Is it possible to use the PasswordRecovery control to recover a password using the email address instead of the user name?
Ideally I'd like to have the PasswordRecovery control allow users to enter their email address instead of their user name and then proceed to answer the security question.
Unless you did some custom code to force the username to be an email at signup then you will have to do some custom code to get this working.
You can handle the VerifyingUser event to tweak the username value before it gets verified.
If you change the template of the control to ask for an email address to be entered into the username field then you can do a lookup of the users username in the VerifyingUser event and then change the value before it gets submitted.
Dim smtp As New System.Net.Mail.SmtpClient()
Dim smail As New System.Net.Mail.MailMessage
smail.To.Add(New System.Net.Mail.MailAddress("emailtowhomyouwanttosend@yahoo.com "))
smail.From = New System.Net.Mail.MailAddress("youremail@gmail.com", "Visit me")
smail.Subject = "hiii"
smail.IsBodyHtml = "true"
smail.Body = "HELLO THERE"
smtp.EnableSsl = True
smtp.Send(smail)
You could cast sender to a PasswordRecovery control if you wanted to remove the dependancy on the name (in case you ever want to reuse it)
Yeah, I usually cast sender whenever I can. Makes it easier to copy code for reuse. :) I usually create a snippit out of code like this anyhow. You should see my toolbar, it's packed. hehe
Ah yeah, I did make some snippets but then when I started working from more than one location it became a hassle to sync them up.
I now rely on remembering which project it was that I first solved the problem. Its getting a bit more complicated now as time is going on so I keep thinking about trying some kind of table of project achievements but it seems like a big hassle.
There is probably a real handy snippet sorting application that I have missed but for now I will carry on trying to remember!
It would be useful to have a global repository of snippits. Not only for yourself (to access from different machines) but to share with others in your team.
Security would be the first concern. Then how to organize them. (hierarchically) And, naturally, how to integrate the tool into Visual Studio.
Thanks guys.. Exactly what I was looking for. Here is my version of it (VB.NET)
Private Sub GetPassword_VerifyingUser(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.LoginCancelEventArgs) Handles GetPassword.VerifyingUser
Dim PasswordRecovery1 = CType(sender, PasswordRecovery)
If IsValidEmail(PasswordRecovery1.UserName) And PasswordRecovery1.UserName.Length > 0 Then
PasswordRecovery1.UserName = Membership.GetUserNameByEmail(PasswordRecovery1.UserName)
End If
End Sub
Protected Function IsValidEmail(ByVal strIn As String) As Boolean
Return Regex.IsMatch(strIn, "^([\w-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([\w-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$")
End Function
It will be cool if we customize the control's markup like this:
<asp:PasswordRecovery ID="GetPassword" runat="server" UserNameLabelText="Username or Email:" MailDefinition-Subject="MySite Password Recovery" UserNameInstructionText="<b>Enter your Username or email to receive your password.</b>" </asp:PasswordRecovery>
I am customizing the logincontrols including the PasswordRecovery to look into a database that I built. I have the login control portion working. I have some code working such as looking up the username and determinging if it exists in the
db. I haevn't figured out some things:
1) How to make the control present the security question.
My code to look up the username is in the VerifyingUser event. I set the PasswordRecovery1.QuestionLabelText to the corresponding db field value that I fetched when I looked up the username. How
to I tell the control whether or not the username is
a) valid and present the question or ?
b) tell them that it is not a valid username?
2) a) Where to put the code to verify the security answer. b) When I verify the existence of the username, I fetch the question and answer. Is there a property to store the answer at that time or do I have to fire more sql to verify the
answer?
CharlesF
Participant
1745 Points
330 Posts
Password recovery using email address
Feb 20, 2009 07:21 PM|LINK
Hi All,
Is it possible to use the PasswordRecovery control to recover a password using the email address instead of the user name?
Ideally I'd like to have the PasswordRecovery control allow users to enter their email address instead of their user name and then proceed to answer the security question.
Thanks.
-CharlesF
rtpHarry
All-Star
56620 Points
8958 Posts
Re: Password recovery using email address
Feb 20, 2009 07:48 PM|LINK
Unless you did some custom code to force the username to be an email at signup then you will have to do some custom code to get this working.
You can handle the VerifyingUser event to tweak the username value before it gets verified.
If you change the template of the control to ask for an email address to be entered into the username field then you can do a lookup of the users username in the VerifyingUser event and then change the value before it gets submitted.
To find a user by their email address look at this code example:
Also this presumes that you have setup the requirement of unique email addresses in your membership provider:
CharlesF
Participant
1745 Points
330 Posts
Re: Password recovery using email address
Feb 20, 2009 07:52 PM|LINK
Here's my solution (maybe not the best way)
protected bool IsValidEmail(string strIn) { // Return true if strIn is in valid e-mail format. return Regex.IsMatch(strIn, @"^([\w-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([\w-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$"); } protected void PasswordRecovery1_VerifyingUser(object sender, LoginCancelEventArgs e) { if (!IsValidEmail(PasswordRecovery1.UserName)) { PasswordRecovery1.UserNameInstructionText = "You must enter a valid e-mail address."; e.Cancel = true; } if (PasswordRecovery1.UserName.Length > 0) { PasswordRecovery1.UserName = Membership.GetUserNameByEmail(PasswordRecovery1.UserName); } }rtpHarry
All-Star
56620 Points
8958 Posts
Re: Password recovery using email address
Feb 20, 2009 08:29 PM|LINK
Ahh nice clean code!
You could cast sender to a PasswordRecovery control if you wanted to remove the dependancy on the name (in case you ever want to reuse it)
protected void PasswordRecovery1_VerifyingUser(object sender, LoginCancelEventArgs e) { PasswordRecovery passRecovery = (PasswordRecovery)sender; // other code ... }yasserzaid
Star
13991 Points
2597 Posts
Re: Password recovery using email address
Feb 20, 2009 10:23 PM|LINK
Hi
try this example to send user name and password
<asp:MultiView ID="MultiView1" runat="server" ActiveViewIndex="0">
<asp:View ID="View1" runat="server">
<table style="width: 339px; position: static">
<tr>
<td colspan="3">
<strong><span style="font-size: 16pt; color: #007fd6; font-family: Arial Narrow"></span></strong></td>
</tr>
<tr>
<td style="width: 86px">
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td style="width: 86px">
<asp:Label ID="Label1" runat="server" Text="Email Address:" Width="97px"></asp:Label></td>
<td>
<asp:TextBox ID="txtEmail" runat="server" Style="position: static"></asp:TextBox></td>
<td>
<asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server" ControlToValidate="txtEmail"
Display="Dynamic" ErrorMessage="RequiredFieldValidator" Style="position: static">*</asp:RequiredFieldValidator>
<asp:RegularExpressionValidator ID="RegularExpressionValidator1" runat="server" ControlToValidate="txtEmail"
ErrorMessage="RegularExpressionValidator" Style="position: static" ValidationExpression="\w+([-+.']\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*">*</asp:RegularExpressionValidator></td>
</tr>
<tr>
<td style="width: 86px">
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td style="width: 86px">
</td>
<td>
<asp:Button ID="Button1" runat="server" CssClass="SubmitBtn" Font-Bold="True"
OnClick="Button1_Click" Style="position: static" Text="Send Password" /></td>
<td>
</td>
</tr>
<tr>
<td style="width: 86px">
</td>
<td>
</td>
<td>
</td>
</tr>
<tr>
<td colspan="2">
<asp:Label ID="lblNotFound" runat="server" Font-Bold="True" ForeColor="#FF0033" Style="position: static"></asp:Label></td>
<td>
</td>
</tr>
</table>
</asp:View>
<asp:View ID="View2" runat="server">
<br />
<strong>Thank you<br />
<br />
Your Password has been sent to you<br />
<br />
Please check your email<br />
</strong>
</asp:View>
<asp:View ID="View3" runat="server">
<br />
<strong>An error accured during sending email<br />
<br />
Please try again
<br />
<br />
Click
<asp:LinkButton ID="LinkButton1" runat="server" OnClick="LinkButton1_Click">here</asp:LinkButton>
to try
<br />
</strong>
</asp:View>
</asp:MultiView>
and in code behind:
protected void Button1_Click(object sender, EventArgs e)
{
try
{
string strName = Membership.GetUserNameByEmail(txtEmail.Text);
MembershipUser user = Membership.GetUser(strName);
if (user != null)
{
string strNewPassword = user.GetPassword();
//-------------- Send Email with Password -------------------\\
string To = txtEmail.Text;
string Body = "Your Forgotten Password is: <br />" + strNewPassword;
string Subject = "Your Password";
string Email = "your email";
bool x=MailSender.SendEmail(Email, EmailPassword, To, Subject, Body, MailFormat.Html, "");
if (x == true)
{
MultiView1.ActiveViewIndex = 1;
}
else
{
MultiView1.ActiveViewIndex = 2;
}
}
else if (user == null)
{
lblNotFound.Text = "User not found";
return;
}
}
catch (Exception ex)
{
MultiView1.ActiveViewIndex = 2;
}
}
protected void LinkButton1_Click(object sender, EventArgs e)
{
MultiView1.ActiveViewIndex = 0;
}
and in web.config:
<membership defaultProvider="MyProvider" userIsOnlineTimeWindow="25">
<providers>
<add name="MyProvider" type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="your connection string name" applicationName="/" enablePasswordRetrieval="true" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" passwordFormat="Clear" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="5" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
</providers>
</membership>
and to send email
copy the following code.. its working for my gmail account
in web.config
<system.net>
<mailSettings>
<smtp from="youremail@gmail.com">
<network host="smtp.gmail.com" port="587" userName="youremail" password="xx" defaultCredentials="false"/>
</smtp>
</mailSettings>
</system.net>
In code behind ( on button click)
Dim smtp As New System.Net.Mail.SmtpClient()
Dim smail As New System.Net.Mail.MailMessage
smail.To.Add(New System.Net.Mail.MailAddress("emailtowhomyouwanttosend@yahoo.com "))
smail.From = New System.Net.Mail.MailAddress("youremail@gmail.com", "Visit me")
smail.Subject = "hiii"
smail.IsBodyHtml = "true"
smail.Body = "HELLO THERE"
smtp.EnableSsl = True
smtp.Send(smail)
It will work for sure..
Good Luck
CharlesF
Participant
1745 Points
330 Posts
Re: Password recovery using email address
Feb 20, 2009 10:32 PM|LINK
Yeah, I usually cast sender whenever I can. Makes it easier to copy code for reuse. :) I usually create a snippit out of code like this anyhow. You should see my toolbar, it's packed. hehe
rtpHarry
All-Star
56620 Points
8958 Posts
Re: Password recovery using email address
Feb 20, 2009 10:45 PM|LINK
Ah yeah, I did make some snippets but then when I started working from more than one location it became a hassle to sync them up.
I now rely on remembering which project it was that I first solved the problem. Its getting a bit more complicated now as time is going on so I keep thinking about trying some kind of table of project achievements but it seems like a big hassle.
There is probably a real handy snippet sorting application that I have missed but for now I will carry on trying to remember!
CharlesF
Participant
1745 Points
330 Posts
Re: Password recovery using email address
Feb 20, 2009 11:01 PM|LINK
It would be useful to have a global repository of snippits. Not only for yourself (to access from different machines) but to share with others in your team.
Security would be the first concern. Then how to organize them. (hierarchically) And, naturally, how to integrate the tool into Visual Studio.
Well, thanks again Harry. Talk to you later.
rollercoaste...
Member
89 Points
34 Posts
Re: Password recovery using email address
Mar 03, 2009 11:50 AM|LINK
Thanks guys.. Exactly what I was looking for. Here is my version of it (VB.NET)
Private Sub GetPassword_VerifyingUser(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.LoginCancelEventArgs) Handles GetPassword.VerifyingUser Dim PasswordRecovery1 = CType(sender, PasswordRecovery) If IsValidEmail(PasswordRecovery1.UserName) And PasswordRecovery1.UserName.Length > 0 Then PasswordRecovery1.UserName = Membership.GetUserNameByEmail(PasswordRecovery1.UserName) End If End Sub Protected Function IsValidEmail(ByVal strIn As String) As Boolean Return Regex.IsMatch(strIn, "^([\w-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([\w-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$") End FunctionIt will be cool if we customize the control's markup like this:
russellfamil...
Member
4 Points
2 Posts
Re: Password recovery using email address
Jan 30, 2010 05:53 PM|LINK
I am customizing the logincontrols including the PasswordRecovery to look into a database that I built. I have the login control portion working. I have some code working such as looking up the username and determinging if it exists in the db. I haevn't figured out some things:
1) How to make the control present the security question.
My code to look up the username is in the VerifyingUser event. I set the PasswordRecovery1.QuestionLabelText to the corresponding db field value that I fetched when I looked up the username. How to I tell the control whether or not the username is
a) valid and present the question or ?
b) tell them that it is not a valid username?
2) a) Where to put the code to verify the security answer. b) When I verify the existence of the username, I fetch the question and answer. Is there a property to store the answer at that time or do I have to fire more sql to verify the answer?
thanks