Disallow usernames starting with admin or root. Allow digits.

1 files changed, 7 insertions, 3 deletions

diff --git a/forms.py b/forms.py
index a65d45c..bbdfabe 100644
--- a/forms.py
+++ b/forms.py
@@ -4,7 +4,7 @@ from flask import g, current_app, session, url_for, Markup
 from flask.ext.wtf import Form, validators, TextField, PasswordField,\
                           ValidationError, BooleanField
 from functools import partial
-from utils import _username_re, decrypt_password
+from utils import _username_re, _username_exclude_re, decrypt_password, NotRegexp
 
 
 username = partial(TextField, 'Benutzername', [validators.Regexp(_username_re,
@@ -12,7 +12,11 @@ username = partial(TextField, 'Benutzername', [validators.Regexp(_username_re,
 
 
 class RegisterForm(Form):
-    username = username()
+    username = TextField('Benutzername', [
+        validators.Regexp(_username_re, message=u'Benutzername darf nur aus '
+            u'a-z, Zahlen und - bestehen (2-16 Zeichen, am Anfang nur a-z).'),
+        NotRegexp(_username_exclude_re, message=u'Dieser Benutzername ist nicht erlaubt.'),
+    ])
     mail = TextField('E-Mail-Adresse', [validators.Email(), validators.Length(min=6, max=50)])
 
     def validate_username(form, field):
@@ -49,7 +53,7 @@ class RegisterCompleteForm(Form):
 
 
 class LoginForm(Form):
-    username = username()
+    username = TextField(u'Benutzername')
     password = PasswordField('Passwort', [validators.Required()])