UserManager VerifyUserTokenAsync Always False
I am generating usertoken for example
public async Task GenerateCode()
{
var code = await UserManager.GenerateUserTokenAsync("heymega", new Guid("16139fcd-7ae0-449c-ad1c-f568bbe46744"));
}
Then I pass the same token to another activity via a separate request
public async Task ValidateCode(string code)
{
var valid = await UserManager.VerifyUserTokenAsync(new Guid("16139fcd-7ae0-449c-ad1c-f568bbe46744"), "heymega", code); //Returns False
}
However, the answer from the method is VerifyUserTokenAsync
always wrong.
If I had to generate the code and check within the same action
public async Task GenerateCode()
{
var code = await UserManager.GenerateUserTokenAsync("heymega", new Guid("16139fcd-7ae0-449c-ad1c-f568bbe46744"));
var valid = await UserManager.VerifyUserTokenAsync(new Guid("16139fcd-7ae0-449c-ad1c-f568bbe46744"), "heymega", code); //Returns True
}
It returns true.
Why can't the Verify method validate the code in a separate request? Am I missing something?
I finally figured it out by pulling my hair out for hours. You need to url encode and I decided to use the HttpUtility class for that.
HttpUtility.UrlEncode(code);
When it comes to code validation, you don't need the url to decode the code.
There is no way to fix this issue until you have used this:
UserManager.VerifyUserTokenAsync(userId, AccountLockedOutPurpose, code).WithCurrentCulture<bool>();
.WithCurrentCulture () - used in all methods like ResetPasswordAsync etc.)
Once burned 2 days on this issue, here's another reason why this might happen to you.
In your Startup.cs service - ConfigureServices (IServiceCollection services) make sure that:
services.AddAuthentication
Appears BEFORE
services.AddIdentity
Otherwise, calls to VerifyUserTokenAsync will always return false