From 1358a8930577eaf0b166c0f96d8d3fad431bf171 Mon Sep 17 00:00:00 2001
From: Baris Usakli <barisusakli@gmail.com>
Date: Fri, 1 Sep 2017 18:40:34 -0400
Subject: [PATCH] closes #5907

---
 src/controllers/authentication.js |  2 +-
 test/authentication.js            | 57 +++++++++++++++++++++++++++++++
 test/helpers/index.js             |  4 +--
 3 files changed, 60 insertions(+), 3 deletions(-)

diff --git a/src/controllers/authentication.js b/src/controllers/authentication.js
index f0f64f42fd..e8ea4ff5b5 100644
--- a/src/controllers/authentication.js
+++ b/src/controllers/authentication.js
@@ -42,7 +42,7 @@ authenticationController.register = function (req, res) {
 				return next(new Error('[[error:invalid-email]]'));
 			}
 
-			if (!userData.username || userData.username.length < meta.config.minimumUsernameLength) {
+			if (!userData.username || userData.username.length < meta.config.minimumUsernameLength || utils.slugify(userData.username).length < meta.config.minimumUsernameLength) {
 				return next(new Error('[[error:username-too-short]]'));
 			}
 
diff --git a/test/authentication.js b/test/authentication.js
index 55602777a2..6dd781710c 100644
--- a/test/authentication.js
+++ b/test/authentication.js
@@ -78,6 +78,63 @@ describe('authentication', function () {
 		});
 	});
 
+	it('should fail to create user if username is too short', function (done) {
+		helpers.registerUser({
+			username: 'a',
+			password: '123456',
+			'password-confirm': '123456',
+			email: 'should@error1.com',
+		}, function (err, jar, response, body) {
+			assert.ifError(err);
+			assert.equal(response.statusCode, 400);
+			assert.equal(body, '[[error:username-too-short]]');
+			done();
+		});
+	});
+
+	it('should fail to create user if userslug is too short', function (done) {
+		helpers.registerUser({
+			username: '----a-----',
+			password: '123456',
+			'password-confirm': '123456',
+			email: 'should@error2.com',
+		}, function (err, jar, response, body) {
+			assert.ifError(err);
+			assert.equal(response.statusCode, 400);
+			assert.equal(body, '[[error:username-too-short]]');
+			done();
+		});
+	});
+
+	it('should fail to create user if userslug is too short', function (done) {
+		helpers.registerUser({
+			username: '     a',
+			password: '123456',
+			'password-confirm': '123456',
+			email: 'should@error3.com',
+		}, function (err, jar, response, body) {
+			assert.ifError(err);
+			assert.equal(response.statusCode, 400);
+			assert.equal(body, '[[error:username-too-short]]');
+			done();
+		});
+	});
+
+	it('should fail to create user if userslug is too short', function (done) {
+		helpers.registerUser({
+			username: 'a      ',
+			password: '123456',
+			'password-confirm': '123456',
+			email: 'should@error4.com',
+		}, function (err, jar, response, body) {
+			assert.ifError(err);
+			assert.equal(response.statusCode, 400);
+			assert.equal(body, '[[error:username-too-short]]');
+			done();
+		});
+	});
+
+
 	it('should register and login a user', function (done) {
 		request({
 			url: nconf.get('url') + '/api/config',
diff --git a/test/helpers/index.js b/test/helpers/index.js
index 29a66e00dd..79c510c88b 100644
--- a/test/helpers/index.js
+++ b/test/helpers/index.js
@@ -137,8 +137,8 @@ helpers.registerUser = function (data, callback) {
 			headers: {
 				'x-csrf-token': body.csrf_token,
 			},
-		}, function (err) {
-			callback(err, jar);
+		}, function (err, response, body) {
+			callback(err, jar, response, body);
 		});
 	});
 };