public override string ResetPassword(string username, string answer)
{
if (!EnablePasswordReset)
{
throw new NotSupportedException();
}
using (var transaction = new TransactionScope(_mConfiguration))
{
var dataStore = new UserDataStore(transaction);
User user = dataStore.FindByName(ApplicationName, username);
if (user == null)
{
throw new UserNotFoundException(username);
}
if (RequiresQuestionAndAnswer &&
user.ValidatePasswordAnswer(answer, PasswordAttemptWindow, MaxInvalidPasswordAttempts) == false)
{
transaction.Commit();
throw new MembershipPasswordException();
}
else
{
string newPassword = System.Web.Security.Membership.GeneratePassword(MinRequiredPasswordLength,
MinRequiredNonAlphanumericCharacters);
user.ChangePassword(newPassword);
transaction.Commit();
return(newPassword);
}
}
}
