From 4aefab21b5b5055bbef30d164690a4e2b147481a Mon Sep 17 00:00:00 2001
From: Helge Jung <hej@c3pb.de>
Date: Mon, 25 Dec 2023 16:05:04 +0100
Subject: [PATCH] registration: disallow usernames starting with an underscore
---
src/core/forms.py | 2 ++
src/core/locale/de/LC_MESSAGES/django.po | 3 +++
src/core/locale/en/LC_MESSAGES/django.po | 3 +++
3 files changed, 8 insertions(+)
diff --git a/src/core/forms.py b/src/core/forms.py
index 7049ffc0a..5e4f619ec 100644
--- a/src/core/forms.py
+++ b/src/core/forms.py
@@ -130,6 +130,8 @@ class RegistrationForm(UserCreationForm):
def clean(self):
if self.request and self.request.limited:
raise ValidationError(_('Registration__rate-limited'))
+ if (username := self.cleaned_data.get('username')) and username.startswith('_'):
+ raise ValidationError({'username': _('Registration__username__nounderscore')})
return super().clean()
def send_mail(
diff --git a/src/core/locale/de/LC_MESSAGES/django.po b/src/core/locale/de/LC_MESSAGES/django.po
index 983a986ab..d4368df36 100644
--- a/src/core/locale/de/LC_MESSAGES/django.po
+++ b/src/core/locale/de/LC_MESSAGES/django.po
@@ -131,6 +131,9 @@ msgstr "Deine Kontakt Email für diese Veranstaltung (nicht öffentlich)"
msgid "Registration__rate-limited"
msgstr "Zu viele Request (Rate-Limited), bitte einen Moment warten!"
+msgid "Registration__username__nounderscore"
+msgstr "Der Benutzername darf nicht mit einem Unterstrich beginnen."
+
msgid "Tags"
msgstr ""
diff --git a/src/core/locale/en/LC_MESSAGES/django.po b/src/core/locale/en/LC_MESSAGES/django.po
index 8cde7d22c..1f76e189f 100644
--- a/src/core/locale/en/LC_MESSAGES/django.po
+++ b/src/core/locale/en/LC_MESSAGES/django.po
@@ -131,6 +131,9 @@ msgstr "Your contact email for this event (not public)"
msgid "Registration__rate-limited"
msgstr "Too many requests (Rate-Limited), please wait a moment!"
+msgid "Registration__username__nounderscore"
+msgstr "The username must not begin with an underscore."
+
msgid "Tags"
msgstr ""
--
GitLab