stricter requirements for accounts
This commit is contained in:
parent
2533475a2e
commit
bfb62f3e47
|
@ -10,6 +10,14 @@ CrystalGauntlet.endpoints["/accounts/loginGJAccount.php"] = ->(context : HTTP::S
|
|||
|
||||
username = params["userName"]
|
||||
password = params["password"]
|
||||
|
||||
if password.size < 6
|
||||
return "-8"
|
||||
end
|
||||
if username.size < 3
|
||||
return "-9"
|
||||
end
|
||||
|
||||
result = DATABASE.query_all("select id, password from accounts where username = ?", username, as: {Int32, String})
|
||||
if result.size > 0
|
||||
account_id, hash = result[0]
|
||||
|
@ -19,7 +27,7 @@ CrystalGauntlet.endpoints["/accounts/loginGJAccount.php"] = ->(context : HTTP::S
|
|||
user_id = Accounts.get_user_id(account_id)
|
||||
"#{account_id},#{user_id}"
|
||||
else
|
||||
return "-12"
|
||||
return "-11"
|
||||
end
|
||||
else
|
||||
return "-1"
|
||||
|
|
|
@ -16,6 +16,17 @@ CrystalGauntlet.endpoints["/accounts/registerGJAccount.php"] = ->(context : HTTP
|
|||
password = params["password"]
|
||||
email = params["email"]
|
||||
|
||||
if username != params["userName"]
|
||||
return "-4"
|
||||
end
|
||||
|
||||
if password.size < 6
|
||||
return "-8"
|
||||
end
|
||||
if username.size < 3
|
||||
return "-9"
|
||||
end
|
||||
|
||||
# caps checks aren't required because `username` is already COLLATE NOCASE in the db
|
||||
username_exists = DATABASE.scalar "select count(*) from accounts where username = ?", username
|
||||
if username_exists != 0
|
||||
|
|
Loading…
Reference in New Issue