1

I'm trying to give my users the ability to change email. I'd like to send a verification email as well, in which they can verify/confirm their email.

I'd just like to know more about the flow of this, and I haven't been able to find reasonable documentation online.

I see the flow like this:

  1. User enters the new email they wish to use
  2. Code/Token is created together with the confirmation email (the new email is not yet applied to the user)
  3. Confirmation email is sent to the new email
  4. User confirms/verifies their new email
  5. New email and code is received in the controller and the UserManager.ChangeEmailAsync(User user, string newEmail, string code) is invoked

Is the new email applied to the user when the ChangeEmailAsync() method is invoked, or do I have to apply the new email before sending the confirmation email (set EmailConfirmed back to false)?

Detilium
  • 2,868
  • 9
  • 30
  • 65
  • 1
    Possible duplicate of [.NET Identity Email/Username change](http://stackoverflow.com/questions/25570025/net-identity-email-username-change) – trailmax Mar 14 '17 at 11:11
  • See the second answer to this ^^^^ question - talks about confirming email via link. – trailmax Mar 14 '17 at 11:12
  • I'm having problems seeing this as best practice since you just add a new property to the user class. Besides, this is not using the `UserManager.ChangeEmailAsync` approach, this is just copying the functionality from the `ConfirmEmail` scaffold that comes with a fresh MVC with identity. If there is no other exampels on using `ChangeEmailAsync`, I guess I'll need to do as he does. – Detilium Mar 14 '17 at 11:55

1 Answers1

1

try this: tring code = await UserManager.GenerateUserTokenAsync("ChangeEmail",userID); in SendingEmail() to the new email and save the new email in a temporary table

the function when the user confirm the new e-mail: `

             public async Task<IHttpActionResult> ChangeEmail(ChangeEmailModel model) 
             {
                   try
                   {
                HttpUtility.UrlEncode(model.Code);                   
                if ( !UserManager.VerifyUserToken(model.UserId, "ChangeEmail", model.Code)) //to verify the code
                {
                    _logger.Error($"token expired");
                    return ResponseMessage(Request.CreateResponse(HttpStatusCode.BadRequest, new KeyValuePair<String, String>(Messages.ExpiredLink, CommonMessages.ExpiredLink)));
                }
                else
                {
                    UserDetailsManager userDetailsManager = new UserDetailsManager();
                    string Email = userDetailsManager.GetNewEmail(model.UserId);//get the new email from the temporary table
                    var user = await UserManager.FindByIdAsync(model.UserId);
                    user.Email = Email;//change the email
                    user.UserName = Email;
                    result = await UserManager.UpdateAsync(user);
                    if (!result.Succeeded)
                    {
                        foreach (var item in result.Errors)
                        {
                            if (item.Contains("already"))
                            {
                                _logger.Info("In ChangeEmail user already exists");
                                return ResponseMessage(Request.CreateResponse(HttpStatusCode.BadRequest, new KeyValuePair<String, String>(Messages.EmailUserExist, CommonMessages.EmailUserExist)));
                            }
                        }
                    }

                }

            }

        }
        catch (Exception ex)
        {
            _logger.Error($"In ChangeEmail Error - {ex.Message} return {HttpStatusCode.InternalServerError}");
            return ResponseMessage(Request.CreateResponse(HttpStatusCode.InternalServerError, new KeyValuePair<String, String>(Messages.InternalServerError, CommonMessages.InternalServerError)));
        }
        _logger.Info($"ChangeEmail end status {HttpStatusCode.OK} ");
        return Ok("Success");
    }`

this function also Overrides the preoccupation with the confirmEmail

champion...
  • 69
  • 9