Make sure email is case insensitive on all places (#3688)

author René Klačan <rene@klacan.sk>

Sun, 11 Jun 2017 00:29:08 +0000 (02:29 +0200)

committer Eugen Rochko <eugen@zeonfederated.com>

Sun, 11 Jun 2017 00:29:08 +0000 (02:29 +0200)
author René Klačan <rene@klacan.sk>
Sun, 11 Jun 2017 00:29:08 +0000 (02:29 +0200)
committer Eugen Rochko <eugen@zeonfederated.com>
Sun, 11 Jun 2017 00:29:08 +0000 (02:29 +0200)
diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb

index 79e3da5f9f3d78eea8e678b4784d70529d5b72d9..bc3bd2f4bcd15699a253eafa20470cf445975d00 100644 (file)
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@@ -27,7 +27,7 @@ class Auth::SessionsController < Devise::SessionsController
      if session[:otp_user_id]
        User.find(session[:otp_user_id])
      elsif user_params[:email]
-      User.find_by(email: user_params[:email])
+      User.find_for_authentication(email: user_params[:email])
      end
    end
  
diff --git a/spec/controllers/auth/sessions_controller_spec.rb b/spec/controllers/auth/sessions_controller_spec.rb

index 525b8254d27c2167528977d4f2bfa6942c42f9c3..06fdbaabc317a4a4a80385646b775ecb1da82a6a 100644 (file)
--- a/spec/controllers/auth/sessions_controller_spec.rb
+++ b/spec/controllers/auth/sessions_controller_spec.rb
@@ -65,6 +65,20 @@ RSpec.describe Auth::SessionsController, type: :controller do
          end
        end
  
+      context 'using email with uppercase letters' do
+        before do
+          post :create, params: { user: { email: user.email.upcase, password: user.password } }
+        end
+
+        it 'redirects to home' do
+          expect(response).to redirect_to(root_path)
+        end
+
+        it 'logs the user in' do
+          expect(controller.current_user).to eq user
+        end
+      end
+
        context 'using an invalid password' do
          before do
            post :create, params: { user: { email: user.email, password: 'wrongpw' } }
@@ -129,6 +143,26 @@ RSpec.describe Auth::SessionsController, type: :controller do
          return codes
        end
  
+      context 'using email and password' do
+        before do
+          post :create, params: { user: { email: user.email, password: user.password } }
+        end
+
+        it 'renders two factor authentication page' do
+          expect(controller).to render_template("two_factor")
+        end
+      end
+
+      context 'using upcase email and password' do
+        before do
+          post :create, params: { user: { email: user.email.upcase, password: user.password } }
+        end
+
+        it 'renders two factor authentication page' do
+          expect(controller).to render_template("two_factor")
+        end
+      end
+
        context 'using a valid OTP' do
          before do
            post :create, params: { user: { otp_attempt: user.current_otp } }, session: { otp_user_id: user.id }
author	René Klačan <rene@klacan.sk>
	Sun, 11 Jun 2017 00:29:08 +0000 (02:29 +0200)
committer	Eugen Rochko <eugen@zeonfederated.com>
	Sun, 11 Jun 2017 00:29:08 +0000 (02:29 +0200)
app/controllers/auth/sessions_controller.rb		patch \| blob \| history
spec/controllers/auth/sessions_controller_spec.rb		patch \| blob \| history