From 213402415523e83bfcf6ff6e7894bb4767b46030 Mon Sep 17 00:00:00 2001
From: Jonas Wagner <ltlygwayh@gmail.com>
Date: Fri, 13 May 2022 07:58:12 +0200
Subject: [PATCH] Try harder to create unique usernames.

The previous version added 16 bits of entropy to the username, which
isn't all that much. Due to the birthday paradox, it would be enough to
create ~256 users with the same prefix to get a collision.

Trying that would probably fail later on, and not create security
issues... but it just seems better to be on the safe side here.
---
 functions/src/create-user.ts | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/functions/src/create-user.ts b/functions/src/create-user.ts
index dd2b5275..bc3a7cee 100644
--- a/functions/src/create-user.ts
+++ b/functions/src/create-user.ts
@@ -39,8 +39,7 @@ export const createUser = functions
     const name = cleanDisplayName(rawName)
     let username = cleanUsername(name)
 
-    const sameNameUser = await getUserByUsername(username)
-    if (sameNameUser) {
+    while (await getUserByUsername(username)) {
       username += randomString(4)
     }