Backout broken attempt at making case insensitive authentication work

on Postgres. As implemented this forces a table scan to authenticate users which is ridiculous to save people pressing the shift key.
2009-04-23 23:46:45 +00:00 · 2009-04-23 23:46:45 +00:00 · 77a34278ca
commit 77a34278ca
parent e3ae690a00
3 changed files with 3 additions and 49 deletions
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -42,13 +42,7 @@ class User < ActiveRecord::Base

  def self.authenticate(options)
    if options[:username] and options[:password]
-      environment = Rails.configuration.environment
-      adapter = Rails.configuration.database_configuration[environment]["adapter"]
-      if adapter == "postgresql"
-        user = find(:first, :conditions => ["email ILIKE ? OR display_name ILIKE ?", options[:username], options[:username]])
-      else
-        user = find(:first, :conditions => ["email = ? OR display_name = ?", options[:username], options[:username]])
-      end
+      user = find(:first, :conditions => ["email = ? OR display_name = ?", options[:username], options[:username]])
      user = nil if user and user.pass_crypt != OSM::encrypt_password(options[:password], user.pass_salt)
    elsif options[:token]
      token = UserToken.find(:first, :include => :user, :conditions => ["user_tokens.token = ?", options[:token]])
--- a/test/fixtures/users.yml
+++ b/test/fixtures/users.yml
@ -1,9 +1,7 @@
 # Read about fixtures at http://ar.rubyonrails.org/classes/Fixtures.html
-# The normal user's email is intentionally capitalised that way to 
-# check that the login is case insensitive
 normal_user:
  id: 1
-  email: test@OpenStreetMap.org
+  email: test@openstreetmap.org
  active: true
  pass_crypt: <%= Digest::MD5.hexdigest('test') %>
  creation_time: "2007-01-01 00:00:00"
--- a/test/functional/user_controller_test.rb
+++ b/test/functional/user_controller_test.rb
@ -7,7 +7,6 @@ class UserControllerTest < ActionController::TestCase
  def test_user_create
    get :new
    assert_response :success
-    assert_template 'new'
    
    assert_select "html:root", :count => 1 do
      assert_select "head", :count => 1 do
@ -42,45 +41,8 @@ class UserControllerTest < ActionController::TestCase
    get :api_details
    assert_response :unauthorized
    
-    # Private users can login and get the api details
-    usr = users(:normal_user)
-    basic_authorization(usr.email, "test")
+    basic_authorization(users(:normal_user).email, "test")
    get :api_details
    assert_response :success
-    # Now check the content of the XML returned
-    print @response.body
-    assert_select "osm:root[version=#{API_VERSION}][generator='#{GENERATOR}']", :count => 1 do
-      assert_select "user[display_name='#{usr.display_name}'][account_created='#{usr.creation_time.xmlschema}']", :count => 1 do
-      assert_select "home[lat='#{usr.home_lat}'][lon='#{usr.home_lon}'][zoom='#{usr.home_zoom}']", :count => 1
-      end
-    end
-    
-  end
-  
-  # Check that we can login through the web using the mixed case fixture,
-  # lower case and upper case
-  def test_user_login_web_case
-    login_web_case_ok users(:normal_user).email,  "test"
-    login_web_case_ok users(:normal_user).email.upcase, "test"
-    login_web_case_ok users(:normal_user).email.downcase, "test"
-  end
-
-  def login_web_case_ok(userstring, password)
-    post :login, :user => {:email => userstring, :password => password}
-    assert_redirected_to :controller => 'site', :action => 'index'
-  end
-
-  # Check that we can login to the api, and get the user details 
-  # using the mixed case fixture, lower case and upper case  
-  def test_user_login_api_case
-    login_api_case_ok users(:normal_user).email, "test"
-    login_api_case_ok users(:normal_user).email.upcase, "test"
-    login_api_case_ok users(:normal_user).email.downcase, "test"
-  end
-  
-  def login_api_case_ok(userstring, password)
-    basic_authorization(userstring, password)
-    get :api_details
-    assert :success
  end
 end