Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

AspNet Core Generate and Change Email Address

Tags:

asp.net-mvc

asp.net-core

asp.net-core-mvc

I am trying to implement a way for users to change their email in AspNetCore so on the Account Management screen I have the change function that will call GenerateChangeEmailTokenAsync on the user manager, then sends the email with the link containing the Token and UserId.

My problem is how do I allow the link the change the email address to the new address since ChangeEmailAsync requires the new email address be entered.

What is the best practice way of implementing this functionality? I do not want to send over the new email address in the email link but also do not want to make them type the email again. Hopefully someone has done this, I cannot find it anywhere only, and it should be very simple.

like image 966
Tim Scriv Avatar asked Apr 01 '16 23:04

Tim Scriv

2 Answers

I know it is late answering this, but I was looking for it myself before, and thought I leave the answer here for others.

The GenerateChangeEmailTokenAsync method takes the new email as part in the hash of the token. Next you create a link that contains the token, the new email and the old email

 var token = await _userManager.GenerateChangeEmailTokenAsync(user, model.NewEmail);
 var resetLink = Url.Action("ChangeEmailToken", "account", new {token = token, oldEmail = user.Email, newEmail = model.newEmail }, protocol: HttpContext.Request.Scheme);

Next you send this link to the user in an email.

When clicked, the user hits the method named in the link (here "ChangeEmailToken" on AccountController:

 [AllowAnonymous]
 [HttpGet]
 public async Task<IActionResult> ChangeEmailToken([FromQuery] string token, [FromQuery] string oldEmail, [FromQuery] string newEmail)

Next you need to verify the token, and -if succesful- update the email address. 

var result = await _userManager.ChangeEmailAsync(user, newEmail, token);
like image 99
Pieter van Kampen Avatar answered Nov 01 '22 21:11

Pieter van Kampen

The normal flow is to let the user update profile as usual.

If the user updated their email address then that new email address needs to be verified.

That is when you generate the token with GenerateChangeEmailTokenAsync.

You send that token as a link to the new email address.

When the user clicks the link in the new email it takes them back to you site which automatically confirms the token and verifies the new email address.

like image 3
Nkosi Avatar answered Nov 01 '22 21:11

Nkosi
Sign in to Comment

Related questions

how to use radiobuttonlist in mvc4
Uninstall OWIN and Identity packages
asp.net mvc routing with multiple optional parameters did not work
Linq .GroupBy() with count
Azure websites .well-known route becomes inaccessible
Azure WebApp not loading my fonts
ASP.NET MVC Client Side Validation
ASP.Net MVC - redirecting to route gives Redirect Loop
Html.AntiForgeryToken() causeing errors after upgrading to .NET 3.5 SP1
What is session and session variables?
what the meaning of FOR in a label tag?
Nested LINQ Query Question
MVC HtmlHelpers trouble with Razor
MVC access application variable in controller [duplicate]
Range and DisplayFormat Attributes on TimeSpan
ASP.NET MVC 5 Model-Binding Edit View
ASP.NET MVC Post for @Url.action()
How to validate number of items in a list in mvc model
Refresh after update Telerik Kendo Grid (MVC)
The current types, IUserStore<ApplicationUser> and DbConnection, are respectively an interface and abstract class and cannot be constructed

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!