My Cart (0)  |  My Orders  |  My Downloads  |  My Auction  |  My Account  |  Help


Login |Register        Search

DNN 7.4 Email Authentication

                Print      Add To Favorite     Add To Watch List     Contact Author

Creator: host   11/18/2015 3:49:44 AM    Author: Philipp Becker   Source: http://www.dnnsoftware.com/community-blog/cid/155168/e-mail-authentication-in-dnn-74   Views: 1306    0    0  
Tags:
DNN 7.4 Email Authentication

One bigger item I’ve been dealing with for the 7.4.0 release was a portalsetting called Use Email Address as Username. The trouble with that setting used to be that usage was far from intuitive in the past and I hope to have improved on that quite a bit.

My expectation on how to use that setting always had been that users make use of their e-mail address when authenticating against the website, as it is the case for many other – if not most – sites out there. What DNN used to do in the past was a very basic implementation – it simply would change the label “username” to “e-mail” address in the registration and login form. And of course site administrators would soon run into issues when a user for instance wanted to change its e-mail address. Since technically its former e-mail address was stored in the username field as well as in the e-mail address field in the database, a change of the address would lead to a inconsistency in the database, i.e. the username field would still hold the old e-mail address while the e-mail address field would hold the new address.

Obviously that was far from ideal.

Now with the changes for DNN 7.4 that has improved a lot. First of all, once the setting is activated, we now authenticate against the e-mail field rather the username field. And then we make sure a change of the e-mail address allows the user to effectively use that new address when authenticating.

This caused a few changes in behaviour of the site.

1. On activating the setting, a check is being performed that makes sure we don’t have duplicate e-mail addresses in the portal. If there are any, the setting cannot be a activated.

2. A change of the e-mail address triggers a sign-out from the site, i.e. the user has to re-login using the new e-mail address

I have also tried to make sure that static resources are changed where needed. There were quite a few places where this clearly was not the case.

A note for upgrade scenarios:

Since the setting now requires that you don’t have any duplicate e-mail addresses in the site we needed to perform a test while upgrading that makes sure your addresses are unique. Once the upgrade logic finds any duplicate addresses for portals where the setting had been turned on the setting is being turned off automatically.

For those of you who use that setting I strongly recommend to check for duplicate e-mail address before upgrading. A simple sql statement for performing that check would be as follows.

SELECT
     U.Email
FROM {databaseOwner}[{objectQualifier}Users] U
    Inner Join {databaseOwner}[{objectQualifier}UserPortals] UP on UP.[UserId] = U.[UserId]
WHERE
    UP.PortalId = 0 
GROUP BY
    U.[Email] HAVING COUNT(*) > 1

Rating People: 0   Average Rating:     

     DnnModule.com is built to provide DNN quality modules and DNN skins, some of them are free, some not. We wish these stuffs (free or not ) can be useful to you.

     Besides that, we also provide a full range of professional services, ranging from web site build, seo, system management, administration, support, senior consultancy and security services. We act as if your development project or network was ours, with care and respect. We are not satisfied until it works the way you want it to, and we don't silently ignore found issues as somebody else's problem.