If you just want to replace instances of the word “username” with “email” sitewide, this may be (almost) as simple as changing the locale translations rather than writing a plugin. See the file:
Note that the term “username” is included in multiple other locale keys, such as:
This also points to the other “gotcha”. There is an unnecessary restriction of the username to alphanumeric characters. This can be removed, if you have some basic knowledge of PHP. https://github.com/pkp/pkp-lib/issues/906
Oh, good catch, @ctgraham! I hadn’t relaxed that… the Shibboleth plugin sets the username as the e-mail directly in the DAO, so the front-end restrictions are circumvented. But if one disables the plugin, one may not be able to log in or recover the password, due to that restriction… I’ll check.
There doesn’t seem to be syntactic validation of the username at login, and password recovery is asking for e-mail anyway, not username. So from a Shibboleth perspective, I think this is good—e-mail–like usernames are only ever created by Shibboleth, and can’t be created via direct registration. Otherwise, a sort of weak DoS attack could be done by registering accounts that look like others’ e-mail addresses; Shibboleth-based registration would then fail, as it would try to create new accounts with usernames identical to previously-existing accounts.
I just changed line 31 on \lib\pkp\classes\security\Validation.inc.php
from
$user = $userDao->getByUsername($username, true);
to
$user = $userDao->getUserByEmail($username, true);
and now it can be logged in by email & password, but don’t know if there would be any side effects.
Anyway, I would still like to get it done by writing a plugin.
Sorry for reviving this old topic…
I still have issues upon registration with Shibboleth, because some e-mail addresses exceed the character limit of the username column in the ojs database. The obvious fix for me would be to change that limit. Where can I set this in the code, so that the database is created with the correct limits already upon installation?
Willing to help out here if my time allows as I’m currently working a lot with the Shibboleth plugin
You can extend the size of the email address field here:
You’ll probably want to make a similar change to the authors table here:
However, are you really working with email addresses longer than 255 characters? Or do you potentially have a character set misconfiguration that’s causing UTF-8 characters to take up more of those than intended?
Regards,
Alec Smecher
Public Knowledge Project Team
Thanks, @asmecher ! That’s what I was looking for!
I’m not working with email addresses longer than 255 characters, maybe that was a bit unclear.
My problem is that the Shibboleth plugin sets the email address as a username, and the username is currently limited to 32 chars only.
Do you see any severe problems with allowing longer usernames?
No, I don’t think extending the length of the username field would cause problems with OJS 3.3.0-x and newer. With 3.2.1-x and older versions you would need to also update the XML database schema descriptors; with 3.3.0-x and newer that is no longer necessary (and the XML descriptors are only distributed with the OJS package for the sake of older upgrades).
Regards,
Alec Smecher
Public Knowledge Project Team
