I just noticed that the Drupal 6 Yubikey plugin (version 6.x-2.0) conflicts with other plugins used to modify the login procedure. One problem seems to be in how the Yubikey plugin overrides all other validation plugins with its own list of plugins:
Code:
$form['#validate'] = yubikey_login_default_validators();
...
function yubikey_login_default_validators() {
return array('yubikey_login_otp_validate', 'user_login_name_validate', 'yubikey_login_authenticate_validate', 'yubikey_login_final_validate');
}
The above breaks for example LoginToboggan's functionality that lets users login using their email address. If I have the Yubikey module enabled, logging in with an email address doesn't work, probably because LoginToboggan's validation/translation routine is not in the validation chain. If I disable the Yubikey authentication module, logging in with an email address works just fine.
Anyway LoginToboggan (version 6.x-1.10) has a more civilized way of hooking into the validation chain by doing this:
Code:
// Ensure a valid validate array.
$form['#validate'] = is_array($form['#validate']) ? $form['#validate'] : array();
// LT's validation function must run first.
array_unshift($form['#validate'],'logintoboggan_user_login_validate');
So LoginToboggan just prepends its own validation function to the chain, leaving all the rest intact. Also duplicating Drupal user validation code in the Yubikey module functions makes maintenance of the code troublesome, for example user_login_final_validate() vs. yubikey_login_final_validate() seem to be almost the same, but aren't.
I'm not a Drupal coder so can't say how exactly this should be fixed, but something should be done to make the Yubikey module behave better.
Login
FAQ
Search
