asp.net-mvc – 在哪里可以找到C#示例代码来实现ASP.NET MVC2中的密码恢复

如何在MVC2应用程序中实现密码重置？

使用ASP .NET成员资格提供程序对密码进行散列.未使用密码恢复问题.使用标准ASP.NET MVC2项目模板与标准的AccountController类.

如果用户原谅密码,具有临时链接或新密码的电子邮件应发送给用户的电子邮件地址.

在哪里可以找到在MVC 2 C#中实现的代码？

堆栈溢出包含两个答案,讨论有关实现此方法的方法.没有示例代码.
我googled为“asp .net mvc密码重置c#示例代码下载”,但没有找到示例代码为此.

我是MVC的新手.在哪里可以找到密码恢复的示例代码？这从VS2010生成的项目模板中缺少.

更新

我在Mono 2.10中尝试过这个代码,但是有例外：

Mono不支持CspParameters

在线

des.Key = pdb.CryptDeriveKey("RC2","MD5",128,new byte[8]);

如何运行在Mono？

堆栈跟踪：

System.NotSupportedException: CspParameters not supported by Mono
at System.Security.Cryptography.PasswordDeriveBytes.CryptDeriveKey (string,string,int,byte[]) [0x0001b] in /usr/src/redhat/BUILD/mono-2.10.2/mcs/class/corlib/System.Security.Cryptography/PasswordDeriveBytes.cs:197
at store2.Helpers.Password.EncodeMessageWithPassword (string,string) <IL 0x00055,0x000f3>
at store2.Helpers.AccountHelper.GetTokenForValidation (string) <IL 0x00033,0x00089>
at MvcMusicStore.Controllers.AccountController.PasswordReminder (MvcMusicStore.Models.PasswordReminderModel) <IL 0x001ac,0x00495>
at (wrapper dynamic-method) System.Runtime.CompilerServices.ExecutionScope.lambda_method (System.Runtime.CompilerServices.ExecutionScope,System.Web.Mvc.ControllerBase,object[]) <IL 0x00020,0x0005b>
at System.Web.Mvc.ActionMethodDispatcher.Execute (System.Web.Mvc.ControllerBase,object[]) <IL 0x00008,0x0001b>
at System.Web.Mvc.ReflectedActionDescriptor.Execute (System.Web.Mvc.ControllerContext,System.Collections.Generic.IDictionary`2<string,object>) <IL 0x00072,0x00103>
at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod (System.Web.Mvc.ControllerContext,System.Web.Mvc.ActionDescriptor,object>) <IL 0x00003,0x00019>
at System.Web.Mvc.ControllerActionInvoker/<>c__DisplayClassd.<InvokeActionMethodWithFilters>b__a () <IL 0x0002d,0x00068>
at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethodFilter (System.Web.Mvc.IActionFilter,System.Web.Mvc.ActionExecutingContext,System.Func`1<System.Web.Mvc.ActionExecutedContext>) <IL 0x00031,0x000b6>


--------------------------------------------------------------------------------
Version information: Mono Runtime Version: 2.10.2 (tarball Mon Apr 18 18:57:39 UTC 2011); ASP.NET Version: 2.0.50727.1433

解决方法

[HttpGet]
    public ActionResult RetrievePassword()
    {
        return View();
    }

    [HttpPost]
    public ActionResult RetrievePassword(PasswordRetrievalModel model)
    {
        if (ModelState.IsValid)
        {
            string username = Membership.GetUserNameByEmail(model.Email);

            if (!String.IsNullOrEmpty(username))
            {
                // This is a helper function that sends an email with a token (an MD5).
                NotificationsHelper.SendPasswordRetrieval(model.Email,this.ControllerContext);
            }
            else
            {
                Trace.WriteLine(String.Format("*** WARNING:  A user tried to retrieve their password but the email address used '{0}' does not exist in the database.",model.Email));
             }


            return RedirectToAction("Index","Home");
        }

        return View(model);
    }

电子邮件将发送一个重定向到http://example.com/Account/Validate?email=xxxxxxxx&token=xxxxxxxx的网址

如果令牌对电子邮件有效,您可能会显示密码重置表单,以便选择新密码.

所以你需要一个验证操作：

[HttpGet]
    [CompressFilter]
    public ActionResult Validate(string email,string token)
    {
        bool isValid = false;

        if (AccountHelper.IsTokenValid(token,email))
        {
            string username = Membership.GetUserNameByEmail(email);
            if (!String.IsNullOrEmpty(username))
            {
                // Get the user and approve it.
                MembershipUser user = Membership.GetUser(username);
                user.IsApproved = true;
                Membership.UpdateUser(user);

                isValid = true;

                // Since it was a successful validation,authenticate the user.
                FormsAuthentication.SetAuthCookie(username,false);
            }
            else
            {
                isValid = false;
            }
        }

        return View(isValid);
    }

以下是您在此代码中看到的一些助手：

帐户助手

/// <summary>
    /// Gets the token for invitation.
    /// </summary>
    /// <param name="email">The email.</param>
    /// <returns></returns>
    public static string GetTokenForInvitation(string email)
    {
        if (String.IsNullOrEmpty(email))
            throw new ArgumentException("The email cannot be null");

        string token = Password.EncodeMessageWithPassword(String.Format("{0}#{1}",email,DateTime.Now),SEED);

        return token;
    }


    /// <summary>
    /// Gets the email from token.
    /// </summary>
    /// <param name="token">The token.</param>
    /// <param name="email">The email.</param>
    /// <returns></returns>
    public static bool GetEmailFromToken(string token,out string email)
    {
        email = String.Empty;


        string message = Password.DecodeMessageWithPassword(token,SEED);
        string[] messageParts = message.Split('#');

        if (messageParts.Count() != 2)
        {
            return false;
            // the token was not generated correctly.
        }
        else
        {
            email = messageParts[0];
            return true;
        }
    }



    /// <summary>
    /// Helper function used to generate a token to be used in the message sent to users when registered the first time to confirm their email address.
    /// </summary>
    /// <param name="email">The email address to encode.</param>
    /// <returns>The token generated from the email address,timestamp,and SEED value.</returns>
    public static string GetTokenForValidation(string email)
    {
        if (String.IsNullOrEmpty(email))
            throw new ArgumentException("The email cannot be null");

        string token = Password.EncodeMessageWithPassword(String.Format("{0}#{1}",SEED);

        return token;
    }


    /// <summary>
    /// Validates whether a given token is valid for a determined email address.
    /// </summary>
    /// <param name="token">The token to validate.</param>
    /// <param name="email">The email address to use in the validation.</param>
    /// <returns><c>true</c> if the token is valid,<c>false</c> otherwise.</returns>
    public static bool IsTokenValid(string token,string email)
    {
        return IsTokenValid(token,DateTime.Now);
    }


    /// <summary>
    /// Core method to validate a token that also offers a timestamp for testing.  In production mode should always be DateTime.Now.
    /// </summary>
    /// <param name="token">The token to validate.</param>
    /// <param name="email">the email address to use in the validation.</param>
    /// <param name="timestamp">The timestamp representing the time in which the validation is performed.</param>
    /// <returns><c>true</c> if the token is valid,string email,DateTime timestamp)
    {
        if (String.IsNullOrEmpty(token))
            throw new ArgumentException("The token cannot be null");

        try
        {
            string message = Password.DecodeMessageWithPassword(token,SEED);
            string[] messageParts = message.Split('#');

            if (messageParts.Count() != 2)
            {
                return false;
                // the token was not generated correctly.
            }
            else
            {
                string messageEmail = messageParts[0];
                string messageDate = messageParts[1];

                // If the emails are the same and the date in which the token was created is no longer than 5 days,then it is valid. Otherwise,it is not. 
                return (String.Compare(email,messageEmail,true) == 0 && timestamp.Subtract(DateTime.Parse(messageDate)).Days < 5);
            }
        }
        catch (Exception)
        {
            // could not decrypt the message. The token has been tampered with.
            return false;
        }
    }

最后这里有一些加密代码,一个令牌,

我有一个密码类,这是一个帮助者.

///编辑：
删除了之前引用的两个函数,并显示完整的helper类.

（编辑：安卓应用网）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!