Comments on: Logging In With Email Addresses in Django

By: tyagi

tyagi — Sun, 20 Dec 2009 05:32:57 +0000

Have the Django developers given a reason for not wishing to enable Email logins for the built-in User authentication model? Alternatively, have they given a reason for not permitting non-alphanumeric characters in the username field?

Searching for solutions to this issue seems to give a large number of hits for fragmented and 90% working patches or backend extensions. Given that users of Django are obviously experiencing some problems with this developer policy, and the need for Email Usernames is quite apparent, is there a particular reason why they’re not willing to implement it?

By: cornbread

cornbread — Thu, 12 Nov 2009 17:22:31 +0000

I have the same question as steg.

also this seems backward to me. Why didn’t django think “hmm maybe someone might want email as username”

it seems like an ugly hack to attempt to make email unique and can’t use built in login form. Is this so hard to fix?

p.s. Please explain the permissions comment…

By: steg

steg — Sat, 10 Oct 2009 22:33:53 +0000

A possibly naive question:

The EmailOrUsernameModelBackend allows a user to use their email or username during authentication.
This backend is then added to the list of AUTHENTICATION_BACKENDS **before** the standard ModelBackend, which performs authentication using the username User field.

My question is why does the EmailOrUsernameModelBackend need to support both email and username, rather than just email? To illustrate my point, if I was to log in with username “steg”, the EmailOrUsernameModelBackend.authenticate() method would try to retrieve a User object from the db using keyword arguments {“username”:”steg”}. If this fails, django then moves on and tries the ModelBackend.authenticate() method, which will do exactly the same thing.

Are there other reasons for this apparent duplication? I’m pretty new to django, so apologies in advance if I’m missing something obvious.

By: peterp

peterp — Tue, 14 Jul 2009 09:46:49 +0000

A user can register the same email address more than once. So I’ve modified the code a bit to filter by email addresses.

It then loops through each user found and checks the password individually.

By: zalun

zalun — Tue, 30 Jun 2009 23:02:00 +0000

@keredson
I use similar approach.
I just set the username as a slug of email replacing every weird character with _ and @ with __
Seems to work fine

@David
The only problem I have for the moment is the Admin interface to create users instead of allowing them to register…

By: keredson

keredson — Wed, 10 Jun 2009 04:31:59 +0000

how do you force emails to be unique in django’s default admin? i dropped this code into my test app, and the first thing it gave me was “warning, returned 3 objects not 1!” during “User.objects.get(**kwargs)”.

By: markhellewell

markhellewell — Tue, 28 Apr 2009 23:09:23 +0000

Nice, thanks. It pleases me to find out Django allows such elegance

By: carljm

carljm — Thu, 18 Sep 2008 13:26:05 +0000

> The reason it doesn’t inherit from ModelBackend is that this allows you to specify a second backend to use for permissions.

Could you expand on this? I’ve been using an EmailBackend similar to yours, except that it inherits from ModelBackend, overrides only the authenticate() method, and I use it all by itself in AUTHENTICATION_BACKENDS. This seems to work just fine. What am I missing that your approach provides?

By: julien

julien — Mon, 25 Aug 2008 23:03:41 +0000

Hey, just a quick note. If using the standard login views, you won’t be able to login with an email that’s longer than 30 characters. There’s a ticket with a simple patch which hopefully will get checked in to fix that:
http://code.djangoproject.com/ticket/8274

Cheers,

Julien Phalip

By: David

David — Mon, 25 Aug 2008 18:03:59 +0000

Ya I did notice that get_user is still required. I updated the above code.

The reason it doesn’t inherit from ModelBackend is that this allows you to specify a second backend to use for permissions.