我正在尝试在我的网站中实施重置密码重置选项。在创建帐户时,我将密码如下所示:Password = Hasher.Hash(username + unhashedPassword);
在构造函数中,使用我的重置密码选项,我可以在使用PasswordToken确认后成功地在数据库中放置新的哈希密码,但我不明白是否我将新密码哈希并将其放在数据库中,为什么我无法使用我设置的新密码登录
重置密码HttpGet:
[HttpGet]
[AllowAnonymous]
public ActionResult ResetPassword(string Id)
{
Id = Request.QueryString.ToString();
ResetPassword model = new ResetPassword();
model.PasswordToken = Id;
return View(model);
}
重设密码HttpPost:
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult ResetPassword(ResetPassword model)
{
if (Repository.ChangePassword(model.PasswordToken, model.Password))
{
return RedirectToAction("PasswordResetSuccess");
}
return RedirectToAction("PasswordResetFailure");
}
重置密码视图:
@Html.LabelFor(m => m.Password, "New Password:")
@Html.PasswordFor(m => m.Password)
@Html.LabelFor(model => model.RepeatPassword, "Repeat Password:")
@Html.EditorFor(model => model.RepeatPassword)
DatabaseHandler ChangePassword方法:
public static bool ChangePassword(string passwordToken, string password)
{
RecipeDbContext ctx = new RecipeDbContext();
Account foundPassword = ctx.Accounts.SingleOrDefault(u => u.PasswordToken == passwordToken);
if(foundPassword != null)
{
password = Hasher.Hash(foundPassword.Username + foundPassword.Password);
DbSet<Account> dbSet = ctx.Set<Account>();
dbSet.Attach(foundPassword);
ctx.Entry(foundPassword).State = EntityState.Modified;
ctx.SaveChanges();
return true;
}
return false;
}
Repository ChangePassword方法:
public static bool ChangePassword(string paswordToken, string password)
{
return DatabaseHandler.ChangePassword(passwordToken, password);
}
Hasher Class:
public class Hasher
{
public static string Hash(string text)
{
return Convert.ToBase64String(SHA512.Create().ComputeHash(Encoding.UTF32.GetBytes(text)));
}
}
答案 0 :(得分:0)
能够通过使用此订单解决它:
string hashedPassword = Hasher.Hash(foundPassword.Username + password);
foundPassword.Password = hashedPassword;