首页 > 编程语言> > c#-在Microsoft身份上重置密码会导致System.Security.Cryptography.CryptographicException

c#-在Microsoft身份上重置密码会导致System.Security.Cryptography.CryptographicException

2019-11-11 22:16:39 作者：互联网

我正在使用MS Identity,并且当我使用重置令牌重置密码时,出现以下异常：

Inner Exception Type:
System.Security.Cryptography.CryptographicException Inner Exception:
The data protection operation was unsuccessful. This may have been
caused by not having the user profile loaded for the current thread’s
user context, which may be the case when the thread is impersonating.

代码如下所示：

var TheProvider = new DpapiDataProtectionProvider();
UserManager<IdentityUser> TheUserManager = new UserManager<IdentityUser>(new UserStore<IdentityUser>());
TheUserManager.UserTokenProvider = new DataProtectorTokenProvider<IdentityUser>(TheProvider.Create("EmailConfirmation"));

string TheResetCode = TheUserManager.GeneratePasswordResetToken(TheUserMembershiptID);

IdentityResult TheResult = TheUserManager.ResetPassword(TheUserMembershiptID, TheResetCode, TheNewPassword);

我所拥有的在我的本地计算机上可以运行,但是当我将其放在服务器上时却无法运行.我环顾四周,但找不到解决方案.我需要更改使其工作吗？

解决方法:

这里的假设是您至少使用Identity的第3版以及OWIN和实体框架.

不要每次都手动创建数据保护提供程序.在启动时从应用程序构建器获取它,并将其存储以供用户管理器使用.

public static class Auth {
    internal static IDataProtectionProvider DataProtectionProvider { get; private set; }
}

public partial class Startup {
    public void ConfigureAuth(IAppBuilder app) {
        Auth.DataProtectionProvider = app.GetDataProtectionProvider();
        //...other code removed for brevity
    }
}

为会员信息持久性配置DbContext

public class MyIdentityDbContext : IdentityDbContext<IdentityUser> {
    public MyIdentityDbContext()
        : base("MembershipConnection") { }

    public static MyIdentityDbContext Create() {
        return new MyIdentityDbContext();
    }
}

现在创建一个UserManager派生类,并将其配置为使用数据保护提供程序

public class IdentityUserManager : UserManager<IdentityUser> {

    private IdentityUserManager()
        : base(new UserStore<IdentityUser>(MyIdentityDbContext.Create())) {
        //...other code removed for brevity

        var dataProtectionProvider = Auth.DataProtectionProvider;
        if (dataProtectionProvider != null) {
            this.UserTokenProvider = new DataProtectorTokenProvider<IdentityUser>(dataProtectionProvider.Create("UserToken"));
        }
    }

    public static IdentityUserManager Create() {
        return new IdentityUserManager();
    }
}

因此,现在假设您已经在持久性存储中注册了用户,那么您应该能够生成令牌并重置密码.

var userManager = IdentityUserManager.Create();

var resetToken = await userManager.GeneratePasswordResetTokenAsync(id);

var result = await userManager.ResetPasswordAsync(id, resetToken, newPassword);

现在,根据您在帖子中的评论,很可能是需要将主机中的“加载用户配置文件”(假设IIS)设置为true.

引用this答案

I had the same issues except i was hosting on amazon ec2. i was able
to resolve it by going to the application pool in IIS and (under
advanced settings after a right click) setting process model – load
user profile = true.

如果是这种情况,并且您无权访问服务器,就无法像注释中所指示的那样更改该设置,那么社区所能提供的其他功能就不会涉及遇到的帖子.这个特殊的问题.

标签：asp-net-identity,asp-net,c
来源： https://codeday.me/bug/20191111/2022839.html