Strip leading and trailing whitespace for email authentication

[rails.git] / app / models / user.rb

diff --git a/app/models/user.rb b/app/models/user.rb
index b3325e4eb55617025fc5a380afeb44f192e17d24..25947a96f66082875830c5f0c946415e11902367 100644 (file)
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -88,22 +88,14 @@ class User < ActiveRecord::Base
                     :default_url => "/assets/:class/:attachment/:style.png",
                     :styles => { :large => "100x100>", :small => "50x50>" }
 
-  INVALID_CHARS = "/;.,?%#"
-
-  validates :display_name, :presence => true, :allow_nil => true, :length => 3..255,
+  validates :display_name, :presence => true, :length => 3..255,
                            :exclusion => %w[new terms save confirm confirm-email go_public reset-password forgot-password suspended]
   validates :display_name, :if => proc { |u| u.display_name_changed? },
                            :uniqueness => { :case_sensitive => false }
   validates :display_name, :if => proc { |u| u.display_name_changed? },
-                           :format => { :with => %r{\A[^\x00-\x1f\x7f\ufffe\uffff]*\z} }
-  validates :display_name, :if => proc { |u| u.display_name_changed? },
-                           :format => { :with => %r{\A[^#{INVALID_CHARS}]*\z},
-                                        :message => I18n.t("users.account.invalid chars", invalid_chars: INVALID_CHARS) }
-  validates :display_name, :if => proc { |u| u.display_name_changed? },
-                           :format => { :with => /\A\S/, :message => I18n.t("users.account.leading whitespace") }
-  validates :display_name, :if => proc { |u| u.display_name_changed? },
-                           :format => { :with => /\S\z/, :message => I18n.t("users.account.trailing whitespace") }
-  validates :email, :presence => true, :confirmation => true
+                           :characters => { :url_safe => true },
+                           :whitespace => { :leading => false, :trailing => false }
+  validates :email, :presence => true, :confirmation => true, :characters => true
   validates :email, :if => proc { |u| u.email_changed? },
                     :uniqueness => { :case_sensitive => false }
   validates :pass_crypt, :confirmation => true, :length => 8..255
@@ -130,10 +122,10 @@ class User < ActiveRecord::Base
 
   def self.authenticate(options)
     if options[:username] && options[:password]
-      user = find_by("email = ? OR display_name = ?", options[:username], options[:username])
+      user = find_by("email = ? OR display_name = ?", options[:username].strip, options[:username])
 
       if user.nil?
-        users = where("LOWER(email) = LOWER(?) OR LOWER(display_name) = LOWER(?)", options[:username], options[:username])
+        users = where("LOWER(email) = LOWER(?) OR LOWER(display_name) = LOWER(?)", options[:username].strip, options[:username])
 
         user = users.first if users.count == 1
       end