You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
feat: ability to login with email, username or both (#7086)
`auth.loginWithUsername`:
```ts
auth: {
loginWithUsername: {
allowEmailLogin: true, // default: false
requireEmail: false, // default: false
}
}
```
#### `allowEmailLogin`
This property will allow you to determine if users should be able to
login with either email or username. If set to `false`, the default
value, then users will only be able to login with usernames when using
the `loginWithUsername` property.
#### `requireEmail`
Require that users also provide emails when using usernames.
Copy file name to clipboardExpand all lines: docs/authentication/overview.mdx
+38Lines changed: 38 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -83,12 +83,50 @@ The following options are available:
83
83
|**`disableLocalStrategy`**| Advanced - disable Payload's built-in local auth strategy. Only use this property if you have replaced Payload's auth mechanisms with your own. |
84
84
|**`forgotPassword`**| Customize the way that the `forgotPassword` operation functions. [More details](./email#forgot-password). |
85
85
|**`lockTime`**| Set the time (in milliseconds) that a user should be locked out if they fail authentication more times than `maxLoginAttempts` allows for. |
86
+
|**`loginWithUsername`**| Ability to allow users to login with username/password. [More](/docs/authentication/overview#login-with-username)|
86
87
|**`maxLoginAttempts`**| Only allow a user to attempt logging in X amount of times. Automatically locks out a user from authenticating if this limit is passed. Set to `0` to disable. |
87
88
|**`strategies`**| Advanced - an array of custom authentification strategies to extend this collection's authentication with. [More details](./custom-strategies). |
88
89
|**`tokenExpiration`**| How long (in seconds) to keep the user logged in. JWTs and HTTP-only cookies will both expire at the same time. |
89
90
|**`useAPIKey`**| Payload Authentication provides for API keys to be set on each user within an Authentication-enabled Collection. [More details](./api-keys). |
90
91
|**`verify`**| Set to `true` or pass an object with verification options to require users to verify by email before they are allowed to log into your app. [More details](./email#email-verification). |
91
92
93
+
### Login With Username
94
+
95
+
You can allow users to login with their username instead of their email address by setting the `loginWithUsername` property to `true`.
96
+
97
+
Example:
98
+
99
+
```ts
100
+
{
101
+
slug: 'customers',
102
+
auth: {
103
+
loginWithUsername: true,
104
+
},
105
+
}
106
+
```
107
+
108
+
Or, you can pass an object with additional options:
109
+
110
+
```ts
111
+
{
112
+
slug: 'customers',
113
+
auth: {
114
+
loginWithUsername: {
115
+
allowEmailLogin: true, // default: false
116
+
requireEmail: false, // default: false
117
+
},
118
+
},
119
+
}
120
+
```
121
+
122
+
**`allowEmailLogin`**
123
+
124
+
If set to `true`, users can log in with either their username or email address. If set to `false`, users can only log in with their username.
125
+
126
+
**`requireEmail`**
127
+
128
+
If set to `true`, an email address is required when creating a new user. If set to `false`, email is not required upon creation.
129
+
92
130
## Admin Auto-Login
93
131
94
132
For testing and demo purposes you may want to skip forcing the admin user to login in order to access the [Admin Panel](../admin/overview). Typically, all users should be required to login to access the Admin Panel, however, you can speed up local development time by enabling auto-login.
0 commit comments