keystone icon indicating copy to clipboard operation
keystone copied to clipboard

Published 20 hours ago verified publisher icon keystonejs

identityField is case sensitive for authentication

Open gautamsi opened this issue 4 years ago • 2 comments

Bug report

Describe the bug

Not sure if this is exactly bug or some configuration is needed.

I noticed that authentication does not ignore case when matching identityField.

To Reproduce

  1. Run auth example
  2. crate user with first letter of email capitalize
  3. try signing in using all small letters in email using graphql playground

Expected behaviour

authentication should succeed

Screenshots

If applicable, add screenshots to help explain your problem.

System information

NA

gautamsi avatar Oct 27 '21 06:10 gautamsi

@gautamsi I've looked at this, and agree it's an issue, but not one with a solution we can implement quickly to fix things.

Not sure when we're going to prioritise this, but here's the current state of things:

Long story short, case sensitivity is handled differently with Postgres and Sqlite, so we can't just add a { mode: "insensitive" } option to the mutation unfortunately. Also (from my read, haven't gone down the entire rabbit hole yet) we expect a unique index on the identity field and the way that translates to database support is case sensitive (which is another problem), more info here: prisma/prisma#3851

What we'll probably do is introduce a new option (or maybe new field) that forces input to lowercase, put the unique constraint on that, and lowercase the input we're comparing against as well. But it needs some thinking and design.

JedWatson avatar Nov 02 '21 06:11 JedWatson

Workaround for those running on postgres.

pc-erin avatar Jan 22 '24 16:01 pc-erin