[Freeipa-devel] [PATCH] 730-732 webui: Login pages usability improvements
Petr Vobornik
pvoborni at redhat.com
Wed Aug 20 17:30:32 UTC 2014
On 12.8.2014 22:58, Endi Sukma Dewata wrote:
> On 8/5/2014 6:36 AM, Petr Vobornik wrote:
>> [PATCH] 730 webui: display expired session notification in a more visible
>> area
>>
>> The notification is a primary information of the page. It should be
>> more highlighted.
>>
>> https://fedorahosted.org/freeipa/ticket/4470
>
> ACK.
>
>> [PATCH] 731 webui: improved info msgs on login/token sync/reset pwd
>> pages
>>
>> - add info icons to distinguish and classify the messages.
>> - add info text for OTP fields
>> - fix login instruction inaccuracy related to position of login button
>>
>> https://fedorahosted.org/freeipa/ticket/4470
>
> Just one thing, instead of "enter them in the fields nearby" how about
> "enter them in the corresponding fields"? Otherwise it's ACKed.
Changed, pushed using trivial/one-liner rule
>
>> [PATCH] 732 webui: login screen - improved button switching
>>
>> - added cancel button to reset password view of login screen
>> - re-implemented buttons hiding mechanism
>> - switching between 'Reset Password' and 'Reset Password and Login'
>> according to presence of value in OTP field
>>
>> https://fedorahosted.org/freeipa/ticket/4470
>
> The code seems to be fine so it's ACKed, but see comments below:
>
> 1. It looks like the OTP token needs to be synchronized before it can be
> used for the first time. Is that true for all types of tokens
> (hardware/software, TOTP/HOTP)? If possible the synchronization should
> be part of the token creation process, so the admin can provide a token
> that can be used right away, so we may need an interface in the UI to
> sync the tokens. If the sync can only be done by users themselves, there
> should be a message on the login screen for first time OTP users to
> synchronize the token first.
Synchronization right away won't hurt but it's not always required. TOTP
works for me if the device has properly synchronized time. I haven't
noticed any sync issue with HOTP.
Synchronization right from the UI is covered by:
https://fedorahosted.org/freeipa/ticket/4365
https://fedorahosted.org/freeipa/ticket/4366
>
> 2. Try logging in with an incorrect password/OTP. After you get a login
> error click Sync OTP Token. Once the sync is completed it will go back
> to the login page with a "Token was synchronized" message that
> disappears in a few seconds, but the old login error still appears which
> is confusing. Error messages in the UI should only reflect the last
> executed operation.
I'll fix it in separate patch.
>
> --
> Endi S. Dewata
Pushed to:
master:
* a94fc09b5747ff5ffc632d95b330470ed78ee0f5 webui: display expired
session notification in a more visible area
* cba5247f99bca6eb8ed73b73f20cb9e9b3a45e91 webui: improved info msgs on
login/token sync/reset pwd pages
* 4832f2986d1a457acf3ff000433aa0732364c19c webui: login screen -
improved button switching
ipa-4-1:
* 6f8dc9dba488caba7be2afc17b9e2b5191ffa585 webui: display expired
session notification in a more visible area
* 68647276ed58cb46c64884c2944cbd90979faf79 webui: improved info msgs on
login/token sync/reset pwd pages
* b37854051d6afd3f57ce28d059105797d13f0c22 webui: login screen -
improved button switching
--
Petr Vobornik
More information about the Freeipa-devel
mailing list