Perform case-insensitive username checking

Fixes #34.

Author: domenic

__tests__/__snapshots__/get-user-status.js.snap

@@ -11,6 +11,17 @@ Object {
 }
 `;
 
+exports[`Individual exists, but their username is spelled with a different case 1`] = `
+Object {
+  "context": "Participation",
+  "description": "@JANEdoetw has signed up to participate as an individual",
+  "isNothing": false,
+  "longDescription": "@JANEdoetw has signed up to participate as an individual. All is well; contribute at will!",
+  "state": "success",
+  "target_url": "https://participate.whatwg.org/agreement-status?user=JANEdoetw&repo=console",
+}
+`;
+
 exports[`Individual, participating in all workstreams, unverified 1`] = `
 Object {
   "context": "Participation",

__tests__/get-user-status.js

@@ -211,3 +211,10 @@ test("Individuals exist, but the user is not one of them; it is an XSS attempt",
   ]);
   expect(await getUserStatus("<script>alert(1);</script>", "console")).toMatchSnapshot();
 });
+
+
+test("Individual exists, but their username is spelled with a different case", async () => {
+  mockData.set("individual-public", [individualData(["console"], true, { id: "janeDOEtw" })]);
+
+  expect(await getUserStatus("JANEdoetw", "console")).toMatchSnapshot();
+});

lib/get-user-status.js

@@ -15,7 +15,8 @@ module.exports = async (submitterGitHubID, repoName) => {
   ]);
 
   for (const individual of individualsData.content) {
-    if (individual.info.gitHubID === submitterGitHubID) {
+    // Using .toLowerCase() is safe because GitHub usernames only allow ASCII.
+    if (individual.info.gitHubID.toLowerCase() === submitterGitHubID.toLowerCase()) {
       if (individual.verified) {
         if (individual.workstreams === "all" || individual.workstreams.includes(repoName)) {
           return statusIndividual(submitterGitHubID, repoName);