From 0adf5fb6b760ae0843d696191f10f110d12e527d Mon Sep 17 00:00:00 2001 From: YANG QIA <2013xile@gmail.com> Date: Mon, 27 May 2024 17:39:39 +0800 Subject: [PATCH] chore(auth): change char length limit of username to 1-50 (#4502) --- packages/core/auth/src/__tests__/base-auth.test.ts | 5 ++--- packages/core/auth/src/base/auth.ts | 2 +- .../src/collection-manager/interfaces/input.ts | 2 +- packages/core/client/src/locale/ko_KR.json | 2 +- packages/core/client/src/locale/zh-CN.json | 12 ++++++------ packages/core/client/src/locale/zh-TW.json | 10 +++++----- .../plugin-auth/src/client/basic/SignInForm.tsx | 2 +- .../@nocobase/plugin-auth/src/server/basic-auth.ts | 2 +- 8 files changed, 18 insertions(+), 19 deletions(-) diff --git a/packages/core/auth/src/__tests__/base-auth.test.ts b/packages/core/auth/src/__tests__/base-auth.test.ts index 23000c92d7..131738fb84 100644 --- a/packages/core/auth/src/__tests__/base-auth.test.ts +++ b/packages/core/auth/src/__tests__/base-auth.test.ts @@ -17,7 +17,6 @@ describe('base-auth', () => { } as any); expect(auth.validateUsername('')).toBe(false); - expect(auth.validateUsername('a')).toBe(false); expect(auth.validateUsername('a@')).toBe(false); expect(auth.validateUsername('a.')).toBe(false); expect(auth.validateUsername('a<')).toBe(false); @@ -26,8 +25,8 @@ describe('base-auth', () => { expect(auth.validateUsername('a/')).toBe(false); expect(auth.validateUsername("a'")).toBe(false); expect(auth.validateUsername('ab')).toBe(true); - // 16 characters - expect(auth.validateUsername('12345678910111213')).toBe(false); + // 50 characters + expect(auth.validateUsername('01234567890123456789012345678901234567890123456789a')).toBe(false); }); it('check: should return null when no token', async () => { diff --git a/packages/core/auth/src/base/auth.ts b/packages/core/auth/src/base/auth.ts index e4c0d40bb6..4c8659f63c 100644 --- a/packages/core/auth/src/base/auth.ts +++ b/packages/core/auth/src/base/auth.ts @@ -60,7 +60,7 @@ export class BaseAuth extends Auth { * @internal */ validateUsername(username: string) { - return /^[^@.<>"'/]{2,16}$/.test(username); + return /^[^@.<>"'/]{1,50}$/.test(username); } async check() { diff --git a/packages/core/client/src/collection-manager/interfaces/input.ts b/packages/core/client/src/collection-manager/interfaces/input.ts index 4ee4fc18e0..01879c832f 100644 --- a/packages/core/client/src/collection-manager/interfaces/input.ts +++ b/packages/core/client/src/collection-manager/interfaces/input.ts @@ -15,7 +15,7 @@ import { CollectionFieldInterface } from '../../data-source/collection-field-int registerValidateRules({ username(value) { - return /^[^@.<>"'/]{2,16}$/.test(value) || i18n.t('Must be 2-16 characters in length (excluding @.<>"\'/)'); + return /^[^@.<>"'/]{1,50}$/.test(value) || i18n.t('Must be 1-50 characters in length (excluding @.<>"\'/)'); }, }); diff --git a/packages/core/client/src/locale/ko_KR.json b/packages/core/client/src/locale/ko_KR.json index edbccb6667..6e0bc4bcdc 100644 --- a/packages/core/client/src/locale/ko_KR.json +++ b/packages/core/client/src/locale/ko_KR.json @@ -480,7 +480,7 @@ "Verification code": "인증 코드", "Send code": "코드 전송", "Retry after {{count}} seconds": "{{count}} 초 후 재시도", - "Must be 2-16 characters in length (excluding @.<>\"'/)": "2~16자여야 합니다 ( @.<>\"'/ 제외)", + "Must be 1-50 characters in length (excluding @.<>\"'/)": "1~50자여야 합니다 ( @.<>\"'/ 제외)", "Roles": "역할", "Add role": "역할 추가", "Role name": "역할 이름", diff --git a/packages/core/client/src/locale/zh-CN.json b/packages/core/client/src/locale/zh-CN.json index ee78f121db..2f936a8871 100644 --- a/packages/core/client/src/locale/zh-CN.json +++ b/packages/core/client/src/locale/zh-CN.json @@ -483,7 +483,7 @@ "Verification code": "验证码", "Send code": "发送验证码", "Retry after {{count}} seconds": "{{count}} 秒后重试", - "Must be 2-16 characters in length (excluding @.<>\"'/)": "长度为2到16个字符(不能包含@.<>\"'/)", + "Must be 1-50 characters in length (excluding @.<>\"'/)": "长度为1到50个字符(不能包含@.<>\"'/)", "Roles": "角色", "Add role": "添加角色", "Role name": "角色名称", @@ -847,7 +847,7 @@ "Filter out a single piece or a group of records as a template": "筛选出一条或一组数据,作为模板", "The title field is used to identify the template record": "用于识别模板数据", "Template fields": "模板字段", - "The selected fields will automatically populate the form":"用于自动填充到表单", + "The selected fields will automatically populate the form": "用于自动填充到表单", "Table selected records": "表格中选中的记录", "Tag": "标签", "Tag color field": "标签颜色字段", @@ -937,8 +937,8 @@ "This variable has been deprecated and can be replaced with \"Current form\"": "该变量已被弃用,可以使用“当前表单”替代", "Unknown field type": "未知字段类型", "The following field types are not compatible and do not support output and display": "以下字段类型未适配,不支持输出和显示", - "Not fixed":"不固定", - "Left fixed":"左固定", - "Right fixed":"右固定", - "Fixed":"固定列" + "Not fixed": "不固定", + "Left fixed": "左固定", + "Right fixed": "右固定", + "Fixed": "固定列" } diff --git a/packages/core/client/src/locale/zh-TW.json b/packages/core/client/src/locale/zh-TW.json index 07a1d913c5..bbd254b519 100644 --- a/packages/core/client/src/locale/zh-TW.json +++ b/packages/core/client/src/locale/zh-TW.json @@ -208,7 +208,7 @@ "Actions": "動作", "Update": "更新", "Update record": "更新資料", - "Unnamed":"未命名", + "Unnamed": "未命名", "View": "檢視", "View record": "檢視資料", "Refresh": "重新整理", @@ -232,7 +232,7 @@ "General collection": "普通資料表", "SQL collection": "SQL資料表", "Connect to database view": "連線資料庫檢視", - "Sync from database":"從資料庫同步", + "Sync from database": "從資料庫同步", "Source collections": "來源資料表", "Field source": "來源欄位", "Preview": "預覽", @@ -480,7 +480,7 @@ "Verification code": "驗證碼", "Send code": "傳送驗證碼", "Retry after {{count}} seconds": "{{count}} 秒後重試", - "Must be 2-16 characters in length (excluding @.<>\"'/)": "長度為2到16個字元(不能包含@.<>\"'/)", + "Must be 1-50 characters in length (excluding @.<>\"'/)": "長度為1到50個字元(不能包含@.<>\"'/)", "Roles": "角色", "Add role": "新增角色", "Role name": "角色名稱", @@ -858,12 +858,12 @@ "Sign in with another account": "登入其他帳號", "Return to the main application": "返回主App", "Permission denied": "沒有權限", - "Allow add new":"允許新增", + "Allow add new": "允許新增", "The {{type}} \"{{name}}\" may have been deleted. Please remove this {{blockType}}.": "{{type}} \"{{name}}\" 可能已被刪除,請移除這個 {{blockType}}。", "data source": "數據源", "Data source": "數據源", "DataSource": "數據源", - "Allow selection of existing records":"允許選擇已有資料", + "Allow selection of existing records": "允許選擇已有資料", "Home page": "主頁", "Handbook": "使用手冊", "License": "許可證", diff --git a/packages/plugins/@nocobase/plugin-auth/src/client/basic/SignInForm.tsx b/packages/plugins/@nocobase/plugin-auth/src/client/basic/SignInForm.tsx index 81177f21d3..6c099e7925 100644 --- a/packages/plugins/@nocobase/plugin-auth/src/client/basic/SignInForm.tsx +++ b/packages/plugins/@nocobase/plugin-auth/src/client/basic/SignInForm.tsx @@ -56,7 +56,7 @@ const passwordForm: ISchema = { return t("Please enter a valid email"); } } else { - return /^[^@.<>"'/]{2,16}$/.test(value) || t("Please enter a valid username"); + return /^[^@.<>"'/]{1,50}$/.test(value) || t("Please enter a valid username"); } }}}`, 'x-decorator': 'FormItem', diff --git a/packages/plugins/@nocobase/plugin-auth/src/server/basic-auth.ts b/packages/plugins/@nocobase/plugin-auth/src/server/basic-auth.ts index ea43b82832..c77b76ba0a 100644 --- a/packages/plugins/@nocobase/plugin-auth/src/server/basic-auth.ts +++ b/packages/plugins/@nocobase/plugin-auth/src/server/basic-auth.ts @@ -59,7 +59,7 @@ export class BasicAuth extends BaseAuth { const User = ctx.db.getRepository('users'); const { values } = ctx.action.params; const { username, password, confirm_password } = values; - if (!/^[^@.<>"'/]{2,16}$/.test(username)) { + if (!this.validateUsername(username)) { ctx.throw(400, ctx.t('Please enter a valid username', { ns: namespace })); } if (!password) {