Reputation: 1375
ASP.NET Web API User Activation by Administrator
I have a requirement to prevent users from logging in to my ASP.NET Web API 2.0 Identity 3.0 backed website until an administrative account "activates" a user's confirmed registered ApplicationUser account.
I have implemented the EmailConfirmed logic to validate that the ApplicationUser account was registered with a working email address. Now I'm looking for an appropriate place to implement a check against the ApplicationUser.Activated property, that I have added, with behavior that prevents a login unless it has been set to true.
I've dug a little bit into the OAuthAuthorizationServerProvider class but I think I'm going to have to really take some time and understand OAuth 2.0 to get anywhere in there. Could anyone make a suggestion as to how and where to implement a test against an Activated property like this?
PS - I'm using bearer token authentication if that was not obvious.
Upvotes: 0
Views: 581
Answers (1)
Reputation: 388
Do one thing when user click on activation link which you send to the user .after click on that link redirect to page where you show one message "You are successfully resgistered" and on the page load you call to database and set activate column is true and put timer on that page and redirect user to login page.during login you can check the user status with email and password .if status is true that mean its registered user.
hope it will help.
Upvotes: 0
Related Questions
- User Authentication in ASP.NET Web API
- Authorize in ASP.NET CORE Web API
- AspNetCore Web Api Microsoft Account Authentication
- Authenticate users in Asp .net Web API
- Authorization With ASP.NET Identity
- How to Authorize Asp.Net Web api
- Managing Users Via ASP.NET Web API 2
- Authenticating ASP.NET Web API
- Asp.net web API 2 authentication with asp.net Identity
- ASP.NET Web API authorization and Authentication