Can anyone tell me if it is possible, that when you reset a users password in the admin section for it to email the user their new password rather than for it to display on screen. Ideally, Administrators shouldn't be able to see the users password when it is reset. This is NOT for the Members section but for the Admin section only.
Are they an config tweaks or packages that can do this?
You can implement that functionality via events.
Look at UserService, there are UserService.SavingUser event can be what you want.
Example of working with events :
Thank you for your response, I have considered using the UserService, however for security purposes we don't want the Admin to be able to see the password, I know at the moment when you check the Reset Password box the page reloads and password is shown in a green modal box. Is there any way we can switch this bit off but still retain the reset password option?
@Alex - unless I am missing something, you cannot use the UserService events because you do not have access to the saved password. The RawPasswordValue field has already been hashed by the time the event is raised.
I've just tested this and P@010 is correct, the password is indeed hashed when we call it. Does anyone know how to get around this, without having to disable Hashing.
private void UserService_SavedUser(IUserService sender, SaveEventArgs<Umbraco.Core.Models.Membership.IUser> e)
{
var savedEnts = e.SavedEntities;
string userEmail = savedEnts.Select(x => x.Email).FirstOrDefault();
string userPassword = savedEnts.Select(x => x.).FirstOrDefault();
SendMail(userEmail, "Password Reset", "Here is your new password: " + userPassword);
}
We have found a work around for this of sorts, it's not fantastic but it did the job. We basically found the file passwordChanger.ascx (/umbraco/controls), its the file that outputs the newly reset password (the green box that's shown) and we removed the password from view but triggered a web service call, in which we passed the newly created password and called a function that emails the user. Like I said it's crude, but it does the job.
Sure thing, basically dig out the passwordChanger.ascx control (/umbraco/controls/). Open it up and change the last div of the page - I think it's called id="Div1".
Replace that Div with this code:-
Apologies for the screen grab, the code format insert tool kept stripping out some code.
Once this is in, you'll then need to create a User web service.
[WebService(Namespace = "http://tempuri.org/")]
[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
[System.ComponentModel.ToolboxItem(false)]
// To allow this Web Service to be called from script, using ASP.NET AJAX, uncomment the following line.
[System.Web.Script.Services.ScriptService]
public class User : System.Web.Services.WebService
{
[WebMethod]
public bool sendUserEmail(string message, string emailAddress)
{
string emailMessage = "<h3>Password reset</h3><p>Your password for the [WEBSITE NAME] website has been reset to: " + message + "</p><p>If you have received this email in error please notify the systems manager at <a href='mailto:[EMAIL ADDRESS]'>[EMAIL ADDRESS]</a>. The email should then be deleted.</p>";
Shared.EmailHelper.SendMail(emailAddress, "Password reset", emailMessage, true);
return true;
}
}
Obviously replace the SendEmail function with your own .net Send Mail code.
Hope this helps, and let me know if it works for you.
$('#passwordInfobox').html("<h3>Update successful</h3> <p>An email with the new password has been sent to: " + emailAddress + ".</p>");
},
error: function (jqXHR, textStatus, errorThrown) {
console.log(textStatus, errorThrown);
('#passwordInfobox').show();
('#passwordInfobox').html("<h3>There was a problem with your request</h3> <p>There was a problem updating the password, please try again.</p)<p>" + errorThrown + "</p>");
Reset user password and email new password
Hello,
Can anyone tell me if it is possible, that when you reset a users password in the admin section for it to email the user their new password rather than for it to display on screen. Ideally, Administrators shouldn't be able to see the users password when it is reset. This is NOT for the Members section but for the Admin section only.
Are they an config tweaks or packages that can do this?
Many Thanks
Paul
Hi Paul,
You can implement that functionality via events. Look at UserService, there are UserService.SavingUser event can be what you want. Example of working with events :
https://our.umbraco.org/documentation/Reference/Events-v6/ContentService-Events
Thanks, Alex
Hi Alex,
Thank you for your response, I have considered using the UserService, however for security purposes we don't want the Admin to be able to see the password, I know at the moment when you check the Reset Password box the page reloads and password is shown in a green modal box. Is there any way we can switch this bit off but still retain the reset password option?
Many Thanks
Paul
@Alex - unless I am missing something, you cannot use the UserService events because you do not have access to the saved password. The RawPasswordValue field has already been hashed by the time the event is raised.
Do we know if this is still possible, I'll obviously need to send it in plain text to the user?
Thanks
Paul
I've just tested this and P@010 is correct, the password is indeed hashed when we call it. Does anyone know how to get around this, without having to disable Hashing.
Just a further update on this.
We have found a work around for this of sorts, it's not fantastic but it did the job. We basically found the file passwordChanger.ascx (/umbraco/controls), its the file that outputs the newly reset password (the green box that's shown) and we removed the password from view but triggered a web service call, in which we passed the newly created password and called a function that emails the user. Like I said it's crude, but it does the job.
Cheers
Paul
Hi Paul
I would like to achieve the same thing as you describe. Do you have code to reset and email a new password to a user?
Thanks
Dan
Hi Dan,
Sure thing, basically dig out the passwordChanger.ascx control (/umbraco/controls/). Open it up and change the last div of the page - I think it's called id="Div1".
Replace that Div with this code:-
Apologies for the screen grab, the code format insert tool kept stripping out some code.
Once this is in, you'll then need to create a User web service.
Obviously replace the SendEmail function with your own .net Send Mail code.
Hope this helps, and let me know if it works for you.
Thanks
Paul
Fantastic, that works fine, just needed to change the ID of the Email field. Here is the code not as a screenshot:
<scripttype="text/javascript">
$(document).ready(function (){
var newPassword = "<%# ChangingPasswordModel.GeneratedPassword %>";
var emailAddress = document.getElementById("body_ctl12").value;
$.ajax({
type: 'POST',
dataType: 'json',
contentType: 'application/json',
url: '/Services/User.asmx/sendUserEmail',
data: '{ "emailAddress": "' + emailAddress + '", "message": "' + newPassword + '"}',
success: function (data) {
$('#passwordInfobox').show();
$('#passwordInfobox').html("<h3>Update successful</h3> <p>An email with the new password has been sent to: " + emailAddress + ".</p>");
},
error: function (jqXHR, textStatus, errorThrown) {
console.log(textStatus, errorThrown);
('#passwordInfobox').show();
('#passwordInfobox').html("<h3>There was a problem with your request</h3> <p>There was a problem updating the password, please try again.</p)<p>" + errorThrown + "</p>");
}
});
});
</script>
Excellent, glad I could help.
Cheers
Paul
is working on a reply...