Passwordless Custom Login Page for Community in Salesforce, which means community users in Salesforce can login without password. What?? Passwordless Login Page ? What about security……. In Summer 18 release salesforce has provided an out of the box method to do this. This feature is called passwordless login. This feature is available for Lightning communities and Salesforce Tabs + Visualforce accessed through Lightning Experience and Salesforce Classic. Communities are available in Enterprise, Performance, Unlimited, and Developer editions. SMS verification method is in Beta when I am writing about this. You will have to connect with Salesforce support to enable SMS verification method.
The controller:
The controller code can be something like this:
global with sharing class CRMLoginController {
//Input variables
global String urn{get; set;}
public String startURL{get; set;}
public List methods;
public String error;
global CRMLoginController ()
{
startURL =’https://appstrailhead-developer-edition.na40.force.com/s/’;
// Add verification methods in priority order
methods = new List();
methods.add(Auth.VerificationMethod.SMS);
methods.add(Auth.VerificationMethod.EMAIL);
methods.add(Auth.VerificationMethod.U2F);
methods.add(Auth.VerificationMethod.SALESFORCE_AUTHENTICATOR);
methods.add(Auth.VerificationMethod.TOTP);
}
global PageReference login() {
List users = null;
// Empty input
if(urn== null || urn== ”)
{
error = ‘Enter Username’;
return null;
}
users = [select name, id, email from User where username=:urn];
system.debug(‘==users ===’+users );
if(users == null || users.isEmpty())
{
error = ‘Can\’t find a user’;
return null;
}
if (startURL == null) startURL = ‘/’;
system.debug(‘==startURL===’+startURL );
PageReference pref= Site.passwordlessLogin(users[0].id, methods, startURL);
return pref;
}
}
Visualforce page for the login screen can be something like this: (PortalLogin)
<apex:page id=”loginPage” controller=”CRMLoginController” title=”{!$Label.site.site_login}” showHeader=”false” applyHtmlTag=”false” applyBodyTag=”false” standardStylesheets=”false” docType=”html-5.0″>
<meta name=”viewport” content=”width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no”/>
<link href=”https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css” rel=”stylesheet” integrity=”sha384-WskhaSGFgHYWDcbwN70/dfYBj47jz9qbsMId/iRN3ewGhXQFZCSftd1LZCfmhktB” crossorigin=”anonymous”/>
<div class=”container-fluid”>
<div class=”loginpanel” style=”background:#fff;padding:100px;”>
<img src=”https://i0.wp.com/getthekt.com/wp-content/uploads/2017/03/getthektlow.png” class=”img-responsive” alt=”Responsive image” width=”300px”/>
<apex:form styleClass=”form-horizontal”>
<div class=”form-group”>
<label for=”exampleInputEmail1″>User Name</label>
<apex:inputText id=”exampleInputEmail1″ value=”{!urn}”/>
</div>
<div class=”form-group”>
<apex:commandButton action=”{!login}” value=”Login” />
</div>
</apex:form>
</div>
</div>
</apex:page>
Community Settings:
Set the page we created as login screen
Login screen where community users lands:
Provide user name and no password.
Verification code page
You will receive the code in email enter the code here and it should land on the home page. NO PASSWORD NEEDED 🙂
Conclusion:
This is one of the method to login. We can also have other methods such as Salesforce authentication apps, SMS etc. Users are increasingly using their mobile devices to do their work. Some users, like retail customers and service reps, work solely on their mobile devices. Regardless of whether users are accessing a browser on their mobile device or desktop, remembering a password is inconvenient. External users can verify their identities with an email one-time password, Salesforce Authenticator, time-based one-time password (TOTP), or Universal 2nd Factor (U2F). Users can also verify their identities by text message (SMS), currently in beta. Hope you can use this without issues.
Keep reading and sharing ..
Leave a Reply