mirror of
https://github.com/NodeBB/NodeBB.git
synced 2025-10-26 16:46:12 +01:00
fix: #8582
This commit is contained in:
Barış Soner Uşaklı
@@ -385,7 +385,7 @@
|
|||||||
},
|
},
|
||||||
|
|
||||||
isUserNameValid: function (name) {
|
isUserNameValid: function (name) {
|
||||||
return (name && name !== '' && (/^['"\s\-+.*[\]0-9\u00BF-\u1FFF\u2C00-\uD7FF\w]+$/.test(name)));
|
return (name && name !== '' && (/^['" \-+.*[\]0-9\u00BF-\u1FFF\u2C00-\uD7FF\w]+$/.test(name)));
|
||||||
},
|
},
|
||||||
|
|
||||||
isPasswordValid: function (password) {
|
isPasswordValid: function (password) {
|
||||||
|
|||||||
@@ -13,6 +13,7 @@ const plugins = require('../plugins');
|
|||||||
|
|
||||||
module.exports = function (User) {
|
module.exports = function (User) {
|
||||||
User.addToApprovalQueue = async function (userData) {
|
User.addToApprovalQueue = async function (userData) {
|
||||||
|
userData.username = userData.username.trim();
|
||||||
userData.userslug = utils.slugify(userData.username);
|
userData.userslug = utils.slugify(userData.username);
|
||||||
await canQueue(userData);
|
await canQueue(userData);
|
||||||
const hashedPassword = await User.hashPassword(userData.password);
|
const hashedPassword = await User.hashPassword(userData.password);
|
||||||
|
|||||||
17
test/user.js
17
test/user.js
@@ -1805,6 +1805,23 @@ describe('User', function () {
|
|||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('should trim username and add user to registration queue', function (done) {
|
||||||
|
helpers.registerUser({
|
||||||
|
username: 'invalidname\r\n',
|
||||||
|
password: '123456',
|
||||||
|
'password-confirm': '123456',
|
||||||
|
email: 'invalidtest@test.com',
|
||||||
|
gdpr_consent: true,
|
||||||
|
}, function (err) {
|
||||||
|
assert.ifError(err);
|
||||||
|
db.getSortedSetRange('registration:queue', 0, -1, function (err, data) {
|
||||||
|
assert.ifError(err);
|
||||||
|
assert.equal(data[0], 'invalidname');
|
||||||
|
done();
|
||||||
|
});
|
||||||
|
});
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('invites', function () {
|
describe('invites', function () {
|
||||||
|
|||||||
@@ -63,10 +63,30 @@ describe('Utility Methods', function () {
|
|||||||
assert.equal(utils.isUserNameValid(username), false, 'accepted as valid username');
|
assert.equal(utils.isUserNameValid(username), false, 'accepted as valid username');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('should reject new lines', function () {
|
||||||
|
assert.equal(utils.isUserNameValid('myusername\r\n'), false);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should reject new lines', function () {
|
||||||
|
assert.equal(utils.isUserNameValid('myusername\n'), false);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('should reject tabs', function () {
|
||||||
|
assert.equal(utils.isUserNameValid('myusername\t'), false);
|
||||||
|
});
|
||||||
|
|
||||||
it('accepts square brackets', function () {
|
it('accepts square brackets', function () {
|
||||||
var username = '[best clan] julian';
|
var username = '[best clan] julian';
|
||||||
assert(utils.isUserNameValid(username), 'invalid username');
|
assert(utils.isUserNameValid(username), 'invalid username');
|
||||||
});
|
});
|
||||||
|
|
||||||
|
it('accepts regular username', function () {
|
||||||
|
assert(utils.isUserNameValid('myusername'), 'invalid username');
|
||||||
|
});
|
||||||
|
|
||||||
|
it('accepts quotes', function () {
|
||||||
|
assert(utils.isUserNameValid('baris "the best" usakli'), 'invalid username');
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
describe('email validation', function () {
|
describe('email validation', function () {
|
||||||
|
|||||||
Reference in New Issue
Block a user