From 85008303f5c292dc0f288e4db5b5a1fbd56879eb Mon Sep 17 00:00:00 2001
From: syuilo <Syuilotan@yahoo.co.jp>
Date: Mon, 22 Jul 2019 10:15:00 +0900
Subject: Prevent username reusing

---
 src/server/api/private/signup.ts | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

(limited to 'src/server/api/private')

diff --git a/src/server/api/private/signup.ts b/src/server/api/private/signup.ts
index 026fe7485b..c1f06fd339 100644
--- a/src/server/api/private/signup.ts
+++ b/src/server/api/private/signup.ts
@@ -5,7 +5,7 @@ import generateUserToken from '../common/generate-native-user-token';
 import config from '../../../config';
 import { fetchMeta } from '../../../misc/fetch-meta';
 import * as recaptcha from 'recaptcha-promise';
-import { Users, Signins, RegistrationTickets } from '../../../models';
+import { Users, Signins, RegistrationTickets, UsedUsernames } from '../../../models';
 import { genId } from '../../../misc/gen-id';
 import { usersChart } from '../../../services/chart';
 import { User } from '../../../models/entities/user';
@@ -13,6 +13,7 @@ import { UserKeypair } from '../../../models/entities/user-keypair';
 import { toPunyNullable } from '../../../misc/convert-host';
 import { UserProfile } from '../../../models/entities/user-profile';
 import { getConnection } from 'typeorm';
+import { UsedUsername } from '../../../models/entities/used-username';
 
 export default async (ctx: Koa.BaseContext) => {
 	const body = ctx.request.body as any;
@@ -78,11 +79,18 @@ export default async (ctx: Koa.BaseContext) => {
 	// Generate secret
 	const secret = generateUserToken();
 
+	// Check username duplication
 	if (await Users.findOne({ usernameLower: username.toLowerCase(), host: null })) {
 		ctx.status = 400;
 		return;
 	}
 
+	// Check deleted username duplication
+	if (await UsedUsernames.findOne({ username: username.toLowerCase() })) {
+		ctx.status = 400;
+		return;
+	}
+
 	const keyPair = await new Promise<string[]>((s, j) =>
 		generateKeyPair('rsa', {
 			modulusLength: 4096,
@@ -133,6 +141,10 @@ export default async (ctx: Koa.BaseContext) => {
 			autoWatch: false,
 			password: hash,
 		}));
+
+		await transactionalEntityManager.save(new UsedUsername({
+			username: username.toLowerCase(),
+		}));
 	});
 
 	usersChart.update(account, true);
-- 
cgit v1.2.3-freya