Evaluting the method signature, it is required to know old password while changing it.
对方法签名进行评估时,需要知道旧密码并进行修改。
membershipUser.ChangePassword(userWrapper.OldPassword, userWrapper.Password)
Is there any way to change password without knowing old one.
有没有办法在不知道旧密码的情况下更改密码?
8 个解决方案
#1
102
string username = "username";
string password = "newpassword";
MembershipUser mu = Membership.GetUser(username);
mu.ChangePassword(mu.ResetPassword(), password);
#2
21
The other answers here are correct, but can leave the password in an unknown state.
这里的其他答案是正确的,但是可以将密码保持在未知状态。
ChangePassword will throw exceptions if the password doesn't meet the requirements laid out in Web.Config (minimum length, etc.). But it only fails after ResetPassword has been called, so the password will not be known to the original user or to the person who's tried to change it. Check for complexity requirements before changing the password to avoid this:
如果密码不满足Web中列出的要求,ChangePassword将抛出异常。配置(最小长度等)。但只有在ResetPassword被调用后才会失败,因此原始用户或试图修改密码的人不会知道密码。在更改密码之前检查复杂性需求,以避免以下情况:
var user = Membership.GetUser(userName, false);
if ((newPassword.Length >= Membership.MinRequiredPasswordLength) &&
(newPassword.ToCharArray().Count(c => !Char.IsLetterOrDigit(c)) >=
Membership.MinRequiredNonAlphanumericCharacters) &&
((Membership.PasswordStrengthRegularExpression.Length == 0) ||
Regex.IsMatch(newPassword, Membership.PasswordStrengthRegularExpression))) {
user.ChangePassword(user.ResetPassword(), newPassword);
} else {
// Tell user new password isn't strong enough
}
#3
14
You need to reset the user's password before changing it, and pass in the generated password to ChangePassword.
您需要在更改用户密码之前重新设置密码,并将生成的密码传递给ChangePassword。
string randompassword = membershipUser.ResetPassword();
membershipUser.ChangePassword(randompassword , userWrapper.Password)
or inline:
或内联:
membershipUser.ChangePassword(membershipUser.ResetPassword(), userWrapper.Password)
#4
4
Try to use SimpleMembershipProvider it's easier:
尝试使用SimpleMembershipProvider它更容易:
var token = WebSecurity.GeneratePasswordResetToken("LoginOfUserToChange");
WebSecurity.ResetPassword(token, "YourNewPassword");
#5
4
Please note, all these mentioned solutions will only work if the RequiresQuestionAndAnswer property is set to false in Membership system configuration. If RequiresQuestionAndAnswer is true then the ResetPassword method needs to be passed the security answer, otherwise it will throw an exception.
请注意,所有这些解决方案只有在成员资格系统配置中将RequiresQuestionAndAnswer属性设置为false时才有效。如果RequiresQuestionAndAnswer为真,则需要传递安全答案ResetPassword方法,否则将抛出异常。
In case you need RequiresQuestionAndAnswer set to true, you can use this workaround
如果您需要将RequiresQuestionAndAnswer设置为true,可以使用这个变通方法
#6
1
Use the password you want to set from textbox in place of 123456.
使用要从文本框中设置的密码来替代123456。
MembershipUser user;
user = Membership.GetUser(userName,false);
user.ChangePassword(user.ResetPassword(),"123456");
#7
1
This code mentioned on posts above is working:
以上所述的上述代码正在工作:
string username = "username";
string password = "newpassword";
MembershipUser mu = Membership.GetUser(username);
mu.ChangePassword(mu.ResetPassword(), password);
But you have to set requiresQuestionAndAnswer="false" in web.config in membership provider tag. If it is true, resetpassword method generate an error "Value can not be null". In this case you must supply question answer as parameter to ResetPassword.
但是你必须在web中设置requiresQuestionAndAnswer="false"。成员资格提供程序标签中的配置。如果为真,resetpassword方法会生成一个错误“值不能为空”。在这种情况下,您必须提供问题答案作为ResetPassword的参数。
#8
0
@Rob Church is right:
@Rob教会是正确的:
The other answers here are correct but can leave the password in an unknown state.
这里的其他答案是正确的,但是可以将密码保留在未知状态。
However, instead of his solution to do the validation by hand, I would try to change the password using the ResetPassword from token method and catch and show the error:
但是,我没有采用他的手工验证方案,而是尝试使用token方法的ResetPassword修改密码,捕获并显示错误:
var user = UserManager.FindByName(User.Identity.Name);
string token = UserManager.GeneratePasswordResetToken(user.Id);
var result = UserManager.ResetPassword(user.Id, token, model.Password);
if (!result.Succeeded){
// show error
}
#1
102
string username = "username";
string password = "newpassword";
MembershipUser mu = Membership.GetUser(username);
mu.ChangePassword(mu.ResetPassword(), password);
#2
21
The other answers here are correct, but can leave the password in an unknown state.
这里的其他答案是正确的,但是可以将密码保持在未知状态。
ChangePassword will throw exceptions if the password doesn't meet the requirements laid out in Web.Config (minimum length, etc.). But it only fails after ResetPassword has been called, so the password will not be known to the original user or to the person who's tried to change it. Check for complexity requirements before changing the password to avoid this:
如果密码不满足Web中列出的要求,ChangePassword将抛出异常。配置(最小长度等)。但只有在ResetPassword被调用后才会失败,因此原始用户或试图修改密码的人不会知道密码。在更改密码之前检查复杂性需求,以避免以下情况:
var user = Membership.GetUser(userName, false);
if ((newPassword.Length >= Membership.MinRequiredPasswordLength) &&
(newPassword.ToCharArray().Count(c => !Char.IsLetterOrDigit(c)) >=
Membership.MinRequiredNonAlphanumericCharacters) &&
((Membership.PasswordStrengthRegularExpression.Length == 0) ||
Regex.IsMatch(newPassword, Membership.PasswordStrengthRegularExpression))) {
user.ChangePassword(user.ResetPassword(), newPassword);
} else {
// Tell user new password isn't strong enough
}
#3
14
You need to reset the user's password before changing it, and pass in the generated password to ChangePassword.
您需要在更改用户密码之前重新设置密码,并将生成的密码传递给ChangePassword。
string randompassword = membershipUser.ResetPassword();
membershipUser.ChangePassword(randompassword , userWrapper.Password)
or inline:
或内联:
membershipUser.ChangePassword(membershipUser.ResetPassword(), userWrapper.Password)
#4
4
Try to use SimpleMembershipProvider it's easier:
尝试使用SimpleMembershipProvider它更容易:
var token = WebSecurity.GeneratePasswordResetToken("LoginOfUserToChange");
WebSecurity.ResetPassword(token, "YourNewPassword");
#5
4
Please note, all these mentioned solutions will only work if the RequiresQuestionAndAnswer property is set to false in Membership system configuration. If RequiresQuestionAndAnswer is true then the ResetPassword method needs to be passed the security answer, otherwise it will throw an exception.
请注意,所有这些解决方案只有在成员资格系统配置中将RequiresQuestionAndAnswer属性设置为false时才有效。如果RequiresQuestionAndAnswer为真,则需要传递安全答案ResetPassword方法,否则将抛出异常。
In case you need RequiresQuestionAndAnswer set to true, you can use this workaround
如果您需要将RequiresQuestionAndAnswer设置为true,可以使用这个变通方法
#6
1
Use the password you want to set from textbox in place of 123456.
使用要从文本框中设置的密码来替代123456。
MembershipUser user;
user = Membership.GetUser(userName,false);
user.ChangePassword(user.ResetPassword(),"123456");
#7
1
This code mentioned on posts above is working:
以上所述的上述代码正在工作:
string username = "username";
string password = "newpassword";
MembershipUser mu = Membership.GetUser(username);
mu.ChangePassword(mu.ResetPassword(), password);
But you have to set requiresQuestionAndAnswer="false" in web.config in membership provider tag. If it is true, resetpassword method generate an error "Value can not be null". In this case you must supply question answer as parameter to ResetPassword.
但是你必须在web中设置requiresQuestionAndAnswer="false"。成员资格提供程序标签中的配置。如果为真,resetpassword方法会生成一个错误“值不能为空”。在这种情况下,您必须提供问题答案作为ResetPassword的参数。
#8
0
@Rob Church is right:
@Rob教会是正确的:
The other answers here are correct but can leave the password in an unknown state.
这里的其他答案是正确的,但是可以将密码保留在未知状态。
However, instead of his solution to do the validation by hand, I would try to change the password using the ResetPassword from token method and catch and show the error:
但是,我没有采用他的手工验证方案,而是尝试使用token方法的ResetPassword修改密码,捕获并显示错误:
var user = UserManager.FindByName(User.Identity.Name);
string token = UserManager.GeneratePasswordResetToken(user.Id);
var result = UserManager.ResetPassword(user.Id, token, model.Password);
if (!result.Succeeded){
// show error
}