Skip to content

Commit

Permalink
Display non-field errors
Browse files Browse the repository at this point in the history 
- Updated the templates for the login, signup, and password reset pages to include non-field errors.
- Escaped error messages to prevent potential security vulnerabilities.
  • Loading branch information
@erfanghorbanee
erfanghorbanee committed Sep 4, 2024
1 parent d665978 commit 85edac1
Show file tree
Hide file tree
Showing 4 changed files with 39 additions and 9 deletions.
11 changes: 9 additions & 2 deletions Django-Shop/templates/account/login.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,13 @@
<div class="login-form-container">
<h1 class="mb-4 text-center">Sign in</h1>

<!-- Display non-field errors -->
{% for error in form.non_field_errors %}
<div class="text-danger">
<p>{{ error|escape }}</p>
</div>
{% endfor %}

{% if not SOCIALACCOUNT_ONLY %}
<form method="post" action="{% url 'account_login' %}" class="login-form">
{% csrf_token %}
Expand All @@ -35,7 +42,7 @@ <h1 class="mb-4 text-center">Sign in</h1>
{% if form.login.errors %}
<div class="text-danger">
{% for error in form.login.errors %}
<p>{{ error }}</p>
<p>{{ error|escape }}</p>
{% endfor %}
</div>
{% endif %}
Expand All @@ -46,7 +53,7 @@ <h1 class="mb-4 text-center">Sign in</h1>
{% if form.password.errors %}
<div class="text-danger">
{% for error in form.password.errors %}
<p>{{ error }}</p>
<p>{{ error|escape }}</p>
{% endfor %}
</div>
{% endif %}
Expand Down
10 changes: 9 additions & 1 deletion Django-Shop/templates/account/password_reset.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,14 @@
<div class="col-md-6 d-flex align-items-center justify-content-center">
<div class="reset-password-form-container">
<h1 class="mb-4">Password Reset</h1>

<!-- Display non-field errors -->
{% for error in form.non_field_errors %}
<div class="text-danger">
<p>{{ error|escape }}</p>
</div>
{% endfor %}

{% if user.is_authenticated %}
<div class="alert alert-info">
You are already logged in. If you need to reset your password, please log out first.
Expand All @@ -41,7 +49,7 @@ <h1 class="mb-4">Password Reset</h1>
{% if form.email.errors %}
<div class="text-danger">
{% for error in form.email.errors %}
<p>{{ error }}</p>
<p>{{ error|escape }}</p>
{% endfor %}
</div>
{% endif %}
Expand Down
12 changes: 10 additions & 2 deletions Django-Shop/templates/account/password_reset_from_key.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,14 @@ <h1 class="mb-4">
Change Password
{% endif %}
</h1>

<!-- Display non-field errors -->
{% for error in form.non_field_errors %}
<div class="text-danger">
<p>{{ error|escape }}</p>
</div>
{% endfor %}

{% if token_fail %}
{% url 'account_reset_password' as passwd_reset_url %}
<p class="mb-4">
Expand All @@ -47,7 +55,7 @@ <h1 class="mb-4">
{% if form.password1.errors %}
<div class="text-danger">
{% for error in form.password1.errors %}
<p>{{ error }}</p>
<p>{{ error|escape }}</p>
{% endfor %}
</div>
{% endif %}
Expand All @@ -58,7 +66,7 @@ <h1 class="mb-4">
{% if form.password2.errors %}
<div class="text-danger">
{% for error in form.password2.errors %}
<p>{{ error }}</p>
<p>{{ error|escape }}</p>
{% endfor %}
</div>
{% endif %}
Expand Down
15 changes: 11 additions & 4 deletions Django-Shop/templates/account/signup.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,13 @@
<div class="signup-form-container">
<h1 class="mb-4 text-center">Sign up</h1>

<!-- Display non-field errors -->
{% for error in form.non_field_errors %}
<div class="text-danger">
<p>{{ error|escape }}</p>
</div>
{% endfor %}

{% if not SOCIALACCOUNT_ONLY %}
<form method="post" action="{% url 'account_signup' %}" class="signup-form">
{% csrf_token %}
Expand All @@ -36,7 +43,7 @@ <h1 class="mb-4 text-center">Sign up</h1>
{% if form.email.errors %}
<div class="text-danger">
{% for error in form.email.errors %}
<p>{{ error }}</p>
<p>{{ error|escape }}</p>
{% endfor %}
</div>
{% endif %}
Expand All @@ -51,7 +58,7 @@ <h1 class="mb-4 text-center">Sign up</h1>
{% if form.phone.errors %}
<div class="text-danger">
{% for error in form.phone.errors %}
<p>{{ error }}</p>
<p>{{ error|escape }}</p>
{% endfor %}
</div>
{% endif %}
Expand All @@ -64,7 +71,7 @@ <h1 class="mb-4 text-center">Sign up</h1>
{% if form.password1.errors %}
<div class="text-danger">
{% for error in form.password1.errors %}
<p>{{ error }}</p>
<p>{{ error|escape }}</p>
{% endfor %}
</div>
{% endif %}
Expand All @@ -77,7 +84,7 @@ <h1 class="mb-4 text-center">Sign up</h1>
{% if form.password2.errors %}
<div class="text-danger">
{% for error in form.password2.errors %}
<p>{{ error }}</p>
<p>{{ error|escape }}</p>
{% endfor %}
</div>
{% endif %}
Expand Down

0 comments on commit 85edac1

Please sign in to comment.