From b1bafa61a82f3dbf27126632d04548863ca8840d Mon Sep 17 00:00:00 2001 From: Guillaume FAUVET Date: Fri, 8 Dec 2017 02:35:16 +0100 Subject: [PATCH] fix: view.vue.signup-form (correct invalid username argument + secure sign up) --- view/vue/signup-form.vue | 31 ++++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/view/vue/signup-form.vue b/view/vue/signup-form.vue index 784d080..1057eca 100644 --- a/view/vue/signup-form.vue +++ b/view/vue/signup-form.vue @@ -44,40 +44,49 @@ }, methods: { create_account() { + const const_username = this.username_val; + const const_mail = this.mail_val; + const const_password = this.password_val; + let request = { - username: this.username_val, - mail: this.mail_val, - password: this.password_val + username: const_username, + mail: const_mail, + password: const_password }; api.call("POST user/signup", request, function (response) { /* (1) Check if is there an error and display theme that goes with */ - console.log(response); - if (response.error == 17) { + if (response.error == 17 && response.ErrorDescription.indexOf('mail') !== -1) { this.err_username = false; - this.err_mail = true; + this.err_mail = true; this.err_unknow = false; this.err_message = 'Le mail est invalide'; } + else if (response.error == 17 && response.ErrorDescription.indexOf('username') !== -1) { + this.err_username = true; + this.err_mail = false; + this.err_unknow = false; + this.err_message = 'Le nom d\'utilisateur a des caractères invalides'; + } else if (response.error == 29) { this.err_username = true; - this.err_mail = true; + this.err_mail = true; this.err_unknow = false; this.err_message = 'Le nom d\'utilisateur ou le mail est déjà pris'; } else if (!response.registered) { this.err_username = false; - this.err_mail = false; + this.err_mail = false; this.err_unknow = true; this.err_message = 'Impossible de créer le compte pour le moment, veuillez réessayer plus tard'; } /* (2) Close the sign up form authentication */ else { - this.infobox._display('Inscription terminée ! Connexion en cours ...', 'info', 3000); + infobox._display('Inscription terminée ! Connexion en cours ...', 'info', 3000); let request = { - username: this.username_val, - password: this.password_val + username: const_username, + password: const_password }; api.call("POST user/login", request, function (response) {