5

Is there a way to get Asp.Net Identity to be case insensitive with email addresses and usernames?

At the moment if I call "FindByEmailAsync(email)" it will only work if the email address is being stored exactly as it's is typed (case sensitive)

mynkow
  • 4,408
  • 4
  • 38
  • 65
user441365
  • 3,934
  • 11
  • 43
  • 62

1 Answers1

5

You can change how the user is registered so that the username is set to lowercase and when logging in as well.

For registering the user, in the AccountController

    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public async Task<ActionResult> Register(RegisterViewModel model)
    {
        if (ModelState.IsValid)
        {
            var user = new ApplicationUser() { UserName = model.Email.ToLowerInvariant(), Email = model.Email };
            IdentityResult result = await UserManager.CreateAsync(user, model.Password);
            if (result.Succeeded)
            {
                await SignInAsync(user, isPersistent: false);

                return RedirectToAction("Index", "Home");
            }
            else
            {
                AddErrors(result);
            }
        }

And for logging in:

    [HttpPost]
    [AllowAnonymous]
    [ValidateAntiForgeryToken]
    public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
    {
        if (ModelState.IsValid)
        {
            var user = await UserManager.FindAsync(model.Email.ToLowerInvariant(), model.Password);
            if (user != null)
            {
                await SignInAsync(user, model.RememberMe);
                return RedirectToLocal(returnUrl);
            }
            else
            {
                ModelState.AddModelError("", "Invalid username or password.");
            }
        }

        // If we got this far, something failed, redisplay form
        return View(model);
    }
Rui
  • 4,847
  • 3
  • 29
  • 35
  • 1
    Isn't there a setting in Asp.Net Identity to make it case insensitive? – user441365 Jul 15 '14 at 15:45
  • That I know off, there's only the PasswordValidator options, you can find them in the ApplicationUserManager class in the static Create method – Rui Jul 15 '14 at 15:46
  • Regarding the username the only options are: AllowOnlyAlphanumericUserNames and RequireUniqueEmail :(. What you can do is change them in the database. You can either do that with Management Studio (if you are using SQL server) or if you want to use the new Identity stuff you can use the IdentityDbContext. In identity 2.0 it's stored in the OwinContext, you can get to it in a controller action by doing HttpContext.GetOwinContext().Get(); – Rui Jul 15 '14 at 15:49
  • I would think this would be based on your database configuration. If the database is set to be case insensitive then your lookups would be case insensitive. Passwords are not because they are hashed values. – Erik Funkenbusch Jul 15 '14 at 15:49
  • @ErikFunkenbusch That works as well. But isn't that a global setting? – Rui Jul 15 '14 at 15:51
  • @Rui - No, you can set it on a per column basis if you want. http://msdn.microsoft.com/en-us/library/ms190920.aspx, another option, which is kind of hack.. hash the username before you look it up... Since you're not concerned about security on the username, you don't need to salt it or anything.. just run it through a hash to make it unique. This means you can have users bob, BOB, BoB, bOb, Bob, boB, etc.. all as unique users. – Erik Funkenbusch Jul 15 '14 at 15:53
  • @ErikFunkenbusch Thanks for that, and [here's](http://stackoverflow.com/questions/5285781/entity-framework-code-first-change-table-column-collation) how you can do it using code first – Rui Jul 15 '14 at 15:56
  • I'm actually using MongoDB - does MongoDB have something similar to that? – user441365 Jul 15 '14 at 16:06
  • Right I will just update all usernames/emails on the db and set them all to lowercase – user441365 Jul 16 '14 at 09:11
  • 3
    This answer should just have said: "No, so use `ToLower()`" – Léon Pelletier May 21 '15 at 21:57