Merge branch 'dev'

README.md

@@ -9,7 +9,7 @@ Canopy
 <a href="https://git.ourfore.st/rainbownapkin/canopy/issues" target="_blank"><img src="https://git.ourfore.st/rainbownapkin/canopy/badges/issues/closed.svg"></a>
 <a href="https://www.gnu.org/licenses/agpl-3.0.en.html" target="_blank"><img src="https://img.shields.io/badge/License-AGPL_v3-663366.svg"></a>
 
-0.1-Alpha
+0.1-Alpha (Panama Red) - Hotfix 1
 =========
 
 Canopy - /ˈkæ.nə.pi/:

package.json

@@ -1,7 +1,7 @@
 {
   "name": "canopy-of-alpha",
-  "version": "0.1",
+  "version": "0.1.1",
-  "canopyDisplayVersion": "0.1-Alpha",
+  "canopyDisplayVersion": "0.1-Alpha (Panama Red) - Hotfix 1",
   "license": "AGPL-3.0-only",
   "dependencies": {
     "@braintree/sanitize-url": "^7.1.1",

src/controllers/api/account/emailChangeRequestController.js

@@ -60,7 +60,7 @@ module.exports.post = async function(req, res){
 
 
             //Look through DB and migration cache for existing email
-            const existingDB = await userModel.findOne({email: new RegExp(email, 'i')});
+            const existingDB = await userModel.findOne({email: new RegExp(`^${email}$`, 'i')});
             const needsMigration = userModel.migrationCache.emails.includes(email.toLowerCase());
 
             //If the email is in use

src/controllers/api/account/loginController.js

@@ -90,7 +90,7 @@ module.exports.post = async function(req, res){
             const {user, pass} = matchedData(req);
 
             //Look for the username in the migration DB
-            const migrationDB = await migrationModel.findOne({user});
+            const migrationDB = await migrationModel.findOne({user: new RegExp(`^${user}$`, 'i')});
 
             //If we found a migration profile
             if(migrationDB != null){

src/schemas/user/migrationSchema.js

@@ -323,7 +323,7 @@ migrationSchema.statics.buildMigrationCache = async function(){
 
 migrationSchema.statics.consumeByUsername = async function(ip, migration){
     //Pull migration doc by case-insensitive username
-    const migrationDB = await this.findOne({user: new RegExp(migration.user, 'i')});
+    const migrationDB = await this.findOne({user: new RegExp(`^${migration.user}$`, 'i')});
 
     //If we have no migration document
     if(migrationDB == null){

src/schemas/user/userSchema.js

@@ -256,13 +256,13 @@ userSchema.statics.register = async function(userObj, ip){
     //Check password confirmation matches
     if(pass == passConfirm){
         //Setup user query
-        let userQuery = {user: new RegExp(user, 'i')};
+        let userQuery = {user: new RegExp(`^${user}$`, 'i')};
 
         //If we have an email
         if(email != null && email != ""){
             userQuery = {$or: [
                 userQuery,
-                {email: new RegExp(email, 'i')}
+                {email: new RegExp(`^${email}$`, 'i')}
             ]};
         }
 
@@ -319,7 +319,7 @@ userSchema.statics.authenticate = async function(user, pass, failLine = "Bad Use
     }
 
     //get the user if it exists
-    const userDB = await this.findOne({ user:  new RegExp(user, 'i')});
+    const userDB = await this.findOne({ user: new RegExp(`^${user}$`, 'i')});
 
     //if not scream and shout
     if(!userDB){