Added '@' as a illegal character for usernames

ref #93

src/models/actions/update/UpdateUser.ts

@@ -2,7 +2,7 @@ import * as argon2 from "argon2";
 import { IsBoolean, IsEmail, IsInt, IsNotEmpty, IsOptional, IsPhoneNumber, IsString, IsUrl } from 'class-validator';
 import { getConnectionManager } from 'typeorm';
 import { config } from '../../../config';
-import { UserEmailNeededError } from '../../../errors/UserErrors';
+import { UserEmailNeededError, UsernameContainsIllegalCharacterError } from '../../../errors/UserErrors';
 import { UserGroupNotFoundError } from '../../../errors/UserGroupErrors';
 import { User } from '../../entities/User';
 import { UserGroup } from '../../entities/UserGroup';
@@ -101,13 +101,15 @@ export class UpdateUser {
         if (!this.email) {
             throw new UserEmailNeededError();
         }
-        user.email = this.email;
-        user.username = this.username;
+        if (this.username.includes("@")) { throw new UsernameContainsIllegalCharacterError(); }
+
         if (this.password) {
             user.password = await argon2.hash(this.password + user.uuid);
             user.refreshTokenCount = user.refreshTokenCount + 1;
         }
 
+        user.email = this.email;
+        user.username = this.username;
         user.enabled = this.enabled;
         user.firstname = this.firstname
         user.middlename = this.middlename