Relax username requirements a little

CHANGELOG.md

@@ -3,6 +3,7 @@
 Please add a _short_ line describing the PR you make, if the PR implements a specific feature or functionality, or refactor. Not needed if you add very small and unnoticable changes.
 
 ## Sprint (2022-02-09 - 2022-02-23)
+
 * Secure operations that require cryptographic keys are protected for each user with the user's password ([#889](https://github.com/ScilifelabDataCentre/dds_web/pull/889))
 * Implemented the functionality to add project to the invites of a new user as outlined in [issue 887](https://github.com/scilifelabdatacentre/dds_web/issues/887) ([PR888](https://github.com/ScilifelabDataCentre/dds_web/pull/888)).
 * Create endpoint for renewing users project access, e.g. after password reset ([886](https://github.com/ScilifelabDataCentre/dds_web/pull/885))
@@ -20,8 +21,10 @@ Please add a _short_ line describing the PR you make, if the PR implements a spe
 * Rearrangement and clean up of the token ([910](https://github.com/ScilifelabDataCentre/dds_web/pull/910))
 
 ## Sprint (2022-02-23 - 2022-03-09)
+
 * Add landing page after password reset ([#931](https://github.com/ScilifelabDataCentre/dds_web/pull/931))
 * Add endpoint for health check (intended for readinessProbe)  ([#933](https://github.com/ScilifelabDataCentre/dds_web/pull/933))
 * Introduced a `--no-mail` flag in the CLI respectively a `send_email: True/False` json parameter to fix [#924](https://github.com/scilifelabdatacentre/dds_web/issues/924) ([#926](https://github.com/ScilifelabDataCentre/dds_web/pull/926))
 * Invite Unit Admin (temporary way) ([#938](https://github.com/ScilifelabDataCentre/dds_web/pull/938))
 * Add support for getting IPs from X-Forwarded-For ([#952](https://github.com/ScilifelabDataCentre/dds_web/pull/952))
+* Relax requirements for usernames (wider length range, `.` and `-`) ([#943](https://github.com/ScilifelabDataCentre/dds_web/pull/943))

dds_web/api/schemas/user_schemas.py

@@ -87,7 +87,7 @@ class NewUserSchema(marshmallow.Schema):
         required=True,
         allow_none=False,
         validate=marshmallow.validate.And(
-            marshmallow.validate.Length(min=8, max=20),
+            marshmallow.validate.Length(min=3, max=30),
             utils.valid_chars_in_username,
             # Validation for "username not taken" below
         ),

dds_web/forms.py

@@ -32,7 +32,7 @@ class RegistrationForm(flask_wtf.FlaskForm):
         "username",
         validators=[
             wtforms.validators.InputRequired(),
-            wtforms.validators.Length(min=8, max=20),
+            wtforms.validators.Length(min=3, max=30),
             utils.username_contains_valid_characters(),
             utils.username_not_taken_wtforms(),
         ],

dds_web/utils.py

@@ -177,16 +177,7 @@ def _email_taken(form, field):
 
 def valid_chars_in_username(input):
     """Check if the username contains only valid characters."""
-    pattern = re.compile("^[a-zA-Z0-9_]+$")
-    return string_contains_only(input=input, pattern=pattern)
-
-
-def string_contains_only(input, pattern):
-    """Check if string only contains specific characters."""
-    if re.search(pattern, input):
-        return True
-
-    return False
+    return False if re.search(r"^[a-zA-Z0-9_\.-]+$", input) == None else True
 
 
 def email_in_db(email):