fix: Add restriction to username when signing up (#1203)

2025-07-04 13:20:19 +08:00 · 2022-10-10 19:58:02 +08:00
parent e4a54fe375
commit 4c7f6fda37
6 changed files with 44 additions and 1 deletions
--- a/object/check.go
+++ b/object/check.go
@ -313,3 +313,21 @@ func CheckAccessPermission(userId string, application *Application) (bool, error
 	}
 	return allowed, err
 }
+
+func CheckUsername(name string) string {
+	if name == "" {
+		return "Empty username."
+	} else if len(name) > 39 {
+		return "Username is too long (maximum is 39 characters)."
+	}
+
+	// https://stackoverflow.com/questions/58726546/github-username-convention-using-regex
+	re, _ := regexp.Compile("^[a-zA-Z0-9]+(?:-[a-zA-Z0-9]+)*$")
+	if !re.MatchString(name) {
+		return fmt.Sprintf("The name '%s' may only contain alphanumeric characters or hyphens, "+
+			"cannot have multiple consecutive hyphens, "+
+			"and cannot begin or end with a hyphen.", name)
+	}
+
+	return ""
+}
--- a/object/ldap.go
+++ b/object/ldap.go
@ -409,6 +409,7 @@ func SyncLdapUsers(owner string, users []LdapRespUser, ldapId string) (*[]LdapRe
 				}
 			}
 		}
+
 		if !found && !AddUser(&User{
 			Owner:       owner,
 			Name:        buildLdapUserName(user.Uid, user.UidNumber),
--- a/object/token.go
+++ b/object/token.go
@ -703,7 +703,7 @@ func GetWechatMiniProgramToken(application *Application, code string, host strin
 		}
 		// Add new user
 		var name string
-		if username != "" {
+		if CheckUsername(username) == "" {
 			name = username
 		} else {
 			name = fmt.Sprintf("wechat-%s", openId)