Commit graph

24 commits

Author SHA1 Message Date
ThibG
e1ef5f3b31 Add honeypot fields and minimum fill-out time for sign-up form (#15276)
* Add honeypot fields to limit non-specialized spam

Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.

This should cut down on some non-Mastodon-specific spambots.

* Require a 3 seconds delay before submitting the registration form

* Fix tests

* Move registration form time check to model validation

* Give people a chance to clear the honeypot fields

* Refactor honeypot translation strings

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-10 06:27:26 +01:00
ThibG
9a6ec27a87 Fix client-side form validation not accepting handles with uppercase letters (#14599) 2020-08-19 19:00:47 +02:00
ThibG
ef710bbff6 Add client-side validation in password change forms (#14564)
* Fix client-side username validation at registration

It used the Account::USERNAME_RE regexp which is for *remote* users,
local user validation is stricter. Also take into account max username length.

* Add client-side form validation for password change

* Add client-side form validation to dedicated registration form

Previous changes only applied to the /about page, not the dedicated form on
/auth
2020-08-12 12:11:15 +02:00
ThibG
3b7373ed4c Fix end-user-facing uses of inline CSS (#13438)
* Move some inline styles to CSS files

* Move default_account_display_name span to fix useless tags with duplicate id

* Change handling of public pages spoiler text from inline CSS to dataset attribute

* Use the `dir` HTML attribute instead of inline CSS

* Move status action bar inline CSS to CSS file

* Hide logo resources from CSS file, not inline CSS

Fixes #11601

* Move translation prompt styling from inline CSS to CSS file

* Move “invited by” styling on registration form from inline to CSS file

* Use the progress tag to display poll results in JS fallback

* Fix poll results JS-less fallback when the user has voted for an option

* Change account public page “moved” notice to use img tags instead of inline CSS

* Move OTP hint inline CSS to SCSS file

* Hide JS-less fallback vote progressbars from accessibility tools

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-04-28 10:16:55 +02:00
ThibG
d5a71bf924 Fix invite request input not being shown on sign-up error if left empty (#13089)
If the “Why do you want to join?” textarea is left empty and the entered params
do not validate, the textarea isn't shown again, unlike other fields.

This commit fixes that by populating an empty `UserInviteRequest` when needed.
2020-02-16 12:38:22 +01:00
Eugen Rochko
feeecba886 Change OpenGraph description on sign-up page to reflect invite (#11744) 2019-09-03 04:56:54 +02:00
Eugen Rochko
825dc3ca22 Add whitelist mode (#11291) 2019-07-30 11:10:46 +02:00
Eugen Rochko
72f3242a59 Fix sign up button not saying sign up when invite is used (#10623)
Fix #10616
2019-04-23 04:39:21 +02:00
Eugen Rochko
7eb05b8724 Add "why do you want to join" field to invite requests (#10524)
* Add "why do you want to join" field to invite requests

Fix #10512

* Remove unused translations

* Fix broken registrations when no invite request text is submitted
2019-04-09 23:06:30 +09:00
Eugen Rochko
73fb7bfa0f Admission-based registrations mode (#10250)
Fix #6856
Fix #6951
2019-03-14 05:28:30 +01:00
Eugen Rochko
d3105031f8 Redesign forms, verify link ownership with rel="me" (#8703)
* Verify link ownership with rel="me"

* Add explanation about verification to UI

* Perform link verifications

* Add click-to-copy widget for verification HTML

* Redesign edit profile page

* Redesign forms

* Improve responsive design of settings pages

* Restore landing page sign-up form

* Fix typo

* Support <link> tags, add spec

* Fix links not being verified on first discovery and passive updates
2018-09-18 16:45:58 +02:00
Eugen Rochko
13df3889f0 Redesign public profiles and toots (#8068) 2018-07-28 19:25:33 +02:00
Eugen Rochko
907694df6a Add autofollow option to invites (#7805)
* Add autofollow option to invites

* Trigger CodeClimate rebuild
2018-06-15 18:00:23 +02:00
Eugen Rochko
bc8c951083 Add consumable invites (#5814)
* Add consumable invites

* Add UI for generating invite codes

* Add tests

* Display max uses and expiration in invites table, delete invite

* Remove unused column and redundant validator

- Default follows not used, probably bad idea
- InviteCodeValidator is redundant because RegistrationsController
  checks invite code validity

* Add admin setting to disable invites

* Add admin UI for invites, configurable role for invite creation

- Admin UI that lists everyone's invites, always available
- Admin setting min_invite_role to control who can invite people
- Non-admin invite UI only visible if users are allowed to

* Do not remove invites from database, expire them instantly
2017-11-27 16:07:59 +01:00
takayamaki
cfab4a7ce4 sign_in and sign_up views present og meta infos (#5308) 2017-10-11 00:52:25 +02:00
Lynx Kotoura
b5ec3346fa Adjust landing pages 2 (#4967)
* Adjust landing pages 2

Fix styles of terms page
Remove action buttons from timeline in about page
Adjust styles of short description
Adjust form inputs
Set autocomplete off for username and email box in registration form. Remove line breakings.

* Revert removing action buttons
2017-09-16 18:39:11 +02:00
Lynx Kotoura
b7482e4a9f Fix autocomplete option in haml files (#4438)
* Fix autocomplete in two_factor.html.haml

* Fix autocomplete in registrations edit.html.haml

* Fix autocomplete in passwords edit.html.haml

* Fix autocomplete in _registration.html.haml

* Fix autocomplete in new.html.haml

* Fix autocomplete in show.html.haml

* Add autocomplete option to sessions new.html.haml

* Add autocomplete option to 2FA new.html.haml

* Add autocomplete option to 2FA show.html.haml
2017-07-29 14:20:31 +02:00
Eugen Rochko
49026e27e8 Redesign the landing page, mount public timeline on it (#4122)
* Redesign the landing page, mount public timeline on it

* Adjust the standalone mounted component to the lacking of router

* Adjust auth layout pages to new design

* Fix tests

* Standalone public timeline polling every 5 seconds

* Remove now obsolete translations

* Add responsive design for new landing page

* Address reviews

* Add floating clouds behind frontpage form

* Use access token from public page when available

* Fix mentions and hashtags links, cursor on status content in standalone mode

* Add footer link to source code

* Fix errors on pages that don't embed the component, use classnames

* Fix tests

* Change anonymous autoPlayGif default to false

* When gif autoplay is disabled, hover to play

* Add option to hide the timeline preview

* Slightly improve alt layout

* Add elephant friend to new frontpage

* Display "back to mastodon" in place of "login" when logged in on frontpage

* Change polling time to 3s
2017-07-11 15:27:59 +02:00
yhirano
cf1f65bf58 Added haml-lint and fix warnings (#2773)
* add haml_lint to Gemfile

* add .haml-lint.yml

* fix warnings of haml_lint
2017-05-08 03:35:25 +02:00
Eugen Rochko
0e956910c3 Adding some localizations 2016-11-15 23:02:57 +01:00
Eugen Rochko
be2b3eb241 Fix #136: Add aria-labels 2016-11-03 19:19:39 +01:00
Eugen Rochko
be98addccc Improving all forms 2016-10-18 16:37:15 +02:00
Eugen Rochko
32b6dc088e Add window titles to auth pages and about page, link sign up/login from about page 2016-10-14 01:03:12 +02:00
Eugen Rochko
6045b6cb18 Customizing devise views and controllers 2016-03-05 22:43:05 +01:00