Skip to content

MaybeGriffin/UsernameBlockList

BranchesTags

Repository files navigation

Username Blocklist

A username and display-name blocklist for apps that need to prevent reserved names, unsafe names, impersonation names, route collisions, and other names that should not be allowed during account creation.

Install

npm install username-blocklist

Usage

import { checkBlockedName, isBlockedName } from 'username-blocklist';

const blocked = isBlockedName('admin');
// true

const result = checkBlockedName('@DenOfficial');
// {
//   blocked: true,
//   reason: 'exact' | 'contains',
//   normalizedName: 'denofficial',
//   matchedTerm: 'denofficial'
// }

Recommended app behavior

For user-facing errors, do not reveal which term was matched. Use one generic error string, such as:

'Username is not available, try another please'

That prevents users from reverse-engineering the blocklist and avoids creating unnecessary arguments with users about specific terms.

Matching behavior

The package uses two matching modes:

  1. BLOCKED_NAME_EXACT_TERMS — blocks only when the normalized name equals the term.
  2. BLOCKED_NAME_CONTAINS_TERMS — blocks when the normalized name contains the term anywhere.

This keeps short/system terms from causing false positives while still catching severe or impersonation terms inside longer names.

Normalization

Before checking, names are normalized by:

  • Unicode NFKC normalization
  • trimming whitespace
  • removing leading @ symbols
  • removing invisible/control characters
  • lowercasing

The package does not perform aggressive leetspeak conversion because that can create surprising false positives. Common variants should be added directly to the list.

API

isBlockedName(value, options?)

Returns true if the name is blocked.

isBlockedName('admin');

checkBlockedName(value, options?)

Returns a structured result.

checkBlockedName('admin');

normalizeName(value)

Returns the normalized version of a name.

normalizeName('  @Admin  '); // "admin"

Custom terms

You can provide your own arrays if you want to extend or override the defaults:

checkBlockedName('example', {
  exactTerms: ['example'],
  containsTerms: ['badterm'],
});

Development

npm install
npm test
npm run typecheck
npm run build

GitHub upload steps

  1. Create a new folder on your computer named username-blocklist.
  2. Copy these files into that folder.
  3. Open the folder in VS Code.
  4. Run:
git init
git add .
git commit -m "Initial username blocklist package"
  1. Create a new GitHub repo.
  2. Do not add a README/license/gitignore on GitHub if you already copied these files.
  3. Connect and push:
git branch -M main
git remote add origin https://github.com/YOUR_USERNAME/username-blocklist.git
git push -u origin main

License

MIT

About

This is a list of reserved / banned usernames to be used as a template for username validation when creating services that allow users to register usernames. Some of these are specific for my app, the others are generic blacklisted and reserved names that I use for all other services with login and usernames.

Resources

Readme

License

MIT license

Contributing

Contributing

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages