Make UID case-insensitive
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
@@ -126,7 +126,7 @@ class OpenIDController extends Controller {
|
||||
return this.fail(res, 'Sorry, something has gone wrong.')
|
||||
}
|
||||
|
||||
return this[name](req, res, { uid, prompt, params, session })
|
||||
return this[name](req, res, { uid: uid.toLowerCase(), prompt, params, session })
|
||||
}
|
||||
|
||||
async consent(req, res, { uid, prompt, params, session }) {
|
||||
|
||||
@@ -71,7 +71,7 @@ class AuthController extends Controller {
|
||||
const user = new User({
|
||||
first_name: req.body.first_name,
|
||||
last_name: req.body.last_name,
|
||||
uid: req.body.uid,
|
||||
uid: req.body.uid.toLowerCase(),
|
||||
email: req.body.email,
|
||||
trap: 'password_reset', // Force user to reset password
|
||||
})
|
||||
@@ -297,7 +297,7 @@ class AuthController extends Controller {
|
||||
.api()
|
||||
|
||||
const user = new User({
|
||||
uid: req.body.uid,
|
||||
uid: req.body.uid.toLowerCase(),
|
||||
email: req.body.email,
|
||||
first_name: req.body.first_name,
|
||||
last_name: req.body.last_name,
|
||||
@@ -417,7 +417,7 @@ class AuthController extends Controller {
|
||||
|
||||
user.first_name = req.body.first_name
|
||||
user.last_name = req.body.last_name
|
||||
user.uid = req.body.uid
|
||||
user.uid = req.body.uid.toLowerCase()
|
||||
user.email = req.body.email
|
||||
|
||||
if ( req.body.tagline )
|
||||
@@ -493,7 +493,7 @@ class AuthController extends Controller {
|
||||
|
||||
if ( is_valid ) {
|
||||
const User = this.models.get('auth:User')
|
||||
const user = await User.findOne({uid: req.body.username})
|
||||
const user = await User.findOne({uid: req.body.username.toLowerCase()})
|
||||
if ( !user || !user.can_login ) is_valid = false
|
||||
}
|
||||
|
||||
@@ -511,7 +511,7 @@ class AuthController extends Controller {
|
||||
const data = {}
|
||||
if ( req.body.username ) {
|
||||
const existing_user = await User.findOne({
|
||||
uid: req.body.username,
|
||||
uid: req.body.username.toLowerCase(),
|
||||
})
|
||||
|
||||
data.username_taken = !!existing_user
|
||||
@@ -544,7 +544,8 @@ class AuthController extends Controller {
|
||||
.message(req.T('auth.unable_to_complete'))
|
||||
.api({ errors })
|
||||
|
||||
const login_args = await flitter.get_login_args(req.body)
|
||||
const [username, ...other_args] = await flitter.get_login_args(req.body)
|
||||
const login_args = [username.toLowerCase(), ...other_args]
|
||||
const user = await flitter.login.apply(flitter, login_args)
|
||||
|
||||
if ( !user )
|
||||
|
||||
@@ -96,7 +96,7 @@ class LDAPController extends Controller {
|
||||
|
||||
// Make sure the uid is free
|
||||
const User = this.models.get('auth:User')
|
||||
const existing_user = await User.findOne({ uid: req.body.uid })
|
||||
const existing_user = await User.findOne({ uid: req.body.uid.toLowerCase() })
|
||||
if ( existing_user )
|
||||
return res.status(400)
|
||||
.message(req.T('api.user_already_exists'))
|
||||
@@ -113,7 +113,7 @@ class LDAPController extends Controller {
|
||||
// Create the client
|
||||
const Client = this.models.get('ldap:Client')
|
||||
const client = await Client.create({
|
||||
uid: req.body.uid,
|
||||
uid: req.body.uid.toLowerCase(),
|
||||
password: req.body.password,
|
||||
name: req.body.name,
|
||||
})
|
||||
@@ -210,16 +210,16 @@ class LDAPController extends Controller {
|
||||
}
|
||||
|
||||
// Update the uid
|
||||
if ( req.body.uid !== user.uid ) {
|
||||
if ( req.body.uid.toLowerCase() !== user.uid ) {
|
||||
// Make sure the UID is free
|
||||
const User = this.models.get('auth:User')
|
||||
const existing_user = await User.findOne({ uid: req.body.uid })
|
||||
const existing_user = await User.findOne({ uid: req.body.uid.toLowerCase() })
|
||||
if ( existing_user )
|
||||
return res.status(400)
|
||||
.message(req.T('api.user_already_exists'))
|
||||
.api()
|
||||
|
||||
user.uid = req.body.uid
|
||||
user.uid = req.body.uid.toLowerCase()
|
||||
}
|
||||
|
||||
// Update the password
|
||||
|
||||
@@ -67,7 +67,7 @@ class SAMLController extends Controller {
|
||||
key: await this.saml.private_key(),
|
||||
protocolBinding: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
|
||||
clearIdPSession: done => {
|
||||
this.output.info(`${req.T('saml.clear_idp_session')} ${req.user.uid}`)
|
||||
this.output.info(`${req.T('saml.clear_idp_session')} ${req.user.uid.toLowerCase()}`)
|
||||
req.saml.participants.clear().then(async () => {
|
||||
if ( this.saml.config().slo.end_coreid_session ) {
|
||||
await req.user.logout(req)
|
||||
|
||||
Reference in New Issue
Block a user