[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Log In User with Parameters when Changing Password - .Net

Posted on 2011-09-13
6
Medium Priority
?
270 Views
Last Modified: 2012-05-12
I have an .Net App in which want to send an email to a user that presses a Recover Password button that resets the user's password and then sends a link to the user that when followed will log the user in with a new password and bring them to the Change Password page where they must resent their password.  

I'm able to reset the password and get the new randomly generated password that I send back to the user in an email.  However, when the user follows the link back with the UserName and pw parameters, the system does not seem to log them in,

Here's the code I am using on the load event that does not seem to work:

 
try
        {
            string sUserName = Request.QueryString["UserName"].ToString();
            string sPw = Request.QueryString["pw"].ToString();

            if (Membership.ValidateUser(sUserName, sPw))
            {
                //Log the user in???
                FormsAuthentication.Authenticate(sUserName, sPw);
            }
        }

        catch (Exception r)
        {
            string sMessage = r.Message;

        }

Open in new window


Any help in logging the user in with username and password parameters would be greatly appreciated.

rbs
0
Comment
Question by:RBS
6 Comments
 
LVL 2

Expert Comment

by:sanjaysumantera
ID: 36533549
Note: I'm making an assumption that you are doing a post back to the server in your form to save the data to begin with.

After you've processed the form (i.e. saved the data to the DB) why don't you clear the controls from the page and call "CreateChildControls". This would be the quickest way to clear your input controls before rendering the page back to the user.

YMMV, this isn't necessarily the best or safest way to do this but it can/could work; however I've only used this in custom controls that did not have a corresponding ascx file.
0
 
LVL 11

Expert Comment

by:SAMIR BHOGAYTA
ID: 36533780
Hello,

You have to create one page like ActiveUser.aspx and then randomly created password pass through the parameter and put into the textbox when user click's on the redirected link. And then after check the userid and password and allow user to logged in.
0
 
LVL 6

Expert Comment

by:badalpatel
ID: 36534952
Hi,
 
Your code is correct and should run. There are couple of checks we need to make here
1. Is this login check is done in new page or login page? If its in new page then all user can access it or they do have to login to access this new page?
2. if your new password contains spaces or special chars then in you might need to user URLEncode/urlDecode funtionality here
      Server.URLDecode(Request.QueryString["pw"].ToString());
3. Please make sure that username and password are correct ones :)
0
Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

 

Author Comment

by:RBS
ID: 36536746
Hi badalpatel:

1.  When the user clicks the link from his email, he is directed to a new page pw.aspx which only processes the code that I have shown in an attempt to log the person in with the temporary password just assigned and then if login is successful, redirects the user to the ChangePassword page.  All users can access the pw page and when I step through the code, it successfully validates the user and I, believe authenticates him.  

2.  The randomly generated password contains special characters.  However I have tried the app by using the link http://localhost/pw.aspx?UserName=TestUser&pw=tassword with the same results - am able to step through the code - user appears to have been logged in but is not...

3.  Yes, the usernames and pws are correct - I verified each :)

Regards,
rbs
0
 
LVL 6

Accepted Solution

by:
badalpatel earned 2000 total points
ID: 36540923
Can you please do one thing here, change your code
if (Membership.ValidateUser(sUserName, sPw))
            {
                //Log the user in???
                FormsAuthentication.Authenticate(sUserName, sPw);
            }

with this one,
if (Membership.ValidateUser(sUserName, sPw))
            {
                //Log the user in???
                FormsAuthentication.SetAuthCookie(sUserName, false);
                Response.Redirect("newpage.aspx");
            }

Its worked on my sample page. Find more info here on http://forums.asp.net/t/1247123.aspx
0
 

Author Closing Comment

by:RBS
ID: 36542834
Great, thanks - worked like a charm.

rbs
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question