Added validation for signup and login screens

Closes #374 * Included node-validator as a package * Implemented server side validation (the client side js is a mess, need a LOT of work) * Validates email address both on signup and login screens, gives error message on malformed email addresses * Requires at least 8 chars of password * Tells user if password is too short * Tells user if no such user on login * Tells user if wrong password on login * Tells user if server responds with a 404 (goes away, dies, etc) * Added middleware between req and login / signup for validation
2025-04-15 03:01:37 -05:00 · 2013-08-18 22:50:42 +01:00 · 2013-08-18 22:50:42 +01:00 · e2ef9e5ade
commit e2ef9e5ade
parent 3e086d9c46
2 changed files with 16 additions and 9 deletions
--- a/ghost/admin/views/login.js
+++ b/ghost/admin/views/login.js
@ -45,7 +45,8 @@
        submitHandler: function (event) {
            event.preventDefault();
            var email = this.$el.find('.email').val(),
-                password = this.$el.find('.password').val();
+                password = this.$el.find('.password').val(),
+                self = this;

            $.ajax({
                url: '/ghost/login/',
@ -60,7 +61,7 @@
                error: function (obj, string, status) {
                    Ghost.notifications.addItem({
                        type: 'error',
-                        message: obj.responseText,
+                        message: self.getRequestErrorMessage(obj),
                        status: 'passive'
                    });
                }
@ -79,7 +80,8 @@
        submitHandler: function (event) {
            event.preventDefault();
            var email = this.$el.find('.email').val(),
-                password = this.$el.find('.password').val();
+                password = this.$el.find('.password').val(),
+                self = this;

            $.ajax({
                url: '/ghost/signup/',
@ -92,10 +94,9 @@
                    window.location.href = msg.redirect;
                },
                error: function (obj, string, status) {
-                    var msgobj = $.parseJSON(obj.responseText);
                    Ghost.notifications.addItem({
                        type: 'error',
-                        message: msgobj.message,
+                        message: self.getRequestErrorMessage(obj),
                        status: 'passive'
                    });
                }
--- a/ghost/admin/views/settings.js
+++ b/ghost/admin/views/settings.js
@ -102,10 +102,11 @@
            });

        },
-        saveError: function () {
+        saveError: function (message) {
+            message = message || 'Something went wrong, not saved :(';
            Ghost.notifications.addItem({
                type: 'error',
-                message: 'Something went wrong, not saved :(',
+                message: message,
                status: 'passive'
            });
        }
@ -208,8 +209,13 @@
                newPassword = this.$('#user-password-new').val(),
                ne2Password = this.$('#user-new-password-verification').val();

-            if (newPassword !== ne2Password || newPassword.length < 6 || oldPassword.length < 6) {
-                this.saveError();
+            if (newPassword !== ne2Password) {
+                this.saveError('The passwords do not match');
+                return;
+            }
+
+            if (newPassword.length < 8) {
+                this.saveError('The password is not long enough. Have at least 8 characters');
                return;
            }