From 0fdc93290b0f4caffe9c3f6c99189b82cab32746 Mon Sep 17 00:00:00 2001 From: zefie Date: Fri, 7 Oct 2022 12:08:03 -0400 Subject: [PATCH] fix issues with user name verification --- .../ServiceVault/wtv-setup/add-user-password.js | 4 ++-- zefie_wtvp_minisrv/WTVRegister.js | 7 ++++--- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-password.js b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-password.js index 70ea51ee..6fccf5bc 100644 --- a/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-password.js +++ b/zefie_wtvp_minisrv/ServiceVault/wtv-setup/add-user-password.js @@ -6,8 +6,8 @@ const wtvr = new WTVRegister(minisrv_config, SessionStore); if (ssid_sessions[socket.ssid].user_id != 0) errpage = wtvshared.doErrorPage(400, "You are not authorized to add users to this account."); else if (!request_headers.query.user_name) errpage = doErrorPage(400, "Please enter a username."); -else if (request_headers.query.user_name.length < minisrv_config.config.user_accounts.min_length) errpage = wtvshared.doErrorPage(400, "Please choose a username with " + minisrv_config.config.user_accounts.min_length + " or more characters."); -else if (request_headers.query.user_name.length > minisrv_config.config.user_accounts.max_length) errpage = wtvshared.doErrorPage(400, "Please choose a username with " + minisrv_config.config.user_accounts.max_length + " or less characters."); +else if (request_headers.query.user_name.length < minisrv_config.config.user_accounts.min_username_length) errpage = wtvshared.doErrorPage(400, "Please choose a username with " + minisrv_config.config.user_accounts.min_username_length + " or more characters."); +else if (request_headers.query.user_name.length > minisrv_config.config.user_accounts.max_username_length) errpage = wtvshared.doErrorPage(400, "Please choose a username with " + minisrv_config.config.user_accounts.max_username_length + " or less characters."); else if (!wtvr.checkUsernameSanity(request_headers.query.user_name)) errpage = wtvshared.doErrorPage(400, "The username you have chosen contains invalid characters. Please choose a username with only letters, numbers, _ or -. Also, please be sure your username begins with a letter."); else if (!wtvr.checkUsernameAvailable(request_headers.query.user_name)) errpage = wtvshared.doErrorPage(400, "The username you have selected is already in use. Please select another username."); else if (ssid_sessions[socket.ssid].getNumberOfUserAccounts() > minisrv_config.config.user_accounts.max_users_per_account) errpage = wtvshared.doErrorPage(400, "You are not authorized to add more than " + minisrv_config.config.user_accounts.max_users_per_account + ` account${minisrv_config.config.user_accounts.max_users_per_account > 1 ? 's' : ''}.`); diff --git a/zefie_wtvp_minisrv/WTVRegister.js b/zefie_wtvp_minisrv/WTVRegister.js index cc7a6121..58bd4fba 100644 --- a/zefie_wtvp_minisrv/WTVRegister.js +++ b/zefie_wtvp_minisrv/WTVRegister.js @@ -23,9 +23,10 @@ class WTVRegister { } checkUsernameSanity(username) { - var check1 = /^([A-Za-z0-9\-\_]{5,16})$/.test(username); - var check2 = /^[A-Za-z]/.test(username); - return (check1 && check2); + var regex_str = "^([A-Za-z0-9\-\_]{" + this.minisrv_config.config.user_accounts.min_username_length + "," + this.minisrv_config.config.user_accounts.max_username_length + "})$"; + var regex = new RegExp(regex_str); + console.log(username, username.length, regex.test(username)); + return regex.test(username); }