Reputation: 1589
Razor Token ResetPassword Not working
I have an MVC3 Razor web site. I am following the tutorial here:
http://www.thecodingguys.net/tutorials/asp/webpages-membership-forgot-password-and-reset-password
I have been able to generate a token and send the email successfully
Then the email has me going to a resetpassword view at a link like this:
~/Account/resetpassword?token=fujgFIo7k27c72-UTTJeGA2fujgFIo7k27c72-UTTJeGA2
Now, here is my HttpGet method
[AllowAnonymous]
[HttpGet]
public ActionResult resetpassword()
{
ResetPasswordModel model = new ResetPasswordModel()
{
Password = String.Empty,
ConfirmPassword = String.Empty,
Token = String.Empty
};
return View(model);
}
All it does is pass in an instance of the model
My view for resetpassword.cshtml
@model RazorARPP.Models.ResetPasswordModel
@{
var token = Request["token"];
Model.Token = token;
}
<form action="" method="post" enctype="multipart/form-data" id="MyForm">
@Html.ValidationSummary(true)
<fieldset>
<legend>Reset Password</legend>
@Html.HiddenFor(m => m.Token)
@Html.LabelFor(m => m.Password)
@Html.PasswordFor(m => m.Password)
@Html.ValidationMessage("password")
<br/>
@Html.LabelFor(m => m.ConfirmPassword)
@Html.PasswordFor(m => m.ConfirmPassword)
@Html.ValidationMessage("confirmPassword")
<input type="submit"/>
</fieldset>
</form>
Now My HttpPost method
[AllowAnonymous]
[HttpPost]
public ActionResult resetpassword(ResetPasswordModel model)
{
if (model.Password == model.ConfirmPassword)
{
WebSecurity.ResetPassword(model.Token, model.Password);
}
return RedirectToAction("Login");
}
It executes fine but the resetpassword isn't working. I made sure that that line is running in the debugger. Any suggestions as to what I am doing wrong? Thanks
Upvotes: 0
Views: 2536
Answers (3)
Reputation: 145880
This call will fail (return false) if the password entered doesn't fulfill the password rules. Check what settings you have in your config file for your membership provider.
Also depending on the membership provider it may return false if the account is locked - but I can't verify that right now.
Upvotes: 0
Reputation:
The issue is with the email when it sends the token it is duplicated.
var confirmationUrl = hostUrl + VirtualPathUtility.ToAbsolute("~/Account/resetpassword?token=" + token + HttpUtility.HtmlEncode(token));
Should be like this
var confirmationUrl = hostUrl + VirtualPathUtility.ToAbsolute("~/Account/resetpassword?token=" + HttpUtility.HtmlEncode(token));
There all should work now!
Look at your own URL
~/Account/resetpassword?token=fujgFIo7k27c72-UTTJeGA2fujgFIo7k27c72-UTTJeGA2
the token is duplicated, that was the issue.
Upvotes: 1
Reputation: 13419
How are you generating the reset token? Are you using the correct username?
WebSecurity.GeneratePasswordResetToken(model.Email)
Do a test where you generate a token and immediately pass it to WebSecurity.ResetPassword. I'm guessing resetpassword is not getting the values you are expecting
Upvotes: 2
Related Questions
- Token invalid on reset password with ASP.NET Identity
- ASP.NET Identity Password Reset Token
- Generating reset password token does not work in Azure Website
- ASP.NET token error reset password
- Token invalid on reset password with ASP.NET
- Invalid token in reset password of Asp.Net web api
- "Invalid token" error while reset password, ASP.Net Identity 2.2.0
- ASP.NET Identity 2: Password Reset Token will not pass correctly
- ASP.NET MVC and Identity - Reset password doesn't work
- Reset Password in ASP.NET MVC