From e62b1fdb8fdcbbb0dc65625edde2f0626bdc9f11 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Fri, 27 Aug 2021 14:28:32 +0200 Subject: [PATCH] misc: ignore case when searching by email (#42880) --- src/authentic2/api_views.py | 6 +++--- .../custom_user/management/commands/changepassword.py | 2 +- src/authentic2/utils/misc.py | 6 +++--- src/authentic2/views.py | 10 ++++++---- src/authentic2_auth_fc/views.py | 6 ++++-- 5 files changed, 17 insertions(+), 13 deletions(-) diff --git a/src/authentic2/api_views.py b/src/authentic2/api_views.py index 3a4c02c7..90814a8d 100644 --- a/src/authentic2/api_views.py +++ b/src/authentic2/api_views.py @@ -321,7 +321,7 @@ class PasswordChangeSerializer(serializers.Serializer): def validate(self, data): User = get_user_model() - qs = User.objects.filter(email=data['email']) + qs = User.objects.filter(email__iexact=data['email']) if data['ou']: qs = qs.filter(ou=data['ou']) try: @@ -512,9 +512,9 @@ class BaseUserSerializer(serializers.ModelSerializer): and data.get('email') and (not self.instance or data.get('email') != self.instance.email) ): - if app_settings.A2_EMAIL_IS_UNIQUE and qs.filter(email=data['email']).exists(): + if app_settings.A2_EMAIL_IS_UNIQUE and qs.filter(email__iexact=data['email']).exists(): already_used = True - if ou and ou.email_is_unique and qs.filter(ou=ou, email=data['email']).exists(): + if ou and ou.email_is_unique and qs.filter(ou=ou, email__iexact=data['email']).exists(): already_used = True errors = {} diff --git a/src/authentic2/custom_user/management/commands/changepassword.py b/src/authentic2/custom_user/management/commands/changepassword.py index 95356488..83cfece3 100644 --- a/src/authentic2/custom_user/management/commands/changepassword.py +++ b/src/authentic2/custom_user/management/commands/changepassword.py @@ -54,7 +54,7 @@ class Command(BaseCommand): UserModel = get_user_model() qs = UserModel._default_manager.using(options.get('database')) - qs = qs.filter(Q(uuid=username) | Q(username=username) | Q(email=username)) + qs = qs.filter(Q(uuid=username) | Q(username=username) | Q(email__iexact=username)) try: u = qs.get() except UserModel.DoesNotExist: diff --git a/src/authentic2/utils/misc.py b/src/authentic2/utils/misc.py index fd343d3a..bff69fca 100644 --- a/src/authentic2/utils/misc.py +++ b/src/authentic2/utils/misc.py @@ -770,7 +770,7 @@ def build_activation_url(request, email, next_url=None, ou=None, **kwargs): data[REDIRECT_FIELD_NAME] = next_url lifetime = settings.ACCOUNT_ACTIVATION_DAYS * 3600 * 24 # invalidate any token associated with this address - Token.objects.filter(kind='registration', content__email=email).delete() + Token.objects.filter(kind='registration', content__email__iexact=email).delete() token = Token.create('registration', data, duration=lifetime) activate_url = request.build_absolute_uri( reverse('registration_activate', kwargs={'registration_token': token.uuid_b64url}) @@ -804,9 +804,9 @@ def send_registration_mail(request, email, ou, template_names=None, next_url=Non registration_url = build_activation_url(request, email=email, next_url=next_url, ou=ou, **kwargs) # existing accounts - existing_accounts = User.objects.filter(email=email) + existing_accounts = User.objects.filter(email__iexact=email) if not app_settings.A2_EMAIL_IS_UNIQUE: - existing_accounts = existing_accounts.filter(ou=ou, email=email) + existing_accounts = existing_accounts.filter(ou=ou) # ctx for rendering the templates context = context or {} diff --git a/src/authentic2/views.py b/src/authentic2/views.py index 2111ff97..e3946205 100644 --- a/src/authentic2/views.py +++ b/src/authentic2/views.py @@ -236,9 +236,11 @@ class EmailChangeVerifyView(TemplateView): user = User.objects.get(pk=user_pk) non_unique = False if app_settings.A2_EMAIL_IS_UNIQUE: - non_unique = User.objects.filter(email=email).exclude(pk=user_pk).exists() + non_unique = User.objects.filter(email__iexact=email).exclude(pk=user_pk).exists() elif user.ou and user.ou.email_is_unique: - non_unique = User.objects.filter(email=email, ou=user.ou).exclude(pk=user_pk).exists() + non_unique = ( + User.objects.filter(email__iexact=email, ou=user.ou).exclude(pk=user_pk).exists() + ) if non_unique: raise ValidationError(_('This email is already used by another account.')) old_email = user.email @@ -716,7 +718,7 @@ class PasswordResetView(FormView): # if an email has already been sent, warn once before allowing resend token = models.Token.objects.filter( - kind='pw-reset', content__email=email, expires__gt=timezone.now() + kind='pw-reset', content__email__iexact=email, expires__gt=timezone.now() ).exists() resend_key = 'pw-reset-allow-resend' if app_settings.A2_TOKEN_EXISTS_WARNING and token and not self.request.session.get(resend_key): @@ -901,7 +903,7 @@ class BaseRegistrationView(FormView): # if an email has already been sent, warn once before allowing resend token = models.Token.objects.filter( - kind='registration', content__email=email, expires__gt=timezone.now() + kind='registration', content__email__iexact=email, expires__gt=timezone.now() ).exists() resend_key = 'registration-allow-resend' if app_settings.A2_TOKEN_EXISTS_WARNING and token and not self.request.session.get(resend_key): diff --git a/src/authentic2_auth_fc/views.py b/src/authentic2_auth_fc/views.py index 31d0b405..961be228 100644 --- a/src/authentic2_auth_fc/views.py +++ b/src/authentic2_auth_fc/views.py @@ -485,13 +485,15 @@ class LoginOrLinkView(View): ou = get_default_ou() if a2_app_settings.A2_EMAIL_IS_UNIQUE: - instance, created = safe_get_or_create(User, email=email, defaults={'email': email, 'ou': ou}) + instance, created = safe_get_or_create( + User, email__iexact=email, defaults={'email': email, 'ou': ou} + ) if instance.ou != ou: assert not created # should not be possible raise UserOutsideDefaultOu return instance, created elif ou.email_is_unique: - return safe_get_or_create(User, ou=ou, email=email, defaults={'email': email, 'ou': ou}) + return safe_get_or_create(User, ou=ou, email__iexact=email, defaults={'email': email, 'ou': ou}) else: return User.objects.create(email=email), True -- 2.32.0.rc0