Make Username and Email Case-Insensitive

[JosephGaynier]

I make username and email ToLower whenever it is sent to a controller.

---

This change is 

[jasonleenaylor]

Reviewed 1 of 2 files at r1.
Reviewable status: 1 of 2 files reviewed, all discussions resolved

---

Backend/Controllers/UserController.cs, line 40 at r2 (raw file):

        public async Task<IActionResult> ResetPasswordRequest([FromBody] PasswordResetData data)
        {
            var email = data.Email.ToLower();

I recommend using ToLowerInvariant()
There are some weird edge cases where the result could depend on the localization language.
We aren't localizing the backend yet, but we will need to in the future in order to get translations of the invitation e-mails.

[JosephGaynier]

---

Backend/Controllers/UserController.cs, line 40 at r2 (raw file):

Previously, jasonleenaylor (Jason Naylor) wrote…

I recommend using ToLowerInvariant()
There are some weird edge cases where the result could depend on the localization language.
We aren't localizing the backend yet, but we will need to in the future in order to get translations of the invitation e-mails.

Gotcha, I've switched em.

[johnthagen]

---

Backend/Controllers/UserController.cs, line 40 at r3 (raw file):

        public async Task<IActionResult> ResetPasswordRequest([FromBody] PasswordResetData data)
        {
            var email = data.Email.ToLowerInvariant();

In the backend unit tests, Util.RandString() is used to create user names. The implementation of that only uses the characters a through z (lower case).

This means we aren't currently testing that lower casing is being applied in the UserController. Could the unit tests be updated to test that lower-casing is being applied?

[jasonleenaylor]

Reviewed 1 of 1 files at r3.
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @johnthagen)

---

Backend/Controllers/UserController.cs, line 40 at r3 (raw file):

Previously, johnthagen wrote…

In the backend unit tests, Util.RandString() is used to create user names. The implementation of that only uses the characters a through z (lower case).

This means we aren't currently testing that lower casing is being applied in the UserController. Could the unit tests be updated to test that lower-casing is being applied?

We'll address this unit test in a follow up PR.

[JosephGaynier]

---

Backend/Controllers/UserController.cs, line 40 at r3 (raw file):

Previously, jasonleenaylor (Jason Naylor) wrote…

We'll address this unit test in a follow up PR.

Currently working on tests right now

[johnthagen]

---

Backend/Controllers/UserController.cs, line 40 at r3 (raw file):

Previously, StevesBro wrote…

Currently working on tests right now

Created separate follow on ticket per Jason's comment: #628

[johnthagen]

Reviewed 2 of 2 files at r4.
Reviewable status: complete! all files reviewed, all discussions resolved

[johnthagen]

@StevesBro @jmgrady @imnasnainaec Does this PR require a DB fix up? Users with capital letters in their user name or password saved in the database before this PR wouldn't be able to log in right?

If they had a username User, now when they log in the controller will lower it and compare to user, which wouldn't match, right?

---

Edit: maybe not, it looks like we are lowering from the database too:

            var userList = await _userDatabase.Users.FindAsync(x =>
                x.Username.ToLowerInvariant() == username.ToLowerInvariant());

I guess the only risk might be if two users had been using similar names (User and user) and now we couldn't distinguish them?