Question

ASP.NET Identity正在返回“无效令牌”。＆＃39;重置用户密码时的响应。

我尝试过以下方法：

URL在发送电子邮件之前对代码进行编码
网址编码＆amp;在
复制代码以确保其与发送的内容相匹配
确保我的用户电子邮件已确认（我听说这可能有问题）
创建自定义UserManager / Store等。

这是我的电子邮件代码：

var user = await UserManager.FindByNameAsync(model.Email);

var code = await UserManager.GeneratePasswordResetTokenAsync(user.Id);
var callbackUrl = Url.Action("ResetPassword", "Account", new { code }, "http");

var body = string.Format("Click here to reset your password: {0}", callbackUrl);
await UserManager.SendEmailAsync(user.Id, "Reset Password", body);

return View("~/Views/Account/Login.cshtml", model);

生成的网址：

http://localhost/Account/ResetPassword?code=XTMg3fBDDR77LRptnRpg7r7oDxz%2FcvGscq5Pm3HMe8RJgX0KVx6YbOeqflvVUINipVcXcDDq1phuj0GCmieCuawdgfQzhoG0FUH4BoLi1TxY2kMljGp1deN60krGYaJMV6rbkrDivKa43UEarBHawQ%3D%3D

最后我的重置代码：

if (!ModelState.IsValid)
{
    return View(model);
}
var user = await UserManager.FindByNameAsync(model.Email);
if (user == null)
{
    // Don't reveal that the user does not exist
    return RedirectToAction("ResetPasswordConfirmation", "Account");
}
var result = await UserManager.ResetPasswordAsync(user.Id, model.Code, model.Password);
if (result.Succeeded)
{
    return RedirectToAction("ResetPasswordConfirmation", "Account");
}

ModelState.AddModelError("","Invalid Password Please Try Again");
return View();

结果中有1个错误，Invalid token.

我的创建UserManager方法：

public static CustomerUserManager Create(IdentityFactoryOptions<CustomerUserManager> options, IOwinContext context)
{
    var manager = new CustomerUserManager(new CustomerUserStore(context.Get<CustomerDbContext>()));

    // Configure validation logic for usernames
    manager.UserValidator = new UserValidator<Customer>(manager)
    {
        AllowOnlyAlphanumericUserNames = false,
        RequireUniqueEmail = true
    };

    // Configure validation logic for passwords
    manager.PasswordValidator = new PasswordValidator
    {
        RequiredLength = 6,
        RequireNonLetterOrDigit = true,
        RequireDigit = true,
        RequireLowercase = true,
        RequireUppercase = true,
    };

    manager.EmailService = new EmailService();

    var dataProtectionProvider = options.DataProtectionProvider;
    if (dataProtectionProvider != null)
    {
        manager.UserTokenProvider = new DataProtectorTokenProvider<Customer, string>(dataProtectionProvider.Create("ASP.NET Identity"));
    }

    return manager;
}

我的Startup.Auth配置：

app.CreatePerOwinContext(CustomerDbContext.Create);
app.CreatePerOwinContext<CustomerUserManager>(CustomerUserManager.Create);

app.UseCookieAuthentication(new CookieAuthenticationOptions
{
    AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
    LoginPath = new PathString("/Account/Login"),

    Provider = new CookieAuthenticationProvider
    {
        OnValidateIdentity =
            SecurityStampValidator.OnValidateIdentity<CustomerUserManager, Customer, string>
            (
                validateInterval: TimeSpan.FromMinutes(30),
                regenerateIdentityCallback: (manager, user) => user.GenerateUserIdentityAsync(manager),
                getUserIdCallback: (id) => (id.GetUserId())
            )
    }
});

尝试过的解决方案列表：

感谢您对此问题的任何帮助。

Answer 1

您可以尝试使用此代码。

我分享了此链接：aspnet identity invalid token on confirmation email

var encodedCode= code.Base64ForUrlEncode();
var decodedCode= encodedCode.Base64ForUrlDecode();

public static class UrlEncoding
{
        public static string Base64ForUrlEncode(this string str)
        {
            byte[] encbuff = Encoding.UTF8.GetBytes(str);
            return HttpServerUtility.UrlTokenEncode(encbuff);
        }

        public static string Base64ForUrlDecode(this string str)
        {
            byte[] decbuff = HttpServerUtility.UrlTokenDecode(str);
            return Encoding.UTF8.GetString(decbuff);
        }
}

ASP.NET Identity 2.1 - 密码重置无效标记

1 个答案: