Sponsorship

If this request requires additional support (e.g., such as direct email/phone/meeting/development), I have the following interest in helping to sponsor the effot via GitHub Sponsors:

• None, please continute to work for me for free :P
• Absolutely, I get value out of this!
• Maybe later
• I'm already a sponsor... Woot!

Describe the bug

When I tried testing this, I successfully sent the notification, but then changed the casing of a single character, then attempted to validate the code. An exception was thrown, and I was redirected to the home page.

Software Versions

• DNN: 09.10.02
• Provider: 01.00.00

To Reproduce

Steps to reproduce the behavior:

1. Clean install of both.
2. Enable the provider in the persona bar > Site Settings.
3. Enable SMTP so emails will be sent (e.g., Smtp4Dev in development).
4. Attempt to log in as the superuser in an incognito window. This requires entering your username, and then clicking the Send Code link.
5. Copy the code from the email.
6. Before submitting, change any upper-case character to a lower-case character.
7. Click the Login button.

Expected behavior

There should have been an error message of some kind telling me that the code was not valid. (It is good for this to be case-sensitive.)

Actual behavior

An exception occurred, and I was redirected to the homepage.

Screenshots

If applicable, add screenshots to help explain your problem.

Error log

Message: Object reference not set to an instance of an object.  
StackTrace:  
InnerMessage: Object reference not set to an instance of an object.  
InnerStackTrace:  
   at UpendoVentures.Auth.UpendoDnnSimpleAuthProvider.Login.OnLoginClick(Object sender, EventArgs e)  
   at System.Web.UI.WebControls.LinkButton.OnClick(EventArgs e)  
   at System.Web.UI.WebControls.LinkButton.RaisePostBackEvent(String eventArgument)  
   at System.Web.UI.Page.<ProcessRequestMainAsync>d__523.MoveNext()  

With Symbols Loaded:

   at UpendoVentures.Auth.UpendoDnnSimpleAuthProvider.Login.OnLoginClick(Object sender, EventArgs e) in C:\Work\Dnn.Modules\UpendoSimpleAuth\Upendo-DNN-Simple-Auth-Provider\Modules\UpendoDnnSimpleAuthProvider\Login.ascx.cs:line 403
   at System.Web.UI.WebControls.LinkButton.OnClick(EventArgs e)
   at System.Web.UI.WebControls.LinkButton.RaisePostBackEvent(String eventArgument)
   at System.Web.UI.Page.<ProcessRequestMainAsync>d__523.MoveNext()

Additional context

This appears to be happening because the person that is entering the authentication details will always be assuming their username. To them, the username is whatever they've been using. It might be an email address, or it might literally be some sort of username.

Then, in the code, it's always assuming the email address is used. If a username was used, there will never be a user found.

The correct fix here is as follows:

1. If either the username or verification code are incorrect, it's the same result. A piece of information was incorrect. That's it. The same error message is displayed.
2. The Email column in the database should be renamed to Username. All related code will need to be updated.
3. The Code column in the database should be renamed to ValidationPacket to make its contents a bit more vague.
4. The code that is trying to tie together the username shouldn't be querying the Email property. Instead, it should be querying the Username property.

Also, please rename the data table from Upendo_Simple_Auth_VerificationCodes to Upendo_SimpleAuthVerification. This should need to be done in both SqlDataProvider files.

Understood! I get to work on this quickly.