From 2139afcb9e668149fb31c1009ddefb052218d652 Mon Sep 17 00:00:00 2001
From: fnetX <git@fralix.ovh>
Date: Thu, 26 Jan 2023 18:14:18 +0100
Subject: [PATCH] Fix error on account activation with wrong passwd

On activating local accounts, the error message didn't differentiate
between using a wrong or expired token, or a wrong password.
The result could already be obtained from the behaviour (different
screens were presented), but the error message was misleading and lead
to confusion for new users on Codeberg.

Now, entering a wrong password for a valid token prints a different
error message.
---
 options/locale/locale_en-US.ini   | 1 +
 routers/web/auth/auth.go          | 6 +++---
 templates/user/auth/activate.tmpl | 4 +++-
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index 43a8aeb08eb1c..6ccbbc1c01318 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -322,6 +322,7 @@ email_not_associate = The email address is not associated with any account.
 send_reset_mail = Send Account Recovery Email
 reset_password = Account Recovery
 invalid_code = Your confirmation code is invalid or has expired.
+invalid_password = Your password does not match the password that was used to create the account.
 reset_password_helper = Recover Account
 reset_password_wrong_user = You are signed in as %s, but the account recovery link is for %s
 password_too_short = Password length cannot be less than %d characters.
diff --git a/routers/web/auth/auth.go b/routers/web/auth/auth.go
index 71a62bce65420..48b7dc6862ae4 100644
--- a/routers/web/auth/auth.go
+++ b/routers/web/auth/auth.go
@@ -633,7 +633,7 @@ func Activate(ctx *context.Context) {
 	user := user_model.VerifyUserActiveCode(code)
 	// if code is wrong
 	if user == nil {
-		ctx.Data["IsActivateFailed"] = true
+		ctx.Data["IsCodeInvalid"] = true
 		ctx.HTML(http.StatusOK, TplActivate)
 		return
 	}
@@ -660,7 +660,7 @@ func ActivatePost(ctx *context.Context) {
 	user := user_model.VerifyUserActiveCode(code)
 	// if code is wrong
 	if user == nil {
-		ctx.Data["IsActivateFailed"] = true
+		ctx.Data["IsCodeInvalid"] = true
 		ctx.HTML(http.StatusOK, TplActivate)
 		return
 	}
@@ -675,7 +675,7 @@ func ActivatePost(ctx *context.Context) {
 			return
 		}
 		if !user.ValidatePassword(password) {
-			ctx.Data["IsActivateFailed"] = true
+			ctx.Data["IsPasswordInvalid"] = true
 			ctx.HTML(http.StatusOK, TplActivate)
 			return
 		}
diff --git a/templates/user/auth/activate.tmpl b/templates/user/auth/activate.tmpl
index eba9e3229b211..ef72ef1e54506 100644
--- a/templates/user/auth/activate.tmpl
+++ b/templates/user/auth/activate.tmpl
@@ -30,8 +30,10 @@
 							<input id="code" name="code" type="hidden" value="{{.Code}}">
 						{{else if .IsSendRegisterMail}}
 							<p>{{.locale.Tr "auth.confirmation_mail_sent_prompt" (.Email|Escape) .ActiveCodeLives | Str2html}}</p>
-						{{else if .IsActivateFailed}}
+						{{else if .IsCodeInvalid}}
 							<p>{{.locale.Tr "auth.invalid_code"}}</p>
+						{{else if .IsPasswordInvalid}}
+							<p>{{.locale.Tr "auth.invalid_password"}}</p>
 						{{else if .ManualActivationOnly}}
 							<p class="center">{{.locale.Tr "auth.manual_activation_only"}}</p>
 						{{else}}