-
Notifications
You must be signed in to change notification settings - Fork 92
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Connection doesn't require username #202
Comments
Also, when a user enters an illegal username (containing a space), Lock highlights the field but does not give an error message indicating that you cannot use a space. |
Actually, spaces are not illegal in the WordPress username (login name) but the Lock widget seems to think so. |
hi @dleeward
if you complete the initial setup wizard, the database connection is created with
This is not handled by the plugin, this depends on Auth0 and Lock, I am checking with the team. |
About the username validation, it is in the backlog of the team working on the lock widget, I don't have an ETA tho. Can you submit an issue in this repo https://github.com/auth0/lock? |
It didn't for me, but maybe I did something wrong. |
In auth0/lock#375 (comment) @hzalaz says
How are usernames with spaces imported into Auth0? Although the first 15 characters of the "nicename" might be legal in Auth0, we are still going to have issues with usernames being different between the WordPress database and the Auth0 database and the potential for duplicate usernames if only the first 15 characters are used. It appears that the native limit is 60 characters. |
I received an answer from @hzalaz at auth0/lock#375 regarding this. They will not be modifying the Auth0 API to allow spaces in the username. This will definitely break the migration functionality for a subset of users since the WP API doesn't allow changing the username (although we have done it in mySQL without any issues). Using a truncated version of nicename with the hyphens converted to underscores could be an option, but the usernames will be different in WP and Auth0 and will likely cause user confusion. Maybe you need to add code to check for duplicate usernames and illegal characters (from Auth0 standpoint) in the username and allow us to display custom messages to the user on how to resolve the issue. |
I also just realized that all of the WP user accounts we have generated from importing users from Facebook will fail as well. Facebook uses a 16 digit GUID and we add FB to the beginning which totals 18 digits. |
You are right about how the usernames are imported into Auth0. Is not common to have spaced in the username so we never bump into this issue. I will check it and see how I can make it work (probably I will need to convert it into a slug) but still the length should be cut off. As hzalaz said, the Auth0 API will not be changed since we need to assure backward compatibility to our customers. The idea of this issue was to add an error message to lock to explain what is wrong with the username. About your specific use case, I guess you might need to update the usernames on the database or move to use just emails for login. |
The problem with just using emails for login is that WordPress requires a username to signup. Is there an option for Lock to display the username field for signup but not ask for it at login? |
There is a setting for that in the appearance tab: that changes this attribute in the lock config https://auth0.com/docs/libraries/lock/customization#usernamestyle-string- |
The "Requires Username" setting should be turned on when the database connection is created.
The text was updated successfully, but these errors were encountered: