C# 设置AspNet标识令牌的计数器
我正在使用此方法重置密码C# 设置AspNet标识令牌的计数器,c#,asp.net,asp.net-identity,token,C#,Asp.net,Asp.net Identity,Token,我正在使用此方法重置密码 public ResetTokenResult DoPasswordResetTokenForChange(string userId, string token) { switch (UserManager.FindById(userId)) { case null: return ResetTokenResult.UnknownUserId; c
public ResetTokenResult DoPasswordResetTokenForChange(string userId, string token)
{
switch (UserManager.FindById(userId))
{
case null:
return ResetTokenResult.UnknownUserId;
case CatalystUser user when ! (user.PasswordInvalidatedByReset ?? false):
return ResetTokenResult.TokenIsExpired;
case CatalystUser user when ! ((user.PasswordResetTokenExpiration ?? DateTime.MinValue) > DateTime.UtcNow):
return ResetTokenResult.TokenIsExpired;
case CatalystUser user when UserManager.VerifyUserToken(user.Id, "ResetPassword", token):
user.PasswordResetTokenExpiration = DateTime.UtcNow.AddDays(-1); // 1-time use. Invalidate now.UserManager.Update(user);
return ResetTokenResult.Success;
default:
return ResetTokenResult.InvalidToken;
}
}
我正在使用此方法的控制器
[RequireHttpsWhenConfigured]
public async Task<ActionResult> Index(PasswordChangePage currentPage,
string userId, string token, string returnUrl = "")
{
var model = new PasswordChangePageViewModel(currentPage);
var isResetPasswordRequest = !string.IsNullOrEmpty(userId) && !string.IsNullOrEmpty(token);
if (!isResetPasswordRequest)
{
if (!RequestContext.IsCurrentUserAuthorized())
return Redirect(NavigationService.GetLoginLink());
model.PasswordChangeModel = new PasswordChangeViewModel {ReturnUrl = returnUrl};
model.ReturnUrl = returnUrl;
return View("Index", model);
}
if (RequestContext.IsCurrentUserAuthorized())
{
SignInManager.AuthenticationManager.SignOut();
return Redirect(Request.Url?.AbsoluteUri ?? "~/");
}
var loginLink = NavigationService.GetLoginLink();
var result = UserAccountService.DoPasswordResetTokenForChange(userId,Base64ForUrlDecode(token));
if ((result & ResetTokenResult.Failure) != ResetTokenResult.None)
{
model.ChangeCanProceed = false;
model.ErrorMessage = GetMessageForTokenResult(result);
model.LoginLink = loginLink;
}
else
{
model.PasswordChangeModel = new PasswordChangeViewModel { CurrentPassword = "null", IsResetPassword = true, UserId = userId, ResetPasswordToken = token };
model.ReturnUrl = loginLink;
}
return View("Index", model);
}
[配置时需要重新设置]
公共异步任务索引(PasswordChangePage currentPage,
字符串用户标识、字符串标记、字符串返回URL=“”)
{
var模型=新密码ChangePageViewModel(当前页面);
var isResetPasswordRequest=!string.IsNullOrEmpty(userId)和&!string.IsNullOrEmpty(token);
如果(!isResetPasswordRequest)
{
如果(!RequestContext.IsCurrentUserAuthorized())
返回重定向(NavigationService.GetLoginLink());
model.PasswordChangeModel=new PasswordChangeViewModel{ReturnUrl=ReturnUrl};
model.ReturnUrl=返回URL;
返回视图(“索引”,模型);
}
if(RequestContext.IsCurrentUserAuthorized())
{
SignInManager.AuthenticationManager.SignOut();
返回重定向(Request.Url?.AbsoluteUri??“~/”;
}
var loginLink=NavigationService.GetLoginLink();
var result=UserAccountService.DoPasswordResetTokenForChange(userId,Base64ForUrlDecode(token));
if((result&ResetTokenResult.Failure)!=ResetTokenResult.None)
{
model.changecanprocedure=false;
model.ErrorMessage=GetMessageForTokenResult(结果);
model.LoginLink=LoginLink;
}
其他的
{
model.PasswordChangeModel=new PasswordChangeViewModel{CurrentPassword=“null”,IsResetPassword=true,UserId=UserId,ResetPasswordToken=token};
model.ReturnUrl=loginLink;
}
返回视图(“索引”,模型);
}
当用户想要重置密码时,他们会收到一封带有令牌链接的电子邮件,一切正常。据我所知,默认的ASPNET标识在单击链接1次后燃烧。
我的问题是什么是实现逻辑的最佳方式,令牌链接将在5次点击后燃烧到发送到电子邮件的链接