I'm working in an ASP.NET MVC 4 web app, I'm trying to make a password forget page. In my POST, I check that the user related to the password is present
WebSecurity.UserExists(email)
and it returns true, but when I exectue
WebSecurity.GeneratePasswordResetToken(email, 10);
I'm getting this error
No account exists for *email*
For reference, I was following this tutorial: http://www.thecodingguys.net/tutorials/asp/webpages-membership-forgot-password-and-reset-password.
Any ideas?
Solved, somehow in [webpages_Membership] table it wasn't present the confirmation for the user.
If the user is not confirmed, the same error will be thrown. Took me a while to find out so this might help someone. Perhaps someone has a better way of doing it, because this is kind of hacky.
In my case, the client want to send the user a password by mail (I know....) and if the mail needs to be resent, a new password has to be genereated.
private string ChangePasswordForNotConfirmedUser(string emailAdress)
{
var membership = _membershipRepository.GetByUserName(emailAdress);
membership.IsConfirmed = true;
_membershipRepository.Save(membership);
var token = WebSecurity.GeneratePasswordResetToken(emailAdress);
var password = Membership.GeneratePassword(GlobalSettings.PasswordLenght, GlobalSettings.PasswordNoAlphaChars);
WebSecurity.ResetPassword(token, password);
membership.IsConfirmed = false;
_membershipRepository.Save(membership);
return password;
}
This solved the problem for me without thinking about anything else.
try
{
token = WebSecurity.GeneratePasswordResetToken(username);
}
catch (Exception ex)
{
if (ex.Message.Contains("No account"))
{
string password = System.Web.Security.Membership.GeneratePassword(6, 0);
WebSecurity.CreateAccount(username, password);
}
token = WebSecurity.GeneratePasswordResetToken(username);
}
in my case user account was not not confirmed in DB table webpages_Membership once I set isconfirmed=1 manually then its working fine
