我正在尝试使用Asp.net Identity 2.0确认用户的电子邮件。按照一些博客的建议,我在Web.Config文件中放置了machineKey,以便在Azure网站上进行加密和解密操作。但是,在本地我无法生成令牌。当我尝试使用UserManager.ConfirmEmailAsync方法来确认(Web api生成的)令牌时,我收到了"Invalid Token"的错误提示。我尝试对我的代码进行UrlEncoding,但没有效果。我找不到足够的帮助来解决这个问题。
电子邮件生成代码如下:
确认电子邮件验证码。
电子邮件生成代码如下:
code = HttpUtility.UrlEncode(UserManager.GenerateEmailConfirmationToken(identityUser.Id));
_logger.Info("Generate confiruation token: " + code);
string link = model.ConfirmUrl + string.Format("?userId={0}&code={1}", HttpUtility.UrlEncode(identityUser.Id), code);
Configuration.Services.GetTraceWriter().Info(Request, Category, "Account GenereatedLink: " + link);
UserManager.SendEmail(identityUser.Id, "Contactbook confirmation", link);
确认电子邮件验证码。
IdentityResult idResult = await UserManager.ConfirmEmailAsync(userId, code);
IHttpActionResult result = GetErrorResult(idResult);
Startup.auth.cs 代码
app.CreatePerOwinContext(CBIndentityDbContext.Create);
app.CreatePerOwinContext<ApplicationUserManager>(ApplicationUserManager.Create);
OAuthOptions = new OAuthAuthorizationServerOptions
{
TokenEndpointPath = new PathString("/Token"),
Provider = new ApplicationOAuthProvider(),
AuthorizeEndpointPath = new PathString("/api/Account/ExternalLogin"),
AccessTokenExpireTimeSpan = TimeSpan.FromDays(14),
AllowInsecureHttp = true
};
app.UseOAuthBearerTokens(OAuthOptions);
AuthorizationManager.cs
public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context)
{
var appDbContext = context.Get<CBIndentityDbContext>();
var appUserManager = new ApplicationUserManager(new UserStore<IdentityUser>(appDbContext));
// Configure validation logic for usernames
appUserManager.UserValidator = new UserValidator<IdentityUser>(appUserManager)
{
AllowOnlyAlphanumericUserNames = true,
RequireUniqueEmail = true
};
// Configure validation logic for passwords
appUserManager.PasswordValidator = new PasswordValidator
{
RequiredLength = 7,
RequireDigit = false
};
appUserManager.EmailService = new ContactbookEmailService();
var dataProtectionProvider = options.DataProtectionProvider;
if (dataProtectionProvider != null)
{
appUserManager.UserTokenProvider = new DataProtectorTokenProvider<IdentityUser>(dataProtectionProvider.Create("ASP.NET Identity"))
{
//Code for email confirmation and reset password life time
TokenLifespan = TimeSpan.FromHours(6)
};
}
return appUserManager;
}
Web.config
<system.web>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5.2" />
<machineKey decryptionKey="6F7DEAA44E5E06B6B7480B055FF39960D69AD32BCBB178EB" validationKey="17D85F8147CF02697D16B05726B9D68E473A3BF79EB79AE4E7EF8E84DA6CCC46BFFB975741DA4D1F37F0EF41651422A2745296BA953CE0370D4337E2900C2A18" validation="SHA1" decryption="Auto" />
当我移除机器密钥时,一切都正常工作。但是在Azure中,我需要使用机器密钥以便电子邮件确认功能可以正常工作。
提前致谢。