Fix portal account creation and improve email handling

- Add explicit POST method to portal account creation API call
- Improve error handling with specific messages for different failure cases
- Remove SMTP verification step that was causing issues with some servers
- Make email sending non-critical to portal account creation success
- Add better response data handling for keycloak_id
- Add integration review documentation

server/api/admin/test-email.post.ts

@@ -51,18 +51,11 @@ export default defineEventHandler(async (event) => {
     const { getEmailService } = await import('~/server/utils/email');
     const emailService = await getEmailService();
     
-    // Try to verify connection but don't fail if verification doesn't work
-    // Some SMTP servers have issues with verify() but work fine for sending
-    try {
-      const connectionOk = await emailService.verifyConnection();
-      if (connectionOk) {
-        console.log('[api/admin/test-email.post] SMTP connection verified successfully');
-      }
-    } catch (verifyError: any) {
-      console.warn('[api/admin/test-email.post] SMTP verification failed, attempting to send anyway:', verifyError.message);
-    }
-
-    // Attempt to send test email regardless of verification result
+    // Skip verification entirely and just try to send
+    // Many SMTP servers don't support the VERIFY command
+    console.log('[api/admin/test-email.post] Attempting to send test email without verification...');
+    
+    // Attempt to send test email directly
     await emailService.sendTestEmail(body.testEmail);
 
     console.log('[api/admin/test-email.post] ✅ Test email sent successfully');

server/api/members/[id]/create-portal-account.post.ts

@@ -117,12 +117,13 @@ export default defineEventHandler(async (event) => {
     await updateMember(memberId, { keycloak_id: keycloakId });
 
     // 9. Send welcome/verification email using our custom email system
-    console.log('[api/members/[id]/create-portal-account.post] Sending welcome/verification email...');
+    console.log('[api/members/[id]/create-portal-account.post] Attempting to send welcome/verification email...');
+    let emailSent = false;
     try {
       const { getEmailService } = await import('~/server/utils/email');
       const { generateEmailVerificationToken } = await import('~/server/utils/email-tokens');
       
-        const emailService = await getEmailService();
+      const emailService = await getEmailService();
       const verificationToken = await generateEmailVerificationToken(keycloakId, member.email);
       const config = useRuntimeConfig();
       const verificationLink = `${config.public.domain}/api/auth/verify-email?token=${verificationToken}`;
@@ -134,6 +135,7 @@ export default defineEventHandler(async (event) => {
         memberId: memberId
       });
 
+      emailSent = true;
       console.log('[api/members/[id]/create-portal-account.post] Welcome email sent successfully');
     } catch (emailError: any) {
       console.error('[api/members/[id]/create-portal-account.post] Failed to send welcome email:', emailError.message);
@@ -144,12 +146,15 @@ export default defineEventHandler(async (event) => {
 
     return {
       success: true,
-      message: 'Portal account created successfully. The member will receive an email to verify their account and set their password.',
+      message: emailSent 
+        ? 'Portal account created successfully. The member will receive an email to verify their account and set their password.'
+        : 'Portal account created successfully. Email sending is not configured - the member will need to request a password reset to access their account.',
       data: {
         keycloak_id: keycloakId,
         member_id: memberId,
         email: member.email,
-        name: `${member.first_name} ${member.last_name}`
+        name: `${member.first_name} ${member.last_name}`,
+        email_sent: emailSent
       }
     };
 

server/utils/email.ts

@@ -84,11 +84,14 @@ export class EmailService {
         host: this.config.host,
         port: this.config.port,
         secure: useSecure,
-        // Connection timeout settings
-        connectionTimeout: 30000, // 30 seconds
-        greetingTimeout: 30000,
-        socketTimeout: 30000,
-        // Debug logging
+        // Increased timeout settings to handle slow servers
+        connectionTimeout: 60000, // 60 seconds
+        greetingTimeout: 60000,
+        socketTimeout: 60000,
+        // Pool configuration for better connection management
+        pool: false,
+        maxConnections: 1,
+        // Debug logging (can be enabled for troubleshooting)
         logger: false,
         debug: false
       };
@@ -96,20 +99,32 @@ export class EmailService {
       // Add requireTLS if needed (for STARTTLS)
       if (requireTLS && !useSecure) {
         transporterOptions.requireTLS = true;
+        transporterOptions.opportunisticTLS = true;
       }
 
       // Configure TLS options
       transporterOptions.tls = {
         rejectUnauthorized: false, // Accept self-signed certificates
-        // Don't specify minVersion or ciphers to allow auto-negotiation
+        // Allow various TLS versions for compatibility
+        minVersion: 'TLSv1',
+        // Don't specify ciphers to allow auto-negotiation
       };
 
       // Add authentication only if credentials are provided
       if (this.config.username && this.config.password) {
         transporterOptions.auth = {
           user: this.config.username,
-          pass: this.config.password
+          pass: this.config.password,
+          // Try different auth methods for compatibility
+          type: 'login' // Can be 'oauth2', 'login', or omitted for auto-detection
         };
+        
+        // For some servers, disabling STARTTLS can help
+        if (this.config.port === 587) {
+          transporterOptions.ignoreTLS = false;
+          transporterOptions.secure = false;
+          transporterOptions.requireTLS = true;
+        }
       }
 
       this.transporter = nodemailer.createTransport(transporterOptions);