The password reset doesn't seem to work on Webmatrix Starter Site.
When you try to reset your password, it sends you a token, you click on the token, it asks you to enter a new password, but it always says Could not reset password. Please correct the errors and try again, even when there are no errors.
I understand most of the code, but not all of it. Is there someone which can look at why this doesn't work properly? I have not customised the razor code on this page (passwordreset) so I can't see why there is a problem, although you can see a few glitches
when you run this.
Any Webmatrix experts out there who can help?
Code Below:
@* Remove this section if you are using bundling *@
@section Scripts {
<script src="~/Scripts/jquery.validate.min.js"></script>
<script src="~/Scripts/jquery.validate.unobtrusive.min.js"></script>
}
@{
Layout = "~/_SiteLayout.cshtml";
Page.Title = "Password Reset";
var passwordResetToken = Request.Form["resetToken"] ?? Request.QueryString["resetToken"];
var disabledAttribute = "";
bool tokenExpired = false;
bool isSuccess = false;
// Setup validation
Validation.RequireField("newPassword", "The new password field is required.");
Validation.Add("confirmPassword",
Validator.EqualsTo("newPassword", "The new password and confirmation password do not match."));
Validation.RequireField("passwordResetToken", "The password reset token field is required.");
Validation.Add("newPassword",
Validator.StringLength(
maxLength: Int32.MaxValue,
minLength: 6,
errorMessage: "New password must be at least 6 characters"));
if (IsPost && Validation.IsValid()) {
var newPassword = Request["newPassword"];
var confirmPassword = Request["confirmPassword"];
if (WebSecurity.ResetPassword(passwordResetToken, newPassword)) {
disabledAttribute = @"disabled=""disabled""";
isSuccess = true;
} else {
ModelState.AddError("passwordResetToken", "The password reset token is invalid.");
tokenExpired = true;
}
}
}
<hgroup class="title">
<h1>@Page.Title.</h1>
<h2>Use the form below to reset your password.</h2>
</hgroup>
@if (!WebMail.SmtpServer.IsEmpty()) {
if (!Validation.IsValid()) {
<p class="validation-summary-errors">
@if (tokenExpired) {
<text>The password reset token is incorrect or may be expired. Visit the <a href="~/Account/ForgotPassword">forgot password page</a>
to generate a new one.</text>
} else {
<text>Could not reset password. Please correct the errors and try again.</text>
}
</p>
}
if (isSuccess) {
<p class="message-success">
Password changed! Click <a href="~/Account/Login" title="Log in">here</a> to log in.
</p>
}
<form method="post">
<fieldset>
<legend>Password Change Form</legend>
<ol>
<li class="new-password">
<label for="newPassword" @if (!ModelState.IsValidField("newPassword")) {<text>class="error-label"</text>}>New password</label>
<input type="password" id="newPassword" name="newPassword" @disabledAttribute @Validation.For("newPassword") />
@Html.ValidationMessage("newPassword")
</li>
<li class="confirm-password">
<label for="confirmPassword" @if (!ModelState.IsValidField("confirmPassword")) {<text>class="error-label"</text>}>Confirm password</label>
<input type="password" id="confirmPassword" name="confirmPassword" @disabledAttribute @Validation.For("confirmPassword") />
@Html.ValidationMessage("confirmPassword")
</li>
<li class="reset-token">
<label for="resetToken" @if (!ModelState.IsValidField("resetToken")) {<text>class="error-label"</text>}>Password reset token</label>
<input type="text" id="resetToken" name="resetToken" value="@passwordResetToken" @disabledAttribute @Validation.For("resetToken") />
@Html.ValidationMessage("resetToken")
</li>
</ol>
<input type="submit" value="Reset password" @disabledAttribute/>
</fieldset>
</form>
} else {
<p class="message-info">
Password recovery is disabled for this website because the SMTP server is
not configured correctly. Please contact the owner of this site to reset
your password.
</p>
}
(!WebMail.SmtpServer.IsEmpty()) <-- Condition is met.
(!Validation.IsValid()) <-- Condition not met.
So obviously tokenExpired variable is True or False. You just need to debug and verify why the validation of the form fields are throwing you into that if statement condition.
Check out my website: http://www.TheTradeBox.com
Love collecting video games, movies and board games!
Enjoying my '11 WRX, so sexy...
You have a mismatch in your field names. You have a required field called passwordResetToken, but the form field is called resetToken. No validation errors appear because you have not applied any rules to a field called resetToken. Equally, you have no way
to display validaiton rules for passwordResetToken.
I ended up with the same issue. It seems the StarterSite template had the error(s) in it. The PasswordReset.cshtml file has conflicting lines in it.
I corrected it by making the following changes (which seemed to be the path of least resistance):
Validation.RequireField("passwordResetToken", "The password reset token field is required.");
should be:
Validation.RequireField("resetToken", "The password reset token field is required.");
similarly:
} else {
ModelState.AddError("passwordResetToken", "The password reset token is invalid.");
tokenExpired = true;
}
should be:
} else {
ModelState.AddError("resetToken", "The password reset token is invalid.");
tokenExpired = true;
}
VB-Bob1975
Member
5 Points
11 Posts
Password Reset
Jun 27, 2012 10:12 AM|LINK
Hi.
The password reset doesn't seem to work on Webmatrix Starter Site.
When you try to reset your password, it sends you a token, you click on the token, it asks you to enter a new password, but it always says Could not reset password. Please correct the errors and try again, even when there are no errors.
I understand most of the code, but not all of it. Is there someone which can look at why this doesn't work properly? I have not customised the razor code on this page (passwordreset) so I can't see why there is a problem, although you can see a few glitches when you run this.
Any Webmatrix experts out there who can help?
Code Below:
@* Remove this section if you are using bundling *@ @section Scripts { <script src="~/Scripts/jquery.validate.min.js"></script> <script src="~/Scripts/jquery.validate.unobtrusive.min.js"></script> } @{ Layout = "~/_SiteLayout.cshtml"; Page.Title = "Password Reset"; var passwordResetToken = Request.Form["resetToken"] ?? Request.QueryString["resetToken"]; var disabledAttribute = ""; bool tokenExpired = false; bool isSuccess = false; // Setup validation Validation.RequireField("newPassword", "The new password field is required."); Validation.Add("confirmPassword", Validator.EqualsTo("newPassword", "The new password and confirmation password do not match.")); Validation.RequireField("passwordResetToken", "The password reset token field is required."); Validation.Add("newPassword", Validator.StringLength( maxLength: Int32.MaxValue, minLength: 6, errorMessage: "New password must be at least 6 characters")); if (IsPost && Validation.IsValid()) { var newPassword = Request["newPassword"]; var confirmPassword = Request["confirmPassword"]; if (WebSecurity.ResetPassword(passwordResetToken, newPassword)) { disabledAttribute = @"disabled=""disabled"""; isSuccess = true; } else { ModelState.AddError("passwordResetToken", "The password reset token is invalid."); tokenExpired = true; } } } <hgroup class="title"> <h1>@Page.Title.</h1> <h2>Use the form below to reset your password.</h2> </hgroup> @if (!WebMail.SmtpServer.IsEmpty()) { if (!Validation.IsValid()) { <p class="validation-summary-errors"> @if (tokenExpired) { <text>The password reset token is incorrect or may be expired. Visit the <a href="~/Account/ForgotPassword">forgot password page</a> to generate a new one.</text> } else { <text>Could not reset password. Please correct the errors and try again.</text> } </p> } if (isSuccess) { <p class="message-success"> Password changed! Click <a href="~/Account/Login" title="Log in">here</a> to log in. </p> } <form method="post"> <fieldset> <legend>Password Change Form</legend> <ol> <li class="new-password"> <label for="newPassword" @if (!ModelState.IsValidField("newPassword")) {<text>class="error-label"</text>}>New password</label> <input type="password" id="newPassword" name="newPassword" @disabledAttribute @Validation.For("newPassword") /> @Html.ValidationMessage("newPassword") </li> <li class="confirm-password"> <label for="confirmPassword" @if (!ModelState.IsValidField("confirmPassword")) {<text>class="error-label"</text>}>Confirm password</label> <input type="password" id="confirmPassword" name="confirmPassword" @disabledAttribute @Validation.For("confirmPassword") /> @Html.ValidationMessage("confirmPassword") </li> <li class="reset-token"> <label for="resetToken" @if (!ModelState.IsValidField("resetToken")) {<text>class="error-label"</text>}>Password reset token</label> <input type="text" id="resetToken" name="resetToken" value="@passwordResetToken" @disabledAttribute @Validation.For("resetToken") /> @Html.ValidationMessage("resetToken") </li> </ol> <input type="submit" value="Reset password" @disabledAttribute/> </fieldset> </form> } else { <p class="message-info"> Password recovery is disabled for this website because the SMTP server is not configured correctly. Please contact the owner of this site to reset your password. </p> }mebinici
Participant
815 Points
256 Posts
Re: Password Reset
Jul 18, 2012 12:56 AM|LINK
So obviously tokenExpired variable is True or False. You just need to debug and verify why the validation of the form fields are throwing you into that if statement condition.
Love collecting video games, movies and board games!
Enjoying my '11 WRX, so sexy...
Mikesdotnett...
All-Star
154955 Points
19872 Posts
Moderator
MVP
Re: Password Reset
Jul 18, 2012 05:05 AM|LINK
You have a mismatch in your field names. You have a required field called passwordResetToken, but the form field is called resetToken. No validation errors appear because you have not applied any rules to a field called resetToken. Equally, you have no way to display validaiton rules for passwordResetToken.
Beginning ASP.NET Web Pages with WebMatrix | My Site | Twitter
proks
Member
3 Points
1 Post
Re: Password Reset
Jul 30, 2012 11:27 PM|LINK
I ended up with the same issue. It seems the StarterSite template had the error(s) in it. The PasswordReset.cshtml file has conflicting lines in it.
I corrected it by making the following changes (which seemed to be the path of least resistance):
Validation.RequireField("passwordResetToken", "The password reset token field is required."); should be: Validation.RequireField("resetToken", "The password reset token field is required."); similarly: } else { ModelState.AddError("passwordResetToken", "The password reset token is invalid."); tokenExpired = true; } should be: } else { ModelState.AddError("resetToken", "The password reset token is invalid."); tokenExpired = true; }