如何实现密码与ASP.NET身份重置ASP.NET MVC 5.0? [英] How do I implement password reset with ASP.NET Identity for ASP.NET MVC 5.0?
问题描述
微软想出一个<一个href=\"http://blogs.msdn.com/b/webdev/archive/2013/06/27/introducing-asp-net-identity-membership-system-for-asp-net-applications.aspx\">new会员系统,称为ASP.NET身份(也是在ASP.NET MVC 5默认)。我发现示例项目,但是这没有实现重置密码。
Microsoft is coming up with a new Membership system called ASP.NET Identity (also the default in ASP.NET MVC 5). I found the sample project, but this is not implemented a password reset.
在密码重置的话题刚刚找到这篇文章:<一href=\"http://kazimanzurrashid.com/posts/implementing-user-confirmation-and-password-reset-with-one-asp-dot-net-identity-pain-or-pleasure\">Implementing用户确认和密码重置与一个ASP.NET身份 - 痛苦或快乐,不由对我来说,因为不使用内置的密码恢复
On password reset topic just found this Article: Implementing User Confirmation and Password Reset with One ASP.NET Identity – Pain or Pleasure, not help for me, because do not use the built-in password recovery.
当我正在寻找的选项,我认为我们需要产生复位标记,我将发送给用户。用户可以使用该令牌,然后设置新密码,并覆盖旧的。
As I was looking at the options, as I think we need to generate a reset token, which I will send to the user. The user can set then the new password using the token, overwriting the old one.
我找到了 IdentityManager.Passwords.GenerateResetPasswordToken
/ IdentityManager.Passwords.GenerateResetPasswordTokenAsync(字符串tokenId,字符串username,validUntilUtc)
,但我无法找出它可能意味着 tokenId
参数。
I found the IdentityManager.Passwords.GenerateResetPasswordToken
/ IdentityManager.Passwords.GenerateResetPasswordTokenAsync(string tokenId, string userName, validUntilUtc)
, but I could not figure out what it might mean the tokenId
parameter.
我如何实现密码重置在ASP.NET MVC与5.0?
How do I implement the Password Reset in ASP.NET with MVC 5.0?
推荐答案
我明白了:该tokenid是一个自由选择的标识,标识密码选项。例如,
I get it: The tokenid is a freely chosen identity, which identifies a password option. For example,
1。看起来像密码恢复过程,第1步
(它是基于: http://stackoverflow.com/a/698879/208922 )
[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
//[RecaptchaControlMvc.CaptchaValidator]
public virtual async Task<ActionResult> ResetPassword(
ResetPasswordViewModel rpvm)
{
string message = null;
//the token is valid for one day
var until = DateTime.Now.AddDays(1);
//We find the user, as the token can not generate the e-mail address,
//but the name should be.
var db = new Context();
var user = db.Users.SingleOrDefault(x=>x.Email == rpvm.Email);
var token = new StringBuilder();
//Prepare a 10-character random text
using (RNGCryptoServiceProvider
rngCsp = new RNGCryptoServiceProvider())
{
var data = new byte[4];
for (int i = 0; i < 10; i++)
{
//filled with an array of random numbers
rngCsp.GetBytes(data);
//this is converted into a character from A to Z
var randomchar = Convert.ToChar(
//produce a random number
//between 0 and 25
BitConverter.ToUInt32(data, 0) % 26
//Convert.ToInt32('A')==65
+ 65
);
token.Append(randomchar);
}
}
//This will be the password change identifier
//that the user will be sent out
var tokenid = token.ToString();
if (null!=user)
{
//Generating a token
var result = await IdentityManager
.Passwords
.GenerateResetPasswordTokenAsync(
tokenid,
user.UserName,
until
);
if (result.Success)
{
//send the email
...
}
}
message =
"We have sent a password reset request if the email is verified.";
return RedirectToAction(
MVC.Account.ResetPasswordWithToken(
token: string.Empty,
message: message
)
);
}
2,然后当用户输入令牌和新密码:
[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
//[RecaptchaControlMvc.CaptchaValidator]
public virtual async Task<ActionResult> ResetPasswordWithToken(
ResetPasswordWithTokenViewModel
rpwtvm
)
{
if (ModelState.IsValid)
{
string message = null;
//reset the password
var result = await IdentityManager.Passwords.ResetPasswordAsync(
rpwtvm.Token,
rpwtvm.Password
);
if (result.Success)
{
message = "the password has been reset.";
return RedirectToAction(
MVC.Account.ResetPasswordCompleted(message: message)
);
}
else
{
AddErrors(result);
}
}
return View(MVC.Account.ResetPasswordWithToken(rpwtvm));
}
骨架建议来示例项目一>在GitHub上,如果有人需要它可能是tested.The发送E-mail还没有写,可能与增加很快。
Skeleton proposal to sample project on github, if anyone needs it may be tested.The E-mail sending not yet written, possibly with the addition soon.
这篇关于如何实现密码与ASP.NET身份重置ASP.NET MVC 5.0?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!