User Management from Perspective Client Session

We are running Ignition 8.1 and plan to use AD in the future but for now are using ignitions internal authentication. From what I have gathered, there is no formal way to manage one’s own password from inside a client session. Is there someone who can share their own workaround example to allow password change from a perspective client session?

Thanks,
Nick

1 Like

You can use system.user.editUser, just use system.security.getUsername to get the currently logged in user. The docs have an example that should tell you everything you need to know about the scripting aspect.

https://docs.inductiveautomation.com/display/DOC81/system.user.editUser
https://docs.inductiveautomation.com/display/DOC81/system.security.getUsername

Edit: There’s also a session property that has the username: auth.user.userName

@rbabcock the documentation is not clear how to update the password. I try the following:

name = system.security.getUsername()

user = system.user.getUser("default", name)
curr_password = user.Password

user.set("Password", "new_password")
system.user.editUser("default", user)

However, when I read the password again after that, it is unchanged. I’m looking for the correct syntax to enact the password change.

Thanks,
Nick

Try this:

from com.inductiveautomation.ignition.common.user import User

name = system.security.getUsername()

user = system.user.getUser("default", name)
curr_password = user.Password

user.set(User.Password, "new_password")
system.user.editUser("default", user)

@PGriffith Here is a snapshot of the script and console output. To me it seems like the password still is not updating.

Try printing the errors/warnings/infos from the UIResponse you get back from the editUser function directly. Also, try turning on auditing within your project - you should get confirmation about what changed in your audit log.

Should you be able to read a password from a user via script so easily? I wouldn’t have thought you’d be able to read it at all

I don’t think he is - I think he’s setting a key named password to a value, but it’s not the actual password property - which should not be returned to getUser()…from what I can tell from our codebase.

@nminchin you are correct. My conclusion so far is that the password cannot be modified via script. In the manual the getUser function says it returns everything but the password.

I’m going to give up on this for now (unless someone has some other advice) and focus on getting active directory setup.

Thanks,
Nick

Has anyone find a solution on this. It seems that it is still not possible but we need it.

@richard.deleye in our case we never pursued this further and have switched over entirely to SAML IDP authentication.

One of the main reasons is that when our system is fully built out, we will have hundreds of gateways so managing passwords manually was not a practical option for us.

Nick

:eyes: