feat(be): use random username for oauth (#1729)

Co-authored-by: fiftin-quiz <[email protected]>
semaphoreui · Jan 31, 2024 · f23cab1 · f23cab1
1 parent 57046ea
commit f23cab1
Showing 1 changed file with 14 additions and 23 deletions.
diff --git a/api/login.go b/api/login.go
@@ -392,38 +392,29 @@ func claimOidcToken(idToken *oidc.IDToken, provider util.OidcProvider) (res oidc
 		return
 	}
 
-	res.username = getUsernameFromEmail(res.email)
+	res.username = getRandomUsername()
 
 	res.name, ok = claims[provider.NameClaim].(string)
 	if !ok || res.name == "" {
-		res.name = getProfileNameFromEmail(res.email)
+		res.name = getRandomProfileName()
 	}
 
 	return
 }
 
-func extractUsernameFromEmail(email string) string {
-	parts := strings.Split(email, "@")
-	if len(parts) > 0 {
-		return parts[0]
+func getRandomUsername() string {
+	r := rand.New(rand.NewSource(time.Now().UnixNano()))
+	const chars = "abcdefghijklmnopqrstuvwxyz0123456789"
+	result := ""
+	for i := 0; i < 16; i++ {
+		index := r.Intn(len(chars))
+		result += chars[index : index+1]
 	}
-	return ""
+	return result
 }
 
-func getUsernameFromEmail(email string) string {
-	username := extractUsernameFromEmail(email)
-	suffix := util.RandString(12)
-	return username + "_" + suffix
-}
-
-func getProfileNameFromEmail(email string) string {
-	username := extractUsernameFromEmail(email)
-
-	runes := []rune(username)
-
-	runes[0] = []rune(strings.ToUpper(string(runes[0])))[0]
-
-	return string(runes)
+func getRandomProfileName() string {
+	return "Anonymous"
 }
 
 func oidcRedirect(w http.ResponseWriter, r *http.Request) {
@@ -485,12 +476,12 @@ func oidcRedirect(w http.ResponseWriter, r *http.Request) {
 
 		if err == nil {
 			claims.email = userInfo.Email
-			claims.username = getUsernameFromEmail(claims.email)
+			claims.username = getRandomUsername()
 
 			if userInfo.Profile != "" {
 				claims.name = userInfo.Profile
 			} else {
-				claims.name = getProfileNameFromEmail(claims.email)
+				claims.name = getRandomProfileName()
 			}
 		}
 	}