堆栈内存溢出
  简体   繁体   English

asp.net mvc 3由管理员重置密码并强制用户更改它

[英]asp.net mvc 3 reset password by admin and force user to change it

 原文  2012-10-06 23:15:17       asp.net/ asp.net-mvc-3/ asp.net-membership/ password-recovery

问题描述

I'm using asp.net Membership, I develop an admin page who can regenerate a temp password to send to the user, then when the user log on for first time, the password must be changed, but I cant figure out who to know if the password was reseted. 我使用的是asp.net成员身份,我开发了一个管理页面,该页面可以重新生成临时密码发送给用户,然后在用户首次登录时必须更改密码,但是我无法弄清楚该知道谁如果密码已重置。

I tried something like in a base controller: 我在基本控制器中尝试过类似的方法: 

if (user.LastPasswordChangedDate >= user.LastLoginDate)
{
    filterContext.Result = RedirectToAction("ChangePassword", "Account");
}

But, I already have updated the LastLoginDate because the ChangePassword Action need to be with a autenticated user. 但是,我已经更新了LastLoginDate,因为ChangePassword Action必须与一个忠实的用户一起使用。

I was thinking when reseting the password to lock/unlock the user to get updated the "LastLockoutDate" and do: 我在想重置密码以锁定/解锁用户以更新“ LastLockoutDate”并执行以下操作时: 

if (user.LastPasswordChangedDate >= user.LastLockoutDate)
{
    filterContext.Result = RedirectToAction("ChangePassword", "Account");
}

But, I can't find a method to do manual lockout 但是,我找不到手动锁定的方法

Thanks!!! 谢谢!!!

1 个解决方案

解决方案1
 1 已采纳  2012-10-07 00:28:52

There's a lot of things you could do, some would depend on how your system works. 您可以做很多事情,其中​​有些取决于系统的工作方式。 For instance, you could store a specific piece of data in the Comment field, if you're not using comments. 例如,如果您不使用注释,则可以在“注释”字段中存储特定的数据。

Or, if you don't use the "Approved" bit (that is, when you create new users you do not require them to validate an email or something, but instead create them with IsApproved set to true) then you can set IsApproved to False and force a password change if it's false. 或者,如果您不使用“已批准”位(也就是说,当您创建新用户时,您不需要他们验证电子邮件或其他内容,而是将IsApproved设置为true来创建它们),则可以将IsApproved设置为设置为False,如果设置为false,则强制更改密码。

There is no method to access much of this data in the Membership API, you just have to access it from you database. 在Membership API中无法访问许多此类数据,您只需要从数据库访问即可。

You could also store this in the Personalization provider. 您也可以将其存储在个性化提供程序中。

Another option is to simply avoid storing this in the Membership database, and instead just add a table or a field in your apps data to deal with this. 另一个选择是简单地避免将其存储在Membership数据库中,而只是在应用程序数据中添加表或字段来处理此问题。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在ASP.NET MVC中重置密码 - Reset Password in ASP.NET MVC 处理ASP.NET 5 MVC 6中的密码更改 - Handling password change in ASP.NET 5 MVC 6 如何在MVC中的asp.net成员身份提供程序中重置和更改哈希密码 - how to reset & change the hash password in asp.net membership provider in MVC ASP.NET 如何在重置/更改密码时注销用户所有会话 - ASP.NET how to logout user all session when password is reset/change 如何在ASP.NET MVC中生成令牌以重置密码 - How to generate token to reset password in ASP.NET MVC ASP.NET Identity 仅更改密码 admin 并删除没有电子邮件的用户 - ASP.NET Identity change password only admin and delete user without e-mail asp.net用户重置密码控制问题/错误! - asp.net user reset password control question/error! ASP.net会员强制用户离线(作为管理员) - ASP.net Memberships Force User Offline (as admin) ASP.NET Membership API强制更改密码 - ASP.NET Membership API force password change 当用户在ASP.NET/ASP.NET MVC中更改密码时,如何使任何自动登录cookie到期? - How to expire any auto-login cookie when user change password in ASP.NET/ASP.NET MVC?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM