Working on a new app and have some testers using it. One of them forgot their password and my partner made a mistake and changed the password for that user to something in plaintext from mLab. We usually make password changes (for now, until we build the password reset logic) in parse dashboard directly: enter in a password in plaintext, it's hashed automatically.
When we try to load the User collection in Parse Dashboard to make the change to the password and hash it accordingly, the User collection doesn't load. The other collections load just fine though.
I've tried updating my parse dashboard version since I was running a slightly older version, but that didn't work either.
Any advice on a fix?
Related
I am trying something dirty on keycloak. I have a realm level 90 days password expiry for user credentials, but I am trying to find an way to go around that for a few users of my choosing (my own service accounts).
I am able to work on the DB to update the creation date of the credentials I want a not-expired timestam, no problem.
I still have an issue with user with already expired passwords (I can update you guys later if this works with non-expired - I am still testing).
Lets say user A has an expired password, but hasnt tried to use it since it expired:
I can see that both in the UI or in the user_required_action DB Table: there is no req_action in there.
I update the credential created_date to Now()
If I try to get a token: I have the regular expired password error "Account not fully setup"
Now I can see a Required action both in the UI and int the DB
I delete the req_action from the DB and I refesh the UI: the required actin is still there. And if I try to get a token, i get a "Account not fully setup" error again.
Now, if I delete the reuqired action from the UI. Then I am able to get a token.
So in some ways, deleting a user action from the DB only is not enough.
Would anyone have any suggestions?
Is there a cache, is the action still referecnes somewhere in another table?
PS: I know I am not supposed to user "users" for service accounts! I need to get around to change that. Please dont judge!
I am developing a .NET Core, windows app with a PostgreSQL database and Entity Framework Core (ORM).
I have been trying to create logging in with username and password but I don't know how to bite it.
I have created roles in my database and table "User" with a username and hashed password column.
My main idea is to try to insert a username and password through UI, hash the password, create query checking the hashes, and here is my main problem I don't know what I should do when the passwords will match meaning that login was successful. Succesful login would somehow let the user of the app get a specific role in dB, that enables to read data from rows that match only one primary key of the user.
I don't know how to achieve this behaviour I thought that maybe using some kind of connection string for DbContext that have login and password of the user would be useful but I honestly have no idea.
If you are unsure how to setup the password handling for a Logged in functionality. Don't do it yourself, there are a lot of footguns and could go very badly. Use .Nets Identity, that will give you a good handling for these things.
I am using mongo db to store user data, their passwords. I have two ways of creating an account:
Regular sign up when user selects username and password and
Sign up using facebook log in.
Now, when I have regular sign up, password and username should be required, but using facebook log in they are not, so I am wondering how I should now design a schema for the users model to include both cases?
The most obvious way seems like to have two different models: users_facebook and users_regular, but is it the right way to go? Why or why not? It could also be users_auth (auth data only for users who signed up manually) and users_data (both users' types data). There is also something like MongoDB Facebook Stitch that is somehow used for the purpose it seems, although I do not get what it is. I am very new to databases and not sure which is the right way to go. The problem seems though pretty trivial.
I'm creating a simple React-Redux Blog website. So these days i was searching and searching how to do user authentication, and i couldn't find nothing helpful, there were only auth with JWT token, which for me at this moment is really hard to understand so i came to idea, which i don't know is it good or no, so i want to hear more about it.
WHY am i doing this? Because i already made more than half website, but made mistake at beginning because i did simpliest possible auth with local storage, which is really bad...
So idea is to user register with Firebase with email and password.
Then will be created a user in Mongo with unique email(which i will use as ID), and empty other data like username, about section etc, which are not required and which user enters later. So Firebase is only for user login and sign up...
After login i am checking if user is authorized with checking if email in state provided by redux is empty... If is some value in it then i will allow user to do some stuff around...
So i am wondering how i'm gonna deploy it on web and will it work... Any suggestion?
I am a beginner programmer who has completed a Ruby on Rails bootcamp, but I have very little experience with PHP. I currently am developing an company training course using Moodle, and one of the requirements of the site is that each user will have their username and password displayed for them on a certain page in the course so that they can access a course-related App on their mobile devices. I have looked through the MoodleDocs and found nothing. Is there a way to do this?
No is the simple answer, the password is stored in the db using a md5 or sha1 hash, so its pretty much impossible to extract the password.
If you need to connect to another app, then use one of the external authentication methods.
If the database is on the same server then external database authentication is probably the easiest to set up
https://docs.moodle.org/27/en/External_database_authentication
You can show the users username using the global variable $USER
$USER->username;
But as others suggested is impossible to show password in clean text to the user.
Maybe Moodle Web services can help you achieve what you need
You can't access password as it is encrypted with md5 and sha1.
But, from what I understood from your question is that you want to authenticate user through your app on moodle. For this, you can take use moodle web services and moodle's auth plugins.
If you want to display the current user's username, you can do as follows:
global $USER;
echo $USER->username;