重置后,MVC密码无效

时间:2016-04-14 18:33:33

标签: asp.net-mvc asp.net-mvc-4

我正在尝试在我的网站中实施重置密码重置选项。在创建帐户时,我将密码如下所示:Password = Hasher.Hash(username + unhashedPassword);在构造函数中,使用我的重置密码选项,我可以在使用PasswordToken确认后成功地在数据库中放置新的哈希密码,但我不明白是否我将新密码哈希并将其放在数据库中,为什么我无法使用我设置的新密码登录

重置密码HttpGet:

    [HttpGet]
    [AllowAnonymous]
    public ActionResult ResetPassword(string Id)
    {
        Id = Request.QueryString.ToString();
        ResetPassword model = new ResetPassword();
        model.PasswordToken = Id;
        return View(model);
    }

重设密码HttpPost:

    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public ActionResult ResetPassword(ResetPassword model)
    {
        if (Repository.ChangePassword(model.PasswordToken, model.Password))
        {
            return RedirectToAction("PasswordResetSuccess");
        }
        return RedirectToAction("PasswordResetFailure");
    }

重置密码视图:

                                @Html.LabelFor(m => m.Password, "New Password:")
                                @Html.PasswordFor(m => m.Password)
                                @Html.LabelFor(model => model.RepeatPassword, "Repeat Password:")
                                @Html.EditorFor(model => model.RepeatPassword)

DatabaseHandler ChangePassword方法:

public static bool ChangePassword(string passwordToken, string password)
    {
        RecipeDbContext ctx = new RecipeDbContext();
        Account foundPassword = ctx.Accounts.SingleOrDefault(u => u.PasswordToken == passwordToken);
        if(foundPassword != null)
        {
            password = Hasher.Hash(foundPassword.Username + foundPassword.Password);
            DbSet<Account> dbSet = ctx.Set<Account>();
            dbSet.Attach(foundPassword);
            ctx.Entry(foundPassword).State = EntityState.Modified;
            ctx.SaveChanges();
            return true;
        }

        return false;
    }

Repository ChangePassword方法:

public static bool ChangePassword(string paswordToken, string password)
    {
        return DatabaseHandler.ChangePassword(passwordToken, password);
    }

Hasher Class:

public class Hasher
{
    public static string Hash(string text)
    {
        return Convert.ToBase64String(SHA512.Create().ComputeHash(Encoding.UTF32.GetBytes(text)));
    }
}

1 个答案:

答案 0 :(得分:0)

能够通过使用此订单解决它:

string hashedPassword = Hasher.Hash(foundPassword.Username + password);
foundPassword.Password = hashedPassword;