You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Which exact Umbraco version are you using? For example: 9.0.1 - don't just write v9
8.17.1
Bug summary
With a standard setup for member login and profile update, if we allow a member to update their user name, they are able to subsequently login with both the old and new user name.
Specifics
This looks to be happening due to caching at the repository level and can be resolved by injecting the IsolatedCaches:
public class AccountController : SurfaceController
{
private readonly IMemberService _memberService;
private readonly IsolatedCaches _isolatedCaches;
public AccountController(
IMemberService memberService,
AppCaches appCaches)
{
_memberService = memberService;
_isolatedCaches = appCaches.IsolatedCaches;
}
...
And running code like the following after the member's profile has been saved:
var memberRepoCacheAttempt = _isolatedCaches.Get<IMember>();
if (memberRepoCacheAttempt.Success)
{
var memberRepoCache = memberRepoCacheAttempt.Result;
memberRepoCache.ClearByKey(
$"uRepo_IMember_{currentEmail.ToUpperInvariant()}");
This resolution is perhaps though requiring a developer to dig around in the Umbraco internals that we wouldn't ideally need to ask them to to do, as ideally Umbraco would handle this cache clearing (or at least provide a higher-level API to do so). For example, relying on knowing the specific key used by the cache isn't really something a solution developer should have to work with, and as it's really an internal detail rather than a public API, there may be small risk it could change in future versions.
Steps to reproduce
Set up a member login and profile display/update using standard Umbraco snippets and techniques.
Process an update of the user's user name and email address using something like the following:
var memberId = Members.GetCurrentMemberId();
var member = _memberService.GetById(memberId);
member.SetValue("firstName", model.FirstName);
member.SetValue("lastName", model.LastName);
var currentEmail = member.Email;
var isEmailAddressUpdated = !currentEmail.Equals(model.Email);
if (isEmailAddressUpdated)
{
member.Email = model.Email;
member.Username = model.Email;
}
_memberService.Save(member);
Logout and try to login again with the old and new user name, and note that both succeed.
Expected result / actual result
Logging in with the old user name should fail.
Under the hood it would be good if Umbraco can detect the user name has been changed, and if so, clear the underlying cache for the old user name.
The text was updated successfully, but these errors were encountered:
Which exact Umbraco version are you using? For example: 9.0.1 - don't just write v9
8.17.1
Bug summary
With a standard setup for member login and profile update, if we allow a member to update their user name, they are able to subsequently login with both the old and new user name.
Specifics
This looks to be happening due to caching at the repository level and can be resolved by injecting the
IsolatedCaches
:And running code like the following after the member's profile has been saved:
This resolution is perhaps though requiring a developer to dig around in the Umbraco internals that we wouldn't ideally need to ask them to to do, as ideally Umbraco would handle this cache clearing (or at least provide a higher-level API to do so). For example, relying on knowing the specific key used by the cache isn't really something a solution developer should have to work with, and as it's really an internal detail rather than a public API, there may be small risk it could change in future versions.
Steps to reproduce
Expected result / actual result
Logging in with the old user name should fail.
Under the hood it would be good if Umbraco can detect the user name has been changed, and if so, clear the underlying cache for the old user name.
The text was updated successfully, but these errors were encountered: