2 files changed, 30 insertions, 0 deletions

diff --git a/service/pixelated/config/register.py b/service/pixelated/config/register.py
index 3f93aa8d..d54b10ff 100644
--- a/service/pixelated/config/register.py
+++ b/service/pixelated/config/register.py
@@ -13,6 +13,7 @@
 #
 # You should have received a copy of the GNU Affero General Public License
 # along with Pixelated. If not, see <http://www.gnu.org/licenses/>.
+import re
 
 from pixelated.bitmask_libraries.leap_srp import LeapAuthException
 from pixelated.bitmask_libraries.register import register_new_user
@@ -20,6 +21,15 @@ from pixelated.bitmask_libraries.register import register_new_user
 
 def register(username, server_name):
     try:
+        validate_username(username)
         register_new_user(username, server_name)
     except LeapAuthException:
         print('User already exists')
+    except ValueError:
+        print('Only lowercase letters, digits, . - and _ allowed.')
+
+
+def validate_username(username):
+    accepted_characters = '^[a-z0-9\-\_\.]*$'
+    if not re.match(accepted_characters, username):
+        raise ValueError
diff --git a/service/test/unit/config/test_register.py b/service/test/unit/config/test_register.py
new file mode 100644
index 00000000..7db2b000
--- /dev/null
+++ b/service/test/unit/config/test_register.py
@@ -0,0 +1,20 @@
+import unittest
+
+from pixelated.config.register import validate_username
+
+
+class TestRegister(unittest.TestCase):
+
+    def test_username_raises_error_when_it_contains_uppercase_letters(self):
+        with self.assertRaises(ValueError):
+            validate_username('INVALIDUSERNAME')
+
+    def test_username_raises_error_when_it_contains_special_characters(self):
+        with self.assertRaises(ValueError):
+            validate_username('invalid@username')
+
+    def test_username_pass_when_valid(self):
+        try:
+            validate_username('a.valid_username-123')
+        except:
+            self.fail('Valid username should not raise an exception')