RocketChat / Rocket.Chat

The communications platform that puts data protection first.
https://rocket.chat/
Other
40.44k stars 10.52k forks source link

No sanity check when getting usernames from oauth #13792

Open uriesk opened 5 years ago

uriesk commented 5 years ago

I allow oauth login via discord like described in #11396 and fetch the username like described in #11112. Problem is that discord allows spaces in usernames that rocketchat doesn't. Users that login with discord and have spaces in their names encounter weird issues, like they can not be pinged and they can not change their pfp.

Maybe rocketchat should sanity check and fix it. Automatically replacing spaces in usernames with dots would already be enough.

geekgonecrazy commented 5 years ago

Just to be clear.. its actually creating them with the space in their username?