Closed (fixed)
Project:
Drupal.org security advisory coverage applications
Component:
module
Priority:
Normal
Category:
Task
Assigned:
Reporter:
Created:
13 Feb 2019 at 17:50 UTC
Updated:
17 Mar 2019 at 08:04 UTC
Jump to comment: Most recent
Comments
Comment #2
avpadernoThank you for your contribution! Remember to change status of this issue when the project is ready to be reviewed. The current status is telling the reviewer to wait.
Comment #3
aabramos commentedComment #4
aabramos commentedOh, sorry about that, it's my first time here.
Comment #5
ppaliya commented@aabramos: I was reviewing the code and I found that in .module file the code block of "// Block loading by username." has some indentation issues.
Comment #6
aabramos commented@ppaliya PAReview only passed the tests indented in this weird way. I'll try to make it look better.
Comment #7
aabramos commented@ppaliya @kiamlaluno Corrected the indentation.
Comment #8
laboratory.mikeInteresting module! Concerning functionality, the module works as expected, and alters the user login form to accept email only.
I've tried installing and using it, and here are the issues I have found:
When I tried installing the module, I got the error "Missing required keys (core) in sites/flashpoint.ceriumsoft.com/modules/custom/login_onlyemail/login_onlyemail.info.yml" . Adding "core: 8.x" to the info.yml file fixed it.
Next, it looks like \Drupal::url() is a deprecated function (the PHPStorm editor program highlights function deprecation). This is on Line 40. The updated version, which accomplishes the same, is to add:
After this, I noticed that if someone uses their username, the error message is "Unrecognized username or password. Forgot your password?" This would not indicate that we are using an email-only form. You may want to change this to make it clearer that the person is being denied access because they are not using their email.
Finally, this last observation might not be an issue, but should cases where someone uses a username, and not a password, trigger an entry into the flood table? I tried entering a bad username and correct username with bad password, and these attempts were logged to the flood table, as expected. If a correct username/password should be blocked, but with no addition to the flood table, then the module works as expected.
Comment #9
laboratory.mikeComment #10
aabramos commentedHello @laboratory.mike
Thanks for all your great suggestions! I updated the module to the version 8.x-1.3, so take a look.
Comment #11
alexdmccabeHi @aabramos,
Your pareview is indeed clean (except for a minor complaint about no tests)! I tested it out, and everything seems to be working.
I really like the soft dependency on Markdown that you set up in
login_onlyemail_help(), I tried installing the Markdown module and it appears to work well.I only have a few minor issues:
login_onlyemail_help(), the@inheritdocline is unnecessary - it should:@inheritdoctagSee the documentation for inheritdoc.
login_onlyemail_help(), you usefile_get_contents(dirname(__FILE__) . '/README.md'). You could replace this withfile_get_contents(__DIR__ . '/README.md').Other than that, I think this looks really good!
Comment #12
alexdmccabeComment #13
avpadernoThank you for your contribution! I am going to update your account.
These are some recommended readings to help with excellent maintainership:
You can find more contributors chatting on the IRC #drupal-contribute channel. So, come hang out and stay involved.
Thank you, also, for your patience with the review process.
Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.
I thank all the dedicated reviewers as well.
Comment #14
avpaderno