0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-12-15 00:33:50 +01:00

Don't allow people to register user ids which only differ by case to an existing one

This commit is contained in:
Erik Johnston 2015-08-21 10:57:47 +01:00
parent 1f7642efa9
commit aa3c9c7bd0
2 changed files with 13 additions and 2 deletions

View file

@ -57,8 +57,8 @@ class RegistrationHandler(BaseHandler):
yield self.check_user_id_is_valid(user_id) yield self.check_user_id_is_valid(user_id)
u = yield self.store.get_user_by_id(user_id) users = yield self.store.get_users_by_id_case_insensitive(user_id)
if u: if users:
raise SynapseError( raise SynapseError(
400, 400,
"User ID already taken.", "User ID already taken.",

View file

@ -98,6 +98,17 @@ class RegistrationStore(SQLBaseStore):
allow_none=True, allow_none=True,
) )
def get_users_by_id_case_insensitive(self, user_id):
def f(txn):
sql = (
"SELECT name, password_hash FROM users"
" WHERE name = lower(?)"
)
txn.execute(sql, (user_id,))
return self.cursor_to_dict(txn)
return self.runInteraction("get_users_by_id_case_insensitive", f)
@defer.inlineCallbacks @defer.inlineCallbacks
def user_set_password_hash(self, user_id, password_hash): def user_set_password_hash(self, user_id, password_hash):
""" """