Custom Email Verification Token

Question

Custom Email Verification Token

I am using Identity 2.0 platform for user management.
Unfortunately, in my case account activation / password reset cannot be done using a direct link, so the user will have to copy the code from his email and paste it into the website.

The code generated by the default UserManager method GenerateEmailConfirmationTokenAsync is very long, covering about three lines of text. I tried to override this method by creating shorter code that is more user friendly. This does not work, because the ConfirmEmailAsync method always returns an “invalid token” (this method does not call the GenerateEmailConfirmationTokenAsync method at all).

I don’t know how the verification code is stored, and I prefer to use the default storage engine in the Identity Framework instead of manually saving it to the database.

Since the Identity 2.0 framework is closed, I do not know how to do this. Is it possible to create custom (shorter) confirmation codes and which methods should be redefined in addition to what I have already done?

+8

c # asp.net asp.net-identity-2

Cloud Jul 28 '14 at 11:18

source share

1 answer

Chrfin · Accepted Answer · 2014-07-28T11:36:11+0000

The ASP.NET identifier uses the UserTokenProvider UserManager to generate and verify the token. It basically calls:

 this.UserTokenProvider.GenerateAsync("Confirmation", this, tUser);

to create a token and

 this.UserTokenProvider.ValidateAsync("Confirmation", token, this, tUser);

to check it out.

So, you can implement your own IUserTokenProvider<TUser, TKey> or extend the default value and set it as UserManager.UserTokenProvider .

Custom Email Verification Token

More articles: