0
0
Fork 0

account_service.py: 添加注册时用户名的非法字符过滤

Bug487-WuYuhan
吴宇涵 2022-10-21 10:44:39 +08:00
parent 02ffcd3b59
commit 5844eab6d5
1 changed files with 13 additions and 1 deletions

View File

@ -19,7 +19,19 @@ def signup():
# POST方法需判断是否注册成功再根据结果返回不同的内容
username = escape(request.form['username'])
password = escape(request.form['password'])
#! 添加如下代码为了过滤注册时的非法字符
if len(username) > 20:
return '用户名过长'
# 正则匹配非法字符
check_useful = re.search(u'^[_a-zA-Z0-9\u4e00-\u9fa5]+$', username)
if not check_useful:
return '存在非法字符'
# 判断用户名是否和接口重名
if username in ["signup", "login", "logout",
"reset", "mark", "back",
"unfamiliar", "familiar", 'del']:
return '请勿与接口同名'
available = check_username_availability(username)
if not available: # 用户名不可用
flash('用户名 %s 已经被注册。' % (username))