Metadata-Version: 1.0
Name: collective.emaillogin
Version: 1.3
Summary: Allow logins with email address rather than login name.
Home-page: https://github.com/collective/collective.emaillogin
Author: Guido Wesdorp
Author-email: guido@pragmagik.com
License: GPL
Description: collective.emaillogin Package Readme
        ====================================
        
        
        Overview
        --------
        
        This package allow logins with email address rather than login name. It applies
        some (somewhat hackish) patches to Plone's membership tool and memberdata
        class, after which the email address, on save, is saved as the login name for
        members. This makes that members can log in using their email address rather
        than some additional id, and when the email address changes the login name
        is changed along with it.
        
        Since version 1.0 we explicitly convert e-mail addresses to
        lowercase.  You should be able to login with any mix of upper and
        lower case letters.
        
        
        Installation
        ------------
        
        Add it to the eggs of your Plone 3 buildout.  With Plone 3.2.x or
        earlier also add it to the zcml option of your instance.  Install it
        in the Add-ons (Extra Packages) control panel in your Plone Site.
        Installing simply adds a new skin layer named 'emaillogin'.
        
        It is best to install this on a fresh Plone site.  The login names of
        current users are not changed.  There is code in core Plone 4 for
        this, so you may want to look there if you need it.
        
        .. WARNING::
          A major part of this package works by patching several core
          Plone and CMF classes.  The patches also apply when you do not have
          this package installed in your Plone Site.  This may give unwanted
          results, like changing the login name of a user when his or her e-mail
          address is changed.  This also means that when you have multiple Plone
          Sites in one Zope instance, you should either install this package in
          all of them or not use it at all and remove it from your buildout.
        
        
        Upgrading
        ---------
        
        When upgrading from version 0.8, an upgrade step is run to change all
        login names to lower case, for those login names that are already
        e-mail addresses.
        
        
        Gotchas
        -------
        
        No, these are not bugs.  Or if they are bugs, then they are bugs that
        are too hard to fix without introducing other bugs.  They might be
        unexpected though, so we call them gotchas.
        
        - Since version 1.0, whenever an e-mail address is set, we
          automatically convert it to lowercase.  You cannot set an e-mail
          address to upper or mixed case.  When logging in or resetting a
          password the case does not need to match: we look for the given
          login but also for the lowercased login.
        
        - As an administrator, when you change the login name of a user in the
          ZMI, this does not update the email.
        
        - When you register with original@example.org and change this to
          new@example.org, you can no longer login with your original address.
          You can only login with your current e-mail address, though the case
          (upper, lower, mixed) should not matter anymore.
        
        - The initial e-mail address is used as userid.  This id never ever
          changes. In places where the userid is displayed this original
          userid is shown, which is normally fine until the email address is
          overwritten -- once this is done the *original* email address will
          be displayed rather than the new one.  (Plone 4 fixes this in the
          core.)  There may be some more spots in Plone that for example
          search only for users by id so when you use that to search on login
          name this may fail.  Also, there are spots in the Plone or CMF or
          Zope code that have a userid as input but use it as login name or
          the other way around so be careful when you start hacking yourself.
        
        - If you register with one@example.org, then change it to
          two@example.org, then no one can register a new user with
          one@example.org or change the e-mail address of an existing user to
          one@example.org.  This is because it will forever be used as
          userid.  Note that when you now change your address to
          three@example.org, your intermediate address of two@example.org is
          free for the taking.
        
        - When you change your e-mail address, you do *not* get a confirmation
          e-mail to check if you did not make any typos and it is a real
          address.  This means you will not be able to login if you do not
          remember this typo; a password reset will then also not work.  This
          could be considered a problem of Plone in general and not specific
          for this add-on, though we are hit harder by it.  Might be a nice
          candidate for a PLIP (PLone Improvement Proposal) or first an extra
          add-on.
        
        
        Future
        ------
        
        In Plone 4 this package is deprecated, as Plone 4 already supports
        logging in with your email address as an option:
        http://dev.plone.org/plone/ticket/9214
        
        So we strongly advise not to use this package on Plone 4.  But your
        instance will still start up (tested on Plone 4.0a4) and you can
        uninstall the package through the UI.  You may need to manually remove
        ``emaillogin`` from the skin selections in the Properties tab of
        portal_skins in the ZMI.  Since the package does some patches on
        startup, you should still remove it from the eggs and zcml options of
        your instance, rerun buildout and start your instance again.
        
        
        Changelog for collective.emaillogin
        ===================================
        
        
        1.3 (2012-09-24)
        ----------------
        
        - Avoid possible circular import for the PloneMembershipTool in
          PlonePAS and CMFPlone.
          [maurits]
        
        - Moved to https://github.com/collective/collective.emaillogin
          [maurits]
        
        
        1.2 (2012-02-14)
        ----------------
        
        - Patch RegistrationTool.isMemberIdAllowed.  When the id that is
          passed in is already in use as login name, we do not accept it as
          user id either.  Also, in various spots where isMemberIdAllowed is
          called, the id is really meant as login name.
          Possibly this fix is only needed for Plone 3.1 and earlier, as I am
          sure I have tested this before on Plone 3.3.6.
          [maurits]
        
        - Patch the login method from
          Products.PlonePAS.plugins.cookie_handler.ExtendedCookieAuthHelper.
          This is the code from Plone 3.3.6; it is included because Plone 3.1.7
          does the wrong thing for us here.
          [maurits]
        
        
        1.1 (2011-12-13)
        ----------------
        
        - Patch CMFPlone.MembershipTool.testCurrentPassword to authenticate
          with the login name.  The code in Plone 3.3.5 itself already works
          (and is simply copied here), but Plone 3.1.7 has an error that is
          triggered for us as the user id is not always the same as the login
          name.
          [maurits]
        
        
        1.0 (2011-11-23)
        ----------------
        
        - In the mailPassword method explicitly disallow looking for a member
          with the given forgotten user id when this is an e-mail address.  We
          only search for users with that e-mail address as login name.  This
          only has an effect when you have changed your e-mail address to
          something really different (instead of just a change in the case).
          Without this change, you could reset your password with your old
          address, but could not login with that address.
          [maurits]
        
        - Refactored authenticateCredentials.  This avoids getting a message
          stating you are logged in when in fact you are not logged in.
          [maurits]
        
        - Added upgrade step to migrate all existing users to have a lowercase
          login name (when their e-mail address is used as login name).
          [maurits]
        
        - Patch PloneTool.setMemberProperties to always set the e-mail address
          to lower case and to update the login name when the e-mail address
          changes.
          [maurits]
        
        - In validate_personalize.vpy turn the e-mail address to lowercase.
          [maurits]
        
        - Patch Products.PlonePAS.tools.membership.MembershipTool.addMember to
          always add the member as lowercase, also when not called from
          registered.cpy
          [maurits]
        
        - In join_form_validate.vpy turn the e-mail address to lowercase.
          [maurits]
        
        - Changed getMemberByLoginName and ZODBUserManager.authenticateCredentials
          to explicitly search for the lower case login name if the initial
          literal search does not work.
          [maurits]
        
        - Added classifiers for Plone 3.2 and 3.3 in setup.py.
          [maurits]
        
        
        0.8 (2010-05-18)
        ----------------
        
        - Removed mail_me functionality from join_form as this claimed to be
          sending the password, which Plone has not been doing for a long
          time, if ever.  The backend handling for this was already removed
          from Plone itself.
          [maurits]
        
        - Fixed wrong condition and double definition where allowEnterPassword
          meant you were actually *not* allowed to enter a password.  It
          worked fine but was confusingly stated the wrong way around.
          [maurits]
        
        
        0.7 (2010-02-23)
        ----------------
        
        - added german translation [deichi]
        
        
        0.6 (2009-05-13)
        ----------------
        
        - Patched some methods in PasswordResetTool and RegistrationTool to
          make sure you can actually reset your password, even after changing
          your email address.  [maurits]
        
        - Use email address instead of login/user name in some more spots,
          like the login form and in validation.  [maurits]
        
        
        0.5 (2009-05-06)
        ----------------
        
        - Fixed error on reinstall where the default skin would be set to the
          no longer existing emaillogin skin.  [maurits]
        
        - Added profiles/default/metadata.xml: version = 1.  [maurits]
        
        - After a successfull edit of the personalize form, do not travere to
          the personalize_form, but redirect to it.  This solves an error
          "Forbidden: Form authenticator is invalid." when changing your email
          address (= login name) and then saving the form a second time.
          [maurits]
        
        - Changed validate_personalize.vpy to allow changing your preferences
          again.  [maurits]
        
        - Adapted validate_personalize.vpy.  Change compared to default Plone:
          check the validity of the email address as a login name.  [maurits]
        
        - Added i18n.  [maurits]
        
        
        0.4 (2009-05-05)
        ----------------
        
        - Also show the error when the email address is not a valid username.
          [maurits+mike]
        
        
        0.3 (2009-05-05)
        ----------------
        
        - Removed personalize_form.cpt(.metadata) as there was no important
          difference with the one from default Plone.  [maurits+mike]
        
        - Take over a small change in default Plone to the personalize.cpy.
        
        - Fixed join form to also work in newer Plones by using the
          @@authenticator provider for protecting this join form.  Keeps
          working in Plone 3.0 as well (which does not use plone.protect).
          [maurits+mike]
        
        
        0.2 (2009-05-05)
        ----------------
        
        - No longer register our own skin path (skin selection), but just add
          our emaillogin skin layer to the existing skin selections.
          [maurits+mike]
        
        
        0.1 (2008-01-15)
        ----------------
        
        - Initial release.
          [maurits, guido]
Platform: UNKNOWN
Classifier: Framework :: Plone
Classifier: Framework :: Plone :: 3.2
Classifier: Framework :: Plone :: 3.3
Classifier: Framework :: Zope2
Classifier: Framework :: Zope3
Classifier: Programming Language :: Python
Classifier: Topic :: Software Development :: Libraries :: Python Modules
