ASP.Net/Login Security/ChangePassword

Материал из .Net Framework эксперт
Перейти к: навигация, поиск

ChangePassword control enables end users to change their passwords directly in the browser

<%@ Page Language="C#" %>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1" runat="server">
    <title>Change Your Password</title>
</head>
<body>
    <form id="form1" runat="server">
        <asp:LoginStatus ID="LoginStatus1" Runat="server" />
        <p><asp:ChangePassword ID="ChangePassword1" Runat="server">
           </asp:ChangePassword><p>
    </form>
</body>
</html>



ChangePassword style

<%@ Page Language="VB" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>Untitled Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
        <asp:ChangePassword ID="ChangePassword1" 
                            runat="server" 
                            BorderColor="#CCCC99" 
                            BorderStyle="Solid"
                            Font-Names="Verdana" 
                            Font-Size="10pt" 
                            BackColor="#F7F7DE" 
                            BorderWidth="1px">
            <TitleTextStyle ForeColor="#FFFFFF" Font-Bold="True" BackColor="#6B696B" />
        </asp:ChangePassword>
    </form>
</body>
</html>



ChangePassword Template

<%@ Page Language="VB" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>Untitled Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
        <asp:ChangePassword ID="ChangePassword1" runat="server">
            <ChangePasswordTemplate>
                <table border="0" cellpadding="1">
                    <tr>
                        <td>
                            <table border="0" cellpadding="0">
                                <tr>
                                    <td align="center" colspan="2">
                                        Change Your Password</td>
                                </tr>
                                <tr>
                                    <td align="right">
                                        <asp:Label 
                                             ID="CurrentPasswordLabel" 
                                             runat="server" 
                                             AssociatedControlID="CurrentPassword">Password:</asp:Label></td>
                                    <td>
                                        <asp:TextBox 
                                             ID="CurrentPassword" 
                                             runat="server" 
                                             TextMode="Password"></asp:TextBox>
                                        <asp:RequiredFieldValidator 
                                             ID="CurrentPasswordRequired" 
                                             runat="server" 
                                             ControlToValidate="CurrentPassword"
                                             ErrorMessage="Password is required." 
                                             ToolTip="Password is required." 
                                             ValidationGroup="ChangePassword1">*</asp:RequiredFieldValidator>
                                    </td>
                                </tr>
                                <tr>
                                    <td align="right">
                                        <asp:Label 
                                             ID="NewPasswordLabel" 
                                             runat="server" 
                                             AssociatedControlID="NewPassword">New Password:</asp:Label></td>
                                    <td>
                                        <asp:TextBox 
                                             ID="NewPassword" 
                                             runat="server" 
                                             TextMode="Password"></asp:TextBox>
                                        <asp:RequiredFieldValidator 
                                             ID="NewPasswordRequired" 
                                             runat="server" 
                                             ControlToValidate="NewPassword"
                                             ErrorMessage="New Password is required." 
                                             ToolTip="New Password is required."
                                             ValidationGroup="ChangePassword1">*</asp:RequiredFieldValidator>
                                        <asp:RegularExpressionValidator 
                                             ID="RegularExpressionValidator1" 
                                             runat="server" 
                                             ControlToValidate="NewPassword"
                                             ErrorMessage="Must have at least 1 number, 1 special character, and more than 6 characters."
                                             ValidationExpression="(?=^.{6,}$)(?=.*\d)(?=.*\W+)(?![.\n]).*$">*</asp:RegularExpressionValidator></td>
                                </tr>
                                <tr>
                                    <td align="right">
                                        <asp:Label 
                                             ID="ConfirmNewPasswordLabel" 
                                             runat="server" 
                                             AssociatedControlID="ConfirmNewPassword">Confirm New Password:</asp:Label></td>
                                    <td>
                                        <asp:TextBox 
                                             ID="ConfirmNewPassword" 
                                             runat="server" 
                                             TextMode="Password"></asp:TextBox>
                                        <asp:RequiredFieldValidator 
                                             ID="ConfirmNewPasswordRequired" 
                                             runat="server" 
                                             ControlToValidate="ConfirmNewPassword"
                                             ErrorMessage="Confirm New Password is required." 
                                             ToolTip="Confirm New Password is required."
                                             ValidationGroup="ChangePassword1">*</asp:RequiredFieldValidator>
                                    </td>
                                </tr>
                                <tr>
                                    <td align="center" colspan="2">
                                        <asp:CompareValidator 
                                             ID="NewPasswordCompare" 
                                             runat="server" 
                                             ControlToCompare="NewPassword"
                                             ControlToValidate="ConfirmNewPassword" 
                                             Display="Dynamic" 
                                             ErrorMessage="The Confirm New Password must match the New Password entry."
                                             ValidationGroup="ChangePassword1"></asp:CompareValidator>
                                    </td>
                                </tr>
                                <tr>
                                    <td align="center" colspan="2" style="color: red">
                                        <asp:Literal 
                                             ID="FailureText" 
                                             runat="server" 
                                             EnableViewState="False"></asp:Literal>
                                    </td>
                                </tr>
                                <tr>
                                    <td align="right">
                                        <asp:Button 
                                             ID="ChangePasswordPushButton" 
                                             runat="server" 
                                             CommandName="ChangePassword"
                                             Text="Change Password" 
                                             ValidationGroup="ChangePassword1" />
                                    </td>
                                    <td>
                                        <asp:Button 
                                             ID="CancelPushButton" 
                                             runat="server" 
                                             CausesValidation="False" 
                                             CommandName="Cancel"
                                             Text="Cancel" />
                                    </td>
                                </tr>
                            </table>
                        </td>
                    </tr>
                </table>
            </ChangePasswordTemplate>
        </asp:ChangePassword>
        <br />
    </form>
</body>
</html>



Change the password for the current user

<%@ Page Language="C#" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>I want my password changed</title>
</head>
<body>
    <div id="pageContent">
        <form id="form1" runat="server">
            <asp:ChangePassword ID="ChangePassword1" 
                                runat="server" 
                                BackColor="#F7F6F3"
                                BorderColor="#E6E2D8" 
                                BorderPadding="4" 
                                BorderStyle="Solid" 
                                BorderWidth="1px"
                                DisplayUserName="True" 
                                Font-Names="Verdana">
                <CancelButtonStyle BackColor="#FFFBFF" 
                                   BorderColor="#CCCCCC" 
                                   BorderStyle="Solid"
                                   BorderWidth="1px" 
                                   Font-Names="Verdana" 
                                   Font-Size="0.8em" 
                                   ForeColor="#284775" />
                <ChangePasswordButtonStyle BackColor="#FFFBFF" 
                                           BorderColor="#CCCCCC" 
                                           BorderStyle="Solid"
                                           BorderWidth="1px" 
                                           Font-Names="Verdana" 
                                           Font-Size="0.8em" 
                                           ForeColor="#284775" />
                <ContinueButtonStyle BackColor="#FFFBFF" 
                                     BorderColor="#CCCCCC" 
                                     BorderStyle="Solid"
                                     BorderWidth="1px" 
                                     Font-Names="Verdana" 
                                     Font-Size="0.8em" 
                                     ForeColor="#284775" />
                <TextBoxStyle Font-Size="0.8em" />
                <TitleTextStyle BackColor="#5D7B9D" 
                                Font-Bold="True" 
                                Font-Size="0.9em" 
                                ForeColor="White" />
                <PasswordHintStyle Font-Italic="True" ForeColor="#888888" />
                <InstructionTextStyle Font-Italic="True" ForeColor="Black" />
                <MailDefinition From="firstName@yourServer.ru" Subject="Password Change">
                </MailDefinition>
            </asp:ChangePassword>
        </form>
    </div>
</body>
</html>



Password must be 8 characters long and includes two numbers and two special character

<%@ Page Language="VB" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>Untitled Page</title>
</head>
<body>
    <form id="form1" runat="server">
    <div>
         <asp:changepassword id="ChangePassword2" 
                             runat="server"
                             PasswordHintText = "Password must be 8 characters long and includes two numbers and two special character."
                             NewPasswordRegularExpression = "@\"(?=.{8,})(?=(.*\d){2,})(?=(.*\W){2,})" 
                             NewPasswordRegularExpressionErrorMessage= "Error: Your password must be 8 characters long and includes two numbers and two special character"     
                             BorderWidth="1px" 
                             BorderStyle="Solid" 
                             BorderColor="#CCCC99" 
                             Width="500px" >
             <TitleTextStyle ForeColor="#FFFFFF" Font-Bold="True" BackColor="#6B696B" />
         </asp:changepassword>
        <br />
    </form>
</body>
</html>



Set CancelButtonStyle, ChangePasswordButtonStyle, ContinueButtonStyle, PasswordHintStyle, InstructionTextStyle

<%@ Page Language="C#" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head runat="server">
    <title>I want my password changed</title>
</head>
<body>
    <div id="pageContent">
        <form id="form1" runat="server">
            <asp:ChangePassword ID="ChangePassword1" 
                                runat="server" 
                                BackColor="#F7F6F3"
                                BorderColor="#E6E2D8" 
                                BorderPadding="4" 
                                BorderStyle="Solid" 
                                BorderWidth="1px"
                                DisplayUserName="True" 
                                Font-Names="Verdana">
                <CancelButtonStyle BackColor="#FFFBFF" 
                                   BorderColor="#CCCCCC" 
                                   BorderStyle="Solid"
                                   BorderWidth="1px" 
                                   Font-Names="Verdana" 
                                   Font-Size="0.8em" 
                                   ForeColor="#284775" />
                <ChangePasswordButtonStyle BackColor="#FFFBFF" 
                                           BorderColor="#CCCCCC" 
                                           BorderStyle="Solid"
                                           BorderWidth="1px" 
                                           Font-Names="Verdana" 
                                           Font-Size="0.8em" 
                                           ForeColor="#284775" />
                <ContinueButtonStyle BackColor="#FFFBFF" 
                                     BorderColor="#CCCCCC" 
                                     BorderStyle="Solid"
                                     BorderWidth="1px" 
                                     Font-Names="Verdana" 
                                     Font-Size="0.8em" 
                                     ForeColor="#284775" />
                <TextBoxStyle Font-Size="0.8em" />
                <TitleTextStyle BackColor="#5D7B9D" 
                                Font-Bold="True" 
                                Font-Size="0.9em" 
                                ForeColor="White" />
                <PasswordHintStyle Font-Italic="True" ForeColor="#888888" />
                <InstructionTextStyle Font-Italic="True" ForeColor="Black" />
                <MailDefinition From="firstName@yourServer.ru" Subject="Password Change">
                </MailDefinition>
            </asp:ChangePassword>
        </form>
    </div>
</body>
</html>