[英]asp.net membership: how to check if password answer is correct when password hashed
I want to reset user's password only if question and answer that user provided is true.I use resetpassword method with passwordanswer parameter. 我只想在用户提供的问题和答案为真时重置用户密码。我将resetpassword方法与passwordanswer参数一起使用。 but still password reset always however password answer isn't corrct.
但是仍然总是会重设密码,但是密码答案却不正确。 :(
:(
how can I reset only if user provided correct question and answer? 仅当用户提供正确的问题和答案时,如何才能重置? here is my code:
这是我的代码:
try
{
MembershipUser user = Membership.GetUser(Membership.GetUserNameByEmail(txtEmail.Text));
if (user != null)
{
if (user.PasswordQuestion == ddlSecurityQuestion.SelectedIndex.ToString())
{
user.ChangePassword(user.ResetPassword(txtSecurityQuestionAnswer.Text), txtNewPassword.Text);
lblError.Text = Resources.Titles.DearUser + user.UserName + Resources.Messages.PasswordRecoveryDone;
}
else
{
lblError.Text = Resources.Messages.QuestionAnswerIsInvalid;
return;
}
}
else
{
lblError.Text = Resources.Messages.EmailIsInvalid;
return;
}
}
catch
{
lblError.Text = Resources.Messages.QuestionAnswerIsInvalid;
throw;
}
but always reset. 但总是重置。 I don't know how to check password answer when my password hashed and I can't get password.
当我的密码被散列并且无法获取密码时,我不知道如何检查密码答案。
I found What's wrong with my reset method. 我发现我的重置方法出了什么问题。 I set requiresQuestionAndAnswer to false in web.config.
我在web.config中将requireQuestionAndAnswer设置为false。 when this option set to false, reset method using PasswordAnswer working however Supplied answer was wrong.
当此选项设置为false时,使用PasswordAnswer重置方法有效,但是提供的答案错误。 When I change requiresQuestionAndAnswer to true, with wrong answer this method throw an exception.
当我将requireQuestionAndAnswer更改为true时,如果答案错误,则此方法将引发异常。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.