From 011c9e3e9434a68400597ac136b62f92cfc53c2e Mon Sep 17 00:00:00 2001 From: Jack Cody Date: Tue, 11 Oct 2022 18:48:23 -0500 Subject: [PATCH 1/7] Add content warning --- config/locales/forms/en.yml | 1 + config/locales/forms/es.yml | 1 + config/locales/forms/fr.yml | 1 + 3 files changed, 3 insertions(+) diff --git a/config/locales/forms/en.yml b/config/locales/forms/en.yml index 4478278956a..e4fdd92497b 100644 --- a/config/locales/forms/en.yml +++ b/config/locales/forms/en.yml @@ -143,6 +143,7 @@ en: intro_link_text: Learn more about face or touch unlock. login_text: 'When you are ready, press the button:' nickname: Device nickname + warning_text: We recommend setting up a second authentication method to ensure that you can sign in on other devices where a built-in authenticator is not present. webauthn_setup: continue: Continue instructions_text: Press the button on your security key to register it with %{app_name} diff --git a/config/locales/forms/es.yml b/config/locales/forms/es.yml index 4d449c235a5..76a8755c96d 100644 --- a/config/locales/forms/es.yml +++ b/config/locales/forms/es.yml @@ -154,6 +154,7 @@ es: intro_link_text: Conozca más sobre el desbloqueo facial o táctil. login_text: 'Cuando esté listo, presione el botón:' nickname: Apodo de dispositivo. + warning_text: TODO THIS IS A PLACEHOLDER webauthn_setup: continue: Continuar instructions_text: Presione el botón en su clave de seguridad para registrarlo diff --git a/config/locales/forms/fr.yml b/config/locales/forms/fr.yml index 97cb4bd26ff..05af0fee573 100644 --- a/config/locales/forms/fr.yml +++ b/config/locales/forms/fr.yml @@ -159,6 +159,7 @@ fr: intro_link_text: En savoir plus sur le déverrouillage facial ou tactile. login_text: 'Lorsque vous êtes prêt, appuyez sur le bouton:' nickname: Pseudo dispositivo + warning_text: TODO THIS IS A PLACEHOLDER webauthn_setup: continue: Continuer instructions_text: Appuyez sur le bouton de votre clé de sécurité pour From e4a62f98c93d00de61f1f4673fa8e530d184d80f Mon Sep 17 00:00:00 2001 From: Jack Cody Date: Tue, 11 Oct 2022 18:48:56 -0500 Subject: [PATCH 2/7] Add alert component to webauthn platform setup page --- app/views/users/webauthn_setup/new.html.erb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/app/views/users/webauthn_setup/new.html.erb b/app/views/users/webauthn_setup/new.html.erb index b065da1173d..eb23d003181 100644 --- a/app/views/users/webauthn_setup/new.html.erb +++ b/app/views/users/webauthn_setup/new.html.erb @@ -23,6 +23,11 @@ <%= hidden_field_tag :webauthn_public_key, '', id: 'webauthn_public_key' %> <%= hidden_field_tag :attestation_object, '', id: 'attestation_object' %> <%= hidden_field_tag :client_data_json, '', id: 'client_data_json' %> + <% if @platform_authenticator %> + <%= render AlertComponent.new(type: :warning, text_tag: 'div') do %> + <%= t('forms.webauthn_platform_setup.warning_text') %> + <% end %> + <% end %> <%= hidden_field_tag :platform_authenticator, @platform_authenticator, id: 'platform_authenticator' %> <%= label_tag 'code', @presenter.nickname_label, class: 'display-block text-bold', for: 'nickname' %> <%= text_field_tag( From 6e6130c25a9266d73c6ded9784a2219337aadd7b Mon Sep 17 00:00:00 2001 From: Jack Cody Date: Fri, 21 Oct 2022 04:39:27 -0500 Subject: [PATCH 3/7] Move alert --- app/views/users/webauthn_setup/new.html.erb | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/app/views/users/webauthn_setup/new.html.erb b/app/views/users/webauthn_setup/new.html.erb index eb23d003181..f27546ffa71 100644 --- a/app/views/users/webauthn_setup/new.html.erb +++ b/app/views/users/webauthn_setup/new.html.erb @@ -4,6 +4,12 @@ <%= render PageHeadingComponent.new.with_content(@presenter.heading) %> +<% if @platform_authenticator %> + <%= render AlertComponent.new(type: :warning, text_tag: 'div') do %> + <%= t('forms.webauthn_platform_setup.warning_text') %> + <% end %> +<% end %> + <%= @presenter.intro_html %> <%= simple_form_for( @@ -23,11 +29,6 @@ <%= hidden_field_tag :webauthn_public_key, '', id: 'webauthn_public_key' %> <%= hidden_field_tag :attestation_object, '', id: 'attestation_object' %> <%= hidden_field_tag :client_data_json, '', id: 'client_data_json' %> - <% if @platform_authenticator %> - <%= render AlertComponent.new(type: :warning, text_tag: 'div') do %> - <%= t('forms.webauthn_platform_setup.warning_text') %> - <% end %> - <% end %> <%= hidden_field_tag :platform_authenticator, @platform_authenticator, id: 'platform_authenticator' %> <%= label_tag 'code', @presenter.nickname_label, class: 'display-block text-bold', for: 'nickname' %> <%= text_field_tag( From abff075adbe8aa56f1e6262ed08ffd49227526b5 Mon Sep 17 00:00:00 2001 From: Jack Cody Date: Fri, 21 Oct 2022 04:39:38 -0500 Subject: [PATCH 4/7] Add translations --- config/locales/forms/en.yml | 4 +++- config/locales/forms/es.yml | 4 +++- config/locales/forms/fr.yml | 5 ++++- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/config/locales/forms/en.yml b/config/locales/forms/en.yml index e4fdd92497b..bdd63f29361 100644 --- a/config/locales/forms/en.yml +++ b/config/locales/forms/en.yml @@ -143,7 +143,9 @@ en: intro_link_text: Learn more about face or touch unlock. login_text: 'When you are ready, press the button:' nickname: Device nickname - warning_text: We recommend setting up a second authentication method to ensure that you can sign in on other devices where a built-in authenticator is not present. + warning_text: If you lose or change your device, you’ll have to reset your + account. We recommend setting up multiple authentication methods to help + avoid account lockout. webauthn_setup: continue: Continue instructions_text: Press the button on your security key to register it with %{app_name} diff --git a/config/locales/forms/es.yml b/config/locales/forms/es.yml index 76a8755c96d..3552a462587 100644 --- a/config/locales/forms/es.yml +++ b/config/locales/forms/es.yml @@ -154,7 +154,9 @@ es: intro_link_text: Conozca más sobre el desbloqueo facial o táctil. login_text: 'Cuando esté listo, presione el botón:' nickname: Apodo de dispositivo. - warning_text: TODO THIS IS A PLACEHOLDER + warning_text: En caso de que pierdas o cambies tu dispositivo, tienes que + restablecer tu cuenta. Para evitar el bloqueo de la cuenta, te + recomendamos que configures diferentes métodos de autenticación. webauthn_setup: continue: Continuar instructions_text: Presione el botón en su clave de seguridad para registrarlo diff --git a/config/locales/forms/fr.yml b/config/locales/forms/fr.yml index 05af0fee573..79102d14cd5 100644 --- a/config/locales/forms/fr.yml +++ b/config/locales/forms/fr.yml @@ -159,7 +159,10 @@ fr: intro_link_text: En savoir plus sur le déverrouillage facial ou tactile. login_text: 'Lorsque vous êtes prêt, appuyez sur le bouton:' nickname: Pseudo dispositivo - warning_text: TODO THIS IS A PLACEHOLDER + warning_text: Si vous perdez ou changez votre appareil, vous devrez + réinitialiser votre compte. Nous vous conseillons de mettre en place + plusieurs méthodes d’authentification afin d’éviter que votre compte ne + se bloque. webauthn_setup: continue: Continuer instructions_text: Appuyez sur le bouton de votre clé de sécurité pour From 25bebc50f62f8df3106e365170ad8fa2efc3fb2d Mon Sep 17 00:00:00 2001 From: Jack Cody Date: Mon, 24 Oct 2022 10:17:05 -0500 Subject: [PATCH 5/7] Add spec changelog: Improvements, User experience, Add alert to Webauthn Platform setup page [LG-7745] --- app/views/users/webauthn_setup/new.html.erb | 8 +++-- .../users/webauthn_setup/new.html.erb_spec.rb | 36 +++++++++++++++++++ 2 files changed, 41 insertions(+), 3 deletions(-) create mode 100644 spec/views/users/webauthn_setup/new.html.erb_spec.rb diff --git a/app/views/users/webauthn_setup/new.html.erb b/app/views/users/webauthn_setup/new.html.erb index f27546ffa71..d2e9828cc4a 100644 --- a/app/views/users/webauthn_setup/new.html.erb +++ b/app/views/users/webauthn_setup/new.html.erb @@ -5,9 +5,11 @@ <%= render PageHeadingComponent.new.with_content(@presenter.heading) %> <% if @platform_authenticator %> - <%= render AlertComponent.new(type: :warning, text_tag: 'div') do %> - <%= t('forms.webauthn_platform_setup.warning_text') %> - <% end %> +

+ <%= render AlertComponent.new(type: :warning, text_tag: 'div') do %> + <%= t('forms.webauthn_platform_setup.warning_text') %> + <% end %> +

<% end %> <%= @presenter.intro_html %> diff --git a/spec/views/users/webauthn_setup/new.html.erb_spec.rb b/spec/views/users/webauthn_setup/new.html.erb_spec.rb new file mode 100644 index 00000000000..f2776ae08a4 --- /dev/null +++ b/spec/views/users/webauthn_setup/new.html.erb_spec.rb @@ -0,0 +1,36 @@ +require 'rails_helper' + +describe 'users/webauthn_setup/new.html.erb' do + let(:user) { create(:user, :signed_up) } + + context 'webauthn platform' do + let(:platform_authenticator) { true } + let(:user_session) do + { webauthn_challenge: 'fake_challenge' } + end + let(:presenter) do + WebauthnSetupPresenter.new( + current_user: user, + user_fully_authenticated: true, + user_opted_remember_device_cookie: true, + remember_device_default: true, + platform_authenticator: platform_authenticator, + ) + end + + before do + allow(view).to receive(:current_user).and_return(user) + allow(view).to receive(:user_session).and_return(user_session) + allow(view).to receive(:in_multi_mfa_selection_flow?).and_return(false) + assign(:platform_authenticator, platform_authenticator) + assign(:user_session, user_session) + assign(:presenter, presenter) + end + + it 'displays warning alert' do + render + + expect(rendered).to have_content(I18n.t('forms.webauthn_platform_setup.warning_text')) + end + end +end From a1b67795ddb55a2c0f3e68978710f349ce05f360 Mon Sep 17 00:00:00 2001 From: Jack Cody Date: Mon, 24 Oct 2022 10:51:35 -0500 Subject: [PATCH 6/7] Change spacing --- app/views/users/webauthn_setup/new.html.erb | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/app/views/users/webauthn_setup/new.html.erb b/app/views/users/webauthn_setup/new.html.erb index d2e9828cc4a..512efd7dc49 100644 --- a/app/views/users/webauthn_setup/new.html.erb +++ b/app/views/users/webauthn_setup/new.html.erb @@ -5,11 +5,9 @@ <%= render PageHeadingComponent.new.with_content(@presenter.heading) %> <% if @platform_authenticator %> -

- <%= render AlertComponent.new(type: :warning, text_tag: 'div') do %> - <%= t('forms.webauthn_platform_setup.warning_text') %> - <% end %> -

+ <%= render AlertComponent.new(type: :warning, class: 'margin-1') do %> + <%= t('forms.webauthn_platform_setup.warning_text') %> + <% end %> <% end %> <%= @presenter.intro_html %> From 05729dcee5579b26bbd7d8cdf8c5f7987fc95992 Mon Sep 17 00:00:00 2001 From: Jack Cody Date: Mon, 24 Oct 2022 15:08:23 -0500 Subject: [PATCH 7/7] Change margin --- app/views/users/webauthn_setup/new.html.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/users/webauthn_setup/new.html.erb b/app/views/users/webauthn_setup/new.html.erb index 512efd7dc49..f36c677f45c 100644 --- a/app/views/users/webauthn_setup/new.html.erb +++ b/app/views/users/webauthn_setup/new.html.erb @@ -5,7 +5,7 @@ <%= render PageHeadingComponent.new.with_content(@presenter.heading) %> <% if @platform_authenticator %> - <%= render AlertComponent.new(type: :warning, class: 'margin-1') do %> + <%= render AlertComponent.new(type: :warning, class: 'margin-y-1') do %> <%= t('forms.webauthn_platform_setup.warning_text') %> <% end %> <% end %>