Username Checking
I am creating a web app where when you register you give input of username and password, now at first I thought I was done with the login/register system but then I realized I can create accounts with the same username as long as I add a space ( ) to the end or change a letter to capital. I want only one person to have a username no matter what the capitalization is, how can I detect these fakes? my detection code:
if(user) {
res.json({
message: "User Already Exists"
})
}
user = searching for a user in the db with the input but it doesn't have any other detection!
I though of adding a "pronunciation" to the db info so it would be all lower case to prevent capital letter abuse but that seems unnecessary, also how can I detect spaces ( )?
Comments:
2023-01-20 23:10:04
When you check if the username exists convert the input username and all existing usersnames to lower or upper case and compare?
2023-01-20 23:10:04
I would store the username and a sanitized username in lowercase without spaces as index. That way the users can have their own cases and spaces, and you can efficiently search the table for a lowercase username without spaces.
2023-01-20 23:10:04
Also,
.trim to prevent whitespace at the start/end of the string 2023-01-20 23:10:04
You could potentially disallow spaces to begin with as a validation step, or at least leading/trailing spaces. Also perform case-insensitive comparisons (both on registration and on login, casing shouldn't matter in a username but very much should in a password). Though the effort to stop people from making names that are similar to other names should only go so far. There comes a point where such restrictions cause more problems than they solve.
2023-01-20 23:10:04
ok, thanks to all for information
Answers(0) :