[wp-trac] [WordPress Trac] #9568: Allow users to log in using their email address

WordPress Trac noreply at wordpress.org
Mon Jan 12 02:26:26 UTC 2015 

#9568: Allow users to log in using their email address
-------------------------------------------------+-------------------------
 Reporter:  Denis-de-Bernardy                    |       Owner:
     Type:  feature request                      |      Status:  assigned
 Priority:  normal                               |   Milestone:  4.2
Component:  Users                                |     Version:  2.8
 Severity:  normal                               |  Resolution:
 Keywords:  has-patch needs-testing needs-       |     Focuses:
  refresh needs-unit-tests                       |
-------------------------------------------------+-------------------------

Comment (by ericlewis):

 attachment:9568.8.diff is a fresh approach here. Rather than usernames to
 be a non-required field, modify the login process to allow for logging in
 with user email.

 `wp_signon()` is wp-login.php's form submission handler, which calls
 `wp_authenticate()`, the canonical "authenticate username and password"
 function, which is also used by XMLRPC. This patch changes the `$username`
 parameter to `$user_identifier`, which supports usernames for back-compat,
 and now also emails.

 Authentication logic (i.e. is this username and password valid?) actually
 takes place in a callback on the `authenticate` filter.
 `wp_authenticate_username_password()` is the hooked function for checking
 usernames and passwords. I've added another callback for
 `wp_authenticate_email_password()`. The two share a good amount of logic.
 We could create another function like
 `wp_authenticate_user_field_and_password( $field_name, $field_value,
 $password )`, which could share almost all this logic, and then the
 username and email functions would proxy to this function.

 I've modified the two functions to coallate error messages, so we can
 figure out what the best way to present error messages to the user (this
 needs ironing out). e.g. so if you enter "eric at lew.is," we might say "The
 username or email address and password combination was incorrect." rather
 than just the last-in error "The email address and password combination
 was incorrect."

--
Ticket URL: <https://core.trac.wordpress.org/ticket/9568#comment:67>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list