我在 GET 控制器和视图之间保留 passwordToken 时遇到问题。我看到令牌已在 GET 控制器中正确传递并添加到模型中,但是一旦 HTML.BeginForm 在视图中启动,模型就会有一个新实例,并且带有 passwordToken 的先前模型就会丢失。我需要保留密码令牌才能使用 WebSecurity.ResetPassword。关于如何做到这一点的任何建议?
我的 GET 控制器:
[AllowAnonymous]
public ActionResult PasswordReset(string passwordToken)
{
// Token Validation
var usrID = WebSecurity.GetUserIdFromPasswordResetToken(passwordToken);
var usr = _dbManager.GetUserInformation(usrID);
if (usr == null)
{
//The link you are using is not valid anymore
return RedirectToAction("Error", "Account");
}
else
{
var model = new PasswordReset();
model.PasswordResetToken = passwordToken;
return View(model);
}
}
我的观点:
@model Project.Models.PasswordReset
@{
ViewBag.Title = "Password Reset";
}
<h2>Password Reset</h2>
<div class="form passwordreset-form">
@using (Html.BeginForm())
{
@Html.AntiForgeryToken()
@Html.ValidationSummary()
<div class="input-form">
<div class="inputbox-label">
@Html.LabelFor(m => m.Password)
</div>
<div class="inputbox">
@Html.PasswordFor(m => m.Password)
</div>
<div class="inputbox-label">
@Html.LabelFor(m => m.ConfirmPassword)
</div>
<div class="inputbox">
@Html.PasswordFor(m => m.ConfirmPassword)
</div>
</div>
<div style="float:right;">
<input type="submit" value="Change Password" />
</div>
}
</div>
我的 POST 控制器:
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public ActionResult PasswordReset(PasswordReset model)
{
//Attemp to change password
var passwordChangeConfirmation = WebSecurity.ResetPassword(model.PasswordResetToken, model.Password);
//Password has been changed
if(passwordChangeConfirmation == true)
{
return RedirectToAction("Index", "Home");
}
//Password change has failed
else
{
return RedirectToAction("Error", "Account");
}
}