[Samples] ForgotPassword method includes userId in confirmation link

The password reset link is constructed with userId in the query string. But the userId value is not used by POST ResetPassword - instead the user is prompted to re-enter their email address (and t...

Id #2446 | Release: None | Updated: Fri at 3:40 PM by mattjenkins | Created: Fri at 3:40 PM by mattjenkins

[Samples] Purpose of GET /Account/ForgotPasswordConfirmation?

Does GET /Account/ForgotPasswordConfirmation action method serve any purpose? It seems redundant.

Id #2445 | Release: None | Updated: Fri at 1:37 PM by mattjenkins | Created: Fri at 1:37 PM by mattjenkins

Passwords errors should all be separate errors

When a password does not comform to multiple password constraints, one error will be returned that looks like Passwords must have at least one non letter or digit character. Passwords must have at ...

Id #2444 | Release: None | Updated: Wed at 8:51 PM by MisinformedDNA | Created: Wed at 8:51 PM by MisinformedDNA

[Samples] AccountController backing fields and constructor

I see that AccountController has private backing fields for UserManager and SignInManager. The properties for accessing the backing fields do not use lazy initialization; if the backing field is n...

Id #2443 | Release: None | Updated: Fri at 3:42 PM by mattjenkins | Created: Wed at 2:38 PM by mattjenkins

SignOut vs RegenerateIdentityCallback

If user take no action for a while and then clicks LogOut it won't actually do that. This happens because of SecurityStampValidator.OnValidateIdentity. It has regenerateIdentityCallback to get a f...

Id #2442 | Release: None | Updated: Wed at 7:25 AM by abracadabra | Created: Wed at 7:25 AM by abracadabra

Debugging Identity in VS 2013

I followed the instructions on the CodePlex home page for debugging Identity but had no luck with it. It seems that the Symbols server that is referenced in the instructions is not working correct...

Id #2404 | Release: 2.2.0-alpha1 | Updated: Sep 22 at 9:47 PM by raspranav | Created: Sep 13 at 3:07 PM by ksk385

AccessFailedCount is not reset on successful login in SignInManager.PasswordSignInAsync

When I have UserManager set to lockout users and no 2FA enabled and then use await signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, true); to login users, I can se...

Id #2370 | Release: None | Updated: Fri at 9:01 PM by suhasj | Created: Aug 27 at 11:33 PM by trailmax

IdentityUser_Id getting null value

I am using database firs approach and using identity. I have update this version of identity in my application and after update while i am adding user to role it is inserting null value in Identit...

Id #2358 | Release: 2.2.0-alpha1 | Updated: Oct 13 at 10:15 AM by xxc3303 | Created: Aug 11 at 9:58 AM by ashwinirajp

[security]ConfirmEmailAsync uncaught exception

If a user creates an account and never confirms it, you'll want to remove entry in the AspNetUsers table. If the user then clicks on the confirm link an exception is thrown showing the stack. Bette...

Id #2356 | Release: 2.2.0-alpha1 | Updated: Aug 18 at 9:22 PM by raspranav | Created: Aug 8 at 12:35 AM by ricka0

Issue adding roles to a user

Hi, I have a issue adding a user to a role or getting, actual user roles. I'm detected a issue in my IdentityUserRoles table. It has 4 columns instead 2 (RoleId, UserId, ApplicationUser_Id and Iden...

Id #2311 | Release: None | Updated: Sep 2 at 2:20 PM by ajtowf | Created: Jul 9 at 9:04 AM by JaCk0