Skip to content
This repository has been archived by the owner on Dec 1, 2017. It is now read-only.

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge pull request #1 from benadida/master
lowercasing the username
  • Loading branch information
lloyd committed Feb 8, 2012
2 parents c2f3754 + 98ba67b commit 4173660
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 8 deletions.
4 changes: 2 additions & 2 deletions lib/db.js
Expand Up @@ -45,13 +45,13 @@ exports.connect = function(cb) {

exports.getAuth = function(user, cb) {
client.query(
'SELECT hash FROM user WHERE who = ?', [ user ], function (err, r) {
'SELECT hash FROM user WHERE who = ?', [ user.toLowerCase() ], function (err, r) {
if (err) return cb();
cb((r && r.length == 1) ? r[0].hash : null);
});
};

exports.addUser = function(user, hash, cb) {
// add that user!
client.query('INSERT INTO user(who, hash) VALUES(?,?)', [user, hash], cb);
client.query('INSERT INTO user(who, hash) VALUES(?,?)', [user.toLowerCase(), hash], cb);
};
12 changes: 7 additions & 5 deletions lib/wsapi.js
Expand Up @@ -30,10 +30,12 @@ exports.register = function(app) {
return res.end();
}

db.getAuth(req.body.user, function(hash) {
var normalizedUser = req.body.user.toLowerCase();

db.getAuth(normalizedUser, function(hash) {
if (hash) {
bcrypt.compare(req.body.pass, hash, function(err, r) {
if (r) req.session.user = req.body.user;
if (r) req.session.user = normalizedUser;
res.writeHead(!r ? 401 : 200);
res.end();
});
Expand All @@ -43,8 +45,8 @@ exports.register = function(app) {
if (err) return cb(err);
bcrypt.hash(req.body.pass, salt, function(err, hash) {
if (err) return cb(err);
db.addUser(req.body.user, hash, function(err) {
if (!err) req.session.user = req.body.user;
db.addUser(normalizedUser, hash, function(err) {
if (!err) req.session.user = normalizedUser;
res.writeHead(err ? 401 : 200);
res.end();
});
Expand All @@ -60,7 +62,7 @@ exports.register = function(app) {
return res.end();
}

db.getAuth(req.query.user, function(hash) {
db.getAuth(req.query.user.toLowerCase(), function(hash) {
res.json({ known: !!hash });
});
});
Expand Down
2 changes: 1 addition & 1 deletion static/js/main.js
Expand Up @@ -40,7 +40,7 @@ $(document).ready(function() {
$("#signup div.error").hide();
$("form button").attr('disabled', true);

var uname = $.trim($("form #username").val());
var uname = $.trim($("form #username").val().toLowerCase());
var pass = $.trim($("form #password").val());
if (!uname.length) return showError("please supply a username");
if (pass.length < 6) return showError("password is too short");
Expand Down

0 comments on commit 4173660

Please sign in to comment.