一些相关问题:Webforms ASP。NET Identity system重置密码
我试图使用身份系统实现密码恢复,但遇到了错误(商店没有实现IUserEmailStore)。下面是我正在做的,我正在使用Visual Studio 2013 Web。使用Web表单(MVC学习进行中),用户注册他们的电子邮件,并html" target="_blank">存储在数据库的用户名字段中。我在IdentityModel中添加了UserManager类。cs as:
public class UserManager : UserManager<ApplicationUser>
{
public UserManager()
: base(new UserStore<ApplicationUser>(new ApplicationDbContext()))
{
UserValidator = new UserValidator<ApplicationUser>(this) { AllowOnlyAlphanumericUserNames = false };
this.UserTokenProvider = new EmailTokenProvider<ApplicationUser, string>();
this.EmailService = new EmailService();
}
}
public class EmailService : IIdentityMessageService
{
public Task SendAsync(IdentityMessage message)
{
//email service here to send an email.
return Task.FromResult(0);
}
}
在IdtyModels.cs我还添加了助手:
public static string GetResetPasswordRedirectUrl(string code)
{
return "/Account/ResetPassword?" + CodeKey + "=" + HttpUtility.UrlEncode(code);
}
这些都是我在IdentityModels中所做的更改。cs类。现在是放弃密码。aspx页面我做了以下工作:
protected void ResetPassword(object sender, EventArgs e)
{
if (IsValid)
{
var manager = new UserManager();
var user = new ApplicationUser();
user = manager.FindByName(Email.Text);
// Check if the the user does not exist
if (user == null)
{
ErrorText.Text = "User Could not be found.";
return;
}
string token = manager.GeneratePasswordResetToken(user.Id);
string callbackUrl = IdentityHelper.GetResetPasswordRedirectUrl(token);
manager.SendEmail(user.Id, "Reset Password", "Please reset your password by clicking <a href=\"" + callbackUrl + "\">here</a>.");
Link.NavigateUrl = callbackUrl;
}
}
我的代码卡在字符串token=manager上。GeneratePasswordResetToken(user.Id);给出此例外
{"Store does not implement IUserEmailStore<TUser>."}
关于例外的详细信息:
System.NotSupportedException was unhandled by user code
HResult=-2146233067
Message=Store does not implement IUserEmailStore<TUser>.
Source=Microsoft.AspNet.Identity.Core
StackTrace:
at Microsoft.AspNet.Identity.UserManager`2.GetEmailStore()
at Microsoft.AspNet.Identity.UserManager`2.<GetEmailAsync>d__a3.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Microsoft.AspNet.Identity.EmailTokenProvider`2.<GetUserModifierAsync>d__11.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Microsoft.AspNet.Identity.TotpSecurityStampBasedTokenProvider`2.<GenerateAsync>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.ConfiguredTaskAwaitable`1.ConfiguredTaskAwaiter.GetResult()
at Microsoft.AspNet.Identity.UserManager`2.<GenerateUserTokenAsync>d__e9.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Microsoft.AspNet.Identity.UserManager`2.<GeneratePasswordResetTokenAsync>d__4f.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
at Microsoft.AspNet.Identity.AsyncHelper.RunSync[TResult](Func`1 func)
at Microsoft.AspNet.Identity.UserManagerExtensions.GeneratePasswordResetToken[TUser,TKey](UserManager`2 manager, TKey userId)
at uCk.Account.ForgotPassword.Forgot(Object sender, EventArgs e) in c:\Users\Tim\Documents\Visual Studio 2013\Projects\uCk\uCk\Account\ForgotPassword.aspx.cs:line 38
at System.Web.UI.WebControls.Button.OnClick(EventArgs e)
at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)
at System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
InnerException:
我从异常中理解的是,我应该实现IUserEmailStore接口?我不确定我应该在这里做什么;如果你看一下我添加了电子邮件服务()的用户管理器()实现,难道这还不够吗?我如何克服错误并达到预期的结果?
您的用户商店
public class UserStore : UserStore<ApplicationUser>, IUserEmailStore<ApplicationUser>
{
public UserStore() : base(new ApplicationDbContext()){}
public Task<TUser> FindByEmailAsync(string email)
{
//implement
}
//... implement other methods required etc
}
然后在Manager构造函数中引用您的新商店
public class UserManager : UserManager<ApplicationUser>
{
public UserManager() : base(new UserStore())
{
UserValidator = new UserValidator<ApplicationUser>(this) { AllowOnlyAlphanumericUserNames = false };
this.UserTokenProvider = new EmailTokenProvider<ApplicationUser, string>();
this.EmailService = new EmailService();
}
}
我写的是MVC5,使用的是Identity 2.0。 我在邮件中点击链接,我正在获得密码重置令牌并使用 结果总是false,并表示“无效令牌”。我该在哪里修?
如何获取新ASP中用户的密码。网络身份识别系统?或者如何在不知道当前密码(用户忘记密码)的情况下重置?
问题内容: 我正在使用Apache Oltu框架实现OAuth 2.0提供程序服务器,以寻找有关如何在Java中生成访问令牌和秘密令牌的想法。请指教。 问题答案: OAuth 2.0 规范并未说明如何生成令牌和秘密令牌。因此,由您决定是使用一些现有的/锚定数据来生成令牌,还是要使用随机序列来生成令牌。唯一的区别是,如果您使用大概已知的数据(例如,用户数据,例如用户名,创建日期等),则可以在需要时随
我的网站安全配置如下; 当我给出错误的用户名时,身份验证会按预期失败。但是,如果我一次验证成功,之后所有密码错误但用户名正确的请求都会成功验证。。。。 它被缓存在什么地方了吗? 我可以禁用此功能吗? 难道它不应该给出错误密码的身份验证失败吗? 注意:我正在学习Spring安全。我没有任何HTML页面在这个应用程序和测试从邮递员。
问题内容: 为了生成用于访问我们的API的32个字符的令牌,我们目前使用: 我已经读到,这种方法不是基于密码的安全性,因为它基于系统时钟,这将是一个更好的解决方案,因为它很难预测。 如果是这种情况,等效代码将是什么样? 我猜是这样的,但是我不知道这是否对… 我应该传递给函数什么长度也有意义? 问题答案: 这是正确的解决方案:
通过复制VS2013模板中的代码,我在MVC应用程序中实现了ASP.NET标识。基本的东西是工作的,但我不能得到重置密码工作。当我显示“忘记密码”页面时,将生成一封包含令牌的电子邮件。方法返回此标记: