1
0
mirror of https://github.com/osmarks/mycorrhiza.git synced 2024-10-30 03:36:16 +00:00

Auth: Do not load users with weird characters in names

If they were registered in earlier versions, you should do something about it:

* Delete them manually.
* Workaround: register a new user to force user storage dump. You can delete them afterwards.
This commit is contained in:
Timur Ismagilov 2022-05-17 16:35:43 +03:00
parent c1ac0bbd16
commit 2e59f75647
2 changed files with 3 additions and 2 deletions

View File

@ -50,6 +50,9 @@ func usersFromFile() []*User {
func rememberUsers(userList []*User) {
for _, user := range userList {
if !IsValidUsername(user.Name) {
continue
}
users.Store(user.Name, user)
}
}

View File

@ -1,7 +1,6 @@
package user
import (
"fmt"
"net/http"
"strings"
"sync"
@ -136,7 +135,6 @@ func (user *User) ShowLockMaybe(w http.ResponseWriter, rq *http.Request) bool {
// IsValidUsername checks if the given username is valid.
func IsValidUsername(username string) bool {
fmt.Println("Is", username, "ok")
for _, r := range username {
if strings.ContainsRune("?!:#@><*|\"'&%{}/", r) {
return false