The first part should be straightforward. Simply store the list of blacklisted words somewhere and when the server receives the sign up request, it checks the user name against that list and sends and error if it finds it.
Blacklisting a username that someone has already taken is a bit more tricky. I guess if it is really important you can always send them an email explaining the situation, asking them to change the username and giving a deadline when you are going to automatically change the username. Something like dear user Administrator. Due to a change in our policy, your username is not valid anymore. Please visit the following link to change it. Note that if you don't update your username within a week, the system will automatically change it to "User_01738". Thanks for your understanding.
You should keep in mind that if you are using the username to identify the user across the application it will be a lot harder to change it, therefore I recommend that you identify the user with a generated key and just use the username for display purposes.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
The first part should be straightforward. Simply store the list of blacklisted words somewhere and when the server receives the sign up request, it checks the user name against that list and sends and error if it finds it.
Blacklisting a username that someone has already taken is a bit more tricky. I guess if it is really important you can always send them an email explaining the situation, asking them to change the username and giving a deadline when you are going to automatically change the username. Something like dear user Administrator. Due to a change in our policy, your username is not valid anymore. Please visit the following link to change it. Note that if you don't update your username within a week, the system will automatically change it to "User_01738". Thanks for your understanding.
You should keep in mind that if you are using the username to identify the user across the application it will be a lot harder to change it, therefore I recommend that you identify the user with a generated key and just use the username for display purposes.