A solution to the email address uppercase/lowercase problem
1,638 views
Skip to first unread message
Adam
Jul 29, 2010, 6:31:08 PM7/29/10
to Devise
In (at least) Devise 1.0.7, the controllers accept email addresses as-
is (no upper- or lowercase conversion).
This will hose users who don't enter their email address consistently.
A user might register as J...@Example.Com then try to log in as
j...@example.com. It's a support headache waiting to happen.
I think that the Devise team wants to fix this in the controllers
(Internet email addresses are not case-sensitive, but Devise is).
Until that happens, the following gets the job done. You'll need
jQuery for it to work.
1. Add this to app/helpers/application_helper.rb
----------------------------------------
# Convert the email address to lowercase when submitting the form.
This avoids support issues later
# when someone enters their email address in a difference case.
#
# Convert the email address to lowercase on document-ready and field
blur as a cosmetic-only improvement.
def devise_email_text_field(form)
form.text_field(:email, :id => 'devise-email-text-field') + "\n" +
(<<EOF).html_safe
<script type='text/javascript'>
//<![CDATA[
jQuery(document).ready(function() {
var field = jQuery('#devise-email-text-field');
field.val(field.val().toLowerCase());
field.blur(function() {
field.val(field.val().toLowerCase());
});
var form = field.closest('form');
form.submit(function() {
field.val(field.val().toLowerCase());
});
});
//]]>
</script>
EOF
end
----------------------------------------
2. In the Devise views (you do have your own views, don't you?),
replace this:
----------------------------------------
= f.text_field :email
----------------------------------------
with this:
----------------------------------------
= devise_email_text_field(f)
----------------------------------------
Crude, but effective :-)
-- Adam
is (no upper- or lowercase conversion).
This will hose users who don't enter their email address consistently.
A user might register as J...@Example.Com then try to log in as
j...@example.com. It's a support headache waiting to happen.
I think that the Devise team wants to fix this in the controllers
(Internet email addresses are not case-sensitive, but Devise is).
Until that happens, the following gets the job done. You'll need
jQuery for it to work.
1. Add this to app/helpers/application_helper.rb
----------------------------------------
# Convert the email address to lowercase when submitting the form.
This avoids support issues later
# when someone enters their email address in a difference case.
#
# Convert the email address to lowercase on document-ready and field
blur as a cosmetic-only improvement.
def devise_email_text_field(form)
form.text_field(:email, :id => 'devise-email-text-field') + "\n" +
(<<EOF).html_safe
<script type='text/javascript'>
//<![CDATA[
jQuery(document).ready(function() {
var field = jQuery('#devise-email-text-field');
field.val(field.val().toLowerCase());
field.blur(function() {
field.val(field.val().toLowerCase());
});
var form = field.closest('form');
form.submit(function() {
field.val(field.val().toLowerCase());
});
});
//]]>
</script>
EOF
end
----------------------------------------
2. In the Devise views (you do have your own views, don't you?),
replace this:
----------------------------------------
= f.text_field :email
----------------------------------------
with this:
----------------------------------------
= devise_email_text_field(f)
----------------------------------------
Crude, but effective :-)
-- Adam
Jakob Hilden
Aug 16, 2010, 9:16:22 AM8/16/10
to Devise
I came across the same problem and I agree that it should be fixed in
devise.
However I don't think it is a good idea trying to solve this on the
client-side with jQuery.
Instead I added this to my user model:
- - - - -
before_validation :lowercase_email
def lowercase_email
self.email = self.email.downcase
end
- - - - -
Seems to work.
Greetings,
--Jakob
devise.
However I don't think it is a good idea trying to solve this on the
client-side with jQuery.
Instead I added this to my user model:
- - - - -
before_validation :lowercase_email
def lowercase_email
self.email = self.email.downcase
end
- - - - -
Seems to work.
Greetings,
--Jakob
Jakob Hilden
Aug 16, 2010, 9:26:46 AM8/16/10
to Devise
Adam
Sep 7, 2010, 5:36:20 PM9/7/10
to Devise
Hi Jakob,
I wish I could remember why, but I don't think this worked for me. And
yes, I agree that the jQuery solution is ugly :-)
Adam
On Aug 16, 9:16 am, Jakob Hilden <jakobhil...@gmail.com> wrote:
> I came across the same problem and I agree that it should be fixed in
> devise.
>
> However I don't think it is a good idea trying to solve this on the
> client-side with jQuery.
>
> Instead I added this to my user model:
> - - - - -
> before_validation :lowercase_email
> def lowercase_email
> self.email = self.email.downcase
> end
> - - - - -
>
> Seems to work.
>
> Greetings,
>
> --Jakob
>
> On Jul 30, 12:31 am, Adam <ashacklef...@gmail.com> wrote:
>
>
>
> > In (at least) Devise 1.0.7, the controllers accept email addresses as-
> > is (no upper- or lowercase conversion).
>
> > This will hose users who don't enter their email address consistently.
> > A user might register as J...@Example.Com then try to log in as
> > j...@example.com. It's a support headache waiting to happen.
>
> > I think that the Devise team wants to fix this in the controllers
> > (Internet email addresses are notcase-sensitive, but Devise is).
I wish I could remember why, but I don't think this worked for me. And
yes, I agree that the jQuery solution is ugly :-)
Adam
On Aug 16, 9:16 am, Jakob Hilden <jakobhil...@gmail.com> wrote:
> I came across the same problem and I agree that it should be fixed in
> devise.
>
> However I don't think it is a good idea trying to solve this on the
> client-side with jQuery.
>
> Instead I added this to my user model:
> - - - - -
> before_validation :lowercase_email
> def lowercase_email
> self.email = self.email.downcase
> end
> - - - - -
>
> Seems to work.
>
> Greetings,
>
> --Jakob
>
> On Jul 30, 12:31 am, Adam <ashacklef...@gmail.com> wrote:
>
>
>
> > In (at least) Devise 1.0.7, the controllers accept email addresses as-
> > is (no upper- or lowercase conversion).
>
> > This will hose users who don't enter their email address consistently.
> > A user might register as J...@Example.Com then try to log in as
> > j...@example.com. It's a support headache waiting to happen.
>
> > I think that the Devise team wants to fix this in the controllers
tekknikk
Oct 4, 2010, 8:47:39 PM10/4/10
to Devise
This is really two problems.
1) Forcing lowercase on sign_in given some interfaces like to
capitalize words i.e. the iPhone.
2) Forcing lowercase on sign_up as Devise was storing email in upper
and lower case, if user supplied mixed case.
To ensure lowercase email on sign_up and sign_in i had to do the
following, in my user model:
before_validation :lowercase_email
def lowercase_email
self.email = self.email.downcase
end
def self.find_for_authentication(conditions)
conditions[:email].downcase!
super(conditions)
end
On Sep 8, 8:36 am, Adam <ashacklef...@gmail.com> wrote:
> Hi Jakob,
>
> I wish I could remember why, but I don't think this worked for me. And
> yes, I agree that the jQuery solution is ugly :-)
>
> Adam
>
> On Aug 16, 9:16 am, Jakob Hilden <jakobhil...@gmail.com> wrote:
>
>
>
>
>
>
>
> > I came across the same problem and I agree that it should be fixed in
> > devise.
>
> > However I don't think it is a good idea trying to solve this on the
> > client-side with jQuery.
>
> > Instead I added this to my user model:
> > - - - - -
> > before_validation :lowercase_email
> > def lowercase_email
> > self.email= self.email.downcase
> > > #
> > > # Convert theemailaddress tolowercaseon document-ready and field
1) Forcing lowercase on sign_in given some interfaces like to
capitalize words i.e. the iPhone.
2) Forcing lowercase on sign_up as Devise was storing email in upper
and lower case, if user supplied mixed case.
To ensure lowercase email on sign_up and sign_in i had to do the
following, in my user model:
before_validation :lowercase_email
def lowercase_email
self.email = self.email.downcase
end
conditions[:email].downcase!
super(conditions)
end
On Sep 8, 8:36 am, Adam <ashacklef...@gmail.com> wrote:
> Hi Jakob,
>
> I wish I could remember why, but I don't think this worked for me. And
> yes, I agree that the jQuery solution is ugly :-)
>
> Adam
>
> On Aug 16, 9:16 am, Jakob Hilden <jakobhil...@gmail.com> wrote:
>
>
>
>
>
>
>
> > I came across the same problem and I agree that it should be fixed in
> > devise.
>
> > However I don't think it is a good idea trying to solve this on the
> > client-side with jQuery.
>
> > Instead I added this to my user model:
> > - - - - -
> > before_validation :lowercase_email
> > def lowercase_email
> > end
> > - - - - -
>
> > Seems to work.
>
> > Greetings,
>
> > --Jakob
>
> > On Jul 30, 12:31 am, Adam <ashacklef...@gmail.com> wrote:
>
> > > In (at least) Devise 1.0.7, the controllers acceptemailaddresses as-
> > > is (no upper- orlowercaseconversion).
>
> > > This will hose users who don't enter theiremailaddress consistently.
> > - - - - -
>
> > Seems to work.
>
> > Greetings,
>
> > --Jakob
>
> > On Jul 30, 12:31 am, Adam <ashacklef...@gmail.com> wrote:
>
> > > In (at least) Devise 1.0.7, the controllers acceptemailaddresses as-
> > > is (no upper- orlowercaseconversion).
>
> > > A user might register as J...@Example.Com then try to log in as
> > > j...@example.com. It's a support headache waiting to happen.
>
> > > I think that the Devise team wants to fix this in the controllers
> > > (Internetemailaddresses are notcase-sensitive, but Devise is).
> > > j...@example.com. It's a support headache waiting to happen.
>
> > > I think that the Devise team wants to fix this in the controllers
>
> > > Until that happens, the following gets the job done. You'll need
> > > jQuery for it to work.
>
> > > 1. Add this to app/helpers/application_helper.rb
> > > ----------------------------------------
> > > # Convert theemailaddress tolowercasewhen submitting the form.
> > > Until that happens, the following gets the job done. You'll need
> > > jQuery for it to work.
>
> > > 1. Add this to app/helpers/application_helper.rb
> > > ----------------------------------------
> > > This avoids support issues later
> > > # when someone enters theiremailaddress in a differencecase.
> > > #
> > > # Convert theemailaddress tolowercaseon document-ready and field
Radoslav Stankov
Oct 5, 2010, 12:07:59 PM10/5/10
to Devise
I user simillar solution as tekknikk only have fail save check email
condition:
def find_for_authentication(conditions)
conditions[:email].downcase! if conditions[:email]
super(conditions)
end
condition:
def find_for_authentication(conditions)
conditions[:email].downcase! if conditions[:email]
super(conditions)
end
Radoslav Stankov
Oct 5, 2010, 3:48:54 PM10/5/10
to Devise
bw I was wondering if there will be good ida to have some method on
models like normalize_conditions or something like this, because I'm
currently authenticating users by email (using the downcase trick) and
account_name, which is not a real user field and is transform to
account_id. And I'm searching for better solution.
models like normalize_conditions or something like this, because I'm
currently authenticating users by email (using the downcase trick) and
account_name, which is not a real user field and is transform to
account_id. And I'm searching for better solution.
Andrew
Nov 16, 2010, 4:34:18 PM11/16/10
to Devise
This will not work for password reset and account unlock as these use
find_or_initialize_with_error_by and NOT find_for_authentication.
Hence, if a user signs up with "Foo...@gmail.com" and forgets their
password or somehow gets locked out,
they will be told that their account does not exist when trying to
reset their password or unlock their account using the email
"Foo...@gmail.com".
If devise would just accept that people see and use email addresses as
case-insensitive, the world would be a better place :)
find_or_initialize_with_error_by and NOT find_for_authentication.
Hence, if a user signs up with "Foo...@gmail.com" and forgets their
password or somehow gets locked out,
they will be told that their account does not exist when trying to
reset their password or unlock their account using the email
"Foo...@gmail.com".
If devise would just accept that people see and use email addresses as
case-insensitive, the world would be a better place :)
José Valim
Nov 16, 2010, 4:36:29 PM11/16/10
to Devise
> If devise would just accept that people see and use email addresses as
> case-insensitive, the world would be a better place :)
Yes, we can. Patches are welcome.> case-insensitive, the world would be a better place :)
Reply all
Reply to author
Forward
0 new messages