500 Error when activating user account with uppercase character in mail address

[DrMaxNix]

Steps to Reproduce

1. Log out
2. Go to "Register" (/user/sign_up)
3. Enter any Username
4. Enter Mail Address [email protected] or anything else really, as long as the user part contains an uppercase character
5. Enter any Password twice
6. Solve captcha and Submit
7. Click on the link sent by mail
8. "Activate Your Account" will open and ask for your password
9. Enter your password and click "Confirm Password"
10. You should now see a 500 Internal Server Error page on the /user/activate route

Log

The log shows following lines:

2024/12/12 09:15:08 ...eb/routing/logger.go:102:func1() [I] router: completed POST /user/sign_up for 127.0.0.1:36906, 200 OK in 60.2ms @ auth/auth.go:453(auth.SignUpPost)
2024/12/12 09:15:16 ...eb/routing/logger.go:102:func1() [I] router: completed GET /user/activate?code=2024121209150001806edc018960b6c1042efef74ee3c2b120d9f791287570706572636173653939 for 127.0.0.1:36906, 200 OK in 6.6ms @ auth/auth.go:685(auth.Activate)
2024/12/12 09:15:21 ...ers/web/auth/auth.go:793:handleAccountActivation() [E] Unable to activate email for user: <User 20:Uppercase99> with email: [email protected]: no user with ID: 20 and Email: [email protected]
2024/12/12 09:15:21 ...ers/web/auth/auth.go:794:handleAccountActivation() [E] ActivateUserEmail: no user with ID: 20 and Email: [email protected]
2024/12/12 09:15:21 ...eb/routing/logger.go:102:func1() [I] router: completed POST /user/activate for 127.0.0.1:36906, 500 Internal Server Error in 62.3ms @ auth/auth.go:724(auth.ActivatePost)

The mail address used for registering was [email protected], whereas the log shows it as its all-lowercase version [email protected]. There is probably a lowercase translation at some point, which is not consistent across the full codebase.

(Also I know that mail should be case insensitive and thus can be entered all-lowercase, but there are some meikro$oft fans out there who love to capitalize the first letters of the first and last name in their mail address like this: [email protected].)

Gitea Version

1.22.5

Can you reproduce the bug on the Gitea demo site?

No (registration disabled)

Operating System

Linux

How are you running Gitea?

self-built binary run from command line (test environment), but also tested on our production instance at https://git.tjdev.de (still running 1.22.4 at the point of writing)

Database

MySQL/MariaDB

[Zettat123]

Took a cursory look. Maybe we should use lowercase email to query the user here

gitea/models/user/email_address.go

Lines 488 to 493 in c0092af

	user, exist, err := db.Get[User](ctx, builder.Eq{"id": userID, "email": email})
	if err != nil {
	return err
	} else if !exist {
	return fmt.Errorf("no user with ID: %d and Email: %s", userID, email)
	}