User Password Management

This guide shows how to manage the user passwords.

To change user password, use the changeUserPassword function.

This function allows you to change password without user losing access to their data (data encryption keys) and data shared with them.

pure.changeUserPassword(userId, oldPassword, newPassword);

To recover user password in case the user forgot it, use the recoverUser function.

This function allows you to set up a new password without user losing access to data encrypted for them. Note that the recovery process is rate limited and requires the server to ensure authenticity of the user that is being recovered with two-factor authentication.

pure.recoverUser(userId, newPassword);

To reset user password, PureKit provides you with the resetUserPassword function. This function works in the following way:

1. Resets user password;
2. Removes user's access to all their data, therefore user won't be able to decrypt encrypted data anymore;
3. Removes user's access to all data shared with this user;
4. Removes other users' access to all data shared with them by current user.

open fun resetUserPassword(userId: String!, newPassword: String!): Unit

If you don't need to remove access to data encrypted for this user, use recoverUser function instead of resetUserPassword.

To delete the user and remove access to their data, use the deleteUser function. This function deletes user with the given userId.

pure.deleteUser(userId, true);

In order to remove user's access to the data that is encrypted for this user, use the deleteKey function. This function deletes the key, generated at the Data Encryption step for the given userId and dataId.

pure.deleteKey(userId, dataId);

Warning! Other users will also lose access to this data.