Use email address as login name on a plone 6 site and I can log into the backend with my email address with mixed case letters but when I try this on the frontend it says email addresses are case sensitive. Is there a way to turn this off in volto?
Email addresses are not case-sensitive.
I tested this on two volto site and two different instances and got the same result. Could I have configured something incorrectly?
No idea about Volto.
Sounds like Volto is making stupid assumptions about email addresses.
Again, email@example.com is identical to FOO@BaR.CoM .
Backend: theres the
login_transform property in PAS which is set to
lower for email login (see Products.CMFPlone/Products/CMFPlone/controlpanel/utils.py at master · plone/Products.CMFPlone · GitHub) ... So PAS always transforms the input to lowercase before checking the credentials (Products.PluggableAuthService/Products/PluggableAuthService/PluggableAuthService.py at master · plone/Products.PluggableAuthService · GitHub)
Plone Classic doesn't warn you about this... not sure if Volto should...
I wrote a test script that talks to a local site via plone.restapi and it is definitely case sensitive. Yet the documentation says plone.restapi Authentication uses PlonePas.