U4-4454 - Can't log in a new member created through memberservice

Created by Sebastiaan Janssen 16 Mar 2014, 14:31:27 Updated by Sebastiaan Janssen 01 Apr 2014, 14:23:43

Using legacy password encoding I do the following:

var memberService = Services.MemberService; var member = memberService.CreateMember(model.Email, model.Email, model.Password, "Member"); member.Name = model.Name;


Members.Login(model.Email, model.Password);

The member gets created and the login is indeed attempted, but it registers as a wrong password. Only when I update the password in the backoffice can I log in correctly.

Could be due to legacy password setting?


Shannon Deminick 18 Mar 2014, 07:39:32

I've updated the codebase to support password updates via the MemberService. This is essentially just a wrapper on the MembershipProvider since that is responsible for security and password management but at least this makes it easier to use and more clear as to what is going on. If you try the SavePassword method and you are using a MembershipProvider that is not an Umbraco provider you will get a NotSupportedException with a description.

I've updated the services to make this exact process slightly easier as well with more overloads. I've also update the IMember interface properties to be IMember.RawPasswordValue and IMember.RawPasswordAnswerValue - this now makes it more clear that these are properties have no affect on security, encryption, etc... they are just the raw database values (generally should not be used directly). The CreateMember overloads no longer accept a password either since passwords must be handled in a separate transaction.

So here's the updated snippet of what you were trying to do:

	var memberService = Services.MemberService;
	var member = memberService.CreateMember(model.Email, model.Email, model.Name, "Member");
	memberService.SavePassword(member, model.Password);

	Members.Login(model.Email, model.Password);

Even easier, you can avoid the first save by doing this:

	var memberService = Services.MemberService;
	var member = memberService.CreateMemberWithIdentity(model.Email, model.Email, model.Name, "Member");
	memberService.SavePassword(member, model.Password);

	Members.Login(model.Email, model.Password);

These changes have been made for IUser and the IUserService as well.

Matt Muller 29 Mar 2014, 03:57:53

I too ran into this in the beta - just updated to the 6.2RC and trying to use: Services.MemberService.SavePassword(member,model.Password); to reset a password (along with some other data.

I get the NoSupportedException of When using a non-Umbraco membership provider you must change the member password by using the MembershipProvider.ChangePassword method

I am using out of the box Umbraco - is that not the Umbraco membership provider? I've always thought of the Umbraco Membership provider as sittign on top of the asp.net one so unsure of why I am getting this error.

I did do an in-place upgrade for beta to RC (not sure if there were db changes?) so maybe that is the issue.

Regards, Matt

Sebastiaan Janssen 01 Apr 2014, 14:23:43

@AussieInSeattle I've just come across this error as well, this is of course wrong and has been fixed for the upcoming release, sorry about that!

Priority: Normal

Type: Bug

State: Fixed

Assignee: Shannon Deminick

Difficulty: Normal


Backwards Compatible: True

Fix Submitted:

Affected versions: 7.1.0

Due in version: 7.1.0, 6.2.0


Story Points: