在MVC中使用GenerateEmailConfirmationTokenAsync外部控制器的无效令牌

时间:2018-02-10 11:19:10

标签: c# asp.net asp.net-mvc asp.net-identity

我已经坚持了好几天。

我正在使用GenerateEmailConfirmationTokenAsync在Controller之外创建一个令牌(它正常工作),但不知何故,我的令牌比使用GenerateEmailConfirmationTokenAsync在Controller中创建的令牌更长,因此ConfirmEmail操作拒绝令牌。 (Error: Invalid Token)。 我在Machinekeyweb.config上尝试HttpUtility.UrlEncode,但我仍然被卡住了。

如何理清控制器ConfirmEmail上的无效令牌错误?

这是我的代码:

RegisterUser(控制器外部) 

public async Task RegisterUserAsync()
{
    var store = new UserStore<ApplicationUser>(db);
    var UserManager = new ApplicationUserManager(store);

    var query = from c in db.Customer
                where !(from o in db.Users
                        select o.customer_pk)
                    .Contains(c.customer_pk)
                select c;
    var model = query.ToList();

    if (query != null)
    {
        foreach (var item in model)
        {
            var user = new ApplicationUser { UserName = item.email, Email = item.email, customerId = item.customerId};
            var result = await UserManager.CreateAsync(user);
            if (result.Succeeded)
            {
                string callbackUrl = await SendEmailConfirmationTokenAsync(user.Id);
                SmtpClient client = new SmtpClient();
                MailMessage message = new MailMessage
                {
                    IsBodyHtml = true
                };
                message.Subject = "Confirm Email";
                message.To.Add(item.email1);
                message.Body = "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>";

                client.SendAsync(message, "userToken");

                //Assign Role User Here
                await UserManager.AddToRoleAsync(user.Id, "Client");
            }
        }
    }

}

SendEmailConfirmation方法(在控制器外部) 

public async Task<string> SendEmailConfirmationTokenAsync(string userID)
{
    var store = new UserStore<ApplicationUser>(db);
    var UserManager = new ApplicationUserManager(store);
    var url = new UrlHelper();
    var provider = new DpapiDataProtectionProvider("MyApp");
    UserManager.UserTokenProvider = new DataProtectorTokenProvider<ApplicationUser>(
        provider.Create("EmailConfirmation"));
    string code = await UserManager.GenerateEmailConfirmationTokenAsync(userID);
    string encodedCode = HttpUtility.UrlEncode(code);

    string callbackUrl = "http://localhost/Accounts/ConfirmEmail?userId=" + userID + "&code=" + encodedCode;
    return callbackUrl;
}

其中db是

ApplicationdDbContext db = new ApplicationdDbContext();
身份控制器(帐户控制器)中的

ConfirmEmail - 我创建了帐户而不是帐户控制器,但它工作正常。

//
// GET: /Account/ConfirmEmail
[AllowAnonymous]
public async Task<ActionResult> ConfirmEmail(string userId, string code)
{
    if (userId == null || code == null)
    {
        return View("Error");
    }

    var confirmed = await UserManager.IsEmailConfirmedAsync(userId);
    if (confirmed)
    {
        return RedirectToLocal(userId);
    }
    var result = await UserManager.ConfirmEmailAsync(userId, code); //Here I get the error (Token Invlaid, despite the token and userId being displayed)
    if (result.Succeeded)
    {
        ViewBag.userId = userId;
        ViewBag.code = code;
    }

    return View(result.Succeeded ? "ConfirmEmail" : "Error");
}
[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
public async Task<ActionResult> ConfirmEmail(SetPasswordViewModel model, string userId, string code)
{
    if (userId == null || code == null)
    {
        return View("Error");
    }

    if (!ModelState.IsValid)
    {
        return View(model);
    }

    var result = await UserManager.AddPasswordAsync(userId, model.NewPassword);
    if (result.Succeeded)
    {
        var user = await UserManager.FindByIdAsync(userId);
        if (user != null)
        {
            await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
        }

        return RedirectToLocal(userId);
    }

    ViewBag.userId = userId;
    ViewBag.code = code;

    AddErrors(result);

    return View(model);
}

我已经在这段代码中工作了几个小时,但到现在为止我无法解决这个问题。 感谢您的任何意见或解决方案。这种方法的原因是我必须使用任务调度程序(我使用fluentscheduler,它工作正常)。

1 个答案:

答案 0 :(得分:2)

你的问题在这一行:

var provider = new DpapiDataProtectionProvider("MyApp");
UserManager.UserTokenProvider = new DataProtectorTokenProvider<ApplicationUser>(
    provider.Create("EmailConfirmation"));

DpapiDataProtectionProvider这与Identity在IIS下运行时使用的内容不同。据我所知,它代替"MyApp",它使用IIS网站的内部名称。此外,通过委托和单身注册它也有一些魔力。

您可以尝试将静态引用保存到数据保护提供程序,并在调度程序代码中使用它。在Startup.Auth.cs课程中执行此操作:

public partial class Startup
{
    internal static IDataProtectionProvider DataProtectionProvider { get; private set; }

    public void ConfigureAuth(IAppBuilder app)
    {
        DataProtectionProvider = app.GetDataProtectionProvider();
        // other stuff.
    }
}

然后在您的UserManager中访问该引用,如下所示:

public class UserManager : UserManager<ApplicationUser>
{
    public UserManager() : base(new UserStore<ApplicationUser>(new MyDbContext()))
    {
        var dataProtectionProvider = Startup.DataProtectionProvider;
        this.UserTokenProvider = 
                new DataProtectorTokenProvider<ApplicationUser>(dataProtectionProvider.Create("ASP.NET Identity"));

        // do other configuration
    }
}

但是我对FluentScheduler的详细信息并不熟悉,如果它在单独的AppDomain中启动进程,它可能不允许您访问此静态变量。但试一试,看看它是如何运作的。

相关问题
最新问题