diff --git a/app/Login.py b/app/Login.py index f1317b2..64612bc 100644 --- a/app/Login.py +++ b/app/Login.py @@ -1,4 +1,5 @@ import hashlib +import string from datetime import datetime from UseSqlite import InsertQuery, RecordQuery @@ -81,3 +82,35 @@ def md5(s): ''' h = hashlib.md5(s.encode(encoding='utf-8')) return h.hexdigest() + + +class UserName: + def __init__(self, username): + self.username = username + + def validate(self): + if len(self.username) > 20: + return f'{self.username} is too long. The user name cannot exceed 20 characters.' + if self.username.startswith('.'): # a user name must not start with a dot + return 'Period (.) is not allowed as the first letter in the user name.' + if ' ' in self.username: # a user name must not include a whitespace + return 'Whitespace is not allowed in the user name.' + for c in self.username: # a user name must not include special characters, except non-leading periods or underscores + if c in string.punctuation and c is not '.' and c is not '_': + return f'{c} is not allowed in the user name.' + return 'OK' + + +class WarningMessage: + def __init__(self, s): + self.s = s + + def __str__(self): + result = UserName(self.s).validate() + if result != 'OK': + return result + + if self.s in ['signup', 'login', 'logout', 'reset', 'mark', 'back', 'unfamiliar', 'familiar', 'del']: + return 'You used a restricted word as the user name. Please come up with a better one.' + + return 'OK' diff --git a/app/account_service.py b/app/account_service.py index 0e5cf7a..4aafe67 100644 --- a/app/account_service.py +++ b/app/account_service.py @@ -1,6 +1,5 @@ from flask import * -from Login import check_username_availability, verify_user, add_user, get_expiry_date, change_password -import re +from Login import check_username_availability, verify_user, add_user, get_expiry_date, change_password, UserName, WarningMessage # 初始化蓝图 accountService = Blueprint("accountService", __name__) @@ -22,17 +21,9 @@ def signup(): password = escape(request.form['password']) #! 添加如下代码为了过滤注册时的非法字符 - if len(username) > 20: - return '用户名过长' - # 正则匹配非法字符 - check_useful = re.search(u'^[_a-zA-Z0-9\u4e00-\u9fa5]+$', username) - if not check_useful: - return '存在非法字符' - # 判断用户名是否和接口重名 - if username in ["signup", "login", "logout", - "reset", "mark", "back", - "unfamiliar", "familiar", 'del']: - return '请勿与接口同名' + warn = WarningMessage(username) + if str(warn) != 'OK': + return str(warn) available = check_username_availability(username) if not available: # 用户名不可用 @@ -140,4 +131,4 @@ alert('密码修改失败'); window.location.href="/reset"; -''' \ No newline at end of file +'''