Hi,
Im new to umbraco and currently faced with below issue.
I have a requirement to validate for the existence of umbraco backoffice users (users in umbracoUser table) inside a SurfaceController by using a user entered username and a password, and this is what I have done so far.
var result = new Umbraco.Web.Security.Providers.UsersMembershipProvider().ValidateUser(username, password);
When I used the above statement to validate with existing username and a correct password, it always returns false and it locks the user by setting a DateTime value to lastLockoutDate column in umbracoUser table. And it sets userNoConsole = 1 in umbracoUser table as well.
Looked into below post as well, but it did not help.
Can you explain what you mean by 'validate for existence'? Are you wanting to find out if a user has login to backoffice, or you want to find out if the users credentials are valid?
To find out if the user has backoffice access, you can use the UserService to check that they exist:
var userExists = UmbracoContext.Current.Application.Services.UserService.Exists("theirUsername");
If you want to validate their credentials, you can use
var valid = UmbracoContext.Current.Security.ValidateBackOfficeCredentials("username", "password");
Thanks a lot for the reply. And applogies, for not being clear. Yes, I wanted to check whether the credentials are valid or not. And yes, your answer worked for me and now Im progressing with the rest of the implementation.
Below is the working statement.
var valid = UmbracoContext.Security.ValidateBackOfficeCredentials(backOfficeUser.Username, backOfficeUser.Password);
Finally, yes I agree, I should keep/pass/use the back office user credentials in a safer way.
Validate Umbraco Back Office Users programmatically
Hi, Im new to umbraco and currently faced with below issue.
I have a requirement to validate for the existence of umbraco backoffice users (users in umbracoUser table) inside a SurfaceController by using a user entered username and a password, and this is what I have done so far.
When I used the above statement to validate with existing username and a correct password, it always returns false and it locks the user by setting a DateTime value to lastLockoutDate column in umbracoUser table. And it sets userNoConsole = 1 in umbracoUser table as well.
Looked into below post as well, but it did not help.
https://our.umbraco.com/forum/umbraco-cloud/76499-umbraco-7-user-login-backoffice-programmatically
Any guidance on how to validate the existence of back office users programmatically would be a big help.
Appreciate your help.
Thanks.
Hi Buddhika,
Can you explain what you mean by 'validate for existence'? Are you wanting to find out if a user has login to backoffice, or you want to find out if the users credentials are valid?
To find out if the user has backoffice access, you can use the UserService to check that they exist:
If you want to validate their credentials, you can use
Disclaimer! Please keep backoffice users credentials safe!
Hope this helps
Louis
Hi Louis,
Thanks a lot for the reply. And applogies, for not being clear. Yes, I wanted to check whether the credentials are valid or not. And yes, your answer worked for me and now Im progressing with the rest of the implementation.
Below is the working statement.
Finally, yes I agree, I should keep/pass/use the back office user credentials in a safer way.
Thanks.
is working on a reply...