Make Usernames Unique
There is no check for duplicate usernames, which can result in two accounts being created with the same name. This can lead to a user not being able to log in because his password is checked against the password of the other user with the same name. If these users choose the same password, one user would be able to log into the account of another user.
Possible Solutions:
- Make Username in init.sql Unique
CREATE TABLE IF NOT EXISTS pyblog_users ( uuid INT NOT NULL AUTO_INCREMENT, name VARCHAR(30) NOT NULL UNIQUE, bio VARCHAR(100) NOT NULL, password VARCHAR(255) NOT NULL, PRIMARY KEY ( uuid ) );
- Check in user registration if there is already a user with the specified name