From f586cfe515a6e21e58f58a8a9aef38a07b979778 Mon Sep 17 00:00:00 2001 From: Uncled1023 Date: Wed, 18 May 2016 16:52:32 -0700 Subject: [PATCH] Added filter for usernames. --- .../Views/Transparency/Index.cshtml | 3 +++ Teknik/Areas/User/Utility/UserHelper.cs | 17 +++++++++++++++-- Teknik/Configuration/UserConfig.cs | 6 ++++++ 3 files changed, 24 insertions(+), 2 deletions(-) diff --git a/Teknik/Areas/Transparency/Views/Transparency/Index.cshtml b/Teknik/Areas/Transparency/Views/Transparency/Index.cshtml index 0fe0dde..fea5abf 100644 --- a/Teknik/Areas/Transparency/Views/Transparency/Index.cshtml +++ b/Teknik/Areas/Transparency/Views/Transparency/Index.cshtml @@ -259,7 +259,10 @@
+ @if (!string.IsNullOrEmpty(Model.Canary)) + {
@Model.Canary
+ }
} diff --git a/Teknik/Areas/User/Utility/UserHelper.cs b/Teknik/Areas/User/Utility/UserHelper.cs index ac23bee..bce7ae2 100644 --- a/Teknik/Areas/User/Utility/UserHelper.cs +++ b/Teknik/Areas/User/Utility/UserHelper.cs @@ -6,6 +6,7 @@ using System.Linq; using System.Net; using System.Runtime.InteropServices; using System.Text; +using System.Text.RegularExpressions; using System.Threading.Tasks; using System.Web; using System.Web.Security; @@ -64,10 +65,22 @@ namespace Teknik.Areas.Users.Utility { bool isValid = true; + // Must be something there + isValid &= !string.IsNullOrEmpty(username); + + // Is the format correct? + Regex reg = new Regex(config.UserConfig.UsernameFilter); + isValid &= reg.IsMatch(username); + + // Meets the min length? + isValid &= (username.Length >= config.UserConfig.MinUsernameLength); + + // Meets the max length? + isValid &= (username.Length <= config.UserConfig.MaxUsernameLength); + // Load reserved usernames List reserved = GetReservedUsernames(config); - if (reserved.Exists(u => u.ToLower() == username.ToLower())) - isValid = false; + isValid &= (reserved.Exists(u => u.ToLower() == username.ToLower())); return isValid; } diff --git a/Teknik/Configuration/UserConfig.cs b/Teknik/Configuration/UserConfig.cs index 08d3472..0d8d7f4 100644 --- a/Teknik/Configuration/UserConfig.cs +++ b/Teknik/Configuration/UserConfig.cs @@ -10,12 +10,18 @@ namespace Teknik.Configuration { public bool RegistrationEnabled { get; set; } public bool LoginEnabled { get; set; } + public string UsernameFilter { get; set; } + public int MinUsernameLength { get; set; } + public int MaxUsernameLength { get; set; } public string ReservedUsernameDefinitionFile { get; set; } public UserConfig() { RegistrationEnabled = true; LoginEnabled = true; + UsernameFilter = "^[a-zA-Z0-9_-]+(?:\\.[a-zA-Z0-9_-]+)*$"; + MinUsernameLength = 1; + MaxUsernameLength = 35; ReservedUsernameDefinitionFile = string.Empty; } }