12
Views
7
Comments
[VPVYNG015].DBO.[OSSYS_USER_T20] with key 0 was not updated | Password Reset Issue
Application Type
Mobile

Hello everyone.

I am a beginner to this wonderful tool and am trying to create a really simple password reset system using as a base Password Reset Flow Web and Password Reset Flow Mobile.

However, I do not plan on using tokens, as my reset system follows the below flow:

  1.  On 'MainFlow/PasswordRecover' user has to input their current username (variable/input 'UsernameA'), doublecheck it (variable/input 'ConfirmUsername') and pick a new password (variable/input 'NewPassword').

    Then, the following actions should happen within the flow:

    a. 'PasswordRecover/ResetPasswordOnClick' client action firstly checks if 'UsernameA' and 'ConfirmUsername' are empty or unequal. If true, shows error message. If false, runs server action 'ConfirmUsername2'. (This server action simply checks if 'UsernameA' is within User Source. If true - 'User.Username' does not exist, then error message displays. If false - moves into 'SetPassword') - this section is working fine;

    b. 'SetPassword' server action is supposed to call more actions responsible for encrypting 'NewPassword' and assigning 'User.Password' as it. Then, finally, it runs 'UpdateUser' server action with this new 'User.Password'.

    However, before this happens, 'SetPassword' must know what user from the User Source is the one that I want to change their password. And this is where I am really lost.


I've already tried creating an aggregation within 'SetPassword' and filtering it to look exclusively for 'UsernameA' - still doesn't work. When it follows into the encrypting actions it always picks the 'User.Id' = 0. And that is why I think I am getting [VPVYNG015].DBO.[OSSYS_USER_T20] with key 0 was not updated as error.

Would you please help me out with this?

Thanks in advance,

Juan


 

Rank: #70

Hi Juan,


First of all, welcome to OutSystems community and I'm glad you are enjoying working with it.

Regarding your situation, your error seems to be related to the fact you're trying to update a user without passing its Id. In that case, the database cannot identify the record you are trying to update and therefore it raise that exception.

To get the User Id based on the username, you will have to have a query on the user table filtering it with the username variable that the user inserted:


Note the validation the if is providing to avoid updating a user record that doesn't exist.

After you make sure a user with that username exists,  update the password from the user record you retrieve from the query and then use that same user record to have the update (the same user record that exists on the database and that as an Id):


In any case, you perhaps want to review your current approach since anybody can set the password of another user if they know their username.


Hope it helps.


Regards,
João

Rank: #50928

Oi João,

Muito obrigado! Funcionou, as senhas estão sendo alteradas! :)

O único problema é que agora não consigo realizar o login :(
Consta usuário/senha inválidos.

Tem alguma ideia ou dica sobre o que ocorre?
Verifiquei e a senha está sendo criptografada.



Obrigado,

Juan

Rank: #70

Hi Juan,


I am glad I could help :)

You need to encrypt the password before saving it in the database using the EncryptPassword function from Users:


I would also like to ask to write in English so everybody from the community can chip in and / or find answers in the future if they have the same problem.


Regards,
João

Rank: #50928

Hi João,

Sure, no worries.

However, the new password is already being encrypted. For instance, here's some more shots from debugging:



Sincerely,
Juan