?
Solved

Log In User with Parameters when Changing Password - .Net

Posted on 2011-09-13
6
Medium Priority
?
264 Views
Last Modified: 2012-05-12
I have an .Net App in which want to send an email to a user that presses a Recover Password button that resets the user's password and then sends a link to the user that when followed will log the user in with a new password and bring them to the Change Password page where they must resent their password.  

I'm able to reset the password and get the new randomly generated password that I send back to the user in an email.  However, when the user follows the link back with the UserName and pw parameters, the system does not seem to log them in,

Here's the code I am using on the load event that does not seem to work:

 
try
        {
            string sUserName = Request.QueryString["UserName"].ToString();
            string sPw = Request.QueryString["pw"].ToString();

            if (Membership.ValidateUser(sUserName, sPw))
            {
                //Log the user in???
                FormsAuthentication.Authenticate(sUserName, sPw);
            }
        }

        catch (Exception r)
        {
            string sMessage = r.Message;

        }

Open in new window


Any help in logging the user in with username and password parameters would be greatly appreciated.

rbs
0
Comment
Question by:RBS
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 2

Expert Comment

by:sanjaysumantera
ID: 36533549
Note: I'm making an assumption that you are doing a post back to the server in your form to save the data to begin with.

After you've processed the form (i.e. saved the data to the DB) why don't you clear the controls from the page and call "CreateChildControls". This would be the quickest way to clear your input controls before rendering the page back to the user.

YMMV, this isn't necessarily the best or safest way to do this but it can/could work; however I've only used this in custom controls that did not have a corresponding ascx file.
0
 
LVL 11

Expert Comment

by:SAMIR BHOGAYTA
ID: 36533780
Hello,

You have to create one page like ActiveUser.aspx and then randomly created password pass through the parameter and put into the textbox when user click's on the redirected link. And then after check the userid and password and allow user to logged in.
0
 
LVL 6

Expert Comment

by:badalpatel
ID: 36534952
Hi,
 
Your code is correct and should run. There are couple of checks we need to make here
1. Is this login check is done in new page or login page? If its in new page then all user can access it or they do have to login to access this new page?
2. if your new password contains spaces or special chars then in you might need to user URLEncode/urlDecode funtionality here
      Server.URLDecode(Request.QueryString["pw"].ToString());
3. Please make sure that username and password are correct ones :)
0
Command Line Tips and Tricks

The command line is a powerful tool at the disposal of every Linux user. Although Linux distros come with beautiful user interfaces, it's worthwhile to learn the command line because it allows you to do a number of things that you otherwise cannot do from the GUI.  

 

Author Comment

by:RBS
ID: 36536746
Hi badalpatel:

1.  When the user clicks the link from his email, he is directed to a new page pw.aspx which only processes the code that I have shown in an attempt to log the person in with the temporary password just assigned and then if login is successful, redirects the user to the ChangePassword page.  All users can access the pw page and when I step through the code, it successfully validates the user and I, believe authenticates him.  

2.  The randomly generated password contains special characters.  However I have tried the app by using the link http://localhost/pw.aspx?UserName=TestUser&pw=tassword with the same results - am able to step through the code - user appears to have been logged in but is not...

3.  Yes, the usernames and pws are correct - I verified each :)

Regards,
rbs
0
 
LVL 6

Accepted Solution

by:
badalpatel earned 2000 total points
ID: 36540923
Can you please do one thing here, change your code
if (Membership.ValidateUser(sUserName, sPw))
            {
                //Log the user in???
                FormsAuthentication.Authenticate(sUserName, sPw);
            }

with this one,
if (Membership.ValidateUser(sUserName, sPw))
            {
                //Log the user in???
                FormsAuthentication.SetAuthCookie(sUserName, false);
                Response.Redirect("newpage.aspx");
            }

Its worked on my sample page. Find more info here on http://forums.asp.net/t/1247123.aspx
0
 

Author Closing Comment

by:RBS
ID: 36542834
Great, thanks - worked like a charm.

rbs
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ASP.Net to Oracle Connectivity Recently I had to develop an ASP.NET application connecting to an Oracle database.As I am doing it first time ,I had to solve several problems. This article will help to such developers  to develop an ASP.NET client…
Calculating holidays and working days is a function that is often needed yet it is not one found within the Framework. This article presents one approach to building a working-day calculator for use in .NET.
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question