WebSecurity - GeneratePasswordResetToken()
❮ WebSecurity
Definition
The GeneratePasswordResetToken() method generates a password reset token that can be sent to a user in email.
C# and VB Syntax
WebSecurity.GeneratePasswordResetToken(userName, expiration)
Parameters
| Parameter | Type | Description |
|---|---|---|
| userName | String | The user name |
| expiration | Integer | The time in minutes until the token expires. Default is 1440 (24 hours) |
Return Value
| Type | Description |
|---|---|
| String | A reset token. |
Errors and Exceptions
Any access to the WebSecurity object throws an InvalidOperationException if:
- The InitializeDatabaseConnection() method has not been called
- SimpleMembership is not initialized (or disabled in the website configuration)
Remarks
Use the ResetPassword() method if the user has forgotten his password. The ResetPassword() method requires a password reset token.
A confirmation token can be created by the CreateAccount(), CreateUserAndAccount(), or GeneratePasswordResetToken() methods.
The password can be reset by code, but the common procedure is to send an email to the user (with the token and a link to a page) so he can confirm the new password with the new token:
@{
newPassword = Request["newPassword"];
confirmPassword = Request["confirmPassword"];
token = Request["token"];
if IsPost
{
// input testing is ommitted here to save space
retunValue = ResetPassword(token, newPassword);
}
}
<h1>Change Password</h1>
<form method="post" action="">
<label for="newPassword">New Password:</label>
<input type="password"
id="newPassword" name="newPassword" title="New password" />
<label
for="confirmPassword">Confirm Password:</label>
<input type="password"
id="confirmPassword" name="confirmPassword" title="Confirm new password" />
<label for="token">Pasword Token:</label>
<input type="text"
id="token" name="token" title="Password Token" />
<p
class="form-actions">
<input type="submit" value="Change Password"
title="Change password" />
</p>
</form>
❮ WebSecurity
