Enforce unique userIds and userNames #72
Description
It's possible that I can currently join a team with an existing user's id and then impersonate them. Need to test this to be sure.
A "softer" attack would be to join a team with an existing user's user name, which is definitely possible, and could cause confusion.
The tricky part here would be to sort out collisions that happen concurrently.