I have programmatically created a user in version 7.7.9 with the following code:
// Obtain current user service
var userService = ApplicationContext.Current.Services.UserService;
// Try to obtain a user with the given email in case one already exists
var user = userService.GetByEmail(email);
if (user == null)
{
// Create a new user
var newUser = userService.CreateUserWithIdentity(username, email);
// Get user group as IReadOnlyUserGroup
var userGroup = userService.GetUserGroupByAlias("admin") as IReadOnlyUserGroup;
// Add the userGroup to the newUser
newUser.AddGroup(userGroup);
// Set the user's password
newUser.RawPasswordValue = password;
// Save the new user
userService.Save(newUser);
}
This works and the user is created, however I am then unable to login with the user even after logging in to the dashboard with a different admin account and resetting the new account password.
I also created a new user from the backoffice and tried to login which worked no problem at all.
Could someone please help me with where I'm going wrong here?
The RawPasswordValue needs to be hashed and salted.
I'm not sure this is the recommended way but it works!
if (user == null)
{
// Create a new user
var newUser = userService.CreateUserWithIdentity(email, email);
// Get user group as IReadOnlyUserGroup
var userGroup = userService.GetUserGroupByAlias("admin") as IReadOnlyUserGroup;
// Add the userGroup to the newUser
newUser.AddGroup(userGroup);
// Set the user's password
newUser.RawPasswordValue = (Membership.Providers["UsersMembershipProvider"] as UsersMembershipProvider).HashPasswordForStorage(password); ;
// Save the new user
userService.Save(newUser);
}
I was confused at the fact that when creating a user programmatically you assign them a username because this isn't the case when you create a user in the backoffice. I was creating a new user with my code and then trying to login using their email address which was failing. Turned out that I should have been using their username to login and the code worked all along.
Not sure if this is correct then based on what you said Steve, but I was able to assign the 'RawPasswordAnswer' without hashing the password and still successfully create a new user. No doubt the code for hashing a password will come in useful in the future if not needed here though so thank you for that.
Umbraco now has a setting in umbracoSettings.config called usernameIsEmail. If set to true (which is default), you will only see an email field in the backoffice, as the email address also will be used for the username. If disabled, you'll get both the username and email fields.
I think this setting was introduced along with the new users section in 7.7.
<security>
<!-- by default this is true and if not specified in config will be true. set to false to always show a separate username field in the back office user editor -->
<usernameIsEmail>true</usernameIsEmail>
As this setting can be disabled/enabled, the code still let's you specify a username.
Can't Login With Programmatically Created User
I have programmatically created a user in version 7.7.9 with the following code:
This works and the user is created, however I am then unable to login with the user even after logging in to the dashboard with a different admin account and resetting the new account password.
I also created a new user from the backoffice and tried to login which worked no problem at all.
Could someone please help me with where I'm going wrong here?
Thank you in advance.
Hi,
The RawPasswordValue needs to be hashed and salted.
I'm not sure this is the recommended way but it works!
HTH
Steve
Can't you just use the
SavePasswordmethod on UserService?This should hash it like the MemberShip provider would.
You're right except you need to enable the changing of passwords in the web.config then.
allowManuallyChangingPassword attribute on the UsersMembershipProvider setting
Thanks for your reply Steve.
I was confused at the fact that when creating a user programmatically you assign them a username because this isn't the case when you create a user in the backoffice. I was creating a new user with my code and then trying to login using their email address which was failing. Turned out that I should have been using their username to login and the code worked all along.
Not sure if this is correct then based on what you said Steve, but I was able to assign the 'RawPasswordAnswer' without hashing the password and still successfully create a new user. No doubt the code for hashing a password will come in useful in the future if not needed here though so thank you for that.
A little side node regarding the username.
Umbraco now has a setting in
umbracoSettings.configcalledusernameIsEmail. If set to true (which is default), you will only see an email field in the backoffice, as the email address also will be used for the username. If disabled, you'll get both the username and email fields.I think this setting was introduced along with the new users section in 7.7.
As this setting can be disabled/enabled, the code still let's you specify a username.
is working on a reply...