fix: workaround for email only registration/login

[kenjis]

Fixes #224

[MGatner]

Comment is optional, workaround looks good.

[datamweb]

@kenjis It seems that changes to file NothingPersonalValidator.php should be applied to this PR.

shield/src/Authentication/Passwords/NothingPersonalValidator.php

Lines 15 to 20 in 00023ee

	/**
	* Returns true if $password contains no part of the username
	* or the user's email. Otherwise, it returns false.
	* If true is returned the password will be passed to next validator.
	* If false is returned the validation process will be immediately stopped.
	*/

[kenjis]

@datamweb What do you mean?
NothingPersonalValidator is enabled by default, and I did not see any errors.

By the way, the file has functions staring with \.

shield/src/Authentication/Passwords/NothingPersonalValidator.php

Line 23 in 00023ee

$password = \strtolower($password);

[datamweb]

What do you mean?

@kenjis I have such an error!! and I used the following code in 55 and 163 to fix it.

         if(is_null($user->username)){
             return true;
         }

[kenjis]

@datamweb Oh, thanks! I'm using PHP 8.0, so I did not notice.

[kenjis]

@datamweb Fixed the error. Is this okay?

[datamweb]

Is this okay?

@kenjis is okay.
Just for user friendliness, it's not better to make changes in

shield/src/Collectors/Auth.php

Line 74 in 00023ee

$html .= "<tr><td>Username</td><td>{$user->username}</td></tr>";

create?

[kenjis]

If the username is null, the toolbar output will be blank.
I'm okay with it.

[datamweb]

Thanks @kenjis.

[MGatner]

Should we anticipate users trying to work without emails?

Suggested change

	$email = strtolower($user->email);
	$email = strtolower($user->email ?? '');

[kenjis]

It is out of scope of this PR.

The current implementation requires email. If we support users without email, I guess more to work.