* Validate register usernames on the back-end. Fixes #716 * Changing name to is_valid_username
This commit is contained in:
Dessalines
GitHub
parent
871f09d109
commit
29fc3681b9
3 changed files with 22 additions and 2 deletions
|
|
@ -1,4 +1,5 @@
|
||||||
use super::*;
|
use super::*;
|
||||||
|
use crate::is_valid_username;
|
||||||
use bcrypt::verify;
|
use bcrypt::verify;
|
||||||
|
|
||||||
#[derive(Serialize, Deserialize, Debug)]
|
#[derive(Serialize, Deserialize, Debug)]
|
||||||
|
|
@ -261,6 +262,10 @@ impl Perform for Oper<Register> {
|
||||||
return Err(APIError::err("admin_already_created").into());
|
return Err(APIError::err("admin_already_created").into());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if !is_valid_username(&data.username) {
|
||||||
|
return Err(APIError::err("invalid_username").into());
|
||||||
|
}
|
||||||
|
|
||||||
// Register the new user
|
// Register the new user
|
||||||
let user_form = UserForm {
|
let user_form = UserForm {
|
||||||
name: data.username.to_owned(),
|
name: data.username.to_owned(),
|
||||||
|
|
|
||||||
|
|
@ -269,11 +269,15 @@ pub fn get_ip(conn_info: &ConnectionInfo) -> String {
|
||||||
.to_string()
|
.to_string()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn is_valid_username(name: &str) -> bool {
|
||||||
|
VALID_USERNAME_REGEX.is_match(name)
|
||||||
|
}
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod tests {
|
mod tests {
|
||||||
use crate::{
|
use crate::{
|
||||||
extract_usernames, is_email_regex, is_image_content_type, remove_slurs, slur_check,
|
extract_usernames, is_email_regex, is_image_content_type, is_valid_username, remove_slurs,
|
||||||
slurs_vec_to_str,
|
slur_check, slurs_vec_to_str,
|
||||||
};
|
};
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
|
|
@ -291,6 +295,15 @@ mod tests {
|
||||||
assert!(!is_email_regex("nada_neutho"));
|
assert!(!is_email_regex("nada_neutho"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn test_valid_register_username() {
|
||||||
|
assert!(is_valid_username("Hello_98"));
|
||||||
|
assert!(is_valid_username("ten"));
|
||||||
|
assert!(!is_valid_username("Hello-98"));
|
||||||
|
assert!(!is_valid_username("a"));
|
||||||
|
assert!(!is_valid_username(""));
|
||||||
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn test_slur_filter() {
|
fn test_slur_filter() {
|
||||||
let test =
|
let test =
|
||||||
|
|
@ -352,4 +365,5 @@ lazy_static! {
|
||||||
static ref EMAIL_REGEX: Regex = Regex::new(r"^[a-zA-Z0-9.!#$%&’*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$").unwrap();
|
static ref EMAIL_REGEX: Regex = Regex::new(r"^[a-zA-Z0-9.!#$%&’*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$").unwrap();
|
||||||
static ref SLUR_REGEX: Regex = RegexBuilder::new(r"(fag(g|got|tard)?|maricos?|cock\s?sucker(s|ing)?|nig(\b|g?(a|er)?(s|z)?)\b|dindu(s?)|mudslime?s?|kikes?|mongoloids?|towel\s*heads?|\bspi(c|k)s?\b|\bchinks?|niglets?|beaners?|\bnips?\b|\bcoons?\b|jungle\s*bunn(y|ies?)|jigg?aboo?s?|\bpakis?\b|rag\s*heads?|gooks?|cunts?|bitch(es|ing|y)?|puss(y|ies?)|twats?|feminazis?|whor(es?|ing)|\bslut(s|t?y)?|\btrann?(y|ies?)|ladyboy(s?)|\b(b|re|r)tard(ed)?s?)").case_insensitive(true).build().unwrap();
|
static ref SLUR_REGEX: Regex = RegexBuilder::new(r"(fag(g|got|tard)?|maricos?|cock\s?sucker(s|ing)?|nig(\b|g?(a|er)?(s|z)?)\b|dindu(s?)|mudslime?s?|kikes?|mongoloids?|towel\s*heads?|\bspi(c|k)s?\b|\bchinks?|niglets?|beaners?|\bnips?\b|\bcoons?\b|jungle\s*bunn(y|ies?)|jigg?aboo?s?|\bpakis?\b|rag\s*heads?|gooks?|cunts?|bitch(es|ing|y)?|puss(y|ies?)|twats?|feminazis?|whor(es?|ing)|\bslut(s|t?y)?|\btrann?(y|ies?)|ladyboy(s?)|\b(b|re|r)tard(ed)?s?)").case_insensitive(true).build().unwrap();
|
||||||
static ref USERNAME_MATCHES_REGEX: Regex = Regex::new(r"/u/[a-zA-Z][0-9a-zA-Z_]*").unwrap();
|
static ref USERNAME_MATCHES_REGEX: Regex = Regex::new(r"/u/[a-zA-Z][0-9a-zA-Z_]*").unwrap();
|
||||||
|
static ref VALID_USERNAME_REGEX: Regex = Regex::new(r"^[a-zA-Z0-9_]{3,20}$").unwrap();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
1
ui/translations/en.json
vendored
1
ui/translations/en.json
vendored
|
|
@ -249,6 +249,7 @@
|
||||||
"Couldn't find that username or email.",
|
"Couldn't find that username or email.",
|
||||||
"password_incorrect": "Password incorrect.",
|
"password_incorrect": "Password incorrect.",
|
||||||
"passwords_dont_match": "Passwords do not match.",
|
"passwords_dont_match": "Passwords do not match.",
|
||||||
|
"invalid_username": "Invalid username.",
|
||||||
"admin_already_created": "Sorry, there's already an admin.",
|
"admin_already_created": "Sorry, there's already an admin.",
|
||||||
"user_already_exists": "User already exists.",
|
"user_already_exists": "User already exists.",
|
||||||
"email_already_exists": "Email already exists.",
|
"email_already_exists": "Email already exists.",
|
||||||
|
|
|
||||||
Reference in a new issue