fix: case-insensitive login for username and email
This commit is contained in:
@@ -172,7 +172,7 @@ func (h *Handler) Login(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
var userID, hash string
|
||||
err := h.db.QueryRowContext(r.Context(), `
|
||||
SELECT id, password_hash FROM users WHERE email = $1 OR username = $1
|
||||
SELECT id, password_hash FROM users WHERE LOWER(email) = LOWER($1) OR LOWER(username) = LOWER($1)
|
||||
`, login).Scan(&userID, &hash)
|
||||
if err != nil {
|
||||
http.Error(w, `{"error":"invalid credentials"}`, http.StatusUnauthorized)
|
||||
|
||||
Reference in New Issue
Block a user