dnywh
diff --git a/‎messages/de.json‎
Lines changed: 6 additions & 0 deletions b/‎messages/de.json‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎messages/en.json‎
Lines changed: 6 additions & 0 deletions b/‎messages/en.json‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎messages/es.json‎
Lines changed: 6 additions & 0 deletions b/‎messages/es.json‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎package-lock.json‎
Lines changed: 10 additions & 1 deletion b/‎package-lock.json‎
Lines changed: 10 additions & 1 deletion
diff --git a/‎package.json‎
Lines changed: 1 addition & 0 deletions b/‎package.json‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/app/actions.ts‎
Lines changed: 61 additions & 8 deletions b/‎src/app/actions.ts‎
Lines changed: 61 additions & 8 deletions
diff --git a/‎src/components/ChatWindow/ChatWindow.tsx‎
Lines changed: 8 additions & 1 deletion b/‎src/components/ChatWindow/ChatWindow.tsx‎
Lines changed: 8 additions & 1 deletion
diff --git a/‎src/components/ProfileAccountSettings/ProfileAccountSettings.tsx‎
Lines changed: 22 additions & 3 deletions b/‎src/components/ProfileAccountSettings/ProfileAccountSettings.tsx‎
Lines changed: 22 additions & 3 deletions
diff --git a/‎src/components/SignUpForm/SignUpForm.tsx‎
Lines changed: 24 additions & 3 deletions b/‎src/components/SignUpForm/SignUpForm.tsx‎
Lines changed: 24 additions & 3 deletions
diff --git a/‎src/lib/emailValidation.ts‎
Lines changed: 6 additions & 0 deletions b/‎src/lib/emailValidation.ts‎
Lines changed: 6 additions & 0 deletions
@@ -97,6 +97,12 @@
     "signUpFailed": "Registrierung fehlgeschlagen",
     "tooManyListings": "Du hast die maximale Anzahl erlaubter Einträge erreicht. Lösche einen deiner aktuellen drei Einträge, um einen neuen zu erstellen.",
     "tooManyMessages": "Du hast zu viele Nachrichten gesendet. Bitte versuche es später erneut.",
+    "tooManyThreads": "Du hast in der letzten Stunde zu viele neue Unterhaltungen begonnen. Bitte versuche es später erneut.",
+    "firstNameTooShort": "Bitte verwende mindestens 2 Zeichen für deinen Vornamen.",
+    "firstNameTooLong": "Vornamen dürfen höchstens 24 Zeichen haben.",
+    "firstNameNotAllowed": "Dieser Vorname ist auf Peels nicht erlaubt.",
+    "firstNameInvalidChars": "Vornamen dürfen nur Buchstaben, Leerzeichen, Bindestriche und Apostrophe enthalten.",
+    "disposableEmailNotAllowed": "Bitte verwende eine dauerhafte E-Mail-Adresse statt einer Wegwerf-Inbox.",
     "updateEmailFailed": "Hmm, da stimmt etwas nicht. Prüfe deine E-Mail oder versuche es erneut.",
     "updateFirstNameFailed": "Entschuldigung, wir konnten deinen Vornamen nicht aktualisieren.",
     "updateNewsletterFailed": "Entschuldigung, wir konnten deine Newsletter-Einstellung nicht aktualisieren.",
 
@@ -97,6 +97,12 @@
     "signUpFailed": "Sign up failed",
     "tooManyListings": "You’ve reached the maximum number of listings allowed. Delete one of your current three to create a new one.",
     "tooManyMessages": "You’ve sent too many messages. Please try again later.",
+    "tooManyThreads": "You’ve started too many new conversations in the last hour. Please try again later.",
+    "firstNameTooShort": "Please use at least 2 characters for your first name.",
+    "firstNameTooLong": "First names can be at most 24 characters.",
+    "firstNameNotAllowed": "That first name isn’t allowed on Peels.",
+    "firstNameInvalidChars": "First names can only include letters, spaces, hyphens, and apostrophes.",
+    "disposableEmailNotAllowed": "Please use a long-term email address rather than a disposable inbox.",
     "updateEmailFailed": "Hmm, something’s not right. Check your email or try again.",
     "updateFirstNameFailed": "Sorry, we couldn’t update your first name.",
     "updateNewsletterFailed": "Sorry, we couldn’t update your newsletter preference.",
 
@@ -97,6 +97,12 @@
     "signUpFailed": "No se pudo completar el registro",
     "tooManyListings": "Has alcanzado el número máximo de anuncios permitidos. Elimina uno de tus tres anuncios actuales para crear uno nuevo.",
     "tooManyMessages": "Has enviado demasiados mensajes. Inténtalo de nuevo más tarde.",
+    "tooManyThreads": "Has iniciado demasiadas conversaciones nuevas en la última hora. Inténtalo de nuevo más tarde.",
+    "firstNameTooShort": "Usa al menos 2 caracteres para tu nombre.",
+    "firstNameTooLong": "El nombre puede tener como máximo 24 caracteres.",
+    "firstNameNotAllowed": "Ese nombre no está permitido en Peels.",
+    "firstNameInvalidChars": "El nombre solo puede incluir letras, espacios, guiones y apóstrofos.",
+    "disposableEmailNotAllowed": "Usa una dirección de correo de largo plazo en lugar de un buzón desechable.",
     "updateEmailFailed": "Hmm, algo no está bien. Revisa tu correo o inténtalo de nuevo.",
     "updateFirstNameFailed": "Lo sentimos, no pudimos actualizar tu nombre.",
     "updateNewsletterFailed": "Lo sentimos, no pudimos actualizar tu preferencia del boletín.",
 
@@ -36,6 +36,7 @@
     "@vercel/speed-insights": "^1.2.0",
     "clsx": "^2.1.1",
     "compressorjs": "^1.2.1",
+    "fakeout": "^1.0.13",
     "feed": "^5.1.0",
     "lodash": "^4.17.21",
     "lucide-react": "^0.456.0",
 
@@ -1,6 +1,11 @@
 "use server";
 
-import { validateName } from "@/lib/formValidation";
+import { isDisposableSignupEmail } from "@/lib/emailValidation";
+import {
+  validateFirstName,
+  validateName,
+  type FirstNameErrorCode,
+} from "@/lib/formValidation";
 import { getSafeHttpReferrer } from "@/utils/referrer";
 import { createClient } from "@/utils/supabase/server";
 import { getBaseUrl } from "@/utils/url";
@@ -14,14 +19,52 @@ import { headers } from "next/headers";
 import { redirect } from "next/navigation";
 import { getTranslations } from "next-intl/server";
 
+function translateFirstNameFieldError(
+  t: Awaited<ReturnType<typeof getTranslations>>,
+  code?: FirstNameErrorCode
+): string {
+  switch (code) {
+    case "empty":
+      return t("emptyName");
+    case "tooShort":
+      return t("firstNameTooShort");
+    case "tooLong":
+      return t("firstNameTooLong");
+    case "forbiddenContent":
+    case "reserved":
+      return t("firstNameNotAllowed");
+    case "invalidChars":
+      return t("firstNameInvalidChars");
+    default:
+      return t("generic");
+  }
+}
+
 export const signUpAction = async (formData: FormData, request?: Request) => {
   const t = await getTranslations("Errors");
-  const email = formData.get("email")?.toString();
+  const email = (formData.get("email")?.toString() ?? "").trim();
   const password = formData.get("password")?.toString();
-  const firstNameValidation = validateName(formData.get("first_name")); // Trim first name
-  const first_name = firstNameValidation.isValid
-    ? firstNameValidation.value
-    : null;
+  const rawFirstName = formData.get("first_name")?.toString();
+  const firstNameValidation = validateFirstName(formData.get("first_name"));
+  if (!firstNameValidation.isValid) {
+    const preservedData = new URLSearchParams();
+    if (email) preservedData.set("email", email);
+    if (rawFirstName?.trim())
+      preservedData.set("first_name", rawFirstName.trim());
+    const redirectUrl = new URL(
+      "/sign-up",
+      (await headers()).get("origin") || getBaseUrl()
+    );
+    preservedData.forEach((value, key) => {
+      redirectUrl.searchParams.append(key, value);
+    });
+    redirectUrl.searchParams.append(
+      "error",
+      translateFirstNameFieldError(t, firstNameValidation.error)
+    );
+    return redirect(redirectUrl.toString());
+  }
+  const first_name = firstNameValidation.value;
   const newsletterPreference = formData.has("newsletter_preference"); // Will only be passed if input is checked when form submitted
 
   const supabase = await createClient();
@@ -68,6 +111,11 @@ export const signUpAction = async (formData: FormData, request?: Request) => {
     return redirect(redirectUrl.toString());
   }
 
+  if (isDisposableSignupEmail(email)) {
+    redirectUrl.searchParams.append("error", t("disposableEmailNotAllowed"));
+    return redirect(redirectUrl.toString());
+  }
+
   if (turnstileEnabled && !captchaToken) {
     redirectUrl.searchParams.append("error", t("verificationChallenge"));
     return redirect(redirectUrl.toString());
@@ -214,9 +262,11 @@ export const updateFirstNameAction = async (formData: FormData) => {
     data: { user },
   } = await supabase.auth.getUser();
 
-  const firstNameValidation = validateName(formData.get("first_name"));
+  const firstNameValidation = validateFirstName(formData.get("first_name"));
   if (!firstNameValidation.isValid) {
-    return { error: t("emptyName") };
+    return {
+      error: translateFirstNameFieldError(t, firstNameValidation.error),
+    };
   }
 
   const { error } = await supabase
@@ -228,6 +278,9 @@ export const updateFirstNameAction = async (formData: FormData) => {
 
   if (error) {
     console.error("Error updating first name:", error);
+    if (error.code === "23514" || /first name/i.test(error.message ?? "")) {
+      return { error: t("firstNameNotAllowed") };
+    }
     return { error: t("updateFirstNameFailed") };
   }
 
 
@@ -121,7 +121,14 @@ const ChatWindow = memo(function ChatWindow({
 
     // Turn the rate limiting message into something more friendly (original: new row violates row-level security policy for table "chat_messages")
     if (errorMessage.includes("violates row-level security policy")) {
-      setMessageSendError(t("Errors.tooManyMessages"));
+      if (
+        errorMessage.includes("chat_threads") ||
+        errorMessage.includes('"chat_threads"')
+      ) {
+        setMessageSendError(t("Errors.tooManyThreads"));
+      } else {
+        setMessageSendError(t("Errors.tooManyMessages"));
+      }
     } else {
       setMessageSendError(errorMessage);
     }
 
@@ -16,7 +16,7 @@ import {
 } from "@/app/actions";
 
 import { styled } from "@pigment-css/react";
-import { validateName, FIELD_CONFIGS } from "@/lib/formValidation";
+import { validateFirstName, FIELD_CONFIGS } from "@/lib/formValidation";
 import { useTranslations } from "next-intl";
 
 const List = styled("ul")(({ theme }) => ({
@@ -178,9 +178,28 @@ function ProfileAccountSettings({
   };
 
   const handleFirstNameUpdate = async (formData: FormData) => {
-    const validation = validateName(formData.get("first_name"));
+    const validation = validateFirstName(formData.get("first_name"));
     if (!validation.isValid) {
-      firstName.setError(t("Errors.emptyName"));
+      switch (validation.error) {
+        case "empty":
+          firstName.setError(t("Errors.emptyName"));
+          break;
+        case "tooShort":
+          firstName.setError(t("Errors.firstNameTooShort"));
+          break;
+        case "tooLong":
+          firstName.setError(t("Errors.firstNameTooLong"));
+          break;
+        case "invalidChars":
+          firstName.setError(t("Errors.firstNameInvalidChars"));
+          break;
+        case "forbiddenContent":
+        case "reserved":
+          firstName.setError(t("Errors.firstNameNotAllowed"));
+          break;
+        default:
+          firstName.setError(t("Errors.generic"));
+      }
       return;
     }
 
 
@@ -12,7 +12,7 @@ import InputHint from "@/components/InputHint";
 import Label from "@/components/Label";
 import LegalAgreement from "@/components/LegalAgreement";
 import { siteConfig } from "@/config/site";
-import { FIELD_CONFIGS, validateName } from "@/lib/formValidation";
+import { FIELD_CONFIGS, validateFirstName } from "@/lib/formValidation";
 import { getStoredAttributionParams } from "@/utils/attributionUtils";
 import { isTurnstileEnabled } from "@/utils/utils";
 import { Turnstile, type TurnstileInstance } from "@marsidev/react-turnstile";
@@ -179,9 +179,30 @@ export default function SignUpForm({
 
     // Client-side validation
     const formData = new FormData(event.currentTarget);
-    const validation = validateName(formData.get("first_name")?.toString());
+    const validation = validateFirstName(
+      formData.get("first_name")?.toString()
+    );
     if (!validation.isValid) {
-      setFirstNameError(t("Errors.emptyName"));
+      switch (validation.error) {
+        case "empty":
+          setFirstNameError(t("Errors.emptyName"));
+          break;
+        case "tooShort":
+          setFirstNameError(t("Errors.firstNameTooShort"));
+          break;
+        case "tooLong":
+          setFirstNameError(t("Errors.firstNameTooLong"));
+          break;
+        case "invalidChars":
+          setFirstNameError(t("Errors.firstNameInvalidChars"));
+          break;
+        case "forbiddenContent":
+        case "reserved":
+          setFirstNameError(t("Errors.firstNameNotAllowed"));
+          break;
+        default:
+          setFirstNameError(t("Errors.generic"));
+      }
       return;
     }
 
 
@@ -0,0 +1,6 @@
+import { isDisposableEmail } from "fakeout";
+
+/** Disposable domains use the auto-updated dataset bundled with `fakeout`. */
+export function isDisposableSignupEmail(email: string): boolean {
+  return isDisposableEmail(email.trim());
+}