Forgot Password method & Edit User method not working

Question

I created MVC 4 application. In that application

1. If user forgot the password , I have method to send an email to user to reset password.

2. If Admin want to change user current password ,I have method to send an email to user with relevant details.

So I'm getting same error when I try to send email

I'm getting errors like following

1. Error that I'm getting for Forgot Password method

2. Error that I'm getting for Edit User method

Seems like I'm having trouble when I try to send email , I'm using asp.net Identity membership

This is relevant code snippet for Forgot Password Method

            [HttpPost]
            [AllowAnonymous]
            [ValidateAntiForgeryToken]
            public async Task<ActionResult> ForgotPassword(ForgotPasswordViewModel model)
            {

            if(ModelState.IsValid)
            {
                var username = await UserManager.FindByNameAsync(model.UserName);
                var user = await UserManager.FindByEmailAsync(model.Email);                   


                if (user != null && username != null)
                {

                        var provider = new Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider("My_Application");
                        UserManager.UserTokenProvider = new Microsoft.AspNet.Identity.Owin.DataProtectorTokenProvider<ApplicationUser>(provider.Create("EmailConfirmation"));          
                        var code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);                   


                        System.Net.Mail.MailMessage m = new System.Net.Mail.MailMessage(
                        ........

This is relevant code snippet for Edit User Method

    [HttpPost]
    [CustomAuthorization(IdentityRoles = "Admin")]
    [ValidateAntiForgeryToken]
    public async Task<ActionResult> Edit_User(EditUserViewModel editUser)
    {    
        try
        {    
            if (ModelState.IsValid)
            {
                AspNetUser user = db.AspNetUsers.Find(editUser.Id);                                 

                if(editUser.Change == "Yes"){                    

                String userId = editUser.Id;
                String newPassword = editUser.NewPassword;

                var provider = new Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider("My_Application");
                UserManager.UserTokenProvider = new Microsoft.AspNet.Identity.Owin.DataProtectorTokenProvider<ApplicationUser>(provider.Create("EmailConfirmation"));
                var code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);

                System.Net.Mail.MailMessage m = new System.Net.Mail.MailMessage(
................................................

Seems like having problem in same spot, but couldn't figure it out yet

Answer 1

I had same issue , then after many research I found out that problem is in IIS deployment

so following this thread I able to fix my issue

The data protection operation was unsuccessful

1. Open your IIS Manager
2. Find out what AppPool your application is using by selecting your App, right-click on it, and Select Manage Application -> Advanced Settings.
3. After that, on the top left hand side, select Applications Pools,and go ahead and select the App Pool used by your app.
4. Right-click on it, and select Advanced Settings, Go to the Process Model Section and Find the "Load User Profile" Option and set it to true.

Answer 2

i see

if (user != null && username != null)

are you trying to set those in the constructor? If so, you can't, you need to set them in the method.

Answer 3

You receive error code you wrote to the wrong place.

var provider = new Microsoft.Owin.Security.DataProtection.DpapiDataProtectionProvider("My_Application");
UserManager.UserTokenProvider = new Microsoft.AspNet.Identity.Owin.DataProtectorTokenProvider<ApplicationUser>(provider.Create("EmailConfirmation"));

you should write to Startup.Auth class. lie this :

app.CreatePerOwinContext(IdentityFactory.CreateContext);
app.CreatePerOwinContext<CustomUserManager>(IdentityFactory.CreateUserManager);

User Manager Definitions and Settings

 public static CustomUserManager CreateUserManager(IdentityFactoryOptions<CustomUserManager> options, IOwinContext context)
        {
            var manager = new CustomUserManager(new CustomUserStore(context.Get<CustomIdentityDbContext>()));

            manager.UserValidator = new UserValidator<CustomUser, int>(manager)
            {
                AllowOnlyAlphanumericUserNames = false,
                RequireUniqueEmail = true
            };

            manager.UserLockoutEnabledByDefault = true;
            manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(10);
            manager.MaxFailedAccessAttemptsBeforeLockout = 5;

            manager.PasswordValidator = new PasswordValidator
            {
                RequiredLength = 6,
                RequireNonLetterOrDigit = true,
                RequireDigit = true,
                RequireLowercase = true,
                RequireUppercase = true,
            };

            manager.EmailService = new IdentityEmailService();

            var dataProtectionProvider = options.DataProtectionProvider;
            if (dataProtectionProvider != null)
            {
                manager.UserTokenProvider = new DataProtectorTokenProvider<CustomUser, int>(dataProtectionProvider.Create("My_Application"))
                {
                    TokenLifespan = TimeSpan.FromHours(2)
                };
            }

            return manager;
        }

Important :You gotta be careful here

 var dataProtectionProvider = options.DataProtectionProvider;
            if (dataProtectionProvider != null)
            {
                manager.UserTokenProvider = new DataProtectorTokenProvider<CustomUser, int>(dataProtectionProvider.Create("FocusOnStoreService"))
                {
                    TokenLifespan = TimeSpan.FromHours(2)
                };
            }