feat: disallow login with email address

author: nsfisis <nsfisis@gmail.com> 2024-08-13 21:12:17 +0900
committer: nsfisis <nsfisis@gmail.com> 2024-08-13 21:12:30 +0900
commit: fdfd372feb039b5dee16c40aa49e50aeaf685809 (patch)
tree: c8c9267eb1e11afd8e48885b4b7b30f9a53b78b0
parent: 5a4de49ea8a3f06568fed7863b5085750b94a149 (diff)
download: iosdc-japan-2024-albatross-fdfd372feb039b5dee16c40aa49e50aeaf685809.tar.gz
iosdc-japan-2024-albatross-fdfd372feb039b5dee16c40aa49e50aeaf685809.tar.zst
iosdc-japan-2024-albatross-fdfd372feb039b5dee16c40aa49e50aeaf685809.zip
2 files changed, 19 insertions, 0 deletions
diff --git a/backend/auth/auth.go b/backend/auth/auth.go
index 3ede326..4224675 100644
--- a/backend/auth/auth.go
+++ b/backend/auth/auth.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"strings"
 	"time"
 
 	"github.com/jackc/pgx/v5"
@@ -17,6 +18,7 @@ var (
 	ErrInvalidRegistrationToken = errors.New("invalid registration token")
 	ErrNoRegistrationToken      = errors.New("no registration token")
 	ErrForteeLoginTimeout       = errors.New("fortee login timeout")
+	ErrForteeEmailUsed          = errors.New("fortee email used")
 )
 
 const (
@@ -103,6 +105,11 @@ func verifyRegistrationToken(ctx context.Context, queries *db.Queries, registrat
 }
 
 func verifyForteeAccount(ctx context.Context, username string, password string) error {
+	// fortee API allows login with email address, but this system disallows it.
+	if strings.Contains(username, "@") {
+		return ErrForteeEmailUsed
+	}
+
 	ctx, cancel := context.WithTimeout(ctx, forteeAPITimeout)
 	defer cancel()
 
diff --git a/frontend/app/routes/login.tsx b/frontend/app/routes/login.tsx
index b1249e0..6d76e84 100644
--- a/frontend/app/routes/login.tsx
+++ b/frontend/app/routes/login.tsx
@@ -35,6 +35,18 @@ export async function action({ request }: ActionFunctionArgs) {
 			{ status: 400 },
 		);
 	}
+	if (username.includes("@")) {
+		return json(
+			{
+				message: "ユーザー名が誤っています",
+				errors: {
+					username: "メールアドレスではなくユーザー名を入力してください",
+					password: undefined,
+				},
+			},
+			{ status: 400 },
+		);
+	}
 
 	try {
 		await login(request);
author	nsfisis <nsfisis@gmail.com>	2024-08-13 21:12:17 +0900
committer	nsfisis <nsfisis@gmail.com>	2024-08-13 21:12:30 +0900
commit	fdfd372feb039b5dee16c40aa49e50aeaf685809 (patch)
tree	c8c9267eb1e11afd8e48885b4b7b30f9a53b78b0
parent	5a4de49ea8a3f06568fed7863b5085750b94a149 (diff)
download	iosdc-japan-2024-albatross-fdfd372feb039b5dee16c40aa49e50aeaf685809.tar.gz iosdc-japan-2024-albatross-fdfd372feb039b5dee16c40aa49e50aeaf685809.tar.zst iosdc-japan-2024-albatross-fdfd372feb039b5dee16c40aa49e50aeaf685809.zip