public override string ResetPassword(string username, string answer)
{
if (!EnablePasswordReset)
throw new NotSupportedException("Password reset is not enabled.");
if (string.IsNullOrEmpty(answer) && RequiresQuestionAndAnswer)
{
UpdateFailureCount(username, "passwordAnswer");
throw new ProviderException("Password answer required for password reset.");
}
string newPassword = System.Web.Security.Membership.GeneratePassword(NEW_PASSWORD_LENGTH, MinRequiredNonAlphanumericCharacters);
ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, newPassword, true);
OnValidatingPassword(args);
if (args.Cancel)
{
if (args.FailureInformation != null)
throw args.FailureInformation;
else
throw new MembershipPasswordException("Reset password canceled due to password validation failure.");
}
string res = string.Empty;
using (Database db = new MySqlDatabase())
{
res = db.ResetPassword(
username,
_applicationName,
answer, newPassword,
PasswordAttemptWindow,
RequiresQuestionAndAnswer,
PasswordFormat,
MaxInvalidPasswordAttempts,
this);
}
if (!string.IsNullOrEmpty(res))
return newPassword;
throw new MembershipPasswordException("User not found, or user is locked out. Password not reset.");
}