This is something that a lot of sites have to verify that the user's e-mail is valid and seems like it would be complex, but there is a very easy way to do it.  This is going to be a 2 part series, maybe a 3rd still thinking about it.  First, I will give you the resources to learn about and setup the asp.net membership system and explain the concept of how we are going to activate the account.  Part 2 will be a re-explanation along with code.

Membership System

I wanted to actually explain all the steps to doing the membership system setup, but I just can't beat 4guysfromrolla.com. Here are the links to there multi-part series on most everything about the membership system.  I use it every time I need to get started with the membership system.

Examining ASP.NET 2.0's Membership, Roles, and Profile:

Part 1 - learn about how the membership features make providing user accounts on your website a breeze. This article covers the basics of membership, including why it is needed, along with a look at the SqlMembershipProvider and the security Web controls.

Part 2 - master how to create roles and assign users to roles. This article shows how to setup roles, using role-based authorization, and displaying output on a page depending upon the visitor's roles.

Part 3 - see how to add the membership-related schemas to an existing database using the ASP.NET SQL Server Registration Tool (aspnet_regsql.exe).

Part 4 - improve the login experience by showing more informative messages for users who log on with invalid credentials; also, see how to keep a log of invalid login attempts.

Part 5 - learn how to customize the Login control. Adjust its appearance using properties and templates; customize the authentication logic to include a CAPTCHA.

Part 6 - capture additional user-specific information using the Profile system. Learn about the built-in SqlProfileProvider.

Part 7 - the Membership, Roles, and Profile systems are all build using the provider model, which allows for their implementations to be highly customized. Learn how to create a custom Profile provider that persists user-specific settings to XML files.

Part 8 - learn how to use the Microsoft Access-based providers for the Membership, Roles, and Profile systems. With these providers, you can use an Access database instead of SQL Server.

Part 9 - when working with Membership, you have the option of using .NET's APIs or working directly with the specified provider. This article examines the pros and cons of both approaches and examines the SqlMembershipProvider in more detail.

Email Activation Concept

The overall concept is fairly simple.  You register then receive an e-mail that you have registered along with an activation URL.  When you click on the URL it goes to the site and activates your account proving that you are real and there is a real e-mail address.

The easiest way to do this is the following.

1. User Registers
2. Once registration guid is created
3. guid is put into a table associated with a username
4. E-Mail is sent to user with a url based on the GUID something like ( http://example.com/Activate.aspx?key=1234-1234-1234 )
5. User Opens Email and click link
6. Person comes to activation page
7. Activation page reads querystring and associates the string with guid in db.  If a match executes code to "approve" account for use
8. User can login.

There are a few key things:

1. You need an association table.  Something that will hold the guid and username for later verification.
2. Create the GUID and get username _after_ account has been created and commit to above table.
3. Build the activation URL and Send the e-mail
4. On the activation page read the query string and find association in association table and retrieve the username if association exists between username and guid.
5. if a username is returned call the membership api and activate the account.

Remember though that when building the site be sure to set the property where when the user registers the account is not automatically approved.

Conclusion

This is a very useful and needed feature in some respects and highly used.  The concept is fairly simple and with the membership system it continues to stay fairly simple.  Please feel free to try this on your own and report back any issues you came across and how you overcame them. 

I will post part to in a couple of days.  I am hoping on Sunday as a present to you all on my Birthday though we will see how that turns out.

Happy Coding

Usability is one thing, for some reason, I continue to pay attention to when I got to sites.  I may not be able design graphically, but I'd like to think that usability is one thing I consistently get right.  The biggest reason I pay attention is because your application is useless unless someone can actually use it.

Recently I went to pay for my college tuition online and had to enter in my card number and expiration date.  Ok no problem except it took me literally a minute to figure out what I was supposed to do so I took a screen shot.

The credit card isn't so hard to figure out, but the expiration date drove me nuts.  I had to read it about 3 times and THINK about it, and I am technology savvy.

Recently I wrote quick registration app for people coming to our paintball game, and used a bit of my usability knowledge to help users not have to think about anything except there information.

Lets go through my thought process though first.

I needed to get 2 key pieces of information.

1. First and Last Name
2. Phone Number

This presented a few problems:

Do I ask for first and last name in separate text boxes thus being sure to get proper information? Problem here is it puts more work on the user when they only need to add information.

If I have them do it in one text box how can I guarantee a good clean output in the back end and be reasonably sure they will put in their first and last name?

When it comes to phone number there are a lot of ways to write your phone number and in a huge list it could get annoying looking at all the different numbers done different ways.  Plus, I need their area code because some are coming from out of state.

First thing I thought of to do was show them how to do it with an easy to use example.

Conclusion

Using and easy to understand example based on other how many other sites do it.  You can increase the usability quickly of your forms and application in general.  All the people that have registered have all included their first and last name and phone number just like I have as examples above.  So please when writing your applications go ahead and take a few extra seconds and think about how you want the data to look and see if there is a way to literally show the user the format you would like.