Lowercase entity slugs and email addresses

marcua · Aug 13, 2023 · cb8f056 · cb8f056
1 parent 8201c2a
commit cb8f056
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 8 deletions.
diff --git a/migrations/postgres/20230720_email_authentication.sql b/migrations/postgres/20230720_email_authentication.sql
@@ -1,11 +1,9 @@
-CREATE EXTENSION IF NOT EXISTS citext;
-
 CREATE TABLE authentication_method (
        id SERIAL NOT NULL,
        entity_id INT NOT NULL,
        method_type SMALLINT NOT NULL,
        status SMALLINT NOT NULL,
-       email_address CITEXT NOT NULL,
+       email_address VARCHAR(256) NOT NULL,
 
        PRIMARY KEY(id),
        FOREIGN KEY(entity_id) REFERENCES entity(id),

diff --git a/migrations/sqlite/20230720_email_authentication.sql b/migrations/sqlite/20230720_email_authentication.sql
@@ -3,7 +3,7 @@ CREATE TABLE authentication_method (
        entity_id INT NOT NULL,
        method_type SMALLINT NOT NULL,
        status SMALLINT NOT NULL,
-       email_address TEXT COLLATE NOCASE NOT NULL,
+       email_address VARCHAR(256) NOT NULL,
 
        FOREIGN KEY(entity_id) REFERENCES entity(id),
        UNIQUE(method_type, email_address)

diff --git a/src/http/endpoints.rs b/src/http/endpoints.rs
@@ -12,7 +12,7 @@ use crate::http::structs::{
     EntityDatabasePath,
 };
 use crate::http::tokens::{decrypt_auth_token, encrypt_auth_token};
-use crate::http::utils::get_header;
+use crate::http::utils::{get_header, get_lowercased_header};
 use actix_web::{post, web, HttpRequest, HttpResponse};
 
 #[post("/v1/confirm")]
@@ -99,7 +99,7 @@ async fn log_in(
     ayb_db: web::Data<Box<dyn AybDb>>,
     ayb_config: web::Data<AybConfig>,
 ) -> Result<HttpResponse, AybError> {
-    let entity = get_header(&req, "entity")?;
+    let entity = get_lowercased_header(&req, "entity")?;
     let desired_entity = ayb_db.get_entity(&entity).await;
 
     if let Ok(instantiated_entity) = desired_entity {
@@ -154,8 +154,8 @@ async fn register(
     ayb_db: web::Data<Box<dyn AybDb>>,
     ayb_config: web::Data<AybConfig>,
 ) -> Result<HttpResponse, AybError> {
-    let entity = get_header(&req, "entity")?;
-    let email_address = get_header(&req, "email-address")?;
+    let entity = get_lowercased_header(&req, "entity")?;
+    let email_address = get_lowercased_header(&req, "email-address")?;
     let entity_type = get_header(&req, "entity-type")?;
     let desired_entity = ayb_db.get_entity(&entity).await;
     // Ensure that there are no authentication methods aside from

diff --git a/src/http/utils.rs b/src/http/utils.rs
@@ -14,3 +14,7 @@ pub fn get_header(req: &HttpRequest, header_name: &str) -> Result<String, AybErr
         }),
     }
 }
+
+pub fn get_lowercased_header(req: &HttpRequest, header_name: &str) -> Result<String, AybError> {
+    return Ok(get_header(req, header_name)?.to_lowercase());
+}