Drupal 8 and 9 version of Logintoboggan

I'm interested in a Drupal 8 version as well and I may be able to help with the development in a couple of months. I say "maybe" because I just started with learning the Drupal 8 API's.

Our team began developing a module for D8.

@RomiOS-ID
Great! (If you meant with "a module" a D8 version of logintoboggan ;).)
Can you share the progress on the development so others have a chance to jump in or is it yet in a very experimental/exploring state ?

Right now our team is working on the module. Soon first patch will be posted.

I've also started working on this with md2 but we haven't started a branch as yet. Happy to look at a patch. Our intention is to re-work the admin interface in line with the responsive requirements for D8.

Our intention is to re-work the admin interface

@stevecowie
Do you already have developed mock-ups or rough sketches for that?

Here is the first patch which implements the configuration page and pages for user validation. We want to continue development of version for Drupal 8. Can you please add me and ipo4ka704 (our team) as a (co-)maintainers?

That's a big patch! At first glance, it looks well on it's way. I review just some parts of it that I had noticed.

1. +++ b/logintoboggan.info.yml
   @@ -0,0 +1,6 @@
   +version: VERSION
   

   For modules hosted on drupal.org, the version number will be filled in by the packaging script, you should not specify it manually.

   See https://drupal.org/node/2000204

2. +++ b/logintoboggan.info.yml
   @@ -0,0 +1,6 @@
   +configure: logintoboggan.config
   

   It looks like this should be configure: logintobogganform.settings according to the logintoboggan.routing.yml file.

3. +++ b/logintoboggan.module
   @@ -559,12 +559,6 @@ function logintoboggan_user_login_validate($form, &$form_state) {
   -  }
   ...
   -  //Check to see whether our username matches any email address currently in the system.
   -  if($mail = db_query("SELECT mail FROM {users} WHERE LOWER(:name) = LOWER(mail)", array(
   -  ':name' => $form_state['values']['name'],
   -  ))->fetchField()) {
   -    form_set_error('name', t('This e-mail has already been taken by another user.'));
   

   I'm not sure why you deleted this.

4. Although the configuration form looks exactly like the Drupal 7 version, it would be better to update the form to the Drupal user interface standards.

   If dual radiobuttons can be described in terms of true/false or enable/disable, use a stand-alone checkbox instead

   See https://drupal.org/node/387532

We made ​​changes to the patch according to your requests.
We want to continue development of version for Drupal 8. Can you please add me and RomiOS-ID (@InternetDevels team)as a (co-) maintainers?

Since there is a patch available, can this be made as D8 dev release or are there other plans for this module for D8? Thanks!

+1 to a dev release :)

We're working on it, particularly md2, at the moment. We're aiming to get something launched by early March.

+1 to create a dev branch. It's imposible open bugs and debug all code. Please, create the dev branch and we can start to work propertly. Thanks!

We'll target next week to make a dev version available.

Great! Thanks! When it be done I will install it and test it properly, I want to use for a live product asap. :)

Thanks for your work! Here are couple of points that are needed to be addressed

1. +++ b/config/logintoboggan.settings.yml
   @@ -0,0 +1,10 @@
   +unified_login: false
   +pre_auth_role: 2
   +redirect_on_confirm: false
   +override_destination_parameter: true
   +login_successful_message: false
   +minimum_password_length: false
   +login_with_email: false
   +confirm_email_at_registration: false
   +purge_unvalidated_user_interval: false
   +immediate_login_on_register: true
   

   Define the schema/metadata of the config.

2. +++ b/lib/Drupal/logintoboggan/Access/LogintobogganReValidateAccess.php
   @@ -0,0 +1,36 @@
   +/**
   + * @file
   + * Contains \Drupal\logintoboggan\Access\LogintobogganReValidateAccess.
   + */
   

   Not needed.Remove it.

3. +++ b/lib/Drupal/logintoboggan/Access/LogintobogganValidateAccess.php
   @@ -0,0 +1,33 @@
   +/**
   + * @file
   + * Contains \Drupal\logintoboggan\Access\LogintobogganValidateAccess.
   + */
   

   Not needed.Remove it.

4. +++ b/lib/Drupal/logintoboggan/Controller/LogintobogganController.php
   @@ -0,0 +1,154 @@
   +    $cur_account = \Drupal::currentUser();
   

   Inject the AccountInterface instead of static function call.

5. +++ b/lib/Drupal/logintoboggan/Controller/LogintobogganController.php
   @@ -0,0 +1,154 @@
   +    $pre_auth = !\Drupal::config('user.settings')->get('verify_mail')
   

   Inject the config factory.

6. +++ b/lib/Drupal/logintoboggan/Controller/LogintobogganController.php
   @@ -0,0 +1,154 @@
   +            drupal_set_message(t('Your account is currently blocked -- login cancelled.'), 'error');
   

   inject the transleration service as well.

7. +++ b/lib/Drupal/logintoboggan/Controller/LogintobogganController.php
   @@ -0,0 +1,154 @@
   +          return new RedirectResponse(\Drupal::url('user.edit', array('user' => $user)));
   

   use Url helper class instead of it.

8. +++ b/lib/Drupal/logintoboggan/Controller/LogintobogganController.php
   @@ -0,0 +1,154 @@
   +      $message = t("Sorry, you can only use your validation link once for security reasons.");
   

   use single quotes here instead of double quotes.

9. +++ b/lib/Drupal/logintoboggan/Controller/LogintobogganController.php
   @@ -0,0 +1,154 @@
   +      return new RedirectResponse(\Drupal::url($goto));
   

   same as above. use Drupal\Core\Url

10. +++ b/lib/Drupal/logintoboggan/Controller/LogintobogganController.php
    @@ -0,0 +1,154 @@
    +    $account = user_load($user);
    

    use Drupal\user\Entity\User::load()

11. +++ b/lib/Drupal/logintoboggan/Controller/LogintobogganController.php
    @@ -0,0 +1,154 @@
    +      drupal_set_message(t("A validation e-mail has been sent to the user's e-mail address."));
    

    use single quotes instead of double quotes.

12. +++ b/lib/Drupal/logintoboggan/Controller/LogintobogganController.php
    @@ -0,0 +1,154 @@
    +    $account = \Drupal::currentUser();
    

    inject the Current Account service

13. +++ b/lib/Drupal/logintoboggan/Form/LogintobogganSettingsForm.php
    @@ -0,0 +1,226 @@
    +/**
    + * @file
    + * Contains \Drupal\logintoboggan\Form\LogintobogganSettingsForm.
    + */
    

    Not needed.

14. +++ b/lib/Drupal/logintoboggan/Form/LogintobogganSettingsForm.php
    @@ -0,0 +1,226 @@
    +// protected $roleStorage;
    +//   public function __construct(ModuleHandlerInterface $module_handler, RoleStorageControllerInterface $role_storage) {
    +//     $this->moduleHandler = $module_handler;
    +//     $this->roleStorage = $role_storage;
    +//   }
    

    Why commented code ?

15. +++ b/lib/Drupal/logintoboggan/Form/LogintobogganSettingsForm.php
    @@ -0,0 +1,226 @@
    +  /**
    +   * Gets the roles to display in this form.
    +   *
    +   * @return \Drupal\user\RoleInterface[]
    +   *   An array of role objects.
    +   */
    

    is it needed ? I think no

16. +++ b/lib/Drupal/logintoboggan/Form/LogintobogganSettingsForm.php
    @@ -0,0 +1,226 @@
    +  $config = $this->configFactory->get('logintoboggan.settings');
    

    don't call the parent trait function .directly use the $this->config(logintoboggan.settings)

17. +++ b/lib/Drupal/logintoboggan/Form/LogintobogganSettingsForm.php
    @@ -0,0 +1,226 @@
    +    $help_text =  $this->t(" More help in writing the e-mail message can be found at <a href=\"!help\">LoginToboggan help</a>.", array('!help' => url('admin/help/logintoboggan')));
    

    Replace the url function with \Drupal\Core\Url function

18. +++ b/logintoboggan.module
    @@ -668,44 +667,28 @@ function logintoboggan_menu() {
    +   $items['admin/config/system/logintoboggan'] = array(
    

    Move this to logintoboggan.routing file.

19. +++ b/logintoboggan.module
    @@ -668,44 +667,28 @@ function logintoboggan_menu() {
    +  $items['user/validate/%user/%/%/%'] = array(
    

    Move this to logintoboggan.routing file.

20. +++ b/logintoboggan.module
    @@ -1022,35 +956,25 @@ function _logintoboggan_process_validation($account) {
    +  return \Drupal::url('user.edit', array('user' => $account->id()));
    

    use \Drupal\Core\Url

21. +++ b/logintoboggan.module
    @@ -1022,35 +956,25 @@ function _logintoboggan_process_validation($account) {
    +  return url('user/validate/' . $account->id() . '/' . REQUEST_TIME . '/' . logintoboggan_eml_rehash($account->getPassword(), REQUEST_TIME, $account->getEmail()), $url_options);
    

    use \Drupal\Core\Url

Moved to 8.x-1.x-dev branch.

I'm currently developing logintoboggan for D8. There are a lot of fixes on the code which I downloaded early November 2016. I'll post a patch when we go live or if someone wants to add me to the maintainers that might be better.

Github repo is here: https://github.com/NewZeal/logintoboggan

For the user's email verification feature, the email_confirmer module might be useful. It makes the hard work for any other module that needs email address confirmation as is the case with LoginToboggan.

Is there any update on the D8 version?

Clearly not much progress has been made upgrading logintoboggan to Drupal 8. This is just an alert that there is a repo for a logintoboggan upgrade here: https://github.com/NewZeal/logintoboggan if people would like to download and submit patches.

This module is currently on a production site, but not all features of logintoboggan have been upgraded and in the current implementation, some registration functions may be missing.

I'm finally back on the case and have made numerous updates to the logintoboggan.module. The settings form had various problems due to changes in how forms get built and urls get handled.

@Setvecowie, @New Zeal
could you please share your updates as patches so we all can benefit from your changes?

We will do. We're hoping that by the end of next week we'll have made sufficient progress on our local branch to get patches published for the existing codebase. Keep chasing us!

Attached is a patch of the module I have been using against the latest download.

@New Zeal @SteveCowie and @md2,

I am looking through the issue queue and am a little confused as to where I am supposed to go and post issues and test patches.

Do we have a workable Dev Branch for 8.x?

Also if the work is being done on GitHub can you set it up to mirror GitHub?

Then maybe update the main page to give users an idea of where or what they are supposed to do. Would be extremely grateful :)

Here is an example of how some projects are doing it: https://www.drupal.org/project/rules or https://www.drupal.org/project/rng

@New Zeal: Is your patch functional?

Overall: do we have any movement here, on what is very basic functionality?

So sad that this module is now unusable for the latest version of Drupal (v8) and that the development is so scattered and disorganized. This used to be my go-to module for sign-up and user login experience. I wish I had time to contribute on the development, but can't right now. I do suggest that perhaps just providing a better roadmap and organization of your D8 dev efforts might help others figure out what's going on.

Super Login module may do what you need.

Super Login does look good @Liam Morland. What I'm needing from Logintoboggan more than anything at this moment is the setting which allows you to show the login / register form on access denied pages. Is there another way to do this now using Drupal 8 core?

@vaccinemedia
I have not tried that module myself for Drupal 8, but the module "Redirect 403 to User Login" should show at least a login form on access denied pages (when not logged in). Not sure which module would provide a combined user/register form.

With no modules at all, go to admin/config/system/site-information and set "Default 403 (access denied) page" to "/user/login".

@Liam Morland
Good suggestion. Just tried that and it works also for logged in users (who will get the default access denied page). So works great if you don't need a customized access denied page for logged in users. Do note that if you use CSS based on a class on the body tag to markup the login page, the login page may look different. If - as not logged user - I go to /admin/config, the login page will be shown, but the body tag will say something like this:
<body class="layout-one-sidebar layout-sidebar-first path-admin">

Has anyone made any progress or is this a lost cause?

I'm just looking for the immediate login with an unvalidated role functionality of LT. I cant seem to find any alternate solutions.
any suggestions?

I'm halfway to solving this one. It's not that hard assigning a role to a user on immediate registration. But what seems to be impossible as far as I can tell is removing the authenticated user role as LT does in Drupal 7. That role is no longer a database entry that can be deleted and seems to be hard-baked into core. As a result, the only alternative I've been able to come up with so far is a model where you pare down the permissions of authenticated user to a minimum, and then have a new role called 'trusted user' and you treat that like authenticated user. My reservation about that is that quite a lot of contrib tends to assume that authenticated user can be safely assigned permissions so there are risks with the trusted user approach. btw, I've been very slack pushing dev updates but have set aside time in February to work on the module intensively. There should therefore be a substantial update within the next few weeks.

For Drupal 8 as alternative we can use https://www.drupal.org/project/r4032login module together with https://www.drupal.org/project/email_registration

thanks for the update @stevecowie I had considered that approach also but had the same reservations.
I will wait to see what you come up with.
Thanks for all the work on this module!

@Murz that still doesn't solve the immediate login / pre-authenticated role issue

Hi @SteveCowie - how did your work in February (2020) go?

Still working on it. Got seriously distracted by virus stuff. I'll try to get something pushed in the next two weeks.

A fully reworked version is now in up, and I'd appreciate help with testing it. There's more information on the status of the 8.x-1.x here: #2605570: [logintoboggan] LoginToboggan but the short version is I believe all module functionality is working with D8 core.

@stevecowie where can I download this? I don't see it on the project page.

Never mind, I found it.

Just wanted to say that I have been using this for the past few months and have not encountered any issues. Thanks.

I think you should put a dev release on the project page so others know there is something to test. It's not apparent that there is a working d8 version.

Good point. There is now a link to the dev code on the project page.

Can this be installed on Drupal 9 sites as well?

Would be nice to have at least not recommended version available to download via composer for both Drupal 8 and 9. Currently, lots of my customers are hesitating to upgrade from 6 and 7 at all, because they are waiting for 9.

Seems the Dev version does not work with Drupal 9. Composer says it requires Drupal 8.

Any patch or update to make this work with Drupal 9?

Thanks.

There is a D8 version in the code repository. See also #3181064: Drupal 9 compatibility.

Do the Drupal 8 version has all the features like before? I used this module for every site I built with D7, currently working on my first D8 site and want to make sure that I can use this module.

Definitely some issues needs to be dealt with with Drupal 9.3.x

For a clean install I resorted adding a custom repository in composer with a patched version

"repositories": [
        {
            "type": "package",
            "package": {
                "name": "drupal/logintoboggan",
                "type": "drupal-module",
                "version": "master",
                "source": {
                "type": "git",
                "url": "ssh://XXXXXXXXXXXXXXXXXXXXXX",
                "reference": "master"
                }
            }
        },
        {....

Though update manager now throws an error with

  public static function createFromVersionString(string $version_string): ExtensionVersion {

as it's expecting a full fledged version...

I'm not sure but I believe simply making a new release should solve.
Any mantainer here?

Try specifying the version as: dev-8.x-1.x

master is pointing to a 7.x tag.

@Liam!
Your solution worked for the above problem.
Didn't think it mattered being downloaded from a private repository (that's why I just left it as master)
So, changed the version at the repository key, required that with composer, started a manual check and no more error!
:) :) :)
Thanks!
But...
I still think a proper release would be appropriate.

One thing I don't understand. How does it come that the usage report shows only some 50ish people using the 8.x version...?

Any plans on a stable release of this module for D8/9?

Bumping this once again. Any active contributors on this module at the time of writing?

It is a very useful module. Is there going to be a stable Drupal 9 release ?

@KlemenDEV
@pappis
Instead of LoginToboggan, I'm now using the modules Login Destination, Email Registration and a custom module for my login use cases. The custom module only takes care of keeping track which page you last visited before login, in order to redirect the user to that page after login.
I no longer needed a login form on access denied pages (I have a search form there instead) and I also no longer needed the "unverified" role, as it appeared that was confusing for some users.

@MegaChriz
I mainly am interested in the following:

Allow user to register with email only AND
fill the password at register screen AND
have email verification for new users enabled

Is there a D9 module that does that ?
Cheers.

@pappis
With Email Registration you can hide the username field on the user register and user edit form.
Technically the username still exists and can still be used for logging in, but the user doesn't see an input field for it in the UI (admins do see them). Extra steps are required to hide the username in other places as well, but with the module Realname you will have most of these places covered. Email Registration autogenerates the username. Usernames will then be something like email_registration_123456.

Allow users to provide a password AND have email verification is not provided by Email Registration. It is one or the other.
I see that there does exist a module that displays two mail address fields on the user register form (that both need to contain the same value): Registration Confirm Email Address. That could make the chance that an user accidentally enters a wrong mail address a bit smaller (but not guarantee it). I haven't tried that module.

@MegaChriz
Thanks for the info. I am already using Email Registration and it is great.

Fill the password at register screen AND
have email verification for new users enabled.

This one is described in this Feature request Allow password on registration without disabling e-mail verification. Apparently it is on going since 2007 :|

Yep, it is really strange this issue for registration with passwords is going on since 2007 and no the only contrib module just got shut down without any announcements.

Sometimes I get vibes Drupal as a whole is slowly stopping :|

@KlemenDEV
Drupal has decreased somewhat in popularity, I think this is partly because the jump from Drupal 7 to Drupal 8 (and beyond) is very big. And perhaps because other new systems have come up that grow in popularity because they are shiny and new.

I think that you shouldn't be too surprised that issue is open for so long. On drupal.org there are more than 1 million issues in total and about 300 000 issues still open. With such big numbers there almost has to be a lot of open issues that are older than a decade. And since LoginToboggan has served well in D7, there was less reason for most people to get that core issue fixed. Because why trying to fix something in core if you can get the solution right away in a contrib module?