47

I am wondering if there is a way to reset password with UserManager of ASP.NET MVC 5

I tried this with user that already has a password but no success. Any clue?

IdentityResult result = UserManager.AddPassword(forgotPasswordEvent.UserId.ToString(), model.ConfirmPassword);
if (result.Succeeded)
{
       //
}
else
{
        AddErrors(result);
}
NoWar
  • 36,338
  • 80
  • 323
  • 498

7 Answers7

92

It is here ASP.NET Identity reset password

UserManager<IdentityUser> userManager = 
    new UserManager<IdentityUser>(new UserStore<IdentityUser>());

userManager.RemovePassword(userId);

userManager.AddPassword(userId, newPassword);
Community
  • 1
  • 1
NoWar
  • 36,338
  • 80
  • 323
  • 498
  • 11
    And what do you do if addpassword fails? now user has no password? there are better options here: http://stackoverflow.com/questions/19524111/asp-net-identity-reset-password – mendel Jul 02 '15 at 19:10
  • 1
    @mendel maybe transactionScope is possible solution :https://msdn.microsoft.com/en-us/library/system.transactions.transactionscope%28v=vs.110%29.aspx – sepehr Dec 13 '15 at 10:06
  • 2
    If you have the code in the standard `AccountController.cs`, you can just use the `UserManager` available there. – Csaba Toth Dec 15 '16 at 03:59
  • This site has a working example which includes handling results of the calls http://codereview.stackexchange.com/questions/92737/asp-net-identity-admin-reset-user-password – sobelito Mar 04 '17 at 18:09
31

I suppose this is newer but there is such an API in Identity 2.0:

IdentityResult result = await UserManager.ResetPasswordAsync(user.Id, model.Code, model.Password);

model.Code is generated the following way, and you should send this as a link in a email to make sure the user who is claiming to want to change the password is that one that owns the email address:

string code = await UserManager.GeneratePasswordResetTokenAsync(user.Id);
Yan
  • 321
  • 3
  • 3
8
var validPass= await userManager.PasswordValidator.ValidateAsync(txtPassword1.Text);
if(validPass.Succeeded)
{
    var user = userManager.FindByName(currentUser.LoginName);
    user.PasswordHash = userManager.PasswordHasher.HashPassword(txtPassword1.Text);
    var res= userManager.Update(user);
    if(res.Succeeded)
    {
        // change password has been succeeded
    }
}
Martin Staufcik
  • 8,295
  • 4
  • 44
  • 63
6

try using the user store:

 var user = UserManager.FindById(forgotPasswordEvent.UserId);

 UserStore<ApplicationUser> store = new UserStore<ApplicationUser>();
 store.SetPasswordHashAsync(user, uManager.PasswordHasher.HashPassword(model.ConfirmPassword));

The IdentityMembership is cool, but still lacking some implementation

UPDATE

Identity 2.0 is here now and has a lot more features

Community
  • 1
  • 1
Jonesopolis
  • 25,034
  • 12
  • 68
  • 112
  • I tried your sample but then I get a `TimeOutException`. I'm still using *Identity 1.0* and I don't think I can migrate as it would require major refactoring in my application. Am using *Microsoft.Owin 2.10* and *OWIN 1.0* – Luiso Dec 10 '15 at 15:46
4

Try this code .It is working perfectly:

    var userStore = new UserStore<IdentityUser>();

    var userManager = new UserManager<IdentityUser>(userStore);

    string userName= UserName.Text;

    var user =userManager.FindByName(userName);
    if (user.PasswordHash != null  )
    {
        userManager.RemovePassword(user.Id);
    }

    userManager.AddPassword(user.Id, newpassword);
Ganesh PMP
  • 51
  • 3
  • Welcome to Stack Overflow! In order to make sure your answer is as helpful as possible to as broad an audience as possible, you might consider revising it to include (1) an evaluation of what was flawed about the existing code, (2) how your code avoids such pitfalls, and (3) any assumptions or shortcomings in your solution. Have a look [here](https://stackoverflow.com/help/how-to-answer) for inspiration. Thanks again for posting an answer, and I hope to see more from you in the future. – Fissure King Mar 04 '17 at 05:55
  • how is this different from the current accepted answer? – Valamas Mar 04 '17 at 06:10
  • the old answer does not tell how to get the userd and pass it as user.id like this: string userName= UserName.Text; var user =userManager.FindByName(userName); it didn't check the condition if the password has null value . – Ganesh PMP Mar 04 '17 at 06:48
  • @GaneshPMP: That's a valid reply. So incorporate that into your answer. – zx485 Mar 04 '17 at 06:57
3

I added this to my UserManager class :

    public virtual async Task<IdentityResult> UpdatePassword(ApplicationUser user, string newPassword)
    {
        var passwordStore = Store as IUserPasswordStore<ApplicationUser, string>;

        if (passwordStore == null)
            throw new Exception("UserManager store does not implement IUserPasswordStore");

        var result = await base.UpdatePassword(passwordStore, user, newPassword);

        if (result.Succeeded)
            result = await base.UpdateAsync(user);

        return result;
    }
James White
  • 2,062
  • 2
  • 24
  • 36
2

There are extension to change the password in the namespace Microsoft.AspNet.Identity.

https://msdn.microsoft.com/en-us/library/dn497466(v=vs.108).aspx

Marcel Melzig
  • 363
  • 6
  • 13