forked from MirrorHub/synapse
Merge pull request #1827 from matrix-org/dbkr/email_case_insensitive
Lowercase all email addresses before querying db
This commit is contained in:
commit
6f6bf2a1eb
2 changed files with 12 additions and 1 deletions
|
@ -118,8 +118,14 @@ class LoginRestServlet(ClientV1RestServlet):
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def do_password_login(self, login_submission):
|
def do_password_login(self, login_submission):
|
||||||
if 'medium' in login_submission and 'address' in login_submission:
|
if 'medium' in login_submission and 'address' in login_submission:
|
||||||
|
address = login_submission['address']
|
||||||
|
if login_submission['medium'] == 'email':
|
||||||
|
# For emails, transform the address to lowercase.
|
||||||
|
# We store all email addreses as lowercase in the DB.
|
||||||
|
# (See add_threepid in synapse/handlers/auth.py)
|
||||||
|
address = address.lower()
|
||||||
user_id = yield self.hs.get_datastore().get_user_id_by_threepid(
|
user_id = yield self.hs.get_datastore().get_user_id_by_threepid(
|
||||||
login_submission['medium'], login_submission['address']
|
login_submission['medium'], address
|
||||||
)
|
)
|
||||||
if not user_id:
|
if not user_id:
|
||||||
raise LoginError(403, "", errcode=Codes.FORBIDDEN)
|
raise LoginError(403, "", errcode=Codes.FORBIDDEN)
|
||||||
|
|
|
@ -96,6 +96,11 @@ class PasswordRestServlet(RestServlet):
|
||||||
threepid = result[LoginType.EMAIL_IDENTITY]
|
threepid = result[LoginType.EMAIL_IDENTITY]
|
||||||
if 'medium' not in threepid or 'address' not in threepid:
|
if 'medium' not in threepid or 'address' not in threepid:
|
||||||
raise SynapseError(500, "Malformed threepid")
|
raise SynapseError(500, "Malformed threepid")
|
||||||
|
if threepid['medium'] == 'email':
|
||||||
|
# For emails, transform the address to lowercase.
|
||||||
|
# We store all email addreses as lowercase in the DB.
|
||||||
|
# (See add_threepid in synapse/handlers/auth.py)
|
||||||
|
threepid['address'] = threepid['address'].lower()
|
||||||
# if using email, we must know about the email they're authing with!
|
# if using email, we must know about the email they're authing with!
|
||||||
threepid_user_id = yield self.hs.get_datastore().get_user_id_by_threepid(
|
threepid_user_id = yield self.hs.get_datastore().get_user_id_by_threepid(
|
||||||
threepid['medium'], threepid['address']
|
threepid['medium'], threepid['address']
|
||||||
|
|
Loading…
Reference in a new issue