tanner/spaceport
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add checks to username on login

Browse Source
This commit is contained in:
Tanner Collin 2022-02-10 00:30:16 +00:00
parent 665a2bddef
commit 87863b3baf
3 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
apiserver/apiserver/api/serializers.py
View File

@ -772,3 +772,24 @@ class SpaceportAuthSerializer(LoginSerializer):
user.member.save()
return user
class MyLoginSerializer(LoginSerializer):
def authenticate(self, **kwargs):
username = kwargs.get('username', '')
if 'your' in username and 'own' in username and 'name' in username:
raise ValidationError(dict(username='*server explodes*'))
if ' ' in username:
raise ValidationError(dict(username='Username shouldn\'t have spaces.'))
if 'first.last' in username:
raise ValidationError(dict(username='Don\'t literally try "first.last", use your own name.'))
if 'first.middle.last' in username:
raise ValidationError(dict(username='Don\'t literally try "first.middle.last", use your own name.'))
if not User.objects.filter(username=username).exists():
raise ValidationError(dict(username='Username not found. Try "first.last" or "first.middle.last".'))
return super().authenticate(**kwargs)

3
apiserver/apiserver/api/views.py
View File

@ -855,6 +855,9 @@ class PasswordResetConfirmView(PasswordResetConfirmView):
class SpaceportAuthView(LoginView):
serializer_class = serializers.SpaceportAuthSerializer
class MyLoginView(LoginView):
serializer_class = serializers.MyLoginSerializer
@api_view()
def null_view(request, *args, **kwargs):

2
apiserver/apiserver/urls.py
View File

@ -28,7 +28,7 @@ router.register(r'charts/spaceactivity', views.SpaceActivityViewSet, basename='s
urlpatterns = [
path('', include(router.urls)),
url(r'^rest-auth/login/$', LoginView.as_view(), name='rest_login'),
url(r'^rest-auth/login/$', views.MyLoginView.as_view(), name='rest_login'),
url(r'^spaceport-auth/login/$', views.SpaceportAuthView.as_view(), name='spaceport_auth'),
url(r'^rest-auth/logout/$', LogoutView.as_view(), name='rest_logout'),
url(r'^password/reset/$', views.PasswordResetView.as_view(), name='rest_password_reset'),