On 3/25/22 12:49, Stanisław Findeisen via Mailman-users wrote:

Hi

We are hosting several virtual hosts (mail host : web host is a 1:1 mapping with identical names), works fine, but it looks user accounts are somehow global, i.e. registering a new user in a new virtual host doesn't work if the user name or e-mail address are already in use in another virtual host. This happens on the Hyperkitty sign-up page: /accounts/signup/ , with the errors being "A user is already registered with this e-mail address." and "A user with that username already exists.". I am assuming this is a well-known limitation, which would require a serious internal redesign to fix; correct?

These user registrations and logins are Django things so yes, they are global within the Django instance.

I was able to successfully login in the browser to a vhost using my user credentials from the original vhost (the one where the account was created) (the password was not auto-filled, of course, because of a different domain name). But how safe is this? How about subscribing to lists, posting etc.? Is this going to mess things up somehow?

I don't think it's a problem. The user is a Django user for the web UI. The fact that there is or isn't a Django user with a particular email address has nothing to do with whether that address can post to a list. The user can subscribe to lists or not. The user can manage her subscriptions for lists to which she is subscribed and can subscribe to lists or not as controlled by list settings.

Basically, registering as a user allows you to authenticate as that user for the web UI only.

If you wanted to separate these user registrations by vhost, you'd need to run separate Django instances for each vhost, but I don't see a need to do that.

-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan