Jump to content
  • 0

API Password Change Endpoint


XFallSeane

Question

Hi, this api password change endpoint =>  https://docs.freemmorpgmaker.com/en-US/api/v1/endpoints/users.html#change-password return always "invalid credentials".

 

I respect what is asking in the doc (new and auhtorization)

 

$data = [
'new' => hash("sha256", $passwordConfirm),
'authorization' => hash("sha256", $password)
];

But the endpoint return "invalid credentials".

Any idea to corrected this problem?

Link to comment
Share on other sites

2 answers to this question

Recommended Posts

  • 0
23 minutes ago, Cheshire said:

I've seen it work for a good while now, which version is this on? (I think there's been a lot of API changes recently)

 

Also make sure the authorization string is the current password for the user.

 

The password is correct. I am running on the latest version of intersect 0.7.11 On version 6.x it was already not working. I had to switch to the "Manage Password" version of the API each time.

 

My code is simple =>

 

   if (isset($password) && !empty($password) && isset($newPassword) && !empty($newPassword)) {
                if (password_verify($password, $this->getUser()->getPassword())) {
                    $user = $userRepo->find($this->getUser());

                    if ($user) {
                        if ($newPassword === $passwordConfirm) {

                            $data = [
                                'new' => hash("sha256", $passwordConfirm),
                            ];


                            if ($api->changePasswordAccount($data, $this->getUser()->getId())) {
                                $user->setPassword(password_hash($passwordConfirm, PASSWORD_ARGON2ID));
                                $entityManager = $this->getDoctrine()->getManager();
                                $entityManager->persist($user);
                                $entityManager->flush();
                                $this->addFlash('success', $translator->trans('Votre mot de passe a été modifier'));
                                return $this->redirectToRoute('account');
                            } else {
                                $this->addFlash('error', $translator->trans('Une erreur s\'est produit.'));
                                return $this->redirectToRoute('account');
                            }
                        }
                    }
                }
            }

I have removed authorization from $ data because I am not using this endpoint as it does not work.

My method => 

 

    public function changePasswordAccount($data, $user_id)
    {
        $user = $this->APIcall_POST($this->getServer(), $data, $this->getToken(), '/api/v1/users/' . $user_id . '/manage/password/change');
        if (isset($user['Message']) && $user['Message'] == "Authorization has been denied for this request.") {
            $this->setToken();
            $user = $this->APIcall_POST($this->getServer(), $data, $this->getToken(), '/api/v1/users/' . $user_id . '/manage/password/change');
        }

        if($user['Message'] == "Password Updated." || $user['Message'] == "Password Correct"){
            return true;
        }else{
            return false;
        }

        
    }

Nothing's easier :/

 

I have tried with php and even with POSTMAN nothing the endpoint always returns invalid credentials.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...