发送电子邮件验证链接以激活配置文件c#
[英]Sending email verification link to activate profile c#
问题描述
I'm currently building a website where people can register and they can have their own pages of content. 
我目前正在建立一个人们可以注册的网站,他们可以拥有自己的内容页面。 I have created a custom login page not using the Create user wizard provided on the Microsoft Visual studio 2010. I have a SQL Database at the back end with 我创建了一个自定义登录页面,不使用Microsoft Visual Studio 2010上提供的创建用户向导。我在后端有一个SQL数据库
tblUsers
where users register will be saved. 用户注册的地方将被保存。 I have my email smtp settings configured and capable of sending emails using the registering persons email. 我已经配置了电子邮件smtp设置,并且能够使用注册人员电子邮件发送电子邮件。 I have tested this and it works. 我测试了这个并且它有效。
The Problems 问题
(1) I'm confused as to how I can generate the activation link to be attached to be sent with the email. (1)我很困惑如何生成附加的激活链接以与电子邮件一起发送。
(2) How can i program the code to update a field in the SQL table related to the user (2)如何编写代码来更新与用户相关的SQL表中的字段
eg: User verified = true
when the user clicks the link sent through the email. 当用户点击通过电子邮件发送的链接时。
(3) How can I block the user from being able to log in to the site without going through the verification process? (3)如何在不经过验证过程的情况下阻止用户登录网站? (I am aware this can easily be done by changing few things on the Create User wizard, however I created my registration customarily therefore it runs on a register button click event) Therefore I can't seem to get my head around on how to do it. (我知道这可以通过在创建用户向导上更改一些内容轻松完成,但是我通常会创建我的注册,因此它会在注册按钮单击事件上运行)因此我似乎无法理解如何做它。
Please try to help me out if possible will greatly appreciate it. 请尽量帮助我,如果可能的话会非常感激。
2 个解决方案
解决方案1
9 已采纳 2013-03-03 01:14:08
I would recommend having a field called something like "ActivationToken" and have a GUID generated. 我建议有一个名为“ActivationToken”的字段,并生成一个GUID。 You can do this in SQL directly by calling the newid() function, or in C# by calling Guid.NewGuid() . 您可以通过调用newid()函数直接在SQL中执行此操作,或者通过调用Guid.NewGuid()在C#中执行此操作。 This is a very unique/random value that is next to impossible to brute force. 这是一个非常独特/随机的值,几乎不可能蛮力。
So when the user registers, you would do something like: 因此,当用户注册时,您将执行以下操作:
insert into tblUsers (Username, Password, Active, ActivationToken) values ('johndoe', 'mypassword', 0, newid())
The link would be like: http://yoururl.com/Activate.aspx?token= {yourActivationGuid} 链接是这样的: http://yoururl.com/Activate.aspx?token= {} yourActivationGuid
Update tblUsers set Active=1 where ActivationToken={yourActivationGuid}
If your UserID is already a GUID, you could probably get away with just using that (such as if you're using aspnet_user tables). 如果您的UserID已经是GUID,那么您可能只是使用它(例如,如果您使用的是aspnet_user表)。 As for not allowing the login, just check if the Active flag is set to true. 至于不允许登录,只需检查Active标志是否设置为true。 If not, disallow the login. 如果没有,请禁止登录。
So to validate login you could do: 所以要验证登录,你可以这样做:
select * from tblUsers where Username="johndoe" and Password="mypassword" and Active=1
解决方案2
0 2013-03-03 01:41:35
Create the user login page. 创建用户登录页面。 Once a submit is clicked, generate a new guid() like stated above, and send the email to the user with the activation guid (unique) and once the user clicks, activate the user in the database (SQL). 单击提交后,生成如上所述的新guid(),并使用激活guid(唯一)将电子邮件发送给用户,并在用户单击后激活数据库中的用户(SQL)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.