如果不知道当前密码,如何使用asp.net成员资格提供程序更改散列密码?

时间:2022-04-03 03:45:13

Problem, there's no method:

问题,没有方法:

bool ChangePassword(string newPassword);

You have to know the current password (which is probably hashed and forgotten).

您必须知道当前密码(可能被散列和遗忘)。

2 个解决方案

#1


126  

This is an easy one that I wasted too much time on. Hopefully this post saves someone else the pain of slapping their forehead as hard as I did.

这是一个我浪费了太多时间的简单问题。希望这篇文章能像我一样让别人免受扇额头的痛苦。

Solution, reset the password randomly and pass that into the change method.

解决方案是,随机重置密码并将其传递到change方法中。

MembershipUser u = Membership.GetUser();
u.ChangePassword(u.ResetPassword(), "myAwesomePassword");

#2


2  

You are not able to change the password if the requiresQuestionAndAnswer="true"

如果需要,您无法更改密码。

I got the work around for this

我有工作要做

Created two membership providers in web.config

在web.config中创建了两个成员提供程序。

i am using the AspNetSqlMembershipProviderReset provider for reseting the password since it has the requiresQuestionAndAnswer= false where as AspNetSqlMembershipProvider is the default provider used.

我使用AspNetSqlMembershipProviderReset提供程序来重新设置密码,因为它具有requiresQuestionAndAnswer= false,而AspNetSqlMembershipProvider是使用的默认提供程序。

i wrote the following code to reset the password for the user.

我编写了以下代码来重置用户的密码。

public bool ResetUserPassword(String psUserName, String psNewPassword) { try { // Get Membership user details using secound membership provider with required question answer set to false.

public bool ResetUserPassword(String psUserName, String psNewPassword)

        MembershipUser currentUser = Membership.Providers["AspNetSqlMembershipProviderReset"].GetUser(psUserName,false);

        //Reset the user password.
        String vsResetPassword = currentUser.ResetPassword();            

        //Change the User password with the required password            
        currentUser.ChangePassword(vsResetPassword, psNewPassword);
        //Changed the comments to to force the user to change the password on next login attempt
        currentUser.Comment = "CHANGEPASS";
        //Check if the user is locked out and if yes unlock the user
        if (currentUser.IsLockedOut == true)
        {
            currentUser.UnlockUser();
        }
        Membership.Providers["AspNetSqlMembershipProviderReset"].UpdateUser(currentUser);            return true;
    }
    catch (Exception ex)
    {
        throw ex;
        return false;
    }
}

#1


126  

This is an easy one that I wasted too much time on. Hopefully this post saves someone else the pain of slapping their forehead as hard as I did.

这是一个我浪费了太多时间的简单问题。希望这篇文章能像我一样让别人免受扇额头的痛苦。

Solution, reset the password randomly and pass that into the change method.

解决方案是,随机重置密码并将其传递到change方法中。

MembershipUser u = Membership.GetUser();
u.ChangePassword(u.ResetPassword(), "myAwesomePassword");

#2


2  

You are not able to change the password if the requiresQuestionAndAnswer="true"

如果需要,您无法更改密码。

I got the work around for this

我有工作要做

Created two membership providers in web.config

在web.config中创建了两个成员提供程序。

i am using the AspNetSqlMembershipProviderReset provider for reseting the password since it has the requiresQuestionAndAnswer= false where as AspNetSqlMembershipProvider is the default provider used.

我使用AspNetSqlMembershipProviderReset提供程序来重新设置密码,因为它具有requiresQuestionAndAnswer= false,而AspNetSqlMembershipProvider是使用的默认提供程序。

i wrote the following code to reset the password for the user.

我编写了以下代码来重置用户的密码。

public bool ResetUserPassword(String psUserName, String psNewPassword) { try { // Get Membership user details using secound membership provider with required question answer set to false.

public bool ResetUserPassword(String psUserName, String psNewPassword)

        MembershipUser currentUser = Membership.Providers["AspNetSqlMembershipProviderReset"].GetUser(psUserName,false);

        //Reset the user password.
        String vsResetPassword = currentUser.ResetPassword();            

        //Change the User password with the required password            
        currentUser.ChangePassword(vsResetPassword, psNewPassword);
        //Changed the comments to to force the user to change the password on next login attempt
        currentUser.Comment = "CHANGEPASS";
        //Check if the user is locked out and if yes unlock the user
        if (currentUser.IsLockedOut == true)
        {
            currentUser.UnlockUser();
        }
        Membership.Providers["AspNetSqlMembershipProviderReset"].UpdateUser(currentUser);            return true;
    }
    catch (Exception ex)
    {
        throw ex;
        return false;
    }
}