1. 首頁
  2. 問答
  3. 使用ASP標識重置密碼後無法使用新密碼登錄

使用ASP標識重置密碼後無法使用新密碼登錄

2015-03-19 46 views
0

我與此problem類似,但我使用ASP身份驗證和基於令牌的身份驗證。使用ASP標識重置密碼後無法使用新密碼登錄

復位設置新密碼,PasswordHash在我的用戶的表更新,但用戶不能使用新密碼登錄,直到重新啓動其中的Web-API託管服務。

在我的AccountController:

// POST api/Account/ChangePassword 
[Route("ChangePassword")] 
public async Task<IHttpActionResult> ChangePassword(ChangePasswordBindingModel model) 
{ 
    if (!this.ModelState.IsValid) 
    { 
     return this.BadRequest(this.ModelState); 
    } 

    IdentityResult result = await this.UserManager.ChangePasswordAsync(this.User.Identity.GetUserId<int>(), model.OldPassword, 
     model.NewPassword); 
    IHttpActionResult errorResult = this.GetErrorResult(result); 

    if (errorResult != null) 
    { 
     return errorResult; 
    } 

    return this.Ok(); 
} 

[AllowAnonymous] 
[HttpPost] 
public async Task<IHttpActionResult> ResetPassword(ResetPasswordBindingModel model) 
{ 
    if (model.UserId<= 0 || model.Code == null) 
    { 
     return this.BadRequest(); 
    } 

    IdentityResult result; 

    try 
    { 
     result = await this.UserManager.ResetPasswordAsync(model.UserId, model.Code, model.Password); 
    } 
    catch (InvalidOperationException exception) 
    { 
     return this.InternalServerError(exception); 
    } 

    IHttpActionResult errorResult = this.GetErrorResult(result); 

    if (errorResult != null) 
    { 
     return errorResult; 
    } 

    return this.Ok(); 
}

在ApplicationOAuthProvider:

public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) 
{ 
    try 
    { 
     var user = await this.userManager.FindAsync(context.UserName, context.Password); 

     if (user == null) 
     { 
      this.logger.Info("Invalid grant for {0}", context.UserName); 
      context.SetError("invalid_grant", "The user name or password is incorrect."); 
      return; 
     } 

     var oAuthIdentity = 
      await this.userManager.CreateIdentityAsync(user, context.Options.AuthenticationType); 

     var cookiesIdentity = 
      await this.userManager.CreateIdentityAsync(user, CookieAuthenticationDefaults.AuthenticationType); 

     var properties = CreateProperties(user.UserName); 

     var ticket = new AuthenticationTicket(oAuthIdentity, properties); 

     context.Validated(ticket); 

     context.Request.Context.Authentication.SignIn(cookiesIdentity); 

     this.logger.Info("User '{0}' is signed in.", user.UserName); 
    } 
    catch (Exception ex) 
    { 
     this.logger.Error(ex.Message, ex); 
     throw; 
    }

誰能幫助我?謝謝。

來源

2015-03-19 Vitone

回答

1

我已經解決了我的問題。問題出在ApplicationOAuthProvider的userManager中。我每次都使用相同的UserManager實例。工作代碼是:

public class ApplicationOAuthProvider : OAuthAuthorizationServerProvider 
{ 
    private readonly string publicClientId; 

    private IKernel kernel; 

    private readonly Logger logger; 

    public ApplicationOAuthProvider(string publicClientId, IKernel kernel, Logger logger) 
    { 
     if (publicClientId == null) 
     { 
      throw new ArgumentNullException("publicClientId"); 
     } 

     if (kernel == null) 
     { 
      throw new ArgumentNullException("kernel"); 
     } 

     if (logger == null) 
     { 
      throw new ArgumentNullException("logger"); 
     } 

     this.publicClientId = publicClientId; 
     this.kernel = kernel; 
     this.logger = logger; 
    } 

    public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) 
    { 
     try 
     { 
      var userManager = this.kernel.Get<UserManager<User, int>>(); 

      var user = await userManager.FindAsync(context.UserName, context.Password); 

      if (user == null) 
      { 
       this.logger.Info("Invalid grant for {0}", context.UserName); 
       context.SetError("invalid_grant", "The user name or password is incorrect."); 
       return; 
      } 

      var oAuthIdentity = 
       await userManager.CreateIdentityAsync(user, context.Options.AuthenticationType); 

      var cookiesIdentity = 
       await userManager.CreateIdentityAsync(user, CookieAuthenticationDefaults.AuthenticationType); 

      var properties = CreateProperties(user.UserName); 

      var ticket = new AuthenticationTicket(oAuthIdentity, properties); 

      context.Validated(ticket); 

      context.Request.Context.Authentication.SignIn(cookiesIdentity); 

      this.logger.Info("User '{0}' is signed in.", user.UserName); 
     } 
     catch (Exception ex) 
     { 
      this.logger.Error(ex.Message, ex); 
      throw; 
     } 
    }

來源

2015-03-24 14:01:03 Vitone

相關問題

 相關問題