Username / email

[gardiol]

Hi!
why does immich require email as username for login?

in my system i have a few users (user1, user2, user3...) which authenticate with a simple "username" (not an email address) and password. For Immich, i need to have the same username, not a different one (with a fake or real email address).

Would this "email" address as usename be avoided by using OAuth?
Can it be disabled also for normal logins?

Is it possible, in short, to have simple usernames and not emails for login?

[tubbadu]

I agree, there is no need to force the use of an email.

[K4LCIFER]

It feels especially weird for the admin account to require an email. You end up in a situation where you create the admin account with your email, but then you cannot use that email for your personal non-admin account.

[TheGorf]

Came here to ask this exact same question. My instance will never be open to anyone beyond my wife and I. I have zero need for email based usernames. I really just want simple usernames as an option. Email is clunky. Additionally, from a cyber-security perspective it is generally not considered best practice to use PII data as a the identifying component of a user based system.

[Gitonthegrid]

Same here. There is really no need to ask for this. I really don't like accounts with email, and especially self hosted stuff

[samholton]

The email validation rules allow email without top level domain. So you could do something like user@local or user@family or whatever as a work around.

[K4LCIFER]

The fact that that is an option makes the entire situation all the more nonsensical to me.

[mertalev]

This was added via this PR, since it's possible to have emails without a TLD or where the domain is also the TLD.

[gardiol]

I see but it's only a wachy hack since my users are all the form "wife" "son1" and so on, adding "@" still make no sense and will be even more awkward since wife@local impacts the WSF even worse than using her real email.

[gardiol]

To be honest, why don't any of us open a pull request and fix it?

[TheGorf]

Because I know nothing of TypeScript and I'm still trying to make heads or tails of the code.

[mxz94]

I agree, there is no need to force the use of an email.

[gardiol]

Well, it looks like the devs want to use an email, they even went to length of actually testing that an email is provided. So i guess opening a PR would be pointless unless some of the dev team acknowledge this discussion and agrees with all of us.

[schuhbacca]

My guess is that it makes oauth linkage easier.

[schuhbacca]

Actually found this reply in discord:

[gardiol]

I hope they will give users choices one day.

[naworm]

the worse part is that we can't edit the email afterward, wtf ?

[alextran1502]

You can edit the email from the User Settings page from the web

[naworm]

I just saw that. I think there was a situation where I was unable to edit it. My bad.