Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixed #5786: relaxed the validation for usernames to allow more commo…

…n characters '@', etc.

This is really just a stop-gap until we come up with a improved way of handling
disparate auth data, but it should help us stretch a bit more milage out of the
current system.

Thanks to alextreme, lbruno, and clayg.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12634 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit c8015052d935a99a5c8f96434b2d0cd16d8a4e14 1 parent 6476516
Jacob Kaplan-Moss jacobian authored
12 django/contrib/auth/forms.py
View
@@ -11,9 +11,9 @@ class UserCreationForm(forms.ModelForm):
"""
A form that creates a user, with no privileges, from the given username and password.
"""
- username = forms.RegexField(label=_("Username"), max_length=30, regex=r'^\w+$',
- help_text = _("Required. 30 characters or fewer. Alphanumeric characters only (letters, digits and underscores)."),
- error_message = _("This value must contain only letters, numbers and underscores."))
+ username = forms.RegexField(label=_("Username"), max_length=30, regex=r'^[\w.@+-]+$',
+ help_text = _("Required. 30 characters or fewer. Letters, digits and @/./+/-/_ only."),
+ error_message = _("This value may contain only letters, numbers and @/./+/-/_ characters."))
password1 = forms.CharField(label=_("Password"), widget=forms.PasswordInput)
password2 = forms.CharField(label=_("Password confirmation"), widget=forms.PasswordInput,
help_text = _("Enter the same password as above, for verification."))
@@ -45,9 +45,9 @@ def save(self, commit=True):
return user
class UserChangeForm(forms.ModelForm):
- username = forms.RegexField(label=_("Username"), max_length=30, regex=r'^\w+$',
- help_text = _("Required. 30 characters or fewer. Alphanumeric characters only (letters, digits and underscores)."),
- error_message = _("This value must contain only letters, numbers and underscores."))
+ username = forms.RegexField(label=_("Username"), max_length=30, regex=r'^[\w.@+-]+$',
+ help_text = _("Required. 30 characters or fewer. Letters, digits and @/./+/-/_ only."),
+ error_message = _("This value may contain only letters, numbers and @/./+/-/_ characters."))
class Meta:
model = User
2  django/contrib/auth/models.py
View
@@ -177,7 +177,7 @@ class User(models.Model):
Username and password are required. Other fields are optional.
"""
- username = models.CharField(_('username'), max_length=30, unique=True, help_text=_("Required. 30 characters or fewer. Alphanumeric characters only (letters, digits and underscores)."))
+ username = models.CharField(_('username'), max_length=30, unique=True, help_text=_("Required. 30 characters or fewer. Letters, numbers and @/./+/-/_ characters"))
first_name = models.CharField(_('first name'), max_length=30, blank=True)
last_name = models.CharField(_('last name'), max_length=30, blank=True)
email = models.EmailField(_('e-mail address'), blank=True)
10 django/contrib/auth/tests/forms.py
View
@@ -21,7 +21,7 @@
# The username contains invalid data.
>>> data = {
-... 'username': 'jsmith@example.com',
+... 'username': 'jsmith!',
... 'password1': 'test123',
... 'password2': 'test123',
... }
@@ -29,7 +29,7 @@
>>> form.is_valid()
False
>>> form["username"].errors
-[u'This value must contain only letters, numbers and underscores.']
+[u'This value may contain only letters, numbers and @/./+/-/_ characters.']
# The verification password is incorrect.
@@ -65,7 +65,7 @@
# The success case.
>>> data = {
-... 'username': 'jsmith2',
+... 'username': 'jsmith2@example.com',
... 'password1': 'test123',
... 'password2': 'test123',
... }
@@ -73,7 +73,7 @@
>>> form.is_valid()
True
>>> form.save()
-<User: jsmith2>
+<User: jsmith2@example.com>
# The user submits an invalid username.
@@ -189,7 +189,7 @@
>>> form.is_valid()
False
>>> form['username'].errors
-[u'This value must contain only letters, numbers and underscores.']
+[u'This value may contain only letters, numbers and @/./+/-/_ characters.']
### PasswordResetForm
7 docs/releases/1.2.txt
View
@@ -742,3 +742,10 @@ views in your :ref:`URLconf <topics-http-urls>`. This means that you can
maintain complete control over the URL structure of your feeds. Like any other view, feeds views are passed a ``request`` object, so you can
do anything you would normally do with a view, like user based access control,
or making a feed a named URL.
+
+Relaxed requirements for usernames
+----------------------------------
+
+The built-in :class:`~django.contrib.auth.models.User` model's
+:attr:`~django.contrib.auth.models.User.username` field now allows a wider range
+of characters, including ``@``, ``+``, ``.`` and ``-`` characters.
3  docs/topics/auth.txt
View
@@ -71,6 +71,9 @@ Fields
Required. 30 characters or fewer. Alphanumeric characters only
(letters, digits and underscores).
+
+ .. versionchanged:: 1.2
+ Usernames may now contain ``@``, ``+``, ``.`` and ``-`` characters.
.. attribute:: models.User.first_name
Please sign in to comment.
Something went wrong with that request. Please try again.