Skip to content

C
canifa_note
Commit 8fbd33be authored by Steven's avatar Steven
Browse files
Options

chore: update username matcher

parent bff41a89
Hide whitespace changes
Inline Side-by-side
Showing with 7 additions and 4 deletions
api/v1/auth.go
View file @ 8fbd33be
...@@ -6,6 +6,7 @@ import ( ...@@ -6,6 +6,7 @@ import (
"fmt" "fmt"
"net/http" "net/http"
"regexp" "regexp"
"strings"
"time" "time"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
...@@ -283,7 +284,7 @@ func (s *APIV1Service) SignUp(c echo.Context) error { ...@@ -283,7 +284,7 @@ func (s *APIV1Service) SignUp(c echo.Context) error {
if err != nil { if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, "Failed to find users").SetInternal(err) return echo.NewHTTPError(http.StatusBadRequest, "Failed to find users").SetInternal(err)
} }
if !usernameMatcher.MatchString(signup.Username) { if !usernameMatcher.MatchString(strings.ToLower(signup.Username)) {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid username %s", signup.Username)).SetInternal(err) return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid username %s", signup.Username)).SetInternal(err)
} }
......
api/v1/user.go
View file @ 8fbd33be
...@@ -4,6 +4,7 @@ import ( ...@@ -4,6 +4,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/http" "net/http"
"strings"
"time" "time"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
...@@ -140,7 +141,7 @@ func (s *APIV1Service) CreateUser(c echo.Context) error { ...@@ -140,7 +141,7 @@ func (s *APIV1Service) CreateUser(c echo.Context) error {
if err := userCreate.Validate(); err != nil { if err := userCreate.Validate(); err != nil {
return echo.NewHTTPError(http.StatusBadRequest, "Invalid user create format").SetInternal(err) return echo.NewHTTPError(http.StatusBadRequest, "Invalid user create format").SetInternal(err)
} }
if !usernameMatcher.MatchString(userCreate.Username) { if !usernameMatcher.MatchString(strings.ToLower(userCreate.Username)) {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid username %s", userCreate.Username)).SetInternal(err) return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid username %s", userCreate.Username)).SetInternal(err)
} }
// Disallow host user to be created. // Disallow host user to be created.
...@@ -365,7 +366,7 @@ func (s *APIV1Service) UpdateUser(c echo.Context) error { ...@@ -365,7 +366,7 @@ func (s *APIV1Service) UpdateUser(c echo.Context) error {
userUpdate.RowStatus = &rowStatus userUpdate.RowStatus = &rowStatus
} }
if request.Username != nil { if request.Username != nil {
if !usernameMatcher.MatchString(*request.Username) { if !usernameMatcher.MatchString(strings.ToLower(*request.Username)) {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid username %s", *request.Username)).SetInternal(err) return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid username %s", *request.Username)).SetInternal(err)
} }
userUpdate.Username = request.Username userUpdate.Username = request.Username
......
api/v2/user_service.go
View file @ 8fbd33be
...@@ -4,6 +4,7 @@ import ( ...@@ -4,6 +4,7 @@ import (
"context" "context"
"net/http" "net/http"
"regexp" "regexp"
"strings"
"time" "time"
"github.com/golang-jwt/jwt/v4" "github.com/golang-jwt/jwt/v4"
...@@ -77,7 +78,7 @@ func (s *UserService) UpdateUser(ctx context.Context, request *apiv2pb.UpdateUse ...@@ -77,7 +78,7 @@ func (s *UserService) UpdateUser(ctx context.Context, request *apiv2pb.UpdateUse
} }
for _, path := range request.UpdateMask { for _, path := range request.UpdateMask {
if path == "username" { if path == "username" {
if !usernameMatcher.MatchString(request.User.Username) { if !usernameMatcher.MatchString(strings.ToLower(request.User.Username)) {
return nil, status.Errorf(codes.InvalidArgument, "invalid username: %s", request.User.Username) return nil, status.Errorf(codes.InvalidArgument, "invalid username: %s", request.User.Username)
} }
update.Username = &request.User.Username update.Username = &request.User.Username
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment