xerbalind/planetwars.dev
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages 1 Wiki Activity

don't allow registering reserved usernames

Browse source
This commit is contained in:
Ilion Beyst 2022-07-25 22:51:26 +02:00
parent 4099e3ab6e
commit 1d280c62e2
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
planetwars-server/src/routes/users.rs
View file

@ -11,6 +11,8 @@ use serde::{Deserialize, Serialize};
use serde_json::json; use serde_json::json;
use thiserror::Error; use thiserror::Error;
const RESERVED_USERNAMES: &[&str] = &["admin", "system"];
type AuthorizationHeader = TypedHeader<Authorization<Bearer>>; type AuthorizationHeader = TypedHeader<Authorization<Bearer>>;
#[async_trait] #[async_trait]
@ -89,6 +91,10 @@ impl RegistrationParams {
errors.push("password must be at least 8 characters".to_string()); errors.push("password must be at least 8 characters".to_string());
} }
if RESERVED_USERNAMES.contains(&self.username.as_str()) {
errors.push("that username is not allowed".to_string());
}
if users::find_user_by_name(&self.username, &conn).is_ok() { if users::find_user_by_name(&self.username, &conn).is_ok() {
errors.push("username is already taken".to_string()); errors.push("username is already taken".to_string());
} }