Home How can I restrict access until user has confirmed email link
Reply: 1

How can I restrict access until user has confirmed email link

ceci
1#
ceci Published in 2015-04-09 17:34:33Z

I am finally able to send Email confirmation on my MVC 5 Application

The user now receives an email and the EmailConfirmed field is updated from False to True. However, the user is still able to login without confirming the email.

My question is how can I restrict access until user has confirmed email link

Below is my ConfirmEmail Method.

    // GET: /Account/ConfirmEmail
    [AllowAnonymous]
    public async Task<ActionResult> ConfirmEmail(string Token, string Email)
    {
        ApplicationUser user = this.UserManager.FindById(Token);
        if (user != null)
        {
            if (user.Email == Email)
            {
                user.EmailConfirmed = true;
                await UserManager.UpdateAsync(user);
                //await SignInAsync(user, isPersistent: false);
                return RedirectToAction("Index", "Home", new { ConfirmedEmail = user.Email });
            }
            else
            {
                return RedirectToAction("Confirm", "Account", new { Email = user.Email });
            }
        }
        else
        {
            return RedirectToAction("Confirm", "Account", new { Email = "" });
        }
    }

    [AllowAnonymous]
    public ActionResult Confirm(string Email)
    {
        ViewBag.Email = Email; return View();
    } 

Thank you everyone for reading.

Ceci

----- UPDATE ------

I added the code below to the /Account/Login Controller

    var user = await UserManager.FindByNameAsync(model.UserName);
    if(user != null){
        if (!await UserManager.IsEmailConfirmedAsync(user.UserName)) {
            return View("ErrorNotConfirmed");
        }
    }

But its returning an error. UserId not Found.

ceci
2#
ceci Reply to 2015-04-09 18:56:39Z

I am posting this code in case someone needs it.

Basically I replaced the code above with this code:

        var userid = UserManager.FindByEmail(model.UserName).Id;
        if (!UserManager.IsEmailConfirmed(userid))
        {
            return View("EmailNotConfirmed");
        }

It works beautifully now.

You need to login account before you can post.

About| Privacy statement| Terms of Service| Advertising| Contact us| Help| Sitemap|
Processed in 0.297999 second(s) , Gzip On .

© 2016 Powered by mzan.com design MATCHINFO