LoginWithEmail - Roundup Tracker Wiki

LoginWithEmail

Immutable Page
Comments
Info
Attachments
More Actions:

Issue 2550941 requests the ability to login using the user's email address.

While you can use an email address as a username, it also exposes the username/email in the UI. This mechanism allows login using email address, but hides the email address in the UI by displaying the username.

Place the following code in a file in the extensions/ directory of your tracker. I suggest using AddLoginWithEmail.py as the file name (look at the raw version of this page to get indention exactly right).

   1 from roundup.cgi.actions import LoginAction
   2 
   3 import logging
   4 logger = logging.getLogger('actions')
   5 
   6 class LoginWithEmailAction(LoginAction):
   7 
   8     def handle(self):
   9         ''' Allow a user to use their primary email address as login name.
  10             They can also use their actual username as well.
  11         '''
  12         # Does __login_name exists in form.  If not, nothing to
  13         # do. Fall though and call core LoginAction handler which
  14         # will return appropriate error.
  15         if '__login_name' in self.form:
  16             try:
  17                 # get the login info
  18                 username = self.form['__login_name'].value
  19                 userid = self.db.user.lookup(username)
  20                 if __debug__:
  21                     logger.debug("Login name %s is username", username)
  22             except KeyError:
  23                 # __login_name not found as username. Try
  24                 # looking it up as email address.
  25                 # email addresses are unique so this is
  26                 # an exception or one value
  27                 if __debug__:
  28                     logger.debug("looking up %s as email address", username)
  29 
  30                 userid = self.db.user.filter(None,
  31                                              filterspec =
  32                                              {"address": username})
  33                 if len(userid) == 1:
  34                     # Email address matched. Get username.
  35                     # Modify form to use username.
  36                     username = self.db.user.get(userid[0], 'username')
  37                     self.form['__login_name'].value = username
  38                 else:
  39                     if __debug__:
  40                         logger.debug("Email lookup failed.", username)
  41         # pass off to underlying core LoginAction handler.
  42         LoginAction.handle(self)
  43 
  44 def init(instance):
  45     instance.registerAction('login', LoginWithEmailAction)

Restart your tracker and a user can log in using their username or primary email address.

An alternate version of this (untested) that allows matching alternate addresses uses uidFromAddress. Sketch of idea is to add:

   1 from roundup.mailgw import uidFromAddress

at the top of the file then replace the call to self.db.user.filter with something like:

   1                 userid = uidFromAddress(self.db, ('', username), create=0)

This returns the uid associated with the address searching all email addresses associated with the user. This may be useful but I am not sure it's a good idea.

This will not allow login with email for the REST or XMLRPC interfaces. Those use basic auth (or a JWT) for authentication and this code doesn't intercept that authentication path.

CategoryActions CategoryAuthentication