YourSelfHosted/memos
1
0
Fork 0
mirror of https://github.com/usememos/memos.git synced 2025-06-05 22:09:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

chore: update username matcher

Browse Source
This commit is contained in:
Steven
2023-09-18 22:37:13 +08:00
parent bff41a8957
commit 8fbd33be09
3 changed files with 7 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
api/v1/auth.go
View File

@@ -6,6 +6,7 @@ import (
"fmt" "fmt"
"net/http" "net/http"
"regexp" "regexp"
"strings"
"time" "time"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
@@ -283,7 +284,7 @@ func (s *APIV1Service) SignUp(c echo.Context) error {
if err != nil { if err != nil {
return echo.NewHTTPError(http.StatusBadRequest, "Failed to find users").SetInternal(err) return echo.NewHTTPError(http.StatusBadRequest, "Failed to find users").SetInternal(err)
} }
if !usernameMatcher.MatchString(signup.Username) { if !usernameMatcher.MatchString(strings.ToLower(signup.Username)) {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid username %s", signup.Username)).SetInternal(err) return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid username %s", signup.Username)).SetInternal(err)
} }

5
api/v1/user.go
View File

@@ -4,6 +4,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/http" "net/http"
"strings"
"time" "time"
"github.com/labstack/echo/v4" "github.com/labstack/echo/v4"
@@ -140,7 +141,7 @@ func (s *APIV1Service) CreateUser(c echo.Context) error {
if err := userCreate.Validate(); err != nil { if err := userCreate.Validate(); err != nil {
return echo.NewHTTPError(http.StatusBadRequest, "Invalid user create format").SetInternal(err) return echo.NewHTTPError(http.StatusBadRequest, "Invalid user create format").SetInternal(err)
} }
if !usernameMatcher.MatchString(userCreate.Username) { if !usernameMatcher.MatchString(strings.ToLower(userCreate.Username)) {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid username %s", userCreate.Username)).SetInternal(err) return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid username %s", userCreate.Username)).SetInternal(err)
} }
// Disallow host user to be created. // Disallow host user to be created.
@@ -365,7 +366,7 @@ func (s *APIV1Service) UpdateUser(c echo.Context) error {
userUpdate.RowStatus = &rowStatus userUpdate.RowStatus = &rowStatus
} }
if request.Username != nil { if request.Username != nil {
if !usernameMatcher.MatchString(*request.Username) { if !usernameMatcher.MatchString(strings.ToLower(*request.Username)) {
return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid username %s", *request.Username)).SetInternal(err) return echo.NewHTTPError(http.StatusBadRequest, fmt.Sprintf("Invalid username %s", *request.Username)).SetInternal(err)
} }
userUpdate.Username = request.Username userUpdate.Username = request.Username

3
api/v2/user_service.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"net/http" "net/http"
"regexp" "regexp"
"strings"
"time" "time"
"github.com/golang-jwt/jwt/v4" "github.com/golang-jwt/jwt/v4"
@@ -77,7 +78,7 @@ func (s *UserService) UpdateUser(ctx context.Context, request *apiv2pb.UpdateUse
} }
for _, path := range request.UpdateMask { for _, path := range request.UpdateMask {
if path == "username" { if path == "username" {
if !usernameMatcher.MatchString(request.User.Username) { if !usernameMatcher.MatchString(strings.ToLower(request.User.Username)) {
return nil, status.Errorf(codes.InvalidArgument, "invalid username: %s", request.User.Username) return nil, status.Errorf(codes.InvalidArgument, "invalid username: %s", request.User.Username)
} }
update.Username = &request.User.Username update.Username = &request.User.Username