[Freeipa-devel] [PATCH] 730-732 webui: Login pages usability improvements
Endi Sukma Dewata
edewata at redhat.com
Tue Aug 12 20:58:02 UTC 2014
On 8/5/2014 6:36 AM, Petr Vobornik wrote:
> [PATCH] 730 webui: display expired session notification in a more visible
> area
>
> The notification is a primary information of the page. It should be
> more highlighted.
>
> https://fedorahosted.org/freeipa/ticket/4470
ACK.
> [PATCH] 731 webui: improved info msgs on login/token sync/reset pwd
> pages
>
> - add info icons to distinguish and classify the messages.
> - add info text for OTP fields
> - fix login instruction inaccuracy related to position of login button
>
> https://fedorahosted.org/freeipa/ticket/4470
Just one thing, instead of "enter them in the fields nearby" how about
"enter them in the corresponding fields"? Otherwise it's ACKed.
> [PATCH] 732 webui: login screen - improved button switching
>
> - added cancel button to reset password view of login screen
> - re-implemented buttons hiding mechanism
> - switching between 'Reset Password' and 'Reset Password and Login'
> according to presence of value in OTP field
>
> https://fedorahosted.org/freeipa/ticket/4470
The code seems to be fine so it's ACKed, but see comments below:
1. It looks like the OTP token needs to be synchronized before it can be
used for the first time. Is that true for all types of tokens
(hardware/software, TOTP/HOTP)? If possible the synchronization should
be part of the token creation process, so the admin can provide a token
that can be used right away, so we may need an interface in the UI to
sync the tokens. If the sync can only be done by users themselves, there
should be a message on the login screen for first time OTP users to
synchronize the token first.
2. Try logging in with an incorrect password/OTP. After you get a login
error click Sync OTP Token. Once the sync is completed it will go back
to the login page with a "Token was synchronized" message that
disappears in a few seconds, but the old login error still appears which
is confusing. Error messages in the UI should only reflect the last
executed operation.
--
Endi S. Dewata
More information about the Freeipa-devel
mailing list