Click here to Skip to main content
15,879,535 members
Search within:


Send link with one time password and when valid redirect to another link
Please Sign up or sign in to vote.
1.00/5 (1 vote)
See more:
ASP.NET
Hello experts,

Could there be a possible solution for below issue?
It is not actually an issue to start with...
I have to create a link that is quite simple, like when you click on the link it should open a prompt/dialog for password.
When entered correct it should continue to the link and allow user to upload a file.

I know google is my friend in this but I hardly find something like this. I found all reset password... but I want something different. prompt a password before opening the link and if valid allow user to upload a file

What I have tried:

I have tried to send an email with the link and when user clicks it will open a dialog and prompt for password. But it won't redirect to the link for uploading file.
Posted
Updated 16-Aug-16 0:40am
Add a Solution
Comments
ZurdoDev 15-Aug-16 14:20pm    
No, there is no built-in code that will magically do it all for you. You just have to write the code yourself.
sudevsu 16-Aug-16 9:50am    
I don't need a code. I just need an idea like njammy did. Thanks

1 solution

Your question is tagged with ASP.NET but not sure which framework.

So e.g. for Web Forms, create a page or ASHX handler to receive the request from the email URL click.
Or...For MVC implement a Web API or controller to receive the request.

Maybe you can pass the data with the querystring in the url to enhance the process for that user e.g. to track user click. (You may want to implement code to deactivate the link from being clicked again once user clicks it first time and process completes. That's your choice).

Then take the request and validate it. Then redirect the user to login page.

Once user is validated, redirect to the upload page.
 
Share this answer
 
Posted
Comments
sudevsu 16-Aug-16 9:58am    
ASP.NET webforms framework 3.5
njammy 16-Aug-16 10:03am    
Ok, hope this helps. Reply anytime once you start your development and need any technical development help.
sudevsu 16-Aug-16 10:07am    
to elaborate this is what I want to do...
Step1: Send a URL to users via email. Also send a Unique Password.
Step2: User when clicked on the link, request for a password sent in email.
Step3: If valid , redirect to another page to upload File.
If Invalid, Request password from same page. Do not redirect until Valid.

Step4: Upload the File.

Now I have already done few things here. But I don't understand how can I make the url valid for only 24 hours.
How to know that this password is for this link/user ?

Basically I have parts of it all programmed but I missing the links between them. I not marrying them all properly. Let me know if you have ay thoughts on this. Thanks njammy
njammy 16-Aug-16 10:16am    
In my opinion asking a user to open and e-mail, click a link, then copy and paste the password from the (same? email?) is too many steps. What I would do is send the user an e-mail with a link with some kind of "access code" embedded e.g.
http://www.web.site/upload?key=SDFSASDNU23HD783.

So the idea is this part of the url "?key=SDFSASDNU23HD783". Let's suppose this is scrambled text from original string: "id:1,key:12345", where "id" is your users id and "key" is your uniquely generated access code. Let's suppose we convert the string id:1,key:12345 to base64 and get "SDFSASDNU23HD783" (not realistic but you get the idea). This may not be secure enough but that depends on how secure you want it to be, so it may actually be better to make the user copy and paste the code.

Now you can store this in a new database table along with your users id, and a column called "Expiry" (DateTime). When you generate a code, set the expiry.
In my example url, when the upload page receives the request, first query the DB to see if the access code part of the query string is expired or not. if not, authenticate the user, if user is not correct, send them away and update the access code database table value as VOID, because someone tried to attempt to access with wrong code/username combo.

Make sense?
sudevsu 16-Aug-16 10:26am    
I does make sense... I am concerned about security issues. However let me give this a shot
Add a Solution

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month
Related Questions
Where is the Link for redirection
Send a link to Change Password to the User
how to redirect virutal path link
Send automatic generated link to email
Redirect to a link with username and password
hi how to redirect to another page if UserName and Password is valid?
How to set expiration time for a link send to Email?
Sending links in Mailbody
One time link (no more)
Emailing one time link to download software

Advertise
Privacy
Cookies
Terms of Use
Last Updated 16 Aug 2016
Layout: fixed | fluid
Copyright © CodeProject, 1999-2024
All Rights Reserved.

Web04 2.8:2024-04-02:1

CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900