fix: do not allow special characters in username

graasp · Sep 20, 2024 · d8a810e · d8a810e
1 parent 11963d8
commit d8a810e
Show file tree

Hide file tree

Showing 7 changed files with 13 additions and 1 deletion.
diff --git a/src/langs/constants.ts b/src/langs/constants.ts
@@ -37,6 +37,7 @@ export const AUTH = {
   PRIVACY_POLICY_LINK: 'PRIVACY_POLICY_LINK',
   INVITATIONS_LOADING_MESSAGE: 'INVITATIONS_LOADING_MESSAGE',
   USERNAME_TOO_SHORT_ERROR: 'USERNAME_TOO_SHORT_ERROR',
+  USERNAME_SPECIAL_CHARACTERS_ERROR: 'USERNAME_SPECIAL_CHARACTERS_ERROR',
   USERNAME_TOO_LONG_ERROR: 'USERNAME_TOO_LONG_ERROR',
   INVALID_EMAIL_ERROR: 'INVALID_EMAIL_ERROR',
   EMPTY_EMAIL_ERROR: 'EMPTY_EMAIL_ERROR',

diff --git a/src/langs/de.json b/src/langs/de.json
@@ -35,6 +35,7 @@
   "INVITATIONS_LOADING_MESSAGE": "Wir warten auf Ihre Einladung, bitte warten …",
   "USERNAME_TOO_SHORT_ERROR": "Bitte geben Sie einen Benutzernamen mit mehr als {{min}} Zeichen ein",
   "USERNAME_TOO_LONG_ERROR": "Bitte geben Sie einen Benutzernamen mit weniger als {{max}} Zeichen ein.",
+  "USERNAME_SPECIAL_CHARACTERS_ERROR": "Der Benutzername darf nicht enthalten \" \", \", <, >, ^, %, \\",
   "INVALID_EMAIL_ERROR": "Dies scheint keine gültige E-Mail-Adresse zu sein",
   "EMPTY_EMAIL_ERROR": "Eine E-Mail-Adresse ist erforderlich, dieses Feld darf nicht leer sein",
   "PASSWORD_EMPTY_ERROR": "Das Passwort darf nicht leer sein"

diff --git a/src/langs/en.json b/src/langs/en.json
@@ -38,6 +38,7 @@
   "INVITATIONS_LOADING_MESSAGE": "We are looking for your invitation, please stand by…",
   "USERNAME_TOO_SHORT_ERROR": "Please enter a username with more than {{min}} characters",
   "USERNAME_TOO_LONG_ERROR": "Please enter a username under {{max}} characters",
+  "USERNAME_SPECIAL_CHARACTERS_ERROR": "User name must not contain \" \", \", <, >, ^, %, \\",
   "INVALID_EMAIL_ERROR": "This does not look like a valid email address",
   "EMPTY_EMAIL_ERROR": "An email address is required, this field can not be empty",
   "PASSWORD_EMPTY_ERROR": "The password can not be empty",

diff --git a/src/langs/es.json b/src/langs/es.json
@@ -35,6 +35,7 @@
   "INVITATIONS_LOADING_MESSAGE": "Estamos esperando su invitación, por favor esperen...",
   "USERNAME_TOO_SHORT_ERROR": "Por favor ingrese un nombre de usuario con más de {{min}} caracteres",
   "USERNAME_TOO_LONG_ERROR": "Por favor ingrese un nombre de usuario con menos de {{max}} caracteres",
+  "USERNAME_SPECIAL_CHARACTERS_ERROR": "El nombre de usuario no debe contener \" \", \", <, >, ^, %, \\",
   "INVALID_EMAIL_ERROR": "Esto no parece una dirección de correo electrónico válida.",
   "EMPTY_EMAIL_ERROR": "Se requiere una dirección de correo electrónico, este campo no puede estar vacío",
   "PASSWORD_EMPTY_ERROR": "La contraseña no puede estar vacía"

diff --git a/src/langs/fr.json b/src/langs/fr.json
@@ -35,6 +35,7 @@
   "INVITATIONS_LOADING_MESSAGE": "Nous recherchons votre invitation, veuillez patienter quelques instants…",
   "USERNAME_TOO_SHORT_ERROR": "Veuillez saisir un nom d'utilisateur comportant au moins {{min}} caractères",
   "USERNAME_TOO_LONG_ERROR": "Veuillez saisir un nom d'utilisateur de moins de {{max}} caractères",
+  "USERNAME_SPECIAL_CHARACTERS_ERROR": "Le nom d'utilisateur ne doit pas contenir \" \", \", <, >, ^, %, \\",
   "INVALID_EMAIL_ERROR": "Cela ne ressemble pas à une adresse e-mail valide",
   "EMPTY_EMAIL_ERROR": "Une adresse email est obligatoire, ce champ ne peut pas être vide",
   "PASSWORD_EMPTY_ERROR": "Le mot de passe ne peut pas être vide",

diff --git a/src/langs/it.json b/src/langs/it.json
@@ -22,5 +22,6 @@
   "SIGN_UP_SAVE_ACTIONS_LABEL": "Attivare il salvataggio degli insight guidati dai dati per migliorare i cruscotti analitici",
   "SIGN_UP_SAVE_ACTIONS_TOOLTIP": "Raccogliamo dati analitici per migliorare l'esperienza dell'utente durante la navigazione su Graasp.",
   "SIGN_UP_SUCCESS_TITLE": "Benvenuto!",
-  "SWITCH_ACCOUNT_TEXT": "Passa a un altro account"
+  "SWITCH_ACCOUNT_TEXT": "Passa a un altro account",
+  "USERNAME_SPECIAL_CHARACTERS_ERROR": "Il nome utente non deve contenere \" \", \", <, >, ^, %, \\"
 }
diff --git a/src/utils/validation.ts b/src/utils/validation.ts
@@ -7,11 +7,14 @@ import { AUTH } from '../langs/constants';
 const {
   USERNAME_TOO_LONG_ERROR,
   USERNAME_TOO_SHORT_ERROR,
+  USERNAME_SPECIAL_CHARACTERS_ERROR,
   INVALID_EMAIL_ERROR,
   PASSWORD_EMPTY_ERROR,
   EMPTY_EMAIL_ERROR,
 } = AUTH;
 
+const USER_NAME_REGEX = /.*["<>^%\\\t\s]+.*/;
+
 export const nameValidator = (name: string) => {
   const trimmedName = name.trim();
   if (trimmedName.length > MAX_USERNAME_LENGTH) {
@@ -20,6 +23,9 @@ export const nameValidator = (name: string) => {
   if (trimmedName.length < MIN_USERNAME_LENGTH) {
     return USERNAME_TOO_SHORT_ERROR;
   }
+  if (USER_NAME_REGEX.test(trimmedName)) {
+    return USERNAME_SPECIAL_CHARACTERS_ERROR;
+  }
   return null;
 };