From 26af284353bf5275bc8f3c2cae56a7354fde69fb Mon Sep 17 00:00:00 2001
From: Eliseu Amaro <mail@eliseuama.ro>
Date: Wed, 15 Sep 2021 00:25:16 +0100
Subject: [PATCH] [CONTROLLER][SECURITY] Registration feedback. The flashError
 works. However, Symfony's Exception error page is viewed upon trying to
 register.

---
 src/Controller/Security.php               | 36 ++++++++-
 templates/security/login.html.twig        | 92 ++++++++++++-----------
 templates/security/register.html.twig     | 46 ++++++------
 templates/sidepanel/right/right.html.twig | 20 ++---
 4 files changed, 116 insertions(+), 78 deletions(-)

diff --git a/src/Controller/Security.php b/src/Controller/Security.php
index f2e130497e..092f062138 100644
--- a/src/Controller/Security.php
+++ b/src/Controller/Security.php
@@ -5,6 +5,13 @@ namespace App\Controller;
 use App\Core\Controller;
 use App\Core\DB\DB;
 use App\Core\Form;
+use App\Util\Exception\DuplicateFoundException;
+use App\Util\Exception\NicknameEmptyException;
+use App\Util\Exception\NicknameReservedException;
+use App\Util\Exception\NicknameTooLongException;
+use App\Util\Exception\NicknameTooShortException;
+use App\Util\Exception\NotImplementedException;
+use Symfony\Component\HttpFoundation\Response;
 use function App\Core\I18n\_m;
 use App\Core\Log;
 use App\Core\VisibilityScope;
@@ -62,13 +69,29 @@ class Security extends Controller
         throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
     }
 
+
     /**
+     *
      * Register a user, making sure the nickname is not reserved and
      * possibly sending a confirmation email
+     *
+     * @param Request $request
+     * @param GuardAuthenticatorHandler $guard_handler
+     * @param Authenticator $authenticator
+     * @return array|Response|null
+     * @throws EmailTakenException
+     * @throws NicknameTakenException
+     * @throws ServerException
+     * @throws DuplicateFoundException
+     * @throws NicknameEmptyException
+     * @throws NicknameReservedException
+     * @throws NicknameTooLongException
+     * @throws NicknameTooShortException
+     * @throws NotImplementedException
      */
-    public function register(Request $request,
+    public function register(Request                   $request,
                              GuardAuthenticatorHandler $guard_handler,
-                             Authenticator $authenticator)
+                             Authenticator             $authenticator)
     {
         $form = Form::create([
             ['nickname', TextType::class, [
@@ -84,6 +107,7 @@ class Security extends Controller
                 ],
                 'block_name' => 'nickname',
                 'label_attr' => ['class' => 'section-form-label'],
+                'invalid_message' => _m('Nickname not valid. Please provide a valid nickname.'),
             ]],
             ['email', EmailType::class, [
                 'label'       => _m('Email'),
@@ -91,6 +115,7 @@ class Security extends Controller
                 'constraints' => [ new NotBlank(['message' => _m('Please enter an email') ])],
                 'block_name'  => 'email',
                 'label_attr'  => ['class' => 'section-form-label'],
+                'invalid_message' => _m('Email not valid. Please provide a valid email.'),
             ]],
             FormFields::repeated_password(),
             ['register', SubmitType::class, ['label' => _m('Register')]],
@@ -105,10 +130,15 @@ class Security extends Controller
             // This will throw the appropriate errors, result ignored
             $user = LocalUser::findByNicknameOrEmail($data['nickname'], $data['email']);
             if ($user !== null) {
+
                 // If we do find something, there's a duplicate
-                if ($user->getNickname() == $data['nickname']) {
+                if ($user->getNickname() === $data['nickname']) {
+                    // Register page feedback on nickname already in use
+                    $this->addFlash("verify_nickname_error", _m('Nickname is already in use on this server.'));
                     throw new NicknameTakenException;
                 } else {
+                    // Register page feedback on email already in use
+                    $this->addFlash("verify_email_error", _m('Email is already taken.'));
                     throw new EmailTakenException;
                 }
             }
diff --git a/templates/security/login.html.twig b/templates/security/login.html.twig
index 9279630823..d5091dc0c3 100644
--- a/templates/security/login.html.twig
+++ b/templates/security/login.html.twig
@@ -8,54 +8,58 @@
 {% block title %}{{ "Log in!" | trans }}{% endblock %}
 
 {% block body %}
-    <div class='content'>
-        <section class="section-widget">
-            <form class="section-form" method="post">
-                <fieldset>
-                    <legend class="section-form-legend"><h1>{{ "Login" | trans }}</h1></legend>
+    <section class="section-widget">
+        <form class="section-form" method="post">
+            <fieldset>
+                <legend class="section-form-legend">{{ "Login" | trans }}</legend>
 
-                    {% if error %}
-                        <ul>
-                            {% for flashError in app.flashes('verify_email_error') %}
-                                <li class="alert alert-danger">{{ error.messageKey | trans(error.messageData, 'security') }}</li>
-                            {% endfor %}
-                        </ul>
-                    {% endif %}
+                {% if error %}
 
-                    {% if app.user %}
-                        <h1 class="mb-3">
-                            {{ "You are logged in as" | trans }} {{ app.user.username }}.
-                            <button class="btn btn-lg btn-primary">
-                                <a href="{{ path('app_logout') }}">{{ "Logout" | trans }}</a>
-                            </button>
-                        </h1>
-                    {% else %}
-                        {# TODO: Login can be done with email, so the id's and stuff should reflect that, along with using the translation facilities #}
-                        <div>
-                            <label class="section-form-label" for="inputNickname">{{ "Nickname or Email" | trans }}</label>
-                            <input type="text" value="{{ last_login_id }}" name="nickname" id="inputNickname" class="form-control" required autofocus>
-                            <p class="help-text">{{ "Your nickname." | trans }}</p>
-                        </div>
-                        <div>
-                            <label class="section-form-label" for="inputPassword">{{ "Password" | trans }}</label>
-                            <input type="password" name="password" id="inputPassword" class="form-control" required>
-                            <p class="help-text">{{ "Your account's password." | trans }}</p>
-                        </div>
+                    <ul>
+                        {% for flashError in app.flashes('verify_email_error') %}
+                            <li class="alert alert-danger">{{ error.messageKey | trans(error.messageData, 'security') }}</li>
+                        {% endfor %}
+                    </ul>
 
-                        <span class="checkbox mb-3">
-                            <label>{{ "Remember me" | trans }}</label>
-                            <input type="checkbox" name="_remember_me">
-                        </span>
+                {% endif %}
 
-                        <div>
-                            <button class="btn btn-lg btn-primary" type="submit">Sign in</button>
-                        </div>
-                        <input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
-                    {% endif %}
-                </fieldset>
-            </form>
-        </section>
-    </div>
+                {% if app.user %}
+
+                    <h1 class="mb-3">
+                        {{ "You are logged in as" | trans }} {{ app.user.username }}.
+                        <button class="btn btn-lg btn-primary">
+                            <a href="{{ path('app_logout') }}">{{ "Logout" | trans }}</a>
+                        </button>
+                    </h1>
+
+                {% else %}
+
+                    {# TODO: Login can be done with email, so the id's and stuff should reflect that, along with using the translation facilities #}
+                    <div class="form-group">
+                        <label class="section-form-label" for="inputNickname">{{ "Nickname or Email" | trans }}</label>
+                        <input type="text" value="{{ last_login_id }}" name="nickname" id="inputNickname" class="form-control" required autofocus>
+                        <p class="help-text">{{ "Your nickname." | trans }}</p>
+                    </div>
+                    <div class="form-group">
+                        <label class="section-form-label" for="inputPassword">{{ "Password" | trans }}</label>
+                        <input type="password" name="password" id="inputPassword" class="form-control" required>
+                        <p class="help-text">{{ "Your account's password." | trans }}</p>
+                    </div>
+
+                    <span class="checkbox mb-3">
+                        <input type="checkbox" name="_remember_me">
+                        <label>{{ "Remember me" | trans }}</label>
+                    </span>
+
+                    <div>
+                        <button class="btn btn-lg btn-primary" type="submit">Sign in</button>
+                    </div>
+                    <input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
+
+                {% endif %}
+            </fieldset>
+        </form>
+    </section>
 {% endblock body %}
 
 {% block javascripts %}{% endblock %}
diff --git a/templates/security/register.html.twig b/templates/security/register.html.twig
index d820971492..c81c9951cd 100644
--- a/templates/security/register.html.twig
+++ b/templates/security/register.html.twig
@@ -8,29 +8,31 @@
 {% block title %}Register{% endblock %}
 
 {% block body %}
-    <div class='content'>
-        <div class="section-container">
-            <section class="section-widget">
-                {{ form_start(registration_form) }}
-                <fieldset class="section-form">
-                    <legend class="section-form-legend">
-                        <h1>{{ "Register a new account" | trans }}</h1>
-                    </legend>
-                    <ul>
-                        {% for flashError in app.flashes('verify_email_error') %}
-                            <li class="alert alert-danger" role="alert">{{ flashError }}</li>
-                        {% endfor %}
-                    </ul>
-                    {{ form_row(registration_form.nickname) }}
-                    {{ form_row(registration_form.email) }}
-                    {{ form_row(registration_form.password) }}
-                    {{ form_row(registration_form.register) }}
-                </fieldset>
-                {{ form_end(registration_form) }}
-            </section>
-        </div>
+    <section class="section-widget">
 
-    </div>
+        <form class="section-form" method="post">
+            {{ form_start(registration_form) }}
+            <fieldset>
+                <legend class="section-form-legend">{{ "Register" | trans }}</legend>
+
+                <ul>
+                    {% for flashError in app.flashes('verify_email_error') %}
+                        <li class="alert alert-danger" role="alert">{{ flashError }}</li>
+                    {% endfor %}
+                    {% for flashError in app.flashes('verify_nickname_error') %}
+                        <li class="alert alert-danger" role="alert">{{ flashError }}</li>
+                    {% endfor %}
+                </ul>
+
+                {{ form_row(registration_form.nickname) }}
+                {{ form_row(registration_form.email) }}
+                {{ form_row(registration_form.password) }}
+                {{ form_row(registration_form.register) }}
+            </fieldset>
+            {{ form_end(registration_form) }}
+        </form>
+
+    </section>
 {% endblock body %}
 
 {% block javascripts %}{% endblock %}
diff --git a/templates/sidepanel/right/right.html.twig b/templates/sidepanel/right/right.html.twig
index e564cf2b07..a050a01705 100644
--- a/templates/sidepanel/right/right.html.twig
+++ b/templates/sidepanel/right/right.html.twig
@@ -18,21 +18,23 @@
                 </details>
 
                 <div class="section-form">
-                    {{ form_start(post_form) }}
+                    <fieldset>
+                        {{ form_start(post_form) }}
 
-                    {{ form_row(post_form.to, {'attr': {'class': 'section-form-scope'}}) }}
+                        {{ form_row(post_form.to, {'attr': {'class': 'section-form-scope'}}) }}
 
-                    {{ form_row(post_form.visibility, {'attr': {'class': 'section-form-scope'}}) }}
+                        {{ form_row(post_form.visibility, {'attr': {'class': 'section-form-scope'}}) }}
 
-                    {{ form_row(post_form.content, {'attr': {'class': 'section-form-textarea'}}) }}
+                        {{ form_row(post_form.content, {'attr': {'class': 'section-form-textarea'}}) }}
 
-                    <label for="{{ post_form.attachments.vars.id }}" class="section-form-options">
-                        {{ form_widget(post_form.attachments) }}
-                    </label>
+                        <label for="{{ post_form.attachments.vars.id }}" class="section-form-options">
+                            {{ form_widget(post_form.attachments) }}
+                        </label>
 
-                    {{ form_row(post_form.post_note, {'attr': {'class': 'section-form-send'}}) }}
+                        {{ form_row(post_form.post_note, {'attr': {'class': 'section-form-send'}}) }}
 
-                    {{ form_end(post_form) }}
+                        {{ form_end(post_form) }}
+                    </fieldset>
                 </div>
             </section>
         {% endif %}