英文:
Getting invalid token error from Identity when running UserManager.ResetPasswordAsync()
问题
I have a .net 6 application with Identity for authentication handling. In a reset password endpoint, I'm struggling with a "Invalid token" error from Identity.
Token generation service:
public async Task AskPasswordReset(string email)
{
var user = await _userManager.FindByEmailAsync(email);
if (user != null)
{
var token = await _userManager.GeneratePasswordResetTokenAsync(user);
var confirmationLink = _configuration["Base Url"] + "/ResetPassword?token=" + token + "&email=" + email;
var emailAddress = email;
var confimEmail = new EmailCommunicationDto
{
To = emailAddress,
Body = "You have a requested to reset you password. Please click the link provided to reset your password. Please click " + confirmationLink + " to reset.",
Subject = "Password Reset"
};
await _emailSender.SendVerificationEmail(confimEmail);
}
}
Token reset service:
public async Task ResetPassword(ResetPasswordDto resetPasswordDto)
{
var user = await _userManager.FindByEmailAsync(resetPasswordDto.email);
if (user == null)
{
throw new NotFoundException();
}
var result = await _userManager.ResetPasswordAsync(user, resetPasswordDto.token, resetPasswordDto.newPassword);
if (!result.Succeeded)
{
Console.WriteLine(result.ToString());
throw new InvalidCredentialsException();
}
}
Generated email:
You have a requested to reset you password. Please click the link
provided to reset your password. Please click
https://localhost:3000/ResetPassword?token=CfAA8KTxCSxQvlpEtzGh0VfCOQoKfuszpNPEK/yXBxCLkB2iC07vDNHecXedk6GFdl/ZlO8oqxxDNrVjj5ZdiPCXdpleOcfU2+utrCm7MLqlEWQYfx6RvAlmLRgKwcrIqVE1kXLqEGvdumAgDYYfCw0m5RosDgf0JlW3fthpbQWgIe5CoOl9UWJV20gdl2hVgh95wLhRV7WfWNTXSYv28K9ZQk31YzOhNaFjmgqXOSHAgTI2&email=eric@company.com
to reset.
Reset password DTO:
{
"newPassword": "joijoji9**Koji",
"token": "CfAA8KTxCSxQvlpEtzGh0VfCOQoKfuszpNPEK/yXBxCLkB2iC07vDNHecXedk6GFdl/ZlO8oqxxDNrVjj5ZdiPCXdpleOcfU2
utrCm7MLqlEWQYfx6RvAlmLRgKwcrIqVE1kXLqEGvdumAgDYYfCw0m5RosDgf0JlW3fthpbQWgIe5CoOl9UWJV20gdl2hVgh95wLhRV7WfWNTXSYv28K9ZQk31YzOhNaFjmgqXOSHAgTI2",
"email": "eric@company.com" }
1st guess: When the token is gotten from the URL (I'm using React), there is a decoding that alters it.
2nd guess: Identity only allows password reset after email verification.
英文:
I have a .net 6 application with Identity for authentication handling. In a reset password endpoint, I'm struggling with a "Invalid token" error from Identity.
Token generation service:
public async Task AskPasswordReset(string email)
{
var user = await _userManager.FindByEmailAsync(email);
if (user != null)
{
var token = await _userManager.GeneratePasswordResetTokenAsync(user);
var confirmationLink = _configuration["Base Url"] + "/ResetPassword?token=" + token + "&email=" + email;
var emailAddress = email;
var confimEmail = new EmailCommunicationDto
{
To = emailAddress,
Body = $"You have a requested to reset you password. Please click the link provided to reset your password. Please click " + confirmationLink + " to reset.",
Subject = "Password Reset"
};
await _emailSender.SendVerificationEmail(confimEmail);
}
}
Token reset service:
public async Task ResetPassword(ResetPasswordDto resetPasswordDto)
{
var user = await _userManager.FindByEmailAsync(resetPasswordDto.email);
if (user == null)
{
throw new NotFoundException();
}
var result = await _userManager.ResetPasswordAsync(user, resetPasswordDto.token, resetPasswordDto.newPassword);
if (!result.Succeeded)
{
Console.WriteLine(result.ToString());
throw new InvalidCredentialsException();
}
}
Generated email:
> You have a requested to reset you password. Please click the link
> provided to reset your password. Please click
> https://localhost:3000/ResetPassword?token=CfAA8KTxCSxQvlpEtzGh0VfCOQoKfuszpNPEK/yXBxCLkB2iC07vDNHecXedk6GFdl/ZlO8oqxxDNrVjj5ZdiPCXdpleOcfU2+utrCm7MLqlEWQYfx6RvAlmLRgKwcrIqVE1kXLqEGvdumAgDYYfCw0m5RosDgf0JlW3fthpbQWgIe5CoOl9UWJV20gdl2hVgh95wLhRV7WfWNTXSYv28K9ZQk31YzOhNaFjmgqXOSHAgTI2&email=eric@company.com
> to reset.
Reset password DTO:
> {
> "newPassword": "joijoji9**Koji",
> "token": "CfAA8KTxCSxQvlpEtzGh0VfCOQoKfuszpNPEK/yXBxCLkB2iC07vDNHecXedk6GFdl/ZlO8oqxxDNrVjj5ZdiPCXdpleOcfU2
> utrCm7MLqlEWQYfx6RvAlmLRgKwcrIqVE1kXLqEGvdumAgDYYfCw0m5RosDgf0JlW3fthpbQWgIe5CoOl9UWJV20gdl2hVgh95wLhRV7WfWNTXSYv28K9ZQk31YzOhNaFjmgqXOSHAgTI2",
> "email": "eric@company.com" }
1st guess: When the token is gotten from the url (I'm using React), there is a decoding that alters it.
2nd guess: Identity only allows password reset after email verification
答案1
得分: 0
你的第一个猜测对我来说看起来很有希望,因为你要附加到URL中的令牌包含特殊字符,如'/'。
尝试在附加之前对令牌进行编码,类似于:
token = Base64UrlEncoder.Encode(token);
var confirmationLink = _configuration["Base Url"] + "/ResetPassword?token=" + token + "&email=" + email;
英文:
Your first guess looks promising to me, since the token you're appending in your URL contains special characters like '/'.
Try encoding the token before appending it, with something like
token = Base64UrlEncoder.Encode(token);
var confirmationLink = _configuration["Base Url"] + "/ResetPassword?token=" + token + "&email=" + email;
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论