stv0g/firstuseauthenticator
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #11 from leportella/add-name-sanitization

Browse source 
add name sanitization
This commit is contained in:
Min RK 2018-10-15 11:37:17 +02:00 committed by GitHub
commit c1c4ce8e94
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -52,6 +52,11 @@ login by attacking via ssh or another mean.
To change your password, you should login in your jupyterhub account, To change your password, you should login in your jupyterhub account,
go to `<your_server_ip>/hub/auth/change-password` and change the password. go to `<your_server_ip>/hub/auth/change-password` and change the password.
#### I'm getting an error when creating my username
Usernames cannot contain spaces or commas. Please check if your username is free
of these characters.
## Security ## Security
When using `FirstUseAuthenticator` it is advised to automatically prepend the When using `FirstUseAuthenticator` it is advised to automatically prepend the

6
firstuseauthenticator/firstuseauthenticator.py
View file

@ -93,6 +93,12 @@ class FirstUseAuthenticator(Authenticator):
""" """
return self.db.query(User).filter_by(name=username).first() is not None return self.db.query(User).filter_by(name=username).first() is not None
def validate_username(self, name):
invalid_chars = [',', ' ']
if any((char in name) for char in invalid_chars):
return False
return super().validate_username()
@gen.coroutine @gen.coroutine
def authenticate(self, handler, data): def authenticate(self, handler, data):
username = data['username'] username = data['username']