From af6b5a6594856794573ff700c5ea388e4cc4500d Mon Sep 17 00:00:00 2001
From: Madeline <46743919+MaddyUnderStars@users.noreply.github.com>
Date: Thu, 2 Feb 2023 22:15:03 +1100
Subject: Merge pull request from GHSA-r7h4-76f7-6264

* Actually use maxUsername config value.

* Change maxUsername default to discord.com default
---
 src/api/routes/users/@me/index.ts | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'src/api')

diff --git a/src/api/routes/users/@me/index.ts b/src/api/routes/users/@me/index.ts
index 0d3c3135..30091344 100644
--- a/src/api/routes/users/@me/index.ts
+++ b/src/api/routes/users/@me/index.ts
@@ -129,6 +129,16 @@ router.patch(
 					},
 				});
 			}
+
+			const { maxUsername } = Config.get().limits.user;
+			if (check_username.length > maxUsername) {
+				throw FieldErrors({
+					username: {
+						code: "USERNAME_INVALID",
+						message: `Username must be less than ${maxUsername} in length`,
+					},
+				});
+			}
 		}
 
 		if (body.discriminator) {
-- 
cgit 1.5.1