Enforce lowercase usernames everywhere.

pgweb/account/forms.py

@@ -22,7 +22,7 @@ class SignupForm(forms.Form):
 		return email2
 
 	def clean_username(self):
-		username = self.cleaned_data['username']
+		username = self.cleaned_data['username'].lower()
 
 		try:
 			u = User.objects.get(username=username)

pgweb/account/views.py

@@ -93,7 +93,7 @@ def signup(request):
 			# Attempt to create the user here
 			# XXX: Do we need to validate something else?
 
-			user = User.objects.create_user(form.cleaned_data['username'], form.cleaned_data['email'])
+			user = User.objects.create_user(form.cleaned_data['username'].lower(), form.cleaned_data['email'])
 			user.first_name = form.cleaned_data['first_name']
 			user.last_name = form.cleaned_data['last_name']
 			user.save()

pgweb/util/auth.py

@@ -8,7 +8,7 @@ from django.db import connection
 class AuthBackend(ModelBackend):
 	def authenticate(self, username=None, password=None):
 		try:
-			user = User.objects.get(username=username)
+			user = User.objects.get(username=username.lower())
 
 			# If user is found, check the password using the django
 			# methods alone.
@@ -21,7 +21,7 @@ class AuthBackend(ModelBackend):
 			# User does not exist. See if it exists in the old system,
 			# and if it does, migrate it to the new one.
 			curs = connection.cursor()
-			curs.execute('SELECT * FROM community_login_old(%s,%s)', (username, password))
+			curs.execute('SELECT * FROM community_login_old(%s,%s)', (username.lower(), password))
 			rows = curs.fetchall()
 
 			if len(rows) != 1:
@@ -33,12 +33,12 @@ class AuthBackend(ModelBackend):
 				# we can think of.
 				namepieces = rows[0][2].split(None, 2)
 				if len(namepieces) == 1: namepieces[1] = ''
-				user = User(username=username, email=rows[0][3], first_name=namepieces[0], last_name=namepieces[1])
+				user = User(username=username.lower(), email=rows[0][3], first_name=namepieces[0], last_name=namepieces[1])
 				user.set_password(password)
 				user.save()
 
 				# Now delete the user in the old system so nobody can use it
-				curs.execute('SELECT * FROM community_login_old_delete(%s)', (username, ))
+				curs.execute('SELECT * FROM community_login_old_delete(%s)', (username.lower(), ))
 
 				return user
 			# Any other value in field 1 means login failed, so tell django we did

sql/community_login.sql

@@ -11,7 +11,7 @@ RETURNS record
 AS $$
 BEGIN
    SELECT
-     auth_user.username,
+     lower(auth_user.username),
      trim(auth_user.first_name || ' ' || auth_user.last_name),
      auth_user.email,
      '', -- we don't do authorblurbs anymore, but the API has them...