projects
/
zzz-floof.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Restrict usernames to lowercase, digits, and hyphens.
[zzz-floof.git]
/
floof
/
controllers
/
account.py
diff --git
a/floof/controllers/account.py
b/floof/controllers/account.py
index
2c94736
..
2073d44
100644
(file)
--- a/
floof/controllers/account.py
+++ b/
floof/controllers/account.py
@@
-97,6
+97,7
@@
class AccountController(BaseController):
c.identity_url = session['register:identity_url']
c.nickname = session.get('register:nickname', None)
c.identity_url = session['register:identity_url']
c.nickname = session.get('register:nickname', None)
+ # XXX hey, uh. warn if this name is taken already.
return render('/account/register.mako')
return render('/account/register.mako')
@@
-106,23
+107,27
@@
class AccountController(BaseController):
identity_url = session['register:identity_url']
username = request.params.get('username', None)
identity_url = session['register:identity_url']
username = request.params.get('username', None)
- # XXX how do we return errors in some useful way?
-
if not username:
if not username:
- return 'Please enter a username.'
+ h.flash(u'Please enter a username.')
+ return self.register()
if User.query.filter_by(name=username).count():
if User.query.filter_by(name=username).count():
- return 'That username is taken.'
+ h.flash(u'This username is already taken.')
+ return self.register()
+
+ if not User.is_valid_name(username):
+ h.flash(u'This username is not valid.')
+ return self.register()
# Create db records
# Create db records
- user = User(name=username)
+ user = User(name=username
, display_name=username
)
user.identity_urls.append(IdentityURL(url=identity_url))
elixir.session.commit()
# Log in
session['user_id'] = user.id
session.save()
user.identity_urls.append(IdentityURL(url=identity_url))
elixir.session.commit()
# Log in
session['user_id'] = user.id
session.save()
+ h.flash(u'You are now logged in.')
- # XXX how do we do success messages in some useful way?
# XXX send me where I came from
redirect('/')
# XXX send me where I came from
redirect('/')