Look up names and emails case insensitively for authentication

If the name entered is not found then try a case insensitive lookup
and if that finds a single result then use it.

diff --git a/app/models/user.rb b/app/models/user.rb
index 56c8890b5b3c645674f2973cd4a0d18d00114c12..08325d5b9e0e58bb69c912bad44833bad26d8847 100644 (file)
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -47,9 +47,18 @@ class User < ActiveRecord::Base
   def self.authenticate(options)
     if options[:username] and options[:password]
       user = where("email = ? OR display_name = ?", options[:username], options[:username]).first
+
+      if user.nil?
+        users = where("LOWER(email) = LOWER(?) OR LOWER(display_name) = LOWER(?)", options[:username], options[:username])
+
+        if users.count == 1
+          user = users.first
+        end
+      end
+
       user = nil if user and user.pass_crypt != OSM::encrypt_password(options[:password], user.pass_salt)
     elsif options[:token]
-      token = UserToken.where(:token => options[:token]).preload(:user).first
+      token = UserToken.find_by_token(options[:token])
       user = token.user if token
     end