ASP.NET Membership change password not working

前端 未结 10 1912
心在旅途
心在旅途 2021-02-19 18:48

I have this code for changing a user\'s password when they click the password reset button (with extra code to log to ELMAH so I can try to figure out what is going wrong).

10条回答
  •  野性不改
    2021-02-19 19:46

    If the user needs to reset his password, there is a chance their account has been locked out from too many invalid attempts. If this is the case, then the password is being reset successfully, but the user cannot log in until the lockout condition is cleared.

    Try checking MembershipUser.IsLockedOut:

    Users are most commonly locked out and cannot be validated by the ValidateUser method when the MaxInvalidPasswordAttempts is reached within the PasswordAttemptWindow.

    To set this property to false and let the user try to log in again, you can use the UnlockUser method.

    Edit

    Did you also check IsApproved? Authentication will fail is this is false for the user.

    Also, assuming by default membership provider, you mean the SqlMembershipProvider, can you run the following query against your database and make sure everything looks correct?

    select IsApproved, IsLockedOut, FailedPasswordAttemptCount
    from aspnet_Membership
    where ApplicationId = @yourApplicationId and UserId = @userId
    

    Try executing the query before attempting to sign in to verify IsApproved and IsLockedOut are ok. Also note the value for FailedPasswordAttemptCount.

    Try signing in, and then run the query again. If signin fails, has the value for FailedPasswordAttemptCount been incremented?

    You could also look at PasswordFormat in the aspnet_Membership table and make sure it is the correct value depending on the format you are using (0 for Clear, 1 for Hashed, and 2 for Encrypted).

提交回复
热议问题