mirror of
https://github.com/go-gitea/gitea.git
synced 2026-07-10 16:44:50 -05:00
Username should be able to be an email address #1816
Closed
opened 2025-11-02 04:14:09 -06:00 by GiteaMirror
·
15 comments
No Branch/Tag Specified
main
release/v1.25
release/v1.24
release/v1.23
release/v1.22
release/v1.21
release/v1.20
release/v1.19
release/v1.18
release/v1.17
release/v1.16
release/v1.15
release/v1.14
release/v1.13
release/v1.12
release/v1.11
release/v1.10
release/v1.9
release/v1.8
v1.25.3
v1.25.2
v1.25.1
v1.25.0
v1.24.7
v1.25.0-rc0
v1.26.0-dev
v1.24.6
v1.24.5
v1.24.4
v1.24.3
v1.24.2
v1.24.1
v1.24.0
v1.23.8
v1.24.0-rc0
v1.25.0-dev
v1.23.7
v1.23.6
v1.23.5
v1.23.4
v1.23.3
v1.23.2
v1.23.1
v1.23.0
v1.23.0-rc0
v1.24.0-dev
v1.22.6
v1.22.5
v1.22.4
v1.22.3
v1.22.2
v1.22.1
v1.22.0
v1.23.0-dev
v1.22.0-rc1
v1.21.11
v1.22.0-rc0
v1.21.10
v1.21.9
v1.21.8
v1.21.7
v1.21.6
v1.21.5
v1.21.4
v1.21.3
v1.21.2
v1.20.6
v1.21.1
v1.21.0
v1.21.0-rc2
v1.21.0-rc1
v1.20.5
v1.22.0-dev
v1.21.0-rc0
v1.20.4
v1.20.3
v1.20.2
v1.20.1
v1.20.0
v1.19.4
v1.21.0-dev
v1.20.0-rc2
v1.20.0-rc1
v1.20.0-rc0
v1.19.3
v1.19.2
v1.19.1
v1.19.0
v1.19.0-rc1
v1.20.0-dev
v1.19.0-rc0
v1.18.5
v1.18.4
v1.18.3
v1.18.2
v1.18.1
v1.18.0
v1.17.4
v1.18.0-rc1
v1.19.0-dev
v1.18.0-rc0
v1.17.3
v1.17.2
v1.17.1
v1.17.0
v1.17.0-rc2
v1.16.9
v1.17.0-rc1
v1.18.0-dev
v1.16.8
v1.16.7
v1.16.6
v1.16.5
v1.16.4
v1.16.3
v1.16.2
v1.16.1
v1.16.0
v1.15.11
v1.17.0-dev
v1.16.0-rc1
v1.15.10
v1.15.9
v1.15.8
v1.15.7
v1.15.6
v1.15.5
v1.15.4
v1.15.3
v1.15.2
v1.15.1
v1.14.7
v1.15.0
v1.15.0-rc3
v1.14.6
v1.15.0-rc2
v1.14.5
v1.16.0-dev
v1.15.0-rc1
v1.14.4
v1.14.3
v1.14.2
v1.14.1
v1.14.0
v1.13.7
v1.14.0-rc2
v1.13.6
v1.13.5
v1.14.0-rc1
v1.15.0-dev
v1.13.4
v1.13.3
v1.13.2
v1.13.1
v1.13.0
v1.12.6
v1.13.0-rc2
v1.14.0-dev
v1.13.0-rc1
v1.12.5
v1.12.4
v1.12.3
v1.12.2
v1.12.1
v1.11.8
v1.12.0
v1.11.7
v1.12.0-rc2
v1.11.6
v1.12.0-rc1
v1.13.0-dev
v1.11.5
v1.11.4
v1.11.3
v1.10.6
v1.12.0-dev
v1.11.2
v1.10.5
v1.11.1
v1.10.4
v1.11.0
v1.11.0-rc2
v1.10.3
v1.11.0-rc1
v1.10.2
v1.10.1
v1.10.0
v1.9.6
v1.9.5
v1.10.0-rc2
v1.11.0-dev
v1.10.0-rc1
v1.9.4
v1.9.3
v1.9.2
v1.9.1
v1.9.0
v1.9.0-rc2
v1.10.0-dev
v1.9.0-rc1
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.8.0-rc3
v1.7.6
v1.8.0-rc2
v1.7.5
v1.8.0-rc1
v1.9.0-dev
v1.7.4
v1.7.3
v1.7.2
v1.7.1
v1.7.0
v1.7.0-rc3
v1.6.4
v1.7.0-rc2
v1.6.3
v1.7.0-rc1
v1.7.0-dev
v1.6.2
v1.6.1
v1.6.0
v1.6.0-rc2
v1.5.3
v1.6.0-rc1
v1.6.0-dev
v1.5.2
v1.5.1
v1.5.0
v1.5.0-rc2
v1.5.0-rc1
v1.5.0-dev
v1.4.3
v1.4.2
v1.4.1
v1.4.0
v1.4.0-rc3
v1.4.0-rc2
v1.3.3
v1.4.0-rc1
v1.3.2
v1.3.1
v1.3.0
v1.3.0-rc2
v1.3.0-rc1
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.2.0-rc3
v1.2.0-rc2
v1.1.4
v1.2.0-rc1
v1.1.3
v1.1.2
v1.1.1
v1.1.0
v1.0.2
v1.0.1
v1.0.0
v0.9.99
Labels
Clear labels
$20
$250
$50
$500
backport/done
💎 Bounty
docs-update-needed
good first issue
hacktoberfest
issue/bounty
issue/confirmed
issue/critical
issue/duplicate
issue/needs-feedback
issue/not-a-bug
issue/regression
issue/stale
issue/workaround
lgtm/need 2
modifies/api
modifies/translation
outdated/backport/v1.18
outdated/theme/markdown
outdated/theme/timetracker
performance/bigrepo
performance/cpu
performance/memory
performance/speed
pr/breaking
proposal/accepted
proposal/rejected
pr/wip
pull-request
reviewed/wontfix
💰 Rewarded
skip-changelog
status/blocked
topic/accessibility
topic/api
topic/authentication
topic/build
topic/code-linting
topic/commit-signing
topic/content-rendering
topic/deployment
topic/distribution
topic/federation
topic/gitea-actions
topic/issues
topic/lfs
topic/mobile
topic/moderation
topic/packages
topic/pr
topic/projects
topic/repo
topic/repo-migration
topic/security
topic/theme
topic/ui
topic/ui-interaction
topic/ux
topic/webhooks
topic/wiki
type/bug
type/deprecation
type/docs
type/enhancement
type/feature
type/miscellaneous
type/proposal
type/question
type/refactoring
type/summary
type/testing
type/upstream
Mirrored from GitHub Pull Request
Milestone
No items
No Milestone
Projects
Clear projects
No project
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: github-starred/gitea#1816
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @keleathi on GitHub (May 23, 2018).
[x]):Failed to login 'user@domain.com' via 'ldap2.domain.local': Invalid pattern for attribute 'username' [user@domain.com]: must be valid alpha or numeric or dash(-_) or dot characters
Description
Users in my ldap directory only have a full email address as their "uid" and therefore their username (for several reasons). I cannot get gitea to function in such an environment, because of the following check in login_source.go:
It would be wonderful if the check allowed for "@" characters as well.
Thank you!
...
Screenshots
@benyanke commented on GitHub (Jun 5, 2018):
Thought: perhaps this should be a boolean option, since it could break other things.
@sbstp commented on GitHub (Jun 5, 2018):
What would the users slug be in the URLs?
gitea.com/email@domain.com/<repo>? I think there are allowed characters in email addresses that are not allowed in URLs.@chossimbaone commented on GitHub (Jun 18, 2018):
This will also be nice for multi forrest ad users.
@clarfonthey commented on GitHub (Jun 21, 2018):
@sbstp are you sure? I'm fairly certain that this could be done.
Mentions for these emails would also work, using @user@domain like Mastodon and other ActivityPub-based systems do.
@techknowlogick commented on GitHub (Jun 21, 2018):
Federation is currently being worked on (via a separate working group), and so this is something that will need to be evaluated in that context, as if emails are allowed, how would we mention across instances if an account on one instance is an email, especially if it contains a domain that doesn't match the domain of the git server.
@tommie commented on GitHub (Oct 29, 2018):
I have reverse proxy authentication set up. My Apache uses OpenID Connect, and I use it as SSO for a bunch of personal things.
When I use a Google identity, the default for mod_auth_openidc is to use "sub" as the remote user, which is a long integer and domain: 9999999999999999@accounts.google.com
I've changed it to use the "email" claim instead, which means it still contains an @-sign.
Whenever I go to my profile page (for either of them) and try to change my username, it seems a new user is created. When I try to change anything else (and leaving username alone), it rejects it saying the username is invalid.
It would indeed be nice to make that work. Since I want auto-registration (and handle authorization in Apache), I can't guarantee user-ID uniqueness except if it includes the domain.
@lafriks commented on GitHub (Oct 30, 2018):
that should probably be handled in oauth instead by for example replacing
@sign with-or something like that@realslacker commented on GitHub (Jan 7, 2020):
Maybe it would work to change just the sanitizeUserDN to replace all instances of %s instead of just using sprintf for the first. Then you could use an LDAP filter like:
@wilful commented on GitHub (Jan 24, 2020):
I have a similar problem. My LDAP has Mail and userPrincipalName. I do like this:
userPrincipalName like as name.secondname@domain.ltd
mail like as sn_name@domain.ltd
After that, the user can log in by mail of the form: sn_name@domain.ltd
Username is userPrincipalName, i.e. Link to the profile is obtained as follows:
https://git.domain.ltd/name.secondname@domain.ltd
And this works, but if I try to use userPrincipalName with login, I get:
@bipinmathew commented on GitHub (Apr 21, 2020):
Was this functionality lost again? I was able to use LDAP emails as user-ids in version 1.7.0, but when I upgraded to version 1.12.0+dev-171-g12960b9d1 it does not seem to work any more, and with the same error:
@ceelian commented on GitHub (May 28, 2020):
Any news on this topic for version 1.12?
@zeripath commented on GitHub (May 29, 2020):
@voidbip yes unfortunately the functionality had to be lost due to a security issue with it.
What we need to do is allow LDAP to provide a mapping function from an email address to a username.
@LeDevAlsacien commented on GitHub (Sep 7, 2021):
Hello, i'm trying to use our LDAP as authentification.
the user usually use email to authenticate and we can't use UID as is one letter and digit (ex: r160459) so the user can't remember that kind of information.
Any news for future version of gitea ?
thanks !
Edit: found a workaround, we have an LDAP attribute that we can use with "Name.GivenName" that work pretty well 👍
@wxiaoguang commented on GitHub (Sep 7, 2021):
Years ago, I also used E-mail as username in LDAP and other systems. Then I have to admit that this is one of most bad mistakes I have made. Using E-mail as username leads to various problems. Then our team spent more time to migrate the account system from E-mail username to regular username.
Even if you have different companies/organizations/domains, even if you want to use different domains for E-mails, do not use E-mail as username. You can have a unique regular username in you system and map it to different E-mails.
So I would always down vote for the E-mail as username decision (of course, you can login via E-mail address which is mapped to a regular username).
@techknowlogick commented on GitHub (Sep 9, 2021):
Closing per reasons above