Reputation: 8245
To generate a random, single-use URL
I've published a different take on a log in system on CodeProject ( http://www.codeproject.com/KB/aspnet/mlogin.aspx ) and I've got some free time, so I thought I'd have a look at password recovery/reset.
It was suggested on the article that I look into sending the account owner a single use, random url where they can reset their password if the account gets locked because of too many invalid login attempts/forgotten password.
Can anyone provide some guidance to help me to do this?
So far, I'm thinking I just have to generate a random string in a "recovery" field in the database table for the user's row and then check if the requested URL on the site is the same as the value for that field, then dynamically draw the page server-side.
Am I thinking on the right track here, or way off the mark?
Thanks in advance!
Upvotes: 0
Views: 443
Answers (1)
Reputation: 35374
You're on the right track. Rather than a random string, a GUID is sufficient (uniqueidentifier field in SQL). Use the "d" format so the URL doesn't have curly braces:
MyUser.RecoveryKey = Guid.NewGuid()
Dim EmailBody As String = "http://blah/recoverpass.aspx?key=" & _
MyUser.RecoveryKey.ToString("D");
Upvotes: 2
Related Questions
- generating random, single use URLs
- Generating a unique *and* random URL in C#
- Generate a URL with URL Routing in Webforms
- Generate unique url for every user who registers to your site
- Random number in URL of ASP .NET web application
- Query String unique string generator?
- URL string generation in .NET
- asp.net url generation
- Creating unique URLs in ASP.NET
- Suggestions to improve VB.NET URL shortener?