diff --git a/l10n/de.js b/l10n/de.js index 14a5579dcdfb1f3ee378450d2361d8ba5a14d547..2c00a4098eed4d843226a82b65ff156e9603d829 100644 --- a/l10n/de.js +++ b/l10n/de.js @@ -84,6 +84,7 @@ OC.L10N.register( "An error occurred while creating your account!": "Beim Anlegen Ihres Kontos ist ein Fehler aufgetreten!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Wenn Sie eine Nachricht sehen, die besagt \"Google hasn't verified this app\", können Sie diese ignorieren, indem Sie auf \"Advanced\" klicken. Wir arbeiten derzeit daran, die erforderliche Zertifizierung von Google zu erhalten, um diese Nachricht zu entfernen.", "Username is too large.": "Der Benutzername ist zu groß.", - "Display name is too large.": "Der Anzeigename ist zu groß." + "Display name is too large.": "Der Anzeigename ist zu groß.", + "Password has invalid characters.": "Das Passwort enthält ungültige Zeichen." }, "nplurals=2; plural=(n != 1);"); diff --git a/l10n/de.json b/l10n/de.json index c3dd2ba5ff01ce8ae08db480cfaac152e6337274..63b7d43470426b300c1780e519b881b1472b55c2 100644 --- a/l10n/de.json +++ b/l10n/de.json @@ -82,7 +82,8 @@ "An error occurred while creating your account!": "Beim Anlegen Ihres Kontos ist ein Fehler aufgetreten!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Wenn Sie eine Nachricht sehen, die besagt \"Google hasn't verified this app\", können Sie diese ignorieren, indem Sie auf \"Advanced\" tippen. Wir arbeiten derzeit daran, die erforderliche Zertifizierung von Google zu erhalten, um diese Fehlermeldung zu beseitigen.", "Username is too large.": "Der Benutzername ist zu groß.", - "Display name is too large.": "Der Anzeigename ist zu groß." + "Display name is too large.": "Der Anzeigename ist zu groß.", + "Password has invalid characters.": "Das Passwort enthält ungültige Zeichen." }, "pluralForm": "nplurals=2; plural=(n != 1);" } diff --git a/l10n/de_DE.js b/l10n/de_DE.js index 4754fe0ee8c1d3b5ebc2a9071a7f0a776ea5eb0c..9478e84445bae366361d4cd55bce7eb51d054b9d 100644 --- a/l10n/de_DE.js +++ b/l10n/de_DE.js @@ -84,6 +84,7 @@ OC.L10N.register( "An error occurred while creating your account!": "Beim Anlegen Ihres Kontos ist ein Fehler aufgetreten!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Wenn du eine Nachricht siehst, die besagt \"Google hasn't verified this app\", kannst du sie ignorieren, indem du auf \"Advanced\" klickst. Wir arbeiten derzeit daran, die erforderliche Zertifizierung von Google zu erhalten, um diese Nachricht zu entfernen.", "Username is too large.": "Der Benutzername ist zu groß.", - "Display name is too large.": "Der Anzeigename ist zu groß." + "Display name is too large.": "Der Anzeigename ist zu groß.", + "Password has invalid characters.": "Das Passwort enthält ungültige Zeichen." }, "nplurals=2; plural=(n != 1);"); diff --git a/l10n/de_DE.json b/l10n/de_DE.json index 2f5263402c8d0126a2ce8fb51328244ce6335b14..493c1672e02f70888eddcda6d9cc9d0f49d342a2 100644 --- a/l10n/de_DE.json +++ b/l10n/de_DE.json @@ -82,7 +82,8 @@ "An error occurred while creating your account!": "Beim Anlegen Ihres Kontos ist ein Fehler aufgetreten!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Wenn du eine Nachricht siehst, die besagt \"Google hasn't verified this app\", kannst du sie ignorieren, indem du auf \"Advanced\" tippst. Wir arbeiten derzeit daran, die erforderliche Zertifizierung von Google zu erhalten, um diese Fehlermeldung zu beseitigen.", "Username is too large.": "Der Benutzername ist zu groß.", - "Display name is too large.": "Der Anzeigename ist zu groß." + "Display name is too large.": "Der Anzeigename ist zu groß.", + "Password has invalid characters.": "Das Passwort enthält ungültige Zeichen." }, "pluralForm": "nplurals=2; plural=(n != 1);" } diff --git a/l10n/en.js b/l10n/en.js index d7c570dfc1a7bf9ceb55c4484b65b65a7d81bb7b..95596e24501143318d853f40b6e9c5799226abb1 100644 --- a/l10n/en.js +++ b/l10n/en.js @@ -87,6 +87,7 @@ OC.L10N.register( "An error occurred while creating your account!": "An error occurred while creating your account!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.", "Username is too large.": "Username is too large.", - "Display name is too large.": "Display name is too large." + "Display name is too large.": "Display name is too large.", + "Password has invalid characters.": "Password has invalid characters." }, "nplurals=2; plural=(n != 1);"); diff --git a/l10n/en.json b/l10n/en.json index 7568e3f85967e1ca2358d2db9a97a5547bee7d69..d6550f4997ae25359c430f53c0383ffa71e55e63 100644 --- a/l10n/en.json +++ b/l10n/en.json @@ -84,7 +84,8 @@ "An error occurred while creating your account!": "An error occurred while creating your account!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.", "Username is too large.": "Username is too large.", - "Display name is too large.": "Display name is too large." + "Display name is too large.": "Display name is too large.", + "Password has invalid characters.": "La contraseña tiene caracteres no válidos." }, "pluralForm": "nplurals=2; plural=(n != 1);" } diff --git a/l10n/es.js b/l10n/es.js index c97769b97a1f47a5cd3a221bfed2fc69c37ba316..7238cc2adc8e7d35dee43153d305e6ef0393410b 100644 --- a/l10n/es.js +++ b/l10n/es.js @@ -86,6 +86,7 @@ OC.L10N.register( "An error occurred while creating your account!": "¡Hubo un error creando tu cuenta!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Si ves un mensaje que dice \"Google hasn't verified this app\", puedes omitirlo haciendo clic en \"Advanced\". Actualmente estamos trabajando para obtener la certificación que Google exige para eliminar este mensaje.", "Username is too large.": "El nombre de usuario es demasiado grande.", - "Display name is too large.": "El nombre para mostrar es demasiado grande." + "Display name is too large.": "El nombre para mostrar es demasiado grande.", + "Password has invalid characters.": "La contraseña tiene caracteres no válidos." }, "nplurals=2; plural=(n != 1);"); diff --git a/l10n/es.json b/l10n/es.json index fd22c863c695bbca7f257aed306defb6d254a9df..74dad40c4205b4c3c3124373e4a78bb8333a64a0 100644 --- a/l10n/es.json +++ b/l10n/es.json @@ -85,7 +85,9 @@ "An error occurred while creating your account!": "¡Hubo un error creando tu cuenta!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Si ves un mensaje que dice \"Google hasn't verified this app\", puedes omitirlo haciendo clic en \"Advanced\". Actualmente estamos trabajando para obtener la certificación que Google exige para eliminar este mensaje.", "Username is too large.": "El nombre de usuario es demasiado grande.", - "Display name is too large.": "El nombre para mostrar es demasiado grande." + "Display name is too large.": "El nombre para mostrar es demasiado grande.", + "Password has invalid characters.": "Password has invalid characters." + }, "pluralForm": "nplurals=2; plural=(n != 1);" } diff --git a/l10n/fr.js b/l10n/fr.js index 5a84aea7900fd04dcb7a38b93e8234b1bbee1478..3a7a008e1fbc85aa1bf8ab08f3788ffdca150478 100644 --- a/l10n/fr.js +++ b/l10n/fr.js @@ -85,6 +85,7 @@ OC.L10N.register( "An error occurred while creating your account!": "Une erreur s'est produite lors de la création de votre compte!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Si vous voyez un message disant \"Google hasn't verified this app\" vous pouvez le contourner en cliquant sur \"Advanced\". Nous travaillons actuellement sur l'obtention de la certification exigée par Google pour se débarrasser de ce message.", "Username is too large.": "Le nom d'utilisateur est trop grand.", - "Display name is too large.": "Le nom affiché est trop grand." + "Display name is too large.": "Le nom affiché est trop grand.", + "Password has invalid characters.": "Le mot de passe contient des caractères non valides." }, "nplurals=2; plural=(n != 1);"); diff --git a/l10n/fr.json b/l10n/fr.json index 2b733b05ac02429d3305601883c281e30f8526b5..8f27e62aa4dd4d6533eec53cb938dcf7baa85aea 100644 --- a/l10n/fr.json +++ b/l10n/fr.json @@ -84,7 +84,8 @@ "An error occurred while creating your account!": "Une erreur s'est produite lors de la création de votre compte!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Si vous voyez un message disant \"Google hasn't verified this app\" vous pouvez le contourner en cliquant sur \"Advanced\". Nous travaillons actuellement sur l'obtention de la certification exigée par Google pour se débarrasser de ce message.", "Username is too large.": "Le nom d'utilisateur est trop grand.", - "Display name is too large.": "Le nom affiché est trop grand." + "Display name is too large.": "Le nom affiché est trop grand.", + "Password has invalid characters.": "Le mot de passe contient des caractères non valides." }, "pluralForm": "nplurals=2; plural=(n != 1);" } diff --git a/l10n/it.js b/l10n/it.js index cbf1181e9f3ac02abdb1037aec1a541b30fabd13..f90e0506f73905720b10e8be75968dcd9f359722 100644 --- a/l10n/it.js +++ b/l10n/it.js @@ -85,6 +85,7 @@ OC.L10N.register( "An error occurred while creating your account!": "Si è verificato un errore nella creazione dell'account!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Se vedi un messaggio che dice \"Google hasn't verified this app\", puoi ignorarlo facendo clic su \"Advanced\". Attualmente stiamo lavorando per ottenere la certificazione richiesta da Google per eliminare questo messaggio.", "Username is too large.": "Il nome utente è troppo grande.", - "Display name is too large.": "Il nome del display è troppo grande." + "Display name is too large.": "Il nome del display è troppo grande.", + "Password has invalid characters.": "La password contiene caratteri non validi." }, "nplurals=2; plural=(n != 1);"); diff --git a/l10n/it.json b/l10n/it.json index 18307c2bee195efe88edb3b2c07902ee9e629c0a..fcd388c4254cb44d57c1b69ebf9348258c3102fc 100644 --- a/l10n/it.json +++ b/l10n/it.json @@ -80,7 +80,8 @@ "An error occurred while creating your account!": "Si è verificato un errore nella creazione dell'account!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Se vedi un messaggio che dice \"Google hasn't verified this app\", puoi ignorarlo cliccando su \"Advanced\". Attualmente stiamo lavorando per ottenere la certificazione richiesta da Google per eliminare questo messaggio.", "Username is too large.": "Il nome utente è troppo grande.", - "Display name is too large.": "Il nome del display è troppo grande." + "Display name is too large.": "Il nome del display è troppo grande.", + "Password has invalid characters.": "La password contiene caratteri non validi." }, "pluralForm": "nplurals=2; plural=(n != 1);" } diff --git a/lib/Controller/AccountController.php b/lib/Controller/AccountController.php index 550e1a7dd5bc0aa22390bf7f3275a4b2f8692674..81a2e997753751ac6d1ad0717db2fa6bc8d2c45f 100644 --- a/lib/Controller/AccountController.php +++ b/lib/Controller/AccountController.php @@ -21,6 +21,7 @@ use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Http\RedirectResponse; use OCP\AppFramework\Http\TemplateResponse; use OCP\AppFramework\Services\IInitialState; +use OCP\Files\IAppData; use OCP\IConfig; use OCP\ILogger; use OCP\IRequest; @@ -43,13 +44,15 @@ class AccountController extends Controller { /** @var IConfig */ private IConfig $config; private IInitialState $initialState; + private IAppData $appData; private const SESSION_USERNAME_CHECK = 'username_check_passed'; private const CAPTCHA_VERIFIED_CHECK = 'captcha_verified'; private const ALLOWED_CAPTCHA_PROVIDERS = ['image', 'hcaptcha']; private const DEFAULT_CAPTCHA_PROVIDER = 'image'; private const HCAPTCHA_PROVIDER = 'hcaptcha'; private const HCAPTCHA_DOMAINS = ['https://hcaptcha.com', 'https://*.hcaptcha.com']; - + private const BLACKLISTED_USERNAMES_FILE_NAME = 'blacklisted_usernames'; + private ILogger $logger; public function __construct( $AppName, @@ -64,7 +67,8 @@ class AccountController extends Controller { ISession $session, IConfig $config, ILogger $logger, - IInitialState $initialState + IInitialState $initialState, + IAppData $appData ) { parent::__construct($AppName, $request); $this->appName = $AppName; @@ -80,6 +84,7 @@ class AccountController extends Controller { $this->logger = $logger; $this->request = $request; $this->initialState = $initialState; + $this->appData = $appData; } /** @@ -154,6 +159,12 @@ class AccountController extends Controller { return $response; } + if (preg_match("/\\\/", $password)) { + $response->setData(['message' => 'Password has invalid characters.', 'success' => false]); + $response->setStatus(400); + return $response; + } + $inputData = [ 'username' => ['value' => $username, 'maxLength' => 30], 'display name' => ['value' => $displayname, 'maxLength' => 30], @@ -274,14 +285,24 @@ class AccountController extends Controller { return $response; } } - if (!preg_match('/^[a-zA-Z0-9._-]+$/', $username)) { + if (!preg_match('/^(?=.{3,30}$)(?![_.-])(?!.*[_.-]{2})[a-zA-Z0-9._-]+(?setData(['message' => 'Username must consist of letters, numbers, hyphens, dots and underscores only.', 'field' => 'username', 'success' => false]); $response->setStatus(403); return $response; } try { $username = mb_strtolower($username, 'UTF-8'); - if (!$this->userService->userExists($username) && !$this->userService->isUsernameTaken($username)) { + $blacklist = []; + $appDataFolder = $this->appData->getFolder('/'); + if (!$appDataFolder->fileExists(self::BLACKLISTED_USERNAMES_FILE_NAME)) { + $appDataFolder->newFile(self::BLACKLISTED_USERNAMES_FILE_NAME, ""); + } + $content = $appDataFolder->getFile(self::BLACKLISTED_USERNAMES_FILE_NAME)->getContent(); + $blacklist = explode("\n", $content); + + if (in_array($username, $blacklist)) { + $response->setData(['message' => 'Username is already taken.', 'field' => 'username', 'success' => false]); + } elseif (!$this->userService->userExists($username) && !$this->userService->isUsernameTaken($username)) { $response->setStatus(200); $this->session->set(self::SESSION_USERNAME_CHECK, true); } else { diff --git a/src/signup/RegistrationForm.vue b/src/signup/RegistrationForm.vue index 7ae385ab745b188901ce25a7fc7dbb57a38abca5..70dd2350fcbcc78761fdf63cc4693d15b5524a38 100644 --- a/src/signup/RegistrationForm.vue +++ b/src/signup/RegistrationForm.vue @@ -208,6 +208,7 @@ export default { passwordErrors: [], passwordRules: [ { message: t(this.appName, 'Incorrect password length: Required length is 8 to 32'), regex: /.{8,32}/ }, + { message: t(this.appName, 'Password has invalid characters.'), regex: /^(?!.*\\).*/ }, ], isUsernameAvailable: false, processing: false,