From 9946bd838b3d4e7a9192f9b701be6ebf7b8c4efd Mon Sep 17 00:00:00 2001
From: Timo Makinen <tmakinen@foo.sh>
Date: Sun, 29 Jan 2023 21:41:01 +0000
Subject: [PATCH] homeassistant: Check invalid characters in user

---
 roles/homeassistant/files/auth-command.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/roles/homeassistant/files/auth-command.sh b/roles/homeassistant/files/auth-command.sh
index 4e8f370..6b2c2dc 100755
--- a/roles/homeassistant/files/auth-command.sh
+++ b/roles/homeassistant/files/auth-command.sh
@@ -2,6 +2,10 @@
 
 set -eu
 
+if [ "$(echo "$username" | sed -r 's/^[a-z]+$/x/')" != "x" ]; then
+    exit 2
+fi
+
 curl -sf -X POST -H "Content-Type: application/json" -d @- \
     https://id.foo.sh/authcheck <<EOF
 {"username": "${username}", "password": "${password}", "group": "foosh"}