Is there a way to change user record password in JS


#1

I am trying to change user record password as admin and got stuck since its not yet possible JS?Any ideas?


#2

Hello David!

If you are using the Skygear cloud, you can update a user’s password with the CMS.

To do so, enable the CMS plug-in at the Developer Portal.

Then, copy and paste the following config into the YML editor and press ‘Save’

site:
  - type: UserManagement
    name: User

records: {}

user_management:
  enabled: true

At the same time, create a CMS user.

Wait until the server restarts, then press ‘open in browser’.

You will then be able to access the user management dashboard and update your user’s password!


#3

Or are you intend to change the password of another user via Javascript Cloud Functions?


#4

Yes @bencheng,
However it hasn’t been implemented in Javascript only Python


#5

If that’s what you want, here are what you need to do with Cloud Functions:

  1. Get a CloudCodeContainer with master key and the user ID of the user you want to change its password (Read this guide on step 1 and 2)
  2. Call changePassword of the user
const container = skygearCloud.getContainer(userID)
container.auth.changePassword(oldPasswrod, newPassword)

Because the function above require master key, it would only works at Cloud Function. DO NOT copy and paste your master key on the client side and try to create a Container for that.


#6

Thank you!
However can it do
container.auth.resetPassword(username,password) like here


#7

Let me check with the team and revert to you.


#8

@DavidHermit adminResetPassword should does the trick.

const container = skygearCloud.getContainer('admin')
container.auth.adminResetPassword(userId, newPassword)

#9

Thank you @bencheng
How about the same on Android?


#10

We don’t have the same API on Android SDK intentionally since it requires the master key to call the functions, it is not intended for the user to use it on the Client side which is not secure. You should use JS SDK to write a Cloud Function to do that, and perform the required security check in the cloud functions to make the user resetting the password have sufficient permission.

Android SDK has a changePassword API, which will change only the logged in user if they provide an old Password.