1

We are using identityserver3 and membership reboot for authentication in our application.

We now have a requirement to change the UserName Email and Reset Users Passwords form an Admin area in our application. I have seen Identity Manager but that seems to not be what I'm looking for. From reading Membership Reboot Wiki it seems to support everything that I would want to do. I just don't have a clue what the implementation for this would look like.

My thought is that we would call into our API where we know that the user is authenticated and then just call into the MembershipReboot API to take care of the task at hand be it changing UserName or Email or Reset Password.

But like I said I'm not sure. Should we be using Identity Manager middleware? It feels like that isn't the answer as we are writing our own admin interface and from what I could see it is't supporting a password reset via email and the MembershipReboot API says that it does.

Or should we be calling back into our Identity server and making the change? It feels like no because that is for logging into the applications.

Justin Smead
  • 211
  • 1
  • 3
  • 10

2 Answers2

1

Yes, you need to create your own code to allow users to update their demographic info including email and password.

You need to use the UserAccountService -> This code I am using my own CustomUser where I store all the information that would normally be stored in the UserAccount Table 

_userAccountService = new UserAccountService<CustomUser>(new CustomUserRepository(new CustomDatabase()));

Then use: 

  _userAccountService.ChangeEmailRequest();
_userAccountService.ChangeUsername();
_userAccountService.ChangePassword();

If you prefer to have users do this from an email (use when they are not logged in)

 _userAccountService.ChangePasswordFromResetKey()
KenL
  • 865
  • 5
  • 14
0

I'm looking at this too but haven't actually implemented it yet. Yes I think you are right that you need to call into the MembershipReboot API yourself. There are methods on the UserAccountService class to perform these functions. See the sample SingleTenantOwinSystemWeb in the MembershipReboot source code. The IdentityManager functionality is limited but useful for developers to set up users with roles & claims etc for testing, or as a basic Admin tool.

John Davys
  • 23
  • 4