aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFrédéric Buclin <LpSolit@netscape.net>2017-02-22 17:48:52 +0100
committerNicolas Lécureuil <neoclust@mageia.org>2017-02-22 18:05:11 +0100
commit4a9a13c055e5f47f627ebc30134e14107d05b867 (patch)
tree4edcc4fba59127b1ba59248a7759ce2a784c772f
parent64c7f1b0b83ca4e5f802e576d387c688e95c0ffd (diff)
downloadidentity-4a9a13c055e5f47f627ebc30134e14107d05b867.tar
identity-4a9a13c055e5f47f627ebc30134e14107d05b867.tar.gz
identity-4a9a13c055e5f47f627ebc30134e14107d05b867.tar.bz2
identity-4a9a13c055e5f47f627ebc30134e14107d05b867.tar.xz
identity-4a9a13c055e5f47f627ebc30134e14107d05b867.zip
Add an email domain blacklist
-rw-r--r--catdap.yml12
-rw-r--r--lib/CatDap/Controller/register.pm19
2 files changed, 24 insertions, 7 deletions
diff --git a/catdap.yml b/catdap.yml
index ba1c46f..d0df579 100644
--- a/catdap.yml
+++ b/catdap.yml
@@ -33,8 +33,18 @@ Model::User:
register:
login_regex: ^[a-z][a-z0-9]*$
- login_blacklist:
+ login_username_blacklist:
- apache
+ login_domain_blacklist:
+ - armyspy.com
+ - codehot.co.uk
+ - dayrep.com
+ - guerillamail.com
+ - jourrapide.com
+ - rhyta.com
+ - wowring.ru
+ - yopmail.com
+ - zasod.com
forgot_password:
secret:
diff --git a/lib/CatDap/Controller/register.pm b/lib/CatDap/Controller/register.pm
index 2ef3fce..f33130a 100644
--- a/lib/CatDap/Controller/register.pm
+++ b/lib/CatDap/Controller/register.pm
@@ -44,28 +44,35 @@ sub check : Local {
push @errors, $c->loc('Invalid username');
}
my $email = $c->request->params->{mail1};
- if (! Email::Valid->address($email)) {
+ my $email_obj;
+ # This method sanitizes the email address.
+ ($email, $email_obj) = Email::Valid->address($email);
+ if (!$email) {
push @errors, $c->loc('Invalid email address');
}
- if ($email ne $c->request->params->{mail2}) {
+ elsif ($email ne $c->request->params->{mail2}) {
push @errors, $c->loc('Addresses do not match');
}
- if (! $c->validate_captcha($c->req->param('validate'))){
+
+ if (!$c->validate_captcha($c->req->param('validate'))) {
push @errors, $c->loc('Incorrect validation text, please try again');
}
- if ( ! open( my $etcpasswd, "/etc/passwd")) {
+ if (!open(my $etcpasswd, '<', '/etc/passwd')) {
push @errors, $c->loc('Cannot check /etc/passwd, please warn system administrators');
} else {
- if ( grep { /^$username:/ } <$etcpasswd> ) {
+ if (grep { /^$username:/ } <$etcpasswd>) {
push @errors, $c->loc('Invalid username, already used by system');
}
close($etcpasswd);
}
- if ( grep /^$username$/, @{${$c->config}{'register'}{'login_blacklist'}}) {
+ if (grep { /^$username$/ } @{${$c->config}{'register'}{'login_username_blacklist'}}) {
push @errors, $c->loc('Username is not authorized to be used');
}
+ if ($email_obj and grep { $email_obj->host =~ /^\Q$_\E$/i } @{${$c->config}{'register'}{'login_domain_blacklist'}}) {
+ push @errors, $c->loc('Email domain is not authorized to be used');
+ }
if ($c->request->params->{gn} !~ /^[\p{IsAlnum}'\- ]+$/) {
push @errors, $c->loc(