From 2dcdfbe6d36927369ba7d6c68edf7f6f6ad6bc63 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=96=AF=E9=AD=94=E6=85=95=E8=96=87?= <kfanjian@gmail.com>
Date: Tue, 16 Aug 2022 00:14:26 +0800
Subject: [PATCH] fix: error login logic of mobile phone login  (#1017)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* fix: #1016

1. Limit username cannot be digital.
2. Check avoid repeat register with same phone or email.

Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com>

* Update check.go

Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com>
Co-authored-by: Yang Luo <hsluoyz@qq.com>
---
 object/check.go | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/object/check.go b/object/check.go
index 41cb277e..8483cfbf 100644
--- a/object/check.go
+++ b/object/check.go
@@ -18,6 +18,7 @@ import (
 	"fmt"
 	"regexp"
 	"strings"
+	"unicode"
 
 	"github.com/casdoor/casdoor/cred"
 	"github.com/casdoor/casdoor/util"
@@ -42,11 +43,25 @@ func CheckUserSignup(application *Application, organization *Organization, usern
 	if application.IsSignupItemVisible("Username") {
 		if len(username) <= 1 {
 			return "username must have at least 2 characters"
-		} else if reWhiteSpace.MatchString(username) {
+		}
+		if unicode.IsDigit(rune(username[0])) {
+			return "username cannot start with a digit"
+		}
+		if util.IsEmailValid(username) {
+			return "username cannot be an email address"
+		}
+		if reWhiteSpace.MatchString(username) {
 			return "username cannot contain white spaces"
-		} else if HasUserByField(organization.Name, "name", username) {
+		}
+		if HasUserByField(organization.Name, "name", username) {
 			return "username already exists"
 		}
+		if HasUserByField(organization.Name, "email", username) {
+			return "email already exists"
+		}
+		if HasUserByField(organization.Name, "phone", username) {
+			return "phone already exists"
+		}
 	}
 
 	if len(password) <= 5 {