Merge branch 'master' into feature/limit_user_leak

Conflicts:
	users/lib/warden/strategies/secure_remote_password.rb

1 files changed, 12 insertions, 2 deletions

diff --git a/users/app/models/user.rb b/users/app/models/user.rb
index e41c2dc..c9b367f 100644
--- a/users/app/models/user.rb
+++ b/users/app/models/user.rb
@@ -18,9 +18,19 @@ class User < CouchRest::Model::Base
     :uniqueness => true,
     :if => :serverside?
 
+  # Have multiple regular expression validations so we can get specific error messages:
   validates :login,
-    :format => { :with => /\A[A-Za-z\d_\.]+\z/,
-      :message => "Only letters, digits, . and _ allowed" }
+    :format => { :with => /\A.{2,}\z/,
+      :message => "Login must have at least two characters"}
+  validates :login,
+    :format => { :with => /\A[a-z\d_\.-]+\z/,
+      :message => "Only lowercase letters, digits, . - and _ allowed."}
+  validates :login,
+    :format => { :with => /\A[a-z].*\z/,
+      :message => "Login must begin with a lowercase letter"}
+  validates :login,
+    :format => { :with => /\A.*[a-z\d]\z/,
+      :message => "Login must end with a letter or digit"}
 
   validate :login_is_unique_alias