fe_users.email should be unique if "forgot password" is used in fe_login
The email attribute of fe_users is used to identify the tuple, so it should be unique.
ALTER TABLE fe_users ADD unique (email);
(issue imported from #M10728)
Updated by Jigal van Hemert over 5 years ago
Because it's possible to have several websites in a single installation we can't use the db (within DBAL limitations) to enforce the uniqueness.
In the username property the TCA is already configured to only allow unique username in a folder.
So, instead of changing the db configuration, I'd change the TCA configuration.
Updated by Daniel Goerz 10 months ago
- Status changed from New to Closed
Hi. In v10 the password recovery functionality has been changed to identify the user by the hash and no longer by email. However, this change will not be backported to v9 because it was part of a larger refactoring. Therefore I am closing this issue now.