django-cas icon indicating copy to clipboard operation
django-cas copied to clipboard

Published 20 hours ago verified publisher icon kstateome

Strip usernames when creating them

Open scottwoodall opened this issue 8 years ago • 2 comments

I ran into a situation today where duplicate user accounts were being created. After some digging around I noticed that if a user typed in a leading or trailing space while typing their username then it would treat these accounts as unique and create a new record in auth_user. This can lead to confusing results for the end user as anything associated with an account they might of had previously looks to them as if it disappeared.

Would you be willing to accept a patch for backends.py[1] with something to the effect of:

username = _verify(ticket, service)

if not username:
    return None

username = username.strip()

[1] https://github.com/kstateome/django-cas/blob/develop/cas/backends.py#L231

scottwoodall avatar Sep 07 '16 15:09 scottwoodall

i think it would be better to strip the username in _verify. in function '_verify_cas1', strip has been done.

in function '_internal_verify_cas', change username = tree[0][0].text to username = tree[0][0].text.strip()

tadonis avatar Sep 08 '16 01:09 tadonis

fix at #59

tadonis avatar Sep 08 '16 02:09 tadonis