From d29bbef661e23a9b9db78480d7512e190ade6ab7 Mon Sep 17 00:00:00 2001 From: "Alexandre R. D'Anzi" Date: Fri, 27 Sep 2024 16:14:18 +0200 Subject: [PATCH 01/12] better validation for password and username --- lib/Controller/AccountController.php | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/lib/Controller/AccountController.php b/lib/Controller/AccountController.php index 550e1a7d..467f9e14 100644 --- a/lib/Controller/AccountController.php +++ b/lib/Controller/AccountController.php @@ -153,6 +153,12 @@ class AccountController extends Controller { $response->setStatus(400); return $response; } + + if($this->has_invalid_password_characters()){ + $response->setData(['message' => 'Password has invalid characters', 'success' => false]); + $response->setStatus(400); + return $response; + } $inputData = [ 'username' => ['value' => $username, 'maxLength' => 30], @@ -274,7 +280,7 @@ class AccountController extends Controller { return $response; } } - if (!preg_match('/^[a-zA-Z0-9._-]+$/', $username)) { + if (!preg_match('/^(?=.{3,30}$)(?![_.-])(?!.*[_.-]{2})[a-zA-Z0-9._-]+(?setData(['message' => 'Username must consist of letters, numbers, hyphens, dots and underscores only.', 'field' => 'username', 'success' => false]); $response->setStatus(403); return $response; @@ -287,6 +293,10 @@ class AccountController extends Controller { } else { $response->setData(['message' => 'Username is already taken.', 'field' => 'username', 'success' => false]); } + if (in_array($mbox, array('abuse', 'hostmaster', 'postmaster', 'webmaster', 'postmaster', 'root', 'sendmail', 'postfix', 'contact', 'info', 'sales', 'marketing', 'news', 'newsletter', 'eelo', 'job', 'jobs', 'career', 'admin', 'legal', 'apache', 'postfix', 'mysql', 'support'))) { + $response->setData(['message' => 'This username is forbidden', 'field' => 'username', 'success' => false]); + } + } catch (Exception $e) { $this->logger->logException($e, ['app' => Application::APP_ID ]); $response->setStatus(500); @@ -295,6 +305,11 @@ class AccountController extends Controller { return $response; } + private function has_invalid_password_characters(string $password): bool + { + return (bool) preg_match("/\\\/", $password); + } + /** * @NoAdminRequired * @PublicPage -- GitLab From cb4bc6500ed72266081b719e4ff4b89310aebc6b Mon Sep 17 00:00:00 2001 From: "Alexandre R. D'Anzi" Date: Mon, 30 Sep 2024 15:50:51 +0200 Subject: [PATCH 02/12] some fixes --- lib/Controller/AccountController.php | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/lib/Controller/AccountController.php b/lib/Controller/AccountController.php index 467f9e14..741745ea 100644 --- a/lib/Controller/AccountController.php +++ b/lib/Controller/AccountController.php @@ -153,8 +153,8 @@ class AccountController extends Controller { $response->setStatus(400); return $response; } - - if($this->has_invalid_password_characters()){ + + if(preg_match("/\\\/", $password)){ $response->setData(['message' => 'Password has invalid characters', 'success' => false]); $response->setStatus(400); return $response; @@ -287,16 +287,15 @@ class AccountController extends Controller { } try { $username = mb_strtolower($username, 'UTF-8'); - if (!$this->userService->userExists($username) && !$this->userService->isUsernameTaken($username)) { + if (in_array($username, array('abuse', 'hostmaster', 'postmaster', 'webmaster', 'postmaster', 'root', 'sendmail', 'postfix', 'contact', 'info', 'sales', 'marketing', 'news', 'newsletter', 'eelo', 'job', 'jobs', 'career', 'admin', 'legal', 'apache', 'postfix', 'mysql', 'support'))) { + $response->setData(['message' => 'This username is forbidden.', 'field' => 'username', 'success' => false]); + } + else if (!$this->userService->userExists($username) && !$this->userService->isUsernameTaken($username)) { $response->setStatus(200); $this->session->set(self::SESSION_USERNAME_CHECK, true); } else { $response->setData(['message' => 'Username is already taken.', 'field' => 'username', 'success' => false]); } - if (in_array($mbox, array('abuse', 'hostmaster', 'postmaster', 'webmaster', 'postmaster', 'root', 'sendmail', 'postfix', 'contact', 'info', 'sales', 'marketing', 'news', 'newsletter', 'eelo', 'job', 'jobs', 'career', 'admin', 'legal', 'apache', 'postfix', 'mysql', 'support'))) { - $response->setData(['message' => 'This username is forbidden', 'field' => 'username', 'success' => false]); - } - } catch (Exception $e) { $this->logger->logException($e, ['app' => Application::APP_ID ]); $response->setStatus(500); @@ -305,11 +304,6 @@ class AccountController extends Controller { return $response; } - private function has_invalid_password_characters(string $password): bool - { - return (bool) preg_match("/\\\/", $password); - } - /** * @NoAdminRequired * @PublicPage -- GitLab From 8643d2571d8ae2085efc38bfda5c08ff8f355978 Mon Sep 17 00:00:00 2001 From: "Alexandre R. D'Anzi" Date: Mon, 30 Sep 2024 17:01:14 +0200 Subject: [PATCH 03/12] use an external list for forbidden accounts --- lib/Controller/AccountController.php | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/lib/Controller/AccountController.php b/lib/Controller/AccountController.php index 741745ea..54477f83 100644 --- a/lib/Controller/AccountController.php +++ b/lib/Controller/AccountController.php @@ -287,7 +287,14 @@ class AccountController extends Controller { } try { $username = mb_strtolower($username, 'UTF-8'); - if (in_array($username, array('abuse', 'hostmaster', 'postmaster', 'webmaster', 'postmaster', 'root', 'sendmail', 'postfix', 'contact', 'info', 'sales', 'marketing', 'news', 'newsletter', 'eelo', 'job', 'jobs', 'career', 'admin', 'legal', 'apache', 'postfix', 'mysql', 'support'))) { + $blacklist = array(); + $appPath = \OC_App::getAppPath($this->appName); + $filePath = $appPath . '/blacklisted_usernames'; + if (file_exists($filePath)) { + $content = file_get_contents($filePath); + $blacklist = explode("\n", $content); + } + if (in_array($username, $blacklist)){ $response->setData(['message' => 'This username is forbidden.', 'field' => 'username', 'success' => false]); } else if (!$this->userService->userExists($username) && !$this->userService->isUsernameTaken($username)) { -- GitLab From 7d36c09f23701793a37ca3914c1ab81373cd428b Mon Sep 17 00:00:00 2001 From: "Alexandre R. D'Anzi" Date: Mon, 30 Sep 2024 19:11:39 +0200 Subject: [PATCH 04/12] fix lint issues --- lib/Controller/AccountController.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/Controller/AccountController.php b/lib/Controller/AccountController.php index 54477f83..cbefa14b 100644 --- a/lib/Controller/AccountController.php +++ b/lib/Controller/AccountController.php @@ -154,7 +154,7 @@ class AccountController extends Controller { return $response; } - if(preg_match("/\\\/", $password)){ + if (preg_match("/\\\/", $password)) { $response->setData(['message' => 'Password has invalid characters', 'success' => false]); $response->setStatus(400); return $response; @@ -294,7 +294,7 @@ class AccountController extends Controller { $content = file_get_contents($filePath); $blacklist = explode("\n", $content); } - if (in_array($username, $blacklist)){ + if (in_array($username, $blacklist)) { $response->setData(['message' => 'This username is forbidden.', 'field' => 'username', 'success' => false]); } else if (!$this->userService->userExists($username) && !$this->userService->isUsernameTaken($username)) { -- GitLab From e911be373384e0fd2eecf93b6d56a0c821e99c26 Mon Sep 17 00:00:00 2001 From: "Alexandre R. D'Anzi" Date: Mon, 30 Sep 2024 22:38:21 +0200 Subject: [PATCH 05/12] using elseif --- lib/Controller/AccountController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/Controller/AccountController.php b/lib/Controller/AccountController.php index cbefa14b..f7651b1f 100644 --- a/lib/Controller/AccountController.php +++ b/lib/Controller/AccountController.php @@ -297,7 +297,7 @@ class AccountController extends Controller { if (in_array($username, $blacklist)) { $response->setData(['message' => 'This username is forbidden.', 'field' => 'username', 'success' => false]); } - else if (!$this->userService->userExists($username) && !$this->userService->isUsernameTaken($username)) { + elseif (!$this->userService->userExists($username) && !$this->userService->isUsernameTaken($username)) { $response->setStatus(200); $this->session->set(self::SESSION_USERNAME_CHECK, true); } else { -- GitLab From f840a3ba6d4f8b94817631c428289091f99b05dd Mon Sep 17 00:00:00 2001 From: "Alexandre R. D'Anzi" Date: Mon, 30 Sep 2024 23:07:55 +0200 Subject: [PATCH 06/12] some other lint fixes --- lib/Controller/AccountController.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/lib/Controller/AccountController.php b/lib/Controller/AccountController.php index f7651b1f..320aea67 100644 --- a/lib/Controller/AccountController.php +++ b/lib/Controller/AccountController.php @@ -287,7 +287,7 @@ class AccountController extends Controller { } try { $username = mb_strtolower($username, 'UTF-8'); - $blacklist = array(); + $blacklist = []; $appPath = \OC_App::getAppPath($this->appName); $filePath = $appPath . '/blacklisted_usernames'; if (file_exists($filePath)) { @@ -296,8 +296,7 @@ class AccountController extends Controller { } if (in_array($username, $blacklist)) { $response->setData(['message' => 'This username is forbidden.', 'field' => 'username', 'success' => false]); - } - elseif (!$this->userService->userExists($username) && !$this->userService->isUsernameTaken($username)) { + } elseif (!$this->userService->userExists($username) && !$this->userService->isUsernameTaken($username)) { $response->setStatus(200); $this->session->set(self::SESSION_USERNAME_CHECK, true); } else { -- GitLab From e5e97724210504b947523d60b7d6f8b2e0e5a66f Mon Sep 17 00:00:00 2001 From: Alexandre Roux Date: Tue, 1 Oct 2024 09:55:06 +0000 Subject: [PATCH 07/12] Apply 1 suggestion(s) to 1 file(s) Co-authored-by: Ronak Patel --- lib/Controller/AccountController.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/Controller/AccountController.php b/lib/Controller/AccountController.php index 320aea67..db55a5e4 100644 --- a/lib/Controller/AccountController.php +++ b/lib/Controller/AccountController.php @@ -155,7 +155,7 @@ class AccountController extends Controller { } if (preg_match("/\\\/", $password)) { - $response->setData(['message' => 'Password has invalid characters', 'success' => false]); + $response->setData(['message' => 'Password has invalid characters.', 'success' => false]); $response->setStatus(400); return $response; } -- GitLab From 4c2218c1235de2b1e67425e9cf1a5dffc4287e2e Mon Sep 17 00:00:00 2001 From: "Alexandre R. D'Anzi" Date: Wed, 2 Oct 2024 16:46:19 +0200 Subject: [PATCH 08/12] use file in appdata instead --- lib/Controller/AccountController.php | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/lib/Controller/AccountController.php b/lib/Controller/AccountController.php index db55a5e4..c61a4666 100644 --- a/lib/Controller/AccountController.php +++ b/lib/Controller/AccountController.php @@ -28,6 +28,7 @@ use OCP\ISession; use OCP\IURLGenerator; use OCP\IUserSession; use OCP\L10N\IFactory; +use OCP\Files\IAppData; class AccountController extends Controller { protected $appName; @@ -43,13 +44,15 @@ class AccountController extends Controller { /** @var IConfig */ private IConfig $config; private IInitialState $initialState; + private IAppData $appData; private const SESSION_USERNAME_CHECK = 'username_check_passed'; private const CAPTCHA_VERIFIED_CHECK = 'captcha_verified'; private const ALLOWED_CAPTCHA_PROVIDERS = ['image', 'hcaptcha']; private const DEFAULT_CAPTCHA_PROVIDER = 'image'; private const HCAPTCHA_PROVIDER = 'hcaptcha'; private const HCAPTCHA_DOMAINS = ['https://hcaptcha.com', 'https://*.hcaptcha.com']; - + private const BLACKLISTED_USERNAMES_FILE_NAME = 'blacklisted_usernames'; + private ILogger $logger; public function __construct( $AppName, @@ -64,7 +67,8 @@ class AccountController extends Controller { ISession $session, IConfig $config, ILogger $logger, - IInitialState $initialState + IInitialState $initialState, + IAppData $appData ) { parent::__construct($AppName, $request); $this->appName = $AppName; @@ -80,6 +84,7 @@ class AccountController extends Controller { $this->logger = $logger; $this->request = $request; $this->initialState = $initialState; + $this->appData = $appData; } /** @@ -288,12 +293,13 @@ class AccountController extends Controller { try { $username = mb_strtolower($username, 'UTF-8'); $blacklist = []; - $appPath = \OC_App::getAppPath($this->appName); - $filePath = $appPath . '/blacklisted_usernames'; - if (file_exists($filePath)) { - $content = file_get_contents($filePath); - $blacklist = explode("\n", $content); + $appDataFolder = $this->appData->getFolder('/'); + if (!$appDataFolder->fileExists(self::BLACKLISTED_USERNAMES_FILE_NAME)) { + $appDataFolder->newFile(self::BLACKLISTED_USERNAMES_FILE_NAME, ""); } + $content = $appDataFolder->getFile(self::BLACKLISTED_USERNAMES_FILE_NAME)->getContent(); + $blacklist = explode("\n", $content); + if (in_array($username, $blacklist)) { $response->setData(['message' => 'This username is forbidden.', 'field' => 'username', 'success' => false]); } elseif (!$this->userService->userExists($username) && !$this->userService->isUsernameTaken($username)) { -- GitLab From a918f89406bcfe6f421a3cc00dc438e954cbb28b Mon Sep 17 00:00:00 2001 From: "Alexandre R. D'Anzi" Date: Wed, 2 Oct 2024 22:23:06 +0200 Subject: [PATCH 09/12] forbid backslashed in password --- lib/Controller/AccountController.php | 2 +- src/signup/RegistrationForm.vue | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/Controller/AccountController.php b/lib/Controller/AccountController.php index c61a4666..8a5de84c 100644 --- a/lib/Controller/AccountController.php +++ b/lib/Controller/AccountController.php @@ -21,6 +21,7 @@ use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Http\RedirectResponse; use OCP\AppFramework\Http\TemplateResponse; use OCP\AppFramework\Services\IInitialState; +use OCP\Files\IAppData; use OCP\IConfig; use OCP\ILogger; use OCP\IRequest; @@ -28,7 +29,6 @@ use OCP\ISession; use OCP\IURLGenerator; use OCP\IUserSession; use OCP\L10N\IFactory; -use OCP\Files\IAppData; class AccountController extends Controller { protected $appName; diff --git a/src/signup/RegistrationForm.vue b/src/signup/RegistrationForm.vue index 7ae385ab..4ff5fd67 100644 --- a/src/signup/RegistrationForm.vue +++ b/src/signup/RegistrationForm.vue @@ -208,6 +208,7 @@ export default { passwordErrors: [], passwordRules: [ { message: t(this.appName, 'Incorrect password length: Required length is 8 to 32'), regex: /.{8,32}/ }, + { message: t(this.appName, 'Backslashes can\'t be used in passwords.'), regex: /^(?!.*\\).*/ }, ], isUsernameAvailable: false, processing: false, -- GitLab From bc65cdba74317742147590361743a43de06611ea Mon Sep 17 00:00:00 2001 From: "Alexandre R. D'Anzi" Date: Wed, 2 Oct 2024 22:23:45 +0200 Subject: [PATCH 10/12] change string --- src/signup/RegistrationForm.vue | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/signup/RegistrationForm.vue b/src/signup/RegistrationForm.vue index 4ff5fd67..70dd2350 100644 --- a/src/signup/RegistrationForm.vue +++ b/src/signup/RegistrationForm.vue @@ -208,7 +208,7 @@ export default { passwordErrors: [], passwordRules: [ { message: t(this.appName, 'Incorrect password length: Required length is 8 to 32'), regex: /.{8,32}/ }, - { message: t(this.appName, 'Backslashes can\'t be used in passwords.'), regex: /^(?!.*\\).*/ }, + { message: t(this.appName, 'Password has invalid characters.'), regex: /^(?!.*\\).*/ }, ], isUsernameAvailable: false, processing: false, -- GitLab From fb504ff2632271526337b2a6492633c02c6ad3e4 Mon Sep 17 00:00:00 2001 From: "Alexandre R. D'Anzi" Date: Fri, 4 Oct 2024 11:39:34 +0200 Subject: [PATCH 11/12] adding english translation --- l10n/en.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/l10n/en.json b/l10n/en.json index 7568e3f8..3d16bdac 100644 --- a/l10n/en.json +++ b/l10n/en.json @@ -84,7 +84,9 @@ "An error occurred while creating your account!": "An error occurred while creating your account!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.", "Username is too large.": "Username is too large.", - "Display name is too large.": "Display name is too large." + "Display name is too large.": "Display name is too large.", + "Password has invalid characters.": "Password has invalid characters.", + "This username is forbidden.": "This username is forbidden." }, "pluralForm": "nplurals=2; plural=(n != 1);" } -- GitLab From 3ec1b2da2d313f30cc26113ca588031be4d68171 Mon Sep 17 00:00:00 2001 From: "Alexandre R. D'Anzi" Date: Fri, 4 Oct 2024 15:35:56 +0200 Subject: [PATCH 12/12] more translation --- l10n/de.js | 3 ++- l10n/de.json | 3 ++- l10n/de_DE.js | 3 ++- l10n/de_DE.json | 3 ++- l10n/en.js | 3 ++- l10n/en.json | 3 +-- l10n/es.js | 3 ++- l10n/es.json | 4 +++- l10n/fr.js | 3 ++- l10n/fr.json | 3 ++- l10n/it.js | 3 ++- l10n/it.json | 3 ++- lib/Controller/AccountController.php | 2 +- 13 files changed, 25 insertions(+), 14 deletions(-) diff --git a/l10n/de.js b/l10n/de.js index 14a5579d..2c00a409 100644 --- a/l10n/de.js +++ b/l10n/de.js @@ -84,6 +84,7 @@ OC.L10N.register( "An error occurred while creating your account!": "Beim Anlegen Ihres Kontos ist ein Fehler aufgetreten!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Wenn Sie eine Nachricht sehen, die besagt \"Google hasn't verified this app\", können Sie diese ignorieren, indem Sie auf \"Advanced\" klicken. Wir arbeiten derzeit daran, die erforderliche Zertifizierung von Google zu erhalten, um diese Nachricht zu entfernen.", "Username is too large.": "Der Benutzername ist zu groß.", - "Display name is too large.": "Der Anzeigename ist zu groß." + "Display name is too large.": "Der Anzeigename ist zu groß.", + "Password has invalid characters.": "Das Passwort enthält ungültige Zeichen." }, "nplurals=2; plural=(n != 1);"); diff --git a/l10n/de.json b/l10n/de.json index c3dd2ba5..63b7d434 100644 --- a/l10n/de.json +++ b/l10n/de.json @@ -82,7 +82,8 @@ "An error occurred while creating your account!": "Beim Anlegen Ihres Kontos ist ein Fehler aufgetreten!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Wenn Sie eine Nachricht sehen, die besagt \"Google hasn't verified this app\", können Sie diese ignorieren, indem Sie auf \"Advanced\" tippen. Wir arbeiten derzeit daran, die erforderliche Zertifizierung von Google zu erhalten, um diese Fehlermeldung zu beseitigen.", "Username is too large.": "Der Benutzername ist zu groß.", - "Display name is too large.": "Der Anzeigename ist zu groß." + "Display name is too large.": "Der Anzeigename ist zu groß.", + "Password has invalid characters.": "Das Passwort enthält ungültige Zeichen." }, "pluralForm": "nplurals=2; plural=(n != 1);" } diff --git a/l10n/de_DE.js b/l10n/de_DE.js index 4754fe0e..9478e844 100644 --- a/l10n/de_DE.js +++ b/l10n/de_DE.js @@ -84,6 +84,7 @@ OC.L10N.register( "An error occurred while creating your account!": "Beim Anlegen Ihres Kontos ist ein Fehler aufgetreten!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Wenn du eine Nachricht siehst, die besagt \"Google hasn't verified this app\", kannst du sie ignorieren, indem du auf \"Advanced\" klickst. Wir arbeiten derzeit daran, die erforderliche Zertifizierung von Google zu erhalten, um diese Nachricht zu entfernen.", "Username is too large.": "Der Benutzername ist zu groß.", - "Display name is too large.": "Der Anzeigename ist zu groß." + "Display name is too large.": "Der Anzeigename ist zu groß.", + "Password has invalid characters.": "Das Passwort enthält ungültige Zeichen." }, "nplurals=2; plural=(n != 1);"); diff --git a/l10n/de_DE.json b/l10n/de_DE.json index 2f526340..493c1672 100644 --- a/l10n/de_DE.json +++ b/l10n/de_DE.json @@ -82,7 +82,8 @@ "An error occurred while creating your account!": "Beim Anlegen Ihres Kontos ist ein Fehler aufgetreten!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Wenn du eine Nachricht siehst, die besagt \"Google hasn't verified this app\", kannst du sie ignorieren, indem du auf \"Advanced\" tippst. Wir arbeiten derzeit daran, die erforderliche Zertifizierung von Google zu erhalten, um diese Fehlermeldung zu beseitigen.", "Username is too large.": "Der Benutzername ist zu groß.", - "Display name is too large.": "Der Anzeigename ist zu groß." + "Display name is too large.": "Der Anzeigename ist zu groß.", + "Password has invalid characters.": "Das Passwort enthält ungültige Zeichen." }, "pluralForm": "nplurals=2; plural=(n != 1);" } diff --git a/l10n/en.js b/l10n/en.js index d7c570df..95596e24 100644 --- a/l10n/en.js +++ b/l10n/en.js @@ -87,6 +87,7 @@ OC.L10N.register( "An error occurred while creating your account!": "An error occurred while creating your account!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.", "Username is too large.": "Username is too large.", - "Display name is too large.": "Display name is too large." + "Display name is too large.": "Display name is too large.", + "Password has invalid characters.": "Password has invalid characters." }, "nplurals=2; plural=(n != 1);"); diff --git a/l10n/en.json b/l10n/en.json index 3d16bdac..d6550f49 100644 --- a/l10n/en.json +++ b/l10n/en.json @@ -85,8 +85,7 @@ "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.", "Username is too large.": "Username is too large.", "Display name is too large.": "Display name is too large.", - "Password has invalid characters.": "Password has invalid characters.", - "This username is forbidden.": "This username is forbidden." + "Password has invalid characters.": "La contraseña tiene caracteres no válidos." }, "pluralForm": "nplurals=2; plural=(n != 1);" } diff --git a/l10n/es.js b/l10n/es.js index c97769b9..7238cc2a 100644 --- a/l10n/es.js +++ b/l10n/es.js @@ -86,6 +86,7 @@ OC.L10N.register( "An error occurred while creating your account!": "¡Hubo un error creando tu cuenta!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Si ves un mensaje que dice \"Google hasn't verified this app\", puedes omitirlo haciendo clic en \"Advanced\". Actualmente estamos trabajando para obtener la certificación que Google exige para eliminar este mensaje.", "Username is too large.": "El nombre de usuario es demasiado grande.", - "Display name is too large.": "El nombre para mostrar es demasiado grande." + "Display name is too large.": "El nombre para mostrar es demasiado grande.", + "Password has invalid characters.": "La contraseña tiene caracteres no válidos." }, "nplurals=2; plural=(n != 1);"); diff --git a/l10n/es.json b/l10n/es.json index fd22c863..74dad40c 100644 --- a/l10n/es.json +++ b/l10n/es.json @@ -85,7 +85,9 @@ "An error occurred while creating your account!": "¡Hubo un error creando tu cuenta!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Si ves un mensaje que dice \"Google hasn't verified this app\", puedes omitirlo haciendo clic en \"Advanced\". Actualmente estamos trabajando para obtener la certificación que Google exige para eliminar este mensaje.", "Username is too large.": "El nombre de usuario es demasiado grande.", - "Display name is too large.": "El nombre para mostrar es demasiado grande." + "Display name is too large.": "El nombre para mostrar es demasiado grande.", + "Password has invalid characters.": "Password has invalid characters." + }, "pluralForm": "nplurals=2; plural=(n != 1);" } diff --git a/l10n/fr.js b/l10n/fr.js index 5a84aea7..3a7a008e 100644 --- a/l10n/fr.js +++ b/l10n/fr.js @@ -85,6 +85,7 @@ OC.L10N.register( "An error occurred while creating your account!": "Une erreur s'est produite lors de la création de votre compte!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Si vous voyez un message disant \"Google hasn't verified this app\" vous pouvez le contourner en cliquant sur \"Advanced\". Nous travaillons actuellement sur l'obtention de la certification exigée par Google pour se débarrasser de ce message.", "Username is too large.": "Le nom d'utilisateur est trop grand.", - "Display name is too large.": "Le nom affiché est trop grand." + "Display name is too large.": "Le nom affiché est trop grand.", + "Password has invalid characters.": "Le mot de passe contient des caractères non valides." }, "nplurals=2; plural=(n != 1);"); diff --git a/l10n/fr.json b/l10n/fr.json index 2b733b05..8f27e62a 100644 --- a/l10n/fr.json +++ b/l10n/fr.json @@ -84,7 +84,8 @@ "An error occurred while creating your account!": "Une erreur s'est produite lors de la création de votre compte!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Si vous voyez un message disant \"Google hasn't verified this app\" vous pouvez le contourner en cliquant sur \"Advanced\". Nous travaillons actuellement sur l'obtention de la certification exigée par Google pour se débarrasser de ce message.", "Username is too large.": "Le nom d'utilisateur est trop grand.", - "Display name is too large.": "Le nom affiché est trop grand." + "Display name is too large.": "Le nom affiché est trop grand.", + "Password has invalid characters.": "Le mot de passe contient des caractères non valides." }, "pluralForm": "nplurals=2; plural=(n != 1);" } diff --git a/l10n/it.js b/l10n/it.js index cbf1181e..f90e0506 100644 --- a/l10n/it.js +++ b/l10n/it.js @@ -85,6 +85,7 @@ OC.L10N.register( "An error occurred while creating your account!": "Si è verificato un errore nella creazione dell'account!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Se vedi un messaggio che dice \"Google hasn't verified this app\", puoi ignorarlo facendo clic su \"Advanced\". Attualmente stiamo lavorando per ottenere la certificazione richiesta da Google per eliminare questo messaggio.", "Username is too large.": "Il nome utente è troppo grande.", - "Display name is too large.": "Il nome del display è troppo grande." + "Display name is too large.": "Il nome del display è troppo grande.", + "Password has invalid characters.": "La password contiene caratteri non validi." }, "nplurals=2; plural=(n != 1);"); diff --git a/l10n/it.json b/l10n/it.json index 18307c2b..fcd388c4 100644 --- a/l10n/it.json +++ b/l10n/it.json @@ -80,7 +80,8 @@ "An error occurred while creating your account!": "Si è verificato un errore nella creazione dell'account!", "If you see a \"Google hasn't verified this app\" message you can bypass it by clicking \"Advanced\". We're currently working on passing the certification Google demands to get rid of this message.":"Se vedi un messaggio che dice \"Google hasn't verified this app\", puoi ignorarlo cliccando su \"Advanced\". Attualmente stiamo lavorando per ottenere la certificazione richiesta da Google per eliminare questo messaggio.", "Username is too large.": "Il nome utente è troppo grande.", - "Display name is too large.": "Il nome del display è troppo grande." + "Display name is too large.": "Il nome del display è troppo grande.", + "Password has invalid characters.": "La password contiene caratteri non validi." }, "pluralForm": "nplurals=2; plural=(n != 1);" } diff --git a/lib/Controller/AccountController.php b/lib/Controller/AccountController.php index 8a5de84c..81a2e997 100644 --- a/lib/Controller/AccountController.php +++ b/lib/Controller/AccountController.php @@ -301,7 +301,7 @@ class AccountController extends Controller { $blacklist = explode("\n", $content); if (in_array($username, $blacklist)) { - $response->setData(['message' => 'This username is forbidden.', 'field' => 'username', 'success' => false]); + $response->setData(['message' => 'Username is already taken.', 'field' => 'username', 'success' => false]); } elseif (!$this->userService->userExists($username) && !$this->userService->isUsernameTaken($username)) { $response->setStatus(200); $this->session->set(self::SESSION_USERNAME_CHECK, true); -- GitLab