mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-02-23 20:01:01 -05:00
c3091223a9
We don’t want a single person to have two accounts on an emergency alerts service because it would let them circumvent the two eyes approval process. We can go some way to mitigating against this by stopping people using common methods that email providers use to alias email addresses. These are: - being case insensitive - being insensitive to the position or number of dots in the local part of an email address - using ‘plus addressing’ We already prevent the first one, this commit adds normalisation which strip out the second two before doing the comparision with the current user’s email address.