search

riverrun / openmaize

No longer maintained - was an Authentication library for Plug-based applications in Elixir
Other
206 stars 30 forks source link

Confirmation fails with emails that include a plus sign #36

Closed jaimeiniesta closed 8 years ago

jaimeiniesta commented 8 years ago

When a user signs up using an email that includes a plus sign (like jaimeiniesta+25@gmail.com), the password confirmation link fails - when it looks for the user on the DB, it removes the plus sign:

[info] GET /confirm
[debug] Processing by Rocket.PageController.confirm/2
  Parameters: %{"email" => "jaimeiniesta+25@gmail.com", "key" => "2W07KNzO30VAnocM..."}
  Pipelines: [:browser]
[debug] SELECT u0."id", u0."name", u0."email", u0."password_hash", u0."role", u0."confirmed_at", u0."confirmation_token", u0."confirmation_sent_at", u0."reset_token", u0."reset_sent_at", u0."inserted_at", u0."updated_at" FROM "users" AS u0 WHERE (u0."email" = $1) ["jaimeiniesta 25@gmail.com"] OK query=13.1ms queue=0.2ms
[info] Sent 302 in 15ms
[debug] Rocket.PageController halted in :action/2
[info] GET /login
[debug] Processing by Rocket.PageController.login/2
  Parameters: %{}
  Pipelines: [:browser]
[info] Sent 200 in 7ms
jaimeiniesta commented 8 years ago

It looks like the plus sign is being wiped out here: https://github.com/elixircnx/openmaize/blob/master/lib/openmaize/confirm/base.ex#L52

iex(1)> URI.decode_www_form("jaime+25@gmail.com")
"jaime 25@gmail.com"