diff options
author | Marian Sigler <m@qjym.de> | 2012-09-26 23:46:15 +0200 |
---|---|---|
committer | Marian Sigler <m@qjym.de> | 2012-09-26 23:46:15 +0200 |
commit | dfdd6899668bb153bfe992566ec1d11de29f2ad7 (patch) | |
tree | 7998631746076a26d75ad4ed1603c65af9bb45c8 /forms.py | |
parent | dfa0c8f473dab87dfa69ebab3a70883dab03b236 (diff) | |
download | web-dfdd6899668bb153bfe992566ec1d11de29f2ad7.tar.gz web-dfdd6899668bb153bfe992566ec1d11de29f2ad7.tar.bz2 web-dfdd6899668bb153bfe992566ec1d11de29f2ad7.zip |
Implement username blacklist; Don't allow registration with existing usernames.
Diffstat (limited to 'forms.py')
-rw-r--r-- | forms.py | 18 |
1 files changed, 17 insertions, 1 deletions
@@ -1,6 +1,6 @@ # -*- coding: utf-8 -*- from account import SERVICES, NoSuchUserError -from flask import g +from flask import g, current_app, url_for, Markup from flask.ext.wtf import Form, validators, TextField, PasswordField,\ ValidationError from functools import partial @@ -15,6 +15,22 @@ class RegisterForm(Form): username = username() mail = TextField('E-Mail-Adresse', [validators.Email(), validators.Length(min=6, max=50)]) + def validate_username(form, field): + try: + g.ldap.get_by_uid(field.data) + except NoSuchUserError: + if current_app.username_blacklist: + if field.data.lower() in current_app.username_blacklist: + + raise ValidationError(Markup(u'Dieser Benutzername ist momentan nicht erlaubt. ' + u'<a href="%s">Weitere Informationen</a>' % url_for('about'))) + else: + print 'not in blacklist: %r' % field.data + else: + print 'no blacklist' + else: + raise ValidationError(u'Dieser Benutzername ist schon vergeben') + class RegisterCompleteForm(Form): password = PasswordField('Passwort', [validators.Required(), |