From a144a062a140dd3c2b5ef362ed867fd5b764d7f9 Mon Sep 17 00:00:00 2001
From: Mart van Santen <mart@greenhost.nl>
Date: Tue, 23 Nov 2021 05:33:51 +0100
Subject: [PATCH] Processed comments

---
 docs/local_dev_remote_kratos.md |  2 +-
 login/app.py                    |  2 +-
 login/static/base.js            | 66 +++++++++++----------------------
 login/templates/base.html       |  1 -
 4 files changed, 23 insertions(+), 48 deletions(-)

diff --git a/docs/local_dev_remote_kratos.md b/docs/local_dev_remote_kratos.md
index 3deb2a4..57257c5 100644
--- a/docs/local_dev_remote_kratos.md
+++ b/docs/local_dev_remote_kratos.md
@@ -325,7 +325,7 @@ flask db upgrade
 If that all looks fine, it is time to add you first user:
 
 ```
-flask user add myemail@example.com
+flask user create myemail@example.com
 ```
 
 And now it is time to start the app:
diff --git a/login/app.py b/login/app.py
index e6934be..e02c4cf 100644
--- a/login/app.py
+++ b/login/app.py
@@ -387,7 +387,7 @@ def auth():
     if not challenge:
         # TODO: Use local error page?
         app.logger.error("No challange given. Error in request")
-        abort(404)
+        abort(400)
 
 
     # Check if we are logged in:
diff --git a/login/static/base.js b/login/static/base.js
index 5a0f6c0..20a5137 100644
--- a/login/static/base.js
+++ b/login/static/base.js
@@ -22,8 +22,8 @@
 // Check if there is a auth flow is configured and redirect to auth page in that
 // case.
 function check_flow_auth() {
-        state = Cookies.get('flow_state');
-        url = Cookies.get('auth_url');
+        var state = Cookies.get('flow_state');
+        var url = Cookies.get('auth_url');
 
         if (state == 'auth') {
             Cookies.set('flow_state','');
@@ -31,15 +31,13 @@ function check_flow_auth() {
         }
 }
 
-// Check if there is a auth flow is configured and redirect to auth page in that
-// case.
+// Check if there if the flow is expired, if so, reset the cookie
 function check_flow_expired() {
-        state = Cookies.get('flow_state');
-        url = Cookies.get('auth_url');
+        var state = Cookies.get('flow_state');
 
         if (state == 'flow_expired') {
             Cookies.set('flow_state','');
-            window.location.href = url;
+            $("#contentFlowExpired").show();
         }
 }
 
@@ -59,7 +57,7 @@ function flow_login() {
             success: function(data) {
 
                 // Render login form (group: password)
-                html = render_form(data, 'password');
+                var html = render_form(data, 'password');
                 $("#contentLogin").html(html);
 
             },
@@ -68,7 +66,8 @@ function flow_login() {
                 // If we get a 410, the flow is expired, need to refresh the flow
                 if (obj.status == 410) {
                     Cookies.set('flow_state','flow_expired');
-                    window.location.href = 'location';
+                    // If we call the page without arguments, we get a new flow
+                    window.location.href = 'login';
                 }
             }
         });
@@ -121,7 +120,7 @@ function flow_settings() {
             url: uri,
             success: function(data) {
 
-                state = Cookies.get('flow_state')
+                var state = Cookies.get('flow_state')
 
                 // If we have confirmation the settings are saved, show the
                 // notification
@@ -140,7 +139,7 @@ function flow_settings() {
 
                 // Render the password & profile form based on the fields we got
                 // from the API
-                html = render_form(data, 'password');
+                var html = render_form(data, 'password');
                 $("#contentPassword").html(html);
 
                 html = render_form(data, 'profile');
@@ -185,7 +184,6 @@ function flow_settings() {
 function flow_recover() {
         var flow = $.urlParam('flow');
         var uri = api_url + 'self-service/recovery/flows?id=' + flow;
-        console.log("Calling: " + uri);
 
         $.ajax( {
             type: "GET",
@@ -193,7 +191,7 @@ function flow_recover() {
             success: function(data) {
 
                 // Render the recover form, method 'link'
-                html = render_form(data, 'link');
+                var html = render_form(data, 'link');
                 $("#contentRecover").html(html);
 
                 // Do form post as an AJAX call
@@ -248,9 +246,9 @@ function flow_recover() {
 function render_form(data, group) { 
 
     // Create form
-    action = data.ui.action;
-    method = data.ui.method;
-    form = "<form id='form"+group+"' method='"+method+"' action='"+action+"'>";
+    var action = data.ui.action;
+    var method = data.ui.method;
+    var form = "<form id='form"+group+"' method='"+method+"' action='"+action+"'>";
 
     for (const node of data.ui.nodes) {
 
@@ -259,7 +257,7 @@ function render_form(data, group) {
         var value = node.attributes.value;
 
         if (node.group == 'default' || node.group == group) {
-            elm = getFormElement(type, name, value);
+            var elm = getFormElement(type, name, value);
             form += elm;
         }
     }
@@ -269,13 +267,13 @@ function render_form(data, group) {
 }
 
 
-// Return form element based on name, including help et
-// Kratos give us forn names and types and specifies what to render. However
+// Return form element based on name, including help text (sub), placeholder etc.
+// Kratos give us form names and types and specifies what to render. However
 // it does not provide labels or translations. This function returns a HTML
-// form element based on the fields provided by kratos with proper names and 
+// form element based on the fields provided by Kratos with proper names and 
 // labels
 // type: input type, usual "input", "hidden" or "submit". But bootstrap types
-//                   like "email" is also supported
+//                   like "email" are also supported
 // name: name of the field. Used when posting data
 // value: If there is already a value known, show it
 function getFormElement(type, name, value) {
@@ -365,9 +363,9 @@ function getFormElement(type, name, value) {
 function getFormInput(type, name, value, label, placeHolder, help) {
 
     // Id field for help element
-    nameHelp = name + "Help";
+    var nameHelp = name + "Help";
 
-    element = '<div class="form-group">';
+    var element = '<div class="form-group">';
     element += '<label for="'+name+'">'+label+'</label>';
     element += '<input type="'+type+'" class="form-control" id="'+name+'" name="'+name+'" ';
 
@@ -383,12 +381,6 @@ function getFormInput(type, name, value, label, placeHolder, help) {
     }
     element += ">";
 
-    if (type == 'password') {
-//        element += '<div class="input-group-addon">';
-  //      element += '<a href=""><i class="fa fa-eye-slash" aria-hidden="true"></i></a>';
-  //      element += '</div>';
-    } 
-
     if (help) {
         element +=
         `<small id="`+nameHelp+`" class="form-text text-muted">` + help + `
@@ -415,19 +407,3 @@ $.urlParam = function(name) {
 
 
 
-/* TODO: Maybe we want to delete this 
-function render_messages(data) {
-
-    if (!data.ui.messages) {
-        return '';
-    }
-    html = '';
-    for (msg of data.ui.messages) {
-
-        html += "- " + msg.text + "<br/>";
-    }
-
-    return html;
-}
-
-*/
diff --git a/login/templates/base.html b/login/templates/base.html
index a066c62..672db33 100644
--- a/login/templates/base.html
+++ b/login/templates/base.html
@@ -18,7 +18,6 @@
 
     // Actions
     $(document).ready(function() {
-        //flow_login();
         check_flow_expired();
     });
 
-- 
GitLab