我正在編寫具有隻有管理員可以訪問的用戶部分的應用程序(MVC5,身份2.0和實體框架6)。除非您正在註冊新組織(這是用戶的父母),否則添加用戶的唯一地方就在此部分。身份2 - 確認電子郵件,然後允許用戶設置密碼
我已將所有東西都啓動並運行,但希望更好地添加用戶流。目前,管理員使用硬編碼密碼創建用戶,並向他們發送電子郵件,要求他們確認其帳戶。他們點擊這個帳戶並確認,然後他們必須登錄。顯然,硬編碼密碼不適合製作應用程序!
我真的很喜歡用戶添加,生成隨機密碼,確認帳戶電子郵件發送,然後一旦用戶點擊它,他們的帳戶被確認,然後他們被重新定向到他們可以重置自己的密碼的頁面。
所以,代碼忍者,這是可能的嗎?如果是這樣,任何意見將不勝感激!
是的。您可以刪除管理員輸入的硬編碼密碼並將您的呼叫替換爲創建用戶var result = await UserManager.CreateAsync(user);此時不提供密碼。確保在創建時向用戶發送郵件以確認電子郵件。這是一個example。
在confirmEmail操作視圖中,您可以創建一個密碼設置表單併發送回到confirmEmail。示例如下:
的HTTP從您所設定的密碼形式獲取ConfirmEmail
[AllowAnonymous]
public async Task<ActionResult> ConfirmEmail(string userId, string code)
{
if (userId == null || code == null)
{
return View("Error");
}
var confirmed = await UserManager.IsEmailConfirmedAsync(userId);
if(confirmed)
{
return await RedirectToDashboard(userId);
}
var result = await UserManager.ConfirmEmailAsync(userId, code);
if (result.Succeeded)
{
ViewBag.userId = userId;
ViewBag.code = code;
}
return View(result.Succeeded ? "ConfirmEmail" : "Error");
}
的HTTP POST到ConfirmEmail:
[HttpPost]
[ValidateAntiForgeryToken]
[AllowAnonymous]
public async Task<ActionResult> ConfirmEmail(SetPasswordViewModel model, string userId, string code)
{
if (userId == null || code == null)
{
return View("Error");
}
if (!ModelState.IsValid)
{
return View(model);
}
var result = await UserManager.AddPasswordAsync(userId, model.NewPassword);
if (result.Succeeded)
{
var user = await UserManager.FindByIdAsync(userId);
if (user != null)
{
await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
}
return await RedirectToDashboard(userId);
}
ViewBag.userId = userId;
ViewBag.code = code;
AddErrors(result);
return View(model);
}
樣的形式被放入ConfirmEmailView
@using (Html.BeginForm("ConfirmEmail", "Account", new { userId = ViewBag.userId, code = ViewBag.code }, FormMethod.Post, new { @class = "form-horizontal", role = "form" }))
{
@Html.AntiForgeryToken()
@Html.ValidationSummary("", new { @class = "color_orange" })
@Html.PasswordFor(m => m.NewPassword, new { @class = "form-control", placeholder = "New Password" })
@Html.PasswordFor(m => m.ConfirmPassword, new { @class = "form-control", placeholder = "Confirm Password" })
<input type="submit" value="Set password" class="btn" />
}
記得在您的confirmEmail視圖中添加一個模型@model [ProjectName].Models.SetPasswordViewModel
,並創建SetPasswordViewModel:
public class SetPasswordViewModel
{
[Required]
[StringLength(100, ErrorMessage = "The {0} must be at least {2} characters long.", MinimumLength = 6)]
[DataType(DataType.Password)]
[Display(Name = "New password")]
public string NewPassword { get; set; }
[DataType(DataType.Password)]
[Display(Name = "Confirm new password")]
[Compare("NewPassword", ErrorMessage = "The new password and confirmation password do not match.")]
public string ConfirmPassword { get; set; }
}
我也需要相同的功能。我用髒代碼實現了這一點。
[AllowAnonymous]
Public ActionResult ConfirmEmail(string userId, string code)
{
if(userId == null || code == null)
{
return View("Error");
}
var user = UserManager.FindById(userId);
if(user == null)
{
}
else
{
RunAsync(ForceResetPassword(user));
return RedirectToAction("ResetPasswordAfterConfirmation","Account");
}
}
Public async Task<ActionResult> ForceResetPassword(ApplicationUser user)
{
string code = await UserManager.GeneratePasswordResetTokenAsync(user.Id);
var callbackUrl = Url.Action("Reset Password", "Account", new {userId = user.Id, code = code}, protocol: Request.Url.Scheme);
await UserManager.SendEmailAsync(user.Id,"Reset Password","Please reset your password by clicking <a href=\"" + callbackUrl + "\">here</a>");
//Insert send email code here
}
private void RunAsync(Task task)
{
task.ContinueWith(t =>
{
}, TaskContinuationOptions.OnlyOnFaulted);
}
因此,他們就會收到確認電子郵件管理員創建帳戶後,再經過他們點擊鏈接,他們將再次收到另一封電子郵件重置密碼。
如果你有更好的方法來實現這一點,我也很樂意知道。 :)