User Auth: A Complete Solution for Email Login Handling

[JJZolper]

With Django 1.5 more support has been given to those Django developers who wish to have the Email as the username. However, I think we can continue to push onwards to a point where Django can realize a complete solution. By following the user login with username handling but porting it for email handling I think we can solve this issue once and for all. Currently I have been just going online and putting together my own solution, but my hope is with this ticket we can get everyone working together and a finalized solution merged into Django.

[Russell Keith-Magee]

I'm going to accept this as a new feature. I'm almost certain I've heard Jacob advocate for this (can't put my finger on a specific reference for this, though, so I'll stand corrected). Regardless, I think it's the next logical step -- both in terms of making a common use case easy, and providing a clear worked example for "how to do it" if you want to roll your own User model.

In terms of implementation -- this should be provided as a separate contrib app that just contains the email-based user (plus any necssary forms, admin etc), which is in all other respects an exact analog of the default auth.User.

[Russell Keith-Magee]

Whoever takes on this ticket -- keep in mind that there's plenty of existing apps in the wild doing this; we need to take a "best of breed" approach. A couple of options to get started:

• ​https://github.com/Liberationtech/django-libtech-emailuser
• ​https://django-authtools.readthedocs.org/en/latest/

[Tim Anderegg]

Hi All -

I took a crack at creating a patch for this, which can be found here: ​https://github.com/tanderegg/django/tree/ticket_20824_master

I set it up as a new contrib app called auth_email, which is basically a clone of auth.User and associated forms and admin settings, with the exception of using the email field as username. I also took a look at the two apps that Russel suggested. The first one essentially implements this feature the same way I did. The second takes a similar approach, but includes a rewrite of many of the authentication views using Class Based Views. I thought that was unesseccary for this patch, since I chose not to rewrite any views and instead use those in contrib.auth.

I setup a number of basic tests that cover the new code, but I tried not to include any that covered existing code that was already tested in contrib.auth. There may be a few unnesseccary tests in there, but I don't think I missed any that would be useful.

Please take a look at the code and let me know if there are any glaring problems (this is my first time contributing to django, so be kind :). If nothing comes up in the next day or two, I will submit a pull request.

FYI, this is based on the discussion here: ​https://groups.google.com/forum/#!topic/django-developers/rb7v9kVAK3I

Thanks!

[JJZolper]

I was going to try to move this forward more but I'm glad tanderegg is on it. I see there has been a lot more discussion about this in this thread: ​https://groups.google.com/forum/#!topic/django-developers/rb7v9kVAK3I. Good to see it's in the works, definitely looking forward to using the ultimate solution. I still think what Russell said here is the best idea, basically just supplementing what exists with an auth contrib app such as auth.EmailUser.

[Tomek Paczkowski]

I've tried to test out the branch. It applies, but crashes on basic validation, here's error output: ​http://pastebin.com/P7PwZqBW