Sign in Register
Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Mila Pandurska 75 posts 353 karma points
    Oct 28, 2019 @ 09:37
    Mila Pandurska
    1

    How to change member password

    Using Umbraco And Getting Started
    Umbraco 8

    Hi,

    How I can change the password for a logged in in Front end site member in Umbraco 8? In IMemberService I see only SavePassword() method but it dones't take into account the oldPassword.

    Regards Mila

    Copy Link
  • Rihab 104 posts 388 karma points
    Oct 31, 2019 @ 12:27
    Rihab
    0

    Same issue.

    Copy Link
  • Steve Megson 151 posts 1022 karma points MVP c-trib
    Oct 31, 2019 @ 12:54
    Steve Megson
    0

    There's a ChangePassword method on MembershipHelperwhich should do the job. Something like this:

    var passwordModel = new ChangingPasswordModel { OldPassword = "foo", NewPassword = "bar" };
var result = Umbraco.MembershipHelper.ChangePassword(username, passwordModel, Constants.Conventions.Member.UmbracoMemberProviderName);
    Copy Link
  • Mila Pandurska 75 posts 353 karma points
    Oct 31, 2019 @ 13:06
    Mila Pandurska
    0

    Hi,

    I managed to change password with the following code:

    var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
                    if (provider.IsUmbracoMembershipProvider())
                    {
                        bool result = provider.ChangePassword(username, model.OldPassword, model.NewPassword);
                        if (result)
                        {
                            ViewBag.Success = true;
                            return CurrentUmbracoPage();
                        }
                    }

    The problem that I have now is that event though the oldPassword is wrong it updates my password with the new one.

    I am a bit confused what providers, services, methods I should use in Umbraco 8 in order to handle this. What is the recommended way?

    Mila

    Copy Link
  • Mila Pandurska 75 posts 353 karma points
    Nov 04, 2019 @ 09:23
    Mila Pandurska
    1

    I search the Umbraco 8 source code and find this in UmbracoMembershipProvider.

    protected override bool PerformChangePassword(string username, string oldPassword, string newPassword)
    {
        //NOTE: due to backwards compatibility reasons (and UX reasons), this provider doesn't care about the old password and
        // allows simply setting the password manually so we don't really care about the old password.
        // This is allowed based on the overridden AllowManuallyChangingPassword option.

        // in order to support updating passwords from the umbraco core, we can't validate the old password
        var m = MemberService.GetByUsername(username);
        if (m == null) return false;

        string salt;
        var encodedPassword = EncryptOrHashNewPassword(newPassword, out salt);

        m.RawPasswordValue = FormatPasswordForStorage(encodedPassword, salt);
        m.LastPasswordChangeDate = DateTime.Now;

        MemberService.Save(m);

        return true;
    }

    Here the old password is not checked. I need to validate the oldPassword. How I can do that?

    Mila

    Copy Link
  • Damien Holley 179 posts 540 karma points
    Sep 06, 2020 @ 09:45
    Damien Holley
    0

    +1 to this.

    Copy Link
  • Damien Holley 179 posts 540 karma points
    Sep 06, 2020 @ 09:49
    Damien Holley
    0

    Possibly use Members.ChangePassword([username], [changingpasswordmodel], [MembersMembershipProvider])

    Copy Link
Please Sign in or register to post replies

Write your reply to:

Draft