auth::password::reset (public)

 auth::password::reset [ -admin ] -authority_id authority_id \
    -username username

Defined in packages/acs-authentication/tcl/password-procs.tcl

Reset the user's password, which means setting it to a new randomly generated password and inform the user of that new password.

Switches:

-admin (optional, boolean)

Specify this flag if this call represents an admin changing a user's password.

-authority_id (required)

The authority of the user

-username (required)

The username of the user

Returns:

An array list with the following entries:

• password_status: ok, no_account, not_supported, reset_error, failed_to_connect
• password_message: A human-readable message to be relayed to the user. May be empty if password_status is ok. May include HTML. Could be empty if password_status is ok.
• password: The new, automatically generated password. If no password is included in the return array, that means the new password has already been sent to the user somehow. If it is returned, it means that caller is responsible for informing the user of his/her new password.

Partial Call Graph (max 5 caller/called nodes):

Testcases:

auth_password_reset

Source code:

    ad_try {
        array set result [auth::password::ResetPassword  -authority_id $authority_id  -username $username]

        # We do this so that if there aren't even a password_status in the array, that gets caught below
        set dummy $result(password_status)
    } on error {errorMsg} {
        set result(password_status) failed_to_connect
        set result(password_message) "Error invoking the password management driver."
        ad_log Error "Error invoking password management driver for authority_id = $authority_id: $errorMsg"
    }

    # Check the result code and provide canned responses
    switch $result(password_status) {
        ok {
            if { [info exists result(password)] && $result(password) ne ""
                 && (!$admin_p || [parameter::get  -parameter EmailChangedPasswordP  -package_id [ad_conn subsite_id]  -default 1])
             } {
                # We have retrieved or reset a forgotten password that we should email to the user
                ad_try {
                    auth::password::email_password  -authority_id $authority_id  -username $username  -password $result(password)  -subject_msg_key "acs-subsite.email_subject_Forgotten_password"  -body_msg_key "acs-subsite.email_body_Forgotten_password"
                } on error {errorMsg} {
                    # We could not inform the user of his email - we failed
                    set result(password_status) "failed_to_connect"
                    set result(password_message) [_ acs-subsite.Error_sending_mail]
                    ad_log Error "We had an error sending out email with new password to username $username, authority $authority_id: $errorMsg"
                }
            }
            if { ![info exists result(password_message)] || $result(password_message) eq "" } {
                set result(password_message) [_ acs-subsite.Check_Your_Inbox]
            }
        }
        no_account - not_supported - retrieve_error - failed_to_connect {
            if { ![info exists result(password_message)] || $result(password_message) eq "" } {
                array set default_message {
                    no_account {Unknown username}
                    not_supported {This operation is not supported}
                    reset_error {Error resetting password}
                    failed_to_connect {Error communicating with authentication server}
                }
                set result(password_message) $default_message($result(password_status))
            }
        }
        default {
            set result(password_status) "failed_to_connect"
            set result(password_message) "Illegal error code returned from password management driver"
        }
    }

    return [array get result]

XQL Not present:

Generic, PostgreSQL, Oracle