From 04d9c4515658440efd5d5b3ea87e04c48131784a Mon Sep 17 00:00:00 2001
From: keyan <keyan.kousha+huumn@gmail.com>
Date: Fri, 26 Aug 2022 17:26:42 -0500
Subject: [PATCH] server side validate nym

---
 api/resolvers/user.js | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/api/resolvers/user.js b/api/resolvers/user.js
index ee71ca76..7db3502a 100644
--- a/api/resolvers/user.js
+++ b/api/resolvers/user.js
@@ -143,6 +143,14 @@ export default {
         throw new AuthenticationError('you must be logged in')
       }
 
+      if (!/^[\w_]+$/.test(name)) {
+        throw new UserInputError('only letters, numbers, and _')
+      }
+
+      if (name.length > 32) {
+        throw new UserInputError('too long')
+      }
+
       try {
         await models.user.update({ where: { id: me.id }, data: { name } })
       } catch (error) {