验证ResetPassword的PasswordResetToken

时间:2016-05-04 21:13:29

标签: c# asp.net-mvc-5 forgot-password reset-password

我正在尝试在ForgetPassword令牌点击上创建手动重置密码。但是当我用户验证此令牌时,它总是返回false。 请帮帮我 这是我的代码

[AllowAnonymous]
public async Task<ActionResult> ResetPassword()
{
    var provider = new DpapiDataProtectionProvider("AppName");
    var userManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>());
    userManager.UserTokenProvider = new DataProtectorTokenProvider<ApplicationUser>(provider.Create("EmailConfirmation"));
    string userId = Request.QueryString["UserId"];
    string code = Request.QueryString["code"];
    var user = await UserManager.FindByIdAsync(userId);
    //if (!(await UserManager.ConfirmEmailAsync(userId, code)).Succeeded)
    ApplicationDbContext context = new ApplicationDbContext();
    UserStore<ApplicationUser> store = new UserStore<ApplicationUser>(context);
    if (!await userManager.UserTokenProvider.ValidateAsync("EmailConfirmation", code, new UserManager<ApplicationUser>(store) , user))
    {
        return RedirectToAction("Message", "Home", new { status = false, message = "Invalid token, please retry." });
    }
    return View("ResetPassword", new ResetPasswordModel { UserId = userId, Token = code });
}

这也是我生成PasswordResetToken

的代码 
var provider = new Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider("AppName");
UserManager.UserTokenProvider = new Microsoft.AspNet.Identity.Owin.DataProtectorTokenProvider<ApplicationUser>(provider.Create("EmailConfirmation"));
var user = await UserManager.FindByNameAsync(model.Email);
if (user == null)//|| !(await UserManager.IsEmailConfirmedAsync(user.Id)))
{
    // Don't reveal that the user does not exist or is not confirmed
    return Json(new { status = false, message = "User does not exist" });
}
var code = await UserManager.GeneratePasswordResetTokenAsync(user.Id);

请帮助我

1 个答案:

答案 0 :(得分:4)

也许有点晚了,但我最近遇到了类似的要求。

我看到的唯一问题是

if (!await userManager.UserTokenProvider.ValidateAsync("EmailConfirmation", code, new UserManager<ApplicationUser>(store) , user))
{
    return RedirectToAction("Message", "Home", new { status = false, message = "Invalid token, please retry." });
}

将此更改为

if (!await userManager.UserTokenProvider.ValidateAsync("ResetPassword", code, new UserManager<ApplicationUser>(store) , user))
{
    return RedirectToAction("Message", "Home", new { status = false, message = "Invalid token, please retry." });
}

EmailConfirmation ”将与注册电子邮件一起使用,而“ PasswordReset ”用于ForgotPassword商品。

相关问题
最新问题