mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2025-12-12 09:23:09 -06:00
Code Issues Packages Projects Releases Wiki Activity

Squash usernames wherever we verify them, and check for all lowercase

Browse source 
Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
This commit is contained in:
Andrew Morgan (https://amorgan.xyz) 2017-12-01 16:21:12 -08:00
parent aea970e24f
commit 259a4461a1
No known key found for this signature in database
GPG key ID: 174BEAB009FD176D
1 changed files with 8 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
src/github.com/matrix-org/dendrite/clientapi/routing/register.go
View file

@ -49,7 +49,7 @@ const (
var (
// TODO: Remove old sessions. Need to do so on a session-specific timeout.
sessions = make(map[string][]authtypes.LoginType) // Sessions and completed flow stages
validUsernameRegex = regexp.MustCompile(`^[0-9a-zA-Z_\-./]+$`)
validUsernameRegex = regexp.MustCompile(`^[0-9a-z_\-./]+$`)
)
// registerRequest represents the submitted registration request.
@ -281,6 +281,10 @@ func LegacyRegister(
if resErr != nil {
return *resErr
}
// Squash username to all lowercase letters
r.Username = strings.ToLower(r.Username)
if resErr = validateUserName(r.Username); resErr != nil {
return *resErr
}
@ -481,6 +485,9 @@ func RegisterAvailable(
) util.JSONResponse {
username := req.URL.Query().Get("username")
// Squash username to all lowercase letters
username = strings.ToLower(username)
if err := validateUserName(username); err != nil {
return *err
}