How to change password in the auth service?

jiripik · April 18, 2017, 5:59am

What is the recommended way to change password for a user using the auth service?

mythz · April 18, 2017, 6:51am

You can use the IUserAuthRepository.UpdateUserAuth() API in your own Service. The last Service in this previous answer has an example.

Existing Users can call the /register Service again (using PUT) whilst their authenticated to update their registration info including password.

jiripik · April 18, 2017, 7:01am

Thank you. I can certainly follow the example.

The /register PUT way does not work for me, I am getting this error:

{
  "ResponseStatus": {
    "ErrorCode": "ValidationException",
    "Message": "Validation failed: \r\n -- Username already exists\r\n -- Email already exists",

mythz · April 18, 2017, 7:01am

You need to be authenticated.

jiripik · April 24, 2017, 5:23am

This works if the account is registered with the username.

If the account is created only with email, like with the MySQL backend, then the PUT always requires it.

"ErrorCode": "ValidationException",
"Message": "Validation failed: \r\n -- 'User Name' should not be empty.

Is there any workaround?

xplicit · April 24, 2017, 7:57am

You can derive class from OrmLiteAuthRepository and override UpdateUserAuth method to write your own custom logic which updates user without username.

But I wonder why not to create username automatically and set it to the same value as email field has?

jiripik · April 24, 2017, 9:44am

You cannot have a username with “@”. Is there a workaround?

Yes, I can subclass or create a new change password method. I just think it should be part of the ServiceStack itself?

xplicit · April 24, 2017, 10:57am

ServiceStack uses model where username is a mandatory field. If you need to handle users without user names then you should write your own custom logic or create naming rule where username is distinguishly created from other user fields (such as email) which must be unique in database.

In your particular case with ‘@’ when create user you can replace the symbol to another one which is allowed by username validation rule.

jiripik · April 24, 2017, 12:10pm

Thank you so much.

I would prefer turning off that validation rule for ‘@’ for the MySQL ServiceStack Authentication. Can you please advise where to start looking?

And also, why is there such a rule in the first place?

xplicit · April 24, 2017, 12:36pm

You can change UserValidation either by using AuthFeature.IsValidUserName function delegate or by changing validation Regex via AuthFeature.ValidUserNameRegEx