Detect `+` when validating emails for registration
rebecca-shoptaw opened this issue · comments
Dependency to epic
#7694. Subtask of #2055.
Problem
Me and @cdrini noticed when testing #9245 that the Internet Archive is no longer allowing alias emails with plus signs, i.e. "myemail+test-01@gmail.com", to create accounts, which means we should adjust our email checks in realtime_account_validation.js
and forms.py
to check for this as well.
Evidence / Screenshot
Relevant URL(s)
Reproducing the bug
- Go to
/account/create
on testing, staging or production - Try to make an account using an email with a
+
sign (ideally with the plus added to an existing IA or OL email, i.e. myolaccount+test@gmail.com)
- Expected behavior: Realtime error appears to indicate plus sign is not permitted
- Actual behavior: No error, account creation silently fails
Context
- Browser (Chrome, Safari, Firefox, etc):
- OS (Windows, Mac, etc):
- Logged in (Y/N): N
- Environment (prod, dev, local): all
Notes from this Issue's Lead
Proposal & constraints
- Modify the email regex in
forms.py
- Add the email regex validator to the
Email
input informs.py
- Modify the email regex in
account.py
Related files
Stakeholders
Note: Before making a new branch or updating an existing one, please ensure your branch is up to date.
Turns out we can fix this on the IA side instead! Handing over to them to update the endpoint so it throws an "already registered" error if the +
alias matches an existing account.