个人中心
gpt4 book ai didi

asp.net - 确认电子邮件收到无效 token

转载 作者:行者123 更新时间:2023-12-02 04:47:45 26 4
gpt4 key购买 nike

我正在向我的 ASP.NET WebAPI 项目添加确认电子邮件功能。服务器可以正常发送电子邮件,但是,确认链接总是返回“无效 token ”。

我检查了这里指出的一些原因 http://tech.trailmax.info/2015/05/asp-net-identity-invalid-token-for-password-reset-or-email-confirmation/但似乎都不是根本原因

下面是我的代码:

public async Task<IHttpActionResult> Register(RegisterBindingModel model)
    {
        if (!ModelState.IsValid)
        {
            return BadRequest(ModelState);
        }
        IdentityResult result;           
            result = await UserManager.CreateAsync(user, model.Password);

            if (!result.Succeeded)
            {
                return GetErrorResult(result);
            }
            try
            {
                await userManager.AddToRoleAsync(user.Id, "Player");

                //Generate email confirmation token                                        
                //var provider = new DpapiDataProtectionProvider("GSEP");
                var provider = new MachineKeyProtectionProvider();
                userManager.UserTokenProvider = new DataProtectorTokenProvider<GSEPUser>(provider.Create("EmailConfirmation"));
                var code = await userManager.GenerateEmailConfirmationTokenAsync(user.Id);
                code = System.Web.HttpUtility.UrlEncode(code);

                EmailHelper emailHelper = new EmailHelper();
                string callBackUrl = emailHelper.GetCallBackUrl(user, code);
                EmailMessage message = new EmailMessage();
                message.Body = callBackUrl;
                message.Destination = user.Email;
                message.Subject = "GSEP Account confirmation";
                emailHelper.sendMail(message);
            }
            catch (Exception e)
            {
                return Ok(GSEPWebAPI.App_Start.Constants.ErrorException(e));
            }         
    }

现在是 EmailHelper

public class EmailHelper
{
    public string GetCallBackUrl(GSEPUser user, string code)
    {

        var newRouteValues = new RouteValueDictionary(new { userId = user.Id, code = code });

        newRouteValues.Add("httproute", true);            
        UrlHelper urlHelper = new UrlHelper(HttpContext.Current.Request.RequestContext, RouteTable.Routes);
        string callbackUrl = urlHelper.Action(
                    "ConfirmEmail",
                    "Account",
                    newRouteValues,
                    HttpContext.Current.Request.Url.Scheme
                    );
        return callbackUrl;
    }

    public void sendMail(EmailMessage message)
    {
        #region formatter
        string text = string.Format("Please click on this link to {0}: {1}", message.Subject, message.Body);
        string html = "Please confirm your account by clicking this link: <a href=\"" + message.Body + "\">link</a><br/>";

        html += HttpUtility.HtmlEncode(@"Or click on the copy the following link on the browser:" + message.Body);
        #endregion

        MailMessage msg = new MailMessage();
        msg.From = new MailAddress("myemail@example.com");
        msg.To.Add(new MailAddress(message.Destination));
        msg.Subject = message.Subject;
        msg.AlternateViews.Add(AlternateView.CreateAlternateViewFromString(text, null, MediaTypeNames.Text.Plain));
        msg.AlternateViews.Add(AlternateView.CreateAlternateViewFromString(html, null, MediaTypeNames.Text.Html));

        SmtpClient smtpClient = new SmtpClient("smtp-mail.outlook.com", Convert.ToInt32(587));
        System.Net.NetworkCredential credentials = new System.Net.NetworkCredential("myemail@example.com", "mypassword!");
        smtpClient.Credentials = credentials;
        smtpClient.EnableSsl = true;
        smtpClient.Send(msg);
    }
}

还有2个MachineKey类

public class MachineKeyProtectionProvider : IDataProtectionProvider
{
    public IDataProtector Create(params string[] purposes)
    {
        return new MachineKeyDataProtector(purposes);
    }
}

public class MachineKeyDataProtector : IDataProtector
{
    private readonly string[] _purposes;

    public MachineKeyDataProtector(string[] purposes)
    {
        _purposes = purposes;
    }

    public byte[] Protect(byte[] userData)
    {
        return MachineKey.Protect(userData, _purposes);
    }

    public byte[] Unprotect(byte[] protectedData)
    {
        return MachineKey.Unprotect(protectedData, _purposes);
    }
}

我还在 Web.config 中添加了 machineKey 标签,正如一些指令指出的那样。最后是我的确认电子邮件 API

    [AllowAnonymous]
    [HttpGet]
    public async Task<IHttpActionResult> ConfirmEmail(string userId, string code)
    {
        if (userId == null || code == null)
        {
            return Ok("Confirm error");
        }
        IdentityResult result;
        try
        {
            result = await UserManager.ConfirmEmailAsync(userId, code);
        }
        catch (InvalidOperationException ioe)
        {
            // ConfirmEmailAsync throws when the userId is not found.
            return Ok("UserID not found");
        }

        if (result.Succeeded)
        {
            return Ok("Confirmation succesfully");
        }
        else
        {
            return Ok(result.Errors);
        }
    }

请告诉我哪里出错了

最佳答案

我知道这是一个旧线程。但我想添加答案,因为它可以帮助其他人。

你正在使用下面的代码

string callbackUrl = urlHelper.Action(
                    "ConfirmEmail",
                    "Account",
                    newRouteValues,
                    HttpContext.Current.Request.Url.Scheme
                    );

UrlHelper.Action已经在最新的 MVC 版本中为您进行 url 编码。因此,在您的代码中,您进行了两次编码(一次在 Register 内,另一次在 GetCallBackUrl 内使用 urlHelper.Action),这就是为什么您收到无效 token 错误。

关于asp.net - 确认电子邮件收到无效 token ,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31504080/

26 4 0
文章推荐: java - 如何在Java中重绘
文章推荐: 数组的 C 数组 : why do I need to cast TO const here?
文章推荐: java - 如何在带有通配符的泛型映射中使用带有类型化参数的泛型集合 (Java)
文章推荐: azure - 从 VS 2013 管理 Azure 存储
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com