SqlMembershipProvider.ResetPassword(String, String) 方法

定义

将用户密码重置为自动生成的新密码。

public:
 override System::String ^ ResetPassword(System::String ^ username, System::String ^ passwordAnswer);
public override string ResetPassword (string username, string passwordAnswer);
override this.ResetPassword : string * string -> string
Public Overrides Function ResetPassword (username As String, passwordAnswer As String) As String

参数

username
String

要为其重置密码的用户。

passwordAnswer
String

指定的用户的密码提示问题答案。

返回

指定的用户的新密码。

例外

passwordAnswer 无效。

- 或 -

当前锁定了用户帐户。

在成员资格数据库中找不到 username

- 或 -

ValidatingPassword 事件的订户取消对更改密码操作,且 FailureInformation 属性为 null

- 或 -

从数据库中检索密码时出现错误。

username 为空字符串 ("")、包含一个逗号或长度超过 256 个字符。

- 或 -

passwordAnswer 为空字符串,或者其长度超过 128 个字符,且 RequiresQuestionAndAnswertrue

- 或 -

编码后 passwordAnswer 的长度超过 128 个字符。

usernamenull

- 或 -

passwordAnswernull,而 RequiresQuestionAndAnswertrue

发生了未经处理的异常。

示例

下面的代码示例重置用户的密码,并返回自动生成的新密码。

注意

此示例使用 Membership 类调用 SqlMembershipProvider 指定为 defaultProvider Web.config 文件中的 。 如果需要以 类型 SqlMembershipProvider的形式访问默认提供程序,则可以强制转换 Provider 类的 Membership 属性。 若要以特定提供程序类型的形式访问其他配置的提供程序,可以使用 类的 Membership 属性按其配置的名称Providers对其进行访问,并将其强制转换为特定提供程序类型。

<%@ Page Language="C#" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

public void Page_Load(object sender, EventArgs args)
{
  if (!Membership.EnablePasswordReset)
  {
    FormsAuthentication.RedirectToLoginPage();
  }

  Msg.Text = "";

  if (!IsPostBack)
  {
    Msg.Text = "Please enter a user name.";
  }
  else
  {
    VerifyUsername();
  }
}


public void VerifyUsername()
{
    MembershipUser user = Membership.GetUser(UsernameTextBox.Text, false);

    if (user == null)
    {
      Msg.Text = "The user name " + Server.HtmlEncode(UsernameTextBox.Text) + " was not found. Please check the value and reenter your user name.";

      QuestionLabel.Text = "";
      QuestionLabel.Enabled = false;
      AnswerTextBox.Enabled = false;
      ResetPasswordButton.Enabled = false;
    }
    else
    {
      QuestionLabel.Text = user.PasswordQuestion;
      QuestionLabel.Enabled = true;
      AnswerTextBox.Enabled = true;
      ResetPasswordButton.Enabled = true;
    }
}

public void ResetPassword_OnClick(object sender, EventArgs args)
{
  string newPassword = "";

  try
  {
    newPassword = Membership.Provider.ResetPassword(UsernameTextBox.Text, AnswerTextBox.Text);
  }
  catch (NotSupportedException e)
  {
    Msg.Text = "An error has occurred resetting your password: " + e.Message + "." +
               "Please check your values and try again.";
  }
  catch (MembershipPasswordException e)
  {
    Msg.Text = "Invalid password answer. Please reenter the answer and try again.";
    return;
  }
  catch (System.Configuration.Provider.ProviderException e)
  {
    Msg.Text = "The specified user name does not exist. Please check your value and try again.";
  }

  if (newPassword != "")
  {
    Msg.Text = "Password reset. Your new password is: " + Server.HtmlEncode(newPassword);
  }
  else
  {
    Msg.Text = "Password reset failed. Please reenter your values and try again.";
  }
}


</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: Reset Password</title>
</head>
<body>

<form id="form1" runat="server">
  <h3>Reset Password</h3>

  <asp:Label id="Msg" runat="server" ForeColor="maroon" /><br />

  Username: <asp:Textbox id="UsernameTextBox" Columns="30" runat="server" AutoPostBack="true" />
            <asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
                                        ControlToValidate="UsernameTextBox" ForeColor="red"
                                        Display="Static" ErrorMessage="Required" /><br />

  Password Question: <b><asp:Label id="QuestionLabel" runat="server" /></b><br />

  Answer: <asp:TextBox id="AnswerTextBox" Columns="60" runat="server" Enabled="false" />
          <asp:RequiredFieldValidator id="AnswerRequiredValidator" runat="server"
                                      ControlToValidate="AnswerTextBox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" Enabled="false" /><br />

  <asp:Button id="ResetPasswordButton" Text="Reset Password" 
              OnClick="ResetPassword_OnClick" runat="server" Enabled="false" />

</form>

</body>
</html>
<%@ Page Language="VB" %>
<%@ Import Namespace="System.Web.Security" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script runat="server">

Public Sub Page_Load(sender As Object, args As EventArgs)

  If Not Membership.EnablePasswordReset Then
    FormsAuthentication.RedirectToLoginPage()
  End If

  Msg.Text = ""

  If Not IsPostBack Then
    Msg.Text = "Please enter a user name."
  Else
    VerifyUsername()
  End If

End Sub


Public Sub VerifyUsername()

    Dim user As MembershipUser = Membership.GetUser(UsernameTextBox.Text, False)

    If user Is Nothing Then
      Msg.Text = "The user name " & Server.HtmlEncode(UsernameTextBox.Text) & " was not found. Please check the value and reenter your user name."

      QuestionLabel.Text = ""
      QuestionLabel.Enabled = False
      AnswerTextBox.Enabled = False
      ResetPasswordButton.Enabled = False
    Else
      QuestionLabel.Text = user.PasswordQuestion
      QuestionLabel.Enabled = True
      AnswerTextBox.Enabled = True
      ResetPasswordButton.Enabled = True
    End If

End Sub


Public Sub ResetPassword_OnClick(sender As Object, args As EventArgs)

  Dim newPassword As String = ""

  Try
    newPassword = Membership.Provider.ResetPassword(UsernameTextBox.Text, AnswerTextBox.Text)
  Catch e As NotSupportedException
    Msg.Text = "An error has occurred resetting your password: " & e.Message & "." & _
               "Please check your values and try again."
  Catch e As MembershipPasswordException
    Msg.Text = "Invalid password answer. Please reenter the answer and try again."
    Return
  Catch e As System.Configuration.Provider.ProviderException
    Msg.Text = "The specified user name does not exist. Please check your value and try again."
  End Try

  If newPassword <> "" Then
    Msg.Text = "Password reset. Your new password is: " & Server.HtmlEncode(newPassword)
  Else
    Msg.Text = "Password reset failed. Please reenter your values and try again."
  End If

End Sub


</script>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<title>Sample: Reset Password</title>
</head>
<body>

<form id="form1" runat="server">
  <h3>Reset Password</h3>

  <asp:Label id="Msg" runat="server" ForeColor="maroon" /><br />

  Username: <asp:Textbox id="UsernameTextBox" Columns="30" runat="server" AutoPostBack="True" />
            <asp:RequiredFieldValidator id="UsernameRequiredValidator" runat="server"
                                        ControlToValidate="UsernameTextBox" ForeColor="red"
                                        Display="Static" ErrorMessage="Required" /><br />

  Password Question: <b><asp:Label id="QuestionLabel" runat="server" /></b><br />

  Answer: <asp:TextBox id="AnswerTextBox" Columns="60" runat="server" Enabled="False" />
          <asp:RequiredFieldValidator id="AnswerRequiredValidator" runat="server"
                                      ControlToValidate="AnswerTextBox" ForeColor="red"
                                      Display="Static" ErrorMessage="Required" Enabled="False" /><br />

  <asp:Button id="ResetPasswordButton" Text="Reset Password" 
              OnClick="ResetPassword_OnClick" runat="server" Enabled="False" />

</form>

</body>
</html>

注解

类调用 Membership 此方法,以将 ASP.NET 应用程序的配置文件中指定的 SQL Server 数据库中的用户的密码重置为随机生成的新值 (Web.config) 。 将返回新密码。

注意

方法创建的 ResetPassword 随机密码不保证在 属性中 PasswordStrengthRegularExpression 传递正则表达式。 但是,随机密码将满足 和 MinRequiredNonAlphanumericCharacters 属性建立MinRequiredPasswordLength的条件。

ResetPassword 属性设置为 Hashed时,PasswordFormat最常使用 方法。 如果用户忘记了经过哈希处理的密码,则无法检索该密码。 但是,如果用户提供正确的密码答案,提供程序可以将密码重置为自动生成的新密码。

如果向 ResetPassword 方法提供了错误的密码答案,则跟踪无效密码尝试的内部计数器将递增 1。 这可能会导致用户被锁定,并且无法登录,直到调用 UnlockUser 方法清除锁定状态。 如果提供了正确的密码答案,并且用户当前未锁定,则跟踪无效密码答案尝试的内部计数器将重置为零。 有关详细信息,请参阅 MaxInvalidPasswordAttemptsPasswordAttemptWindow 属性。

可以通过首先从 Provider 类的 属性获取对 SqlMembershipProvider 实例的Membership引用来直接调用 ResetPassword 方法。 生成的密码长度至少为 14 个字符,或属性中指定的 MinRequiredPasswordLength 长度,并且将包含 属性中指定的 MinRequiredNonAlphanumericCharacters 非字母数字字符数。 如果指定了正则表达式,则不保证密码会传递 属性中包含的 PasswordStrengthRegularExpression 正则表达式。

从所有参数值中剪裁前导空格和尾随空格。

适用于

另请参阅