🐛 fix(setup): enforce username length ≤ 12 during initial system setup
The User model applies `validate:"max=12"` to the `Username` field, but the initial setup flow did not validate this constraint. This allowed creation of a root user with an overly long username (e.g. "Uselessly1344"), which later caused every update request to fail with: Field validation for 'Username' failed on the 'max' tag This patch adds an explicit length check in `controller/setup.go` to reject usernames longer than 12 characters during setup, keeping validation rules consistent across the entire application. Refs: #1214
This commit is contained in:
Apple\Apple
@@ -75,6 +75,14 @@ func PostSetup(c *gin.Context) {
|
||||
|
||||
// If root doesn't exist, validate and create admin account
|
||||
if !rootExists {
|
||||
// Validate username length: max 12 characters to align with model.User validation
|
||||
if len(req.Username) > 12 {
|
||||
c.JSON(400, gin.H{
|
||||
"success": false,
|
||||
"message": "用户名长度不能超过12个字符",
|
||||
})
|
||||
return
|
||||
}
|
||||
// Validate password
|
||||
if req.Password != req.ConfirmPassword {
|
||||
c.JSON(400, gin.H{
|
||||
|
||||
Reference in New Issue
Block a user