feat: reserved usernames (#9917)
This PR adds a feature to prevent users from creating a new account with a reserved username such as root, admin, system, proxy, info, etc... Reserved usernames can be configured via the config file. The administrator can create an account with a reserved username via the first setup screen or the control panel. The existing account of reserved usernames will not be affected. Co-authored-by: Namekuji <nmkj@mx.kazuno.co> Reviewed-on: https://codeberg.org/calckey/calckey/pulls/9917 Co-authored-by: Namekuji <nmkj@noreply.codeberg.org> Co-committed-by: Namekuji <nmkj@noreply.codeberg.org>
This commit is contained in:
parent
48b8aeaf62
commit
eebfdf8559
4 changed files with 29 additions and 4 deletions
|
@ -109,6 +109,19 @@ id: 'aid'
|
|||
# Maximum lenght of an image caption or file comment (default 1500, max 8192)
|
||||
#maxCaptionLength: 1500
|
||||
|
||||
# Reserved usernames that only the administrator can register with
|
||||
reservedUsernames:
|
||||
- root
|
||||
- admin
|
||||
- system
|
||||
- test
|
||||
- proxy
|
||||
- relay
|
||||
- mod
|
||||
- moderator
|
||||
- info
|
||||
- information
|
||||
|
||||
# Whether disable HSTS
|
||||
#disableHsts: true
|
||||
|
||||
|
|
|
@ -77,6 +77,8 @@ export type Source = {
|
|||
sha256CertFingerprints?: string[];
|
||||
};
|
||||
|
||||
reservedUsernames?: string[];
|
||||
|
||||
// Managed hosting stuff
|
||||
maxUserSignups?: number;
|
||||
isManagedHosting?: boolean;
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
import { IsNull } from "typeorm";
|
||||
import { Users, UsedUsernames } from "@/models/index.js";
|
||||
import config from "@/config/index.js";
|
||||
import define from "../../define.js";
|
||||
|
||||
export const meta = {
|
||||
|
@ -40,7 +41,11 @@ export default define(meta, paramDef, async (ps) => {
|
|||
username: ps.username.toLowerCase(),
|
||||
});
|
||||
|
||||
const reserved = config.reservedUsernames?.includes(
|
||||
ps.username.toLowerCase(),
|
||||
);
|
||||
|
||||
return {
|
||||
available: exist === 0 && exist2 === 0,
|
||||
available: exist === 0 && exist2 === 0 && !reserved,
|
||||
};
|
||||
});
|
||||
|
|
|
@ -44,6 +44,11 @@ export default async (ctx: Koa.Context) => {
|
|||
const invitationCode = body["invitationCode"];
|
||||
const emailAddress = body["emailAddress"];
|
||||
|
||||
if (config.reservedUsernames?.includes(username.toLowerCase())) {
|
||||
ctx.status = 400;
|
||||
return;
|
||||
}
|
||||
|
||||
if (instance.emailRequiredForSignup) {
|
||||
if (emailAddress == null || typeof emailAddress !== "string") {
|
||||
ctx.status = 400;
|
||||
|
|
Loading…
Reference in a new issue