Developer forum

Forum » Development » Forgot password with multiple sites

Forgot password with multiple sites

E-mail notifications
Anders Ebdrup
Reply
Posted on 18/03/2016 09:24:45

Hello all,

 

We have a solution with multiple sites and shops, but would like to limit the "forgot password" to specific user groups on the indivial sites, so the user do not receive a mail with password information to another site than the requested.

How can this be done?

 

Best regards, Anders


Replies

 
Nicolai Høeg Pedersen
Posted on 18/03/2016 11:10:47
Reply

Hi Anders

That is currently not possible.

You can however, use the Notifications.Standard.User.OnBeforeForgotPassword notification and add a check to see if things add up. If not, redirect the user or whatever you need to do.

BR Nicolai

 
Anders Ebdrup
Posted on 18/03/2016 11:43:22
Reply

Hi Nicolai,

 

All right, will you note this as a feature request then?

 

Best regards, Anders

 
Nicolai Høeg Pedersen
Posted on 18/03/2016 12:17:45
Reply

I will!

 
Anders Ebdrup
Posted on 12/04/2016 22:53:10
Reply

Hi Nicolai,

 

I have been thinking a lot about this and I cannot see how I can limit a user to get multiple mails if the user has created a profile on multiple sites in the solution?

 

Best regards, Anders

 
Nicolai Høeg Pedersen
Posted on 12/04/2016 23:55:31
Reply

If you allow the same email on multiple users, I see the problem. I thought you meant to check if a user was member of a specific group before you allowed the mail from a specific website.

Dynamicweb will find all users with the specified email address in forgot password, and send a mail for each of them - so if you have multiple records, you have an issue.

But - if you submit the Forgotpassword request to a page with permissions, only users with permissions to that page will receive an email. So if you have 2 users with the same email address, but member of 2 different groups, and you submit the forgot password to 2 different pages with 2 different set of permissions, only one user will receive an email.

Hope that makes sense.

***********************

Another, somewhat hacky, suggestion is this:

  1. In your OnBeforeForgotPassword notification subscriber, find all users with the passed email address. (select * from accessuser where AccessUserEmail = 'some@other.com')
  2. Locate the records that should not receive the email
  3. Update accessuser set AccessUserEmail=Base.MD5HashToString('some@other.com') where AccessUserID IN (1,2,3) - the user IDs that should not have an email
    1. Now you should have only one record on the DB with that email
  4. Let DW send the email and do whatever it needs
  5. In a Notifications.Standard.Page.OnOutput notification subscriber, Update accessuser set AccessUserEmail='some@other.com' where AccessUserEmail =Base.MD5HashToString('some@other.com')

Pretty nasty, but I think it would work as an alternative.

BR Nicolai

 
Thomas Larsen
Posted on 16/06/2016 13:11:28
Reply

I’m using the Usermanagement module and I’m having the opposite problem.

If multiple users have the same email address I would like to send multiple emails to them. But then the UserManagement module recovery function will only send if user count = 1

 

You must be logged in to post in the forum