49eb4d4ddf
* Add honeypot fields to limit non-specialized spam Add two honeypot fields: a fake website input and a fake password confirmation one. The label/placeholder/aria-label tells not to fill them, and they are hidden in CSS, so legitimate users should not fall into these. This should cut down on some non-Mastodon-specific spambots. * Require a 3 seconds delay before submitting the registration form * Fix tests * Move registration form time check to model validation * Give people a chance to clear the honeypot fields * Refactor honeypot translation strings Co-authored-by: Claire <claire.github-309c@sitedethib.com>
45 lines
3.0 KiB
Plaintext
45 lines
3.0 KiB
Plaintext
- content_for :page_title do
|
|
= t('auth.register')
|
|
|
|
- content_for :header_tags do
|
|
= render partial: 'shared/og', locals: { description: description_for_sign_up }
|
|
|
|
= simple_form_for(resource, as: resource_name, url: registration_path(resource_name), html: { novalidate: false }) do |f|
|
|
= render 'shared/error_messages', object: resource
|
|
|
|
- if @invite.present? && @invite.autofollow?
|
|
.fields-group.invited-by
|
|
%p.hint= t('invites.invited_by')
|
|
= render 'application/card', account: @invite.user.account
|
|
|
|
= f.simple_fields_for :account do |ff|
|
|
.fields-group
|
|
= ff.input :username, wrapper: :with_label, autofocus: true, label: t('simple_form.labels.defaults.username'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.username'), :autocomplete => 'off', pattern: '[a-zA-Z0-9_]+', maxlength: 30 }, append: "@#{site_hostname}", hint: t('simple_form.hints.defaults.username', domain: site_hostname)
|
|
|
|
.fields-group
|
|
= f.input :email, wrapper: :with_label, label: t('simple_form.labels.defaults.email'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.email'), :autocomplete => 'off' }
|
|
|
|
.fields-group
|
|
= f.input :password, wrapper: :with_label, label: t('simple_form.labels.defaults.password'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.password'), :autocomplete => 'off', :minlength => User.password_length.first, :maxlength => User.password_length.last }
|
|
|
|
.fields-group
|
|
= f.input :password_confirmation, wrapper: :with_label, label: t('simple_form.labels.defaults.confirm_password'), required: true, input_html: { 'aria-label' => t('simple_form.labels.defaults.confirm_password'), :autocomplete => 'off' }
|
|
= f.input :confirm_password, as: :string, wrapper: :with_label, label: t('simple_form.labels.defaults.honeypot', label: t('simple_form.labels.defaults.password')), required: false, input_html: { 'aria-label' => t('simple_form.labels.defaults.honeypot', label: t('simple_form.labels.defaults.password')), :autocomplete => 'off' }
|
|
|
|
= f.input :website, as: :url, wrapper: :with_label, label: t('simple_form.labels.defaults.honeypot', label: 'Website'), required: false, input_html: { 'aria-label' => t('simple_form.labels.defaults.honeypot', label: 'Website'), :autocomplete => 'off' }
|
|
|
|
- if approved_registrations? && !@invite.present?
|
|
.fields-group
|
|
= f.simple_fields_for :invite_request, resource.invite_request || resource.build_invite_request do |invite_request_fields|
|
|
= invite_request_fields.input :text, as: :text, wrapper: :with_block_label, required: false
|
|
|
|
= f.input :invite_code, as: :hidden
|
|
|
|
.fields-group
|
|
= f.input :agreement, as: :boolean, wrapper: :with_label, label: whitelist_mode? ? t('auth.checkbox_agreement_without_rules_html', terms_path: terms_path) : t('auth.checkbox_agreement_html', rules_path: about_more_path, terms_path: terms_path), required: true
|
|
|
|
.actions
|
|
= f.button :button, @invite.present? ? t('auth.register') : sign_up_message, type: :submit
|
|
|
|
.form-footer= render 'auth/shared/links'
|