Ibexa DXP uses the token system in the registration process to create a double opt-in possibility. The token service can generate a unique token that is valid for a given time.
After user registration, a token is created and stored in the database. When the user clicks the URL that they receive in an email, the token is validated and fetched from the database. After the user has been activated, the token is removed from the database.
Creating a token¶
A token contains:
- the time for which it is valid
- a service and method that are called if a customer uses the link with the token
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
Using the token¶
You can use the token in the built-in token controller when calling a service and method, or in a custom controller or service.
Checking the token¶
The token can be checked with the
TokenService. It returns the parameters that were stored when the token was created:
1 2 3 4 5 6
You can use the token to deliver unique links to customers.
TokenController is available at the
/token/[token] route, for example:
TokenController is called to process a token, for example, after user registration when the user clicks the activation link.
The controller loads the token from the database, activates the user account and invalidates the token.
Each token has the following attributes that are processed by the token-specific logic:
1 2 3 4 5 6 7 8
silver_eshop.token_service_method_processor service implements the custom logic for each token and returns a response.
||Creates a token with given parameters. If
||Fetches the token from the database. If the token is not valid,
||Stores the token in the database.|
||Removes the token from the database.|
||boolean||Returns true if the token is valid.|