login: provide specific error messages for certain failures - merged with i18n
This commit is contained in:
Carl Chenet
parent
44774bae6d
commit
ecc97fb30a
|
|
@ -1,3 +1,8 @@
|
||||||
|
class LoginBannedError < StandardError; end
|
||||||
|
class LoginDeletedError < StandardError; end
|
||||||
|
class LoginTOTPFailedError < StandardError; end
|
||||||
|
class LoginFailedError < StandardError; end
|
||||||
|
|
||||||
class LoginController < ApplicationController
|
class LoginController < ApplicationController
|
||||||
before_filter :authenticate_user
|
before_filter :authenticate_user
|
||||||
|
|
||||||
|
|
@ -22,9 +27,11 @@ class LoginController < ApplicationController
|
||||||
user = User.where(:username => params[:email]).first
|
user = User.where(:username => params[:email]).first
|
||||||
end
|
end
|
||||||
|
|
||||||
|
fail_reason = nil
|
||||||
|
|
||||||
begin
|
begin
|
||||||
if !user
|
if !user
|
||||||
raise "no user"
|
raise LoginFailedError
|
||||||
end
|
end
|
||||||
|
|
||||||
if !user.authenticate(params[:password].to_s)
|
if !user.authenticate(params[:password].to_s)
|
||||||
|
|
@ -36,18 +43,16 @@ class LoginController < ApplicationController
|
||||||
params[:password] = m[1]
|
params[:password] = m[1]
|
||||||
params[:totp] = m[2]
|
params[:totp] = m[2]
|
||||||
else
|
else
|
||||||
raise "authentication failed"
|
raise LoginFailedError
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
if user.is_banned?
|
if user.is_banned?
|
||||||
raise "user is banned"
|
raise LoginBannedError
|
||||||
end
|
end
|
||||||
|
|
||||||
if !user.is_active?
|
if !user.is_active?
|
||||||
user.undelete!
|
raise LoginDeletedError
|
||||||
flash[:success] = "Your account has been reactivated and your " <<
|
|
||||||
"unmoderated comments have been undeleted."
|
|
||||||
end
|
end
|
||||||
|
|
||||||
if !user.password_digest.to_s.match(/^\$2a\$#{BCrypt::Engine::DEFAULT_COST}\$/)
|
if !user.password_digest.to_s.match(/^\$2a\$#{BCrypt::Engine::DEFAULT_COST}\$/)
|
||||||
|
|
@ -60,7 +65,7 @@ class LoginController < ApplicationController
|
||||||
if user.authenticate_totp(params[:totp])
|
if user.authenticate_totp(params[:totp])
|
||||||
# ok, fall through
|
# ok, fall through
|
||||||
else
|
else
|
||||||
raise "invalid TOTP code"
|
raise LoginTOTPFailedError
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
return respond_to do |format|
|
return respond_to do |format|
|
||||||
|
|
@ -100,18 +105,24 @@ class LoginController < ApplicationController
|
||||||
render :json => { :status => 1, :username => user.username }
|
render :json => { :status => 1, :username => user.username }
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
rescue
|
rescue LoginBannedError
|
||||||
|
fail_reason = I18n.t 'controllers.login_controller.bannedaccount'
|
||||||
|
rescue LoginDeletedError
|
||||||
|
fail_reason = I18n.t 'controllers.login_controller.deletedaccount'
|
||||||
|
rescue LoginTOTPFailedError
|
||||||
|
fail_reason = I18n.t 'controllers.login_controller.totpinvalid'
|
||||||
|
rescue LoginFailedError
|
||||||
|
fail_reason = I18n.t 'controllers.login_controller.flashlogininvalid'
|
||||||
end
|
end
|
||||||
|
|
||||||
respond_to do |format|
|
respond_to do |format|
|
||||||
format.html {
|
format.html {
|
||||||
flash.now[:error] = I18n.t 'controllers.login_controller.flashlogininvalid'
|
flash.now[:error] = fail_reason
|
||||||
@referer = params[:referer]
|
@referer = params[:referer]
|
||||||
index
|
index
|
||||||
}
|
}
|
||||||
format.json {
|
format.json {
|
||||||
render :json => { :status => 0,
|
render :json => { :status => 0, :error => fail_reason }
|
||||||
:error => "invalid 'email' and/or 'password' parameter" }
|
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
@ -171,7 +182,7 @@ class LoginController < ApplicationController
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
flash[:error] = t(.invalidresettoken')
|
flash[:error] = t('.invalidresettoken')
|
||||||
return redirect_to forgot_password_path
|
return redirect_to forgot_password_path
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -62,7 +62,6 @@ en:
|
||||||
messageslink: "Messages"
|
messageslink: "Messages"
|
||||||
loginlink: "Login"
|
loginlink: "Login"
|
||||||
logoutlink: "Logout"
|
logoutlink: "Logout"
|
||||||
confirmlogoutlink: "Are you sure you want to logout?"
|
|
||||||
moderationloglink: "Moderation Log"
|
moderationloglink: "Moderation Log"
|
||||||
invitationqueuelink: "Invitation Queue"
|
invitationqueuelink: "Invitation Queue"
|
||||||
chatlink: "Chat"
|
chatlink: "Chat"
|
||||||
|
|
@ -286,6 +285,7 @@ en:
|
||||||
verifypasswordflash: "Your password could not be verified."
|
verifypasswordflash: "Your password could not be verified."
|
||||||
index:
|
index:
|
||||||
logoutlink: "Logout"
|
logoutlink: "Logout"
|
||||||
|
confirmlogoutlink: "Are you sure you want to logout?"
|
||||||
viewprofile: "View Profile"
|
viewprofile: "View Profile"
|
||||||
accountsettings: "Account Settings"
|
accountsettings: "Account Settings"
|
||||||
username: "Username:"
|
username: "Username:"
|
||||||
|
|
@ -517,6 +517,9 @@ en:
|
||||||
flashsuccessdeleteinvit: "Successfully deleted invitation request from %{name}"
|
flashsuccessdeleteinvit: "Successfully deleted invitation request from %{name}"
|
||||||
login_controller:
|
login_controller:
|
||||||
flashlogininvalid: "Invalid e-mail address and/or password."
|
flashlogininvalid: "Invalid e-mail address and/or password."
|
||||||
|
totpinvalid: "Your TOTP code was invalid."
|
||||||
|
deletedaccount: "Your account has been deleted."
|
||||||
|
bannedaccount: "Your account has been banned."
|
||||||
messages_controller:
|
messages_controller:
|
||||||
messagestitle: "Messages"
|
messagestitle: "Messages"
|
||||||
messagessenttitle: "Messages Sent"
|
messagessenttitle: "Messages Sent"
|
||||||
|
|
|
||||||
|
|
@ -296,6 +296,7 @@ fr:
|
||||||
verifypasswordflash: "Votre mot de passe n'a pas pu être vérifié."
|
verifypasswordflash: "Votre mot de passe n'a pas pu être vérifié."
|
||||||
index:
|
index:
|
||||||
logoutlink: "Se déconnecter"
|
logoutlink: "Se déconnecter"
|
||||||
|
confirmlogoutlink: "Êtes-vous sûr de vouloir vous déconnecter?"
|
||||||
viewprofile: "Voir le profil"
|
viewprofile: "Voir le profil"
|
||||||
accountsettings: "Paramètres du compte"
|
accountsettings: "Paramètres du compte"
|
||||||
username: "Utilisateur :"
|
username: "Utilisateur :"
|
||||||
|
|
@ -527,6 +528,10 @@ fr:
|
||||||
flashsuccessdeleteinvit: "Demande d'invitation de %{name} supprimée avec succès"
|
flashsuccessdeleteinvit: "Demande d'invitation de %{name} supprimée avec succès"
|
||||||
login_controller:
|
login_controller:
|
||||||
flashlogininvalid: "Adresse e-mail et/ou mot de passe invalide."
|
flashlogininvalid: "Adresse e-mail et/ou mot de passe invalide."
|
||||||
|
flashlogininvalid: "Adresse e-mail et/ou mot de passe invalide."
|
||||||
|
totpinvalid: "Votre code TOTP est invalide."
|
||||||
|
deletedaccount: "Votre compte a été supprimé."
|
||||||
|
bannedaccount: "Votre compte a été banni."
|
||||||
messages_controller:
|
messages_controller:
|
||||||
messagestitle: "Messages"
|
messagestitle: "Messages"
|
||||||
messagessenttitle: "Messages envoyés"
|
messagessenttitle: "Messages envoyés"
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue