0

I have created a controller with views using Entity Framework.Everything works fine but I need to edit users password and I don't have such option,only passwordHash.

How can I do it?

Here is the code of UsersController:

    public ActionResult Edit(string id)
    {
        if (id == null)
        {
            return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
        }
        ApplicationUser applicationUser = db.Users.Find(id);
        if (applicationUser == null)
        {
            return HttpNotFound();
        }
        return View(applicationUser);
    }

    // POST: Users/Edit/5
    // To protect from overposting attacks, please enable the specific properties you want to bind to, for 
    // more details see http://go.microsoft.com/fwlink/?LinkId=317598.
    [HttpPost]
    [ValidateAntiForgeryToken]
    public ActionResult Edit([Bind(Include = "Id,Email,EmailConfirmed,PasswordHash,Password,SecurityStamp,PhoneNumber,PhoneNumberConfirmed,TwoFactorEnabled,LockoutEndDateUtc,LockoutEnabled,AccessFailedCount,UserName")] ApplicationUser applicationUser)
    {
        if (ModelState.IsValid)
        {
            db.Entry(applicationUser).State = EntityState.Modified;
            db.SaveChanges();
            return RedirectToAction("Index");
        }
        return View(applicationUser);
    }

And here is Edit.shtml:

 <div class="form-group">
        @Html.LabelFor(model => model.PasswordHash, htmlAttributes: new {      @class = "control-label col-md-2" })
        <div class="col-md-10">
            @Html.EditorFor(model => model.PasswordHash, new { htmlAttributes = new { @class = "form-control" } })
            @Html.ValidationMessageFor(model => model.PasswordHash, "", new     { @class = "text-danger" })
        </div>
      </div>

If I try the same with model.Password I have a mistake :

The type arguments for method 'System.Web.Mvc.Html.LabelExtensions.LabelFor(System.Web.Mvc.HtmlHelper, System.Linq.Expressions.Expression>, System.Collections.Generic.IDictionary)' cannot be inferred from the usage. Try specifying the type arguments explicitly.

How can I fix this?Is it somehow connected with absense of field Password in AspNetUsers table and ApplicationUser Model?

Soner Gönül
  • 97,193
  • 102
  • 206
  • 364
Daniil
  • 3
  • 3
  • 1
    Would you want to change the password through the `UserManager`? – Drew Kennedy Dec 27 '15 at 15:13
  • look at answers on this question http://stackoverflow.com/questions/19524111/asp-net-identity-reset-password. also better approach is to use additional custom viewmodel class to bind model from view – sqladmin Dec 27 '15 at 16:33
  • Yes I want to change the password through the UserManager.I have an admin page where I manage all users,so I'd like to edit users password on that page – Daniil Dec 28 '15 at 08:12

1 Answers1

0

you can't, because no password is stored and as you have stated too only the password hash gets stored in the db so the normal approach would be to retrieve the last password form the user and then hash it and compare it to the stored hash if they're equal then you can set the new provided password for the user the easier approach would be to use the user manager class and its UpdatePassword method further reading : https://msdn.microsoft.com/en-us/library/dn613290%28v=vs.108%29.aspx

mahdi mahzouni
  • 474
  • 5
  • 15
  • I think that this one suits UserManager.ChangePasswordAsync Method.How I can use it to do this: I have an admin page where I manage all users,so I'd like to edit users password on that page – Daniil Dec 28 '15 at 08:18
  • render all your users using a foreach loop for ex. in a table and consider a column for new password where you type it and and a button to trigger a ajax call to server for persisting the changed result (any scenario to your needs would be valid) – mahdi mahzouni Dec 28 '15 at 08:56
  • it would be great if somebody can help with the code cause I'm just a beginner and unfortunately I don't have enough time to learn asp.net mvc and do it by myself – Daniil Dec 28 '15 at 16:37