Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • David 19 posts 109 karma points
    1 week ago
    David
    0

    Members Forgotten Password

    Hi there, I'm a bit confused about how to go about a forgotten password process in Umbraco. I've made a surface controller to create members from a .txt file, however I'm not sure where to start when it comes to allowing a user to reset their password. Does anybody have any ideas where to begin?

    Thanks,

    David

  • Paul Seal 380 posts 2074 karma points MVP 2x c-trib
    1 week ago
    Paul Seal
    0

    Hi David

    For a forgotten password process, you will want a link on the login page which goes off to a forgotten password form.

    Then you have just an email address field on this form. The user will enter their email address in this form and submit it.

    Then in your controller for the forgotten password form, the method for handling the submit, should check if they have an account and if they have it should send an email to them. To reset their password. This link should have a hash value in the query string which you can validate when they click on it.

    Whether they have an account with you or not you want to show them the exact same message saying something like thank you for requesting a password reset, if you have an account with us you will receive an email shortly.

    When they click on the link it should load a reset password page which will try and validate the hash value in the link. If it is a valid link and is clicked on within an hour from it being generated, you will allow them to enter a new password and have a confirm password field below it too. If they both match and are valid against your site's password policy it should update the member's password and redirect them to the login page.

    If the link wasn't valid it should give them a link to the forgotten password form again to send a new email.

    I hope this high level description helps you work out what you need.

    Troy hunt has written a great post about the topic. https://www.troyhunt.com/everything-you-ever-wanted-to-know/

    Kind regards

    Paul

  • David 19 posts 109 karma points
    1 week ago
    David
    0

    Hi Paul,

    Thank you very much for taking the time to respond to me, I'll check this out right now! PS your videos helped me out a lot and have been a great help.

    Thanks,

    David

  • Paul Seal 380 posts 2074 karma points MVP 2x c-trib
    1 week ago
    Paul Seal
    0

    Hi David You are welcome and I'm glad the videos have helped too.

    Cheers

    Paul

  • David 19 posts 109 karma points
    1 week ago
    David
    0

    Hi Paul,

    While this is definitely helpful at describing the high level workflow of it, I'm at a bit of a loss at how to implement it to be honest.. Not even sure where to begin on the back end after creating the forgotten password form!

    Thanks,

    David

  • Josip 131 posts 522 karma points c-trib
    1 week ago
    Josip
    0

    Hi David,

    Maybe this could help you to get some idea: https://github.com/KrisJanssen/Umbraco7-Standard-Membership Its for Umbraco 7 but with few changes it will work with Umbraco 8.

    BR

    Josip

Please Sign in or register to post replies

Write your reply to:

Draft