0

I have an admin panel where I can create Users. But they can only login to their panel When I give them Permission from My Side by Creating their Login Credentials. Right Now For Username I am assigning them their Email, and for password, it's a Hardcoded String for Now.

Now I want to create a flow where I can Generate Unique URL and send that to my User via Email. Then from that URL User can set his Password.

So My Question is what is a valid way to Generate Unique Url for Each User? and how to make that Url invalid after 2 Days?

** P.S : I am Using React for FrontEnd and Asp.Net on Backend With SqlServer DB **

Thanks!

Muhammad Bilal
  • 113
  • 2
  • 8

1 Answers1

1

For the URL and the ransom value in it, you can either use ASP.NET secure random and generate a long-enough value, or use a GUID, which some say it is good enough (this is also my opionion).

As for the expiry of the token, you need to manage it on the server side - save the token and it expiration date. 2 days is too long in my opinion, the user should register in minutes\hours, not days.

Gil Cohen
  • 836
  • 7
  • 12