Forgot Password And Reset Password Link On Email In MVC

In this article we will see how to reset the password through forgot password page in MVC.

Add an Action link on login page if the user forgets his/her password.The link redirects the user to the below page from where the user can get a reset link on the registered email id.

Note: The user should be a already-registered user.

This is how the forgot password page looks .The user needs to enter the registered and valid email id on which the reset link will be sent.
MVC

Below is the code of the forgot password action method

  1. public ActionResult ForgotPassword()  
  2.         {  
  3.             return View();  
  4.         }  
  5.  [HttpPost]  
  6. public ActionResult ForgotPassword(string UserName)  
  7.         {  
  8.             if (ModelState.IsValid)  
  9.             {  
  10.   
  11.                 if (WebSecurity.UserExists(UserName))  
  12.                 {  
  13.                     string To = UserName, UserID, Password, SMTPPort, Host;  
  14.                     string token = WebSecurity.GeneratePasswordResetToken(UserName);  
  15.                     if (token == null)  
  16.                     {  
  17.                         // If user does not exist or is not confirmed.  
  18.   
  19.                         return View("Index");  
  20.   
  21.                     }  
  22.                     else  
  23.                     {         
  24.                         //Create URL with above token  
  25.   
  26.                         var lnkHref = "<a href='" + Url.Action("ResetPassword""Account"new { email = UserName, code = token }, "http") + "'>Reset Password</a>";  
  27.   
  28.   
  29.                         //HTML Template for Send email  
  30.   
  31.                  string subject = "Your changed password";  
  32.   
  33.                  string body = "<b>Please find the Password Reset Link. </b><br/>" + lnkHref;  
  34.   
  35.   
  36.                         //Get and set the AppSettings using configuration manager.  
  37.   
  38.            EmailManager.AppSettings(out UserID, out Password, out SMTPPort, out Host);  
  39.   
  40.   
  41.                         //Call send email methods.  
  42.   
  43.            EmailManager.SendEmail(UserID, subject, body, To, UserID, Password, SMTPPort, Host);  
  44.   
  45.                     }  
  46.   
  47.                 }                
  48.   
  49.             }  
  50.             return View();  
  51.         }  

In this article we are using gmail for sending the reset link which requires some settings on the web.config file (the settings are given below the methods).The below method is used to fetch those settings from the web.config file

  1. public class EmailManager {  
  2.     public static void AppSettings(out string UserID, out string Password, out string SMTPPort, out string Host) {  
  3.         UserID = ConfigurationManager.AppSettings.Get("UserID");  
  4.         Password = ConfigurationManager.AppSettings.Get("Password");  
  5.         SMTPPort = ConfigurationManager.AppSettings.Get("SMTPPort");  
  6.         Host = ConfigurationManager.AppSettings.Get("Host");  
  7.     }  
  8.     public static void SendEmail(string From, string Subject, string Body, string To, string UserID, string Password, string SMTPPort, string Host) {  
  9.         System.Net.Mail.MailMessage mail = new System.Net.Mail.MailMessage();  
  10.         mail.To.Add(To);  
  11.         mail.From = new MailAddress(From);  
  12.         mail.Subject = Subject;  
  13.         mail.Body = Body;  
  14.         SmtpClient smtp = new SmtpClient();  
  15.         smtp.Host = Host;  
  16.         smtp.Port = Convert.ToInt16(SMTPPort);  
  17.         smtp.Credentials = new NetworkCredential(UserID, Password);  
  18.         smtp.EnableSsl = true;  
  19.         smtp.Send(mail);  
  20.     }  
  21. }  

Web config settings

MVC

The above code will send a reset link on the registered email.Once the mail is received the user needs to click on the reset link which will redirect the user to the reset password page.

The mail will look like the below image,

Your changed password

Please find the Password Reset Link.

http://localhost:****/Account/ResetPassword?email=**************.com&code=UNbRRYVXWO4mqC15Gfdpaw2

On clicking the above link you will be redirected to a reset password page with the return/ reset token.The return/reset token is attached with the url of the reset password page and hepls in replacing the old password with the new one.User needs to enter the new password in the below page to reset it.

MVC

The code for Resetting password is as below:

  1. public ActionResult ResetPassword(string code, string email)  
  2.        {  
  3.            ResetPasswordModel model = new ResetPasswordModel();  
  4.            model.ReturnToken = code;  
  5.            return View(model);  
  6.        }  
  7.        [HttpPost]  
  8.      
  9.      
  10.  public ActionResult ResetPassword(ResetPasswordModel model)  
  11.        {  
  12.            if (ModelState.IsValid)  
  13.            {  
  14.             bool resetResponse = WebSecurity.ResetPassword(model.ReturnToken, model.Password);  
  15.                if (resetResponse)  
  16.                {  
  17.                    ViewBag.Message = "Successfully Changed";  
  18.                }  
  19.                else  
  20.                {  
  21.                    ViewBag.Message = "Something went horribly wrong!";  
  22.                }  
  23.            }  
  24.            return View(model);  
  25.        }  

The Return token in WebSecurity in Mvc hepls in replacing the old password with the new one.The ResetPassword() method in websecurity is used to reset the password with the help of return token of the registered user.

Next Recommended Readings