How to get purpose field for userManager.VerifyUserTokenAsync?
Question
When I'm trying to reset a password, I'm using userManager.VerifyUserTokenAsync(user, tokenProvider, purpose, token) but it always returns false. My suspicion is that the purpose field is wrong but I'm not sure what should actually go there. My question is, how do I get the purpose field? From some examples I've seen, people are setting it "ResetPassword". Is this correct or am I missing something?
Thanks!
Startup.cs
services.AddIdentity<ApplicationUser, ApplicationRole>(options =>
{
options.Password.RequiredLength = 6;
options.Password.RequireDigit = false;
options.Password.RequireLowercase = false;
options.Password.RequireUppercase = false;
options.Password.RequireNonAlphanumeric = false;
options.User.RequireUniqueEmail = true;
options.SignIn.RequireConfirmedAccount = true;
options.SignIn.RequireConfirmedEmail = true;
options.Tokens.PasswordResetTokenProvider = TokenOptions.DefaultEmailProvider;
options.Tokens.EmailConfirmationTokenProvider = "emailconfirmation";
})
.AddEntityFrameworkStores<VisualDbContext>()
.AddDefaultTokenProviders()
.AddTokenProvider<EmailConfirmationTokenProvider<ApplicationUser>>("emailconfirmation");
services.Configure<DataProtectionTokenProviderOptions>(opt =>
opt.TokenLifespan = TimeSpan.FromHours(2));
services.Configure<EmailConfirmationTokenProviderOptions>(opt =>
opt.TokenLifespan = TimeSpan.FromDays(3));
// Forgot Password
var token = await _userManager.GeneratePasswordResetTokenAsync(user);
var encodedToken = HttpUtility.UrlEncode(token);
//Verify Reset Token
var purpose = "WHAT GOES HERE?";
var result = await _userManager.VerifyUserTokenAsync(user, TokenOptions.DefaultEmailProvider, purpose, token);
Thanks
2 answers
solution1
1 2020-11-13 18:25:00
There are 3 "token purpose" constants defined for you to use on the User Manager class, as you can see in the UserManager source code .
In your specific use case, you would want to do this:
//Replace TUser with your user type
var purpose = UserManager<TUser>.ResetPasswordTokenPurpose;
var result = await _userManager.VerifyUserTokenAsync(user, TokenOptions.DefaultEmailProvider, purpose, token);
Or you could do this:
var purpose = UserManager<object>.ResetPasswordTokenPurpose;
Unfortunately, because the UserManager class is generic, you have to write somewhat ugly code to access the constants. Maybe in the future, Microsoft could add a non generic parent class as described here , to make accessing the purpose constants more elegant.
solution2
0 2020-10-01 13:28:01
In our team we use something like it
private UserManager<{YourUserClass}> _userManager;
public async Task<IActionResult> CheckResetPasswordToken([FromBody] CheckResetPasswordTokenRequestModel model)
{
var user = await _userManager.FindByEmailAsync(model.Email);
var token = HttpUtility.UrlDecode(model.Token).Replace(" ", "+");
return Json(new JsonResponse<CheckResetPasswordTokenResponseModel>(new CheckResetPasswordTokenResponseModel
{
IsValid = await _userManager.VerifyUserTokenAsync(user, _userManager.Options.Tokens.PasswordResetTokenProvider, "ResetPassword", token)
}));
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.