fix: Add restriction to username when signing up (#1203)

2025-07-03 20:50:19 +08:00 · 2022-10-10 19:58:02 +08:00
parent e4a54fe375
commit 4c7f6fda37
6 changed files with 44 additions and 1 deletions
--- a/controllers/account.go
+++ b/controllers/account.go
@ -203,6 +203,12 @@ func (c *ApiController) Signup() {
 		}
 	}

+	msg = object.CheckUsername(user.Name)
+	if msg != "" {
+		c.ResponseError(msg)
+		return
+	}
+
 	affected := object.AddUser(user)
 	if !affected {
 		c.ResponseError(fmt.Sprintf("Failed to create user, user information is invalid: %s", util.StructToJson(user)))
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -411,6 +411,12 @@ func (c *ApiController) Login() {
 				// sync info from 3rd-party if possible
 				object.SetUserOAuthProperties(organization, user, provider.Type, userInfo)

+				msg := object.CheckUsername(user.Name)
+				if msg != "" {
+					c.ResponseError(msg)
+					return
+				}
+
 				affected := object.AddUser(user)
 				if !affected {
 					c.ResponseError(fmt.Sprintf("Failed to create user, user information is invalid: %s", util.StructToJson(user)))
--- a/controllers/user.go
+++ b/controllers/user.go
@ -158,6 +158,12 @@ func (c *ApiController) UpdateUser() {
 		columns = strings.Split(columnsStr, ",")
 	}

+	msg := object.CheckUsername(user.Name)
+	if msg != "" {
+		c.ResponseError(msg)
+		return
+	}
+
 	isGlobalAdmin := c.IsGlobalAdmin()
 	affected := object.UpdateUser(id, &user, columns, isGlobalAdmin)
 	if affected {
@ -183,6 +189,12 @@ func (c *ApiController) AddUser() {
 		return
 	}

+	msg := object.CheckUsername(user.Name)
+	if msg != "" {
+		c.ResponseError(msg)
+		return
+	}
+
 	c.Data["json"] = wrapActionResponse(object.AddUser(&user))
 	c.ServeJSON()
 }