Umbraco外部成员资格提供者

6-

但是

我真的很难弄清楚这是怎么/为什么发生的，我需要更改什么以确保密码都匹配并且成员可以访问受保护的页面。

我相信这是运行登录名/密码重置逻辑的内容：

namespace Profile.Controllers { [PluginController("Profile")] public class SecurityController : SurfaceController { public string RandomString(int length) { var chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; var stringChars = new char[length]; var random = new Random(); for (int i = 0; i < stringChars.Length; i++) { stringChars[i] = chars[random.Next(chars.Length)]; } return new String(stringChars); } [ChildActionOnly] public ActionResult SecurityForm() { var model = new SecurityModel(); return PartialView("SecurityForm", model); } [HttpPost] public ActionResult UpdateUsername(SecurityModel viewModel, FormCollection form) { iboAdmin.InitializeSystem(); try { CContactUser user = CContactUser.LoginByWebLogin(User.Identity.Name); user.ChangeWebLogin(viewModel.ChangeUsername.NewUsername, viewModel.ChangeUsername.Password); } catch (Exception ex) { ModelState.AddModelError("", ex.Message); } if (ModelState.IsValid) { TempData["SuccessMessage"] = "Your username has been changed successfully"; return RedirectToCurrentUmbracoPage(); } else { return CurrentUmbracoPage(); } } [HttpPost] public ActionResult UpdatePassword(SecurityModel viewModel, FormCollection form) { bool legacyCode = false; try { if (legacyCode) { iboAdmin.InitializeSystem(); CContactUser user = CContactUser.LoginByWebLogin(User.Identity.Name); user.ChangePassword(viewModel.ChangePassword.CurrentPassword, viewModel.ChangePassword.NewPassword); } else { if (!iboAdmin.IsSystemInitialized) { iboAdmin.InitializeSystem(); } CContactUser user = CContactUser.LoginByWebLogin(User.Identity.Name); var contact = new CContact(CStaffUser.GetDefaultStaffUser(), user.ContactId); contact.UserSecurity.ChangePassword(viewModel.ChangePassword.CurrentPassword, User.Identity.Name, viewModel.ChangePassword.NewPassword); contact.Save(); if (contact.ErrorsCount > 0) ModelState.AddModelError("", "An error occured when setting the password: " + contact.Errors.PrimaryErrorMessage); } } catch (Exception ex) { ModelState.AddModelError("", ex.Message); } if (ModelState.IsValid) { TempData["SuccessMessage"] = "Your password has been changed successfully"; return RedirectToCurrentUmbracoPage(); } else { return CurrentUmbracoPage(); } } [HttpPost] public ActionResult LoginReminder(string Email) { iboAdmin.InitializeSystem(); try { CContactUser user = CContactUser.LoginByWebLogin("manager"); CContact contact = CContact.GetContacts(user, "", "AND Name.EMAIL = @email", new SqlParameter[] { new SqlParameter("email", Email) }).First(); string ksamHelpline = (ConfigurationManager.AppSettings.AllKeys.Contains("KSAMHelpline") ? ConfigurationManager.AppSettings["KSAMHelpline"] : "01625 664500"); if (contact == null) { throw new Exception("There are no users on our system with that e-mail address registered. Please contact the administration office on " + ksamHelpline + " to access your account."); } string userName = contact.UserSecurity.WebLoginId; if(string.IsNullOrEmpty(userName)) { throw new Exception("A username has not been found for your email address. Please contact the administration office on " + ksamHelpline + "."); } else { SmtpClient smtpClient = new SmtpClient(); MailMessage mail = new MailMessage(); string messageBody = System.IO.File.ReadAllText(Server.MapPath("~/emails/LoginReminder.html")); HtmlDocument htmldoc = new HtmlDocument(); htmldoc.LoadHtml(messageBody); mail.To.Add(new MailAddress(contact.EmailAddress)); mail.Subject = htmldoc.DocumentNode.SelectSingleNode("//head/title").InnerText; messageBody = messageBody.Replace("[USERNAME]", userName); mail.Body = messageBody.Replace("[FIRST_NAME]", contact.FirstName); mail.IsBodyHtml = true; smtpClient.Send(mail); TempData["SuccessMessage"] = "A reminder e-mail containing your username has been sent to " + Email; } } catch (Exception ex) { ModelState.AddModelError("", ex.Message); } if (ModelState.IsValid) { return RedirectToCurrentUmbracoPage(); } else { return CurrentUmbracoPage(); } } [HttpPost] public ActionResult PasswordResetRequest(string username) { Session["ResetUser"] = ""; iboAdmin.InitializeSystem(); try { CContactUser user = CContactUser.LoginByWebLogin(username); CContact contact = new CContact(user,user.ContactId); if (contact.EmailAddress == "") { throw new Exception("There is no email address registered to that username. Please contact the administration office to access your account."); } Session["PIN"] = RandomString(5); Session["ResetUser"] = username; TempData["PINSent"] = true; SmtpClient smtpClient = new SmtpClient(); MailMessage mail = new MailMessage(); string messageBody = System.IO.File.ReadAllText(Server.MapPath("~/emails/ResetPasswordPin.html")); HtmlDocument htmldoc = new HtmlDocument(); htmldoc.LoadHtml(messageBody); mail.To.Add(new MailAddress(contact.EmailAddress)); mail.Subject = htmldoc.DocumentNode.SelectSingleNode("//head/title").InnerText; mail.Body = messageBody.Replace("[PIN]", Session["PIN"].ToString()); mail.IsBodyHtml = true; smtpClient.Send(mail); } catch (Exception ex) { ModelState.AddModelError("", ex.Message); } if (ModelState.IsValid) { return RedirectToCurrentUmbracoPage(); } else { return CurrentUmbracoPage(); } } [HttpPost] public ActionResult PasswordResetVerify(string PIN) { iboAdmin.InitializeSystem(); try { if (Session["PIN"].ToString() == PIN) { TempData["Verified"] = true; } else { throw new Exception("Verification codes do not match"); } } catch (Exception ex) { ModelState.AddModelError("", ex.Message); } if (ModelState.IsValid) { return RedirectToCurrentUmbracoPage(); } else { return CurrentUmbracoPage(); } } [HttpPost] public ActionResult PasswordReset(string password) { iboAdmin.InitializeSystem(); try { CContact contact; bool legacyCode = false, success = false; if (legacyCode) { CContactUser user = CContactUser.LoginByWebLogin(Session["ResetUser"].ToString()); user.ChangePassword(password, "REMOVED", "REMOVED"); contact = new CContact(user, user.ContactId); } else { // Jeremy suggested code v1. // /*if (!iboAdmin.IsSystemInitialized) { iboAdmin.InitializeSystem(); } CContactUser user = CContactUser.LoginByWebLogin(Session["ResetUser"].ToString()); contact = new CContact(user, user.ContactId); contact.UserSecurity.ChangePassword(password, "REMOVED", "REMOVED"); contact.Save(); if (contact.ErrorsCount > 0) ModelState.AddModelError("", "An error occured when setting the password: " + contact.Errors.PrimaryErrorMessage);*/ // Jeremy suggested code v2. // if (!iboAdmin.IsSystemInitialized) { iboAdmin.InitializeSystem(); } CContactUser user = CContactUser.LoginByWebLogin(Session["ResetUser"].ToString()); contact = new CContact(CStaffUser.GetDefaultStaffUser(), user.ContactId); var membershipUser = Membership.GetUser(contact.UserSecurity.WebLoginId, false); string oldPassword = membershipUser.ResetPassword(); success = membershipUser.ChangePassword(oldPassword, password); } SmtpClient smtpClient = new SmtpClient(); MailMessage mail = new MailMessage(); string messageBody = System.IO.File.ReadAllText(Server.MapPath("~/emails/ResetPasswordSuccess.html")); HtmlDocument htmldoc = new HtmlDocument(); htmldoc.LoadHtml(messageBody); mail.To.Add(new MailAddress(contact.EmailAddress)); mail.Subject = htmldoc.DocumentNode.SelectSingleNode("//head/title").InnerText; mail.Body = messageBody.Replace("[FIRST_NAME]", contact.FirstName); mail.IsBodyHtml = true; smtpClient.Send(mail); TempData["Success"] = true; TempData["SuccessMessage"] = "Your password has been reset successfully."; } catch (Exception ex) { ModelState.AddModelError("", ex.Message); } if (ModelState.IsValid) { return RedirectToCurrentUmbracoPage(); } else { return CurrentUmbracoPage(); } } } }