[identity] fix issues with capitalized usernames in users and reserved usernames tables
ClosedPublic
Actions

Authored by varun on Jul 9 2024, 9:34 AM.

Details

Reviewers

will
tomek
ashoat

Commits

rCOMM8383596b0c9c: [identity] fix issues with capitalized usernames in users and reserved…

Summary

we have to store usernames in their original form and in their lowercase form in these two dynamodb tables because we need case-insensitive uniqueness checks and case-sensitive retrievals. if a user registered with the username "ashoat," we should allow that user to log in with "Ashoat," too. however, we should not allow a different user to register the username "Ashoat."

searched for all places where we use USERS_TABLE_USERNAME_ATTRIBUTE or RESERVED_USERNAMES_TABLE_PARTITION_KEY and checked whether we were doing a retrieval or uniqueness check
if we were doing a uniqueness check, i swapped out the attribute with the lowercase equivalent. i made sure we always write the lowercase username to DDB along with the original username.

would normally add @bartek here but he's on vacation

Test Plan

registered username pamela
tried logging in with capitalized Pamela -> succeeded
tried registering a new user Pamela -> failed
registered a new user KidRock directly with local keyserver
tried to log in with usingCSAT=true and username kidrock -> succeeded
registered a new user tommylee directly with local keyserver
tried to log in with usingCSAT=true and username TommyLee -> succeeded

Diff Detail

Repository

rCOMM Comm

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

varun created this revision.Jul 9 2024, 9:34 AM

varun published this revision for review.Jul 9 2024, 9:40 AM

Harbormaster completed remote builds in B30224: Diff 42145.Jul 9 2024, 9:51 AM

I don't feel qualified to review this diff... @will, could you maybe take a look?

Directly synced with Varun. Looks good. Before landing make sure to remove need for unnecessary partition key check and add a comment for changes starting from line 340 in services/identity/src/database.rs

This revision is now accepted and ready to land.Jul 10 2024, 9:34 AM

some small fixes

This revision was landed with ongoing or failed builds.Jul 10 2024, 11:48 PM

Closed by commit rCOMM8383596b0c9c: [identity] fix issues with capitalized usernames in users and reserved… (authored by varun). · Explain Why

This revision was automatically updated to reflect the committed changes.

varun added a commit: rCOMM8383596b0c9c: [identity] fix issues with capitalized usernames in users and reserved….

In D12704#360102, @will wrote:

Directly synced with Varun. Looks good. Before landing make sure to remove need for unnecessary partition key check and add a comment for changes starting from line 340 in services/identity/src/database.rs

ended up rewriting this code so there was no need for the code comment

Harbormaster completed remote builds in B30275: Diff 42216.Jul 10 2024, 11:56 PM

varun mentioned this in D12723: [terraform] bump staging identity to 0.29-staging.Jul 11 2024, 12:21 AM

This diff caused https://linear.app/comm/issue/ENG-8810/unable-to-login - we're reading from the new index but we didn't create records in it for existing users.

varun mentioned this in rCOMM9110bf477939: [terraform] bump staging identity to 0.29-staging.Jul 11 2024, 12:37 PM