Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

lowercasing the username #1

Merged
merged 1 commit into from

2 participants

@benadida

No description provided.

@lloyd lloyd merged commit 4173660 into mozilla:master
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Feb 3, 2012
  1. @benadida
This page is out of date. Refresh to see the latest.
Showing with 10 additions and 8 deletions.
  1. +2 −2 lib/db.js
  2. +7 −5 lib/wsapi.js
  3. +1 −1  static/js/main.js
View
4 lib/db.js
@@ -45,7 +45,7 @@ exports.connect = function(cb) {
exports.getAuth = function(user, cb) {
client.query(
- 'SELECT hash FROM user WHERE who = ?', [ user ], function (err, r) {
+ 'SELECT hash FROM user WHERE who = ?', [ user.toLowerCase() ], function (err, r) {
if (err) return cb();
cb((r && r.length == 1) ? r[0].hash : null);
});
@@ -53,5 +53,5 @@ exports.getAuth = function(user, cb) {
exports.addUser = function(user, hash, cb) {
// add that user!
- client.query('INSERT INTO user(who, hash) VALUES(?,?)', [user, hash], cb);
+ client.query('INSERT INTO user(who, hash) VALUES(?,?)', [user.toLowerCase(), hash], cb);
};
View
12 lib/wsapi.js
@@ -30,10 +30,12 @@ exports.register = function(app) {
return res.end();
}
- db.getAuth(req.body.user, function(hash) {
+ var normalizedUser = req.body.user.toLowerCase();
+
+ db.getAuth(normalizedUser, function(hash) {
if (hash) {
bcrypt.compare(req.body.pass, hash, function(err, r) {
- if (r) req.session.user = req.body.user;
+ if (r) req.session.user = normalizedUser;
res.writeHead(!r ? 401 : 200);
res.end();
});
@@ -43,8 +45,8 @@ exports.register = function(app) {
if (err) return cb(err);
bcrypt.hash(req.body.pass, salt, function(err, hash) {
if (err) return cb(err);
- db.addUser(req.body.user, hash, function(err) {
- if (!err) req.session.user = req.body.user;
+ db.addUser(normalizedUser, hash, function(err) {
+ if (!err) req.session.user = normalizedUser;
res.writeHead(err ? 401 : 200);
res.end();
});
@@ -60,7 +62,7 @@ exports.register = function(app) {
return res.end();
}
- db.getAuth(req.query.user, function(hash) {
+ db.getAuth(req.query.user.toLowerCase(), function(hash) {
res.json({ known: !!hash });
});
});
View
2  static/js/main.js
@@ -40,7 +40,7 @@ $(document).ready(function() {
$("#signup div.error").hide();
$("form button").attr('disabled', true);
- var uname = $.trim($("form #username").val());
+ var uname = $.trim($("form #username").val().toLowerCase());
var pass = $.trim($("form #password").val());
if (!uname.length) return showError("please supply a username");
if (pass.length < 6) return showError("password is too short");
Something went wrong with that request. Please try again.