Recommended Posts

This module hooks into the login method to provide the possibility to login with the user's email address. This is my first module and it's very simple. Please provide feedback if you have any suggestions. Thanks :)

The module can be found in the module repository:

https://modules.processwire.com/modules/login-with-email/

or on github:

  • Like 3

Share this post


Link to post
Share on other sites
23 minutes ago, noelboss said:

This module hooks into the login method to provide the possibility to login with the user's email address. This is my first module and it's very simple. Please provide feedback if you have any suggestions. Thanks :)

Any information on how to access this new module would be helpful?  Thanks.

  • Like 1

Share this post


Link to post
Share on other sites

Hi @noelboss - you might want to consider the issue of triggering a login attempt when there is no user for the entered email address: 

 

  • Like 1

Share this post


Link to post
Share on other sites

I have a similar module in use. For security reasons I verify if only one single user has the login email address in use. Emails aren't unique in PW like user names! Furthermore its useful to log login failures. Keep the ProcessWire Login Process safe!

  • Like 2

Share this post


Link to post
Share on other sites

Thanks @adrian since it hooks into the default login method, this should already happen. The module does only provide a username of the user to the login method if it finds a user with the provided email. Like so:

Login attempt using default method

> hook: check if entered username is in fact email > check if (only one) user exists with this email > return users username for login

Default login method procedes.

@kixe Thanks for pointing this out. I added this check like the new login module from ryan does it. A login with email is now only possible if the email is unique. 

  • Like 2

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By prestoav
      I have a site built with a user role 'member' that can view some extra 'member area' pages. I have a user with the role 'editor' that has been given 'user-admin' permission who can successfully generate new users. However, when they try to add / change a 'member' role password to a 'member' role they get the error:
      Unable to generate password hash Does anyone know how to assign the 'editor' role the permission to generate a password for other user types?
      Thanks!
    • By jacmaes
      I'm sure it's been asked before on the forums, but I haven't found a relevant answer after multiple searches.  I have a form on the frontend that mirrors the user profile on the backend. After logging in, I want the user to be able to edit multiple fields on his or her profile. For simple text entries (e.g. First Name, Street Address, Phone Number or Email), and single options (e.g. radio buttons for Gender: male or female or select dropdowns for a Country list), I have no issue and everything works fine: the user first fills out the form then can go back and update whichever field they want. That's standard profile editing stuff from the frontend.
      But I hit a roadblock when I want to offer multiple choices. For example, I have a Select Options field set up to show multiple checkboxes for choosing various types of driver's licences. With the following code (edited for brevity):
      $licence_types = array('B1', 'B', 'A1', 'C1', 'D1'); // same options as defined in my select options field foreach($licence_types as $licence) { $content .= "<label><input type='checkbox' name='licences[]' value='$product'> $licence</label>"; } .... $user->of(false); $user->licences = $licences; $user->save(); $user->of(true); the user can successfully submit this info from the frontend form:

      But now how do I show them the result  of what they submitted when they go back and want to update their profile from the same form? In other words, how do I insert the checked='checked' (or simply 'checked') HTML in the previously selected checkboxes?  For example, if they selected the first two options –B1 and B– in the example above, how do I make these two checkboxes ticked?
      With the following loop, I can show the previously selected checkboxes:
      foreach($user->licences as $licence) { $content .= "<label for='$licence->id'> <input name='licences[]' type='checkbox' id='$licence->id' value='$licence->id' checked>$licence->title</label>"; }  
      How do I merge the two loops so that they see this, as expected:

       
      Maybe with in_array()? Any help would be greatly appreciated.
       
       
    • By psy
      Having problems with the new Login/Register module and hoping someone can help.
      Desired result:
      Guest lands on site (or later specific page) and is redirected to the Login page. The user’s landing page is saved to a session and once logged-in, is redirected back to the original landing page What’s happening:
      Guest lands on any page on the site and is redirected to the Login page Guest enters credentials, hits submit, then sometimes a variety of error messages get written to the logs including sessionCSRF and MYSQL errors. Guest user is presented with the Internal Server Error. Regardless, guest is not logged in Scenario:
      Using PW 3.0.76 and PHP 5.6
      User account created manually in admin with login-register privilege User is my old mate: Username: fred Email: fred@flintstone.com Password: 1234test.
       
      Site is configured to use delayed output with Regions & Functions API In _init.php I have:
      <?php namespace ProcessWire; if(!$user->isLoggedin() && $page->id!=1193) { // not for login page     $session->set('returnPage', $page->url);     $session->redirect('/login/');     die; } In login.php template:
        <?php namespace ProcessWire; if($user->isLoggedin() && !$input->get('profile') && !$input->get('logout')) {     // login and go back to the previous page or go to the home page     $goToUrl = $session->returnPage ? $session->returnPage : '/';     $session->redirect($goToUrl); } else {     // let the LoginRegister module have control     $content = $modules->get('LoginRegister')->execute(); } ?> <div id="regContent">     <div class="content-wrap">         <div class="container clearfix">             <region id="regPostContent">                 <!-- Post Content                 ============================================= -->                 <div class="postcontent nobottommargin clearfix col_three_fourth">                     <?=$content?>                  </div><!-- .postcontent end -->             </region><!--#regPostContent-->         </div>     </div> </div><!-- #content end -->  
      What am I doing wrong? Why can’t Fred login?
      Any help to resolve much appreciated.
       
      TIA
      Psy
      PS: Tried to use TracyDebugger to see what was happening but got js errors. Just not my day. Uninstalled TD and no errors
    • By alan
      Sorry folks if this is obvious to most and I missed something in the docs or here in the forum, but, I have cheerfully used code such as:
      if($user->isLoggedin()) { echo " loggedIn"; } else { echo " notLoggedIn"; } in PW 2.x sites.
      Now on a v3 site I am finding even the most basic test to see if the viewer is logged in or `isSuperuser()` is not giving an error but simply doing nothing - not evaluating.
      For example, the top of a typical template reads:
      <?php namespace ProcessWire; if($user->isLoggedin()) { echo " loggedIn"; } else { echo " notLoggedIn"; } I have `debug` turned on.
      Is there something obvious I have missed, perhaps a step required for v3 that's not required for v2 to allow access to $user data?
      Thanks for any pointers.
    • By modifiedcontent
      I have my own register-login-profile/account page system. I know that Ryan recently released an official module for this, but there may be an advantage to having my own custom solution. Anyway, it seems to work well.
      But, I have been getting annoying Russian hack attempt accounts, mostly as 'guests' that don't bother to use the activation link.
      Most if not all of these accounts have this in the name field:
      No Subscription Detected
      Not Recognized
      ...which makes them relatively easy to filter out from real name accounts.
      Where do these "strings" come from? I can't find them in Processwire's source. Are the hackers using some kind of tool that inserts these for some reason? Or is it a PHP thing? Does anyone recognize them? Does it mean they are using some kind of backdoor instead of the registration form?
      In general, what are the best practices to secure my registration form, prevent spam accounts, etc.?
      I'll start with adding a check to block IP addresses that try to register with 'Not Recognized' etc. in the name field I guess.