I’m using the Identity 2.0 framework for user management.
Unfortunately, in my use case an account activation/password reset cannot be done using a direct link, so the user would have to copy the code from his e-mail and paste it into the website.
The code that is generated by the UserManager‘s default GenerateEmailConfirmationTokenAsync method is very long, it spans about 3 lines of text.
I tried to override this method, generating a shorter code that is more user friendly. This doesn’t work, as the ConfirmEmailAsync method always returns “invalid token” (this method doesn’t call the GenerateEmailConfirmationTokenAsync method at all).
I do not know how the confirmation code is stored and I prefer to use the default storage mechanism of the Identity Framework instead of storing it manually in the database.
As the Identity 2.0 framework is closed source, I am not sure how to proceed. Is it possible to generate custom (shorter) confirmation codes and what methods should I override in addition to what I already did?
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
ASP.NET Identity uses the UserTokenProvider of the UserManager to generate and validate the token. Basically it calls:
this.UserTokenProvider.GenerateAsync("Confirmation", this, tUser);
to generate the token and
this.UserTokenProvider.ValidateAsync("Confirmation", token, this, tUser);
to verify it.
So you can implement your own IUserTokenProvider<TUser, TKey> or extend the the default one and set that as UserManager.UserTokenProvider.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0