Try harder to create unique usernames.

The previous version added 16 bits of entropy to the username, which isn't all that much. Due to the birthday paradox, it would be enough to create ~256 users with the same prefix to get a collision. Trying that would probably fail later on, and not create security issues... but it just seems better to be on the safe side here.
2022-05-13 07:58:12 +02:00 · 2022-05-13 07:58:12 +02:00 · 2134024155
commit 2134024155
parent 8828b25a8f
1 changed files with 1 additions and 2 deletions
--- a/functions/src/create-user.ts
+++ b/functions/src/create-user.ts
@ -39,8 +39,7 @@ export const createUser = functions
    const name = cleanDisplayName(rawName)
    let username = cleanUsername(name)

-    const sameNameUser = await getUserByUsername(username)
-    if (sameNameUser) {
+    while (await getUserByUsername(username)) {
      username += randomString(4)
    }