Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Two accounts can fail to login when request auth token if username/email are same #701

Closed
alexdlaird opened this issue Oct 8, 2024 · 1 comment
Closed

Two accounts can fail to login when request auth token if username/email are same #701

alexdlaird opened this issue Oct 8, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@alexdlaird
Copy link
Member

alexdlaird commented Oct 8, 2024
edited
Loading

Since users can login with either username or email, the username field can be populated with either a username, or an email address, and the token route will look in the DB for either/or. However, if one account's username is the same as another account's email address, a collision happens at this point, and an error is thrown. The user can't login.

When adding tests for this, should also add a test to the "change email/username" path, to ensure the collision can't be caused at that point either.
@alexdlaird alexdlaird added the bug Something isn't working label Oct 8, 2024
@alexdlaird
Copy link
Member Author

This was most easily solved by now allowing @ in the username. Your username should be unique from your email anyway, and if you want to login with your email instead, you still can.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@alexdlaird