All geek questions in one place

Invalid token. checking email verification code with UserManager.ConfirmEmailAsync (user.Id, code)

I recently migrated the Asp.net ID from 1.0 to 2.0. I am trying to verify the email verification code using the method below. But I get the error "Invalid Token".

public async Task<HttpResponseMessage> ConfirmEmail(string userName, string code) { ApplicationUser user = UserManager.FindByName(userName); var result = await UserManager.ConfirmEmailAsync(user.Id, code); return Request.CreateResponse(HttpStatusCode.OK, result); }

Creating an email validation token using the code below (And if I immediately call ConfirmEmailAsyc after creating the token, which works fine). But when I call using another method that gives an error

 public async Task<HttpResponseMessage> GetEmailConfirmationCode(string userName) { ApplicationUser user = UserManager.FindByName(userName); var code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id); //var result = await UserManager.ConfirmEmailAsync(user.Id, code); return Request.CreateResponse(HttpStatusCode.OK, code); }

Please, help

+6
source share
5 answers

I found that you needed to encode the token before placing it in the email, but not when checking it. So my code to send an email is:

  // Send an email with this link string code = UserManager.GenerateEmailConfirmationToken(user.Id); // added HTML encoding string codeHtmlVersion = HttpUtility.UrlEncode(code); // for some weird reason the following commented out line (which should return an absolute URL) returns null instead // var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme); string callbackUrl = "(your URL)/Account/ConfirmEmail?userId=" + user.Id + "&code=" + codeHtmlVersion; // Send an email with this link using class (not shown here) var m = new Email(); m.ToAddresses.Add(user.Email); m.Subject = "Confirm email address for new account"; m.Body = "Hi " + user.UserName + dcr + "You have been sent this email because you created an account on our website. " + "Please click on <a href =\"" + callbackUrl + "\">this link</a> to confirm your email address is correct. ";

Then the email confirmation code reads:

 // user has clicked on link to confirm email [AllowAnonymous] public async Task<ActionResult> ConfirmEmail(string userId, string code) { // email confirmation page // don't HTTP decode // try to authenticate if (userId == null || code == null) { // report an error somehow } else { // check if token OK var result = UserManager.ConfirmEmail(userId, code); if (result.Succeeded) { // report success } else { // report failure } }

Worked, after all, for me!

+8
source

Hope the problem is resolved. Otherwise, below is a link for a solution that works well.

Asp.NET - Identifier 2 - Invalid Token Error

Just use:

 emailConfirmationCode = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id); UserManager.ConfirmEmailAsync(userId, code1);
+2
source

My problem was a little different.

I created my own IUserStore, and one thing I did wrong was setting the SecurityStamp to null if there was no value.

The security stamp is used to generate the token, but it is replaced with an empty string when the token is generated, however, when checking the token, it is not replaced, so it finishes comparing String.Empty with null , which will always return false.

I fixed my problem by replacing the null values โ€‹โ€‹for String.Empty when reading from the database.

0
source

Hi, this happened if I get url (full) and call throught WebClient api. The code value must be encoded before sending the call.

 code = HttpUtility.UrlEncode(code);
0
source

We had the same problem, load balancing caused this problem. Adding the file <machineKey validationKey="XXX" decryptionKey="XXX" validation="SHA1" decryption="AES"/> to the web.config file solved the problem. All of your servers must have the same machine key to verify previously generated code.

Hope this helps.

0
source

Source: https://habr.com/ru/post/973300/

More articles:


All Articles