add ambrosia-container to registration form as honeypot for bots: new form field "username" must not be filled

2024-10-01 01:36:00 -04:00 · 2024-04-19 09:35:09 +02:00 · 2024-04-19 09:35:09 +02:00 · 31272e60b6
commit 31272e60b6
parent 1b1cb18839
3 changed files with 17 additions and 0 deletions
--- a/app/Access/Controllers/RegisterController.php
+++ b/app/Access/Controllers/RegisterController.php
@ -87,6 +87,7 @@ class RegisterController extends Controller
            'name'     => ['required', 'min:2', 'max:100'],
            'email'    => ['required', 'email', 'max:255', 'unique:users'],
            'password' => ['required', Password::default()],
            'username' => ['prohibited'], // this is a honeypot for bots that must not be filled in
        ]);
    }
 }
--- a/resources/sass/_forms.scss
+++ b/resources/sass/_forms.scss
@ -389,6 +389,17 @@ input[type=color] {
  }
 }
 .form-group.ambrosia-container, .form-group.ambrosia-container * {
    position:absolute;
    height:0px !important;
    width:0px !important;
    margin:0 !important;
    padding:0 !important;
    background:transparent !important;
    color:transparent !important;
    border:none !important;
 }
 .title-input input[type="text"] {
  display: block;
  width: 100%;
--- a/resources/views/auth/register.blade.php
+++ b/resources/views/auth/register.blade.php
@ -13,6 +13,11 @@
            <form action="{{ url("/register") }}" method="POST" class="mt-l stretch-inputs">
                {!! csrf_field() !!}
                <div class="form-group ambrosia-container">
                    <label for="name">{{ trans('auth.name') }}</label>
                    @include('form.text', ['name' => 'username'])
                </div>
                <div class="form-group">
                    <label for="name">{{ trans('auth.name') }}</label>
                    @include('form.text', ['name' => 'name'])