Skip to content

Commit 86e299c

Browse files
catarakcatarak
committed
Handle both lowercase and mixedcase username/password
1 parent ba00f7f commit 86e299c

File tree

1 file changed

+8
-8
lines changed

1 file changed

+8
-8
lines changed

server/controllers/user.controller.js

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -39,15 +39,15 @@ export function findUserByUsername(username, cb) {
3939
}
4040

4141
export function createUser(req, res, next) {
42-
let { username, email } = req.body;
42+
const { username, email } = req.body;
4343
const { password } = req.body;
44-
username = username.toLowerCase();
45-
email = email.toLowerCase();
44+
const usernameLowerCase = username.toLowerCase();
45+
const emailLowerCase = email.toLowerCase();
4646
const EMAIL_VERIFY_TOKEN_EXPIRY_TIME = Date.now() + (3600000 * 24); // 24 hours
4747
random((tokenError, token) => {
4848
const user = new User({
49-
username,
50-
email,
49+
username: usernameLowerCase,
50+
email: emailLowerCase,
5151
password,
5252
verified: User.EmailConfirmation.Sent,
5353
verifiedToken: token,
@@ -57,8 +57,8 @@ export function createUser(req, res, next) {
5757
User.findOne(
5858
{
5959
$or: [
60-
{ email },
61-
{ username }
60+
{ email: { $in: [ email, emailLowerCase ]} },
61+
{ username: { $in: [ username, usernameLowerCase ]} }
6262
]
6363
},
6464
(err, existingUser) => {
@@ -68,7 +68,7 @@ export function createUser(req, res, next) {
6868
}
6969

7070
if (existingUser) {
71-
const fieldInUse = existingUser.email === email ? 'Email' : 'Username';
71+
const fieldInUse = existingUser.email.toLowerCase() === emailLowerCase ? 'Email' : 'Username';
7272
res.status(422).send({ error: `${fieldInUse} is in use` });
7373
return;
7474
}

0 commit comments

Comments
 (0)