From 0672184d46c0c9a04e6806f3b4fde599b128f2ed Mon Sep 17 00:00:00 2001 From: Laurent Date: Tue, 4 Mar 2025 11:05:52 +0100 Subject: [PATCH] Forbids same username case-insensitiveless --- api/serializers.py | 10 +++++++++- tournaments/forms.py | 8 ++++++++ tournaments/views.py | 12 +++++++----- 3 files changed, 24 insertions(+), 6 deletions(-) diff --git a/api/serializers.py b/api/serializers.py index b6459cf..c7c5a49 100644 --- a/api/serializers.py +++ b/api/serializers.py @@ -3,12 +3,16 @@ from tournaments.models.court import Court from tournaments.models import Club, LiveMatch, TeamScore, Tournament, CustomUser, Event, Round, GroupStage, Match, TeamRegistration, PlayerRegistration, Purchase, FailedApiCall, DateInterval, Log, DeviceToken, UnregisteredTeam, UnregisteredPlayer from django.contrib.auth import password_validation from django.utils.translation import gettext_lazy as _ +from django.db.utils import IntegrityError +from django.conf import settings + # email from django.template.loader import render_to_string from django.utils.http import urlsafe_base64_encode, urlsafe_base64_decode from django.utils.encoding import force_bytes from django.core.mail import EmailMessage from django.contrib.sites.shortcuts import get_current_site + from api.tokens import account_activation_token from shared.cryptography import encryption_util @@ -48,6 +52,9 @@ class UserSerializer(serializers.ModelSerializer): if 'country' in validated_data: country = validated_data['country'] + if CustomUser.objects.filter(username__iexact=validated_data['username'].lower()): + raise IntegrityError("Le nom d'utilisateur existe déjà") + user = CustomUser.objects.create_user( username=validated_data['username'], email=validated_data['email'], @@ -73,7 +80,8 @@ class UserSerializer(serializers.ModelSerializer): origin=UserOrigin.APP, ) - self.send_email(self.context['request'], user) + if not settings.DEBUG: + self.send_email(self.context['request'], user) # RegistrationProfile.objects.filter(user=user).send_activation_email() return user diff --git a/tournaments/forms.py b/tournaments/forms.py index aef159a..82373bc 100644 --- a/tournaments/forms.py +++ b/tournaments/forms.py @@ -58,6 +58,14 @@ class SimpleCustomUserCreationForm(UserCreationForm): 'password2': 'Confirmer le mot de passe', } + def clean_username(self): + username = self.cleaned_data.get('username') + if username: + username = username.lower() + if CustomUser.objects.filter(username__iexact=username).exists(): + raise forms.ValidationError("Le nom d'utilisateur existe déjà") + return username + class CustomUserChangeForm(UserChangeForm): diff --git a/tournaments/views.py b/tournaments/views.py index 8415c79..ac379cc 100644 --- a/tournaments/views.py +++ b/tournaments/views.py @@ -1,17 +1,21 @@ # Standard library imports import os import csv + from django.shortcuts import render, get_object_or_404 -from django.http import HttpResponse +from django.http import JsonResponse, HttpResponse from django.utils.encoding import force_str from django.utils.http import urlsafe_base64_encode, urlsafe_base64_decode from django.urls import reverse +from django.conf import settings from django.views.decorators.csrf import csrf_exempt from django.contrib.admin.views.decorators import staff_member_required from django.core.files.storage import default_storage from django.core.files.base import ContentFile from django.views.generic import View +from django.db.models import Q +from django.template import loader from tournaments.models.device_token import DeviceToken @@ -20,10 +24,7 @@ from .models import TeamSummon from datetime import datetime, timedelta import time -from django.template import loader from datetime import date -from django.http import JsonResponse, HttpResponse -from django.db.models import Q import json import time import asyncio @@ -638,7 +639,8 @@ def signup(request): user.origin = UserOrigin.SITE user.save() - send_verification_email(request, user, next_url) + if not settings.DEBUG: + send_verification_email(request, user, next_url) return render(request, 'registration/signup_success.html', { 'next_url': next_url,