LoginToboggan is one of the top 100 modules for Drupal by usage. It offers many frequently requested modifications to the standard Drupal registration and login functionality.
To view the list of features the module provides or to download the module, visit the project page at http://drupal.org/project/logintoboggan
- Download the appropriate module for your Drupal release and extract the compressed files.
- Place the entire LoginToboggan module folder into either: [your site]/modules directory, or [your site]/sites/all/modules directory.
- Enable the module at:
Drupal 6: admin > build > modules
Drupal 7: administration > modules
Configure LoginToboggan by selecting the "configure" link for LoginToboggan on Drupal's "Modules" page, or select from:
Drupal 6: admin > user > logintoboggan
Drupal 7: administration > configuration > system > logintoboggan
The configuration options are summarized below:
You can enable the 'login with email address' feature. This doesn't prevent users from logging in as usual with their username, it simply adds the extra functionality that the user can choose to log in using their email address instead. For many users this is easier to remember and can provide a better overall user experience.
LoginToboggan provides several improvements to the user registration process.
Use two email fields on registration form
If this option is enabled, the user will be required to enter their email address twice when registering on the site. This can help prevent problems caused by users typing their email address wrongly. LoginToboggan will verify that both fields are the same, and prompt the user to correct it if not. Set this to disabled for the default Drupal behavior without verification.
Checking this will allow users to enter their desired password when they set up their user account. Leaving it unchecked will use the default Drupal behavior; e-mailing the user a link they must click and returning them to the site to set their password. If you enable this feature you're advised to edit the text of the 'Welcome, no approval required' email (see note under Configure other settings below).
Before you enable the 'Set Password' feature, it's highly recommended that you setup a new role expressly for non-authenticated users. These are users who have registered an account on your site, but not yet verified their email address by clicking on the link in the welcome email. The new user will automatically be assigned a role on the site, so it is critical to be able to designate the proper permissions.
To create a new role:
- Go to Drupal 6: admin > user > permissions, or Drupal 7: administration > people >permissions > roles and setup a new role, such as 'Unverified user' or 'New user'.
- Set up suitable permissions for this role. For example, you may not want unverified users to be able to create new content.
Note: This new non-authenticated role will not automatically inherit permissions of either the authenticated role or the anonymous role. If additional permissions are required (such as view published content), they must be added here. You may want to create a role with the same permissions as the anonymous user if you wish the newly created user to only have anonymous permissions.
- Return to the LoginToboggan configuration screen and select this new role from the dropdown box labelled 'Non-authenticated role'.
Delete unvalidated users after
You can select a value from this menu option to control how long the site will allow new users before following the link provided in the welcome message. This can be helpful to prevent registration spam by removing users who do not promptly configure their account information.
LoginToboggan provides the ability to select two temporary redirect paths: one for initial registration and another for immediately after authenticating. This can be useful when additional information regarding the registration process would be helpful. The information provided in this configuration section can provide any additional details regarding path redirection options available.
Configure other settings
Authenticate link in e-mail template "Welcome (no approval required)"
If you checked the set password option, you should modify the Welcome (no approval required) email message to reflect the correct approval link and email body text. The message can be modified at:
Drupal 6: admin > user > settings or
Drupal 7: administration > configuration > people > account settings
The appropriate message can be found under the E-mail tabs on the Left sidebar. Change the token from [user:one-time-login-url] to [user:validate-url]. Remember to change e-mail body text as appropriate.
The confirmation link in this email will now have the effect of confirming the user as an 'authenticated user' on the site. Until the new user follows this link, they will have the non-authenticated role defined by the earlier step on this configuration form.
The set password option mirrors the 'require email verification under administration > configuration > people > account settings, so checking this setting, will uncheck that setting, and vice versa.
LoginToboggan will function after initial configuration for controlling new user registration, but also adds a block to the site structure which can be further customized. You can configure each block at:
Drupal 6: admin >build > block
Drupal 7: administration > structure > block
Configure the 'User login' block for LoginToboggan functionality
Configure 'LoginToboggan logged in block'
Tip: by leaving the title blank, the 'LoginToboggan logged in block' is slim and neat.
Other configuration options for LoginToboggan are available and include the following:
- Delete unvalidated users after
- Display login successful message
- Minimum password length