From f127096660a0eed7da2ef6db68720eba4dfbd7a0 Mon Sep 17 00:00:00 2001
From: Patrick Barron <barronpm@gmail.com>
Date: Tue, 16 Feb 2021 20:48:41 -0500
Subject: [PATCH] Don't allow new users to be created with the same name as an
 existing user.

---
 Jellyfin.Server.Implementations/Users/UserManager.cs | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/Jellyfin.Server.Implementations/Users/UserManager.cs b/Jellyfin.Server.Implementations/Users/UserManager.cs
index 95736c37f3..a3a9e90d42 100644
--- a/Jellyfin.Server.Implementations/Users/UserManager.cs
+++ b/Jellyfin.Server.Implementations/Users/UserManager.cs
@@ -206,6 +206,14 @@ namespace Jellyfin.Server.Implementations.Users
                 throw new ArgumentException("Usernames can contain unicode symbols, numbers (0-9), dashes (-), underscores (_), apostrophes ('), and periods (.)");
             }
 
+            if (Users.Any(u => u.Username.Equals(name, StringComparison.OrdinalIgnoreCase)))
+            {
+                throw new ArgumentException(string.Format(
+                    CultureInfo.InvariantCulture,
+                    "A user with the name '{0}' already exists.",
+                    name));
+            }
+
             await using var dbContext = _dbProvider.CreateContext();
 
             var newUser = await CreateUserInternalAsync(name, dbContext).ConfigureAwait(false);