3

我在 GET 控制器和视图之间保留 passwordToken 时遇到问题。我看到令牌已在 GET 控制器中正确传递并添加到模型中,但是一旦 HTML.BeginForm 在视图中启动,模型就会有一个新实例,并且带有 passwordToken 的先前模型就会丢失。我需要保留密码令牌才能使用 WebSecurity.ResetPassword。关于如何做到这一点的任何建议?

我的 GET 控制器:

    [AllowAnonymous]
    public ActionResult PasswordReset(string passwordToken)
    {
        // Token Validation
        var usrID = WebSecurity.GetUserIdFromPasswordResetToken(passwordToken);
        var usr = _dbManager.GetUserInformation(usrID);

        if (usr == null)
        {
            //The link you are using is not valid anymore
            return RedirectToAction("Error", "Account");
        }
        else
        {
            var model = new PasswordReset();
            model.PasswordResetToken = passwordToken;
            return View(model);
        }
    }

我的观点:

@model Project.Models.PasswordReset
@{
ViewBag.Title = "Password Reset";
}

<h2>Password Reset</h2>

<div class="form passwordreset-form">


@using (Html.BeginForm())
{
    @Html.AntiForgeryToken()
    @Html.ValidationSummary()

    <div class="input-form">

        <div class="inputbox-label">
            @Html.LabelFor(m => m.Password)
        </div>
        <div class="inputbox">
            @Html.PasswordFor(m => m.Password)
        </div>

        <div class="inputbox-label">
            @Html.LabelFor(m => m.ConfirmPassword)
        </div>
        <div class="inputbox">
            @Html.PasswordFor(m => m.ConfirmPassword)
        </div>

    </div>
    <div style="float:right;">
        <input type="submit" value="Change Password" />
    </div>

}

</div>

我的 POST 控制器:

    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public ActionResult PasswordReset(PasswordReset model)
    {
        //Attemp to change password
        var passwordChangeConfirmation = WebSecurity.ResetPassword(model.PasswordResetToken, model.Password); 

            //Password has been changed
        if(passwordChangeConfirmation == true)
        {
            return RedirectToAction("Index", "Home");
        }
            //Password change has failed
        else
        {
            return RedirectToAction("Error", "Account");
        }
    }
4

3 回答 3

3

我最终调整了 POST 类以使其工作。

    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public ActionResult PasswordReset(PasswordReset model, string passwordToken)
    {
        //Attemp to change password
        model.PasswordResetToken = passwordToken;
        var passwordChangeConfirmation = WebSecurity.ResetPassword(model.PasswordResetToken, model.Password);

        //Password has been changed
        if (passwordChangeConfirmation == true)
        {
            return RedirectToAction("Index", "Home");
        }
        //Password change has failed
        else
        {
            return RedirectToAction("Error", "Account");
        }
    }
于 2013-01-11T21:30:56.347 回答
2

将其添加到您的表单中:

@Html.HiddenFor(m => m.PasswordResetToken);
于 2013-01-11T20:49:57.723 回答
1

您可以在表单上为您传递的字段(来自您的模型)使用隐藏的输入。

@Html.HiddenFor(m => m.PasswordResetToken);

在输出

<input type="hidden" name="PasswordResetToken"></input>
于 2013-01-11T21:44:45.137 回答