Allow users to log in to bugs.python.org/issues.roundup-tracker.org with their email 
address in the username field. Currently, this fails with an "Invalid login" error.

Originally filed as http://psf.upfronthosting.co.za/roundup/meta/issue617

I am not clear what is wanted here. You can change your
login name to your email address if you want this.

What is the use case for allowing multiple login names?

-- rouilj

As you require the creation of a username separate from the email address, which is 
different from most other websites, it follows that users will attempt to log in with 
their email address.

WordPress, which requires usernames, lets users log in via both email address and 
username.

This would be a easy fix ( where USERNAME = <blah> OR EMAIL_ADDRESS = <blah>), 
a usability improvement, and a reduction in support time/costs.

Hi Paul:

In message <1501688140.07.0.916477104217.issue2550941@psf.upfronthosting.co
.za>,
Paul Schreiber writes:
>As you require the creation of a username separate from the email
>address, which is different from most other websites, it follows
>that users will attempt to log in with their email address.

Ok fair enough. Also I believe that you can use your email address as
your login name (or change your login name to one of your email
addresses).

However if you do so, you will probably be exposing your email in the
web interface where the username usually shows up. I don't think we
obscure email addresses in that position.

Also I assume you mean only the primary email address (which is used
to send email to the user) and not any additional addresses (which are
used to receive emails and map them to the user).

>This would be a easy fix ( where USERNAME = <blah> OR
>EMAIL_ADDRESS = <blah>), a usability improvement, and
>a reduction in support time/costs.

This would go in the core login code and would need to be controllable
by the tracker admin. I would be in favor of having a patch that
implemented this included in the core code.

Since this is not a bug, I am changing type to RFE (request for
enhancement). Also marking as possible gsoc and I think effort level
should be low.

Actually I think this can be done on a per tracker instance.

In interfaces.py create a new login action that wraps the login
action in cgi/action.py.

This new login action checks to see if __login_name exits in self.form.

Then checks to see if self.form['__login_name'].value is a valid user.

If not, search for a user with a matching email address. If you find
one, change the value of __login_name to the user's name then call the
handler for the LoginAction class.

There is about 10 lines of replicated code from the top of the
handler for the LoginAction class to do this, but I think it could
work.

If it does, we should be able to reuse the logic as a patch to the 
LoginAction handler.

Hi Paul:

Please see: https://wiki.roundup-tracker.org/LoginWithEmail.
This implements using the primary email address as a login name.

My earlier comment about using interfaces.py isn't needed. A simple
login action replacement using a file in the extensions directory does 
fine.

Drop the file into the extensions directory and restart the tracker
and you get the functionality.

I chose to not complicate the core code with this. The extension is 
17 lines of code (not including comments/debug) to do the job.

If somebody wants to allow login by alternate email address, they
can use this as a base to work from.

Note this only works for the web UI. API logins via xmlrpc, rest
etc. still require the username.

-- rouilj