Hi @sebastianpiskorski what is the actual problem or bug that this can cause?

E.g. a user who copy-pasted the e-mail address may later on try to login using lowercase e-mail address. And for sure this one will be hard to troubleshoot.

@mattab
Given:

• User have registered with email: ExamplE@eXample.Com
• User have tried to login with email example@example.com

Got:

• Login error.

Expected:

• Piwik successful login.

So i think that email input should be normalized to lower case.

Thanks for the report, we will investigate a fix

I think I'm missing something: users log into Piwik using their username, not emails. Where is the problem happening?

But they can enter e-mail as login. This is something to discuss further because forcing lowercase will also force lowercase logins. Maybe we should allow to use capital letters, but force lowercase only while checking if such username exists?

FYI: e-mail is the default username when using Piwik Cloud.

But they can enter e-mail as login

TIL 😄

So case insensitive for login and email would make sense then? I don't see a reason not to.

I'm sorry I'm maybe being dense here but I can't login into my Piwik Cloud account or my local dev Piwik using my email (checked several time that it's the correct email). Login in with the username of course works.

In the code, Auth calls $model->getUser($this->login) which search in database only over the login, not the email.

Where/how can we login with emails?

They can enter e-mail as login while signing up. I mean that login and e-mail are the same. Sorry for confusion.

not logging in by way of the actual email field of the user table, but the login field of the user table might contain an email address as its value.

They can enter e-mail as login while signing up. I mean that login and e-mail are the same. Sorry for confusion.

😖 Sorry, I didn't think of that because when I signed up to the cloud I ended up with the generic username of piwikadmin, so it didn't think more about that use case ;)

Then definitely will be case insensitive for all logins (emails and regular logins) since there's no difference between them.

Sure, we've changed this on Cloud recently. Cheers!

In my opinion users shouldn't be able to have two account which differ only by letter cases. Like "accont_login" and "AccOunt_loGin" shouldn't be two different logins.

PR: #8610

I just tried to reproduce this issue:

• created a user with login = test@test.com
• then tried creating a user with login = TEST@test.com
• Got: Login 'test@test.com' already exists.

What is the actual bug- @mnapoli @sebastianpiskorski could you reproduce this or am I doing something wrong

Ok got tip from @diosmosis " the bug is that the user created an account like: tesT@user.com by mistake and wants to login w/ test@user.com" so I get it now :)

Or if the user correctly signed up (without "typo") as matt or test@user.com and wants to login as Matt or Test@user.com :)

@mattab please see #8548 (comment) and #8548 (comment)

This comment: #8548 (comment)
introduced some confusion but I think that now we are one the same page.

Thanks!