Change old user password

Options
UselessZ
UselessZ Member
in ? Security

I have a post api to change user data, the password change function is now implemented as follows: Input "confirmOldPassword" should be equal to the old password,
if this is true input "InputNewPassword" should replace the old password value. I don't know how to implement security for this logic, maybe it can be implemented differently, I will be glad for any recommendations

image.png

Tagged:
· Share on Twitter

Best Answers

  • Pawel Magdanski
    Pawel Magdanski Member ✭✭✭
    Answer ✓
    Options

    Hi,

    I think "validate password" is a function you are looking for it will compare your input password with the secured password from database. If the validation will go well then you can edit your user password in conditional statement. Hope that helps

    · Share on Twitter
  • Pawel Magdanski
    Pawel Magdanski Member ✭✭✭
    Answer ✓
    Options

    By default password field in the automatically created user table is internal. And I think in most cases this is the way to go.

    · Share on Twitter

Answers

  • UselessZ
    UselessZ Member
    Options

    Which Access API type should I choose for this function, public, public private, internal? I've read about it in the documentation and on the forum, but I don't fully understand how to apply it

    · Share on Twitter

Categories