Skip to content

Update auth pages visually#6479

Open
sanne-san wants to merge 8 commits into
masterfrom
sanne-auth-pages
Open

Update auth pages visually#6479
sanne-san wants to merge 8 commits into
masterfrom
sanne-auth-pages

Conversation

@sanne-san

@sanne-san sanne-san commented Jul 2, 2026

Copy link
Copy Markdown
Contributor

Changes

  • Create new auth layout context that looks visually cleaner, and hides the header and footer
  • Transform all auth pages to use the new context. This includes:
    • Login page
    • Signup page
    • Password reset page
    • Password reset request page
    • Password reset request success page
    • Password reset error page
    • Activate account page
    • Verify 2FA page
    • Verify 2FA recovery code page
    • SSO login page
    • SSO provision notice page
    • SSO provision issue page
    • Invitation expired page
  • Tighten copy across auth pages to be more consistent and concise
  • Remove password conformation field from signup page
  • Extract password field to a new component with visibility toggle
  • Extract Plausible logo to a new component
  • Ensure first field on any page is in focus

Tests

  • Automated tests have been added

Changelog

  • Entry has been added to changelog

Documentation

  • Docs have been updated

Dark mode

  • The UI has been tested both in dark and light mode

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown
Preview environment👷🏼‍♀️🏗️
PR-6479

- Create new auth layout context that looks visually cleaner, and hides the header and footer
- Transform all auth pages to use the new context. This includes:
  - Login page
  - Signup page
  - Password reset page
  - Password reset request page
  - Password reset request success page
  - Password reset error page
  - Activate account page
  - Verify 2FA page
  - Verify 2FA recovery code page
  - SSO login page
  - SSO provision notice page
  - SSO provision issue page
  - Invitation expired page
- Tighten copy across auth pages to be more consistent and concise
- Remove password conformation field from signup page
- Extract password field to a new component with visibility toggle
- Extract Plausible logo to a new component
@sanne-san sanne-san requested a review from a team July 6, 2026 09:10
Comment thread lib/plausible_web/templates/auth/activate.html.heex
Comment thread lib/plausible_web/live/components/form.ex Outdated
Comment thread lib/plausible_web/templates/auth/password_reset_request_form.html.heex Outdated
@sanne-san sanne-san requested review from aerosol and apata July 6, 2026 15:35
Comment thread test/plausible_web/controllers/auth_controller/logs_test.exs
)

assert html_response(response, 429) =~ "Too many activation attempts"
assert html_response(response, 200) =~

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the reason for changing from 429 to 200?

@sanne-san sanne-san Jul 8, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aerosol we switched the rate-limit from a full-page 429 error to an inline error on the /activate page itself for better UX (see this convo). Since inline errors are rendered as a normal form render rather than an error page, I thought the status is 200 instead of 429. Would you prefer if we keep 429 instead?

Comment thread lib/plausible_web/components/two_factor.ex
Comment thread lib/plausible_web/controllers/auth_controller.ex
</:footer>
</.focus_box>
<% else %>
<.styled_link method="delete" href="/me?redirect=/register">change email</.styled_link>

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

are we deliberately dropping the confirmation dialog?

@sanne-san sanne-san Jul 8, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah deliberate, at this point in the flow it's not really a destructive action. Clicking 'change email' and then being asked 'Deleting your account cannot be reversed. Are you sure?' sounds quite alarming for what's essentially 'let me fix a typo/use a different email'.

@RobertJoonas RobertJoonas left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work! 👏 Happy to see much less classname duplication and more extracted reusable components :)

Comment thread lib/plausible_web/controllers/auth_controller.ex Outdated
Comment thread lib/plausible_web/templates/auth/login_form.html.heex Outdated
Comment thread lib/plausible_web/router.ex Outdated
Comment thread test/plausible_web/controllers/auth_controller/logs_test.exs Outdated
@sanne-san sanne-san requested review from RobertJoonas and aerosol July 8, 2026 13:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants