-
Notifications
You must be signed in to change notification settings - Fork 111
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace GET form with link for regenerating backup codes #10464
Conversation
changelog: Bug Fixes, Regenerate Backup Codes, Fix issues linking to confirm regenerating backup codes
Previously, when specifying action, many call-sites would pass `method` through tag_options, but since `method` is now a top-level constructor argument for ButtonComponent, it isn't included in tag_options. These use-cases are typically well-suited for the new abstraction, so can be updated to use it directly
I wasn't expecting to have to do quite the refactoring entailed through 255566c, but as evidenced by the previous build failure and explained in the extended commit description, the new abstraction for |
action: ->(**tag_options, &block) do | ||
button_to(account_reauthentication_path, **tag_options, &block) | ||
end, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like on this branch, after these changes, there are 26 action:
usages left, would we consider removing all of them in a follow-up PR?
identity-idp:aduth-backup-code-s-form-link> git grep -A 3 ButtonComponent.new -- app | grep action: | wc -l
26
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah I can! I actually manually un-edited some additional files since they weren't strictly required to update, so as to keep review simpler. But definitely want to get everything migrated over.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Follow-up at #10468
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Tested locally with commit e15505b
🎫 Ticket
Supports LG-12716
🛠 Summary of changes
Updates the backup codes regenerate confirmation screen primary button to use a link (
<a href="...">
) in place of a<form action="..." method="get"><button>
.This is related to the comment at #10088 (comment), where it's theorized there may be misbehaving browser versions which incorrectly handle the form submission. By using an anchor tag link, it's hoped this resolves the unexpected requests we're seeing to the route planned for removal in #10088.
Related Slack thread: https://gsa-tts.slack.com/archives/C05MGJ72GU9/p1713455028604359
This also includes minor refactoring to use common conventions for rendering buttons and status pages.
📜 Testing Plan
Verify there is no regression in the behavior of regenerating backup codes.
👀 Screenshots
There's no visual changes expected.
Screenshot for reference: