[PLIP-Advisories] Re: [Plone] #9214: support logins using e-mail address instead of user id
plip-advisories at lists.plone.org
plip-advisories at lists.plone.org
Tue Jun 30 17:59:35 UTC 2009
#9214: support logins using e-mail address instead of user id
-----------------------+----------------------------------------------------
Reporter: davisagli | Owner: maurits
Type: PLIP | Status: new
Priority: minor | Milestone: 4.0
Component: Unknown | Resolution:
Keywords: |
-----------------------+----------------------------------------------------
Comment(by erikrose):
Having spent a lot of time in the PAS and membership code, I'm concerned
at adding more branches in there; there are a lot of cleanups that should
happen first.
* As alecm says, we need need NEED to stop using loginname to reference
users internally; userid is the correct immutable key. I routinely change
loginnames when clients move from Plone's built-in auth to our Kerberos
auth.
* The OpenID plugin has to do some truly awful hacks (the same ones I do
in WebServerAuth) to be able to authenticate a non-enumeratable user; that
needs to get fixed in PAS.
* The setting of the last-login time and, IIRC, the firing of some
important events are essentially hard-coded into the login_form. These
should be moved elsewhere so non-form-based login can be a first-class
citizen.
I wonder if email-based login could be better implemented as an add-on
once we improve the hook situation in PAS and the rest of the auth code.
FWT vote: -1 for now. I think the idea is good, given that so many people
seem to request this, but I want to be sure we implement it in a
maintainable way rather than just glomming more branches onto an already
hard-to-follow subsystem.
--
Ticket URL: <https://dev.plone.org/plone/ticket/9214#comment:24>
Plone <http://plone.org>
Plone Content Management System
More information about the PLIP-Advisories
mailing list