忘记密码MVC 4
忘记密码MVC 4
提问于 2014-05-05 12:45:55
在我的应用程序中,我试图获得一个忘记的密码来工作。我试图发送电子邮件给用户时,他/她输入他或她的用户名,发送他们和电子邮件,他们点击该链接,并被带回网站和更改他们的密码。唯一的问题是我的linq查询是错误的,并且没有检查用户名是否存在于数据库中。这是通过获得忘记密码来工作的正确方式吗?
这是我的密码
控制器
// GET: /Account/ForgotPassword
[AllowAnonymous]
public ActionResult ForgetPassword()
{
return View();
}
// Post: /Account/ForgotPassword
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult ForgetPassword(ForgetPasswordModel model, string UserName)
{
string emailAddress = (from i in db.UserProfiles
where i.UserName.Equals(model.Username)
select i.Email).Single();
if (!string.IsNullOrEmpty(emailAddress))
{
string confirmationToken =
WebSecurity.GeneratePasswordResetToken(model.Username);
dynamic email = new Email("ChngPasswordEmail");
email.To = emailAddress;
email.UserName = model.Username;
email.ConfirmationToken = confirmationToken;
email.Send();
return RedirectToAction("ResetPwStepTwo");
}
return RedirectToAction("InvalidUserName");
}模型
public class ForgetPasswordModel
{
[Required]
[Display(Name = "Username")]
public string Username { get; set; }
}视图
@model MyFestival.Models.UserProfile
@{
ViewBag.Title = "Forgot Password";
}
<hr />
<div class="form-group">
<h3 class="panel-title">Did you forget your password?</h3>
</div>
@using (Html.BeginForm())
{
<div class="">
@Html.AntiForgeryToken()
@Html.ValidationSummary(true, null, new { @style = "color:red;" })
<hr />
<label>To reset your password, input your email address and press the Reset Password button.</label>
<br/>
<div class="form-group" >
<div class="col-md-12" >
<div class="input-group">
<span class="input-group-addon" ><i class="glyphicon glyphicon-user" ></i ></span >
@Html.TextBoxFor(m => m.UserName, new { @class = "form-control", @placeholder = "Username" })
</div >
@Html.ValidationMessageFor(m => m.UserName, null, new { @style = "color:red;" })
</div>
</div>
<br/>
<br/>
<div class="form-group" >
<div class="col-md-offset-2 col-md-10" >
<input type="submit" class="btn btn-default" value="Reset Password"/ >
@Html.ActionLink("Back to Login", "Login", null, new { @class = "btn btn-info" })
</div >
</div>
</div>
}回答 2
Stack Overflow用户
回答已采纳
发布于 2014-05-05 15:20:46
我刚刚注意到,您将ForgetPasswordModel model和string username作为控制器操作的参数,然后使用模型的Username属性。我假设Model只是初始化stirng username而不是ForgegPasswordModel。您是否可以尝试删除stirng username -- ForgetPassword动作的第二个参数?
Stack Overflow用户
发布于 2020-04-23 08:20:43
您可以创建自己的GUID,并通过电子邮件发送给用户。当用户单击电子邮件链接时,检查Guid并更新用户的新密码。
下面是示例代码
创建一个视图输入忘记密码电子邮件
@{
ViewBag.Title = "Forgot Password";
}
<h2>Forgot Password</h2>
@using (Html.BeginForm())
{
<div class="form-horizontal">
<hr />
<div class="text-success">
@ViewBag.Message
</div>
<div class="form-group">
Please enter your registered email address below to receive an email containing a link, to reset your password.
</div>
<div class="form-group">
<label class="control-label col-md-2">Email Address</label>
@Html.TextBox("EmailID", "", new { @class = "form-control" })
</div>
<div class="form-group">
<div class="col-md-offset-2 col-md-10">
<input type="submit" value="Submit" class="btn btn-success" />
</div>
</div>
</div>
}然后在你的控制器从用户获得电子邮件id,检查电子邮件是否存在并创建新的GUID,保存在数据库中,发送电子邮件给用户。
[HttpPost]
public ActionResult ForgotPassword(string EmailID)
{
string resetCode = Guid.NewGuid().ToString();
var verifyUrl = "/Account/ResetPassword/" + resetCode;
var link = Request.Url.AbsoluteUri.Replace(Request.Url.PathAndQuery, verifyUrl);
//get user details from database.
using (var context = new LoginRegistrationInMVCEntities())
{
var getUser = (from s in context.RegisterUsers where s.Email == EmailID select s).FirstOrDefault();
if (getUser != null)
{
getUser.ResetPasswordCode = resetCode;
//This line I have added here to avoid confirm password not match issue , as we had added a confirm password property
context.Configuration.ValidateOnSaveEnabled = false;
context.SaveChanges();
var subject = "Password Reset Request";
var body = "Hi " + getUser.FirstName + ", <br/> You recently requested to reset your password for your account. Click the link below to reset it. " +
" <br/><br/><a href='" + link + "'>" + link + "</a> <br/><br/>" +
"If you did not request a password reset, please ignore this email or reply to let us know.<br/><br/> Thank you";
SendEmail(getUser.Email, body, subject);
ViewBag.Message = "Reset password link has been sent to your email id.";
}
else
{
ViewBag.Message = "User doesn't exists.";
return View();
}
}
return View();
}
private void SendEmail(string emailAddress, string body, string subject)
{
using (MailMessage mm = new MailMessage("youremail@gmail.com", emailAddress))
{
mm.Subject = subject;
mm.Body = body;
mm.IsBodyHtml = true;
SmtpClient smtp = new SmtpClient();
smtp.Host = "smtp.gmail.com";
smtp.EnableSsl = true;
NetworkCredential NetworkCred = new NetworkCredential("youremail@gmail.com", "YourPassword");
smtp.UseDefaultCredentials = true;
smtp.Credentials = NetworkCred;
smtp.Port = 587;
smtp.Send(mm);
}
}现在,当用户单击电子邮件并输入新密码时,使用我们在数据库中保存的内容检查Guid,如果guid匹配,则更新密码。
查询更多信息:
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/23472821
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号