Functions as an alternate init command if the id option is supplied.
Creates a new profile, using the specified options. If the profile validation fails for any reason - including one or more custom profile settings are invalid (eg: an empty required setting), the entire registration will fail.
If there is a profile logged in, they will automatically be logged out (without saving changes, clearing the session, clearing cookies, or clearing permissions).
Unless otherwise specified the new profile will have the same id and email values, will require a password reset, will be inactive with a new activation code set to expire in 1 week, and will use all of the default custom profile setting values.
Sets {{ auth.registered }} to true if it succeeds, or false if it does not. If successful sets {{ auth.login_success }} to false.
If successful, the {% auth abort %} command may not be called.
Error Codes:
command_disabled: Indicates that the current command has been disabled at the site level. This will be set for any auth command if profiles are disabled.
duplicate_command: Indicates that the {% auth register %} method has already been called. It may only be called once per page load.
no_init: Indicates that no initialization method has been called yet and the id option was not used.
bad_init: Indicates either that the id option was used with an empty value or that another initialization function was called with a different id.
aborted: Indicates that the command could not be performed because {% auth abort %} has been called.
duplicate_value: Indicates that another profile already exists with the same id.
invalid_value: Indicates that one or more of the provided options or custom profile settings is not valid. Refer to the error message for more details about which options and/or settings are invalid.
Functions as an alternate init command if the id argument is supplied.
Sets the password for the profile to the password specified. The new password may not be blank, but other than than there is no validation on the new password. It is up to the template developer to ensure that the password meets their criteria before calling this command.
For security purposes, passwords are securely salted and hashed before being stored. Once a password has been set there is no way to retrieve the original password - even by top-level Marketpath technical staff. Also for security purposes, you should not attempt to store old or current passwords for profiles.
Sets {{ auth.password_changed }} to true if it succeeds or false if it does not.
If successful, the {% auth abort %} command may not be called.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth set_password %} method has already been called. It may only be called once per page load.
no_init: Indicates that no initialization method has been called yet and no value was provided to the id parameter.
bad_init: Indicates that another initialization function was called with a different id.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that no profile was found with the specified id.
blocked: Indicates that the profile is currently blocked.
locked: Indicates that the profile is currently locked.
inactive: Indicates that the profile is currently inactive and must be activated first.
missing_value: Indicates that no password was supplied to the {% auth set_password %} method.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.
Functions as an alternate init command if the old_id argument is supplied.
Sets the id for the profile to the id specified. If ths site is configured to set the id an email to the same value then this will validate the id as a valid email address and will set the email to this value as well.
Note that this does NOT log the profile out, deactivate it, or require any further confirmation or action by the user to continue using their profile. Those actions are up to the template developer to execute (which we strongly recommend whenever the email address is changed).
Sets {{ auth.id_changed }} to true if successful or false if not. If successful sets {{ auth.old_id }} and {{ auth.new_id }} to the old and new id values and sets {{ auth.id }} to the new id. Note that any future auth init commands will have to use the new id instead of the old one.
If successful and the site is configured to set the id and email to the same value then this also sets {{ auth.email_changed }} to true and sets {{ auth.old_email }} and {{ auth.new_email }} to the old and new email values.
If successful, the {% auth abort %} command may not be called.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth change_id %} method has already been called. It may only be called once per page load. If the site is configured to set the id and email to the same value then this error code may also indicate that the {% auth change_email %} method has already been called.
no_init: Indicates that no initialization method has been called yet and no value was provided to the old_id parameter.
bad_init: Indicates that another initialization function was called with a different id.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that no profile was found with the old id.
blocked: Indicates that the profile is currently blocked.
locked: Indicates that the profile is currently locked.
inactive: Indicates that the profile is currently inactive and must be activated first.
missing_value: Indicates that no new_id argument was supplied to the {% auth change_id %} method.
unchanged: Indicates that the id was not changed because it was the same as the old id.
duplicate_value: Indicates that another profile already exists with the new id.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.
Functions as an alternate init command if the id argument is supplied.
Sets the email for the profile to the email specified. Will also set the id to this value if the site is configured to set the id and email to the same value.
Note that this does NOT log the profile out, deactivate it, or require any further confirmation or action by the user to continue using their profile. Those actions are up to the template developer to execute (which we strongly recommend whenever the email address is changed).
Sets {{ auth.email_changed }} to true if successful or false if not. If successful sets {{ auth.old_email }} and {{ auth.new_email }} to the old and new email values.
If successful and the site is configured to set the id and email to the same value this will also set {{ auth.id_changed }} to true, {{ auth.old_id }} and {{ auth.new_id }} to the old and new id values, and {{ auth.id }} to the new id. Note that in this case any future auth functions will be required to use the new id.
If successful, the {% auth abort %} command may not be called.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth change_email %} method has already been called. It may only be called once per page load. If the site is configured to set the id and email to the same value then this error code may also indicate that the {% auth change_id %} method has already been called.
no_init: Indicates that no initialization method has been called yet and no value was provided to the id parameter.
bad_init: Indicates that another initialization function was called with a different id.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that no profile was found with the specified id.
blocked: Indicates that the profile is currently blocked.
locked: Indicates that the profile is currently locked.
inactive: Indicates that the profile is currently inactive and must be activated first.
missing_value: Indicates that no new_email argument was supplied to the {% auth change_email %} method.
unchanged: Indicates that the email was not changed because it was the same as the old email.
duplicate_value: Indicates that another profile already exists with the new email.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.
Functions as an alternate init command if the id argument is supplied.
Deactivates the profile and sets a new activation code which will expire on expiration_date - requiring activation before the profile may be logged in again.
If there is a profile logged in, they will automatically be logged out (without saving changes, clearing the session, clearing cookies, or clearing permissions).
Sets {{ auth.deactivated }} to true, {{ auth.activation_code_set }} to true, {{ auth.new_activation_code }} to the new activation code, {{ auth.activation_code_expires }} to the date the new activation code will expire, and {{ auth.login_success }} to false. Unsets {{ auth.activated }}.
If successful, the {% auth abort %} command may not be called.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth set_activation_code %} method has already been called. It may only be called once per page load.
no_init: Indicates that no initialization method has been called yet and no value was provided to the id parameter.
bad_init: Indicates that another initialization function was called with a different id.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that no profile was found with the specified id.
blocked: Indicates that the profile is currently blocked.
locked: Indicates that the profile is currently locked.
missing_value: Indicates that no expiration_date argument was supplied to the {% auth set_activation_code %} method.
invalid_value: Indicates that the expiration_date is less than 5 minutes in the future or is over 1 week in the future.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.
Functions as an alternate init command if the id argument is supplied.
Resets the profile's password - requiring a password reset before the profile may log in again.
If there is a profile logged in, they will automatically be logged out (without saving changes, clearing the session, clearing cookies, or clearing permissions).
Sets {{ auth.force_password_reset }} to true if successful or false if not. If successful sets {{ auth.login_success }} to false.
If successful, the {% auth abort %} command may not be called.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth force_password_reset %} method has already been called. It may only be called once per page load.
no_init: Indicates that no initialization method has been called yet and no value was provided to the id parameter.
bad_init: Indicates that another initialization function was called with a different id.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that no profile was found with the specified id.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.
Locks the profile until the specified date, typically used as a security precaution to prevent attackers from guessing passwords.
If there is a profile logged in, they will automatically be logged out (without saving changes, clearing the session, clearing cookies, or clearing permissions).
Sets {{ auth.locked }} to true if successful and false if not. If successful sets {{ auth.locked_until }} to the date that the profile will remain locked until, sets {{ auth.login_success }} to false, and unsets {{ auth.unlocked }}.
If successful, the {% auth abort %} command may not be called.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth lock %} method has already been called. It may only be called once per page load.
no_init: Indicates that no initialization method has been called yet.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that the auth context has been initialized with a profile that does not exist.
missing_value: Indicates that no until argument was supplied to the {% auth lock %} method.
invalid_value: Indicates that the until date is in the past.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.
Functions as an alternate init command if the id argument is supplied.
Attempt to activate the profile. The activation_code must match the activation code on the profile and must not have expired. Alternatively, use The special keyword force to skip validation of the activation code.
Sets {{ auth.activated }} to true if successful or false if not. Also unsets {{ auth.deactivated }}, {{ auth.activation_code_set }}, {{ auth.new_activation_code }}, and {{ auth.activation_code_expires }}.
If successful, the {% auth abort %} command may not be called.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth activate %} method has already been called. It may only be called once per page load.
no_init: Indicates that no initialization method has been called yet and no value was provided to the id parameter.
bad_init: Indicates that another initialization function was called with a different id.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that no profile was found with the specified id.
blocked: Indicates that the profile is currently blocked.
locked: Indicates that the profile is currently locked.
unchanged: Indicates that the profile was already active, so no change was necessary
missing_value: Indicates that no activation_code argument was supplied to the {% auth activate %} method.
invalid_value: Indicates that the activation_code argument does not match the value stored on the profile.
expired: Indicates that the activation code has expired.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.
Blocks the profile indefinitely.
If there is a profile logged in, they will automatically be logged out (without saving changes, clearing the session, clearing cookies, or clearing permissions).
Sets {{ auth.blocked }} to true if successful or false if not. If successful unsets {{ auth.unblocked }} and sets {{ auth.login_success }} to false.
If successful, the {% auth abort %} command may not be called.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth block %} method has already been called. It may only be called once per page load.
no_init: Indicates that no initialization method has been called yet.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that the auth context has been initialized with a profile that does not exist.
unchanged: Indicates that the profile was already blocked, so no change was necessary.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.
Functions as an alternate init command if the id argument is supplied.
If successful, sets the globally-reserved {{ profile }} variable.
If successful, the {% auth abort %} command may not be called.
Sets {{ auth.login_success }} to true if successful, or false if not.
If successful, the {% auth abort %} command may not be called.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that one of the following methods has been called, which prevent further login attempts on the same page load: {% auth login %}, {% auth force_password_reset %}, {% auth deactivate %}, {% auth set_activation_code %}, {% auth lock %}, {% auth block %}, or {% auth register %}.
no_init: Indicates that no initialization method has been called yet and no value was provided to the id parameter.
bad_init: Indicates that another initialization function was called with a different id.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that no profile was found with the specified id.
blocked: Indicates that the profile is currently blocked.
locked: Indicates that the profile is currently locked.
inactive: Indicates that the profile is currently inactive and must be activated first.
require_password_reset: Indicates that the user cannot log in to the current profile because the password must be reset first.
missing_value: Indicates that no password was supplied to the {% auth login %} method The password is required.
invalid_value: Indicates that the supplied password did not match the stored password for the given profile.
duplicate_value: Indicates that there is already a logged in profile which must be logged out before being able to log in again.
Unblocks the profile if it is currently blocked. Unblocking profiles is typically done manually from the Marketpath CMS admin interface. The {% auth lock %} and {% auth unlock %} methods are preferred for temporarily blocking profiles.
Sets {{ auth.unblocked }} to true and unsets {{ auth.blocked }}.
If successful, the {% auth abort %} command may not be called.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth unblock %} method has already been called. It may only be called once per page load.
no_init: Indicates that no initialization method has been called yet.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that the auth context has been initialized with a profile that does not exist.
unchanged: Indicates that the profile was already unblocked, so no change was necessary.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.
Deactivates the profile - requiring activation before it may be logged in again. Unlike the {% auth set_activation_code %} method, this command unsets the activation code, which must be recreated before the profile may be activated again.
If there is a profile logged in, they will automatically be logged out (without saving changes, clearing the session, clearing cookies, or clearing permissions).
Sets {{ auth.deactivated }} to true and {{ auth.login_success }} to false. Unsets {{ auth.activated }}, {{ auth.activation_code_set }}, {{ auth.new_activation_code }}, and {{ auth.activation_code_expires }}.
If successful, the {% auth abort %} command may not be called.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that either the {% auth deactivate %} or {% auth set_activation_code %} method has already been called. Only one of these may be called per page load.
no_init: Indicates that no initialization method has been called yet.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that the auth context has been initialized with a profile that does not exist.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.
Sets the specified profile attributes to their new values on the auth profile (which is not necessarily the same as the currently-logged in profile).
If the profile exists and the auth is not aborted before the end of the request the new values will be saved to the profile. If the auth is aborted then the new values will not be saved in between requests. If the profile does not exist but is registered in the same request then the new values will be saved on the new profile.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
no_init: Indicates that no initialization method has been called yet.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
Sets the specified profile settings to their new values on the auth profile (which is not necessarily the same as the currently-logged in profile).
If any of the specified settings has validation, the new settings will be validated before being set. An invalid value for any setting will prevent any of the new settings from being set.
If the profile exists and the auth is not aborted before the end of the request the new values will be saved to the profile. If the auth is aborted then the new values will not be saved in between requests. If the profile does not exist but is registered in the same request then the new values will be saved on the new profile.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
no_init: Indicates that no initialization method has been called yet.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
invalid_value: One or more settings has an invalid value.
Removes the specified profile attributes from the auth profile (which is not necessarily the same as the currently-logged in profile).
If the auth is aborted then the removed attributes will not be saved in between requests.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
no_init: Indicates that no initialization method has been called yet.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
Unlocks the profile if it is locked.
Sets {{ auth.unlocked }} to true. Unsets {{ auth.locked }} and {{ auth.locked_until }}.
If successful, the {% auth abort %} command may not be called.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
duplicate_command: Indicates that the {% auth unlock %} method has already been called. It may only be called once per page load.
no_init: Indicates that no initialization method has been called yet.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
not_found: Indicates that the auth context has been initialized with a profile that does not exist.
unchanged: Indicates that the profile was already unlocked, so no change was necessary.
unexpected: Indicates that the system encountered an unexpected error which is not due to any of the common issues associated with profiles. This is a rare error code but may be possible in edge cases such as duplicate concurrent requests, infrastructure issues, or suspected security incidents.
Unsets the specified profile settings from the auth profile (which is not necessarily the same as the currently-logged in profile). For settings with default values this will set them back to their defaults. For settings without default values this will set them to empty/unselected/false.
If any of the specified settings is required, it will result in an invalid_value error and will prevent any of the new settings from being unset.
If the auth is aborted then the unset settings will not be saved in between requests.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
no_init: Indicates that no initialization method has been called yet.
aborted: Indicates that the method could not be performed because {% auth abort %} has been called.
invalid_value: One or more of the settings is required.
Must be called before other auth commands. There are several alternate init commands which may be called in place of {% auth init %}. Alternate init commands set the same auth properties as the {% auth init %} command.
Sets {{ auth.init }} to true, {{ auth.id }} to the specified ID, {{ auth.exists }} to true if a profile with the specified ID exists and false if it does not exist, and {{ auth.profile }} to the profile with the specified ID. If profile does not exist, {{ auth.profile.is_valid }} will be false.
Error Codes:
command_disabled: Indicates that the current command has been disabled at the site level. This will be set for any auth command if profiles are disabled.
bad_init: Indicates either that {% auth init %} was called without an id, or that another initialization function was called with a different id.
aborted: Indicates that the command could not be performed because {% auth abort %} has been called.
Once called all remaining auth commands will cease to function. This will also prevent any settings or attributes that were previously set or unset from being saved.
Can only be called as long as no commands have been executed that prevent abort (eg: login, register, unlock, set_password, etc....).
If successful, sets {{ auth.aborted }} to true, and unsets all other auth properties except for {{ auth.init }}, {{ auth.profile }}, {{ auth.id }}, and {{ auth.exists }}.
Error Codes:
command_disabled: Indicates that the current method has been disabled at the site level. This will be set for any auth method if profiles are disabled.
abort_prevented: Indicates that a previous auth method has already been completed which cannot be undone.
Unsets {{ auth.error_code }} and {{ auth.error_message }}.