Validate username in admin user creation process
This runs usernames through the same checks as the web interface, ensuring no invalid user is created, such as user_name or userName. This closes #49
This commit is contained in:
Matt Baer
parent
852ca5eea4
commit
5e5b283daf
1 changed files with 16 additions and 0 deletions
16
app.go
16
app.go
|
|
@ -26,6 +26,7 @@ import (
|
||||||
"github.com/writeas/web-core/auth"
|
"github.com/writeas/web-core/auth"
|
||||||
"github.com/writeas/web-core/converter"
|
"github.com/writeas/web-core/converter"
|
||||||
"github.com/writeas/web-core/log"
|
"github.com/writeas/web-core/log"
|
||||||
|
"github.com/writeas/writefreely/author"
|
||||||
"github.com/writeas/writefreely/config"
|
"github.com/writeas/writefreely/config"
|
||||||
"github.com/writeas/writefreely/page"
|
"github.com/writeas/writefreely/page"
|
||||||
)
|
)
|
||||||
|
|
@ -508,6 +509,21 @@ func adminCreateUser(app *app, credStr string, isAdmin bool) {
|
||||||
username := creds[0]
|
username := creds[0]
|
||||||
password := creds[1]
|
password := creds[1]
|
||||||
|
|
||||||
|
// Normalize and validate username
|
||||||
|
desiredUsername := username
|
||||||
|
username = getSlug(username, "")
|
||||||
|
|
||||||
|
usernameDesc := username
|
||||||
|
if username != desiredUsername {
|
||||||
|
usernameDesc += " (originally: " + desiredUsername + ")"
|
||||||
|
}
|
||||||
|
|
||||||
|
if !author.IsValidUsername(app.cfg, username) {
|
||||||
|
log.Error("Username %s is invalid, reserved, or shorter than configured minimum length (%d characters).", usernameDesc, app.cfg.App.MinUsernameLen)
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Hash the password
|
||||||
hashedPass, err := auth.HashPass([]byte(password))
|
hashedPass, err := auth.HashPass([]byte(password))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Unable to hash password: %v", err)
|
log.Error("Unable to hash password: %v", err)
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue