Skip to first unread message
Ian W. Scott
Nov 30, 2017, 3:46:09 PM11/30/17
to web2py-users
I have one user (and only one) whose email has suddenly started to be rejected by the auth login system. With the correct email address and password (I've double-checked) he gets "Invalid login." Then when he tries to use the password reset form he gets an "Invalid email" notice, as if the field validator is rejecting it. The email address is in the format My....@tyndale.ca. So it shouldn't be rejected by the field validator. Can anyone suggest what might be causing a problem like this, or at least how I could debug it? There are no error messages being produced.
Thanks,
Ian
Leonel Câmara
Nov 30, 2017, 4:06:13 PM11/30/17
to web2py-users
Looks like a bug due to case sensitivity, either in web2py or in the dal
Ian W. Scott
Nov 30, 2017, 4:40:44 PM11/30/17
to web2py-users
I think you're right. It looks like the execution hangs up in Auth.request_reset_password at the point where the system is checking a setting for password case sensitivity:
I did a search in the current web2py book for "email_case_sensitive" and came up empty. Is this something we're supposed to be aware of and set in db.py?
if not self.settings.email_case_sensitive:
table_user.email.requires.insert(0, IS_LOWER())
I did a search in the current web2py book for "email_case_sensitive" and came up empty. Is this something we're supposed to be aware of and set in db.py?
More importantly, if email_case_sensitive is False, the behaviour seems wrong. What should happen is that a stored email with some uppercase matches a submitted email regardless of the case. Instead, it's assuming all stored email addresses are lowercase. I think what happened is that this behaviour changed (was introduced?) in a recent update. So my old stored email addresses were stored with some uppercase. But when I updated to the newest version of web2py this new behaviour broke login and auth for anyone with uppercase in their email. Or am I missing something? Setting Auth.email_case_sensitive = True does seem to have fixed the issue.
Tele Tom
Oct 5, 2021, 9:49:55 AM10/5/21
to web2py-users
Scot et.al.;
I believe I am having the same strange problem. I am using web2py version 2.21.1 with python 2.7.5
I found that particular line of code tyou mentioned in web2py/gluon/tools.py about line: 3468
"if not self.settings.email_case_sensitive:
table_user.email.requires.insert(0, IS_LOWER())"
Is the best solution to simply enter the email address for login in lower case? Is it possible to edit that line of code in tools.py? I realize your post is 4 years old. Maybe this bug has been fixed.
best, Tele Tom
Reply all
Reply to author
Forward
0 new messages