Doubt in Asp.Net Core Identity’s Verifyusertokenasync method

Asked

Viewed 216 times

1

I have a question about Verifyusertokenasync of Asp.Net Core Identity

If the user forgets the password, I provide a page to indicate the email and send a url that has the Userid and Token (in the standard way):

private async Task EsqueciMinhaSenhaAsync(EsqueciMinhaSenhaViewModel model)
{
    var user = await _userManager.FindByEmailAsync(model.Email);

    if (user != null)
    {
        var token = await _userManager.GeneratePasswordResetTokenAsync(user);
        var callbackUrl = Url.Action("ResetarSenha", "Auth", new { userId = user.Id, token = token}, protocol: HttpContext.Request.Scheme);

        //TODO: enviar e-mail
    }

}

When the user accesses the generated url, I will call the following code snippet (which checks if the token is valid, if not, I will redirect through the controller warning that the request has expired, for example):

public async Task<bool> VerificarTokenValidoAsync(ApplicationUser user, string token)
{    
    return await _userManager.VerifyUserTokenAsync(user, string.Empty, "ResetPassword", token))      
}

My doubt is in the method Verify tokenvalidoasync, I use it to check if the token is valid before giving access to the page where the user will provide a new password, however, it receives on second parameter (where I left it string. Empty), such a tokenProvider, I would like to know what this parameter is about and how do I generate it.


Update 01/03/2018

I managed to use the method, there is a class (Tokenoptions) where it provides the providerToken pattern:

_userManager.VerifyUserTokenAsync(user, TokenOptions.DefaultProvider, proposito, token)

This way it worked correctly, however, the only problem now is that the result always returns false.

  • this parameter is when you create a custom token, so you have to pass Provider to the server to be able to interpret and verify if the token is Valid or not >> https://docs.microsoft.com/en-us/dotnet/framework/wcf/extending/how-to-creata-custom-security-token-provider

  • Got it, the only problem is that I won’t need to use this, but playing string. Empty in the parameter gives an error. Can you let me know if there is any way to execute this method without using this token ?

  • tried to pass null ?

  • Worse than null also gives a problem: Argumentnullexception: Value cannot be null. Parameter name: tokenProvider. All right, I’ll see if I do a search tonight, if I find a solution or problem in the system, update informing. Thank you.

1 answer

0

It comes from configuring your Identity in your startup.Cs:

// ASP.NET Core Identity Configuration
            services.AddIdentity<ApplicationUser, IdentityRole>()
                .AddEntityFrameworkStores<ApplicationDbContext>()
                .AddDefaultTokenProviders();    

These are standard ASP.NET Core token providers. In your email case use:

var tokenProvider = Options.Tokens.PasswordResetTokenProvider;
return await VerifyUserTokenAsync(user, tokenProvider, "ResetPassword", token);

Browser other questions tagged

You are not signed in. Login or sign up in order to post.