The method “Change Password Async” will take care of validating your current password, as well validating your new password policy, and then updating your old password with new one.Do not forget to add the “Change Password Binding Model” to the class “Account Binding Models” as the code below: We want to add the feature which allows a user in “Admin” role to delete user account, until now we didn’t introduce Roles management or authorization, so we’ll add this end point now and later we’ll do slight modification on it, for now any anonymous user can invoke it and delete any user by passing the user Id.
Important Note: It is recommenced to validate the password before confirming the email account, in some cases the user might miss type the email during the registration, so you do not want end sending the confirmation email for someone else and he receives this email and activate the account on your behalf, so better way is to ask for the account password before activating it, if you want to do this you need to change the “Confirm Email” method to POST and send the Password along with user Id and code in the request body, you have the idea so you can implement it by yourself 🙂 In some cases you want to enforce certain rules on the username and password when users register into your system, so ASP.
Note: There is another property named “Sms Service” if you would like to use it for sending SMS messages instead of emails. Eventually this link will be sent to the registered user to the email he used in registration, and the user needs to click on it to activate the account, the route “Confirm Email Route” which maps to this activation link is not implemented yet, we’ll implement it the next step.
Notice how we are setting the expiration time for the code (token) send by the email to 6 hours, so if the user tried to open the confirmation email after 6 hours from receiving it, the code will be invalid. Lastly we need to send the email including the link we’ve built by calling the method “Send Email Async” where the constructor accepts the user Id, email subject, and email body.
In our case we want to send emails, so I’ve implemented the sending process using Send Grid in method “config Send Gridasync”, all you need to do is to replace the sender name and address by yours, as well do not forget to add 2 new keys named “email Service: Account” and “email Service: Password” as App Settings to store Send Grid credentials. Link("Get User By Id", new )); return Created(location Header, The Model Factory.
After we configured the “Email Service”, we need to hock it with our Identity system, and this is very simple step, open file “Application User Manager” and inside method “Create” paste the code below: As you see from the code above, the “app User Manager” instance contains property named “Email Service” which you set it the class we’ve just created “Email Service”. Create(user)); The implementation is straight forward, what we’ve done here is creating a unique code (token) which is valid for the next 6 hours and tied to this user Id only this happen when calling “Generate Email Confirmation Token Async” method, then we want to build an activation link to send it in the email body, this link will contain the user Id and the code created.