ASP.NET Web Pages – Reset Password

[ This is an 8 part tutorial, previous tutorial: Forgot Password ]

In the reset password page insert the following:

@{
    
var token = Request["token"];
 
if (IsPost)
{

AntiForgery.Validate();
var Password = Request["Password"];
var ConfirmPassword = Request["ConfirmPassword"];
 
 
//VALIDATION
Validation.RequireFields("Password", "ConfirmPassword");
 
Validation.Add("Password",
Validator.StringLength(16, 6)
);
 
if (ConfirmPassword != Password)
{
    Validation.AddFormError("Sorry passwords do not match");
}

We ensure that the data is valid and the new passwords match. The token is received from the URL. When the user follows the reset link in their email it will look like this: http://localhost:1234/account/resetpasword?token=567dfsfsfs

if (Validation.IsValid())
{
    
if (WebSecurity.ResetPassword(token, Password))
{
    Response.Redirect("~/account/login");
}else {
    
    Validation.AddFormError("An error has occurred.");
}
 
}
 
}
 
}

If the data is valid, reset the password. The method takes two arguments: token and new password.

HTML

<form method="post">
@AntiForgery.GetHtml()
<fieldset>
<legend>Reset Password</legend>
@Html.ValidationSummary(true)
 
<div>
<label>Password</label>
<input type="password" name="Password" />
@Html.ValidationMessage("Password")
</div>
 
 
<div>
<label>Confirm Password</label>
<input type="password" name="ConfirmPassword" />
@Html.ValidationMessage("ConfirmPassword")
</div>
 
<input type="submit" value="Register"/>
</fieldset>
 
</form>

You have now successfully created the core membership system. Next we will add the logout and change password pages, which should be in the members folder.

[ Continue,  Logout and Change Password ]