OpenID logins broken when 'Allow users to login using their e-mail address' setting is enabled
sicjoy - March 10, 2008 - 18:22
| Project: | LoginToboggan |
| Version: | 6.x-1.x-dev |
| Component: | Code |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed |
Description
My site allows both traditional logins as well as OpenID logins. There are a few issues for my OpenID users:
- New OpenID users aren't redirected to the LoginToboggan landing page.
- I was forced to set the minimum password length to None for all users, as OpenID users don't set a password upon login.
- I was unable to use two e-mail fields on the registration form, as the OpenID module fills in just the one form field.
Seeing as how Drupal is embracing OpenID, are there any plans to accommodate these types of logins in this project?
#1
if somebody submitted a patch for this, it would certainly speed up the process :)
i would guess the most practical solution would be to simply bypass #2 and #3 if the login is an openID login. #1 might not be fixable -- it depends on how much openID allows other modules into it's workflow.
#2
Subscribing
#3
subscribe
#4
subscribe
#5
Subscribe.
Also having this trouble with 6.x
#6
Subscribe.
#7
+1
#8
A working patch has already been submitted:
http://drupal.org/node/344620
It works for me with Drupal 6.x
#9
I rolled mfer's snippet into a patch against the DRUPAL-6--1 branch to make login toboggan and openid play nice. Here is the original case: http://drupal.org/node/344620
#10
I just tested this patch. The patch applies fine, and after application OpenID works.
#11
apologies for taking so long on this issue -- fixing these things requires me to learn how openid works, which ended up taking volunteer time i haven't had for awhile... ;)
first things first -- there are too many requests in this issue, so i'm breaking them out into sub-issues. this issue will be about fixing openid logins in the case where LT's 'Allow users to login using their e-mail address' setting is enabled.
other sub issues:
#604492: OpenID doesn't properly leverage FAPI workflow for auto registrations
#604502: minimum password length setting doesn't respect lack of openid passwords
#604508: "Use two e-mail fields on registration form" setting breaks OpenID registrations
#12
the patch in #9 is a bit of a heavy-handed solution -- there's no reason why LT's validation function can't run normally when openid is enabled. for reference, here's LT's current validation function:
<?phpfunction logintoboggan_user_login_validate($form, &$form_state) {
if (isset($form_state['values']['name'])) {
if ($name = db_result(db_query("SELECT name FROM {users} WHERE LOWER(mail) = LOWER('%s')", $form_state['values']['name']))) {
form_set_value($form['name'], $name, $form_state);
}
}
}
?>
i believe what's happening for you guys is that you have at least one entry in your users table that has an empty email address. since openid leaves the 'name' field empty but doesn't unset it, we're getting a false positive on that query to the user's table.
i also think there's a chance that the issue reported in #492486: Array merge of user_register_submit function squashes pre-defined user_register_submit functions might be affecting the way LT inserts it's validation function.
the attached patch addresses these two issues. if i can please get some folks to test and see if this fixes things, that would be great :)
#13
i went ahead and committed the patch in #12 to 6.x-1.x-dev and HEAD -- i'm pretty sure it fixes the problem. if not, feel free to reopen.
#14
Automatically closed -- issue fixed for 2 weeks with no activity.