diff --git a/src/main/java/stirling/software/SPDF/config/security/UserService.java b/src/main/java/stirling/software/SPDF/config/security/UserService.java index 2bc93352..eefa5a2c 100644 --- a/src/main/java/stirling/software/SPDF/config/security/UserService.java +++ b/src/main/java/stirling/software/SPDF/config/security/UserService.java @@ -329,12 +329,16 @@ public class UserService implements UserServiceInterface { public boolean isUsernameValid(String username) { // Checks whether the simple username is formatted correctly + // Regular expression for user name: Min. 3 characters, max. 50 characters boolean isValidSimpleUsername = - username.matches("^[a-zA-Z0-9][a-zA-Z0-9@._+-]*[a-zA-Z0-9]$"); + username.matches("^[a-zA-Z0-9](?!.*[-@._+]{2,})[a-zA-Z0-9@._+-]{1,48}[a-zA-Z0-9]$"); + // Checks whether the email address is formatted correctly + // Regular expression for email addresses: Max. 320 characters, with RFC-like validation boolean isValidEmail = username.matches( - "^(?=.{1,64}@)[A-Za-z0-9]+(\\.[A-Za-z0-9_+.-]+)*@[^-][A-Za-z0-9-]+(\\.[A-Za-z0-9-]+)*(\\.[A-Za-z]{2,})$"); + "^(?=.{1,320}$)(?=.{1,64}@)[A-Za-z0-9](?:[A-Za-z0-9_.+-]*[A-Za-z0-9])?@[^-][A-Za-z0-9-]+(?:\\\\.[A-Za-z0-9-]+)*(?:\\\\.[A-Za-z]{2,})$"); + List notAllowedUserList = new ArrayList<>(); notAllowedUserList.add("ALL_USERS".toLowerCase()); boolean notAllowedUser = notAllowedUserList.contains(username.toLowerCase()); diff --git a/src/main/resources/templates/account.html b/src/main/resources/templates/account.html index 0fa36504..e054bdbd 100644 --- a/src/main/resources/templates/account.html +++ b/src/main/resources/templates/account.html @@ -104,7 +104,14 @@