how to use a GUID to verify user email in ASP.NET C#

StackOverflow https://stackoverflow.com/questions/15188829

Question

I'm currently working on a project where people can register and login to their own content page. I have used a custom registration method (Not the Default Create User Wizard). I am capable of sending an email off to the registering persons email. However I now want to add a link to that email where people have to click on it in order to get their profile verified. I have heard that you can use a GUID along with a Token to do this but I don't know how to go on implementing this there fore i need help. I have my users details stored in the

> tblUsers with fields ID, Name, Password, Details, Photo as well as a **Verify** field which i believe could be used as a verification? for now its empty and is not being used.

I have created my login control using the default Login control provided by the Microsoft Visual Studio environment.

Would really be grateful if someone can help me and guide me through this, after 2 days of constant research and trying I'm stuck on this part without being able to progress further

Was it helpful?

Solution

Well a better option would be encryption of UserID. as this will not only save addition of extra column in database but provide easy handling. Now the question is how will you do that.

Try this.. Make a simple encryption Logic (you can google this and just a few lines of code)

when creating that hyperlink, append that encrypted UserId . When user clicks , send that to server , decrypt and validate with the user id. this will help you to mange user on base of User Id which i hope is unique in you case.

Guid is just another option, why not using your UserID which is alreday unique :)

OTHER TIPS

I think you could generate the guid upon the user registration and store on the user's table. You can also send it in the query of the link that you want to add to the e-mail. After the user clicks the link you could require the user to login and you would verify if the guid on the query is the same that you have stored on your user's table. If you have you could alter the state of the user to "verified".

Your question requires quite a few steps, but to at least start you off.

  1. User would Register
  2. You'll need to query the email address does not exists.
  3. If it doesn't exists, you'll want to store that information into your database.

  4. With the logic you have to store the information, you'll want to do something like this:

    Guid userGuid = Guid.NewGuid();

    string body = "To confirm 'http://www.somesite.com/verify/aspx?userGuid=" + userGuid + "Verify your account";

    string GuidToTest = Request["userGuid"];

Something like that should accommodate, you'll have to create a structure and path to handle all of that with your Domain Logic and Data Access.

Hopefully that helps.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top