0

For the task, I need to reset the password for the user, through the standard function.

string code = await UserManager.GeneratePasswordResetTokenAsync(user);

I send the code to the user and now he can login and update the password

IdentityResult result = await UserManager.ResetPasswordAsync(user, model.Code, model.Password);

What method can I check if a token is currently valid? If the user tries to enter the recovery link again, he will be able to go there

Unnamed
  • 15
  • 8
  • @Heretic Monkey Sorry, but I was a little mistaken in the question, I don't need a time for the token to expire, but is it really valid at all at the moment – Unnamed Aug 18 '20 at 18:12
  • @Unnamed Are you saying that you can currently call `ResetPasswordAsync` twice with the same code and it works (which means `result == IdentityResult.Success`)? – Camilo Terevinto Aug 18 '20 at 18:14
  • @Camilo Terevinto I thought about it wrongly, in fact, I don't know if the token is currently valid – Unnamed Aug 18 '20 at 18:18
  • 1
    Well, when you call `ResetPasswordAsync`, `result` will tell you whether the code was valid (so success) or invalid (so a list of problems) – Camilo Terevinto Aug 18 '20 at 18:19
  • Since you've changed the question, a more accurate duplicate question would be [ASP.NET Identity verify if ResetPassword token has expired](https://stackoverflow.com/q/51519134/215552). That question was answered with a manual method of verifying the token if for some reason you don't trust `ResetPasswordAsync`... – Heretic Monkey Aug 18 '20 at 18:26
  • @HereticMonkey Yeah, but that's the same as checking if a file exists before opening it - it can be deleted after the check just as the token can expire right after the check (more likely an edge case, I know). Also, that's ASP.NET Identity, this question is about ASP.NET Core Identity, so it might not match 100% – Camilo Terevinto Aug 18 '20 at 18:28
  • @CamiloTerevinto I completely agree (although you'd technically have a similar problem with `ResetPasswordAsync`); that was just the closest dupe I could find :) – Heretic Monkey Aug 18 '20 at 18:32

0 Answers0