change members password programmatically

Press Ctrl / CMD + C to copy this to your clipboard.

Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at

Mikhail 5 posts 97 karma points

Oct 28, 2019 @ 11:37

Change members password programmatically

I'm new in Umbraco. I need to implement changing members password.

I have the endpoint:

public BaseResponse Put(UpdatePasswordModel model)
    {
        var response = new BaseResponse();

        if (!ModelState.IsValid)
        {
            response.Code = ErrorCode.WrongUsernameOrPassword;
            response.Message = "Wrong username or password!";
            return response;
        }

        var member = _memberService.GetByUsername(model.UserName);

        if (member == null)
        {
            response.Code = ErrorCode.MemberNotFound;
            response.Message = $"Member {model.UserName} not found";

            return response;
        }

        var passwordModel = new ChangingPasswordModel { NewPassword = model.NewPassword, OldPassword = model.OldPassword };
        _membershipHelper.ChangePassword(model.UserName, passwordModel, "UmbracoMembershipProvider");

        response.Code = ErrorCode.Success;

        return response;
    }

UpdatePasswordModel contains UserName, OldPassword, NewPassword.

Has ChangePassword metdod some validation for old and new passwords? What is the best way to change members password?

Copy Link

Alex Skrypnyk 5908 posts 22603 karma points MVP 4x admin c-trib

Nov 07, 2019 @ 14:55

0

Hi Mikhail

There is a param in Umbraco Security Settings that can specify a regular expression for a password - "passwordStrengthRegularExpression"

https://our.umbraco.com/Documentation/Reference/Security/Security-settings/

But I'm not sure that it will work if you change a password through the code.

Thanks,

Alex

Copy Link
Alex Skrypnyk 5908 posts 22603 karma points MVP 4x admin c-trib

Nov 12, 2019 @ 21:45

0

Hi Mikhail

Let us know if you found a solution.

Thanks, Alex

Copy Link
Anton 3 posts 75 karma points

Nov 26, 2019 @ 14:19

1

You can checking correct username and password:

if (System.Web.Security.Membership.ValidateUser(model.UserName, model.PasswordOld)) {

_membershipHelper.ChangePassword(model.UserName, passwordModel, "UmbracoMembershipProvider");

}

Copy Link

Mikhail 5 posts 97 karma points

Nov 26, 2019 @ 14:20

So the main problem was that the ChangePassword method did not validate the old password. We decided to use the next approach:

var attempt = new Attempt<PasswordChangedModel>();
            if (Membership.ValidateUser(model.UserName, model.PasswordOld))
            {
                attempt = membershipHelper.ChangePassword(model.UserName, passwordModel, membershipProviderName);
            }

if (!attempt.Success)
            {
                throw new ChangeMembersPasswordException("Failed to change password!!");
            }

Copy Link

is working on a reply...

This forum is in read-only mode while we transition to the new forum.

You can continue this topic on the new forum by tapping the "Continue discussion" link below.

Please Sign in or register to post replies