imp: Improve error message when email is invalid during login

src/controllers/Sessions.php

@@ -95,8 +95,20 @@ public function create($request)
             ]);
         }
 
+        $email = utils\Email::sanitize($email);
+        if (!utils\Email::validate($email)) {
+            return Response::badRequest('sessions/new.phtml', [
+                'email' => $email,
+                'password' => $password,
+                'redirect_to' => $redirect_to,
+                'errors' => [
+                    'email' => _('The address email is invalid.'),
+                ],
+            ]);
+        }
+
         $user = models\User::findBy([
-            'email' => utils\Email::sanitize($email),
+            'email' => $email,
         ]);
         if (!$user) {
             return Response::badRequest('sessions/new.phtml', [

tests/controllers/SessionsTest.php

@@ -277,6 +277,26 @@ public function testCreateFailsIfEmailIsSupportUserEmail()
         $this->assertSame(0, models\Session::count());
     }
 
+    public function testCreateFailsIfEmailIsInvalid()
+    {
+        $email = $this->fake('email');
+        $password = $this->fake('password');
+        $user_id = $this->create('user', [
+            'email' => $email,
+            'password_hash' => password_hash($password, PASSWORD_BCRYPT),
+        ]);
+
+        $response = $this->appRun('post', '/login', [
+            'csrf' => \Minz\CSRF::generate(),
+            'email' => 'foo',
+            'password' => $password,
+        ]);
+
+        $this->assertResponseCode($response, 400);
+        $this->assertResponseContains($response, 'The address email is invalid');
+        $this->assertSame(0, models\Session::count());
+    }
+
     public function testCreateFailsIfPasswordDoesNotMatch()
     {
         $email = $this->fake('email');