I'm working on a mobile application using ionic2 and I want the users to change their password if it was the first time they login to the application and I was planning to create new field in the Database call ChangePassword and check it value then direct the user to change the password but my question is their another way to do for example a code in that can be typed in the application
If you want users to change the password after first login, you can add a column in database for active users, and try to give the condition as if an user is not active, then lead him to ChangePassword page, otherwise to Home page.
Related
i wana to know how i can let each user can access his/her profile and update user name, email, password, ets.., and have another option to delete his/her account in Laravel 5.7, and thank you.
Here is the answer..you create a controller which serves the details of the user from users table as prerequisite for the blade of profile page, add a button to update, clicking which, the details will be send back to another method of the same controller which will use update() method to update the details of the user in users table targetting the correct id and then add a delete button, clicking which, the action will be taken to another method of the same controller by passing the id of the user and use delete() method to delete the user from the users table.
simple right?
i dont think you expect the whole code..do you?
This question is more related to CRUD operation.Here you can have two options either you as a admin create their profile using fields like username, email and password or let user sign up in you web application.User can login and edit their profile. As a admin you can list the user and use delete functionality to delete from database.
The below link can be helpful to you to understand more.
Laravel 5.7 CRUD Example
In an ASP.NEt MVC application, how is it possible to display some conditional data to a layout page?
My application allows a user with a role of "Admin" to view the other user's pages and data from the same application. When the Admin views the pages of another user he/she needs to see the information of the user like his name/role/etc whose data he/she is viewing ( this information comes from the DB) . This info needs to be shown in all the pages when an Admin User is logged in and ONLY when an ADmin is logged in. i.e, if a user who is not Admin enters these details should not be shown as it is not relevant.
The issue iam facing in my attempts is that the Admin user does not login to the user's page, instead I have to achieve this feature of switching to the users view by clicking on a list/grid of users. This takes me to the home page of the user (and i get the inforamtion displayed since i set it in viwbag) .Question is, how do i set this value in the subsequent user pages of this session. Trying to avoid filling this viewbag value in every controller/action.
Please help!
PS: The information that needs to be displayed in the layout is based on the user's ID that the Admin selects from the grid. It commes from the DB.
You could write the user id to a cookie and use a action filter to check for this cookie on requests done by the admin user
I have a requirement to generate an email to administrator whenever a user sign up. Administrator will approve the registration by clicking on a link provided in email and database should get updated, without admin to login to administrator console.
I am looking for best practice to code this scenario with keeping application security intact. I can generate email with dynamic rendom value attached to the link(provided in email) URL, but i am not sure how to keep a track of this on application side?
Any thoughts?
You could generate a random validation number when the user signs up, and store it in the database with the user record. Then generate an email with a link such as
http://foo.bar.com/approveUser.action?userId=<theUserId>&validationToken=<theRandomNumber>
When the approveUser action is invoked, check if the validation token stored in the database for the given user ID matches with the token sent as parameter, and if so, approve the user.
So I am creating a website that basically allows user to sign up using their facebook account/facebook connect and just a traditional sign up (username, password). Now currently my table looks like this:
uid, username, password, email
I was thinking of how can I change this table structure to incorporate the facebook account connect as it doesn't have any username or password in it, should I just store the email and leave the username and password blank? How do other sites that have such login structure save this information?
You'll really want to store the facebook_id as well, for which I recommend using a bigint.
You might also want to add a status column that indicates whether this user account was created via email address or facebook_id, so that at login time you know which to check. Alternately, you could just check the one that you have credentials for.
This is a fairly open ended question, and the answers depend on what your trying to accomplish, and the use cases you're trying to address. Some general thoughts/suggestions: You should also store the Facebook ID as a separate column. You can leave the username blank, as the Facebook ID can uniquely identify the user, or you can use the email as the username. If you use only Facebook connect, you don't need the password since you can use the JS SDK to make sure the user has a valid Facebook login session.
I am trying to implement a simple login system with facebook, but I need users to pick a username. What I was thinking was to get all the information I need from facebook, request permissions, then add the information to the database, redirect to a form asking for a username and then add that to the database, to the same entry.
I think a transaction is needed so I don't end up with any half completed database entries. But I've only ever used them on the same page, so I'm wondering if this is safe? If it fails then there is no point where I would be telling the database to roll back the changes and it would be with a transaction open.
Is this right or will it be ok?
I think you made it more complicated than it should be :)
No need to enter facebook id into database before username as you can always grab it later.
Forward user to login screen (or better just open login popup using javascript FB API)
Once user is logged in forward them to username picking page (or better do javascript popup without page redirect)
When user is entered username request the current user id from facebook on server side (by either using graph api or fql) and then if everything is ok enter this record to database.