07-06-2021, 08:18 PM
(This post was last modified: 07-06-2021, 11:38 PM by mark_talluto.)
Hi Stam,
Changing the user's password is as easy as including the password as part of the Input array.
Eg:
put "newPassword" into tInputA["password"]
put true into tSecureMode //optional
cdb_updateUserAccount tInputA, "userEmail", "usersCurrentPassword", tSecureMode
SecureMode considerations
If you pass true for secureMode, you will, as expected be more secure. This is because the currently signed in user's password will be used to secure the change. But, using this mode means that you should require your user to sign in again. Not doing so may cause other APIs to fail due to the password not matching the new password.
If you pass false for secureMode, you will be able to change the password of any user without knowing their current password. Your program UI can solve this by not allowing the user to change their email at the same time as their password. I would still have the user sign in again after successfully changing their password.
The hashing is managed for you. You do not need to worry about that.
Changing the user's password is as easy as including the password as part of the Input array.
Eg:
put "newPassword" into tInputA["password"]
put true into tSecureMode //optional
cdb_updateUserAccount tInputA, "userEmail", "usersCurrentPassword", tSecureMode
SecureMode considerations
If you pass true for secureMode, you will, as expected be more secure. This is because the currently signed in user's password will be used to secure the change. But, using this mode means that you should require your user to sign in again. Not doing so may cause other APIs to fail due to the password not matching the new password.
If you pass false for secureMode, you will be able to change the password of any user without knowing their current password. Your program UI can solve this by not allowing the user to change their email at the same time as their password. I would still have the user sign in again after successfully changing their password.
The hashing is managed for you. You do not need to worry about that.