Search code examples
c#asp.netasp.net-coreasp.net-core-mvcasp.net-identity-3

Identity 3 reset password unable to login

I am using asp.net 5, MVC 6, Identity 3 with EF7 and everything updated to RC1

I have the following in my startup services configuration:

        services.AddCaching();
        services.AddSession();

     services.AddEntityFramework().AddInMemoryDatabase().AddDbContext<MyContext>(o => o.UseInMemoryDatabase());
        services.AddIdentity<User, Role>()
            .AddEntityFrameworkStores<MyContext, Guid>()
            .AddDefaultTokenProviders();


        services.AddAuthentication();

In my startup configure i have:

        app.UseSession();
        app.UseIdentity();

I try to reset a users password with ResetPasswordAsync but for some strange reason i got a few issues here.

  • First when i try to reset the password i get error that i need uppercase, even if i have Uppercase, Lowercase and Digit.

  • Second if i disable all requirements in services.AddIdentity and reset password i get success, but when i try to login with the new password it does not work.

I dont really understand whats going on, but are there any known bugs?

Identity options

        options.User.RequireUniqueEmail = true;
        //Password
        options.Password.RequiredLength = 7;
        options.Password.RequireUppercase = false;
        options.Password.RequireLowercase = false;

        options.SignIn.RequireConfirmedEmail = false;
        options.AccessDeniedPath = new PathString("/Account/Login");
        options.LoginPath = new PathString("/Account/Login");
        options.LogoutPath = new PathString("/");
        options.AuthenticationScheme = IdentityCookieOptions.ApplicationCookieAuthenticationType = "ApplicationCookie";
        options.AutomaticChallenge = true;

I have reproduced the issue on github: https://github.com/lasrol/EmptyDB

Solution

  • The issue was just a big error on my part in my code i did not pass on the right variable to the API. This works: 

            var token = model.Token;
        var userid = model.UserId;
        var user = await _userManager.FindByIdAsync(userid);
        var result = await _userManager.ResetPasswordAsync(user, token, model.Password);

    This did not work(for obvius reason. Hint: userid :P):

            var token = model.Token;
        var userid = model.UserId;
        var user = await _userManager.FindByIdAsync(userid);
        var result = await _userManager.ResetPasswordAsync(user, token, userid);