Admin user authentication treats email addresses as case-sensitive #2789
Description
Description
Twill's admin authentication appears to treat email addresses as case-sensitive, causing login failures when users enter their email in a different case than how it was originally stored.
Steps to reproduce
- Create a Twill admin user with email
[email protected] - Attempt to log in with
[email protected] - Login fails
Expected result
Email addresses should be treated as case-insensitive for authentication. A user registered as [email protected] should be able to log in with [email protected].
- RFC 5321 recommends treating email addresses as case-insensitive for practical purposes
- All major email providers (Gmail, Outlook, Yahoo) treat addresses as case-insensitive
- Mobile devices often auto-capitalize the first letter, causing unexpected login failures
- This is a common UX friction point that leads to support requests
Actual result
Login fails when the email case doesn't exactly match the stored value.
Versions
- Twill version: 3.5.2
- Laravel version: 11
- PHP version: 8.3