Morioh
Login
Abdul Larson

Abdul Larson

3 years ago

In this article, I’ll share how I lovingly built a subscription sign up flow with email confirmation that doesn’t suck. You can do it, too.

If you want to see it in action, you can now subscribe to my email list on victoria.dev.

Now, I’ll show you how I built it.

Introducing Simple Subscribe

If you’re interested in managing your own mailing list or newsletter, you can set up Simple Subscribe on your own AWS resources to collect email addresses.

This open source API is written in Go, and runs on AWS Lambda. Visitors to your site can sign up to your list, which is stored in a DynamoDB table, ready to be queried or exported at your leisure.

When someone signs up, they’ll receive an email asking them to confirm their subscription. This is sometimes called “double opt-in,” although I prefer the term “verified.”

Simple Subscribe works on serverless infrastructure and uses an AWS Lambda to handle subscription, confirmation, and unsubscribe requests.

You can find the Simple Subscribe project, with its fully open-source code, on GitHub. I encourage you to pull up the code and follow along!

In this post I’ll share each build step, the thought process behind the API’s single-responsibility functions, and security considerations for an AWS project like this one.

How to build a verified subscription flow

A non-verified email sign up process is straightforward. Someone puts their email into a box on your website, then that email goes into your database.

However, if I’ve taught you anything about not trusting user input, the very idea of a non-verified sign up process should raise your hackles. Spam may be great when fried in a sandwich, but it’s no fun when it’s running up your AWS bill.

While you can use a strategy like a CAPTCHA or puzzle for is-it-a-human verification, these can create enough friction to turn away your potential subscribers.

Instead, a confirmation email can help to ensure both address correctness and user sentience.

To build a subscription flow with email confirmation, create single-responsibility functions that satisfy each logical step. Those are:

  1. Accept an email address and record it.
  2. Generate a token associated with that email address and record it.
  3. Send a confirmation email to that email address with the token.
  4. Accept a verification request that has both the email address and token.

To achieve each of these goals, Simple Subscribe uses the official AWS SDK for Go to interact with DynamoDB and SES.

At each stage, consider what the data looks like and how you store it. This can help to handle conundrums like, “What happens if someone tries to subscribe twice?” or even threat-modeling such as, “What if someone subscribes with an email they don’t own?”

Ready? Let’s break down each step and see how the magic happens.

#aws #go #serverless #programming #developer

How to Build Your Own Serverless Subscriber List with Go and AWS

freecodecamp.org

How to Build Your Own Serverless Subscriber List with Go and AWS

I'll share how I lovingly built a subscription sign up flow with email confirmation that doesn’t suck. Learn how to build your own Serverless subscriber list with Go and AWS. I’ll share each build step, the thought process behind the API’s single-responsibility functions, and security considerations for an AWS project like this one.

2.40 GEEK