WebSecurity.GeneratePasswordResetToken returns error (but user exists!)

Question

I'm working in an ASP.NET MVC 4 web app, I'm trying to make a password forget page. In my POST, I check that the user related to the password is present

WebSecurity.UserExists(email)

and it returns true, but when I exectue

WebSecurity.GeneratePasswordResetToken(email, 10);

I'm getting this error

No account exists for *email*

For reference, I was following this tutorial: http://www.thecodingguys.net/tutorials/asp/webpages-membership-forgot-password-and-reset-password.

Any ideas?

Answer 1

Solved, somehow in [webpages_Membership] table it wasn't present the confirmation for the user.

Answer 2

If the user is not confirmed, the same error will be thrown. Took me a while to find out so this might help someone. Perhaps someone has a better way of doing it, because this is kind of hacky.

In my case, the client want to send the user a password by mail (I know....) and if the mail needs to be resent, a new password has to be genereated.

 private string ChangePasswordForNotConfirmedUser(string emailAdress)
    {
        var membership = _membershipRepository.GetByUserName(emailAdress);
        membership.IsConfirmed = true;
        _membershipRepository.Save(membership);
        var token = WebSecurity.GeneratePasswordResetToken(emailAdress);
        var password = Membership.GeneratePassword(GlobalSettings.PasswordLenght, GlobalSettings.PasswordNoAlphaChars);
        WebSecurity.ResetPassword(token, password);
        membership.IsConfirmed = false;
        _membershipRepository.Save(membership);
        return password;
    }