umbraco 5 resetpassword bug - bugs

Press Ctrl / CMD + C to copy this to your clipboard.

Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at

Oskar Kjellin 1 post 21 karma points

Mar 02, 2012 @ 09:59

Umbraco 5, ResetPassword bug

Hi,

I am new to umbraco. So far I've found the version 5 to be rather full of bugs. But this one really made me laugh. In the latest source code, the ResetPassword BackOfficeMembershipProvider actually deletes the user. Rather sure that isn't meant to be:

        public override string ResetPassword(string username, string answer)
        {
            using (var uow = _hive.Create())
            {
                var user = GetUmbracoUser(_appContext, uow, username, false);

                if (user == null) return null;

                if (Membership.RequiresQuestionAndAnswer && string.IsNullOrWhiteSpace(answer))
                    throw new InvalidOperationException("Invalid answer entered!");

                if (Membership.RequiresQuestionAndAnswer && !string.IsNullOrWhiteSpace(answer) && !user.PasswordAnswer.Equals(answer, StringComparison.OrdinalIgnoreCase))
                    throw new InvalidOperationException("Invalid answer entered!");

                // Generate random password
                var newPassword = new byte[16];
                var rng = RandomNumberGenerator.Create();
                rng.GetBytes(newPassword);

                var newPasswordString = Convert.ToBase64String(newPassword);
                var salt = string.Empty;
                user.Password = TransformPassword(newPasswordString, ref salt);
                user.PasswordSalt = salt;

                uow.Repositories.Delete<User>(user.Id);
                uow.Complete();

                return newPasswordString;
            }
        }

Copy Link

is working on a reply...

Please Sign in or register to post replies