use lower() for register, search and login

3 files changed, 3 insertions, 3 deletions

diff --git a/api/auth/login.py b/api/auth/login.py
index 9b99ba9..045120a 100644
--- a/api/auth/login.py
+++ b/api/auth/login.py
@@ -18,7 +18,7 @@ def index():
 
     user_id = None
     user_id = user_id or cursor.execute("select user_id from users where email = ?", [email]).fetchone()
-    user_id = user_id or cursor.execute("select user_id from users where username = ?", [email]).fetchone()
+    user_id = user_id or cursor.execute("select user_id from users where lower(username) = lower(?)", [email]).fetchone()
     if user_id == None: return "", 401
 
     passwd = cursor.execute("select password_hash from users where user_id = ?", [user_id[0]]).fetchone()
diff --git a/api/auth/signup.py b/api/auth/signup.py
index 648f1b5..210ba94 100644
--- a/api/auth/signup.py
+++ b/api/auth/signup.py
@@ -38,7 +38,7 @@ def index():
        not validate_password(password):
            return {"error": "form_data_invalid"}, 403
 
-    if cursor.execute("select username from users where username = ?", [username]).fetchone():
+    if cursor.execute("select username from users where lower(username) = lower(?)", [username]).fetchone():
         return {"error": "username_taken"}, 403
 
     if cursor.execute("select email from users where email = ?", [email]).fetchone():
diff --git a/api/social/search.py b/api/social/search.py
index a9bb385..ccc62e5 100644
--- a/api/social/search.py
+++ b/api/social/search.py
@@ -13,7 +13,7 @@ def index():
     if not query: return "", 400
     if len(query) < 3: return "", 403
 
-    results = cursor.execute("select user_id from users where levenshtein(username, ?, 3)", [query]).fetchmany(20);
+    results = cursor.execute("select user_id from users where levenshtein(lower(username), lower(?), 3)", [query]).fetchmany(20);
 
     formatted = { "results": [] }