-
-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor password checks to client-side #1719
refactor password checks to client-side #1719
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM 👍
@@ -16,6 +17,15 @@ | |||
$: if (form?.failed) { | |||
$error = Error(form.failed) | |||
} | |||
|
|||
$: new_password_confirm && debounce(() => verify(new_password_confirm, new_password), 400) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
On trying this out, I find the 400ms delay a bit quirky. I know the number isn't random - at least that's what I'm guessing. I think the main problem is that it puts the error message out of sync with whether the button is enabled or disabled - the button doesn't have a delay. Considering the comparison check doesn't cost us anything, I think it make sense to remove the delay.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I also don't like getting error messages as I type the confirmation password 🤔. What do you think about always leaving the Submit button enabled? Can we only call verify()
on blur and submit instead?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah, based on our recent conversation, I'll just get rid of the bells and whistles here and stick with an error once the user submits (and leave the button enabled the whole time)
$: disabled = ! submittable | ||
|
||
function verify(password_confirm: string, password: string) { | ||
password_confirm !== password ? $error = Error('Passwords are not the same') : dismiss() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of an error bubble, I think it would ultimately be nicer to have the error directly under the relevant field. This is a special case, where it could ultimately be either field that's "wrong", but I think it would still be fine to just put it under the confirmation field.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
agreed, when it comes to forms, not utilizing the app-wide error solution would be better for the user.
🧪 QA testing
There doesn't seem to be a form toolkit in the standard svelte libs. Is that right? I feel like all the things I've brought up, hinge on that. Perhaps we should consider adding something like svelte-forms? Being able to submit invalid forms with Enter is the only "bug" I found. So, if you want, you can just fix that, move this along and then we look at the UX in a later PR. |
correct, there is not a built-in for that but as you found already, there are some nice solutions out there already. I can consider that. I'll double-check daisyUI as well, he may already have something in place for it.
I need to look closer, I would've expected a standard form with a single button to automatically get the "submit" behavior even on enter but maybe I'm remembering something wrong there. Thanks for checking that though. |
@longrunningprocess To prevent submitting, you're currently disabling the button. I guess Svelte[Kit] doesn't read the disabled property to determine whether the user is allowed to submit the form. So, I think what we want to do is:
|
While trying to change your password, ensure you cannot submit the form unless you've provided a passwordWhile trying to change your password, ensure you cannot submit the form unless you've provided a confirmation passwordWhile trying to change your password, ensure you cannot submit the form unless you've provided a confirmation password that matches the new passwordWhile trying to change your password, ensure you can submit the form and your password has actually changed. |
Description
This is a follow-through on PR feedback from #1716
Checklist
QA testing
Testers, use the following instructions on our staging environment. Post your findings as a comment and include any meaningful screenshots, etc.