fixup! merge signup and google signup handling with username support

src/Controller/LoginController.php

@@ -90,7 +90,7 @@ class LoginController
         return new HtmlContent('login/signup', $data);
     }
 
-    public function getSignupSuccess(): IContent
+    public function getSignupSuccess()
     {
         if (\Container::$request->user() !== null) {
             $this->deleteRedirectUrl();
@@ -271,6 +271,8 @@ class LoginController
             return new JsonContent(['redirect' => ['target' => $this->redirectUrl]]);
         }
 
+        $newUser = new User();
+
         $googleUserData = \Container::$request->session()->get('google_user_data');
         if ($googleUserData !== null) {
             $user = $this->userRepository->getByEmail($googleUserData['email']);
@@ -285,9 +287,9 @@ class LoginController
                 ]);
             }
 
-            $active = true;
-            $email = $googleUserData['email'];
-            $googleSub = $googleUserData['sub'];
+            $newUser->setActive(true);
+            $newUser->setEmail($googleUserData['email']);
+            $newUser->setGoogleSub($googleUserData['sub']);
         } else {
             $user = $this->userRepository->getByEmailOrUsername(\Container::$request->post('email'));
 
@@ -357,36 +359,35 @@ class LoginController
                 }
             }
 
-            $active = false;
-            $email = \Container::$request->post('email');
-            $googleSub = null;
+            $newUser->setActive(false);
+            $newUser->setEmail(\Container::$request->post('email'));
+            $newUser->setPlainPassword(\Container::$request->post('password'));
         }
 
-        $user = new User();
-        $user->setActive($active);
-        $user->setEmail($email);
-        $user->setUsername(strlen(\Container::$request->post('username')) > 0 ? \Container::$request->post('username') : Factory::create()->userName);
-        $user->setPlainPassword(\Container::$request->post('password'));
-        $user->setGoogleSub($googleSub);
-        $user->setCreatedDate(new DateTime());
+        if (strlen(\Container::$request->post('username')) > 0 && preg_match('/^[a-zA-Z0-9_\-\.]+$/', \Container::$request->post('username')) !== 1) {
+            return new JsonContent(['error' => ['errorText' => 'Username can contain only english letters, digits, - (hyphen), . (dot), _ (underscore).']]);
+        }
 
-        \Container::$persistentDataManager->saveToDb($user);
+        $newUser->setUsername(strlen(\Container::$request->post('username')) > 0 ? \Container::$request->post('username') : Factory::create()->userName);
+        $newUser->setCreatedDate(new DateTime());
 
-        if ($active) {
-            $this->sendWelcomeEmail($user->getEmail());
+        \Container::$persistentDataManager->saveToDb($newUser);
 
-            \Container::$request->setUser($user);
+        if ($googleUserData !== null) {
+            $this->sendWelcomeEmail($newUser->getEmail());
+
+            \Container::$request->setUser($newUser);
         } else {
             $token = bin2hex(random_bytes(16));
 
             $confirmation = new UserConfirmation();
-            $confirmation->setUser($user);
+            $confirmation->setUser($newUser);
             $confirmation->setToken($token);
             $confirmation->setLastSentDate(new DateTime());
 
             \Container::$persistentDataManager->saveToDb($confirmation);
 
-            $this->sendConfirmationEmail($user->getEmail(), $token, $user->getCreatedDate());
+            $this->sendConfirmationEmail($newUser->getEmail(), $token, $newUser->getCreatedDate());
         }
 
         \Container::$request->session()->delete('tmp_user_data');

src/Controller/UserController.php

@@ -167,8 +167,8 @@ class UserController implements IAuthenticationRequired
 
         $newUsername = \Container::$request->post('username');
         if (strlen($newUsername) > 0 && $newUsername !== $user->getUsername()) {
-            if (filter_var($newUsername, FILTER_VALIDATE_EMAIL)) {
-                return new JsonContent(['error' => ['errorText' => 'Please select a username that is not a valid email address.']]);
+            if (preg_match('/^[a-zA-Z0-9_\-\.]+$/', $newUsername) !== 1) {
+                return new JsonContent(['error' => ['errorText' => 'Username can contain only english letters, digits, - (hyphen), . (dot), _ (underscore).']]);
             }
 
             if ($this->userRepository->getByUsername($newUsername) !== null) {

views/login/google_signup.php

@@ -9,6 +9,7 @@
             <p class="justify">Please confirm your sign up request. Your account will be linked to your Google account.</p>
             <input type="email" class="text big fullWidth marginTop" name="email" placeholder="Email address" value="<?= $email ?>" disabled>
             <input type="username" class="text big fullWidth marginTop" name="username" placeholder="Username">
+            <p id="googleSignupFormError" class="formError justify marginTop"></p>
             <div class="right">
                 <button class="marginTop marginRight" type="submit">Sign up</button><!--
              --><button id="cancelGoogleSignupButton" class="gray marginTop" type="button">Cancel</button>