diff options
| author | syuilo <Syuilotan@yahoo.co.jp> | 2019-07-22 10:15:00 +0900 |
|---|---|---|
| committer | syuilo <Syuilotan@yahoo.co.jp> | 2019-07-22 10:15:00 +0900 |
| commit | 85008303f5c292dc0f288e4db5b5a1fbd56879eb (patch) | |
| tree | aef4c2cf97c7be45f70a8c39846f0b5cd31cb41a /src/server/api | |
| parent | Update dependencies :rocket: (diff) | |
| download | sharkey-85008303f5c292dc0f288e4db5b5a1fbd56879eb.tar.gz sharkey-85008303f5c292dc0f288e4db5b5a1fbd56879eb.tar.bz2 sharkey-85008303f5c292dc0f288e4db5b5a1fbd56879eb.zip | |
Prevent username reusing
Diffstat (limited to 'src/server/api')
| -rw-r--r-- | src/server/api/endpoints/username/available.ts | 6 | ||||
| -rw-r--r-- | src/server/api/private/signup.ts | 14 |
2 files changed, 17 insertions, 3 deletions
diff --git a/src/server/api/endpoints/username/available.ts b/src/server/api/endpoints/username/available.ts index 724bb3a0c3..f393d6ed0d 100644 --- a/src/server/api/endpoints/username/available.ts +++ b/src/server/api/endpoints/username/available.ts @@ -1,6 +1,6 @@ import $ from 'cafy'; import define from '../../define'; -import { Users } from '../../../../models'; +import { Users, UsedUsernames } from '../../../../models'; export const meta = { tags: ['users'], @@ -21,7 +21,9 @@ export default define(meta, async (ps) => { usernameLower: ps.username.toLowerCase() }); + const exist2 = await UsedUsernames.count({ username: ps.username.toLowerCase() }); + return { - available: exist === 0 + available: exist === 0 && exist2 === 0 }; }); diff --git a/src/server/api/private/signup.ts b/src/server/api/private/signup.ts index 026fe7485b..c1f06fd339 100644 --- a/src/server/api/private/signup.ts +++ b/src/server/api/private/signup.ts @@ -5,7 +5,7 @@ import generateUserToken from '../common/generate-native-user-token'; import config from '../../../config'; import { fetchMeta } from '../../../misc/fetch-meta'; import * as recaptcha from 'recaptcha-promise'; -import { Users, Signins, RegistrationTickets } from '../../../models'; +import { Users, Signins, RegistrationTickets, UsedUsernames } from '../../../models'; import { genId } from '../../../misc/gen-id'; import { usersChart } from '../../../services/chart'; import { User } from '../../../models/entities/user'; @@ -13,6 +13,7 @@ import { UserKeypair } from '../../../models/entities/user-keypair'; import { toPunyNullable } from '../../../misc/convert-host'; import { UserProfile } from '../../../models/entities/user-profile'; import { getConnection } from 'typeorm'; +import { UsedUsername } from '../../../models/entities/used-username'; export default async (ctx: Koa.BaseContext) => { const body = ctx.request.body as any; @@ -78,11 +79,18 @@ export default async (ctx: Koa.BaseContext) => { // Generate secret const secret = generateUserToken(); + // Check username duplication if (await Users.findOne({ usernameLower: username.toLowerCase(), host: null })) { ctx.status = 400; return; } + // Check deleted username duplication + if (await UsedUsernames.findOne({ username: username.toLowerCase() })) { + ctx.status = 400; + return; + } + const keyPair = await new Promise<string[]>((s, j) => generateKeyPair('rsa', { modulusLength: 4096, @@ -133,6 +141,10 @@ export default async (ctx: Koa.BaseContext) => { autoWatch: false, password: hash, })); + + await transactionalEntityManager.save(new UsedUsername({ + username: username.toLowerCase(), + })); }); usersChart.update(account, true); |