I've had a requirement in that we need to have unique members across a multi-site Umbraco instance of two sites. There is a strong chance that members will want to sign up to both sites independently - which will require we support the same emails.
In Umbraco 8 I can see that this was overridable by using the web.config setting requireUniqueEmail=false.
In Umbraco 9, It feels like this wont be possible as the MemberController PostSave method is decorated with MemberSaveValidationAttribute which does not allow for this, nor take into account the ASP Core Identity configuration for it:
Does anyone have any ideas how we could achieve this?
Thanks,
Edit 1:
Looks like the Umbraco installation sets its own defaults for the IdentityOptions, but overriding AFTER the configure Umbraco in Startup.cs works to disable the require setting to false (RequireUniqueEmail) - however this then falls back to the back-office requiring the use of the mandated validation via MemberSaveValidationAttribute - any way to disable this?
Looking at this myself rn having upgraded a v7 site to v10 recently and spotted the same issue.
Just knocked up an interceptor to prefix the email address with an underscore which circumvents the duplicate email validation:
angular.module("umbraco.services").config(["$httpProvider", function ($httpProvider) {
$httpProvider.interceptors.push(function ($q) {
return {
'request': function (request) {
if (request.url.startsWith('/umbraco/backoffice/umbracoapi/member/PostSave')) {
request.data.value.email = '_' + request.data.value.email;
}
return request || $q.when(request);
}
};
});
}]);
The underscore then gets trimmed off in a member saving notification handler:
using Umbraco.Cms.Core.Events;
using Umbraco.Cms.Core.Notifications;
public class MemberSavingNotificationHandler : INotificationHandler<MemberSavingNotification>
{
private readonly HttpContext httpContext;
public MemberSavingNotificationHandler(IHttpContextAccessor httpContextAccessor)
=> this.httpContext = httpContextAccessor.GetRequiredHttpContext();
public void Handle(MemberSavingNotification notification)
{
if (this.httpContext?.Request.Path.ToString() is not string url || !url.StartsWith("/umbraco", StringComparison.OrdinalIgnoreCase))
{
return;
}
foreach (var member in notification.SavedEntities)
{
member.Email = member.Email.TrimStart("_");
}
}
}
You'll need to be careful if you are checking if the email is dirty as now it always will be; you'd need to load the old version and compare old email vs new.
Not tested this thoroughly yet or stopped to ponder side effects so use at your own risk!
Umbraco 9 - How to not require unique emails and logins in membership?
Hi all,
I've had a requirement in that we need to have unique members across a multi-site Umbraco instance of two sites. There is a strong chance that members will want to sign up to both sites independently - which will require we support the same emails.
In Umbraco 8 I can see that this was overridable by using the web.config setting requireUniqueEmail=false.
In Umbraco 9, It feels like this wont be possible as the MemberController PostSave method is decorated with MemberSaveValidationAttribute which does not allow for this, nor take into account the ASP Core Identity configuration for it:
The only configuration options now baked in appear to be: https://our.umbraco.com/documentation/Reference/V9-Config/SecuritySettings/#user-password-settings
In this example, semi-unrelated, I cant see any extension points that would help: https://24days.in/umbraco-cms/2021/authenticating-members-with-discord/
This appears to be a very Umbraco 8 only idea: https://our.umbraco.com/forum/using-umbraco-and-getting-started/99783-custom-membership-provider-in-umbraco-8
Does anyone have any ideas how we could achieve this?
Thanks,
Edit 1:
Looks like the Umbraco installation sets its own defaults for the IdentityOptions, but overriding AFTER the configure Umbraco in Startup.cs works to disable the require setting to false (RequireUniqueEmail) - however this then falls back to the back-office requiring the use of the mandated validation via MemberSaveValidationAttribute - any way to disable this?
https://github.com/umbraco/Umbraco-CMS/blob/5bfab13dc5a268714aad2426a2b68ab5561a6407/src/Umbraco.Web.Common/Security/ConfigureMemberIdentityOptions.cs
Hi Matt, I have the same requirements, did you find a solution ?
Thank you
This is still a problem in v10. Has anyone found a reasonable workaround for this issue?
Looking at this myself rn having upgraded a v7 site to v10 recently and spotted the same issue.
Just knocked up an interceptor to prefix the email address with an underscore which circumvents the duplicate email validation:
The underscore then gets trimmed off in a member saving notification handler:
You'll need to be careful if you are checking if the email is dirty as now it always will be; you'd need to load the old version and compare old email vs new.
Not tested this thoroughly yet or stopped to ponder side effects so use at your own risk!
is working on a reply...