verify an Email Address Using Node.js
In this article, I’m going to walk you through the very best possible way to verify email addresses and improve the user registration process for your Node website.
Email verification is incredibly important. Ensuring the users who sign up for your website have a valid email address is valuable for a number of reasons:
- You can catch user typos when they’re entering their email address and prompt the user to fix them before allowing them to register.
- It lets you stay in touch with your users: you can email them when their credit card expires, when you send them receipts when you have new features available, etc.
- It ensures your users can reset their password securely if they ever forget it: without an email address there’s no way to validate someone’s identity outside of manual, human verification.
- It prevents users from signing up for your website with disposable email addresses, like those from Mailinator. Users who sign up for these services are usually trying to bypass giving you their real email for a specific reason: maybe they want to abuse your freemium features, etc. By ensuring you only allow users with real personal or business email addresses to register, you reduce the risk for abuse of your website.
Where email verification gets complex, however, is deciding how to verify email addresses for YOUR website. Each website has different requirements and depending on what your website does, you may only want to verify a user’s email address in one or two specific ways.
To help solve this problem, we recently released the email-verifier NPM library.
This Node library allows you to easily verify email addresses in a number of different ways and provides flexible verification (as you’ll see in a moment).
So, without further ado, let’s take a look at how it works!
Create an Email Verification Account
The first thing you need to do in order to verify email addresses using the email-verifier library is create a free account for the Email Verification API service here: https://emailverification.whoisxmlapi.com/signup
Once you’ve created your free account, you’ll be able to use the API service to verify 1,000 email addresses for free. If you’d like to do more, you can always pay a very small amount.
Install the Package
Now that your account is setup, the next thing you need to do is install the Node package. From the command line, run the following command:
$ npm install email-verifier
This will download and install the latest release of the email-verifier package from NPM.
Verify an Email Address
Now that you have both an account and the package installed, let’s take a look at some code you can run to verify an email address immediately.
Here’s a small script, 'verify.js', which will verify an email address using all possible verification methods:
const Verifier = require("email-verifier");
let verifier = new Verifier("your_email_verification_api_key");
verifier.verify("r@rdegges.com", (err, data) => {
if (err) throw err;
console.log(data);
});
As you can see, there are really only three steps to using the library:
- Import the library.
- Create a 'Verifier' object by giving it your API key that you created when you signed up for the API service.
- Run the 'verify' method, passing in the email address you want to verify, and a callback function. This callback function is what will be run when the verification has completed.
The data that’s returned in the callback will look something like this:
{
"catchAll": "false",
"disposable": "false",
"dns": "OK",
"emailAddress": "r@rdegges.com",
"free": "false",
"mxs": [ "mail.protonmail.ch" ],
"smtp": "OK",
"validFormat": "OK"
}
Each returned JSON value corresponds to different types of verification:
- The 'catchAll' check tells you whether or not this email address is a “catch-all” address. This refers to a special type of address that can receive email for any number of other addresses. This is common in businesses where if you send an email to test@hi.com and another email to test2@hi.com, both of those emails will go into the same inbox.
- The 'disposable' check tells you whether or not the email address is disposable (created via a service like Mailinator). This helps you check for abuse. This value will be 'false' if the email is not disposable, and 'true' otherwise.
- The 'dns' check will ensure that the domain in the email address, eg: gmail.com, is a valid domain. This value will be 'OK' if the domain is good.
- The 'free' option will check to see if the email address is from a free email provider like Gmail or not. This value will be 'false' if the email address is not free, and 'true' otherwise.
- The 'validFormat' check lets you know if there are any syntax errors in the email address. This is a
basic check that’s done to catch any simple typos or major errors. This value will be 'false' if
there are no errors, and 'true' otherwise.
Behind the scenes, the API service is handling all these types of verification checks for you in a number of interesting ways. I’ll cover this in a future article.
Customizing Email Verification
As I mentioned before, the code sample above showed you how to validate an email address with all possible methods of verification–but this may not be what you want to do in all cases.
Email verification can be slow. Each type of verification takes a small amount of time (fractions of a second), but when all of the checks are performed, that time can add up.
If your website only needs to verify an email address to ensure it can receive email, for instance, you can tell the email-verifier package to only perform that check. The email-verifier library is completely flexible: you can enable or disable any types of checking you want.
Here’s how it works:
const Verifier = require("email-verifier");
let verifier = new Verifier("your_email_verification_api_key", {
checkCatchAll: false,
checkDisposable: false,
checkFree: false,
validateDNS: false,
validateSMTP: false
});
When creating the 'Verifier' object, you can pass in additional options (as shown above) which directly impact what types of checks are performed. Feel free to use those as needed.
- NOTE: Once you create the 'Verifier' object, anytime you call the 'verify' method to verify an email address the options specified when the 'Verifier' was created will remain in effect.
Improving Your User Registration Flow
Now that you’ve seen how you can verify email addresses using the email-verifier library, you’ll likely want to modify your website registration process to make use of this.
The best way to do this is fairly straightforward. When a user fills out your registration form and submits it, you should:
- Receive the form data on your web server
- Parse out the user’s registration data, including their email address
- Immediately verify the user’s email address using the email-verifier library
- Show an error to the user if their email is invalid, prompting them to retry
- If everything is good to go, create the user’s new account and log them in
By following these steps, you’ll greatly improve the registration flow of your website by catching user typos and mistakes early on in their registration process before it is too late to correct.
Summary
So to wrap things up: verifying email addresses for your users can be a simple way to improve the user experience for your website.
If you need to verify an email address, the new email-verifier is the perfect tool, as it handles many different types of validation, and is extremely flexible.
If you have any questions, please email us!