public void DataPreserved() { var token = VerificationToken.Generate(this.timestamp); Assert.AreEqual(this.timestamp, token.Timestamp); var parsedToken = VerificationToken.Parse(token.ToString()); Assert.AreEqual(token.Data, parsedToken.Data); }
/// <summary> /// Validate the token sent to the user by email. /// </summary> public ActionResult Verify(int id, string token) { var verificationToken = VerificationToken.Parse(token); // NOTE you can check for token freshness using verificationToken.IsFresh() string email; var verificationResult = this.UserManager.CheckAndClearVerificationToken(id, verificationToken, out email); if (verificationResult != VerifyResult.Success) { // Invalid token, redirect to logon // We can display a nice message to inform user that his token is invalid and invite him to register return(RedirectToAction("LogOn")); } // Valid verification token! log the user in authomatically no need to require login/password. // you can skip the automatic authentication if you want and redirect to a login page though. this.TokenManager.Set(email, id); // redirect to home, an action with Authorize attribute (requires authentication) return(RedirectToAction("Index", "Home")); }