Validate email address

vedia.rb

@@ -136,19 +136,27 @@ get '/reset' do
 end
 
 post '/reset' do
-  @user = User.find_by(email: params[:email])
+  @errors = []
-  if @user
+  unless params[:email] =~ URI::MailTo::EMAIL_REGEXP
-    @reset = SecureRandom.uuid
+    @errors << OpenStruct.new(:attribute => :email, :type => :invalid)
-    @user.reset = hash_password(@reset)
+  end
-    @user.save
+  if not @errors.empty?
-    mail = Mail.new
+    erb :reset
-    mail.from = settings.admin_email
+  else
-    mail.to = @user.email
+    @user = User.find_by(email: params[:email])
-    mail.subject = _("Reset your password")
+    if @user
-    mail.body = erb :reset_email, :layout => false
+      @reset = SecureRandom.uuid
-    mail.deliver
+      @user.reset = hash_password(@reset)
+      @user.save
+      mail = Mail.new
+      mail.from = settings.admin_email
+      mail.to = @user.email
+      mail.subject = _("Reset your password")
+      mail.body = erb :reset_email, :layout => false
+      mail.deliver
+    end
+    erb :reset_sent
   end
-  erb :reset_sent
 end
 
 get '/reset/:uuid' do

views/reset.erb

@@ -1,5 +1,13 @@
 <h1 class="mb-5"><%= _("Reset password") %></h1>
 
+<% if @errors %>
+<% @errors.each do |error| %>
+  <% if error.attribute == :email and error.type == :invalid %>
+    <p class="alert alert-warning mb-4"><%= _("Enter an email address.") %></p>
+  <% end %>
+<% end %>
+<% end %>
+
 <form action="/reset" method="post">
   <div class="mb-3">
     <label for="email" class="form-label"><%= _("Email") %></label>