harmacist/healthchecks
1
0
Fork 0
forked from GithubBackups/healthchecks
Code Issues Pull Requests Projects Releases Wiki Activity

Login form: rename the email box to "identity" to avoid some auto-signup bots

Browse Source
This commit is contained in:
Pēteris Caune 2018-10-10 09:53:42 +03:00
parent a58ce791c0
commit 4acd6a16e8
No known key found for this signature in database
GPG Key ID: E28D7679E9A9EDE2
5 changed files with 17 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
hc/accounts/forms.py
View File

@ -13,10 +13,12 @@ class LowercaseEmailField(forms.EmailField):
class EmailForm(forms.Form):
email = LowercaseEmailField()
# Call it "identity" instead of "email"
# to avoid some of the dumber bots
identity = LowercaseEmailField()
def clean_email(self):
v = self.cleaned_data["email"]
def clean_identity(self):
v = self.cleaned_data["identity"]
# If registration is not open then validate if an user
# account with this address exists-

8
hc/accounts/tests/test_login.py
View File

@ -10,7 +10,7 @@ from django.conf import settings
class LoginTestCase(TestCase):
def test_it_sends_link(self):
form = {"email": "alice@example.org"}
form = {"identity": "alice@example.org"}
r = self.client.post("/accounts/login/", form)
assert r.status_code == 302
@ -34,17 +34,17 @@ class LoginTestCase(TestCase):
@override_settings(REGISTRATION_OPEN=False)
def test_it_obeys_registration_open(self):
form = {"email": "dan@example.org"}
form = {"identity": "dan@example.org"}
r = self.client.post("/accounts/login/", form)
assert r.status_code == 200
self.assertContains(r, "Incorrect email")
def test_it_ignores_ces(self):
def test_it_ignores_case(self):
alice = User(username="alice", email="alice@example.org")
alice.save()
form = {"email": "ALICE@EXAMPLE.ORG"}
form = {"identity": "ALICE@EXAMPLE.ORG"}
r = self.client.post("/accounts/login/", form)
assert r.status_code == 302

2
hc/accounts/views.py
View File

@ -71,7 +71,7 @@ def login(request):
else:
magic_form = EmailForm(request.POST)
if magic_form.is_valid():
email = magic_form.cleaned_data["email"]
email = magic_form.cleaned_data["identity"]
user = None
try:
user = User.objects.get(email=email)

10
templates/accounts/login.html
View File

@ -18,16 +18,16 @@
<form id="magic-link-form" method="post">
{% csrf_token %}
{% if magic_form.email.errors %}
{% if magic_form.errors %}
<p class="text-danger">Incorrect email address.</p>
{% else %}
<p>Enter your <strong>email address</strong>.</p>
{% endif %}
<input
type="text"
type="email"
class="form-control input-lg"
name="email"
name="identity"
value="{{ magic_form.email.value|default:"" }}"
placeholder="you@example.org">
@ -53,7 +53,7 @@
{% csrf_token %}
<input type="hidden" name="action" value="login" />
{% if form.non_field_errors %}
{% if form.errors %}
<p class="text-danger">Incorrect email or password.</p>
{% else %}
<p>
@ -62,7 +62,7 @@
{% endif %}
<input
type="text"
type="email"
class="form-control input-lg"
name="email"
value="{{ form.email.value|default:"" }}"

4
templates/front/welcome.html
View File

@ -138,7 +138,7 @@
<input
type="email"
class="form-control"
name="email"
name="identity"
autocomplete="email"
placeholder="Email">
</div>
@ -456,7 +456,7 @@
<input
type="email"
class="form-control"
name="email"
name="identity"
autocomplete="email"
placeholder="Email">
</div>