禁止注册 passwd 中存在的用户名

2026-03-26 22:16:28 +08:00 · 2014-07-29 09:39:13 +08:00
parent 02c7fc72ac
commit fd42d2e09a
3 changed files with 16 additions and 20 deletions
--- a/config.coffee
+++ b/config.coffee
@@ -4,11 +4,6 @@ module.exports =
    listen: 3000

  account:
-    invalid_username: [
-      'root', 'daemon', 'bin', 'sys', 'sync', 'games', 'man', 'lp', 'mail', 'colord', 'nobody',
-      'syslog', 'sshd', 'ntp', 'memcache', 'mongodb', 'rpadmin', 'postfix', 'libuuid', 'mysql',
-      'news', 'uucp', 'proxy', 'www-data', 'backup', 'list', 'irc', 'gnats', 'messagebus'
-    ]
    cookie_time: 30 * 24 * 3600 * 1000

  i18n:
--- a/core/router/account.coffee
+++ b/core/router/account.coffee
@@ -22,24 +22,25 @@ exports.post '/signup', errorHandling, (req, res) ->
  unless utils.rx.password.test req.body.password
    return res.error 'invalid_password'

-  if req.body.username in config.account.invalid_username
-    return res.error 'username_exist'
-
-  mAccount.byUsername req.body.username, (err, account) ->
-    if account
+  require('../../plugin/linux/monitor').loadPasswd (passwd_cache) ->
+    if req.body.username in _.values(passwd_cache)
      return res.error 'username_exist'

-    mAccount.byEmail req.body.email, (err, account) ->
+    mAccount.byUsername req.body.username, (err, account) ->
      if account
-        return res.error 'email_exist'
+        return res.error 'username_exist'

-      mAccount.register req.body.username, req.body.email, req.body.password, (err, account) ->
-        mAccount.createToken account, {}, (err, token)->
-          res.cookie 'token', token,
-            expires: new Date(Date.now() + config.account.cookie_time)
+      mAccount.byEmail req.body.email, (err, account) ->
+        if account
+          return res.error 'email_exist'

-          res.json
-            id: account._id
+        mAccount.register req.body.username, req.body.email, req.body.password, (err, account) ->
+          mAccount.createToken account, {}, (err, token)->
+            res.cookie 'token', token,
+              expires: new Date(Date.now() + config.account.cookie_time)
+
+            res.json
+              id: account._id

 exports.post '/login', errorHandling, (req, res) ->
  mAccount.byUsernameOrEmailOrId req.body.username, (err, account) ->
--- a/plugin/linux/monitor.coffee
+++ b/plugin/linux/monitor.coffee
@@ -22,7 +22,7 @@ exports.loadPasswd = (callback) ->
  app.redis.get 'rp:passwd_cache', (err, result) ->
    if result
      passwd_cache = JSON.parse result
-      callback()
+      callback passwd_cache
    else
      fs.readFile '/etc/passwd', (err, content) ->
        throw err if err
@@ -36,7 +36,7 @@ exports.loadPasswd = (callback) ->
            passwd_cache[uid] = username

        app.redis.setex 'rp:passwd_cache', 120, JSON.stringify(passwd_cache), ->
-          callback()
+          callback passwd_cache

 exports.getProcessList = (callback) ->
  app.redis.get 'rp:process_list', (err, plist) ->