registration: Stop lying to users that registration worked when they are already registered

ffreddow · ffreddow · commit 59e089132e6c · 2025-12-10T10:04:10.000+01:00
fix #246
diff --git a/backend/src/routes/auth/register.rs b/backend/src/routes/auth/register.rs
@@ -171,7 +171,7 @@ pub async fn register(
     .await
     {
         Ok(Ok(_)) => (),
-        Ok(Err(Error::UserAlreadyExists)) => return Ok(HttpResponse::Created()),
+        Ok(Err(Error::UserAlreadyExists)) => return Err(Error::UserAlreadyExists.into()),
         Ok(Err(_)) => return Err(Error::InternalError.into()),
         Err(_) => return Err(Error::InternalError.into()),
     }
@@ -493,7 +493,7 @@ pub(crate) mod tests {
             .set_json(user)
             .to_request();
         let resp = test::call_service(&app, req).await;
-        assert!(resp.status().is_success());
+        assert_eq!(resp.status().as_u16(), 409); // Conflict - user already exists
 
         let pool = test_connection_pool();
         let mut conn = pool.get().unwrap();
diff --git a/frontend/src/components/Register.tsx b/frontend/src/components/Register.tsx
@@ -200,6 +200,9 @@ export class Register extends Component<Record<string, never>, RegisterState> {
             })
         if (response.status === 201) {
             showAlert(i18n.t("register.registration_successful"), "success", "register", i18n.t("alert_default_success"));
+        } else if (response.status === 409) {
+            showAlert(i18n.t("register.email_already_exists"), "danger");
+            return;
         } else {
             const text = `Failed with status ${response.status}: ${error}`;
             showAlert(text, "danger");
diff --git a/frontend/src/components/__tests__/register.test.tsx b/frontend/src/components/__tests__/register.test.tsx
@@ -389,6 +389,37 @@ describe('Register Component', () => {
     });
   });
 
+  it('handles email already exists error (409 conflict)', async () => {
+    mockUtils.fetchClient.POST.mockResolvedValue({
+      response: { status: 409 },
+      error: 'An account with this email already exists',
+    });
+
+    render(<Register />);
+
+    const nameInput = screen.getByTestId('text-input');
+    const emailInput = screen.getByTestId('email-input');
+    const passwordInputs = screen.getAllByTestId('password-input');
+    const checkboxes = screen.getAllByTestId('checkbox');
+
+    fireEvent.change(nameInput, { target: { value: 'John Doe' } });
+    fireEvent.change(emailInput, { target: { value: 'existing@example.com' } });
+    fireEvent.change(passwordInputs[0], { target: { value: 'ValidPass123!' } });
+    fireEvent.change(passwordInputs[1], { target: { value: 'ValidPass123!' } });
+    fireEvent.click(checkboxes[0]);
+    fireEvent.click(checkboxes[1]);
+
+    const submitButton = screen.getByTestId('submit-button');
+    fireEvent.click(submitButton);
+
+    await waitFor(() => {
+      expect(mockShowAlert).toHaveBeenCalledWith(
+        'email_already_exists',
+        'danger'
+      );
+    });
+  });
+
   it('handles salt generation error', async () => {
     mockUtils.get_salt.mockRejectedValue('Salt generation failed');
 
diff --git a/frontend/src/locales/de.ts b/frontend/src/locales/de.ts
@@ -165,7 +165,8 @@ export const de ={
         "save_recovery_data_text": "Da die Zugangsdaten für die Geräte nur mithilfe des korrekten Passworts entschlüsselt werden können brauchst du, falls du dein Passwort vergessen solltest, diese Datei um den Zugang zu deinen Geräten wiederherzustellen. Bewahre diese Datei sicher und für niemanden sonst zugänglich auf, da sie mit deinem Passwort gleichzustellen ist.",
         "save_recovery_data_confirmation": "Ich habe die Wiederherstellungsdatei heruntergeladen und sicher gespeichert",
         "close": "Schließen",
-        "registration_successful": "Die Registrierung war erfolgreich. Du solltest innerhalb der nächsten paar Minuten eine Email mit einem Bestätigungslink erhalten"
+        "registration_successful": "Die Registrierung war erfolgreich. Du solltest innerhalb der nächsten paar Minuten eine Email mit einem Bestätigungslink erhalten",
+        "email_already_exists": "Ein Konto mit dieser E-Mail-Adresse existiert bereits."
     ,"resend_verification": "Bestätigungs-E-Mail erneut senden"
     ,"resend_success": "Bestätigungs-E-Mail gesendet (falls noch nicht bestätigt)."
     ,"resend_error": "Bestätigungs-E-Mail konnte nicht gesendet werden. Bitte versuche es später erneut."
diff --git a/frontend/src/locales/en.ts b/frontend/src/locales/en.ts
@@ -165,7 +165,8 @@ export const en = {
         "save_recovery_data_text": "Since the access data for the devices can only be decrypted with the correct password, you need this file to restore access to your devices if you forget your password. Keep this file safe and inaccessible to others, as it is equivalent to your password.",
         "save_recovery_data_confirmation": "I have downloaded and safely stored the recovery file",
         "close": "Close",
-        "registration_successful": "Registration was successful. You should receive an email with a confirmation link within the next few minutes."
+        "registration_successful": "Registration was successful. You should receive an email with a confirmation link within the next few minutes.",
+        "email_already_exists": "An account with this email address already exists."
     ,"resend_verification": "Resend verification email"
     ,"resend_success": "Verification email sent (if the address is not yet verified)."
     ,"resend_error": "Could not resend verification email. Please try again later."
