From cb7fa0a081632d9c6abac9216eaaf2dcc4ec23b4 Mon Sep 17 00:00:00 2001
From: Hugo Sales <hugo@hsal.es>
Date: Mon, 26 Jul 2021 17:12:15 +0000
Subject: [PATCH] [SECURITY] Remove aggressive normalization of nicknames. This
 will be moved to a plugin in the future and we'll open an RFC, as discussed

---
 src/Security/Authenticator.php | 3 ++-
 src/Util/Nickname.php          | 6 +++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/Security/Authenticator.php b/src/Security/Authenticator.php
index 30fdc140db..babb93c0b9 100644
--- a/src/Security/Authenticator.php
+++ b/src/Security/Authenticator.php
@@ -90,7 +90,8 @@ class Authenticator extends AbstractFormLoginAuthenticator
             throw new InvalidCsrfTokenException();
         }
 
-        $nick = Nickname::normalize($credentials['nickname']);
+        // $nick = Nickname::normalize($credentials['nickname']);
+        $nick = $credentials['nickname'];
         $user = null;
         try {
             $user = DB::findOneBy('local_user', ['or' => ['nickname' => $nick, 'outgoing_email' => $nick]]);
diff --git a/src/Util/Nickname.php b/src/Util/Nickname.php
index f7d8292262..558b417c03 100644
--- a/src/Util/Nickname.php
+++ b/src/Util/Nickname.php
@@ -144,9 +144,9 @@ class Nickname
         }
 
         $nickname = trim($nickname);
-        $nickname = str_replace('_', '', $nickname);
-        $nickname = mb_strtolower($nickname);
-        $nickname = Normalizer::normalize($nickname, Normalizer::FORM_C);
+        // $nickname = str_replace('_', '', $nickname);
+        // $nickname = mb_strtolower($nickname);
+        // $nickname = Normalizer::normalize($nickname, Normalizer::FORM_C);
 
         if (!$checking_reserved) {
             if (mb_strlen($nickname) < 1) {