fix #2329: Normalize email on login in the backend

2025-12-12 23:35:58 +00:00 · 2019-11-22 15:24:27 +01:00 · 2019-11-22 15:24:27 +01:00 · ae360f2201
commit ae360f2201
parent 145b6727b1
4 changed files with 27 additions and 14 deletions
--- a/backend/src/schema/resolvers/user_management.js
+++ b/backend/src/schema/resolvers/user_management.js
@ -2,6 +2,7 @@ import encode from '../../jwt/encode'
 import bcrypt from 'bcryptjs'
 import { AuthenticationError } from 'apollo-server'
 import { neode } from '../../bootstrap/neo4j'
+import { normalizeEmail } from 'validator'

 const instance = neode()

@ -21,6 +22,7 @@ export default {
      // if (user && user.id) {
      //   throw new Error('Already logged in.')
      // }
+      email = normalizeEmail(email)
      const session = driver.session()
      const result = await session.run(
        `
--- a/backend/src/schema/resolvers/user_management.spec.js
+++ b/backend/src/schema/resolvers/user_management.spec.js
@ -5,8 +5,10 @@ import { gql } from '../../helpers/jest'
 import { createTestClient } from 'apollo-server-testing'
 import createServer, { context } from '../../server'
 import encode from '../../jwt/encode'
+import { neode as getNeode } from '../../bootstrap/neo4j'

 const factory = Factory()
+const neode = getNeode()
 let query
 let mutate
 let variables
@ -214,6 +216,28 @@ describe('login', () => {
          })
        })
      })
+
+      describe('normalization', () => {
+        describe('email address is a gmail address ', () => {
+          beforeEach(async () => {
+            const email = await neode.first('EmailAddress', { email: 'test@example.org' })
+            await email.update({ email: 'someuser@gmail.com' })
+          })
+
+          describe('supplied email contains dots', () => {
+            beforeEach(() => {
+              variables = { ...variables, email: 'some.user@gmail.com' }
+            })
+
+            it('normalizes email, issue #2329', async () => {
+              await respondsWith({
+                data: { login: expect.any(String) },
+                errors: undefined,
+              })
+            })
+          })
+        })
+      })
    })

    describe('with a valid email but incorrect password', () => {
--- a/webapp/components/LoginForm/LoginForm.spec.js
+++ b/webapp/components/LoginForm/LoginForm.spec.js
@ -57,17 +57,6 @@ describe('LoginForm', () => {
          undefined,
        )
      })
-
-      describe('given email is a gmail address', () => {
-        it('removes dots, issue #2329', () => {
-          fillIn(Wrapper(), { email: 'example.user@gmail.com' })
-          expect(storeMocks.actions['auth/login']).toHaveBeenCalledWith(
-            expect.any(Object),
-            { email: 'exampleuser@gmail.com', password: '1234' },
-            undefined,
-          )
-        })
-      })
    })
  })
 })
--- a/webapp/components/LoginForm/LoginForm.vue
+++ b/webapp/components/LoginForm/LoginForm.vue
@ -73,7 +73,6 @@

 <script>
 import LocaleSwitch from '~/components/LocaleSwitch/LocaleSwitch.vue'
-import { normalizeEmail } from 'validator'

 export default {
  components: {
@ -94,8 +93,7 @@ export default {
  },
  methods: {
    async onSubmit() {
-      let { email, password } = this.form
-      email = normalizeEmail(email)
+      const { email, password } = this.form
      try {
        await this.$store.dispatch('auth/login', { email, password })
        this.$toast.success(this.$t('login.success'))