feat: disallow login with email address

2 files changed, 19 insertions, 0 deletions

diff --git a/backend/auth/auth.go b/backend/auth/auth.go
index 3ede326..4224675 100644
--- a/backend/auth/auth.go
+++ b/backend/auth/auth.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"strings"
 	"time"
 
 	"github.com/jackc/pgx/v5"
@@ -17,6 +18,7 @@ var (
 	ErrInvalidRegistrationToken = errors.New("invalid registration token")
 	ErrNoRegistrationToken      = errors.New("no registration token")
 	ErrForteeLoginTimeout       = errors.New("fortee login timeout")
+	ErrForteeEmailUsed          = errors.New("fortee email used")
 )
 
 const (
@@ -103,6 +105,11 @@ func verifyRegistrationToken(ctx context.Context, queries *db.Queries, registrat
 }
 
 func verifyForteeAccount(ctx context.Context, username string, password string) error {
+	// fortee API allows login with email address, but this system disallows it.
+	if strings.Contains(username, "@") {
+		return ErrForteeEmailUsed
+	}
+
 	ctx, cancel := context.WithTimeout(ctx, forteeAPITimeout)
 	defer cancel()
 
diff --git a/frontend/app/routes/login.tsx b/frontend/app/routes/login.tsx
index b1249e0..6d76e84 100644
--- a/frontend/app/routes/login.tsx
+++ b/frontend/app/routes/login.tsx
@@ -35,6 +35,18 @@ export async function action({ request }: ActionFunctionArgs) {
 			{ status: 400 },
 		);
 	}
+	if (username.includes("@")) {
+		return json(
+			{
+				message: "ユーザー名が誤っています",
+				errors: {
+					username: "メールアドレスではなくユーザー名を入力してください",
+					password: undefined,
+				},
+			},
+			{ status: 400 },
+		);
+	}
 
 	try {
 		await login(request);