RFE: allow logging in with username as well as email address.
- [ X] I searched or browsed the repo鈥檚 other issues to ensure this is not a duplicate.
- [ ] This bug happens on a tagged release and not on
master(If you're a user, don't worry about this).
elharo
All 8 comments
why?
nightpool
on 31 Mar 2018
@nightpool I agree with your why? however, a lot of systems are using the dual-auth strategy (email or username). This is relatively simple t do with devise, and I've already started on an implementation in my fork to introduce this if anyone is interested.
It's more of a cosmetic change than anything and probably not worth wasting cycles on. I'm just doing it for fun and since I've done it before on other platforms in Rails.
IMHO, I don't think this is worth surfacing even with a low priority. There are too many issues raised on core to even touch this. Just my .02c.
If collaborators and maintainers decide that this feature is worthwhile, I'll be happy to share my work and PR.
cc: @elharo
nynhex
on 31 Mar 2018
Because doing otherwise confuses users. That is, it confused and surprised me. I'd be willing to bet I'm not the only one either.
Many sites do only use email for login, but these sites almost universally don't ask the user to pick a username too. My expectation as a user is that when I choose a username (almost always the same six character string I've been using since the early 90s) that's what I put in the login box.
In this case, I had tried that several times first assuming I got the password wrong, and then that the site must be broken, or there was a time delay on new accounts or some such thing, before I finally noticed that I should try the email.
You shouldn't get rid of the email login, of course. Both can happily coexist.
elharo
on 31 Mar 2018
Also in this specific case a lot of folks are coming from and experience with Twitter which does allow login by username.
elharo
on 31 Mar 2018
Since your email isn't displayed anywhere (except on the admin side), having you login with your email rather than account name does limit the possible attack vectors for compromising accounts.
mal0ki
on 9 May 2018
oi @nynhex, what happened to the forked code you mentioned?
reason for my interest:
I'm currently locked out of one of my fediverse accounts because I cannot remember which of my approximately thirty possible email addresses I created the acount under for which project.
Mind linking me to the area you were tinkering in if the code is no longer floating around?
jakimfett
on 30 May 2019
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
![stale[bot] picture](https://avatars3.githubusercontent.com/in/1724?v=4&s=40)
stale[bot]
on 26 Oct 2019
shh bot
rugk
on 27 Oct 2019
Related issues
ghost
路
3Comments
selfagency
路
3Comments
renatolond
路
3Comments
flukejones
路
3Comments
marrus-sh
路
3Comments
Most helpful comment
Because doing otherwise confuses users. That is, it confused and surprised me. I'd be willing to bet I'm not the only one either.
Many sites do only use email for login, but these sites almost universally don't ask the user to pick a username too. My expectation as a user is that when I choose a username (almost always the same six character string I've been using since the early 90s) that's what I put in the login box.
In this case, I had tried that several times first assuming I got the password wrong, and then that the site must be broken, or there was a time delay on new accounts or some such thing, before I finally noticed that I should try the email.
You shouldn't get rid of the email login, of course. Both can happily coexist.