Strip whitespace from login on login page (#22532).

Patch by Artur Borisovich and Marius BALTEANU.


git-svn-id: http://svn.redmine.org/redmine/trunk@17113 e93f8b46-1217-0410-a6f0-8f06a7374b81

app/models/user.rb

@@ -216,7 +216,7 @@ class User < Principal
 
   # Returns the user that matches provided login and password, or nil
   def self.try_to_login(login, password, active_only=true)
-    login = login.to_s
+    login = login.to_s.strip
     password = password.to_s
 
     # Make sure no one can sign in with an empty login or password

test/functional/account_controller_test.rb

@@ -220,6 +220,15 @@ class AccountControllerTest < Redmine::ControllerTest
     assert_response 302
   end
 
+  def test_login_should_strip_whitespaces_from_user_name
+    post :login, :params => {
+        :username => ' jsmith ',
+        :password => 'jsmith'
+      }
+    assert_response 302
+    assert_equal 2, @request.session[:user_id]
+  end
+
   def test_get_logout_should_not_logout
     @request.session[:user_id] = 2
     get :logout