Fix error on account activation with wrong passwd (#22609)
On activating local accounts, the error message didn't differentiate
between using a wrong or expired token, or a wrong password. The result
could already be obtained from the behaviour (different screens were
presented), but the error message was misleading and lead to confusion
for new users on Codeberg with Forgejo.
Now, entering a wrong password for a valid token prints a different
error message.
The problem was introduced in 0f14f69e60
.
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
This commit is contained in:
parent
74466eb133
commit
95d9fbdcf3
@ -322,6 +322,7 @@ email_not_associate = The email address is not associated with any account.
|
|||||||
send_reset_mail = Send Account Recovery Email
|
send_reset_mail = Send Account Recovery Email
|
||||||
reset_password = Account Recovery
|
reset_password = Account Recovery
|
||||||
invalid_code = Your confirmation code is invalid or has expired.
|
invalid_code = Your confirmation code is invalid or has expired.
|
||||||
|
invalid_password = Your password does not match the password that was used to create the account.
|
||||||
reset_password_helper = Recover Account
|
reset_password_helper = Recover Account
|
||||||
reset_password_wrong_user = You are signed in as %s, but the account recovery link is for %s
|
reset_password_wrong_user = You are signed in as %s, but the account recovery link is for %s
|
||||||
password_too_short = Password length cannot be less than %d characters.
|
password_too_short = Password length cannot be less than %d characters.
|
||||||
|
@ -633,7 +633,7 @@ func Activate(ctx *context.Context) {
|
|||||||
user := user_model.VerifyUserActiveCode(code)
|
user := user_model.VerifyUserActiveCode(code)
|
||||||
// if code is wrong
|
// if code is wrong
|
||||||
if user == nil {
|
if user == nil {
|
||||||
ctx.Data["IsActivateFailed"] = true
|
ctx.Data["IsCodeInvalid"] = true
|
||||||
ctx.HTML(http.StatusOK, TplActivate)
|
ctx.HTML(http.StatusOK, TplActivate)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
@ -660,7 +660,7 @@ func ActivatePost(ctx *context.Context) {
|
|||||||
user := user_model.VerifyUserActiveCode(code)
|
user := user_model.VerifyUserActiveCode(code)
|
||||||
// if code is wrong
|
// if code is wrong
|
||||||
if user == nil {
|
if user == nil {
|
||||||
ctx.Data["IsActivateFailed"] = true
|
ctx.Data["IsCodeInvalid"] = true
|
||||||
ctx.HTML(http.StatusOK, TplActivate)
|
ctx.HTML(http.StatusOK, TplActivate)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
@ -675,7 +675,7 @@ func ActivatePost(ctx *context.Context) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
if !user.ValidatePassword(password) {
|
if !user.ValidatePassword(password) {
|
||||||
ctx.Data["IsActivateFailed"] = true
|
ctx.Data["IsPasswordInvalid"] = true
|
||||||
ctx.HTML(http.StatusOK, TplActivate)
|
ctx.HTML(http.StatusOK, TplActivate)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
@ -30,8 +30,10 @@
|
|||||||
<input id="code" name="code" type="hidden" value="{{.Code}}">
|
<input id="code" name="code" type="hidden" value="{{.Code}}">
|
||||||
{{else if .IsSendRegisterMail}}
|
{{else if .IsSendRegisterMail}}
|
||||||
<p>{{.locale.Tr "auth.confirmation_mail_sent_prompt" (.Email|Escape) .ActiveCodeLives | Str2html}}</p>
|
<p>{{.locale.Tr "auth.confirmation_mail_sent_prompt" (.Email|Escape) .ActiveCodeLives | Str2html}}</p>
|
||||||
{{else if .IsActivateFailed}}
|
{{else if .IsCodeInvalid}}
|
||||||
<p>{{.locale.Tr "auth.invalid_code"}}</p>
|
<p>{{.locale.Tr "auth.invalid_code"}}</p>
|
||||||
|
{{else if .IsPasswordInvalid}}
|
||||||
|
<p>{{.locale.Tr "auth.invalid_password"}}</p>
|
||||||
{{else if .ManualActivationOnly}}
|
{{else if .ManualActivationOnly}}
|
||||||
<p class="center">{{.locale.Tr "auth.manual_activation_only"}}</p>
|
<p class="center">{{.locale.Tr "auth.manual_activation_only"}}</p>
|
||||||
{{else}}
|
{{else}}
|
||||||
|
Loading…
Reference in New Issue
Block a user