Check invalid username from lists in login

securedrop/models.py

@@ -663,13 +663,15 @@ def throttle_login(cls, user):
     @classmethod
     def login(cls, username, password, token):
         # type: (str, str, str) -> Journalist
+        invalid_usernames = ['deleted']
+
         try:
             user = Journalist.query.filter_by(username=username).one()
         except NoResultFound:
             raise InvalidUsernameException(
                 "invalid username '{}'".format(username))
 
-        if user.username == 'deleted' and user.uuid == 'deleted':
+        if user.username in invalid_usernames and user.uuid in invalid_usernames:
             raise InvalidUsernameException(
                 "Invalid username '{}'".format(username))