Comparison

mod_register_web/mod_register_web.lua @ 2924:edf5e8a77d0c

mod_register_web: Remove username and password from form data and provide the rest in pre-registration event
author Kim Alvefur <zash@zash.se>
date Sat, 10 Mar 2018 02:44:27 +0100
parent 2923:9d53134a0b29
child 2925:049975800d1c
comparison
equal deleted inserted replaced
2923:9d53134a0b29 2924:edf5e8a77d0c
112 captcha = generate_captcha(display_options); 112 captcha = generate_captcha(display_options);
113 }) 113 })
114 end 114 end
115 115
116 function register_user(form, origin) 116 function register_user(form, origin)
117 local prepped_username = nodeprep(form.username); 117 local username = form.username;
118 local password = form.password;
119 local confirm_password = form.confirm_password;
120 form.username, form.password, form.confirm_password = nil, nil, nil;
121
122 local prepped_username = nodeprep(username);
118 if not prepped_username then 123 if not prepped_username then
119 return nil, "Username contains forbidden characters"; 124 return nil, "Username contains forbidden characters";
120 end 125 end
121 if #prepped_username == 0 then 126 if #prepped_username == 0 then
122 return nil, "The username field was empty"; 127 return nil, "The username field was empty";
123 end 128 end
124 if usermanager.user_exists(prepped_username, module.host) then 129 if usermanager.user_exists(prepped_username, module.host) then
125 return nil, "Username already taken"; 130 return nil, "Username already taken";
126 end 131 end
127 local registering = { username = prepped_username , host = module.host, ip = origin.conn:ip(), allowed = true } 132 local registering = { username = prepped_username , host = module.host, additional = form, ip = origin.conn:ip(), allowed = true }
128 module:fire_event("user-registering", registering); 133 module:fire_event("user-registering", registering);
129 if not registering.allowed then 134 if not registering.allowed then
130 return nil, registering.reason or "Registration not allowed"; 135 return nil, registering.reason or "Registration not allowed";
131 end 136 end
132 if form.confirm_password ~= form.password then 137 if confirm_password ~= password then
133 return nil, "Passwords don't match"; 138 return nil, "Passwords don't match";
134 end 139 end
135 local ok, err = usermanager.create_user(prepped_username, form.password, module.host); 140 local ok, err = usermanager.create_user(prepped_username, password, module.host);
136 if ok then 141 if ok then
137 local extra_data = {}; 142 local extra_data = {};
138 for field in pairs(extra_fields) do 143 for field in pairs(extra_fields) do
139 local field_value = form[field]; 144 local field_value = form[field];
140 if field_value and #field_value > 0 then 145 if field_value and #field_value > 0 then