public void DataPreserved()
{
var token = VerificationToken.Generate(this.timestamp);
Assert.AreEqual(this.timestamp, token.Timestamp);
var parsedToken = VerificationToken.Parse(token.ToString());
Assert.AreEqual(token.Data, parsedToken.Data);
}
/// <summary>
/// Validate the token sent to the user by email.
/// </summary>
public ActionResult Verify(int id, string token)
{
var verificationToken = VerificationToken.Parse(token);
// NOTE you can check for token freshness using verificationToken.IsFresh()
string email;
var verificationResult = this.UserManager.CheckAndClearVerificationToken(id, verificationToken, out email);
if (verificationResult != VerifyResult.Success)
{
// Invalid token, redirect to logon
// We can display a nice message to inform user that his token is invalid and invite him to register
return(RedirectToAction("LogOn"));
}
// Valid verification token! log the user in authomatically no need to require login/password.
// you can skip the automatic authentication if you want and redirect to a login page though.
this.TokenManager.Set(email, id);
// redirect to home, an action with Authorize attribute (requires authentication)
return(RedirectToAction("Index", "Home"));
}
