Improve login page

- improve formatting of login page - improve german translation of message that is shown if a certificate with multiple email addresses is used
10 months ago · 55530d23e4
parent 962dd30c6a
commit 55530d23e4
5 changed files with 39 additions and 7 deletions
--- a/changelog.md
+++ b/changelog.md
@ -5,6 +5,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

+## Unreleased
+### Changed
+- improve formatting and german translation of login page
+
 ## [0.2.0] - 2023-07-29
 ### Added
 - implement logout-successful handler
--- a/internal/handlers/login.go
+++ b/internal/handlers/login.go
@ -19,6 +19,7 @@ package handlers

 import (
 	"bytes"
+	"context"
 	"crypto/x509"
 	"errors"
 	"fmt"
@ -45,6 +46,12 @@ const (
 	// ClientCertificateToken acrType = "cert+token"
 )

+type contextKey int
+
+const (
+	ctxKeyMessage contextKey = iota
+)
+
 type templateName string

 const (
@ -138,6 +145,11 @@ func (h *LoginHandler) handleGet(
 	h.renderRequestForClientCert(w, r, certEmails, localizer, loginRequest)
 }

+type FlashMessage struct {
+	Type    string
+	Message string
+}
+
 func (h *LoginHandler) handlePost(
 	w http.ResponseWriter,
 	r *http.Request,
@ -151,11 +163,25 @@ func (h *LoginHandler) handlePost(
 		return
 	}

+	if r.FormValue("email") == "" {
+		h.handleGet(w, r.WithContext(context.WithValue(
+			r.Context(),
+			ctxKeyMessage,
+			FlashMessage{
+				Type:    "warning",
+				Message: h.messageCatalog.LookupMessage("NoEmailAddressSelected", nil, localizer),
+			},
+		)), challenge, certEmails, localizer)
+
+		return
+	}
+
 	// perform certificate auth
 	h.logger.WithField("emails", certEmails).Info("will perform certificate authentication")

 	userID, err := h.performCertificateLogin(certEmails, r)
 	if err != nil {
+		h.logger.WithError(err).Error("could not perform certificate login")
 		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)

 		return
@ -288,6 +314,7 @@ func (h *LoginHandler) renderRequestForClientCert(
 		"RequestText":     msg("CertLoginRequestText", nil, localizer),
 		"AcceptLabel":     msg("LabelAcceptCertLogin", nil, localizer),
 		"RejectLabel":     msg("LabelRejectCertLogin", nil, localizer),
+		"FlashMessage":    r.Context().Value(ctxKeyMessage),
 	})
 	if err != nil {
 		h.logger.WithError(err).Error("template rendering failed")
--- a/translations/active.de.toml
+++ b/translations/active.de.toml
@ -21,7 +21,7 @@ other = "Zusätzlich möchte die Anwendung Zugriff auf folgende Informationen:"
 [EmailChoiceText]
 hash = "sha1-8bba8cd3a8724d8c5b75da9b7d2ac084b6e9df90"
 one = "Du hast ein gültiges Client-Zertifikat für die folgende E-Mail-Adresse vorgelegt:"
-other = "Du hast ein gültiges Client-Zertifikate für mehrere E-Mail-Adressen vorgelegt. Bitte wähle aus, welches Du der Anwendung vorlegen möchtest:"
+other = "Du hast ein gültiges Client-Zertifikate für mehrere E-Mail-Adressen vorgelegt. Bitte wähle aus, welche davon Du der Anwendung zeigen möchtest:"

 [ErrorTitle]
 hash = "sha1-736aec25a98f5ec5b71400bb0163f891f509b566"
--- a/ui/templates/base.gohtml
+++ b/ui/templates/base.gohtml
@ -26,7 +26,7 @@
        <meta name="theme-color" content="#11568c">
        <title>{{ .Title }}</title>
    </head>
-    <body class="text-center idp d-flex flex-column h-100">
+    <body class="idp d-flex flex-column h-100">
    <main role="main" class="flex-shrink-0">
        {{ template "content" . }}
    </main>
--- a/ui/templates/client_certificate.gohtml
+++ b/ui/templates/client_certificate.gohtml
@ -11,18 +11,19 @@
                <label for="email_0">{{ $email_address }}</label>
            {{ else }}
                {{ range $index, $element := .emails }}
-                    <input type="radio" name="email" value="{{ $element }}" id="email_{{ $index }}"><label
-                            for="email_{{ $index }}">{{ $element }}</label>
+                    <div class="form-check">
+                        <input class="form-check-input" type="radio" name="email"
+                               value="{{ $element }}" id="email_{{ $index }}"><label
+                                class="form-check-label" for="email_{{ $index }}">{{ $element }}</label>
+                    </div>
                {{ end }}
            {{ end }}
            {{ .csrfField }}
        </div>
        <p class="text-left">{{ .RequestText }}</p>
        <div class="mb-2">
-            <button class="btn btn-lg btn-primary" type="submit" name="use-identity"
+            <button class="btn btn-primary" type="submit" name="use-identity"
                    value="accept">{{ .AcceptLabel }}</button>
-        </div>
-        <div class="mb-2">
            <button class="btn btn-outline-secondary" type="submit" name="use-identity"
                    value="reject">{{ .RejectLabel }}</button>
        </div>