One of the most useful user control that comes along with the login controls is the password recovery control.A 'forgot password link' can be given in the login page which references the Password recovery page. The password recovery control is an inbuilt control in asp.net 3.5 that integrates with the membership provider and can be used by the user to recover passwords.
Once the user clicks on the submit he would be prompted to answer the secret question that he had entered while registering. Once he answers correctly a temporary password would be autogenerated and send to the mail id that he had registered his login id with.
But for that to happen there are a few things which we would need to code. For one the password recovery control has an inbuild mail sending feature but that would not send emails to email providers that work on Server Secure layers. So for example if we would need to send the password from a gmail account we would need to programatically send the mail. Before going into that make sure that in the web.config the following are set properly (given in red).
<membership defaultProvider="AspNetSqlMembershipProvider">
<providers>
<clear/>
<add name="AspNetSqlMembershipProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="LocalSqlServer" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" applicationName="HomeManagementSystem" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="7" minRequiredNonalphanumericCharacters="1" passwordAttemptWindow="10" passwordStrengthRegularExpression=""/>
</providers>
</membership>
Since the password is hashed we would need to set the enablePasswordRetrieval to false as password cannot be decoded in this case and hence the reason we are sending the user the temporary password.
The requiresQuestionAndAnser would prompt the user of the secret question and answer.
Now lets configure the control so that it sends an email from a gmail account.
Firstly in the web.config file set
<system.net>
<mailSettings>
<smtp from="test@gmail.com">
<network host="smtp.gmail.com"
password="****"
port="587"
userName="test@gmail.com"/>
</smtp>
</mailSettings>
</system.net>
Then set the onSendingMail of the password Recovery control to
<asp:PasswordRecovery ID="PasswordRecovery1" runat="server" BackColor="#F7F7DE"
BorderColor="#CCCC99" BorderStyle="Solid" BorderWidth="1px"
Font-Names="Verdana" Font-Size="10pt" OnSendingMail ="PasswordRecovery1_SendingMail">
<TitleTextStyle BackColor="#6B696B" Font-Bold="True" ForeColor="#FFFFFF" />
</asp:PasswordRecovery>
In the code behind add the method PasswordRecovery1_SendingMail
protected void PasswordRecovery1_SendingMail(object sender, MailMessageEventArgs e)
{
string from = "test@gmail.com"; //Replace this with your own correct Gmail Address
SmtpClient client = new SmtpClient();
//Add the Creddentials- use your own email id and password
client.Credentials = new System.Net.NetworkCredential(from, "****");
client.Port = 587; // Gmail works on this port
client.Host = "smtp.gmail.com"; // Smtp server for google mail
client.EnableSsl = true; //Gmail works on Server Secured Layer
try
{
client.Send(e.Message);
e.Cancel = true; //we are cancelling the mail sending part of the control so that the mail does not get send twice
}
catch (Exception ex)
{
Exception ex2 = ex;
string errorMessage = string.Empty;
while (ex2 != null)
{
errorMessage += ex2.ToString();
ex2 = ex2.InnerException;
}
HttpContext.Current.Response.Write(errorMessage);
} // end try
}
Posts
