commit 4451c18c66657ea2348e23dd628e6385b9b00327
parent d7dbc01a0fc360b30420dee796a84c0488fbc171
Author: n0tr1v <n0tr1v@protonmail.com>
Date: Wed, 9 Nov 2022 20:30:51 -0800
fix username validation & simplify code
Diffstat:
2 files changed, 15 insertions(+), 12 deletions(-)
diff --git a/pkg/database/tableUsers.go b/pkg/database/tableUsers.go
@@ -451,26 +451,29 @@ func CanUseUsername(username string, isFirstUser bool) error {
}
// CreateUser ...
-func CreateUser(username, password, repassword, gpgPublicKey string, isAdmin, verified, temp, isFirstUser bool, registrationDuration int64, signupInfoEnc string) (User, UserErrors) {
- username = strings.TrimSpace(username)
- var errs UserErrors
- if err := CanUseUsername(username, isFirstUser); err != nil {
- errs.Username = err.Error()
- }
- return createUser(username, password, repassword, gpgPublicKey, isAdmin, verified, temp, registrationDuration, signupInfoEnc)
+func CreateUser(username, password, repassword, gpgPublicKey string, temp bool, registrationDuration int64, signupInfoEnc string) (User, UserErrors) {
+ return createUser(username, password, repassword, gpgPublicKey, false, true, temp, false, false, registrationDuration, signupInfoEnc)
}
func CreateFirstUser(username, password, repassword string) (User, UserErrors) {
- return CreateUser(username, password, repassword, "", true, true, false, true, 12000, "")
+ return createUser(username, password, repassword, "", true, true, false, true, false, 12000, "")
}
func CreateZeroUser() (User, UserErrors) {
password := utils.GenerateToken1()
- return createUser("0", password, password, config.NullUserPublicKey, false, true, false, 12000, "")
+ return createUser("0", password, password, config.NullUserPublicKey, false, true, false, false, true, 12000, "")
}
-func createUser(username, password, repassword, gpgPublicKey string, isAdmin bool, verified bool, temp bool, registrationDuration int64, signupInfoEnc string) (User, UserErrors) {
+// skipUsernameValidation: entirely skip username validation (for "0" user)
+// isFirstUser: less strict username validation; can use "admin"/"n0tr1v" usernames
+func createUser(username, password, repassword, gpgPublicKey string, isAdmin, verified, temp, isFirstUser, skipUsernameValidation bool, registrationDuration int64, signupInfoEnc string) (User, UserErrors) {
+ username = strings.TrimSpace(username)
var errs UserErrors
+ if !skipUsernameValidation {
+ if err := CanUseUsername(username, isFirstUser); err != nil {
+ errs.Username = err.Error()
+ }
+ }
hashedPassword, err := NewPasswordValidator(password).CompareWith(repassword).Hash()
if err != nil {
errs.Password = err.Error()
diff --git a/pkg/web/handlers/handlers.go b/pkg/web/handlers/handlers.go
@@ -897,7 +897,7 @@ func signupHandler(c echo.Context) error {
signupInfoEnc, _ := json.Marshal(signupInfo)
registrationDuration := time.Now().UnixMilli() - start
- newUser, errs := database.CreateUser(data.Username, data.Password, data.RePassword, data.GPGPublicKey, false, true, false, false, registrationDuration, string(signupInfoEnc))
+ newUser, errs := database.CreateUser(data.Username, data.Password, data.RePassword, data.GPGPublicKey, false, registrationDuration, string(signupInfoEnc))
if errs.HasError() {
data.Errors = errs
return c.Render(http.StatusOK, "signup", data)
@@ -2252,7 +2252,7 @@ func chatHandler(c echo.Context, redRoom bool) error {
if authUser == nil {
password := utils.GenerateToken()
- newUser, errs := database.CreateUser(data.GuestUsername, password, password, "", false, true, true, false, 0, "")
+ newUser, errs := database.CreateUser(data.GuestUsername, password, password, "", true, 0, "")
if errs.HasError() {
data.ErrGuestUsername = errs.Username
return c.Render(http.StatusOK, "chat-password", data)
