accounts-password should not be case sensitive

[acemtp]

If a guy register with test@test.Com then he cannot log in with test@test.com but I think it should since the email are not case sensitive.

[athiwatc]

I agree with this,
Email shouldn't be case sensitive.
Username, we should be able to choose this ourself.
Password, should be case sensitive.

[drorm]

No,
http://en.wikipedia.org/wiki/Email_address
The local part of an address (before the @ sign) is case-sensitive (with the exception of postmaster@example.com). The domain part (after the @ sign) is not case-sensitive.

[athiwatc]

@drorm good point, but the case that @acemtp gives is after the @ part.
(I didn't know this requirement before in my case)

[gschmidt]

Good catch. It definitely seems to make sense to treat the hostname in email addresses as case insensitive for the purposes of address uniqueness. Doing this correctly in general (unicode/IDNA) is quite complicated, but to start with we could handle the common case of ASCII domains.

I don't think that we should try to normalize/casefold the part before the '@' because different mail hosts handle this in different ways. Some could be case sensitive as @drorm points out. But also, some hosts also disregard periods or suffixes that start with '+' -- there's no way to know a given host's policy, so there is always the chance that a user could do multiple registrations (or enter an address in a form that we can't canonicalize.)

We would take a pull request for this (especially if it is done in a clean way rather than as a hack.) Otherwise I've added it to core team fix list and we will get to it eventually, though it might be a while.

[nate-strauser]

solution i came up with:

Accounts.createUser({username:email.toLowerCase(), email:email});

then when logging in
Meteor.loginWithPassword(email.toLowerCase(), password, ...

stores the lowercase email as the username, since the login method accepts username or email this works quite well

this does force the case insensitive email to be system unique, but that wasnt a concern for me

[SachaG]

From a usability point of view, I don't think any part of the email should be case sensitive.

A lot of mobile devices automatically capitalize the first letter of any text input, meaning people unwittingly sign up with a different email address than the one they intended to use, and can't manage to log in afterwards.

We already received quite a few support emails related to this for Discover Meteor.

[brandonjschwartz]

I released a package that makes usernames case insensitive located here: https://atmosphere.meteor.com/package/insensitive-login

I left email addresses alone for the reasons mentioned above, but needed case insensitive usernames for my application.

Curious about any issues...this is my first smart package and first OSS package to the community in general.

[BretFisher]

like @SachaG I'm having the same issue on v0.6.5 with Ipad users who end up with automatic first-letter-of-email capitalized, and I agree that convention of every-site-I-know-of is that case is insensitive for email, regardless of spec. A fix in core would be awesome, but will try @nate-strauser workaround in meantime. BTW I don't use accounts-ui but do use accounts-password.

[LDubya]

Kind of a hack, but if you're using accounts-password and doing your own input validation, you can do your own case-desensitizing before adding a new user or attempting to log a user in. For example make the submitted email address all lowercase?

[mitar]

The correct thing would be to be case preserving, but case sensitive. This includes usernames as well.

[queso]

@LDubya your hack wouldn't work well for sites like Github because people are particular about their username and how it is displayed.

I agree that toLowerCase() works well for email at least, but I am unsure of the best way to handle this for usernames.

[jastax]

I'd also really like to have this handled differently... it's pretty annoying for iPad users.