diff options
| -rw-r--r-- | apioforum/auth.py | 2 | ||||
| -rw-r--r-- | apioforum/templates/auth/register.html | 2 | ||||
| -rw-r--r-- | apioforum/templates/user_settings.html | 4 |
3 files changed, 5 insertions, 3 deletions
diff --git a/apioforum/auth.py b/apioforum/auth.py index d5f2652..deacfc8 100644 --- a/apioforum/auth.py +++ b/apioforum/auth.py @@ -56,6 +56,8 @@ def register(): err = f"User {username} is already registered." elif len(username) > 20: err = "username can't be longer than 20 characters" + elif not username.isalnum(): + err = "username must be alphanumeric" if err is None: db.execute( diff --git a/apioforum/templates/auth/register.html b/apioforum/templates/auth/register.html index 7d079c2..5d27b90 100644 --- a/apioforum/templates/auth/register.html +++ b/apioforum/templates/auth/register.html @@ -7,7 +7,7 @@ <p>create a new account here. if you already have an account, <a href="{{url_for('auth.login')}}">login</a> instead.</p> <form method="post"> <label for="username">Username</label> - <input name="username" id="username" required> + <input name="username" id="username" maxlength="20" required> <br> <label for="password">Password</label> <input type="password" name="password" id="password" required> diff --git a/apioforum/templates/user_settings.html b/apioforum/templates/user_settings.html index cac613a..d463eee 100644 --- a/apioforum/templates/user_settings.html +++ b/apioforum/templates/user_settings.html @@ -5,9 +5,9 @@ <fieldset> <legend>change password</legend> <label for="password">current password</label> -<input type="text" id="password" name="password"><br> +<input type="password" id="password" name="password"><br> <label for="new_password">new password</label> -<input type="text" id="new_password" name="new_password"> +<input type="password" id="new_password" name="new_password"> </fieldset> <fieldset> <legend>change bio</legend> |