Fixes local user setup to perform case-insensitive verification of existing usernames / emails (#1658)

This commit is contained in:
Matt Scott 2023-11-24 08:07:20 -05:00 committed by GitHub
commit 5147d72999
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 3 deletions

View File

@ -408,12 +408,12 @@ class User(db.Model):
Create local user witch stores username / password in the DB Create local user witch stores username / password in the DB
""" """
# check if username existed # check if username existed
user = User.query.filter(User.username == self.username).first() user = User.query.filter(User.username.lower() == self.username.lower()).first()
if user: if user:
return {'status': False, 'msg': 'Username is already in use'} return {'status': False, 'msg': 'Username is already in use'}
# check if email existed # check if email existed
user = User.query.filter(User.email == self.email).first() user = User.query.filter(User.email.lower() == self.email.lower()).first()
if user: if user:
return {'status': False, 'msg': 'Email address is already in use'} return {'status': False, 'msg': 'Email address is already in use'}

View File

@ -258,7 +258,7 @@ def login():
result = user.create_local_user() result = user.create_local_user()
if not result['status']: if not result['status']:
current_app.logger.warning('Unable to create ' + azure_username) current_app.logger.warning('Unable to create ' + azure_username + ' Reasoning: ' + result['msg'])
session.pop('azure_token', None) session.pop('azure_token', None)
# note: a redirect to login results in an endless loop, so render the login page instead # note: a redirect to login results in an endless loop, so render the login page instead
return render_template('login.html', return render_template('login.html',