Safe email sending, which allows the user to access an Action Edit on the controller

0

I need to email a secure link so the user can click on an Edit action on the controller. For example:

Sending the link: localhost: 64148 / Movies / Edit? id = 4

But I can not send the link this way, because when the user accesses it, it will not be allowed due to the use of [ValidateAntiForgeryToken]

How do I submit a secure link in this case? How do I read the token?

    
asked by anonymous 18.09.2016 / 01:17

1 answer

0
Well, firstly it would not really be very safe to send the link this way, I would call create a new action whose parameter would be an encrypted token where, within this token you would send some information as a security key, in addition to the User ID. So when the user clicks on this link, this action would receive this token and decrypt it to get this data and thus confirm that it is a valid link.

Regardless of the part that I explained to you about encryption, I found this tutorial from Microsoft that shows how to create a user registry with email confirmation , ie basically the same principle that you want to use, even they use [ValidateAntiForgeryToken] .

I hope you have helped. Any questions are available.

Hugs!

    
24.09.2016 / 23:18