public void ResetPassword_AllowsPasswordToBeReset()
{
securitySettings.AllowLoginAfterAccountCreation = true;
securitySettings.RequireAccountVerification = false;
var id = subject.CreateAccount("test", "pass", "*****@*****.**").ID;
subject.ResetPassword("*****@*****.**");
var key = subject.GetByID(id).VerificationKey;
subject.ChangePasswordFromResetKey(key, "pass2");
Assert.IsFalse(subject.Authenticate("test", "pass"));
Assert.IsTrue(subject.Authenticate("test", "pass2"));
}
public static async Task <ChangePasswordFromResetKeyOutput> ChangePasswordFromResetKeyAsync <TAccount>(
UserAccountService <TAccount> userAccountService, string newPass, string verificationKey)
where TAccount : RelationalUserAccount
{
var output = new ChangePasswordFromResetKeyOutput();
try
{
output.Success = userAccountService.ChangePasswordFromResetKey(verificationKey, newPass);
}
catch (Exception ex)
{
if (ex.Message == "The new password must be different from the old password.")
{
output.FailureReason = "new_pass_same_as_old_pass";
}
}
return(output);
}
public ActionResult Confirm(ChangePasswordFromResetKeyInputModel model)
{
if (!ModelState.IsValid)
{
return(View());
}
try
{
HierarchicalUserAccount account;
if (_userAccountService.ChangePasswordFromResetKey(model.Key, model.Password, out account))
{
return(RedirectToAction("Success"));
}
ModelState.AddModelError("", "Error changing password. The key might be invalid.");
}
catch (ValidationException ex)
{
ModelState.AddModelError("", ex.Message);
}
return(View());
}
/// <summary>
/// Force resets a user password to a specified one
/// </summary>
/// <typeparam name="TAccount"></typeparam>
/// <param name="userAccountService"></param>
/// <param name="userId"></param>
/// <param name="newPass"></param>
/// <returns></returns>
public static async Task <ForceResetPasswordOutput> ForceResetPasswordAsync <TAccount>(
UserAccountService <TAccount> userAccountService, Guid userId, string newPass)
where TAccount : RelationalUserAccount
{
var output = new ForceResetPasswordOutput();
if (string.IsNullOrWhiteSpace(newPass))
{
output.FailureReason = "new_pass_null";
return(output);
}
try
{
PasswordResetRequestedEvent <TAccount> e = null;
userAccountService.Configuration.AddEventHandler(new MembershipRebootEventHandlers.PasswordResetRequestedEventHandler <TAccount>
((evt) =>
{
e = evt;
})
);
userAccountService.ResetPassword(userId);
//got the reset token, so can now change the pass..
output.Success = userAccountService.ChangePasswordFromResetKey(e.VerificationKey, newPass);
}
catch (Exception ex)
{
if (ex.Message == "The new password must be different from the old password.")
{
output.FailureReason = "new_pass_same_as_old_pass";
}
}
return(output);
}
