aboutsummaryrefslogtreecommitdiffhomepage
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/helpers/custom-validators/users.ts2
-rw-r--r--server/middlewares/validators/users.ts4
-rw-r--r--server/tests/api/check-params/users.ts12
3 files changed, 15 insertions, 3 deletions
diff --git a/server/helpers/custom-validators/users.ts b/server/helpers/custom-validators/users.ts
index f423d6317..b5b5642d6 100644
--- a/server/helpers/custom-validators/users.ts
+++ b/server/helpers/custom-validators/users.ts
@@ -18,7 +18,7 @@ function isUserVideoQuotaValid (value: string) {
18function isUserUsernameValid (value: string) { 18function isUserUsernameValid (value: string) {
19 const max = USERS_CONSTRAINTS_FIELDS.USERNAME.max 19 const max = USERS_CONSTRAINTS_FIELDS.USERNAME.max
20 const min = USERS_CONSTRAINTS_FIELDS.USERNAME.min 20 const min = USERS_CONSTRAINTS_FIELDS.USERNAME.min
21 return exists(value) && validator.matches(value, new RegExp(`^[a-zA-Z0-9._]{${min},${max}}$`)) 21 return exists(value) && validator.matches(value, new RegExp(`^[a-z0-9._]{${min},${max}}$`))
22} 22}
23 23
24function isUserDisplayNSFWValid (value: any) { 24function isUserDisplayNSFWValid (value: any) {
diff --git a/server/middlewares/validators/users.ts b/server/middlewares/validators/users.ts
index 0b463acc0..6b845f62b 100644
--- a/server/middlewares/validators/users.ts
+++ b/server/middlewares/validators/users.ts
@@ -19,7 +19,7 @@ import {
19import { UserInstance, VideoInstance } from '../../models' 19import { UserInstance, VideoInstance } from '../../models'
20 20
21const usersAddValidator = [ 21const usersAddValidator = [
22 body('username').custom(isUserUsernameValid).withMessage('Should have a valid username'), 22 body('username').custom(isUserUsernameValid).withMessage('Should have a valid username (lowercase alphanumeric characters)'),
23 body('password').custom(isUserPasswordValid).withMessage('Should have a valid password'), 23 body('password').custom(isUserPasswordValid).withMessage('Should have a valid password'),
24 body('email').isEmail().withMessage('Should have a valid email'), 24 body('email').isEmail().withMessage('Should have a valid email'),
25 body('videoQuota').custom(isUserVideoQuotaValid).withMessage('Should have a valid user quota'), 25 body('videoQuota').custom(isUserVideoQuotaValid).withMessage('Should have a valid user quota'),
@@ -196,7 +196,7 @@ function checkUserDoesNotAlreadyExist (username: string, email: string, res: exp
196 .then(user => { 196 .then(user => {
197 if (user) { 197 if (user) {
198 return res.status(409) 198 return res.status(409)
199 .send({ error: 'User already exists.' }) 199 .send({ error: 'User with this username of email already exists.' })
200 .end() 200 .end()
201 } 201 }
202 202
diff --git a/server/tests/api/check-params/users.ts b/server/tests/api/check-params/users.ts
index 687999c09..578fece49 100644
--- a/server/tests/api/check-params/users.ts
+++ b/server/tests/api/check-params/users.ts
@@ -112,6 +112,18 @@ describe('Test users API validators', function () {
112 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields }) 112 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
113 }) 113 })
114 114
115 it('Should fail with a not lowercase username', async function () {
116 const fields = {
117 username: 'Toto',
118 email: 'test@example.com',
119 password: 'my_super_password',
120 videoQuota: 42000000,
121 role: UserRole.USER
122 }
123
124 await makePostBodyRequest({ url: server.url, path, token: server.accessToken, fields })
125 })
126
115 it('Should fail with an incorrect username', async function () { 127 it('Should fail with an incorrect username', async function () {
116 const fields = { 128 const fields = {
117 username: 'my username', 129 username: 'my username',
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 21:55:50 +0000