SqlMembershipProvider.ResetPassword(String, String) 方法
定义
重要
一些信息与预发行产品相关,相应产品在发行之前可能会进行重大修改。 对于此处提供的信息,Microsoft 不作任何明示或暗示的担保。
将用户的密码重置为新的自动生成的密码。
public:
override System::String ^ ResetPassword(System::String ^ username, System::String ^ passwordAnswer);public override string ResetPassword(string username, string passwordAnswer);override this.ResetPassword : string * string -> stringPublic Overrides Function ResetPassword (username As String, passwordAnswer As String) As String参数
- username
- String
要为其重置密码的用户。
- passwordAnswer
- String
指定用户的密码答案。
返回
指定用户的新密码。
例外
将 EnablePasswordReset 设置为 false。
username 在成员身份数据库中找不到。
-或-
更改密码操作已由事件订阅者 ValidatingPassword 取消, FailureInformation 并且属性为 null。
-或-
从数据库检索密码时出错。
username 为空字符串(“”),包含逗号或长度超过 256 个字符。
-或-
passwordAnswer 是空字符串,或长度超过 128 个字符,并且 RequiresQuestionAndAnswer 是 true。
-或-
passwordAnswer 编码后长度超过 128 个字符。
发生未经处理的异常。
示例
下面的代码示例重置用户的密码并返回新的自动生成的密码。
注释
此示例使用 Membership 类调用 SqlMembershipProvider 指定为 defaultProvider Web.config 文件中的指定项。 如果需要以类型 SqlMembershipProvider的形式访问默认提供程序,则可以强制转换 Provider 类的属性 Membership 。 若要以特定提供程序类型的形式访问其他配置的提供程序,可以使用其配置的名称访问它们,ProvidersMembership并将它们强制转换为特定的提供程序类型。
<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
public void Page_Load(object sender, EventArgs args)
{
if (!Membership.EnablePasswordReset)
{
FormsAuthentication.RedirectToLoginPage();
}
Msg.Text = "";
if (!IsPostBack)
{
Msg.Text = "Please enter a user name.";
}
else
{
VerifyUsername();
}
}
public void VerifyUsername()
{
MembershipUser user = Membership.GetUser(UsernameTextBox.Text, false);
if (user == null)
{
Msg.Text = "The user name " + Server.HtmlEncode(UsernameTextBox.Text) + " was not found. Please check the value and reenter your user name.";
QuestionLabel.Text = "";
QuestionLabel.Enabled = false;
AnswerTextBox.Enabled = false;
ResetPasswordButton.Enabled = false;
}
else
{
QuestionLabel.Text = user.PasswordQuestion;
QuestionLabel.Enabled = true;
AnswerTextBox.Enabled = true;
ResetPasswordButton.Enabled = true;
}
}
public void ResetPassword_OnClick(object sender, EventArgs args)
{
string newPassword = "";
try
{
newPassword = Membership.Provider.ResetPassword(UsernameTextBox.Text, AnswerTextBox.Text);
}
catch (NotSupportedException e)
{
Msg.Text = "An error has occurred resetting your password: " + e.Message + "." +
"Please check your values and try again.";
}
catch (MembershipPasswordException e)
{
Msg.Text = "Invalid password answer. Please reenter the answer and try again.";
return;
}
catch (System.Configuration.Provider.ProviderException e)
{
Msg.Text = "The specified user name does not exist. Please check your value and try again.";
}
if (newPassword != "")
{
Msg.Text = "Password reset. Your new password is: " + Server.HtmlEncode(newPassword);
}
else
{
Msg.Text = "Password reset failed. Please reenter your values and try again.";
}
}
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: Reset Password</title>
</head>
<body>
<form id="form1" runat="server">
<h3>Reset Password</h3>
<asp:Label id="Msg" runat="server" ForeColor="maroon" /><br />
Username: <asp:Textbox id="UsernameTextBox" Columns="30" runat="server" AutoPostBack="true" />
<asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
ControlToValidate="UsernameTextBox" ForeColor="red"
Display="Static" ErrorMessage="Required" /><br />
Password Question: <b><asp:Label id="QuestionLabel" runat="server" /></b><br />
Answer: <asp:TextBox id="AnswerTextBox" Columns="60" runat="server" Enabled="false" />
<asp:RequiredFieldValidator id="AnswerRequiredValidator" runat="server"
ControlToValidate="AnswerTextBox" ForeColor="red"
Display="Static" ErrorMessage="Required" Enabled="false" /><br />
<asp:Button id="ResetPasswordButton" Text="Reset Password"
OnClick="ResetPassword_OnClick" runat="server" Enabled="false" />
</form>
</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">
Public Sub Page_Load(sender As Object, args As EventArgs)
If Not Membership.EnablePasswordReset Then
FormsAuthentication.RedirectToLoginPage()
End If
Msg.Text = ""
If Not IsPostBack Then
Msg.Text = "Please enter a user name."
Else
VerifyUsername()
End If
End Sub
Public Sub VerifyUsername()
Dim user As MembershipUser = Membership.GetUser(UsernameTextBox.Text, False)
If user Is Nothing Then
Msg.Text = "The user name " & Server.HtmlEncode(UsernameTextBox.Text) & " was not found. Please check the value and reenter your user name."
QuestionLabel.Text = ""
QuestionLabel.Enabled = False
AnswerTextBox.Enabled = False
ResetPasswordButton.Enabled = False
Else
QuestionLabel.Text = user.PasswordQuestion
QuestionLabel.Enabled = True
AnswerTextBox.Enabled = True
ResetPasswordButton.Enabled = True
End If
End Sub
Public Sub ResetPassword_OnClick(sender As Object, args As EventArgs)
Dim newPassword As String = ""
Try
newPassword = Membership.Provider.ResetPassword(UsernameTextBox.Text, AnswerTextBox.Text)
Catch e As NotSupportedException
Msg.Text = "An error has occurred resetting your password: " & e.Message & "." & _
"Please check your values and try again."
Catch e As MembershipPasswordException
Msg.Text = "Invalid password answer. Please reenter the answer and try again."
Return
Catch e As System.Configuration.Provider.ProviderException
Msg.Text = "The specified user name does not exist. Please check your value and try again."
End Try
If newPassword <> "" Then
Msg.Text = "Password reset. Your new password is: " & Server.HtmlEncode(newPassword)
Else
Msg.Text = "Password reset failed. Please reenter your values and try again."
End If
End Sub
</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: Reset Password</title>
</head>
<body>
<form id="form1" runat="server">
<h3>Reset Password</h3>
<asp:Label id="Msg" runat="server" ForeColor="maroon" /><br />
Username: <asp:Textbox id="UsernameTextBox" Columns="30" runat="server" AutoPostBack="True" />
<asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
ControlToValidate="UsernameTextBox" ForeColor="red"
Display="Static" ErrorMessage="Required" /><br />
Password Question: <b><asp:Label id="QuestionLabel" runat="server" /></b><br />
Answer: <asp:TextBox id="AnswerTextBox" Columns="60" runat="server" Enabled="False" />
<asp:RequiredFieldValidator id="AnswerRequiredValidator" runat="server"
ControlToValidate="AnswerTextBox" ForeColor="red"
Display="Static" ErrorMessage="Required" Enabled="False" /><br />
<asp:Button id="ResetPasswordButton" Text="Reset Password"
OnClick="ResetPassword_OnClick" runat="server" Enabled="False" />
</form>
</body>
</html>
注解
类调用 Membership 此方法,将 ASP.NET 应用程序配置文件(Web.config)中指定的 SQL Server 数据库中用户的密码重置为新的随机生成的值。 将返回新密码。
注释
不保证该方法创建的 ResetPassword 随机密码在属性中 PasswordStrengthRegularExpression 传递正则表达式。 但是,随机密码将满足由 MinRequiredPasswordLength 属性 MinRequiredNonAlphanumericCharacters 建立的条件。
当ResetPassword属性设置为 Hashed..PasswordFormat 如果用户忘记了哈希密码,则无法检索密码。 但是,如果用户提供正确的密码答案,提供程序可以将密码重置为新的自动生成的密码。
如果向 ResetPassword 该方法提供不正确的密码答案,跟踪无效密码尝试的内部计数器将递增一个。 这可能会导致用户被锁定,在调用 UnlockUser 方法清除锁定状态之前无法登录。 如果提供了正确的密码答案,并且用户当前未锁定,则跟踪无效密码应答尝试的内部计数器将重置为零。 有关详细信息,请参阅和MaxInvalidPasswordAttemptsPasswordAttemptWindow属性。
可以通过首先从Provider类的属性获取对SqlMembershipProvider实例的Membership引用来直接调用ResetPassword该方法。 生成的密码长度至少为 14 个字符,或属性中指定的 MinRequiredPasswordLength 长度,并且将包含属性中指定的 MinRequiredNonAlphanumericCharacters 非字母数字字符数。 如果指定了正则表达式,则无法保证密码传递属性中包含的 PasswordStrengthRegularExpression 正则表达式。
从所有参数值中剪裁前导空格和尾随空格。
