Auth system should validate username on user creation.
|Reported by:||Eddie Sullivan||Owned by:||nobody|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
According to the documentation for the Authorization system, a username must consist of "Alphanumeric characters only (letters, digits and underscores)."
This seems to be only selectively enforced. I can easily create a username with spaces in it using User.objects.create_user. Everything seems fine for most things, but once in a while a problem will occur, such as when trying to make changes to the user in the admin interface, where the no-space rule is enforced (even if the username was previously set, and we want to change another field).
My request would be to add validation checking during the user creation phase, so this error can be caught earlier.