From 2b33f362dd6f4ea8ad7d069bbd2460188d9e562b Mon Sep 17 00:00:00 2001 From: Philippe PITTOLI Date: Thu, 27 Jun 2024 03:45:00 +0200 Subject: [PATCH] Change a few rules regarding registration (login regex, password length). --- src/requests/register.cr | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/requests/register.cr b/src/requests/register.cr index ae1c250..9ebea28 100644 --- a/src/requests/register.cr +++ b/src/requests/register.cr @@ -17,7 +17,7 @@ class AuthD::Request return Response::ErrorAlreadyUsedLogin.new end - acceptable_login_regex = "[a-zA-Z][-_ a-zA-Z0-9']+" + acceptable_login_regex = "[a-zA-Z][-_ a-zA-Z0-9']*[a-zA-Z0-9]" pattern = Regex.new acceptable_login_regex, Regex::Options::IGNORE_CASE return Response::ErrorInvalidLoginFormat.new unless pattern =~ @login @@ -35,7 +35,7 @@ class AuthD::Request end # In this case we should not accept its registration. - return Response::ErrorPasswordTooShort.new if @password.size < 20 + return Response::ErrorPasswordTooShort.new if @password.size < 15 return Response::ErrorPasswordTooLong.new if @password.size > 100 uid = authd.new_uid