Login: Validating Against Email Address Only?

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

Please do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.

This forum is for discussing mojoPortal development

This forum is only for questions or discussions about working with the mojoPortal source code in Visual Studio, obtaining the source code from the repository, developing custom features, etc. If your question is not along these lines this is not the right forum. Please try to post your question in the appropriate forum.

You can monitor commits to the repository from this page. We also recommend developers to subscribe to email notifications in the developer forum as occasionally important things are announced.

Before posting questions here you might want to review the developer documentation.

Do not post questions about design, CSS, or skinning here. Use the Help With Skins Forum for those questions.
This thread is closed to new posts. You must sign in to post in the forums.
6/12/2009 7:36:22 PM
michael.jew
Gravatar
Total Posts 26
View Posts

Login: Validating Against Email Address Only?

Hello Joe (and everyone),

 

Question 1: From my tests with ASP.Net, it appears that the default behavior of the <asp:Login> control is to validate either the Username/Password pair -or- the Email/Password pair. It can check both because both the registered Username and Email address must be unique. Is this correct? I haven't found documentation on it, even on the MSDN Libarary.

Question 2: In \Web\Secure\Login.aspx.cs, why did you added a Validator called regexEmail to restrict only using email addresses? Is this more secure to you?

 

thanks,
Michael


 

6/13/2009 6:44:22 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Login: Validating Against Email Address Only?

Hi Michael,

1. The ASP.NET login control is designed to bind to and call methods on a MembershipProvider. I do not know if the SqlMembershhipProvider that ships with .NET can be configured to use email or username, but the mojoMembershipProvider does do this according to sitesetings configuration and I have added logic to show a different label according to whether a username or email is being used. 

2. Of course upon postback server side validation of the entered credentials will occur. If configured to use email for login we add this validator as it can save us a postback if the user doesn't type a valid email address.

Hope it helps,

Joe

You must sign in to post in the forums. This thread is closed to new posts.