ensured usernames and passwords are case insensitive by enforcing lower case

Author: FareedQ

Sources/LocalAuthentication/Routing/jsonroutes/JSONHandlers.login.swift

@@ -42,7 +42,7 @@ extension LocalAuthJSONHandlers {
 			if let postBody = request.postBodyString, !postBody.isEmpty {
 				do {
 					let postBodyJSON = try postBody.jsonDecode() as? [String: String] ?? [String: String]()
-					if let u = postBodyJSON["username"], !u.isEmpty,
+					if let u = postBodyJSON["username"]?.lowercased(), !u.isEmpty,
 						let p = postBodyJSON["password"], !p.isEmpty {
 
 						do{

Sources/LocalAuthentication/Routing/jsonroutes/JSONHandlers.register.swift

@@ -28,8 +28,8 @@ extension LocalAuthJSONHandlers {
 			if let postBody = request.postBodyString, !postBody.isEmpty {
 				do {
 					let postBodyJSON = try postBody.jsonDecode() as? [String: String] ?? [String: String]()
-					if let u = postBodyJSON["username"], !u.isEmpty,
-						let e = postBodyJSON["email"], !e.isEmpty {
+					if let u = postBodyJSON["username"]?.lowercased(), !u.isEmpty,
+                        let e = postBodyJSON["email"]?.lowercased(), !e.isEmpty {
 						let err = Account.register(u, e, .provisional, baseURL: AuthenticationVariables.baseURL)
 						if err != .noError {
 							LocalAuthHandlers.error(request, response, error: "Registration Error: \(err)", code: .badRequest)

Sources/LocalAuthentication/Routing/webroutes/WebHandlers.login.swift

@@ -23,7 +23,7 @@ extension LocalAuthWebHandlers {
 			var context: [String : Any] = ["title": "Perfect Authentication Server"]
 			context["csrfToken"] = request.session?.data["csrf"] as? String ?? ""
 
-			if let u = request.param(name: "username"), !(u as String).isEmpty,
+			if let u = request.param(name: "username")?.lowercased(), !(u as String).isEmpty,
 				let p = request.param(name: "password"), !(p as String).isEmpty {
 				do {
 					let acc = try Account.login(u, p)

Sources/LocalAuthentication/Routing/webroutes/WebHandlers.register.swift

@@ -35,8 +35,8 @@ extension LocalAuthWebHandlers {
 			if let i = request.session?.userid, !i.isEmpty { response.redirect(path: "/") }
 			var context: [String : Any] = ["title": "Perfect Authentication Server"]
 
-			if let u = request.param(name: "username"), !(u as String).isEmpty,
-				let e = request.param(name: "email"), !(e as String).isEmpty {
+			if let u = request.param(name: "username")?.lowercased(), !(u as String).isEmpty,
+				let e = request.param(name: "email")?.lowercased(), !(e as String).isEmpty {
 				let err = Account.register(u, e, .provisional, baseURL: AuthenticationVariables.baseURL)
 				if err != .noError {
 					print(err)