Partage via


Membership.GeneratePassword(Int32, Int32) Méthode

Définition

Génère un mot de passe aléatoire de la longueur spécifiée.

public:
 static System::String ^ GeneratePassword(int length, int numberOfNonAlphanumericCharacters);
public static string GeneratePassword (int length, int numberOfNonAlphanumericCharacters);
static member GeneratePassword : int * int -> string
Public Shared Function GeneratePassword (length As Integer, numberOfNonAlphanumericCharacters As Integer) As String

Paramètres

length
Int32

Nombre de caractères dans le mot de passe généré. La longueur doit être comprise entre 1 et 128 caractères.

numberOfNonAlphanumericCharacters
Int32

Le nombre minimal de caractères non-alphanumériques (comme @, #, !, %, &, etc.) dans le mot de passe généré.

Retours

Mot de passe aléatoire de la longueur spécifiée.

Exceptions

length est inférieur à 1 ou supérieur à 128 - ou -

numberOfNonAlphanumericCharacters est inférieur à 0 ou supérieur à length.

Exemples

L’exemple de code suivant crée un utilisateur d’appartenance et utilise la GeneratePassword méthode pour initialiser le mot de passe du nouvel utilisateur sur une valeur aléatoire, qui est affichée pour l’utilisateur.

Important

Cet exemple contient une zone de texte qui accepte l’entrée utilisateur, qui est une menace de sécurité potentielle. Par défaut, les pages web ASP.NET vérifient que l’entrée d’utilisateur n’inclut pas de script ou d’éléments HTML. Pour plus d’informations, consultez Vue d’ensemble des attaques de script.

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

public void CreateUser_OnClick(object sender, EventArgs args)
{
  // Generate a new 12-character password with at least 1 non-alphanumeric character.
  string password = Membership.GeneratePassword(12, 1);

  try
  {
    // Create new user.
    MembershipUser newUser = Membership.CreateUser(UsernameTextbox.Text, password, 
                                                   EmailTextbox.Text);

    Msg.Text = "User <b>" + Server.HtmlEncode(UsernameTextbox.Text) + "</b> created. " +
               "Your temporary password is " + password + ".";
  }
  catch (MembershipCreateUserException e)
  {
    Msg.Text = GetErrorMessage(e.StatusCode);
  }
  catch (HttpException e)
  {
    Msg.Text = e.Message;
  }
}

public string GetErrorMessage(MembershipCreateStatus status)
{
   switch (status)
   {
      case MembershipCreateStatus.DuplicateUserName:
        return "Username already exists. Please enter a different user name.";

      case MembershipCreateStatus.DuplicateEmail:
        return "A username for that email address already exists. Please enter a different email address.";

      case MembershipCreateStatus.InvalidPassword:
        return "The password provided is invalid. Please enter a valid password value.";

      case MembershipCreateStatus.InvalidEmail:
        return "The email address provided is invalid. Please check the value and try again.";

      case MembershipCreateStatus.InvalidAnswer:
        return "The password retrieval answer provided is invalid. Please check the value and try again.";

      case MembershipCreateStatus.InvalidQuestion:
        return "The password retrieval question provided is invalid. Please check the value and try again.";

      case MembershipCreateStatus.ProviderError:
        return "The authentication provider returned an error. Please verify your entry and try again. If the problem persists, please contact your system administrator.";

      case MembershipCreateStatus.UserRejected:
        return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator.";

      default:
        return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator.";
   }
}

</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Create User</title>
</head>
<body>

<form id="form1" runat="server">
  <h3>Create New User</h3>

  <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />

  <table cellpadding="3" border="0">
    <tr>
      <td>Username:</td>
      <td><asp:Textbox id="UsernameTextbox" runat="server" /></td>
      <td><asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
                                      ControlToValidate="UserNameTextbox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" /></td>
    </tr>

    <tr>
      <td>Email Address:</td>
      <td><asp:Textbox id="EmailTextbox" runat="server" /></td>
      <td><asp:RequiredFieldValidator id="EmailRequiredValidator" runat="server"
                                      ControlToValidate="EmailTextbox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" /></td>
    </tr>

    <tr>
      <td></td>
      <td><asp:Button id="CreateUserButton" Text="Create User" OnClick="CreateUser_OnClick" runat="server" /></td>
    </tr>
  </table>
</form>

</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

Public Sub CreateUser_OnClick(sender As Object, args As EventArgs)
  ' Generate a new 12-character password with at least 1 non-alphanumeric character.
  Dim password As String = Membership.GeneratePassword(12, 1)

  Try
    ' Create new user.
    Dim newUser As MembershipUser = Membership.CreateUser(UsernameTextbox.Text, password, _
                                                          EmailTextbox.Text)

    Msg.Text = "User <b>" & Server.HtmlEncode(UsernameTextbox.Text) & "</b> created. " & _
               "Your temporary password is " & password & "."
  
  Catch e As MembershipCreateUserException
    Msg.Text = GetErrorMessage(e.StatusCode)
  Catch e As HttpException
    Msg.Text = e.Message
  End Try
End Sub

Public Function GetErrorMessage(status As MembershipCreateStatus) As String

   Select Case status
      Case MembershipCreateStatus.DuplicateUserName
        Return "Username already exists. Please enter a different user name."

      Case MembershipCreateStatus.DuplicateEmail
        Return "A username for that email address already exists. Please enter a different email address."

      Case MembershipCreateStatus.InvalidPassword
        Return "The password provided is invalid. Please enter a valid password value."

      Case MembershipCreateStatus.InvalidEmail
        Return "The email address provided is invalid. Please check the value and try again."

      Case MembershipCreateStatus.InvalidAnswer
        Return "The password retrieval answer provided is invalid. Please check the value and try again."

      Case MembershipCreateStatus.InvalidQuestion
        Return "The password retrieval question provided is invalid. Please check the value and try again."

      Case MembershipCreateStatus.ProviderError
        Return "The authentication provider Returned an error. Please verify your entry and try again. If the problem persists, please contact your system administrator."

      Case MembershipCreateStatus.UserRejected
        Return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator."

      Case Else
        Return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator."
   End Select
End Function

</script>

<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Create User</title>
</head>
<body>

<form id="form1" runat="server">
  <h3>Create New User</h3>

  <asp:Label id="Msg" ForeColor="maroon" runat="server" /><br />

  <table cellpadding="3" border="0">
    <tr>
      <td>Username:</td>
      <td><asp:Textbox id="UsernameTextbox" runat="server" /></td>
      <td><asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
                                      ControlToValidate="UserNameTextbox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" /></td>
    </tr>

    <tr>
      <td>Email Address:</td>
      <td><asp:Textbox id="EmailTextbox" runat="server" /></td>
      <td><asp:RequiredFieldValidator id="EmailRequiredValidator" runat="server"
                                      ControlToValidate="EmailTextbox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" /></td>
    </tr>

    <tr>
      <td></td>
      <td><asp:Button id="CreateUserButton" Text="Create User" OnClick="CreateUser_OnClick" runat="server" /></td>
    </tr>
  </table>
</form>

</body>
</html>

Remarques

La GeneratePassword méthode est utilisée pour générer un mot de passe aléatoire et est généralement utilisée par la ResetPassword méthode implémentée par un fournisseur d’appartenances pour réinitialiser le mot de passe d’un utilisateur à un nouveau mot de passe temporaire.

Le mot de passe généré contient uniquement des caractères alphanumériques et les signes de ponctuation suivants : !@#$%^&*()_-+=[{]};:<>|./?. Aucun caractère de contrôle masqué ou non imprimable n’est inclus dans le mot de passe généré.

Notes

Il n’est pas garanti que le mot de passe aléatoire créé par la GeneratePassword méthode passe l’expression régulière dans la PasswordStrengthRegularExpression propriété . Toutefois, le mot de passe aléatoire répond aux critères établis par la MinRequiredPasswordLength propriété et le numberOfNonAlphanumericCharacters paramètre .

S’applique à

Voir aussi