From: John Dong Date: Wed, 29 Aug 2007 21:42:55 +0000 (-0400) Subject: Validate usernames and passwords for accounts more closely. E-mails too X-Git-Url: https://projects.mako.cc/source/selectricity-live/commitdiff_plain/22a46a7e2d408fa64e55abd839e6b448f73ed760?hp=132c17fac0edd8b6eec263f494b95beef3b4e6ac Validate usernames and passwords for accounts more closely. E-mails too --- diff --git a/app/models/full_voter.rb b/app/models/full_voter.rb index 980fb5c..b82667c 100644 --- a/app/models/full_voter.rb +++ b/app/models/full_voter.rb @@ -9,4 +9,12 @@ class FullVoter < Voter self.password = token_generator.token end end + + protected + def validate + # E-mail regex, moderate complexity + # Stolen from http://www.regular-expressions.info/email.html + errors.add(:email, "is not valid") unless email =~ + /^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i + end end diff --git a/app/models/user.rb b/app/models/user.rb index 78266ad..eca592d 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -6,13 +6,12 @@ class User < ActiveRecord::Base attr_accessor :password attr_accessor :current_user - validates_presence_of :login, :email + validates_presence_of :email validates_presence_of :password, :if => :password_required? validates_presence_of :password_confirmation, :if => :password_required? validates_length_of :password, :within => 4..40, :if => :password_required? validates_confirmation_of :password, :if => :password_required? validates_length_of :login, :within => 3..40 - validates_length_of :email, :within => 3..100 validates_uniqueness_of :login, :email, :case_sensitive => false before_save :encrypt_password @@ -68,4 +67,12 @@ class User < ActiveRecord::Base def password_required? crypted_password.blank? || !password.blank? end + def validate + # E-mail regex, moderate complexity + # Stolen from http://www.regular-expressions.info/email.html + errors.add(:email, "is not valid") unless email =~ + /^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i + errors.add(:login, "should not begin or end with spaces") if login.strip! + errors.add(:login, "should contain only letters, numbers, and spaces") unless login =~ /^[A-Za-z0-9 ]*$/ + end end