accounts: Perform some basic checks on valid email addresses

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/backend/accounts.py b/src/backend/accounts.py
index 9b01223484d67249d9344799eb9bceb6edd3a345..cc849bc256802a3af0e86e92ea12ef9bad0b679e 100644 (file)
--- a/src/backend/accounts.py
+++ b/src/backend/accounts.py
@@ -305,6 +305,24 @@ class Accounts(Object):
                # Account with uid does not exist, yet
                return False
 
+       def mail_is_valid(self, mail):
+               username, delim, domain = mail.partition("@")
+
+               # There must be an @ and a domain part
+               if not domain:
+                       return False
+
+               # The domain cannot end on a dot
+               if domain.endswith("."):
+                       return False
+
+               # The domain should at least have one dot to fully qualified
+               if not "." in domain:
+                       return False
+
+               # Looks like a valid email address
+               return True
+
        def mail_is_blacklisted(self, mail):
                username, delim, domain = mail.partition("@")
 
@@ -385,6 +403,10 @@ class Accounts(Object):
                if self.uid_exists(uid):
                        raise ValueError("UID exists: %s" % uid)
 
+               # Check if the email address is valid
+               if not self.mail_is_valid(email):
+                       raise ValueError("Email is invalid: %s" % email)
+
                # Check if the email address is blacklisted
                if self.mail_is_blacklisted(email):
                        raise ValueError("Email is blacklisted: %s" % email)

diff --git a/src/templates/auth/register.html b/src/templates/auth/register.html
index 5b1a81f46e7875740de97c815841478946ae426c..fc17b5240bf80a23ef6bdf04d0b89f0510e9cbca 100644 (file)
--- a/src/templates/auth/register.html
+++ b/src/templates/auth/register.html
@@ -26,10 +26,10 @@
                                                        pattern="[a-z_][a-z0-9_-]{3,31}">
                                        </div>
                                        <div id="uid-invalid" class="invalid-feedback">
-                                               {{ _("Please choose a username in UNIX format with at least four characters, starting with a lowercase letter, followed by only lowercase letters, digits, dash and underscore.") }}
+                                               {{ _("Please choose a username in UNIX format with at least four characters, starting with a lowercase letter, followed by only lowercase letters, digits, dash and underscore") }}
                                        </div>
                                        <div id="uid-taken" class="invalid-feedback">
-                                               {{ _("This username is not available.") }}
+                                               {{ _("This username is not available") }}
                                        </div>
                                </div>
 
@@ -53,10 +53,13 @@
                                        <input type="email" class="form-control"
                                                name="email" placeholder="{{ _("Email Address") }}" required>
                                        <div id="email-invalid" class="invalid-feedback">
-                                               {{ _("This email address cannot be used.") }}
+                                               {{ _("This email address is invalid") }}
+                                       </div>
+                                       <div id="email-blacklisted" class="invalid-feedback">
+                                               {{ _("This email address cannot be used") }}
                                        </div>
                                        <div id="email-taken" class="invalid-feedback">
-                                               {{ _("This email address is already in use.") }}
+                                               {{ _("This email address is already in use") }}
                                        </div>
                                </div>
 
@@ -148,6 +151,11 @@
                                                                $("#email-invalid").show();
                                                                break;
 
+                                                       case "blacklisted":
+                                                               email.addClass("is-invalid");
+                                                               $("#email-blacklisted").show();
+                                                               break;
+
                                                        case "taken":
                                                                email.addClass("is-invalid");
                                                                $("#email-taken").show();

diff --git a/src/web/auth.py b/src/web/auth.py
index c3ef726bc99ce162754524e02b305ec79e8337f0..2bb232c9cc68284f7e47ce05a79ac7128c365823 100644 (file)
--- a/src/web/auth.py
+++ b/src/web/auth.py
@@ -223,9 +223,12 @@ class APICheckEmail(base.APIHandler):
                if not email:
                        result = "empty"
 
+               elif not self.backend.accounts.mail_is_valid(email):
+                       result = "invalid"
+
                # Check if this email address is blacklisted
                elif self.backend.accounts.mail_is_blacklisted(email):
-                       result = "invalid"
+                       result = "blacklisted"
 
                # Check if this email address is already useed
                elif self.backend.accounts.get_by_mail(email):