1

When I attempt to follow the many examples provided I run into a couple of problems. The latest iteration of the code looks like this;

string passwordResetToken = await _applicationUserManager.GeneratePasswordResetTokenAsync(u.Id); string code = callbackUrl + HttpUtility.UrlEncode(passwordResetToken); await _applicationUserManager.SendEmailAsync(u.Id, RESET_SUBJECT, string.Format(RESET_BODY, u.FirstName, u.LastName, code));

The password reset link looks like:

http://localhost:52819/account/reset/Jn4X1sn4Ybmh9vPJmHO8U7ZdiQqr%2bRJTtn9PAMbtToILxhlUe5by0FwbX0GIY1%2bZuaHX0tAsNtcr52y1kFYPZabGwFE%2ftWvfvttKH1trLkbekhxwAZm0UbrAyZHtZyx1q3HbjFwB5lxEvfpzlvdFx9%2bByE5Nr3eehpyvyeqshhiKkr1xvPb4Oc%2bStjDFBj2qX4Qwe7dHayx8n27GaiRdNA%3d%3d

  • Problem 1: If I just try to use the password reset token 'as is' I get a routing error because of the '+' sign (this appearently creates a 'double escape sequences' which is not allow by default in IIS...for what looks like good reason.)
  • Problem 2:If I URLEncode(passwordResetToken) the result "code" looks good, but when I drop that into an email and click on the link it gets URLdecoded and the same error occurs...
  • Problem 3: Even when I enable double escapes (in web.config) the resulting URL gets parsed in such a way that it won't get routed back to the account controller correctly.

I'm not finding anybody else complaining about this, so I figure I have missed something foolish...but I can not find it..

Improve this question
5
  • 1
    Instead of account/reset/Jn4X1.... does account/reset?token=Jn4X1.... work without UrlEncode()? Commented Jun 22, 2015 at 18:49
  • Good idea, but unfortunately, no... tried it with and without urlEncode and got nowhere. Commented Jun 22, 2015 at 18:58
  • correction: after realizing I had slightly mangled the syntax for the RouteConfig using ...?id=.... worked, only with the UrlEncode (slashes appear to be the source of the problem.) Commented Jun 22, 2015 at 19:40
  • @Jasen, if you want to transform your comment to an answer I would be pleased to give you proper credit. Commented Jun 23, 2015 at 0:27
  • You're not alone. I just tried refactoring the token into the URL rather than the query string. Slashes are indeed the source of the problem. Sticking with query strings. Commented Mar 14, 2017 at 22:04

1 Answer 1

Reset to default
2

Instead of defining a custom route with uri parameters you could try just a regular query string parameter.

var url = "account/reset?token=" + HttpUtilityUrlEncode(token);
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.