zydronium/neocities
1
0
Fork 0
mirror of https://github.com/neocities/neocities.git synced 2025-04-24 17:22:35 +02:00
Code Issues Projects Releases Packages Wiki Activity

code input validation, lockout after 3 attempts

Browse source
This commit is contained in:
Kyle Drake 2023-11-10 13:30:05 -06:00
parent 40e848e2c0
commit 7f05c2c9dc
3 changed files with 41 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
app/create.rb
View file

@ -98,7 +98,20 @@ post '/create' do
end end
@site.email_confirmed = true if self.class.development? @site.email_confirmed = true if self.class.development?
#@site.phone_confirmed = true if self.class.development? @site.phone_confirmed = true if self.class.development?
begin
@site.phone_verification_required = true if self.class.production? && BlackBox.phone_verification_required?(site)
rescue => e
EmailWorker.perform_async({
from: 'web@neocities.org',
to: 'errors@neocities.org',
subject: "[Neocities Error] Phone verification exception",
body: "#{e.inspect}\n#{e.backtrace}",
no_footer: true
})
end
@site.save @site.save
unless education_whitelisted? unless education_whitelisted?

7
app/site.rb
View file

@ -329,6 +329,13 @@ post '/site/:username/confirm_phone' do
end end
current_site.phone_verification_sent_at = Time.now current_site.phone_verification_sent_at = Time.now
current_site.phone_verification_attempts += 1
if current_site.phone_verification_attempts > Site::PHONE_VERIFICATION_LOCKOUT_ATTEMPTS
flash[:error] = 'You have exceeded the number of phone verification attempts allowed.'
redirect "/site/#{current_site.username}/confirm_phone"
end
current_site.save_changes validate: false current_site.save_changes validate: false
verification = $twilio.verify verification = $twilio.verify

23
views/site/confirm_phone.erb
View file

@ -26,10 +26,27 @@
<% if current_site.phone_verification_sid %> <% if current_site.phone_verification_sid %>
<fieldset> <fieldset>
<label for="token">Enter the code:<br></label> <label for="token">Enter the 6 digit code:<br></label>
<input name="code" type="text" class="input-Area" autofill="off" autocapitalize="off" autocorrect="off" value="<%= flash[:code] %>" style="width: 100px" maxlength=6> <input id="code" name="code" type="text" class="input-Area" autofill="off" autocapitalize="off" autocorrect="off" value="<%= flash[:code] %>" style="width: 100px" maxlength=6>
</fieldset> </fieldset>
<input class="btn-Action" type="submit" value="Verify Code"> <input id="submitButton" class="btn-Action" type="submit" value="Verify Code" style="display: none" autocomplete="off">
<script>
document.getElementById('code').addEventListener('input', function(e) {
var inputVal = e.target.value;
var submitButton = document.getElementById('submitButton');
// Check if there are exactly 6 digits in the input
var isValid = /^\d{6}$/.test(inputVal);
if(isValid) {
submitButton.style = 'display: inline-block';
} else {
submitButton.style = 'display: none';
}
});
</script>
<% else %> <% else %>
<fieldset> <fieldset>