From 511b3d7b6b024f7a4c4fcec9b8aecf769cb6859c Mon Sep 17 00:00:00 2001
From: Walter <walter@walter.lol>
Date: Fri, 21 Feb 2025 06:33:58 +0100
Subject: [PATCH] Fixed case insensitivity in user accounts

---
 app/settings/settings.py |  4 +---
 app/users/backends.py    | 23 +++++++++++------------
 app/users/models.py      |  1 +
 3 files changed, 13 insertions(+), 15 deletions(-)

diff --git a/app/settings/settings.py b/app/settings/settings.py
index 2d8479a..eec8cfc 100644
--- a/app/settings/settings.py
+++ b/app/settings/settings.py
@@ -123,9 +123,7 @@ AUTH_PASSWORD_VALIDATORS = [
     },
 ]
 
-#AUTHENTICATION_BACKENDS = (
-#    "users.backends.CaseInsensitiveModelBackend", # inherits from 'django.contrib.auth.backends.ModelBackend'
-#)
+AUTHENTICATION_BACKENDS = ["users.backends.CaseInsensitiveModelBackend"]
 
 # Internationalization
 # https://docs.djangoproject.com/en/3.2/topics/i18n/
diff --git a/app/users/backends.py b/app/users/backends.py
index 4353671..8314928 100644
--- a/app/users/backends.py
+++ b/app/users/backends.py
@@ -1,21 +1,20 @@
-from django.contrib.auth.backends import ModelBackend
 from django.contrib.auth import get_user_model
+from django.contrib.auth.backends import ModelBackend
+
+UserModel = get_user_model()
 
-from users.models import User
 
 class CaseInsensitiveModelBackend(ModelBackend):
-    def authenticate(self, username=None, password=None, **kwargs):
-        UserModel = get_user_model()
+
+    def authenticate(self, request, username=None, password=None, **kwargs):
         if username is None:
             username = kwargs.get(UserModel.USERNAME_FIELD)
+        if username is None or password is None:
+            return
         try:
-            d = {'%s__iexact'%UserModel.USERNAME_FIELD: username}
-            user = UserModel.objects.get(**d)
-            if user.check_password(password):
-                return user
+            user = UserModel._default_manager.get(username__iexact=username)
         except UserModel.DoesNotExist:
-            # Run the default password hasher once to reduce the timing
-            # difference between an existing and a non-existing user (#20760).
             UserModel().set_password(password)
-
-        return None
+            return
+        if user.check_password(password) and self.user_can_authenticate(user):
+            return user
\ No newline at end of file
diff --git a/app/users/models.py b/app/users/models.py
index 4db44bd..7363a0a 100644
--- a/app/users/models.py
+++ b/app/users/models.py
@@ -12,6 +12,7 @@ class InviteCode(models.Model):
     def __str__(self):
         return f"{self.title} | code: {self.code}"
 
+
 class Player(models.Model):
     user = models.OneToOneField(User, on_delete=models.CASCADE, related_name="player")
     # Profile