Authentication Methods

In the Users module, the admin can select the authentication method(s) to which the admin would like to allow their users access. Simply check the box next to the methods to make them available to users. It is not recommended to provide many options to users. While theoretically allowing many is possible, it is not good design for a site and could confuse your users, causing them to register multiple accounts with different services. In addition, if an email address is registered with one authentication method, the same email address cannot register with a different authentication method (this is a change in Core-3.0).

Zikula comes standard with the ZikulaZAuthModule which provides three methods:

NATIVE_UNAME (default)

This method requires that the uname (user name) selected by the registering user be unique. However, the email address input by the registering user is NOT required to be unique when compared to other users registering with ZAuth. When logging in, users are presented with a form requiring their uname and password.

NATIVE_EMAIL

This method requires that both the uname and email values be unique when compared to other users registering with ZAuth. When logging in, users are presented with a form requiring their email and password.

NATIVE_EITHER

This method requires that both the uname and email values be unique when compared to other users registering with ZAuth. When logging in, users are presented with a form requiring either their uname or email and password. The login form detects the type of value in the first field and authenticates as needed from that info.

Password security note

Core-3.0 introduces a new and very much improved security layer for user passwords. Relying on Symfony and the password encryption improvements made in PHP 7, Zikula now automatically upgrades users to the best encryption available on the server. This is checked and improved on every login.

Additional Methods

Additional methods may be listed if other extensions supporting AuthenticationMethodInterface are installed and configured properly. Zikula provides the ZikulaOAuthModule which implements authentication via Facebook, Github, Google, LinkedIn or Instagram. Other third party extensions may provide more. For developer information on creating a new authentication method, see AuthenticationMethodInterface.md