Jump to content
applab

problem implementing front-end login with email

Recommended Posts

I have configured ProcessLogin to use email instead of username (and  enforced unique values for the email field).  I can login to my admin just fine using an email address but I'm trying to create a front-end login form and it's failing.  I've copied the example from https://processwire.com/api/ref/session/login/ and replaced the two params with hard-coded values known to work for backend login but I just get 'Sorry Bob'.

Anyone have pointers on how to get this working from the front end?

 

Share this post


Link to post
Share on other sites

Ok, I've found a workaround by using the email to lookup the user name and then logging in with that instead.

$e = $input->post->email;
$p = $input->post->pswd;
$u = $pages->get("email={$e}")->name;
$session->login($u, $p);

 

Share this post


Link to post
Share on other sites

Your approach seems a good one.

I don't know how you've configured things, but in similar circumstances I have usernames based on email addresses. As ProcessWire usernames are page names (mostly this just means replacing the @ with a hyphen), the following works for me:

$email = $this->sanitizer->email($input->post->username);
$username = $this->sanitizer->pageName($email);

Sanitizing the email address might be a small improvement to your approach.

 

Share this post


Link to post
Share on other sites

I had a feeling that the failure of

$session->login($email, $pswd);

might be related to email sanitization, but since my solution worked I gave up pondering.

Before trying it I didn't expect it to work as I thought that without a logged-in admin session I wouldn't have permission to query admin pages.

But your solution of using a sanitized email as the username and then sanitizing $input->post->email before calling $session->login() also makes a lot of sense.  I'll be doing the registration form next so I might adopt that approach.

Share this post


Link to post
Share on other sites
43 minutes ago, BillH said:

Your approach seems a good one.

I don't know how you've configured things, but in similar circumstances I have usernames based on email addresses. As ProcessWire usernames are page names (mostly this just means replacing the @ with a hyphen), the following works for me:


$email = $this->sanitizer->email($input->post->username);
$username = $this->sanitizer->pageName($email);

Sanitizing the email address might be a small improvement to your approach.

 

I figure this could lead to a collision if there were someone with the e-mail jim@ex-ample.com and someone with the e-mail jim-ex@ample.com.

  • Like 3

Share this post


Link to post
Share on other sites

@Jan Romero Yes, very good point. It could indeed cause a collision.

In the particular solution I was copying from, it's not really a problem because the collision would occur when a user was being set up. And it's a membership society, so  the user could be contacted and a different username arranged. Or I could improve the method!

 

 

Share this post


Link to post
Share on other sites
3 hours ago, BillH said:

Or I could improve the method!

My method is this...

The user will register using their email address and never actually know the username that's used to log them in behind the scenes.  On registration the username will be derived from the email address and if there's a clash I'll simply add an incremental numeric suffix.  When the user comes to login, the username is looked up from the email address (which is, of course, unique) and it doesn't matter if a suffix has been added or not, as long as it's the right username for the email address.

Share this post


Link to post
Share on other sites
4 hours ago, applab said:

the username is looked up from the email address (which is, of course, unique)

Technically, the username isn’t needed at all. Unless it’s exposed to users, it might as well be the the same as numeric page ID. If the email address is sufficiently unique, that’s all you need to look up the User object like $users->find("email={$email}") and call $session->login() with it. That is to say, you can pass the username to $session->login() as a string, but you can also pass a User object. https://processwire.com/api/ref/session/login/

Share this post


Link to post
Share on other sites
44 minutes ago, Jan Romero said:

username ... might as well be the the same as numeric page ID

Yes, that makes a lot of sense, thanks.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...