Add a tip about model middleware to authentication example (#863)

The example we use for `ModelAuthenticatable` is a `User` identified by an email address. Email addresses are case-insensitive, while the `ModelAuthenticatable` that ships with `Fluent` is case sensitive. This means that an application that follows the example naively would consider `SomeUser@example.com` and `someuser@example.com` to be two different users. This is easily addressed with model middleware that converts the email address to lowercase before saving a `User`, but that example is elsewhere in the documentation. This change simply calls out this possibility in a tip section and links to the model middleware section of the docs.
vapor · Aug 5, 2023 · 98ef20c · 98ef20c
1 parent 1bfbdab
commit 98ef20c
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/docs/security/authentication.md b/docs/security/authentication.md
@@ -329,6 +329,9 @@ Don't forget to add the migration to `app.migrations`.
 app.migrations.add(User.Migration())
 ``` 
 
+!!! tip
+     Because email addresses are not case sensitive, you may want to add a [`Middleware`](../fluent/model.md#lifecycle) that coerces the email address to lowercase before saving it to the database. Be aware, though, that `ModelAuthenticatable` uses a case sensitive comparison, so if you do this you'll want to make sure the user's input is all lower case, either with case coercion in the client, or with a custom authenticator.
+
 The first thing you will need is an endpoint to create new users. Let's use `POST /users`. Create a [Content](../basics/content.md) struct representing the data this endpoint expects.
 
 ```swift