如何实现密码与ASP.NET身份重置ASP.NET MVC 5.0？ [英] How do I implement password reset with ASP.NET Identity for ASP.NET MVC 5.0?

问题描述

微软想出一个<一个href=\"http://blogs.msdn.com/b/webdev/archive/2013/06/27/introducing-asp-net-identity-membership-system-for-asp-net-applications.aspx\">new会员系统，称为ASP.NET身份（也是在ASP.NET MVC 5默认）。我发现示例项目，但是这没有实现重置密码。

Microsoft is coming up with a new Membership system called ASP.NET Identity (also the default in ASP.NET MVC 5). I found the sample project, but this is not implemented a password reset.

在密码重置的话题刚刚找到这篇文章：<一href=\"http://kazimanzurrashid.com/posts/implementing-user-confirmation-and-password-reset-with-one-asp-dot-net-identity-pain-or-pleasure\">Implementing用户确认和密码重置与一个ASP.NET身份 - 痛苦或快乐，不由对我来说，因为不使用内置的密码恢复

On password reset topic just found this Article: Implementing User Confirmation and Password Reset with One ASP.NET Identity – Pain or Pleasure, not help for me, because do not use the built-in password recovery.

当我正在寻找的选项，我认为我们需要产生复位标记，我将发送给用户。用户可以使用该令牌，然后设置新密码，并覆盖旧的。

As I was looking at the options, as I think we need to generate a reset token, which I will send to the user. The user can set then the new password using the token, overwriting the old one.

我找到了 IdentityManager.Passwords.GenerateResetPasswordToken / IdentityManager.Passwords.GenerateResetPasswordTokenAsync（字符串tokenId，字符串username，validUntilUtc），但我无法找出它可能意味着 tokenId 参数。

I found the IdentityManager.Passwords.GenerateResetPasswordToken / IdentityManager.Passwords.GenerateResetPasswordTokenAsync(string tokenId, string userName, validUntilUtc), but I could not figure out what it might mean the tokenId parameter.

我如何实现密码重置在ASP.NET MVC与5.0？

How do I implement the Password Reset in ASP.NET with MVC 5.0?

推荐答案

我明白了：该tokenid是一个自由选择的标识，标识密码选项。例如，

I get it: The tokenid is a freely chosen identity, which identifies a password option. For example,

1。看起来像密码恢复过程，第1步
（它是基于： http://stackoverflow.com/a/698879/208922 ）

[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
//[RecaptchaControlMvc.CaptchaValidator]
public virtual async Task<ActionResult> ResetPassword(
                                              ResetPasswordViewModel rpvm)
{
    string message = null;
    //the token is valid for one day
    var until = DateTime.Now.AddDays(1);
    //We find the user, as the token can not generate the e-mail address, 
    //but the name should be.
    var db = new Context();
    var user = db.Users.SingleOrDefault(x=>x.Email == rpvm.Email);

    var token = new StringBuilder();

    //Prepare a 10-character random text
    using (RNGCryptoServiceProvider 
                        rngCsp = new RNGCryptoServiceProvider())
    {
        var data = new byte[4];
        for (int i = 0; i < 10; i++)
        {
            //filled with an array of random numbers
            rngCsp.GetBytes(data);
            //this is converted into a character from A to Z
            var randomchar = Convert.ToChar(
                                      //produce a random number 
                                      //between 0 and 25
                                      BitConverter.ToUInt32(data, 0) % 26 
                                      //Convert.ToInt32('A')==65
                                      + 65
                             );
            token.Append(randomchar);
        }
    }
    //This will be the password change identifier 
    //that the user will be sent out
    var tokenid = token.ToString();

    if (null!=user)
    {
        //Generating a token
        var result = await IdentityManager
                                .Passwords
                                .GenerateResetPasswordTokenAsync(
                                              tokenid, 
                                              user.UserName, 
                                              until
                           );

        if (result.Success)
        {
            //send the email
            ...
        }
    }
    message = 
        "We have sent a password reset request if the email is verified.";
    return RedirectToAction(
                   MVC.Account.ResetPasswordWithToken(
                               token: string.Empty, 
                               message: message
                   )
           );
}

2，然后当用户输入令牌和新密码：

[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
//[RecaptchaControlMvc.CaptchaValidator]
public virtual async Task<ActionResult> ResetPasswordWithToken(
                                            ResetPasswordWithTokenViewModel 
                                                        rpwtvm
                                        )
{
    if (ModelState.IsValid)
    {
        string message = null;
        //reset the password
        var result = await IdentityManager.Passwords.ResetPasswordAsync(
                                                   rpwtvm.Token, 
                                                   rpwtvm.Password
                           );
        if (result.Success)
        { 
            message = "the password has been reset.";
            return RedirectToAction(
                        MVC.Account.ResetPasswordCompleted(message: message)
                   );
        }
        else
        {
            AddErrors(result);
        }
    }
    return View(MVC.Account.ResetPasswordWithToken(rpwtvm));
}

骨架建议来示例项目在GitHub上，如果有人需要它可能是tested.The发送E-mail还没有写，可能与增加很快。

Skeleton proposal to sample project on github, if anyone needs it may be tested.The E-mail sending not yet written, possibly with the addition soon.

这篇关于如何实现密码与ASP.NET身份重置ASP.NET MVC 5.0？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！