fix: lowercase emails on login

ory · Oct 13, 2020 · 244b4dd · 244b4dd
1 parent f9e3e1d
commit 244b4dd
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 0 deletions.
diff --git a/identity/pool.go b/identity/pool.go
@@ -394,6 +394,24 @@ func TestPool(p PrivilegedPool) func(t *testing.T) {
 			assertEqual(t, expected, actual)
 		})
 
+		t.Run("case=find identity by its credentials case insensitive emails", func(t *testing.T) {
+			expected := passwordIdentity("", "cAsEinSensiTivE@ory.Sh")
+			expected.Traits = Traits(`{}`)
+
+			require.NoError(t, p.CreateIdentity(context.Background(), expected))
+			createdIDs = append(createdIDs, expected.ID)
+
+			actual, creds, err := p.FindByCredentialsIdentifier(context.Background(), CredentialsTypePassword, "CASEINSENSITIVE@ory.Sh")
+			require.NoError(t, err)
+
+			assert.EqualValues(t, expected.Credentials[CredentialsTypePassword].ID, creds.ID)
+			assert.EqualValues(t, []string{"caseinsensitive@ory.sh"}, creds.Identifiers)
+			assert.JSONEq(t, string(expected.Credentials[CredentialsTypePassword].Config), string(creds.Config))
+
+			expected.Credentials = nil
+			assertEqual(t, expected, actual)
+		})
+
 		t.Run("suite=verifiable-address", func(t *testing.T) {
 			createIdentityWithAddresses := func(t *testing.T, email string) VerifiableAddress {
 				var i Identity

diff --git a/persistence/sql/persister_identity.go b/persistence/sql/persister_identity.go
@@ -54,6 +54,11 @@ func (p *Persister) FindByCredentialsIdentifier(ctx context.Context, ct identity
 		IdentityID uuid.UUID `db:"identity_id"`
 	}
 
+	// Force case-insensitivity for email addresses
+	if strings.Contains(match, "@") && ct == identity.CredentialsTypePassword {
+		match = strings.ToLower(match)
+	}
+
 	if err := p.GetConnection(ctx).RawQuery(`SELECT
     ic.identity_id
 FROM identity_credentials ic