Simple login - no need for email

Hello,

Is there a way to implement a login without requiring email? I would like to allow shop floor workers to use their ID numbers (10digit) to login without having to type a password or email.

I was thinking of a workaround with a different table (not the standard user table) as I do not need any special requirements such as access rules.

Best,
Alex

@avralex

I’m not sure it would be best practice in terms of security to bypass the login altogether (unless you just want to make it a public page). A different idea would be to create a table rule that automatically sets the ID for each shop floor worker as the password. This way they can use their email and ID number to login.

Hello Sam,

The idea behind this is that welders for example do not have email addresses and do not need one for their work, typically.

The concerns about security are legit, though we use IP address filtering so that would not be such an issue.
My idea was to use a different type of username (not necessary an email) like you can on most other websites (instagram for ex.). I do not see any increased security difference between using an imaginary email (ex. a@a.com ) which tadabase allows to do and a username with letters, numbers or both.

Please correct me if I`m wrong on this topic as I do not consider myself an expert :grinning: .

Best,
Alex

@avralex I figured out a way to allow the welders to “login” only using their ID but I still don’t think its the best idea. If you are doing IP filtering then maybe just make the pages without security and don’t require ID’s at all? Why do you need them to login? For tracking purposes?

1 Like

Thanks, I will try this during the weekend. Yes, the idea is to limit the user`s access to certain pages and track their activity, etc.

Alex

Update: I tried that and changing the email field to a text field works okay, it was not possible to do that a few months ago.

Thanks,
Alex

@avralex

Now that you saw my answer I removed my above solution since I don’t think its best practice for others to do this. I was thinking about it more and I realize that this would affect other users since they also wouldn’t have the email option for login (think admin etc.). There would probably be other issues with this as well (e.g. resetting passwords if needed for other users).

I think perhaps the best solution would be to just create fake emails for each of them with the format of {id}@company.com and have them login with that and the ID as the password (not something they would forget).

This way you don’t need to make a structural change to the whole login process.

I will comment also that the whole point for the required email and password login is to provide apps with the best possible security (also allows for 2FA, password resets etc). So if there would be a way to stick with that process that would always be best.

Hope it works out for you.

1 Like