diff options
| author |  Frédéric Guillot <fred@miniflux.net> | 2017-12-29 14:55:16 -0800 |
|---|---|---|
| committer | Frédéric Guillot <fred@miniflux.net> | 2017-12-29 14:55:16 -0800 |
| commit | 747e3edab38b68534af0a4d4e55c947549c3cb0f (patch) | |
| tree | 5ac0cbe59ec9897aa9aee1fca5511bba7c6f45e1 /storage | |
| parent | 038ea790f76243b7e08119438bed24a37d452cb7 (diff) | |
Make sure username are always lowercase
Diffstat (limited to 'storage')
| -rw-r--r-- | storage/user.go | 14 | ||||
| -rw-r--r-- | storage/user_session.go | 2 |
2 files changed, 9 insertions, 7 deletions
diff --git a/storage/user.go b/storage/user.go index 912ee04..31aadf0 100644 --- a/storage/user.go +++ b/storage/user.go @@ -36,7 +36,7 @@ func (s *Storage) UserExists(username string) bool { defer helper.ExecutionTime(time.Now(), fmt.Sprintf("[Storage:UserExists] username=%s", username)) var result int - s.db.QueryRow(`SELECT count(*) as c FROM users WHERE username=$1`, username).Scan(&result) + s.db.QueryRow(`SELECT count(*) as c FROM users WHERE username=LOWER($1)`, username).Scan(&result) return result >= 1 } @@ -45,7 +45,7 @@ func (s *Storage) AnotherUserExists(userID int64, username string) bool { defer helper.ExecutionTime(time.Now(), fmt.Sprintf("[Storage:AnotherUserExists] userID=%d, username=%s", userID, username)) var result int - s.db.QueryRow(`SELECT count(*) as c FROM users WHERE id != $1 AND username=$2`, userID, username).Scan(&result) + s.db.QueryRow(`SELECT count(*) as c FROM users WHERE id != $1 AND username=LOWER($2)`, userID, username).Scan(&result) return result >= 1 } @@ -71,11 +71,13 @@ func (s *Storage) CreateUser(user *model.User) (err error) { query := `INSERT INTO users (username, password, is_admin, extra) VALUES - ($1, $2, $3, $4) - RETURNING id, language, theme, timezone, entry_direction` + (LOWER($1), $2, $3, $4) + RETURNING id, username, is_admin, language, theme, timezone, entry_direction` - err = s.db.QueryRow(query, strings.ToLower(user.Username), password, user.IsAdmin, extra).Scan( + err = s.db.QueryRow(query, user.Username, password, user.IsAdmin, extra).Scan( &user.ID, + &user.Username, + &user.IsAdmin, &user.Language, &user.Theme, &user.Timezone, @@ -146,7 +148,7 @@ func (s *Storage) UpdateUser(user *model.User) error { } } else { query := `UPDATE users SET - username=$1, + username=LOWER($1), is_admin=$2, theme=$3, language=$4, diff --git a/storage/user_session.go b/storage/user_session.go index 63e25e0..9a87cdf 100644 --- a/storage/user_session.go +++ b/storage/user_session.go @@ -50,7 +50,7 @@ func (s *Storage) UserSessions(userID int64) (model.UserSessions, error) { func (s *Storage) CreateUserSession(username, userAgent, ip string) (sessionID string, err error) { var userID int64 - err = s.db.QueryRow("SELECT id FROM users WHERE username = $1", username).Scan(&userID) + err = s.db.QueryRow("SELECT id FROM users WHERE username = LOWER($1)", username).Scan(&userID) if err != nil { return "", fmt.Errorf("unable to fetch UserID: %v", err) } |