I'm currently having trouble with the password reset mail created by make:auth in Laravel 5.6. My app is hosted on Heroku. In my local environment everything works fine. I have set the right values in the config vars in Heroku, same in my local .env file:
MAIL_DRIVER=smtp
MAIL_HOST=smtp.gmail.com
MAIL_PORT=587
[email protected]
MAIL_PASSWORD=bla
MAIL_ENCRYPTION=tls
I have read here that I have to hard-code the values inside app/mail.php instead of referencing the .env file because Heroku wouldn't recognize/understand this reference
'password' => env('MAIL_PASSWORD')
But then my data would be visible inside the GitHub repo.
What am I doing wrong here?
EDIT:
The accepted answer is the way to go, one should use an Add-On for sending mails in Heroku. Still I found a way to make it work with gmail after setting up sendgrid ;)
- Use `Port 465 with ssl` as encryption.
- Allow `less secure apps` access to my account.
- Visit `http://www.google.com/accounts/DisplayUnlockCaptcha` and sign in with your Gmail username and password.
After these steps, it worked. Maybe this is helpful for others.
EDIT2:
I migrated Laravel from version 5.x to 8 and I ran into problems again, so I had to change my approach again with gmail.
I had to:
- Allow `less secure apps` access to my account.
- Enable two step verification and create an App Password like in the accepted answer of this question: https://stackoverflow.com/questions/42558903/expected-response-code-250-but-got-code-535-with-message-535-5-7-8-username
- Change Port back to 587 and tls again
- Visit `http://www.google.com/accounts/DisplayUnlockCaptcha` and sign in with your Gmail username and password.
Don't use Gmail in production¹.
Gmail isn't designed to act as an SMTP gateway for your application. Instead, use one of the many mail addons that Heroku recommends. Mailgun and SendGrid are both very popular options, but there are lots of others.
These tools are designed to send mail for applications. They'll be a lot less likely to reject your mail and, when configured properly, make it a lot less likely for your mail to get caught in spam filters. Most of them have walkthroughs for setting things up, and I encourage you to follow them. Make sure not to skip the SPF and DKIM anti-spam features.
I have read here that I have to hard-code the values inside
app/mail.phpinstead of referencing the.envfile because Heroku wouldn't recognize/understand this reference'password' => env('MAIL_PASSWORD')
This is incorrect.
You say that you've set config variables on Heroku, and that populates the environment. The .env file is just a convenient local workaround for doing the same thing. Whichever mail addon you choose will automatically set one or more environment variables for you, and you should use those in your code.
¹You probably shouldn't be using it in development, either, but it's less of a problem there. I urge you to use something like Mailtrap (cloud) or Mailcatcher (local) instead.