令牌无效.在使用UserManager.ConfirmEmailAsync(user.Id，code)验证电子邮件验证码时 [英] Invalid Token. while verifying email verification code using UserManager.ConfirmEmailAsync(user.Id, code)

问题描述

我最近将Asp.net Identity 1.0迁移到了2.0.我正在尝试使用以下方法来验证电子邮件验证码.但是我收到无效令牌"错误消息.

I have recently migrated Asp.net identity 1.0 to 2.0 . I am trying to verify email verification code using below method. But i am getting "Invalid Token" error message.

public async Task<HttpResponseMessage> ConfirmEmail(string userName, string code)
        {
            ApplicationUser user = UserManager.FindByName(userName);
            var result = await UserManager.ConfirmEmailAsync(user.Id, code);
            return Request.CreateResponse(HttpStatusCode.OK, result);
        }

使用以下代码生成电子邮件验证令牌(如果我在生成令牌后立即调用ConfirmEmailAsyc，则工作正常).但是当我使用不同的方法打电话时会出现错误

Generating Email verification token using below code (And if i call ConfirmEmailAsyc immediate after generating token, which is working fine). But when i am calling using different method which is giving error

public async Task<HttpResponseMessage> GetEmailConfirmationCode(string userName)
        {
            ApplicationUser user = UserManager.FindByName(userName);
            var code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
            //var result = await UserManager.ConfirmEmailAsync(user.Id, code);
            return Request.CreateResponse(HttpStatusCode.OK, code);
        }

请帮助

推荐答案

我发现您必须先对令牌进行编码，然后再将其放入电子邮件中，但随后进行检查时则不需要.因此，我发送电子邮件的代码为:

I found you had to encode the token before putting it into an email, but not when checking it afterwards. So my code to send the email reads:

                // Send an email with this link 
                string code = UserManager.GenerateEmailConfirmationToken(user.Id);

                // added HTML encoding
                string codeHtmlVersion = HttpUtility.UrlEncode(code);

                // for some weird reason the following commented out line (which should return an absolute URL) returns null instead
                // var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);

                string callbackUrl = "(your URL)/Account/ConfirmEmail?userId=" +
                    user.Id + "&code=" + codeHtmlVersion;

                // Send an email with this link using class (not shown here)
                var m = new Email();

                m.ToAddresses.Add(user.Email);
                m.Subject = "Confirm email address for new account";

                m.Body =
                    "Hi " + user.UserName + dcr +
                    "You have been sent this email because you created an account on our website.  " +
                    "Please click on <a href =\"" + callbackUrl + "\">this link</a> to confirm your email address is correct. ";

确认电子邮件的代码如下:

The code confirming the email then reads:

// user has clicked on link to confirm email
    [AllowAnonymous]
    public async Task<ActionResult> ConfirmEmail(string userId, string code)
    {

        // email confirmation page            
        // don't HTTP decode

        // try to authenticate
        if (userId == null || code == null)
        {
            // report an error somehow
        }
        else
        {

            // check if token OK
            var result = UserManager.ConfirmEmail(userId, code);
            if (result.Succeeded)
            {
                // report success
            }
            else
            {
                // report failure
            }
        }

最后为我工作！

这篇关于令牌无效.在使用UserManager.ConfirmEmailAsync(user.Id，code)验证电子邮件验证码时的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！