How do I create a login where the user logs in using a USERNAME and password rather than an email? Context: Creating a hub where managers create accounts with usernames and passwords and they login using that. Is this possible?
It’s not possible out of the box, but you can probably set up a workaround. I would guess it opens up to security vulnerabilities though, so I’m not sure I would recommend it.
That’s just my intuitive thoughts, maybe someone else have done it succesfully and proved me wrong. I’ve never attempted it myself.
The issue is the password reset, but you can get round that by creating your own email rather than using the bubble one.
Use a generic email domain and create a random name and attach your username.
The reset then goes to the “admin” email if needed.
Hashing your own passwords is possible.
Passing off to a third party oauth application is another possible.
Hmmm, may just have to stick with the email. Might try and see whether it has to be an email that is entered into the email section and see whether passwords can be changed (but not visible) through an admin panel. That could work.
Have you done this? I’m very interested.
I used a Node package called “Dovehash” …
Which is implemented in webtask.io via the API Connector.
That’s awesome, thanks for the leads. Looks like webtask is no longer accepting new users. Any other serverless FaaS’ you’ve used and could recommend, by chance? I’m just getting my toes wet when it comes to this.
Also, I’ve been messing with a way to add my own “cost” directly in my bubble UX to prevent brute force attacks. Is this something you’ve looked into? I’m thinking every method I’ve tried can be circumvented because I can’t figure out a way to build custom functions without Bubble painting the Element, on load, then hiding it (as opposed to not painting it when it’s shown, as I would expect). I could use your experience, if you could spare some time…
That is annoying !
You could use the Bubble Server Side Plugins ?
Ah yes. That’s new and I haven’t looked at it yet. Time for some reading.