bilalshaikh292
commented
1 year ago heyy I would like to contribute ?
Open shane-tang opened 1 year ago
bilalshaikh292
commented
1 year ago heyy I would like to contribute ?
Maanit491
commented
1 month ago Hello, I would like to contribute on this error:)
Affected Platforms
Description
Today, you cannot register as
USERNAMEif someone else already registered asusername. Most of the codebase now enforces case-insensitive username uniqueness. Account login is one of the few places that is still case-sensitive to usernames. If you registered asUsernamethen you cannot log in asusername. This is problematic for a couple of reasons:Caveats
Even though new account usernames cannot collide with existing account usernames, I acknowledge there's a chance that username collisions might exist from before this constraint was implemented. We can't naively say that all usernames are currently case-insensitively unique. Unless there has been some server backfill to address this, there are undoubtedly a small handful of colliding usernames. I'd bet there are users with the usernames
bobandBob.However, it should be possible to use case-insensitive logins when there is exactly one user with the "same" username, then fallback to case-sensitive logins when there are multiple users with the "same" username.
For example:
Uniquethen I should be able to log in usinguniqueorUNIQUEoruNiQuE.collisionand another user namedCOLLISION, then both of these users should follow the existing login behavior and should only be able to log in using their case-sensitive username. A login attempt with the usernameCollisionshould always fail because it's ambiguous which user model should be retrieved.Additional Notes
The reason I'm posting this as a GitHub issue is because I already have a PR fix up.