Add logout page that directs users to click New Identity button in Tor browser #5116
Conversation
rocodes
requested review from
heartsucker,
kushaldas and
redshiftzero
as code owners
rocodes
force-pushed
the
4952-logout-new-identity-tor
branch
from
50d98fa to
a461ad2
Compare
|
I can haz screenie (using Nicholas' nomenclature for |
|
Note that it's pretty much just a placeholder @ninavizz pending your suggestions
|
rocodes
force-pushed
the
4952-logout-new-identity-tor
branch
from
a461ad2 to
7d24c43
Compare
rocodes
force-pushed
the
4952-logout-new-identity-tor
branch
4 times, most recently
from
48f77bc to
bc91227
Compare
| @@ -3,6 +3,6 @@ | |||
| <img src="{{ url_for('static', filename='i/hand_with_fingerprint.png') }}"> | |||
| </div> | |||
| <div class="message"><strong>{{ gettext('Important!') }}</strong><br> | |||
| <p>{{ gettext('Your session timed out due to inactivity. Please login again if you want to continue using SecureDrop, or select "New Identity" from the onion button in the Tor browser\'s toolbar to clear all history of your SecureDrop usage from this device. If you are not using Tor Browser, restart your browser.') }}</p> | |||
| <p>{{ gettext('You were logged out due to inactivity. Click the <img src={icon} alt="broom icon" width="16" height="16"> <strong>New Identity</strong> button in your Tor browser\'s toolbar. This will clear your Tor browser activity data on this device.').format(icon=url_for('static', filename='i/torbroom-black.png')) }}</p> | |||
There was a problem hiding this comment.
"button in your Tor browser's toolbar" -> "button in your Tor browser's toolbar before moving on" per language in freedomofpress/securedrop-ux#94 (comment)
|
All scenarios look good to me in functional testing. A couple of design notes: Session timeout scenario
Nina's mockup switches this to a new message bubble style we don't have yet (compare for visual, not wording):
That's a bigger lift and I'm OK with tracking that as a follow-up iteration. @ninavizz I'm curious if there any fixes we can make more quickly that you'd be comfortable with, e.g., removing the hand of god from the message. Logout scenarioYou have some excessive whitespace here below the headline; just removing that Compare with the mockup (for visual comparison, not wording): |
|
I'll also note that Nina's design has the "Log in" button back on the Logout page, that's probably something we want to implement, to ensure that a user who accidentally logged out can easily find their way back in (not everyone will understand they can click on the logo). |
|
I love @eloquence's suggestion to more simply remove the |
|
fyi for @ninavizz:
|
rocodes
force-pushed
the
4952-logout-new-identity-tor
branch
from
ad12807 to
b53c943
Compare
securedrop/sass/modules/_flash.sass
Outdated
| margin: 10px | ||
| padding: 10px 16px |
There was a problem hiding this comment.
This doesn't quite have the intended effect; it adds a bit more padding than needed (note the amount of whitespace around the icon compared with Nina's mockup), and also changes the styling other flash messages. Instead, I would leave this value at 10px, and add padding-left:16px or similar to the .important specification.
There was a problem hiding this comment.
fixed in 0acdd39; was worried about internationalization so I have a rtl version as well.
| @@ -7,6 +7,8 @@ | |||
| <img src="{{ url_for('static', filename='i/font-awesome/info-circle-black.png') }}" width="20" height="16"> | |||
| {% elif category == 'error' %} | |||
| <img class="pull-left" src="{{ url_for('static', filename='i/font-awesome/exclamation-triangle-black.png') }}" width="20" height="17"> | |||
| {% elif category == 'important' %} | |||
| <img class="pull-left" src="{{ url_for('static', filename='i/bang-stop.png') }}" width="22" height="22"> | |||
There was a problem hiding this comment.
Due to the flex layout, I don't believe you need the pull-left here; it works fine without it in my testing.
…ity button in Tor browser to complete their session, if they were logged in, else redirectst to main source interface page. - Remove logout_flashed message since we redirect to a new page now. - Update functional tests to include _is_on_logout_page method and replace test_logout_flashed_message with test_logout screenshot in testsourcelayout - update flashed message graphic and add login button to successful logout page (may need button alignment tweak) - Include coral-theme broom graphic and move flash-notif styling to _flash.sass - update apparmor profile to include logout.html, new assets
rocodes
force-pushed
the
4952-logout-new-identity-tor
branch
from
b53c943 to
0acdd39
Compare
|
@zenmonkeykstop added apparmor changes and squashed commits. |
|
All good from my end, thanks much for the quick changes @rocodes! Have only looked at the design, HTML/CSS, and basic functioning so far, so still needs a full code review from @zenmonkeykstop. |
|
Tested in staging env:
|
|
I have seen what @zenmonkeykstop found (squished icon) in Chrome, but not FF. Investigating |
|
Confirmed that the icon thing is present on current |
Status
Ready for Review
Description of Changes
Closes #4952.
Changes proposed in this pull request:
Additional "logout" route that directs users to click the New Identity button in Tor browser.
Amend functional tests to reflect behaviour of new logout page and modified wording on session timeout.
Testing
source_app/main.py,tests/functional/source_nagivation_steps.py,source_templates/logout.html,source_templates/session_timeout.htmlto ensure changes are satisfactoryDeployment
no special considerations
Checklist
If you made changes to the server application code:
make lint) and tests (make test) pass in the development container