wip #6059 @1.5

diff --git a/app/Fluidbook/Compiler/Secure.php b/app/Fluidbook/Compiler/Secure.php
index 6d72faf809f9ce1870f4a48bf753e2844a3bfa6d..b718bb8b1ac90a10e4d1e82d2d5d1edd30a0d287 100644 (file)
--- a/app/Fluidbook/Compiler/Secure.php
+++ b/app/Fluidbook/Compiler/Secure.php
@@ -30,7 +30,7 @@ trait Secure
                 continue;
             }
             $usersalt = bin2hex(random_bytes(5));
-            $user = hash("sha256", $usersalt . '+' . $e[0]);
+            $user = hash("sha256", $usersalt . '+' . mb_strtolower($e[0]));
             $users[$user] = ['salt' => $salt, 'usersalt' => $usersalt, 'hash' => hash("sha256", $salt . '-' . $e[1])];
         }
         return $users;
@@ -85,11 +85,15 @@ trait Secure
         $variables['FORM_SIGN_IN'] = $locale['Sign in'] ?? 'Sign in';
         $variables['CODE'] = '$(function () {
             $(\'form\').on(\'submit\', function () {
-                var u = $("#username").val();
+                var u = $("#username").val().toLowerCase();
                 var p = $("#password").val();
                 var error = true;
                 $.each(CREDENTIALS, function (user, data) {
-                    if (forge_sha256(data.usersalt + \'+\' + u) === user && forge_sha256(data.salt + \'-\' + p) === data.hash) {
+                    let hu = forge_sha256(data.usersalt + \'+\' + u);
+                    let hp = forge_sha256(data.salt + \'-\' + p);
+
+                    console.log(hu,hp)
+                    if (hu === user && hp === data.hash) {
                         error = false;
                         window.sessionStorage.setItem(\'secureUsername\', u);
                         window.sessionStorage.setItem(\'securePassword\', p);