From 7d33224f80ea789b6855947740c7ae2b892aea40 Mon Sep 17 00:00:00 2001 From: Frederick Muriuki Muriithi Date: Thu, 15 Aug 2024 12:04:37 -0500 Subject: Reduce UI complexity Providing both the "Enter Verification Token" and the "Send Verification Email" elements of the same user interface seems to confuse users. This commit ensures that the system will provide one or the other, but not both, depending on whether or not there is a pending verification token present for the user. --- gn_auth/auth/authorisation/users/views.py | 19 +++- gn_auth/templates/users/unverified-user.html | 148 +++++++++++++++------------ 2 files changed, 100 insertions(+), 67 deletions(-) (limited to 'gn_auth') diff --git a/gn_auth/auth/authorisation/users/views.py b/gn_auth/auth/authorisation/users/views.py index 0922e1e..8559696 100644 --- a/gn_auth/auth/authorisation/users/views.py +++ b/gn_auth/auth/authorisation/users/views.py @@ -313,14 +313,29 @@ def list_all_users() -> Response: def handle_unverified(): """Handle case where user tries to login but is unverified""" form = request_json() + email = request.args["email"] # TODO: Maybe have a GN2_URI setting here? # or pass the client_id here? + with (db.connection(current_app.config["AUTH_DB"]) as conn, + db.cursor(conn) as cursor): + cursor.execute( + "DELETE FROM user_verification_codes WHERE expires <= ?", + (int(datetime.now().timestamp()),)) + cursor.execute( + "SELECT u.user_id, u.email, uvc.* FROM users AS u " + "INNER JOIN user_verification_codes AS uvc " + "ON u.user_id=uvc.user_id " + "WHERE u.email=?", + (email,)) + token_found = bool(cursor.fetchone()) + return render_template( "users/unverified-user.html", - email=request.args["email"], + email=email, response_type=request.args["response_type"], client_id=request.args["client_id"], - redirect_uri=request.args["redirect_uri"]) + redirect_uri=request.args["redirect_uri"], + token_found=token_found) @users.route("/send-verification", methods=["POST"]) def send_verification_code(): diff --git a/gn_auth/templates/users/unverified-user.html b/gn_auth/templates/users/unverified-user.html index 0ce141d..5005555 100644 --- a/gn_auth/templates/users/unverified-user.html +++ b/gn_auth/templates/users/unverified-user.html @@ -7,69 +7,87 @@ {%block content%} {{flash_messages()}} -