Ecosystem/ai-gateway
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

modified: model/user.go

Browse Source
This commit is contained in:
GuoRuqiang 2024-03-09 02:14:37 +00:00
parent cf16f44970
commit 2f9bdcaedc
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
model/user.go
View File

@ -3,6 +3,7 @@ package model
import ( import (
"errors" "errors"
"fmt" "fmt"
"regexp"
"github.com/songquanpeng/one-api/common" "github.com/songquanpeng/one-api/common"
"github.com/songquanpeng/one-api/common/config" "github.com/songquanpeng/one-api/common/config"
"github.com/songquanpeng/one-api/common/helper" "github.com/songquanpeng/one-api/common/helper"
@ -92,6 +93,13 @@ func (user *User) Insert(inviterId int) error {
return err return err
} }
} }
// 在这里添加对用户名的正则表达式检查
regExp := regexp.MustCompile(`^[a-zA-Z0-9_-]+$`)
if !regExp.MatchString(user.Username) {
return errors.New("用户名包含非法字符,仅支持字母、数字、下划线(_)和横杠(-)")
}
// 用户名通过检查后,继续其他注册逻辑
user.Quota = config.QuotaForNewUser user.Quota = config.QuotaForNewUser
user.AccessToken = helper.GetUUID() user.AccessToken = helper.GetUUID()
user.AffCode = helper.GetRandomString(4) user.AffCode = helper.GetRandomString(4)
@ -144,6 +152,10 @@ func (user *User) ValidateAndFill() (err error) {
if user.Username == "" || password == "" { if user.Username == "" || password == "" {
return errors.New("用户名或密码为空") return errors.New("用户名或密码为空")
} }
// 检查是否使用邮箱作为用户名,减少对已有的用户数据的影响,只以@符号作为验证标准
if strings.Contains(user.Username, "@") {
return errors.New("本站仅支持使用用户名登录,不支持使用邮箱登录")
}
err = DB.Where("username = ?", user.Username).First(user).Error err = DB.Where("username = ?", user.Username).First(user).Error
if err != nil { if err != nil {
// we must make sure check username firstly // we must make sure check username firstly