Implement username blacklist; Don't allow registration with existing usernames.

1 files changed, 9 insertions, 0 deletions

diff --git a/app.py b/app.py
index 2b47f53..3785ac8 100644
--- a/app.py
+++ b/app.py
@@ -34,6 +34,15 @@ def ldap_connect():
             # we had crap in the session, delete it
             logout_user()
 
+@app.before_request
+def read_blacklist():
+    app.username_blacklist = None
+
+    # use @before_first_request as soon as we require flask 0.8
+    if app.username_blacklist is None and app.config.get('USERNAME_BLACKLIST_FILE'):
+        with open(app.config['USERNAME_BLACKLIST_FILE']) as f:
+            app.username_blacklist = f.read().split('\n')
+
 
 @app.route('/', methods=['GET', 'POST'])
 @templated('index.html')