重置密碼功能

malagege · Sep 2, 2022 · 7507387 · 7507387
1 parent f06b336
commit 7507387
Show file tree

Hide file tree

Showing 4 changed files with 90 additions and 0 deletions.
diff --git a/AuthSample/Controllers/AccountController.cs b/AuthSample/Controllers/AccountController.cs
@@ -340,5 +340,43 @@ public async Task<IActionResult> ForgetPasswordAsync(EmailAddressViewModel model
             }
             return View(model);
         }
+
+        [HttpGet]
+        public IActionResult ResetPassword(string email, string token)
+        {
+            if(token == null || email == null)
+            {
+                ModelState.AddModelError(string.Empty, "無效的連結");
+            }
+            return View();
+        }
+
+        [HttpPost]
+        public async Task<IActionResult> ResetPasswordAsync(ResetPasswordViewModel model)
+        {
+            if (ModelState.IsValid)
+            {
+                ApplicationUser user = await _userManager.FindByEmailAsync(model.Email);
+                if(user != null)
+                {
+                    IdentityResult result = await _userManager.ResetPasswordAsync(user, model.Token, model.Password);
+
+                    if(result.Succeeded)
+                    {
+                        return View("ResetPasswordConfirmation");
+                    }
+
+                    foreach(IdentityError error in result.Errors)
+                    {
+                        ModelState.AddModelError("", error.Description);
+                    }
+                    return View(model);
+                }
+                //防止爆力攻擊，不回傳錯誤原因
+                return View("ResetPasswordConfirmation");
+            }
+
+            return View(model);
+        }
     }
 }
diff --git a/AuthSample/ViewModels/Account/ResetPasswordViewModel.cs b/AuthSample/ViewModels/Account/ResetPasswordViewModel.cs
@@ -0,0 +1,22 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace AuthSample.ViewModels.Account
+{
+    public class ResetPasswordViewModel
+    {
+        [Required]
+        [EmailAddress]
+        [Display(Name = "Email")]
+        public string Email { get; set; }
+
+        [Required]
+        [DataType(DataType.Password)]
+        [Display(Name = "密碼")]
+        public string Password { get; set; }
+        [DataType(DataType.Password)]
+        [Display(Name = "確認密碼")]
+        [Compare(nameof(Password),ErrorMessage = "密碼不一置，請重新確認")]
+        public string ConfirmPassword { get; set; }
+        public string Token { get; set; }
+    }
+}
diff --git a/AuthSample/Views/Account/ResetPassword.cshtml b/AuthSample/Views/Account/ResetPassword.cshtml
@@ -0,0 +1,23 @@
+@*
+    For more information on enabling MVC for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860
+*@
+@{
+}
+@model ResetPasswordViewModel
+
+<h2>重置密碼</h2>
+<form method="post">
+    <input asp-for="Token" type="hidden" />
+    <input asp-for="Email" type="hidden" />
+    <div>
+        <label asp-for="Password"></label>
+        <input asp-for="Password" />
+    </div>
+    <div>
+        <label asp-for="ConfirmPassword"></label>
+        <input asp-for="ConfirmPassword" />
+    </div>
+    <div>
+        <button>重置</button>
+    </div>
+</form>
diff --git a/AuthSample/Views/Account/ResetPasswordConfirmation.cshtml b/AuthSample/Views/Account/ResetPasswordConfirmation.cshtml
@@ -0,0 +1,7 @@
+@*
+    For more information on enabling MVC for empty projects, visit https://go.microsoft.com/fwlink/?LinkID=397860
+*@
+@{
+}
+<h1>重置密碼通知</h1>
+<h4>重置密碼成功，請<a asp-action="Login">登入</a></h4>