Sign in Register
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Michaël Vanbrabandt 863 posts 3348 karma points c-trib
    Mar 16, 2016 @ 08:57
    Michaël Vanbrabandt
    1

    Get current member username and password in razor

    Hi,

    What is the easiest way to get the current logged in member his username and password?

    When I use:

    var member = Members.GetCurrentMember();

    Then the member doesn't have the properties Username and Password.

    Thanks

    UPDATE

    var profile = Members.GetCurrentMemberProfileModel();
var _username = profile.UserName;
var _password = "";

    I got the UserName but now I only need the plain txt Password.

    /Michael

    Copy Link
  • Dave Woestenborghs 3504 posts 12135 karma points MVP 9x admin c-trib
    Mar 16, 2016 @ 10:16
    Dave Woestenborghs
    0

    Hi Michaël,

    Passwords are hashed before storing in the database. So it's not possible to retreive them as plain text.

    I think it's possible to store the password as plain text in the database by changing the membership provider configuration.

    But I would never recommend storing passwords as plain text in the database.

    Maybe you can explain why you need the password as plain text ?

    Dave

    Copy Link
  • Michaël Vanbrabandt 863 posts 3348 karma points c-trib
    Mar 16, 2016 @ 10:21
    Michaël Vanbrabandt
    0

    Hi Dave,

    The username and password are needed to render 2 urls that redirects to webshops to automatically login.

    These username and passwords are the same as the member in my umbraco website.

    So when a member logs in, in my website with for example user and pwd then after login he sees 2 hyperlinks to other webshops like for example http://www.webshop.be?username=user&password=pwd

    /Michael

    Copy Link
  • Dave Woestenborghs 3504 posts 12135 karma points MVP 9x admin c-trib
    Mar 16, 2016 @ 10:29
    Dave Woestenborghs
    0

    Michaël,

    So the only option is to store the passwords as clear text in the database.

    But if you already have members in there, they can't login anymore.

    But still I think you should never pass sensitive information like a password in a URL.

    Dave

    Copy Link
  • Aristotelis Pitaridis 84 posts 402 karma points
    Mar 16, 2016 @ 12:32
    Aristotelis Pitaridis
    0

    For the new members Dave is right you can store the password to an extra field. For the already registered members you can store the password when the user logs in. You will check if the username and password are correct and if they are correct you store the password for future use.

    Copy Link
  • Dave Woestenborghs 3504 posts 12135 karma points MVP 9x admin c-trib
    Mar 16, 2016 @ 12:53
    Dave Woestenborghs
    0

    But for me storing passwords in clear text is not done

    Dave

    Copy Link
  • Aristotelis Pitaridis 84 posts 402 karma points
    Mar 16, 2016 @ 13:36
    Aristotelis Pitaridis
    0

    I agree with you but this is what Michael asked so we just give him a solution.

    :)

    Copy Link
  • Dennis Adolfi 1082 posts 6449 karma points MVP 6x c-trib
    Mar 16, 2016 @ 13:49
    Dennis Adolfi
    0

    At least md5 hash the password before passing it in the Url and maybe use som more cryptic querystring instead off pwd which for me is quite obvious that its short for passwod. I would not be very happy seeing my password in cleartext in the url.

    (But offcourse, what Dave said, you should not store cleartext passwords in the first place.)

    Copy Link
  • Damien (Slipoch) 62 posts 346 karma points
    Oct 18, 2016 @ 01:35
    Damien (Slipoch)
    1

    Anybody actually going to give an answer?

    Copy Link
Please Sign in or register to post replies

Write your reply to:

Draft