0

Have tried to set the Expiry time for the Email conformation link which is sending after user registration, the link token should expire after 10 mins. have used the code but even after 10 mins user can still access the link, here is my code,

var userManager = GetUserManager();
userManager.UserTokenProvider = new DataProtectorTokenProvider<User,int(dataProtectionProvider.Create("ConfirmEmail"))
{
    TokenLifespan = TimeSpan.FromMinutes(10)
};
Federico Dipuma
  • 17,655
  • 4
  • 39
  • 56
Surendar
  • 83
  • 1
  • 11
  • When user clicks the link does Token Validation happens? Are you doing manually or leaving it to the Identity Framework? – Chetan May 25 '17 at 10:10
  • When user clicks the link have tested with ` var result = userManager.VerifyUserTokenAsync(Id, purpose, token);` but getting false all the time even having valid token. – Surendar May 25 '17 at 10:14
  • There is a nice solution in [here](https://stackoverflow.com/questions/14643735/how-to-generate-a-unique-token-which-expires-after-24-hours) – 4nis Jun 29 '17 at 14:02

1 Answers1

0

The first thing that comes to mind is that there is an error in your syntax.

userManager.UserTokenProvider = 
    new DataProtectorTokenProvider<User,int(dataProtectionProvider.Create("ConfirmEmail"))

is missing a closing bracket. 

userManager.UserTokenProvider =       here v
    new DataProtectorTokenProvider<User,int>(dataProtectionProvider.Create("ConfirmEmail"))

then you have to call 

userManager.UserTokenProvider.TokenLifespan = TimeSpan.FromMinutes(10);

The way you are doing it does not modify the TokenLifespan of the UserTokenProvider that is binded to your UserManager but some other attribute.

FDaniels
  • 23
  • 7