SSO Authentication Issue with differently cased emails

support
1

Today, I had a case of a member that would be redirected to the “confirm your email address” page every time they signed in to Discourse. They are able to sign in to other assets that use our authentication method just fine.

After some digging, we found that the email address stored in Discourse and on our authentication server had capital letters which they don’t actually type when signing in to anything. I had the member change their ID to lowercase and now they can sign in to Discourse without a problem.

I asked my authentication dude if I should send a ticket to him and he recommended i notify you guys as this “seems like a Discourse issue.”

5 Likes
2

Hmm did we regress here @LeoMcA ? Make sure your code is case independent for many-to-one emails to users.

1 Like
4

@LeoMcA added an unique index so we’re safe on this front.

https://github.com/discourse/discourse/blob/3538b63305582d53dabd1476170d99387fc4e97c/db/migrate/20170717084947_create_user_emails.rb#L15

6 Likes
5

@Martin_Cash There were some regressions we introduced when introducing multiple email address per user support. Usually all emails are downcased before being saved into the database but our code was incorrectly skipping validations. This should be resolved in

https://github.com/discourse/discourse/commit/0bc690ed11182448e33e910f1a697dfbcace63b4

but do let me know if you run into this again.

8 Likes