Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fixed reset password for code #4

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fixed reset password for code #4

wants to merge 1 commit into from

Conversation

Vktun
Copy link

@Vktun Vktun commented Jun 11, 2021
edited
Loading

improve reset password use phone and code use TwoFactor way in generate code and verify code

gdlcf88
gdlcf88 reviewed Jun 11, 2021
View reviewed changes
...rLogin.Application/EasyAbp/Abp/PhoneNumberLogin/Account/PhoneNumberLoginAccountAppService.cs
@@ -276,7 +296,19 @@ protected virtual async Task<string> GenerateCodeAsync(string phoneNumber, Verif
switch (type)
{
case VerificationCodeType.ResetPassword:
code = await _identityUserManager.GeneratePasswordResetTokenAsync(identityUser);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not use ASP.NET Core's IdentityUserManager.GeneratePasswordResetTokenAsync();? The default implementation of IUserTwoFactorTokenProvider is fine and EasyAbp also provides one: https://github.com/EasyAbp/Abp.VerificationCode/blob/master/src/EasyAbp.Abp.VerificationCode.Identity/EasyAbp/Abp/VerificationCode/Identity/AbpVerificationCodeTokenProvider.cs.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

GeneratePasswordResetTokenAsync() this method generate code length too long , the sms not allow code longer than 24 in aliyun .

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You can replece the default implementation, see https://github.com/EasyAbp/Abp.VerificationCode/blob/master/src/EasyAbp.Abp.VerificationCode.Identity/EasyAbp/Abp/VerificationCode/Identity/AbpVerificationCodeTokenProvider.cs

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the Abp.VerficationCode not implement twoFactor methods yet . I need to take time to fix that repository ,wait some days please when i have time .

...rLogin.Application/EasyAbp/Abp/PhoneNumberLogin/Account/PhoneNumberLoginAccountAppService.cs
@@ -276,7 +296,19 @@ protected virtual async Task<string> GenerateCodeAsync(string phoneNumber, Verif
switch (type)
{
case VerificationCodeType.ResetPassword:
code = await _identityUserManager.GeneratePasswordResetTokenAsync(identityUser);
if (identityUser == null)
throw new UserFriendlyException(_localizer["InvalidPhoneNumber"]);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about throw new InvalidVerificationCodeException();?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if u used twofactor to generate , u need use identityuser not null , identityuser come from phonenumber in database. database doesn`t have this phonenumber u cant resetpassword.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gdlcf88 gdlcf88 gdlcf88 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Vktun @gdlcf88