From 51edbc1578fe49b281b39d91451d2b9df0092028 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Sun, 8 Mar 2020 00:14:29 +0100
Subject: Improve login and registration pages (#2794)

* Keep the user on login page on failure

* Show an error if username already exists

* Check the password format in the backend

* Return a better message if username is invalid

* Add a title to the login page

* wip: Improve look of login and register pages

* Set a capital M in username help message

On the registration page, username tip started with a minuscule, while
the password tip started with a capital.

* Change message if username is taken
---
 app/Controllers/userController.php | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

(limited to 'app/Controllers/userController.php')

diff --git a/app/Controllers/userController.php b/app/Controllers/userController.php
index b5725e6b5..5da42f5a4 100644
--- a/app/Controllers/userController.php
+++ b/app/Controllers/userController.php
@@ -284,6 +284,27 @@ class FreshRSS_user_Controller extends Minz_ActionController {
 			$email = Minz_Request::param('new_user_email', '');
 			$passwordPlain = Minz_Request::param('new_user_passwordPlain', '', true);
 
+			if (!self::checkUsername($new_user_name)) {
+				Minz_Request::bad(
+					_t('user.username.invalid'),
+					array('c' => 'auth', 'a' => 'register')
+				);
+			}
+
+			if (FreshRSS_UserDAO::exists($new_user_name)) {
+				Minz_Request::bad(
+					_t('user.username.taken', $new_user_name),
+					array('c' => 'auth', 'a' => 'register')
+				);
+			}
+
+			if (!FreshRSS_password_Util::check($passwordPlain)) {
+				Minz_Request::bad(
+					_t('user.password.invalid'),
+					array('c' => 'auth', 'a' => 'register')
+				);
+			}
+
 			$tos_enabled = file_exists(join_path(DATA_PATH, 'tos.html'));
 			$accept_tos = Minz_Request::param('accept_tos', false);
 
-- 
cgit v1.2.3