ASP.NET Membership API强制更改密码

时间:2012-03-19 12:59:51

标签: asp.net

我正在使用ASP.NET Membership API。我想强制用户在他第一次登录后更改密码。但是,我在ASP.NET的Membership API中找不到任何这样的内置功能。<​​br/> 有可能吗?如果是的话,如何轻松完成?

4 个答案:

答案 0 :(得分:9)

这是一个经过全面测试的解决方案;)

protected void LoginButton_Click(object sender, EventArgs e)
{
    /****note: UserName and Password are textbox fields****/

    if (Membership.ValidateUser(UserName.Text, Password.Text))
    {
        MembershipUser user = Membership.GetUser(UserName.Text);
        if (user == null)
        {
           FailureText.Text = "Invalid username. Please try again.";
           return;
        }
        if (user.IsLockedOut)
           user.UnlockUser();

        /* this is the interesting part for you */
        if (user.LastPasswordChangedDate == user.CreationDate) //if true, that means user never changed their password before
        {
            //TODO: add your change password logic here
        }
    }
}

如果您需要有关如何更改密码的帮助,请告知我们。

如果这篇文章对您有任何帮助,请标记为答案

答案 1 :(得分:4)

没有内置功能。

您需要自己实施。这是一个例子:http://forums.asp.net/p/1273575/2414481.aspx

答案 2 :(得分:0)

以下是VB中的解决方案。它还包括FindControl,用于读取和设置asp:Login ID="LoginUser"表单元素。 

Protected Sub LoginButton_Click(sender As Object, e As EventArgs)

    '***note: UserName and Password are textbox fields***
    Dim UserName As TextBox = DirectCast(LoginUser.FindControl("UserName"), TextBox)
    Dim Password As TextBox = DirectCast(LoginUser.FindControl("Password"), TextBox)
    Dim FailureText As Literal = DirectCast(LoginUser.FindControl("FailureText"), Literal)

    If Membership.ValidateUser(UserName.Text, Password.Text) Then
        Dim user As MembershipUser = Membership.GetUser(UserName.Text)
        If user Is Nothing Then
            FailureText.Text = "Invalid username. Please try again."
            Return
        End If
        If user.IsLockedOut Then
            user.UnlockUser()
        End If

        ' this is the interesting part for you 

        If user.LastPasswordChangedDate = user.CreationDate Then
            'TODO: add your change password logic here
        End If
    End If
End Sub

答案 3 :(得分:0)

这就是我做的。登录后最好这样做。

protected void LoginUser_LoggedIn(object sender, EventArgs e)
    {

        if (Membership.ValidateUser(this.LoginUser.UserName, this.LoginUser.Password))
        {
            MembershipUser user = Membership.GetUser(this.LoginUser.UserName);
            if (user == null)
            {
                this.LoginUser.FailureText = "Invalid username. Please try again.";
                return;
            }
            if (user.IsLockedOut)
            {
                user.UnlockUser();
            }

            if (user.LastPasswordChangedDate == user.CreationDate) //if true, that means user never changed their password before
            {
                Response.Redirect("~/Account/ChangePassword.aspx");
            }
        }
    }
相关问题
最新问题