How I can change the password for a logged in in Front end site member in Umbraco 8?
In IMemberService I see only SavePassword() method but it dones't take into account the oldPassword.
There's a ChangePassword method on MembershipHelperwhich should do the job. Something like this:
var passwordModel = new ChangingPasswordModel { OldPassword = "foo", NewPassword = "bar" };
var result = Umbraco.MembershipHelper.ChangePassword(username, passwordModel, Constants.Conventions.Member.UmbracoMemberProviderName);
I search the Umbraco 8 source code and find this in UmbracoMembershipProvider.
protected override bool PerformChangePassword(string username, string oldPassword, string newPassword)
{
//NOTE: due to backwards compatibility reasons (and UX reasons), this provider doesn't care about the old password and
// allows simply setting the password manually so we don't really care about the old password.
// This is allowed based on the overridden AllowManuallyChangingPassword option.
// in order to support updating passwords from the umbraco core, we can't validate the old password
var m = MemberService.GetByUsername(username);
if (m == null) return false;
string salt;
var encodedPassword = EncryptOrHashNewPassword(newPassword, out salt);
m.RawPasswordValue = FormatPasswordForStorage(encodedPassword, salt);
m.LastPasswordChangeDate = DateTime.Now;
MemberService.Save(m);
return true;
}
Here the old password is not checked.
I need to validate the oldPassword. How I can do that?
How to change member password
Hi,
How I can change the password for a logged in in Front end site member in Umbraco 8? In IMemberService I see only SavePassword() method but it dones't take into account the oldPassword.
Regards Mila
Same issue.
There's a
ChangePassword
method onMembershipHelper
which should do the job. Something like this:Hi,
I managed to change password with the following code:
The problem that I have now is that event though the oldPassword is wrong it updates my password with the new one.
I am a bit confused what providers, services, methods I should use in Umbraco 8 in order to handle this. What is the recommended way?
Mila
I search the Umbraco 8 source code and find this in UmbracoMembershipProvider.
Here the old password is not checked. I need to validate the oldPassword. How I can do that?
Mila
+1 to this.
Possibly use
Members.ChangePassword([username], [changingpasswordmodel], [MembersMembershipProvider])
is working on a reply...