🐛 Bug Report: e-mail address should be case-insensitive #49

New Issue

Closed

opened 2025-10-07 23:50:58 +03:00 by OVERLORD · 3 comments

OVERLORD commented 2025-10-07 23:50:58 +03:00

Owner

Copy Link

Originally created by @peterforeman on GitHub.

Reproduction steps

A user tried to login with e-mail, but did not get an e-mail with login token. After troubleshooting we discovered the e-mail was entered all lower case in pocket-id backend, but the user tried to login with some capitals (john.doe@example.com / John.Doe@example.com). This does not match since the SQL query does an exact match:

err := s.db.Model(&model.User{}).Select("id").Where("email = ?", userID).First(&userId).Error

Expected behavior

Make e-mail matching case insensitive.

Actual Behavior

The user did not get any mail.

Pocket ID Version

1.10.0

Database

SQLite (default install)

OS and Environment

Kubernetes cluster

Log Output

No response

Originally created by @peterforeman on GitHub. ### Reproduction steps A user tried to login with e-mail, but did not get an e-mail with login token. After troubleshooting we discovered the e-mail was entered all lower case in pocket-id backend, but the user tried to login with some capitals (john.doe@example.com / John.Doe@example.com). This does not match since the SQL query does an exact match: ``` err := s.db.Model(&model.User{}).Select("id").Where("email = ?", userID).First(&userId).Error``` ### Expected behavior Make e-mail matching case insensitive. ### Actual Behavior The user did not get any mail. ### Pocket ID Version 1.10.0 ### Database SQLite (default install) ### OS and Environment Kubernetes cluster ### Log Output _No response_

OVERLORD closed this issue 2025-10-07 23:50:59 +03:00

OVERLORD commented 2025-10-07 23:51:01 +03:00

Author

Owner

Copy Link

@peterforeman commented on GitHub:

Ah great! I could not find it as duplicate. Indeed duplicate of #770, but making it case insensitive makes it far more user friendly because that is what most (if not all) users would expect.

@peterforeman commented on GitHub: Ah great! I could not find it as duplicate. Indeed duplicate of #770, but making it case insensitive makes it far more user friendly because that is what most (if not all) users would expect.

OVERLORD commented 2025-10-07 23:51:01 +03:00

Author

Owner

Copy Link

@ItalyPaleAle commented on GitHub:

This was previously discussed here: https://github.com/pocket-id/pocket-id/issues/770

We changed Pocket ID to make the input field of type email so autocorrect wouldn't try to add capitalization.

Note that per RFC 2821:

The local-part of a mailbox MUST BE treated as case sensitive.

(Local-part is what's before @)

While most providers do treat emails in a case-insensitive way, it's allowed for a provider to treat John.Doe@example.com and john.doe@example.com as different emails. It's uncommon, but I have seen it myself at least once.

@ItalyPaleAle commented on GitHub: This was previously discussed here: https://github.com/pocket-id/pocket-id/issues/770 We changed Pocket ID to make the input field of type `email` so autocorrect wouldn't try to add capitalization. Note that per RFC 2821: > The local-part of a mailbox MUST BE treated as case sensitive. (Local-part is what's before `@`) While most providers do treat emails in a case-insensitive way, it's allowed for a provider to treat `John.Doe@example.com` and `john.doe@example.com` as different emails. It's uncommon, but I have seen it myself at least once.

OVERLORD commented 2025-10-07 23:51:01 +03:00

Author

Owner

Copy Link

@kmendell commented on GitHub:

Closing this as as @ItalyPaleAle said the RFC states they should be marked as case sensitive.

@kmendell commented on GitHub: Closing this as as @ItalyPaleAle said the RFC states they should be marked as case sensitive.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

oidc-scopes

breaking/v2

i18n_crowdin

v2/use-item-component

default-env-db-keys

slog-gorm

v1.16.0

v1.15.0

v1.14.2

v1.14.1

v1.14.0

v1.13.1

v1.13.0

v1.12.0

v1.11.2

v1.11.1

v1.11.0

v1.10.0

v1.9.1

v1.9.0

v1.8.1

v1.8.0

v1.7.0

v1.6.4

v1.6.3

v1.6.2

v1.6.1

v1.6.0

v1.5.0

v1.4.1

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.53.0

v0.52.0

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.0

v0.45.0

v0.44.0

v0.43.1

v0.43.0

v0.42.1

v0.42.0

v0.41.0

v0.40.1

v0.40.0

v0.39.0

v0.38.0

v0.37.0

v0.36.0

v0.35.6

v0.35.5

v0.35.4

v0.35.3

v0.35.2

v0.35.1

v0.35.0

v0.34.0

v0.33.0

v0.32.0

v0.31.0

v0.30.0

v0.29.0

v0.28.1

v0.28.0

v0.27.2

v0.27.1

v0.27.0

v0.26.0

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.0

v0.22.0

v0.21.0

v0.20.1

v0.20.0

v0.19.0

v0.18.0

v0.17.0

v0.16.0

v0.15.0

v0.14.0

v0.13.1

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.0

v0.8.1

v0.8.0

v0.7.1

v0.7.0

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.1

v0.4.0

v0.3.1

v0.3.0

v0.2.1

v0.2.0

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels

breaking

bug

documentation

feature

needs more upvotes

open to pull requests

pull-request

Mirrored from GitHub Pull Request

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/pocket-id-pocket-id-1#49