refactor password checks to client-side #1719
Conversation
longrunningprocess
added
the
engineering
longrunningprocess
deleted the
chore/migrate-to-sveltekit-action-pr-feedback
branch
| @@ -16,6 +17,15 @@ | |||
| $: if (form?.failed) { | |||
| $error = Error(form.failed) | |||
| } | |||
|
|
|||
| $: new_password_confirm && debounce(() => verify(new_password_confirm, new_password), 400) | |||
There was a problem hiding this comment.
On trying this out, I find the 400ms delay a bit quirky. I know the number isn't random - at least that's what I'm guessing. I think the main problem is that it puts the error message out of sync with whether the button is enabled or disabled - the button doesn't have a delay. Considering the comparison check doesn't cost us anything, I think it make sense to remove the delay.
There was a problem hiding this comment.
I also don't like getting error messages as I type the confirmation password 🤔. What do you think about always leaving the Submit button enabled? Can we only call verify() on blur and submit instead?
There was a problem hiding this comment.
yeah, based on our recent conversation, I'll just get rid of the bells and whistles here and stick with an error once the user submits (and leave the button enabled the whole time)
| $: disabled = ! submittable | ||
|
|
||
| function verify(password_confirm: string, password: string) { | ||
| password_confirm !== password ? $error = Error('Passwords are not the same') : dismiss() |
There was a problem hiding this comment.
Instead of an error bubble, I think it would ultimately be nicer to have the error directly under the relevant field. This is a special case, where it could ultimately be either field that's "wrong", but I think it would still be fine to just put it under the confirmation field.
There was a problem hiding this comment.
agreed, when it comes to forms, not utilizing the app-wide error solution would be better for the user.
🧪 QA testing
There doesn't seem to be a form toolkit in the standard svelte libs. Is that right? I feel like all the things I've brought up, hinge on that. Perhaps we should consider adding something like svelte-forms? Being able to submit invalid forms with Enter is the only "bug" I found. So, if you want, you can just fix that, move this along and then we look at the UX in a later PR. |
correct, there is not a built-in for that but as you found already, there are some nice solutions out there already. I can consider that. I'll double-check daisyUI as well, he may already have something in place for it.
I need to look closer, I would've expected a standard form with a single button to automatically get the "submit" behavior even on enter but maybe I'm remembering something wrong there. Thanks for checking that though. |
@longrunningprocess To prevent submitting, you're currently disabling the button. I guess Svelte[Kit] doesn't read the disabled property to determine whether the user is allowed to submit the form. So, I think what we want to do is:
|
While trying to change your password, ensure you cannot submit the form unless you've provided a password✅ While trying to change your password, ensure you cannot submit the form unless you've provided a confirmation password✅ While trying to change your password, ensure you cannot submit the form unless you've provided a confirmation password that matches the new password✅ While trying to change your password, ensure you can submit the form and your password has actually changed.✅ |
Description
This is a follow-through on PR feedback from #1716
Checklist
QA testing
Testers, use the following instructions on our staging environment. Post your findings as a comment and include any meaningful screenshots, etc.