best way to generate token to validate email account symfony2

Question

I was just wondering, what would be the best, and the most secure way to generate a token as unique key for a user to validate his account by email address.

I plan to do this this way :

I am no using FOSUserBundle
The user register through a form, the user data is save to the database with a "pending" status, and I save also in the database a "key" token to validate the user (do I really need to put this in the database ?).
The user receive an email with a link to a controller that will check the token/key pass in the link (mysite/validate-account/?key=ljdsak544545asd), I compare it with the value we have in the database, if it matches, the user is validate.

As you can see I know pretty much how to get there I just want to make sure I use the right way to generate a unique, secure, token as a validation key in Symfony2.

Thanks for your help !

score 0 · Answer 1 · edited May 23 '17 at 12:09

0

see this:

PHP: How to generate a random, unique, alphanumeric string?

just to be extra safe check the db to see if a duplicate key exists and regenerate until you have a unique one.

edited May 23 '17 at 12:09

Community

1
1

answered Dec 18 '14 at 00:56

Derick F

2,749
3
20
30

best way to generate token to validate email account symfony2

1 Answers1