Commits

Anonymous committed 09fa25f

Require alphanumeric usernames to match django.contrib.auth

Comments (0)

Files changed (1)

registration/forms.py

 
 """
 
+import re
 from django import newforms as forms
 from django.contrib.auth.models import User
 
 # in the HTML. Your mileage may vary.
 attrs_dict = { 'class': 'required' }
 
+username_re = re.compile(r'^\w+$')
+
 class RegistrationForm(forms.Form):
     """
     Form for registering a new user account.
                                 label=u'Password (again, to catch typos)')
     tos = forms.BooleanField(widget=forms.CheckboxInput(attrs=attrs_dict),
                              label=u'I have read and agree to the Terms of Service')
-
+    
     def clean_username(self):
         """
-        Validates that the username is not already in use.
+        Validates that the username is alphanumeric and is not already
+        in use.
         
         """
         if 'username' in self.cleaned_data:
+            if not username_re.search(self.cleaned_data['username']):
+                raise forms.ValidationError(u'Usernames can only contain letters, numbers and underscores')
             try:
                 user = User.objects.get(username__exact=self.cleaned_data['username'])
             except User.DoesNotExist:
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.