我有這個代碼,當他們單擊密碼重置按鈕時(用額外的代碼登錄到ELMAH,以便我可以嘗試弄清楚發生了什麼問題)時更改用戶的密碼。ASP.NET成員身份更改密碼不起作用
這是在ASP.NET MVC 2,使用標準ASPNET會員供應商,用一個簡單的瀏覽是這樣的:
New Password: ______
Confirm Password: ______
[Reset] [Cancel]
這個觀點,這條路線是/Account/Reset/guid
,其中GUID是用戶的ID在aspnet會員資料庫。
代碼的關鍵部分是它叫user.ChangePassword()
。您可以看到它在成功時記錄了一條消息。問題是,對於某些用戶來說,成功消息被記錄下來,但他們無法使用新密碼登錄。對於其他用戶來說,它記錄了成功的消息,他們可以登錄
if (user.ChangePassword(pwd, confirmPassword))
{
ErrorSignal.FromCurrentContext().Raise(
new Exception("ResetPassword - changed successfully!"));
return Json(new {
Msg = "You have reset your password successfully." },
JsonRequestBehavior.AllowGet);
}
完整的代碼清單:
[HttpPost]
public JsonResult ResetPassword(string id, string newPassword, string confirmPassword)
{
ErrorSignal.FromCurrentContext().Raise(new Exception("ResetPassword started for " + id));
ViewData["PasswordLength"] = Membership.MinRequiredPasswordLength;
if (string.IsNullOrWhiteSpace(newPassword))
{
ErrorSignal.FromCurrentContext().Raise(
new Exception("ResetPassword - new password was blank."));
ModelState.AddModelError("_FORM", "Please enter a new password.");
return Json(new { Errors = ModelState.Errors() }, JsonRequestBehavior.AllowGet);
}
if (newPassword.Length < Membership.MinRequiredPasswordLength)
{
ErrorSignal.FromCurrentContext().Raise(
new Exception("ResetPassword - new password was less than minimum length."));
ModelState.AddModelError("_FORM",
string.Format("The password must be at least {0} characters long.",
Membership.MinRequiredPasswordLength));
return Json(new { Errors = ModelState.Errors() }, JsonRequestBehavior.AllowGet);
}
if (string.IsNullOrWhiteSpace(confirmPassword))
{
ErrorSignal.FromCurrentContext().Raise(
new Exception("ResetPassword - confirm password was blank."));
ModelState.AddModelError("_FORM",
"Please enter the same new password in the confirm password textbox.");
return Json(new { Errors = ModelState.Errors() }, JsonRequestBehavior.AllowGet);
}
if (confirmPassword.Length < Membership.MinRequiredPasswordLength)
{
ErrorSignal.FromCurrentContext().Raise(
new Exception("ResetPassword - confirm password was less than minimum length."));
ModelState.AddModelError("_FORM",
string.Format("The password must be at least {0} characters long.",
Membership.MinRequiredPasswordLength));
return Json(new { Errors = ModelState.Errors() }, JsonRequestBehavior.AllowGet);
}
if (confirmPassword != newPassword)
{
ErrorSignal.FromCurrentContext().Raise(
new Exception("ResetPassword - new password did not match the confirm password."));
ModelState.AddModelError("_FORM", "Please enter the same password again.");
return Json(new { Errors = ModelState.Errors() }, JsonRequestBehavior.AllowGet);
}
bool isMatch = ValidationHelper.IsGUID(id);
if (string.IsNullOrWhiteSpace(id) || !isMatch)
{
ErrorSignal.FromCurrentContext().Raise(
new Exception("ResetPassword - id was not a guid."));
ModelState.AddModelError("_FORM", "An invalid ID value was passed in through the URL");
}
else
{
//ID exists and is kosher, see if this user is already approved
//Get the ID sent in the querystring
Guid userId = new Guid(id);
try
{
//Get information about the user
MembershipUser user = Membership.GetUser(userId);
if (user == null)
{
//could not find the user
ErrorSignal.FromCurrentContext().Raise(
new Exception("ResetPassword - could not find user by id " + id));
ModelState.AddModelError("_FORM",
"The user account can not be found in the system.");
}
else
{
ErrorSignal.FromCurrentContext().Raise(
new Exception("ResetPassword - user is " + user.UserName));
string pwd = user.ResetPassword();
if (user.ChangePassword(pwd, confirmPassword))
{
ErrorSignal.FromCurrentContext().Raise(
new Exception("ResetPassword - changed successfully!"));
return Json(new {
Msg = "You have reset your password successfully." },
JsonRequestBehavior.AllowGet);
}
ErrorSignal.FromCurrentContext().Raise(
new Exception("ResetPassword
- failed to change the password, for an unknown reason"));
}
}
catch (Exception ex)
{
ErrorSignal.FromCurrentContext().Raise(
new Exception("ResetPassword: " + ex));
return Json(new { Error = ex.Message + " -> "
+ ex.InnerException.Message }, JsonRequestBehavior.AllowGet);
}
}
return Json(new { Errors = ModelState.Errors() }, JsonRequestBehavior.AllowGet);
}
編輯:添加賞金,試圖解決這項問題。這是我的問題列表中最令人討厭的問題之一,我不知道如何繼續。
你親自親眼目睹過這件事嗎?你是否100%肯定用戶不只是忘記他們的密碼?此頁面上的密碼是否有尾隨/前導空格可能被剝離出登錄頁面? – Greg 2011-02-21 19:25:03
此外,用戶在嘗試登錄時獲得的具體錯誤消息是什麼?在此期間是否還有其他重置密碼?基本上,MembershipProvider的工作原理與任何人都知道的一樣,並且您發佈的代碼看起來不錯,所以我的猜測是問題不是問題,或者是其他代碼。 – Greg 2011-02-21 19:32:10
我已經嘗試通過將密碼重置爲「password1」,然後嘗試立即登錄。我無法登錄(用戶名或密碼不正確)。對於其他用戶和我自己的帳戶,我可以更改密碼。 – 2011-02-21 23:01:30