Be more strict validating user names

lib/database/users.go

@@ -22,7 +22,7 @@ func (db *pgDB) AddUser(name string, pass string) error {
 	if !validUserName(name) {
 		return errors.New("Invalid user name")
 	}
-	num, err := db.sql.Model(&user{}).Where("username = ?", name).Count()
+	num, err := db.sql.Model(&user{}).Where("lower(username) = lower(?)", name).Count()
 	if err != nil {
 		log.Error("Error on database checking user ", name, ": ", err)
 		return errors.New("An error happen on the database")
@@ -57,7 +57,7 @@ func (db *pgDB) GetRole(name string) (string, error) {
 
 func (db *pgDB) ValidPassword(name string, pass string) bool {
 	var u user
-	err := db.sql.Model(&u).Where("username = ?", name).Select()
+	err := db.sql.Model(&u).Where("lower(username) = lower(?)", name).Select()
 	if err != nil {
 		return false
 	}
@@ -82,7 +82,12 @@ func (db *pgDB) SetPassword(name string, pass string) error {
 }
 
 func validUserName(name string) bool {
-	return name != ""
+	switch name {
+	case "", "admin", "webmaster", "postmaster", "info", "root", "news":
+		return false
+	default:
+		return true
+	}
 }
 
 func hashPass(pass string) (hash []byte, salt []byte, err error) {