Create new login route

Topics: Customizing Orchard
Sep 21, 2016 at 12:13 PM
The scenario - I want to give a user a link to my orchard site with their username and password on the querystring e.g.

I want it to log them in, then prompt them to change their passwordif it's the first time. Subsequent logins to the site are then from where they would see a login screen and use johnsmith as the username and whatever they just changed their password to be.

So I got as far as creating a new module - the idea is that I can reference Orchard.Users and call the bits I need from there so I don't have to rewrite the wheel ;). I have a controller in there called Logon with an action of Login - the action is marked as [AlwaysAccessible]

I changed the web.config forms authentication to go to my new route, added a Route class to set my new routing with a priority of 199, figuring that was a high enough number to put it to the top of the queue, restarted IIS, started up orchard and it is going to the original route - is there something I have missed?

web.config changes
  <authentication mode="Forms">
            <forms loginUrl="~/PasswordChanger/Logon/Login" timeout="2880" />
route class
using System.Collections.Generic;
using Orchard.Mvc.Routes;
using System.Web.Routing;
using System.Web.Mvc;

namespace PasswordChanger
    public class Routes : IRouteProvider
        public IEnumerable<RouteDescriptor> GetRoutes()
            return new[] {

                    new RouteDescriptor {
                    Priority = 199,
                    Route = new Route(
                        new RouteValueDictionary {
                            {"area", "PasswordChanger"},
                            {"controller", "Logon"},
                            {"action", "Login"}
                        new RouteValueDictionary(),
                        new RouteValueDictionary {
                            {"area", "PasswordChanger"}
                        new MvcRouteHandler())

        public void GetRoutes(ICollection<RouteDescriptor> routes)
            foreach (var routeDescriptor in GetRoutes())
Sep 23, 2016 at 2:14 PM
Resolved this.

The TL:DR version:
1)If the user goes to they see the regular login screen as intended, a check is performed to see if they need to change their password
2)it the user uses, they are logged in and forced to change their password if necessary using the new routing

The day and a half later version...
Realised I was over complicating the issue, and took a step back and reassessed ;)