Change Umbraco member password with out knowing old password - asp.net

I need a functionality to change umbraco member password programatically.user can add their new password in the field I had set on umbraco node.and when they publish the node new password will come in effect.I had find a way to change current password to given one
member.ChangePassword(oldPassword, password);
But this requires oldpassword to work.and I cant provide it as user has already changed old password in the umbraco node.then I tried to get old password programatically.
string theUserPassword = Membership.GetUser(username).GetPassword();
but this also throws an error
Password Retrieval Not Enabled.
Is there any way to get old password programatically?Or Am I going in the wrong direction?

Umbraco uses the Microsoft Membership Provider.
You probably have set the property "EnablePasswordRetrieval" to false.
If you don't know the password but need to change it, you can reset the password bij using the ResetPassword method.

I know this is an old post and an answer has already been accepted, but you can actually achieve what the OP wants to do by using the return value of the ResetPassword method for the oldValue parameter of the ChangePassword method:
member.ChangePassword(member.ResetPassword(), "New Password")
This allows you to change the password for a user to a specific value without knowing their existing password.

Another option to an old question:
I am using Umbraco 7.2.4 and here is how I change the password.
var member = Services.MemberService.GetByUsername("username");
Services.MemberService.SavePassword(member, "new password");
Where "Services.MemberService" is from ApplicationContext.Current.Services.MemberService.
The first line of code is where you get the member for which you want to change the password. This can also be done by email or id.
Services.MemberService.GetByEmail("email")
Services.MemberService.GetById(id)
The second line is where you change the password. It is automatically hashed.

Related

How to set the current user for WebPartManager?

From what I've been reading, the following code should first ensure that a MembershipUser record exists for "ArthurDent", then set "ArthurDent" as the current user, and finally assign his MembershipUser record to the variable mUser.
if (Membership.GetUser("ArthurDent") == null)
{
Membership.CreateUser("ArthurDent", "thisisapassword");
}
FormsAuthentication.SetAuthCookie("ArthurDent", true);
MembershipUser mUser = Membership.GetUser();
Instead, the variable mUser remains null.'
My goal is to programmatically set the current user to a valid record so that I can set a WebPartManager.DisplayMode on a page that started erroring out when I added BlogEngine to my web site.
This problem generally occurs when the application breaks a rule defined in the web.config file. For instance I ran your code in my local environment using Windows Authentication and CreateUser at first failed because the password string was of insufficient length. I padded the password with additional characters and was able to create user with the supplied code. Check the section to examine password prerequisites.
Upon first examination this looks like a configuration problem.
The answer is that BlogEngine actively suppresses the normal workings of Page.User.Identity, which Membership.GetUser() retrieves. When I replaced FormsAuthentication.SetAuthCookie with the following code from BlogEngine...
Security.AuthenticateUser("ArthurDent", "thisisapassword", true);
... it authenticated Arthur and logged him in.

Membership provider Reset password to Custom Formatted password

Membership provider ResetPassword method , resets a password that contains a lot of non alfa numeric chars.
The question is if its possible to change the default password creation template to lets say Numbers Only ?
The trick that worked for me was :
Reseting the password and getting the new password , then using the new password calling method ChangePassword that will accept new generated password on my own choice , if anyone can suggest something less tricky will appreciate.

asp.net membership custom change of passwords by users and admins

I am still searching StackOverFlow as well as the innertubes but have not found an example of what I need to do.
If an user has forgotten their password and they correctly answer their reminder question, the user is shown two form fields for entering a new password; Not Emailing or displaying a random generated password.
If the user calls the support center, an admin can change the password, the reminder question and the answer.
Thanks,
James
just use this code:
var user = Membership.GetUser(username);
user.ChangePassword(user.ResetPassword(), newPassword);
this simply first resets the password and then changes it to the new password, you don't need to know the reseted intermediate password

Can I override asp:CreateUserWizard to essentially not require a password?

Got this site with UN/PW set via the Createuserwizard control.
Client considers PW too large of a barrier to entry and wants to get rid of the password requirement but still have accounts so users simply log back in with emaill address only.
I want the quickest fix possible where I use the same provider and control but just use the same static PW for all users on signup, then sort of enter it for them when they "log in" if they return. Works like a cookie basically but has an actual login.
Problem is the Createuserwizard.Password property is read only. Can I do AutoGeneratePassword= true and force it to generate the exact same password every time?
For what it's worth, this is a simple, no secure data, basically not much stored kind of site. Lets not get into whether the req makes sense though, and the implications of this - I probably agree with you :)
Bla, bla, bla lots of stuff you probably agree with... and now to the point:
Just ditch the CreateUserWizard and call MembershipProvider.CreateUser directly. You will have to throw in a few textboxes for the email and stuff instead of the createuserwizard but it should be a walk in the park. For the login, just drop the login control too and add a textbox for the email and a "login" button. Then in code-behind call MembershipProvider.ValidateUser with the email and hardcoded password, and if it returns true (meaning the user exists) you just call FormsAuthentication.SetAuthCookie followed by FormsAuthentication.RedirectFromLoginPage and the user is logged in.

How can I get CURRENT USERNAME in membership asp.net 2008

I use a membership in asp.net 2008. And I build a login system with some rolls ...etc
I have a database and tables and the KEY is "username", and now I want to know how can I get a username for the member who logged in ?
for example:
I logged in as TURKI
I want to get the username TURKI
really I need for help...
thanks,
User.Identity.Name
User is a property of the page. If you need to access it elsewhere, you can use:
HttpContext.Current.User.Identity.Name
A modification to Freddy's answer when using MVC - had to use:
HttpContext.User.Identity.Name
Slight change but figured I would post it in case anyone else trying to do this in MVC hits the same snag.
Context.User.Identity.Name
you can use the Membership.GetUser() method described here:
http://msdn.microsoft.com/en-us/library/system.web.security.membership.getuser.aspx
also, if you do get the MembershipUser you could also get the 'ProviderUserKey' which uniquely identifies a user, possibly using that as your FK for your tables, that way your user can have their username updated without having to change all the keys in your tables.

Resources