diff --git a/Cargo.lock b/Cargo.lock index 914c91b..f91925c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2,6 +2,15 @@ # It is not intended for manual editing. version = 4 +[[package]] +name = "aho-corasick" +version = "1.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ddd31a130427c27518df266943a5308ed92d4b226cc639f5a8f1002816174301" +dependencies = [ + "memchr", +] + [[package]] name = "anyhow" version = "1.0.102" @@ -98,6 +107,7 @@ dependencies = [ "axum", "futures", "rand 0.10.1", + "regex", "serde", "serde_json", "tokio", @@ -668,6 +678,35 @@ dependencies = [ "bitflags", ] +[[package]] +name = "regex" +version = "1.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e10754a14b9137dd7b1e3e5b0493cc9171fdd105e0ab477f51b72e7f3ac0e276" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata", + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.4.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e1dd4122fc1595e8162618945476892eefca7b88c52820e74af6262213cae8f" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.8.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc897dd8d9e8bd1ed8cdad82b5966c3e0ecae09fb1907d58efaa013543185d0a" + [[package]] name = "ryu" version = "1.0.23" diff --git a/Cargo.toml b/Cargo.toml index 5c8450b..f64fae2 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -8,6 +8,7 @@ anyhow = "1.0.102" axum = { version = "0.8.9", features = ["ws"] } futures = "0.3.32" rand = "0.10.1" +regex = "1.12.3" serde = { version = "1.0.228", features = ["derive"] } serde_json = "1.0.149" tokio = { version = "1.52.3", features = ["full"] } diff --git a/src/.main.rs.swp b/src/.main.rs.swp index 298a616..a56e880 100644 Binary files a/src/.main.rs.swp and b/src/.main.rs.swp differ diff --git a/src/main.rs b/src/main.rs index 14f57f4..7870687 100644 --- a/src/main.rs +++ b/src/main.rs @@ -28,6 +28,7 @@ use futures::StreamExt as _; use rand::random_bool; use serde::{Deserialize, Serialize, de}; use serde_json::json; +use regex::Regex; #[derive(Deserialize, Serialize, Debug, Ord, Eq, PartialEq, PartialOrd, Clone)] struct Entry @@ -372,15 +373,14 @@ async fn handle_socket let Some(name) = socket.next().await else { - eprintln!("user gave no username"); + eprintln!("No username"); return; }; let name: Arc = match name.expect("failed to recv socket msg") { - Message::Text(text) - if validate_name(&text.to_string()) => + Message::Text(text) => { - Arc::from(text.to_string().into_boxed_str()) + Arc::from(validate_name(text.to_string())) } _ => Arc::from("anon"), }; @@ -442,16 +442,25 @@ async fn handle_socket } } -fn validate_name(input: &str) -> bool { +fn validate_name(input: String) -> String { let input = input.trim(); - - // Length check - if input.is_empty() || input.len() > 32 + if input == "null" { - return false; + return "anon".to_string(); + } + // Length check + if input.is_empty() || input.len() > 32 { + return "anon".to_string(); } - input.chars().all(|c| c.is_ascii_alphanumeric()) + // Allow only letters, numbers, _ and - + let re = Regex::new(r"^[a-zA-Z0-9_-]+$").unwrap(); + + if re.is_match(input) { + input.to_string() + } else { + "anon".to_string() + } } // static routes