1

I am using the exsisting PasswordReset form in WebMatrix. I didn't change anything in the module but, it's not working. When I click the "Did you forget your password?" link and it takes me to the ForgotPassword form. After I enter my email address and click 'Send Instructions' it goes to my email. But, when I click on the link it provides I immediately get the Password Reset screen but, he top of the screen says, "Could not reset password. Please correct the errors and try again." Eventhough, I try resetting my password anyway nothing happens.

Below is the Password Reset code:

@* Remove this section if you are using bundling *@
@section Scripts {
    <script src="~/Scripts/jquery.validate.min.js"></script>
    <script src="~/Scripts/jquery.validate.unobtrusive.min.js"></script>
}

@{
    Layout = "~/_SiteLayout.cshtml";
    Page.Title = "Password Reset";

    var passwordResetToken = Request.Form["resetToken"] ?? Request.QueryString["resetToken"];

    bool tokenExpired = false;
    bool isSuccess = false;

    // Setup validation
    Validation.RequireField("newPassword", "The new password field is required.");
    Validation.Add("confirmPassword",
        Validator.EqualsTo("newPassword", "The new password and confirmation password do not match."));
    Validation.RequireField("passwordResetToken", "The password reset token field is required.");
    Validation.Add("newPassword",
        Validator.StringLength(
            maxLength: Int32.MaxValue,
            minLength: 6,
            errorMessage: "New password must be at least 6 characters"));

    if (IsPost && Validation.IsValid()) {
        AntiForgery.Validate();
        var newPassword = Request["newPassword"];
        var confirmPassword = Request["confirmPassword"];

        if (WebSecurity.ResetPassword(passwordResetToken, newPassword)) {
            isSuccess = true;
        } else {
            ModelState.AddError("passwordResetToken", "The password reset token is invalid.");
            tokenExpired = true;
        }
    }
}

<hgroup class="title">
    <h1>@Page.Title.</h1>
    <h2>Use the form below to reset your password.</h2>
</hgroup>

@if (!WebMail.SmtpServer.IsEmpty()) {
    if (!Validation.IsValid()) {
        <p class="validation-summary-errors">
            @if (tokenExpired) {
                <text>The password reset token is incorrect or may be expired. Visit the <a href="~/Account/ForgotPassword">forgot password page</a> 
                to generate a new one.</text>
            } else {
                <text>Could not reset password. Please correct the errors and try again.</text>
            }
        </p>
    }

    if (isSuccess) {
        <p class="message-success">
            Password changed! Click <a href="~/Account/Login" title="Log in">here</a> to log in.
        </p>
    }

    <form method="post">
        @AntiForgery.GetHtml()
        <fieldset>
            <legend>Password Change Form</legend>
            <ol>
                <li class="new-password">
                    <label for="newPassword" @if (!ModelState.IsValidField("newPassword")) {<text>class="error-label"</text>}>New password</label> 
                    <input type="password" id="newPassword" name="newPassword" disabled="@isSuccess" @Validation.For("newPassword") />
                    @Html.ValidationMessage("newPassword")
                </li>
                <li class="confirm-password">
                    <label for="confirmPassword" @if (!ModelState.IsValidField("confirmPassword")) {<text>class="error-label"</text>}>Confirm password</label> 
                    <input type="password" id="confirmPassword" name="confirmPassword" disabled="@isSuccess" @Validation.For("confirmPassword") />
                    @Html.ValidationMessage("confirmPassword")
                </li>
                <li class="reset-token">
                    <label for="resetToken" @if (!ModelState.IsValidField("resetToken")) {<text>class="error-label"</text>}>Password reset token</label> 
                    <input type="text" id="resetToken" name="resetToken" value="@passwordResetToken" disabled="@isSuccess" @Validation.For("resetToken") />
                    @Html.ValidationMessage("resetToken")
                </li>
            </ol>
            <input type="submit" value="Reset password" disabled="@isSuccess"/>
        </fieldset>
    </form>
} else {
    <p class="message-info">
        Password recovery is disabled for this website because the SMTP server is 
        not configured correctly. Please contact the owner of this site to reset 
        your password.
    </p>
}

Here is the code in my _AppStart:

WebSecurity.InitializeDatabaseConnection("StarterSite", "UserProfile", "UserId", "Email", autoCreateTables: true);

OAuthWebSecurity.RegisterGoogleClient();

WebMail.SmtpServer = "smtp.gmail.com";
WebMail.EnableSsl = true;

WebMail.SmtpPort = 587;
WebMail.UserName = "mark.anthnony@yahoo.com";
WebMail.Password = "September";
WebMail.From = "mark.anthony@yahoo.com";
tnlewis
  • 323
  • 1
  • 3
  • 15

1 Answers1

0

Change constancies in your User object. Delete required attributes from there. Also. I suggest to write your own base authentication.

Hamit YILDIRIM
  • 4,224
  • 1
  • 32
  • 35
  • What does that mean? I'm not following you. – tnlewis Apr 26 '16 at 16:03
  • Hello, sory i have no much time. WebMatrix is a light weight authentication framework and it has some constancy while using it. One of them is in view chtml attribute. There you can see validation rules delete them and your error will be dissapered. And also i have worked with WebMatrix for a long time and there are many other consistancies like this at the and i have wrote my own framework and i suggest you to this. best regards – Hamit YILDIRIM May 09 '16 at 14:39