Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Jacob Brock-Hansen 13 posts 155 karma points
    Sep 06, 2021 @ 14:00
    Jacob Brock-Hansen
    0

    How to save passwords in Umbraco 9

    I want to create members with code by calling our Umbraco 9 from another system. For now im using Postman to develop it.

    It almost work - i can create the member, and i can assign it the right group with an internal logic, but i cant save a password for the member.

    Looking online and in this forum it seems that in Umbraco 7 and 8 there were functions SavePassword and ChangePassword in the MemberService class, but i cant find those in Umbraco 9.

    Do anyone know how its done in Umbraco 9?

  • Jamie Townsend 62 posts 287 karma points c-trib
    Sep 07, 2021 @ 19:30
    Jamie Townsend
    0

    Hi Jacob,

    There is a view in 'PartialViewMacros/Templates' namely RegisterMember.cshtml this is a working example of how to create a member. But this also lets us dig deeper.

    This view calls UmbRegisterController which is a surface controller with a method HandleRegisterMember, this is where the registration is handled.

    Digging into this, I found this code which creates the member.

    var identityUser = MemberIdentityUser.CreateNew(model.Username, model.Email, model.MemberTypeAlias, true, model.Name);
    IdentityResult identityResult = await _memberManager.CreateAsync(
                identityUser,
                model.Password);
    

    So in theory you could use the above in your creation code, although diving a bit deeper, you can checkout IUmbracoUserManager on this is a method AddPasswordAsync which looks to be what you're after.

    Fingers crossed a couple of ways above to help you.

  • Bruce Phillips 1 post 21 karma points
    Nov 02, 2021 @ 12:34
    Bruce Phillips
    0

    Did you ever figure out how to save the password for a new member in Umbraco 9?

  • Jacob Brock-Hansen 13 posts 155 karma points
    Nov 02, 2021 @ 12:59
    Jacob Brock-Hansen
    102

    Yes we did, but i forgot to update this thread - sorry about that

    We found some injected classes that could help us:

    private readonly IMemberService _memberService;
    private readonly IMemberManager _manager;
    private readonly IPasswordHasher _hasher;
    public AuthenticationController(IMemberService memberService, IMemberManager manager, IPasswordHasher hasher)
    {
        _memberService = memberService;
        _manager = manager;
        _hasher = hasher;
    }
    

    Then we could use those classes to validate if the password meets the password policy we have added to appsettings.json file and save the user with the new password:

    // Check if the password adheres to the the password policy.
    IdentityResult validationResult = await _manager.ValidatePasswordAsync(model.NewPassword);
    if (validationResult.Succeeded)
    {
        // Save the password on the member.
        IMember member = _memberService.GetByKey(memberIdent);
        member.RawPasswordValue = _hasher.HashPassword(model.NewPassword);
        _memberService.Save(member);
    }
    

    But i dont know if this is following best practice - or if there is a better way.

Please Sign in or register to post replies

Write your reply to:

Draft