[Zope-CMF] Re: Trying to customize CMF login to use email rather than userid

[Florent Guillaume]

Deb Lewis wrote:
> Have hunted through all the documentation I can find, bumbled around in base
> system code, and searched web sites/news groups, still stumped and figure
> this must be something others have done, so must be time for plaintive cry
> for help.
> 
> Objective: trying to customize the standard login_form for a CMF site to let
> members log in by entering the email address from their member data rather
> than the userid of their account.
> 
> Did a revised login_form, have supporting services to map email value from
> form input to a userid and detect cases where that's not possible and actual
> userid needs to be supplied, but can't figure out where/how to get this
> hooked in properly in the ZPublisher/auth/login mechanism so that the form
> submit for this page can get the login processed.
> 
> Configuration: Zope 2.7.7, CMF 1.4.8; also GRUF (GroupUserFolder) 3.3
> 
> Any pointers to tips/solutions would be greatly appreciated.


In a standard user folder, the thing that transforms the authentication 
tokens (login+pw, or here email+pw) into a user object is the 
'authenticate' method. You'd have to patch/subclass it if you used a 
standard user folder, I don't know if GRUF is flexible in that respect.

Note that in the context of CPS, CPSUserFolder can use any field as 
login field, email is indeed a very common need.

Another way would be to hack the cookie crumbler so that it transforms 
the email into the id (by doing a lookup) before passing that info away 
to the user folder. That would be costly, as you'd do the lookup for 
every request.

Another way would be to do the lookup in the login form, then redirect 
to logged_in after having changed the form data.


Florent

-- 
Florent Guillaume, Nuxeo (Paris, France)   Director of R&D
+33 1 40 33 71 59   http://nuxeo.com   fg at nuxeo.com