Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

WebSecurity.GeneratePasswordResetToken Method

Generates a password reset token that can be sent to a user in email.

Namespace:  WebMatrix.WebData
Assembly:  WebMatrix.WebData (in WebMatrix.WebData.dll)
public static string GeneratePasswordResetToken(
	string userName,
	int tokenExpirationInMinutesFromNow
)

Parameters

userName
Type: System.String
The user name.
tokenExpirationInMinutesFromNow
Type: System.Int32
(Optional) The time in minutes until the password reset token expires. The default is 1440 (24 hours).

Return Value

Type: System.String
A token to send to the user.
ExceptionCondition
InvalidOperationException

The SimpleMembershipProvider.Initialize(String, NameValueCollection) method was not called.

-or-

The InitializeDatabaseConnection() method was not called.

-or-

The SimpleMembershipProvider membership provider is not registered in the configuration of your site. For more information, contact your site's system administrator.

If users have forgotten their password, they can request a new one. To provide a new password, do the following:

  1. Create a password-reset page that has a field where users can enter their email address.

  2. When a user has entered his or her email address in the password-reset page, verify that the email address represents a valid user. If it does, generate a password reset token by calling the GeneratePasswordResetToken(String, Int32) method.

  3. Create a hyperlink that points to a confirmation page in your site and that includes the token as a query-string parameter in the link's URL.

  4. Send the link to a user in an email message. When the user receives the email message, he or she can click the link to invoke the confirmation page.

  5. Create a confirmation page that extracts the token from the URL parameter and that lets the user enter a new password.

  6. When the user submits the new password, call the ResetPassword(String, String) method and pass the password reset token and the new password. If the token is valid, the password will be reset. If the token is not valid (for example, it has expired), display an error message.

The Starter Site template includes pages that show how to reset a password by using the GeneratePasswordResetToken(String, Int32) method. The initial steps described are in the ForgotPassword.cshtml file, and the subsequent steps are in the PasswordReset.cshtml file.

  • Medium trust for the immediate caller. This member can be used by partially trusted code.
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.