Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • MC 19 posts 89 karma points
    Mar 04, 2014 @ 02:36
    MC
    0

    Needed help change password not hased

    Hello, 

       I am having a problem changing password, when Admin user login and forget password the remide me link will appared on the screen , when user click on remind me the we redirect user to forget password, on the forget password user need to type their LoginName and email adress to reset their password and sent new email to user email address, when user login with new password, they will prompt to change password again. i got a problem when i reset the password and save to the database, the password hased its just save as plian text

    on my webconfig we set PasswordFormat = "hased" anablePasswordRetrieval ="false" 

    here is the code 

    [HTTPPost]
    [ValidateAntiForgeryToken]
    public ActionResult HandleAdminForgottenPassword(ForgottenPasswordViewModel model)
            {
                if (!ModelState.IsValid)
                {
                    return PartialView("ForgottenPassword", model);
                }
                         
                var user = Membership.Providers["UsersMembershipProvider"].GetUser(model.LoginName, false);
                if (user!=null)
                {
                    var userId = Convert.ToInt32(user.ProviderUserKey);
                    UmbracoContext.Security.PerformLogin(userId);               
                    var currentUser = umbraco.helper.GetCurrentUmbracoUser();
                    DateTime expiryTime = DateTime.Now.AddMinutes(15);
                      // generate new password 
                    string newPassword = "Outdoorfun" + RandomNumber();                 
             
                // save new password  example Ourdoorfun61
                    currentUser.ChangePassword(newPassword,);
                   /member.Save();             
                    //Send user an email to reset password with GUID in it
                    EmailHelper email = new EmailHelper();
                    email.AdminSendResetPasswordEmail(user.Email, expiryTime.ToString("ddMMyyyyHHmmssFFFF"),newPassword);
                }
                        
                return PartialView("AdminForgottenPassword", model);
            }
    Thank you in advance 
    MC.
Please Sign in or register to post replies

Write your reply to:

Draft