password reset url in asp.net

I'm looking to send a user a link if they forget their password.

I ha开发者_如何学编程ve it that they enter their email address and an email is sent to them with a link to reset their password - although I want this link to expire in two days.

Looking at a password reset email I got sent from an online store, I was looking to keep it generally the same format, but I'm unclear how the the expiry part of the URL is created.

The example URL I got sent is:

http://www.mydomain.com/reset.aspx?expires=1317124368&passwordreset=1&username=thegunner%40yahoo.com&authCode=dfb83e3074d395a7606bdc1825d709197fa984ab

passwordreset=1 ...ok no prob username = email address ...no prob authcode ...I guess I could just generate GUID code.

expires=1317124368 ...how could this part be created? I guess it's a time stamp in some format of the day the email was sent - how could I recreate this?

Any ideas?

The expires in that URL may very well be the id of the record in the table that actually holds the date and time when the link expires.

You could do the same: send the link via email and store in a table the link, the date and time when it expires plus an identity column (autogenerated), and possibly some other information (email, etc).

When the person clicks on your link, you use that ID to get the expiration date and time to determine whether the person is allowed to use the same link or not.

Or... that number may represent a date and time measured in milliseconds, ticks, nanoseconds,etc, counting from a specific date and time.