Make expected server-side error messages translatable

SaeedCode · Jan 27, 2020 · 21e6a16 · 21e6a16
1 parent 4e784c2
commit 21e6a16
Show file tree

Hide file tree

Showing 7 changed files with 21 additions and 13 deletions.
diff --git a/data/static/i18n/en.json b/data/static/i18n/en.json
@@ -145,7 +145,6 @@
 	"No matter how good your eyes are, you will need tool assistance for this challenge.": "No matter how good your eyes are, you will need tool assistance for this challenge.",
 	"Perform a Remote Code Execution that occupies the server for a while without using infinite loops.": "Perform a Remote Code Execution that occupies the server for a while without using infinite loops.",
 	"Your attack payload must not trigger the protection against too many iterations.": "Your attack payload must not trigger the protection against too many iterations.",
-	"<a href=\"/#/contact\">Inform the development team</a> about a danger to some of <em>their</em> credentials. (Send them the URL of the <em>original report</em> or the CVE of this vulnerability)": "<a href=\"/#/contact\">Inform the development team</a> about a danger to some of <em>their</em> credentials. (Send them the URL of the <em>original report</em> or the CVE of this vulnerability)",
 	"This vulnerability will not affect any customer of the shop. It is aimed exclusively at its developers.": "This vulnerability will not affect any customer of the shop. It is aimed exclusively at its developers.",
 	"Solve the 2FA challenge for user \"wurstbrot\". (Disabling, bypassing or overwriting his 2FA settings does not count as a solution)": "Solve the 2FA challenge for user \"wurstbrot\". (Disabling, bypassing or overwriting his 2FA settings does not count as a solution)",
 	"The 2FA implementation requires to store a secret for every user. You will need to find a way to access this secret in order to solve this challenge.": "The 2FA implementation requires to store a secret for every user. You will need to find a way to access this secret in order to solve this challenge.",
@@ -273,5 +272,14 @@
 	"This amazing mobile app security awareness board game is <a href=\"https://steamcommunity.com/sharedfiles/filedetails/?id=1970691216\">available for Tabletop Simulator on Steam Workshop</a> now!": "This amazing mobile app security awareness board game is <a href=\"https://steamcommunity.com/sharedfiles/filedetails/?id=1970691216\">available for Tabletop Simulator on Steam Workshop</a> now!",
 	"OWASP Snakes and Ladders - Web Applications": "OWASP Snakes and Ladders - Web Applications",
 	"This amazing web application security awareness board game is <a href=\"https://steamcommunity.com/sharedfiles/filedetails/?id=1969196030\">available for Tabletop Simulator on Steam Workshop</a> now!": "This amazing web application security awareness board game is <a href=\"https://steamcommunity.com/sharedfiles/filedetails/?id=1969196030\">available for Tabletop Simulator on Steam Workshop</a> now!",
-	"<em>The official Companion Guide</em> by Björn Kimminich available <a href=\"https://leanpub.com/juice-shop\">for free on LeanPub</a> and also <a href=\"https://pwning.owasp-juice.shop\">readable online</a>!": "<em>The official Companion Guide</em> by Björn Kimminich available <a href=\"https://leanpub.com/juice-shop\">for free on LeanPub</a> and also <a href=\"https://pwning.owasp-juice.shop\">readable online</a>!"
+	"<em>The official Companion Guide</em> by Björn Kimminich available <a href=\"https://leanpub.com/juice-shop\">for free on LeanPub</a> and also <a href=\"https://pwning.owasp-juice.shop\">readable online</a>!": "<em>The official Companion Guide</em> by Björn Kimminich available <a href=\"https://leanpub.com/juice-shop\">for free on LeanPub</a> and also <a href=\"https://pwning.owasp-juice.shop\">readable online</a>!",
+	"We are out of stock! Sorry for the inconvenience.": "We are out of stock! Sorry for the inconvenience.",
+	"Wrong answer to CAPTCHA. Please try again.": "Wrong answer to CAPTCHA. Please try again.",
+	"Invalid email or password.": "Invalid email or password.",
+	"Current password is not correct.": "Current password is not correct.",
+	"Password cannot be empty.": "Password cannot be empty.",
+	"New and repeated password do not match.": "New and repeated password do not match.",
+	"Wrong answer to security question.": "Wrong answer to security question.",
+	"<a href=\"/#/contact\">Inform the development team</a> about a danger to some of <em>their</em> credentials. (Send them the URL of the <em>original report</em> or an assigned CVE or another identifier of this vulnerability)": "<a href=\"/#/contact\">Inform the development team</a> about a danger to some of <em>their</em> credentials. (Send them the URL of the <em>original report</em> or an assigned CVE or another identifier of this vulnerability)",
+	"You can order only up to {{quantity}} items of this product.": "You can order only up to {{quantity}} items of this product."
 }
diff --git a/routes/basketItems.js b/routes/basketItems.js
@@ -81,9 +81,9 @@ async function quantityCheck (req, res, next, id, quantity) {
     if (product.quantity >= quantity) {
       next()
     } else {
-      res.status(400).json({ error: 'We are out of stock! Sorry for the inconvenience.' })
+      res.status(400).json({ error: res.__('We are out of stock! Sorry for the inconvenience.') })
     }
   } else {
-    res.status(400).json({ error: `You can order only up to ${product.limitPerUser} items of this product.` })
+    res.status(400).json({ error: res.__('You can order only up to {{quantity}} items of this product.', { quantity: product.limitPerUser }) })
   }
 }
diff --git a/routes/captcha.js b/routes/captcha.js
@@ -37,7 +37,7 @@ captchas.verifyCaptcha = () => (req, res, next) => {
     if (captcha && req.body.captcha === captcha.dataValues.answer) {
       next()
     } else {
-      res.status(401).send('Wrong answer to CAPTCHA. Please try again.')
+      res.status(401).send(res.__('Wrong answer to CAPTCHA. Please try again.'))
     }
   })
 }

diff --git a/routes/changePassword.js b/routes/changePassword.js
@@ -15,15 +15,15 @@ module.exports = function changePassword () {
     const newPassword = query.new
     const repeatPassword = query.repeat
     if (!newPassword || newPassword === 'undefined') {
-      res.status(401).send('Password cannot be empty.')
+      res.status(401).send(res.__('Password cannot be empty.'))
     } else if (newPassword !== repeatPassword) {
-      res.status(401).send('New and repeated password do not match.')
+      res.status(401).send(res.__('New and repeated password do not match.'))
     } else {
       const token = headers.authorization ? headers.authorization.substr('Bearer='.length) : null
       const loggedInUser = insecurity.authenticatedUsers.get(token)
       if (loggedInUser) {
         if (currentPassword && insecurity.hash(currentPassword) !== loggedInUser.data.password) {
-          res.status(401).send('Current password is not correct.')
+          res.status(401).send(res.__('Current password is not correct.'))
         } else {
           models.User.findByPk(loggedInUser.data.id).then(user => {
             user.update({ password: newPassword }).then(user => {

diff --git a/routes/imageCaptcha.js b/routes/imageCaptcha.js
@@ -40,7 +40,7 @@ imageCaptchas.verifyCaptcha = () => (req, res, next) => {
     if (!captchas[0] || req.body.answer === captchas[0].dataValues.answer) {
       next()
     } else {
-      res.status(401).send('Wrong answer to CAPTCHA. Please try again.')
+      res.status(401).send(res.__('Wrong answer to CAPTCHA. Please try again.'))
     }
   })
 }

diff --git a/routes/login.js b/routes/login.js
@@ -49,7 +49,7 @@ module.exports = function login () {
         } else if (user.data && user.data.id) {
           afterLogin(user, res, next)
         } else {
-          res.status(401).send('Invalid email or password.')
+          res.status(401).send(res.__('Invalid email or password.'))
         }
       }).catch(error => {
         next(error)

diff --git a/routes/resetPassword.js b/routes/resetPassword.js
@@ -18,9 +18,9 @@ module.exports = function resetPassword () {
     if (!email || !answer) {
       next(new Error('Blocked illegal activity by ' + connection.remoteAddress))
     } else if (!newPassword || newPassword === 'undefined') {
-      res.status(401).send('Password cannot be empty.')
+      res.status(401).send(res.__('Password cannot be empty.'))
     } else if (newPassword !== repeatPassword) {
-      res.status(401).send('New and repeated password do not match.')
+      res.status(401).send(res.__('New and repeated password do not match.'))
     } else {
       models.SecurityAnswer.findOne({
         include: [{
@@ -40,7 +40,7 @@ module.exports = function resetPassword () {
             next(error)
           })
         } else {
-          res.status(401).send('Wrong answer to security question.')
+          res.status(401).send(res.__('Wrong answer to security question.'))
         }
       }).catch(error => {
         next(error)