aboutsummaryrefslogtreecommitdiff
path: root/api/auth
diff options
context:
space:
mode:
Diffstat (limited to 'api/auth')
-rw-r--r--api/auth/login.py2
-rw-r--r--api/auth/signup.py2
2 files changed, 2 insertions, 2 deletions
diff --git a/api/auth/login.py b/api/auth/login.py
index 9b99ba9..045120a 100644
--- a/api/auth/login.py
+++ b/api/auth/login.py
@@ -18,7 +18,7 @@ def index():
user_id = None
user_id = user_id or cursor.execute("select user_id from users where email = ?", [email]).fetchone()
- user_id = user_id or cursor.execute("select user_id from users where username = ?", [email]).fetchone()
+ user_id = user_id or cursor.execute("select user_id from users where lower(username) = lower(?)", [email]).fetchone()
if user_id == None: return "", 401
passwd = cursor.execute("select password_hash from users where user_id = ?", [user_id[0]]).fetchone()
diff --git a/api/auth/signup.py b/api/auth/signup.py
index 648f1b5..210ba94 100644
--- a/api/auth/signup.py
+++ b/api/auth/signup.py
@@ -38,7 +38,7 @@ def index():
not validate_password(password):
return {"error": "form_data_invalid"}, 403
- if cursor.execute("select username from users where username = ?", [username]).fetchone():
+ if cursor.execute("select username from users where lower(username) = lower(?)", [username]).fetchone():
return {"error": "username_taken"}, 403
if cursor.execute("select email from users where email = ?", [email]).fetchone():