Username case insensitive, patch db instead of using LIKE

This commit is contained in:
Mathias Haugsbø 2022-12-19 12:18:33 +01:00
parent c79b2913a2
commit b3ac7c3d43
3 changed files with 49 additions and 1 deletions

View file

@ -0,0 +1,47 @@
CREATE TABLE [temp_user](
[id] INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
[username] VARCHAR(255) NOT NULL UNIQUE COLLATE NOCASE,
[password] VARCHAR(255),
[active] BOOLEAN NOT NULL DEFAULT 1,
[timezone] VARCHAR(150),
twofa_secret VARCHAR(64),
twofa_status BOOLEAN default 0 NOT NULL,
twofa_last_token VARCHAR(6)
);
INSERT INTO [temp_user] SELECT
[id],
[username],
[password],
[active],
[timezone],
twofa_secret,
twofa_status,
twofa_last_token
FROM user;
DROP TABLE user;
CREATE TABLE [user](
[id] INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL,
[username] VARCHAR(255) NOT NULL UNIQUE COLLATE NOCASE,
[password] VARCHAR(255),
[active] BOOLEAN NOT NULL DEFAULT 1,
[timezone] VARCHAR(150),
twofa_secret VARCHAR(64),
twofa_status BOOLEAN default 0 NOT NULL,
twofa_last_token VARCHAR(6)
);
INSERT INTO [user] SELECT
[id],
[username],
[password],
[active],
[timezone],
twofa_secret,
twofa_status,
twofa_last_token
FROM [temp_user];
DROP TABLE [temp_user];

View file

@ -15,7 +15,7 @@ exports.login = async function (username, password) {
return null; return null;
} }
let user = await R.findOne("user", " username LIKE ? AND active = 1 ", [ let user = await R.findOne("user", " username = ? AND active = 1", [
username, username,
]); ]);

View file

@ -66,6 +66,7 @@ class Database {
"patch-add-radius-monitor.sql": true, "patch-add-radius-monitor.sql": true,
"patch-monitor-add-resend-interval.sql": true, "patch-monitor-add-resend-interval.sql": true,
"patch-maintenance-table2.sql": true, "patch-maintenance-table2.sql": true,
"patch-user-username-case-insensitive.sql": { parents: [ "patch-2fa-invalidate-used-token.sql", "patch-2fa.sql" ] }
}; };
/** /**