Mercurial > p > roundup > code
comparison roundup/configuration.py @ 5976:71c68961d9f4
- issue2550920 - Optionally detect duplicate username at registration.
Added config option to allow detection of duplicate username when the
user tries to register. Previously user was rejected when dupliate
name found at confirmation step.
Optional as it can make username guessing easier.
Testing is in place for this.
Also attempted to make the unfriendly error message:
'node with key "username" exists'
into a translatable friendly error:
"Username 'username' already exists."
This is missing any test. It is also fragile as I capture the
ValueError exception and see that the exception matches:
'node with key "username" exists'
If it does reassert the friendly message. Otherwise just re-raise
existing exception. If the "node with key..." message is translated
the friendly override will not trigger.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sat, 09 Nov 2019 16:33:42 -0500 |
| parents | 98a8509ce45c |
| children | 55f5060e0508 |
comparison
equal
deleted
inserted
replaced
| 5975:59842a3e8108 | 5976:71c68961d9f4 |
|---|---|
| 801 (IntegerNumberGeqZeroOption, 'registration_delay', "4", | 801 (IntegerNumberGeqZeroOption, 'registration_delay', "4", |
| 802 "The number of seconds needed to complete the new user\n" | 802 "The number of seconds needed to complete the new user\n" |
| 803 "registration form. This limits the rate at which bots\n" | 803 "registration form. This limits the rate at which bots\n" |
| 804 "can attempt to sign up. Limit can be disabled by setting\n" | 804 "can attempt to sign up. Limit can be disabled by setting\n" |
| 805 "the value to 0."), | 805 "the value to 0."), |
| 806 (BooleanOption, 'registration_prevalidate_username', "no", | |
| 807 "When registering a user, check that the username\n" | |
| 808 "is available before sending confirmation email.\n" | |
| 809 "Usually a username conflict is detected when\n" | |
| 810 "confirming the registration. Disabled by default as\n" | |
| 811 "it can be used for guessing existing usernames.\n" ), | |
| 806 (SameSiteSettingOption, 'samesite_cookie_setting', "Lax", | 812 (SameSiteSettingOption, 'samesite_cookie_setting', "Lax", |
| 807 """Set the mode of the SameSite cookie option for | 813 """Set the mode of the SameSite cookie option for |
| 808 the session cookie. Choices are 'Lax' or | 814 the session cookie. Choices are 'Lax' or |
| 809 'Strict'. 'None' can be used to suppress the | 815 'Strict'. 'None' can be used to suppress the |
| 810 option. Strict mode provides additional security | 816 option. Strict mode provides additional security |