Merge branch 'change/strip-whitespace-from-username-input#42637' into 'master'

Trim whitespace from input in the username/email form field

Closes #42637

See merge request gitlab-org/gitlab-ce!17020

3 files changed, 14 insertions, 1 deletions

diff --git a/app/models/user.rb b/app/models/user.rb
index 4097fe2b5dc..5e84d2da805 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -249,7 +249,7 @@ class User < ActiveRecord::Base
     def find_for_database_authentication(warden_conditions)
       conditions = warden_conditions.dup
       if login = conditions.delete(:login)
-        where(conditions).find_by("lower(username) = :value OR lower(email) = :value", value: login.downcase)
+        where(conditions).find_by("lower(username) = :value OR lower(email) = :value", value: login.downcase.strip)
       else
         find_by(conditions)
       end
diff --git a/changelogs/unreleased/change-strip-whitespace-from-username-input-42637.yml b/changelogs/unreleased/change-strip-whitespace-from-username-input-42637.yml
new file mode 100644
index 00000000000..a51781396ee
--- /dev/null
+++ b/changelogs/unreleased/change-strip-whitespace-from-username-input-42637.yml
@@ -0,0 +1,5 @@
+---
+title: Remove whitespace from the username/email sign in form field
+merge_request: 17020
+author: Peter lauck
+type: changed
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 76a6aef39cc..1815696a8a0 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -893,6 +893,14 @@ describe User do
     end
   end
 
+  describe '.find_for_database_authentication' do
+    it 'strips whitespace from login' do
+      user = create(:user)
+
+      expect(described_class.find_for_database_authentication({ login: " #{user.username} " })).to eq user
+    end
+  end
+
   describe '.find_by_any_email' do
     it 'finds by primary email' do
       user = create(:user, email: 'foo@example.com')