From 6e139bdacc7b96e36f5766ff8371ce82eb0f6904 Mon Sep 17 00:00:00 2001
From: cherif <batche@protonmail.com>
Date: Tue, 17 Jan 2023 09:47:58 +0100
Subject: [PATCH] username sanitize

---
 .../nestjs/api_back/src/users/dto/create-users.dto.ts          | 3 ++-
 .../svelte/api_front/src/pages/profile/ProfileSettings.svelte  | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/srcs/requirements/nestjs/api_back/src/users/dto/create-users.dto.ts b/srcs/requirements/nestjs/api_back/src/users/dto/create-users.dto.ts
index 3c0e6472..8b1a2529 100644
--- a/srcs/requirements/nestjs/api_back/src/users/dto/create-users.dto.ts
+++ b/srcs/requirements/nestjs/api_back/src/users/dto/create-users.dto.ts
@@ -1,9 +1,10 @@
-import { IsBoolean, IsEmail, IsNotEmpty, IsOptional, IsString } from 'class-validator';
+import { IsBoolean, Matches,  IsEmail, IsNotEmpty, IsOptional, IsString } from 'class-validator';
 import { isSet } from 'util/types';
 
 export class CreateUsersDto {
 	@IsString()
 	@IsNotEmpty()
+	@Matches(/^[a-zA-Z0-9'-_]+$/)
 	readonly username: string;
 	readonly fortyTwoId: string;
 	@IsEmail()
diff --git a/srcs/requirements/svelte/api_front/src/pages/profile/ProfileSettings.svelte b/srcs/requirements/svelte/api_front/src/pages/profile/ProfileSettings.svelte
index 95cc047b..f4fa2699 100644
--- a/srcs/requirements/svelte/api_front/src/pages/profile/ProfileSettings.svelte
+++ b/srcs/requirements/svelte/api_front/src/pages/profile/ProfileSettings.svelte
@@ -51,7 +51,7 @@
 		.then((response) => {
 			if (!response.ok) {
 				success.username = ''
-				errors.username = "Something went wrong";
+				errors.username = "Use [a-zA-Z0-9] and - _ .";
 				if (response.status === 409) {
 					errors.username = `${set.username} is already in use, pick a different one.`;
 				}