aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorcitrons <citrons>2021-06-20 17:47:18 +0000
committercitrons <citrons>2021-06-20 17:47:18 +0000
commit4284137ccfa451bd36eb9e7a02db9252315bf20a (patch)
tree5ac574ddb0d8aee47924578aacea5a58f3f19624
parent3be75ab10340ec76f6f65bd6256f7ecb1d1adc1c (diff)
usernames must be alphanumeric; set html maxlength for username box to improve UX™
-rw-r--r--apioforum/auth.py2
-rw-r--r--apioforum/templates/auth/register.html2
-rw-r--r--apioforum/templates/user_settings.html4
3 files changed, 5 insertions, 3 deletions
diff --git a/apioforum/auth.py b/apioforum/auth.py
index d5f2652..deacfc8 100644
--- a/apioforum/auth.py
+++ b/apioforum/auth.py
@@ -56,6 +56,8 @@ def register():
err = f"User {username} is already registered."
elif len(username) > 20:
err = "username can't be longer than 20 characters"
+ elif not username.isalnum():
+ err = "username must be alphanumeric"
if err is None:
db.execute(
diff --git a/apioforum/templates/auth/register.html b/apioforum/templates/auth/register.html
index 7d079c2..5d27b90 100644
--- a/apioforum/templates/auth/register.html
+++ b/apioforum/templates/auth/register.html
@@ -7,7 +7,7 @@
<p>create a new account here. if you already have an account, <a href="{{url_for('auth.login')}}">login</a> instead.</p>
<form method="post">
<label for="username">Username</label>
- <input name="username" id="username" required>
+ <input name="username" id="username" maxlength="20" required>
<br>
<label for="password">Password</label>
<input type="password" name="password" id="password" required>
diff --git a/apioforum/templates/user_settings.html b/apioforum/templates/user_settings.html
index cac613a..d463eee 100644
--- a/apioforum/templates/user_settings.html
+++ b/apioforum/templates/user_settings.html
@@ -5,9 +5,9 @@
<fieldset>
<legend>change password</legend>
<label for="password">current password</label>
-<input type="text" id="password" name="password"><br>
+<input type="password" id="password" name="password"><br>
<label for="new_password">new password</label>
-<input type="text" id="new_password" name="new_password">
+<input type="password" id="new_password" name="new_password">
</fieldset>
<fieldset>
<legend>change bio</legend>