Solved

Log In User with Parameters when Changing Password - .Net

Posted on 2011-09-13
6
256 Views
Last Modified: 2012-05-12
I have an .Net App in which want to send an email to a user that presses a Recover Password button that resets the user's password and then sends a link to the user that when followed will log the user in with a new password and bring them to the Change Password page where they must resent their password.  

I'm able to reset the password and get the new randomly generated password that I send back to the user in an email.  However, when the user follows the link back with the UserName and pw parameters, the system does not seem to log them in,

Here's the code I am using on the load event that does not seem to work:

 
try
        {
            string sUserName = Request.QueryString["UserName"].ToString();
            string sPw = Request.QueryString["pw"].ToString();

            if (Membership.ValidateUser(sUserName, sPw))
            {
                //Log the user in???
                FormsAuthentication.Authenticate(sUserName, sPw);
            }
        }

        catch (Exception r)
        {
            string sMessage = r.Message;

        }

Open in new window


Any help in logging the user in with username and password parameters would be greatly appreciated.

rbs
0
Comment
Question by:RBS
6 Comments
 
LVL 2

Expert Comment

by:sanjaysumantera
Comment Utility
Note: I'm making an assumption that you are doing a post back to the server in your form to save the data to begin with.

After you've processed the form (i.e. saved the data to the DB) why don't you clear the controls from the page and call "CreateChildControls". This would be the quickest way to clear your input controls before rendering the page back to the user.

YMMV, this isn't necessarily the best or safest way to do this but it can/could work; however I've only used this in custom controls that did not have a corresponding ascx file.
0
 
LVL 11

Expert Comment

by:SAMIR BHOGAYTA
Comment Utility
Hello,

You have to create one page like ActiveUser.aspx and then randomly created password pass through the parameter and put into the textbox when user click's on the redirected link. And then after check the userid and password and allow user to logged in.
0
 
LVL 6

Expert Comment

by:badalpatel
Comment Utility
Hi,
 
Your code is correct and should run. There are couple of checks we need to make here
1. Is this login check is done in new page or login page? If its in new page then all user can access it or they do have to login to access this new page?
2. if your new password contains spaces or special chars then in you might need to user URLEncode/urlDecode funtionality here
      Server.URLDecode(Request.QueryString["pw"].ToString());
3. Please make sure that username and password are correct ones :)
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:RBS
Comment Utility
Hi badalpatel:

1.  When the user clicks the link from his email, he is directed to a new page pw.aspx which only processes the code that I have shown in an attempt to log the person in with the temporary password just assigned and then if login is successful, redirects the user to the ChangePassword page.  All users can access the pw page and when I step through the code, it successfully validates the user and I, believe authenticates him.  

2.  The randomly generated password contains special characters.  However I have tried the app by using the link http://localhost/pw.aspx?UserName=TestUser&pw=tassword with the same results - am able to step through the code - user appears to have been logged in but is not...

3.  Yes, the usernames and pws are correct - I verified each :)

Regards,
rbs
0
 
LVL 6

Accepted Solution

by:
badalpatel earned 500 total points
Comment Utility
Can you please do one thing here, change your code
if (Membership.ValidateUser(sUserName, sPw))
            {
                //Log the user in???
                FormsAuthentication.Authenticate(sUserName, sPw);
            }

with this one,
if (Membership.ValidateUser(sUserName, sPw))
            {
                //Log the user in???
                FormsAuthentication.SetAuthCookie(sUserName, false);
                Response.Redirect("newpage.aspx");
            }

Its worked on my sample page. Find more info here on http://forums.asp.net/t/1247123.aspx
0
 

Author Closing Comment

by:RBS
Comment Utility
Great, thanks - worked like a charm.

rbs
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Wouldn’t it be nice if you could test whether an element is contained in an array by using a Contains method just like the one available on List objects? Wouldn’t it be good if you could write code like this? (CODE) In .NET 3.5, this is possible…
Today I had a very interesting conundrum that had to get solved quickly. Needless to say, it wasn't resolved quickly because when we needed it we were very rushed, but as soon as the conference call was over and I took a step back I saw the correct …
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now