By julian70 on

Hello guys,
I'm working on a project with some specific requirements. Basically, the site owner needs to generate user accounts which will use only the username field for login (that is, the password field will be never used). The username will be auto-generated. Optionally, there should be some check boxes to set access control, etc. This admin interface should be very dummy.

Then, the user needs to enter his generated username only to log in. Again, no password - only the username.

Is this possible with Drupal? If so, any hints how to achieve it will be highly appreciated :)

Best regards,
Julian

Categories: Drupal 4.7.x, Drupal 5.x

Comments

kirie’s picture

kirie commented

is it possible to create a registration/sign-in wrapper around the existing user.module where the username and password are the same?

julian70’s picture

julian70 commented

Probably, this would be the best approach to solve the problem above.

Well, i have to try my poor PHP skills (not very confident tho) :)

Anonymous’s picture

Anonymous (not verified) commented

Am looking at the same issue!

summit’s picture

summit commented

Still looking for a solution for this please?
Anyone resolved this?

greetings,
Martijn

nrackleff’s picture

nrackleff commented

subscribing. We need to do this too.

gjmokcb’s picture

gjmokcb commented

I'm about to attempt it by overriding form values using a form preprocess function in the template.php file. The idea will be to create a default value for the password field on the form that creates a new user, and to hide that field. The password will be the same for every new user. Then I will supply that password as a default value for the password field on the login form, and I will hide the password field. I'm pretty sure that this will work. You can assume that it did unless I post here again. For info about how to do this sort of thing, try searching for 'template.php' and 'function themename_preprocess_user_register'.

summit’s picture

summit commented

Hi, would be great if you would post your solution here also. With altered code preferably!
Thanks a lot in advance for considering this!
greetings, Martijn

rudders’s picture

rudders commented

Jeff,
Did you ever get this to work? I have a very similar requirement.
Adrian

summit’s picture

summit commented

Nope..didn't find a solution, sorry..stiill interested though!

doublejosh’s picture

doublejosh commented

Listening.

doublejosh’s picture

doublejosh commented

Have thought about theming the login block to prefill the password field and rename the username field to "password"

Then I could pre-load users with the same password or allow user creation with a prefilled password field by theming the registration block the same way.

This would allow this type of registration (one field only) while still allowing another type of login (for admins) via the normal /user URL.

gofair’s picture

gofair commented

Hi Jeff,
Did you find a solution in the end? Please post it back to the forum so that it's not a dead end for people googling.

We were having the same issue on one of our sites...
Wanted to allow people to switch users without having to remember their password.

Here's what I did:


// So you want to log a user in without a password? 
// all you need is the username:

// Get the (user) name of the user you are signing in. 
// Either from $_POST['name'] or $form['name'] 
// depending on how you're crafting the login form.
$name = check_plain($_POST['name']);          

// user_load() by name         
$user = user_load(array('name' => $name));    

// get the current password hash from the user object 
// and store it in a variable. (we will need it later)      
$originalpass = $user->pass;                                

//  a temporary password for the user we are going to log in! 
$newpass = 'SomeRandomC0mpl3xString';         
$newhash  = md5($newpass);                       
// provided your drupal is not using "salt" or encryption this will work fine.          

// SQL query to set the user's password to the Temporary one
$update = "UPDATE users SET pass = '%s' WHERE name='%s';";  
$updated = db_query($update, $newpass, $name);              

// So at this stage your user has users.pass = $newpass   

// set the user login parameters
$params = array(  
			'name'=>$name,
			'pass'=>$newpass,
			'status'=>1
		);	

// login as this user  using the  standard drupal method 
// for user authentication supplying the above parameters. 

$account = user_authenticate( $params ); 
// note: D5/D7 is slightly different. see below.                              

// once we have the $account object we need to re-set 
// the password back to what ever it was before this login

// SQL query to set the user's password to the Temporary one
$reset = "UPDATE users SET pass = '%s' WHERE name='%s';";  

// Run the query           
$updated = db_query($update, $originalpass, $name);                      

return $account;

Notes:
user_authenticate - http://api.drupal.org/api/drupal/modules--user--user.module/function/use...
user_load - http://api.drupal.org/api/drupal/modules--user--user.module/function/use...

if you prefer to log users in using email address add it to $params array: 'mail'=>$email, for our purposes stick with $name

This code can easily be turned into a function or method as required.
You just need to know that you are submitting a (user) name as the parameter.
or you could even allow a name or email by having:

function drupal_login_no_password($name = NULL, $mail = NULL)
{
// place the above code in here and write a quick switch / case to check which variable is set so you can feed it to the user_load and user_authenticate methods. :-)
}

Let me know if this answers your quest(ion)
If not, be specific with requirements.

Cheers.
p.s. I know the above code is very crude and inelegant but it works.

halmsx’s picture

halmsx commented

hi

ill be making a custom module for this. the approach will be to use lots of hooks. the difference is, the users will be created by admins, there will be no user's registrations.

1. when a new user is added, a default password will be created automatically.
2. alter the login form/block to '#type = hidden' for the password field (and maybe mark it '#required => FALSE'). then set '#value' with the default password.
3. might also need to 'hook' the login validation function.
4. alter the edit user account form to disable the password fields and also hook the validation function to use the default password.

i might be missing a few steps now, but thats the base approach.

im starting simple, but will enhance it further as i go along. i need to implement this to a live site by mid feb, but must have it ready for client's testing by early feb.

devkinetic’s picture

devkinetic commented

Let us know how this goes, I'm looking into this as well but for a slightly different use-case

Ryan aka Devkinetic
Sr. Web Developer

halmsx’s picture

halmsx commented

hi

after working on this, i realized in need 2 types of login. 1) without password. 2) normal login for admins.

i could alter the password field into textfield, but my custom login requires a login id, and 2 date fields. the users are created from csv import, therefore i can create a common password and embed it in the login block form. for normal user add, you can simply user the hook_user to create a default password for the users upon user creation.

sounds quite easy. dats coz i spent almost 2 weeks on this, testing and trying to come out with the best solution. at the end i got shorter and more stable codes. but the most important is, its easy for my client to manage the module once the project is handed over to them.

since my module contain lotsa other validations processes, it might be too complex to share. but if anyone still need this 'username only login', please tell me, and i can modify my module and share it. im quite busy, therefore i might take sometime to post it. but i hoped someone can take the module later and create a drupal project and maintain it.

jdawg’s picture

jdawg commented

hey halmsx.

i would love to use this code you've developed to add user with no password. i am not proficient enough to create a project, maintain it. my coding level is minimal.

but it would help me out immensely!

let me know if possible.

thanks!

summit’s picture

summit commented

+1 for your module please!
greetings, Martijn

adigunsherif’s picture

adigunsherif commented

Mind you, this approach will mean that the user 1 password too will be the same as that of other users, since you are setting a default value for everyone. Risky!

drurian’s picture

drurian commented

Where would you add this code, in form validate function?

scvinodkumar’s picture

scvinodkumar commented

Use this module : https://www.drupal.org/project/passwordless