login: provide specific error messages for certain failures - merged with i18n
This commit is contained in:
parent
44774bae6d
commit
ecc97fb30a
|
@ -1,3 +1,8 @@
|
|||
class LoginBannedError < StandardError; end
|
||||
class LoginDeletedError < StandardError; end
|
||||
class LoginTOTPFailedError < StandardError; end
|
||||
class LoginFailedError < StandardError; end
|
||||
|
||||
class LoginController < ApplicationController
|
||||
before_filter :authenticate_user
|
||||
|
||||
|
@ -22,9 +27,11 @@ class LoginController < ApplicationController
|
|||
user = User.where(:username => params[:email]).first
|
||||
end
|
||||
|
||||
fail_reason = nil
|
||||
|
||||
begin
|
||||
if !user
|
||||
raise "no user"
|
||||
raise LoginFailedError
|
||||
end
|
||||
|
||||
if !user.authenticate(params[:password].to_s)
|
||||
|
@ -36,18 +43,16 @@ class LoginController < ApplicationController
|
|||
params[:password] = m[1]
|
||||
params[:totp] = m[2]
|
||||
else
|
||||
raise "authentication failed"
|
||||
raise LoginFailedError
|
||||
end
|
||||
end
|
||||
|
||||
if user.is_banned?
|
||||
raise "user is banned"
|
||||
raise LoginBannedError
|
||||
end
|
||||
|
||||
if !user.is_active?
|
||||
user.undelete!
|
||||
flash[:success] = "Your account has been reactivated and your " <<
|
||||
"unmoderated comments have been undeleted."
|
||||
raise LoginDeletedError
|
||||
end
|
||||
|
||||
if !user.password_digest.to_s.match(/^\$2a\$#{BCrypt::Engine::DEFAULT_COST}\$/)
|
||||
|
@ -60,7 +65,7 @@ class LoginController < ApplicationController
|
|||
if user.authenticate_totp(params[:totp])
|
||||
# ok, fall through
|
||||
else
|
||||
raise "invalid TOTP code"
|
||||
raise LoginTOTPFailedError
|
||||
end
|
||||
else
|
||||
return respond_to do |format|
|
||||
|
@ -100,18 +105,24 @@ class LoginController < ApplicationController
|
|||
render :json => { :status => 1, :username => user.username }
|
||||
}
|
||||
end
|
||||
rescue
|
||||
rescue LoginBannedError
|
||||
fail_reason = I18n.t 'controllers.login_controller.bannedaccount'
|
||||
rescue LoginDeletedError
|
||||
fail_reason = I18n.t 'controllers.login_controller.deletedaccount'
|
||||
rescue LoginTOTPFailedError
|
||||
fail_reason = I18n.t 'controllers.login_controller.totpinvalid'
|
||||
rescue LoginFailedError
|
||||
fail_reason = I18n.t 'controllers.login_controller.flashlogininvalid'
|
||||
end
|
||||
|
||||
respond_to do |format|
|
||||
format.html {
|
||||
flash.now[:error] = I18n.t 'controllers.login_controller.flashlogininvalid'
|
||||
flash.now[:error] = fail_reason
|
||||
@referer = params[:referer]
|
||||
index
|
||||
}
|
||||
format.json {
|
||||
render :json => { :status => 0,
|
||||
:error => "invalid 'email' and/or 'password' parameter" }
|
||||
render :json => { :status => 0, :error => fail_reason }
|
||||
}
|
||||
end
|
||||
end
|
||||
|
@ -171,7 +182,7 @@ class LoginController < ApplicationController
|
|||
end
|
||||
end
|
||||
else
|
||||
flash[:error] = t(.invalidresettoken')
|
||||
flash[:error] = t('.invalidresettoken')
|
||||
return redirect_to forgot_password_path
|
||||
end
|
||||
end
|
||||
|
|
|
@ -62,7 +62,6 @@ en:
|
|||
messageslink: "Messages"
|
||||
loginlink: "Login"
|
||||
logoutlink: "Logout"
|
||||
confirmlogoutlink: "Are you sure you want to logout?"
|
||||
moderationloglink: "Moderation Log"
|
||||
invitationqueuelink: "Invitation Queue"
|
||||
chatlink: "Chat"
|
||||
|
@ -286,6 +285,7 @@ en:
|
|||
verifypasswordflash: "Your password could not be verified."
|
||||
index:
|
||||
logoutlink: "Logout"
|
||||
confirmlogoutlink: "Are you sure you want to logout?"
|
||||
viewprofile: "View Profile"
|
||||
accountsettings: "Account Settings"
|
||||
username: "Username:"
|
||||
|
@ -517,6 +517,9 @@ en:
|
|||
flashsuccessdeleteinvit: "Successfully deleted invitation request from %{name}"
|
||||
login_controller:
|
||||
flashlogininvalid: "Invalid e-mail address and/or password."
|
||||
totpinvalid: "Your TOTP code was invalid."
|
||||
deletedaccount: "Your account has been deleted."
|
||||
bannedaccount: "Your account has been banned."
|
||||
messages_controller:
|
||||
messagestitle: "Messages"
|
||||
messagessenttitle: "Messages Sent"
|
||||
|
|
|
@ -296,6 +296,7 @@ fr:
|
|||
verifypasswordflash: "Votre mot de passe n'a pas pu être vérifié."
|
||||
index:
|
||||
logoutlink: "Se déconnecter"
|
||||
confirmlogoutlink: "Êtes-vous sûr de vouloir vous déconnecter?"
|
||||
viewprofile: "Voir le profil"
|
||||
accountsettings: "Paramètres du compte"
|
||||
username: "Utilisateur :"
|
||||
|
@ -527,6 +528,10 @@ fr:
|
|||
flashsuccessdeleteinvit: "Demande d'invitation de %{name} supprimée avec succès"
|
||||
login_controller:
|
||||
flashlogininvalid: "Adresse e-mail et/ou mot de passe invalide."
|
||||
flashlogininvalid: "Adresse e-mail et/ou mot de passe invalide."
|
||||
totpinvalid: "Votre code TOTP est invalide."
|
||||
deletedaccount: "Votre compte a été supprimé."
|
||||
bannedaccount: "Votre compte a été banni."
|
||||
messages_controller:
|
||||
messagestitle: "Messages"
|
||||
messagessenttitle: "Messages envoyés"
|
||||
|
|
Loading…
Reference in a new issue