diff options
| author | Omar Roth <omarroth@hotmail.com> | 2018-10-08 20:09:06 -0500 |
|---|---|---|
| committer | Omar Roth <omarroth@hotmail.com> | 2018-10-08 20:09:06 -0500 |
| commit | e2c15468e021b57b99e53b979dbc05670b8b8aeb (patch) | |
| tree | c8526d82ee8e4858e1ec99a06ea4310697027ae5 | |
| parent | 022427e20e5db73063f668ac78fad8987d3c94fb (diff) | |
| download | invidious-e2c15468e021b57b99e53b979dbc05670b8b8aeb.tar.gz invidious-e2c15468e021b57b99e53b979dbc05670b8b8aeb.tar.bz2 invidious-e2c15468e021b57b99e53b979dbc05670b8b8aeb.zip | |
Make usernames case-insensitive
Diffstat (limited to '')
| -rw-r--r-- | src/invidious.cr | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/invidious.cr b/src/invidious.cr index a6b77c54..a73054fc 100644 --- a/src/invidious.cr +++ b/src/invidious.cr @@ -755,7 +755,7 @@ post "/login" do |env| end if action == "signin" - user = PG_DB.query_one?("SELECT * FROM users WHERE email = $1 AND password IS NOT NULL", email, as: User) + user = PG_DB.query_one?("SELECT * FROM users WHERE LOWER(email) = LOWER($1) AND password IS NOT NULL", email, as: User) if !user error_message = "Invalid username or password" @@ -769,7 +769,7 @@ post "/login" do |env| if Crypto::Bcrypt::Password.new(user.password.not_nil!) == password sid = Base64.urlsafe_encode(Random::Secure.random_bytes(32)) - PG_DB.exec("UPDATE users SET id = id || $1 WHERE email = $2", [sid], email) + PG_DB.exec("UPDATE users SET id = id || $1 WHERE LOWER(email) = LOWER($2)", [sid], email) if Kemal.config.ssl || CONFIG.https_only secure = true @@ -784,7 +784,7 @@ post "/login" do |env| next templated "error" end elsif action == "register" - user = PG_DB.query_one?("SELECT * FROM users WHERE email = $1 AND password IS NOT NULL", email, as: User) + user = PG_DB.query_one?("SELECT * FROM users WHERE LOWER(email) = LOWER($1) AND password IS NOT NULL", email, as: User) if user error_message = "Please sign in" next templated "error" |