diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index bac0e8515..b5bd43599 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -399,8 +399,8 @@ relevant_repositories = Only relevant repositories are being shown, <a href="%s"
[auth]
create_new_account = Register account
-register_helper_msg = Already have an account? Sign in now!
-social_register_helper_msg = Already have an account? Link it now!
+already_have_account = Already have an account?
+sign_in_now = Sign in now!
disable_register_prompt = Registration is disabled. Please contact your site administrator.
disable_register_mail = Email confirmation for registration is disabled.
manual_activation_only = Contact your site administrator to complete activation.
@@ -408,7 +408,8 @@ remember_me = Remember this device
remember_me.compromised = The login token is not valid anymore which may indicate a compromised account. Please check your account for unusual activities.
forgot_password_title= Forgot password
forgot_password = Forgot password?
-sign_up_now = Need an account? Register now.
+need_account = Need an account?
+sign_up_now = Register now.
sign_up_successful = Account was successfully created. Welcome!
confirmation_mail_sent_prompt = A new confirmation email has been sent to <b>%s</b>. Please check your inbox within the next %s to complete the registration process. If the email is incorrect, you can log in, and request another confirmation email to be sent to a different address.
must_change_password = Update your password
@@ -473,6 +474,7 @@ sspi_auth_failed = SSPI authentication failed
password_pwned = The password you chose is on a <a target="_blank" rel="noopener noreferrer" href="https://haveibeenpwned.com/Passwords">list of stolen passwords</a> previously exposed in public data breaches. Please try again with a different password and consider changing this password elsewhere too.
password_pwned_err = Could not complete request to HaveIBeenPwned
last_admin = You cannot remove the last admin. There must be at least one admin.
+back_to_sign_in = Back to Sign In
[mail]
view_it_on = View it on %s
diff --git a/templates/user/auth/captcha.tmpl b/templates/user/auth/captcha.tmpl
index 0e9c2b9d2..8dd4d1cc5 100644
--- a/templates/user/auth/captcha.tmpl
+++ b/templates/user/auth/captcha.tmpl
@@ -1,5 +1,5 @@
{{if .EnableCaptcha}}{{if eq .CaptchaType "image"}}
- <div class="inline field">
+ <div class="inline field tw-text-center">
{{.Captcha.CreateHTML}}
</div>
<div class="required field {{if .Err_Captcha}}error{{end}}">
@@ -7,18 +7,17 @@
<input id="captcha" name="captcha" value="{{.captcha}}" autocomplete="off">
</div>
{{else if eq .CaptchaType "recaptcha"}}
- <div class="inline field required">
+ <div class="inline field tw-text-center required">
<div id="captcha" data-captcha-type="g-recaptcha" class="g-recaptcha-style" data-sitekey="{{.RecaptchaSitekey}}"></div>
</div>
<script src='{{URLJoin .RecaptchaURL "api.js"}}'></script>
{{else if eq .CaptchaType "hcaptcha"}}
- <div class="inline field required">
+ <div class="inline field tw-text-center required">
<div id="captcha" data-captcha-type="h-captcha" class="h-captcha-style" data-sitekey="{{.HcaptchaSitekey}}"></div>
</div>
<script src='https://hcaptcha.com/1/api.js'></script>
{{else if eq .CaptchaType "mcaptcha"}}
- <div class="inline field">
- <label></label>
+ <div class="inline field tw-text-center">
<div class="m-captcha-style" id="mcaptcha__widget-container"></div>
<div id="captcha" data-captcha-type="m-captcha" data-sitekey="{{.McaptchaSitekey}}" data-instance-url="{{.McaptchaURL}}"></div>
</div>
diff --git a/templates/user/auth/oauth_container.tmpl b/templates/user/auth/oauth_container.tmpl
new file mode 100644
index 000000000..7599b49fb
--- /dev/null
+++ b/templates/user/auth/oauth_container.tmpl
@@ -0,0 +1,29 @@
+{{if or .OAuth2Providers .EnableOpenIDSignIn}}
+<div class="divider divider-text">
+ {{ctx.Locale.Tr "sign_in_or"}}
+</div>
+<div id="oauth2-login-navigator" class="tw-py-1">
+ <div class="tw-flex tw-flex-col tw-justify-center">
+ <div id="oauth2-login-navigator-inner" class="tw-flex tw-flex-col tw-flex-wrap tw-items-center tw-gap-2">
+ {{range $provider := .OAuth2Providers}}
+ <a class="{{$provider.Name}} ui button tw-flex tw-items-center tw-justify-center tw-py-2 tw-w-full oauth-login-link" href="{{AppSubUrl}}/user/oauth2/{{$provider.DisplayName}}">
+ {{$provider.IconHTML 28}}
+ {{ctx.Locale.Tr "sign_in_with_provider" $provider.DisplayName}}
+ </a>
+ {{end}}
+ {{if .EnableOpenIDSignIn}}
+ <a class="openid ui button tw-flex tw-items-center tw-justify-center tw-py-2 tw-w-full" href="{{AppSubUrl}}/user/login/openid">
+ {{svg "fontawesome-openid" 28 "tw-mr-2"}}
+ {{ctx.Locale.Tr "sign_in_with_provider" "OpenID"}}
+ </a>
+ {{end}}
+ {{if .EnableSSPI}}
+ <a class="ui button tw-flex tw-items-center tw-justify-center tw-py-2 tw-w-full" rel="nofollow" href="{{AppSubUrl}}/user/login?auth_with_sspi=1">
+ {{svg "fontawesome-windows"}}
+ SSPI
+ </a>
+ {{end}}
+ </div>
+ </div>
+</div>
+{{end}}
diff --git a/templates/user/auth/signin.tmpl b/templates/user/auth/signin.tmpl
index b0e9ce8c7..54cc82d49 100644
--- a/templates/user/auth/signin.tmpl
+++ b/templates/user/auth/signin.tmpl
@@ -1,8 +1,7 @@
{{template "base/head" .}}
<div role="main" aria-label="{{.Title}}" class="page-content user signin{{if .LinkAccountMode}} icon{{end}}">
- {{template "user/auth/signin_navbar" .}}
<div class="ui middle very relaxed page grid">
- <div class="ui container column fluid">
+ <div class="column tw-flex tw-flex-col tw-gap-4 tw-max-w-2xl tw-m-auto">
{{template "user/auth/signin_inner" .}}
</div>
</div>
diff --git a/templates/user/auth/signin_inner.tmpl b/templates/user/auth/signin_inner.tmpl
index 9872096fb..b0a52d2c6 100644
--- a/templates/user/auth/signin_inner.tmpl
+++ b/templates/user/auth/signin_inner.tmpl
@@ -1,70 +1,65 @@
-{{if or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeSignIn)}}
-{{template "base/alert" .}}
-{{end}}
-<h4 class="ui top attached header center">
- {{if .LinkAccountMode}}
- {{ctx.Locale.Tr "auth.oauth_signin_title"}}
- {{else}}
- {{ctx.Locale.Tr "auth.login_userpass"}}
+<div class="ui container fluid">
+ {{if or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeSignIn)}}
+ {{template "base/alert" .}}
{{end}}
-</h4>
-<div class="ui attached segment">
- <form class="ui form tw-max-w-2xl tw-m-auto" action="{{.SignInLink}}" method="post">
- {{.CsrfTokenHtml}}
- <div class="required field {{if and (.Err_UserName) (or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeSignIn))}}error{{end}}">
- <label for="user_name">{{ctx.Locale.Tr "home.uname_holder"}}</label>
- <input id="user_name" type="text" name="user_name" value="{{.user_name}}" autofocus required>
- </div>
- {{if or (not .DisablePassword) .LinkAccountMode}}
- <div class="required field {{if and (.Err_Password) (or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeSignIn))}}error{{end}}">
- <label for="password">{{ctx.Locale.Tr "password"}}</label>
- <input id="password" name="password" type="password" value="{{.password}}" autocomplete="current-password" required>
- </div>
- {{end}}
- {{if not .LinkAccountMode}}
- <div class="inline field">
- <div class="ui checkbox">
- <label>{{ctx.Locale.Tr "auth.remember_me"}}</label>
- <input name="remember" type="checkbox">
- </div>
- </div>
- {{end}}
-
- {{template "user/auth/captcha" .}}
-
- <div class="field">
- <button class="ui primary button">
- {{if .LinkAccountMode}}
- {{ctx.Locale.Tr "auth.oauth_signin_submit"}}
- {{else}}
- {{ctx.Locale.Tr "sign_in"}}
- {{end}}
- </button>
- <a href="{{AppSubUrl}}/user/forgot_password">{{ctx.Locale.Tr "auth.forgot_password"}}</a>
- </div>
-
- {{if .ShowRegistrationButton}}
- <div class="field">
- <a href="{{AppSubUrl}}/user/sign_up">{{ctx.Locale.Tr "auth.sign_up_now"}}</a>
- </div>
- {{end}}
-
- {{if .OAuth2Providers}}
- <div class="divider divider-text">
- {{ctx.Locale.Tr "sign_in_or"}}
- </div>
- <div id="oauth2-login-navigator" class="tw-py-1">
- <div class="tw-flex tw-flex-col tw-justify-center">
- <div id="oauth2-login-navigator-inner" class="tw-flex tw-flex-col tw-flex-wrap tw-items-center tw-gap-2">
- {{range $provider := .OAuth2Providers}}
- <a class="{{$provider.Name}} ui button tw-flex tw-items-center tw-justify-center tw-py-2 tw-w-full oauth-login-link" href="{{AppSubUrl}}/user/oauth2/{{$provider.DisplayName}}">
- {{$provider.IconHTML 28}}
- {{ctx.Locale.Tr "sign_in_with_provider" $provider.DisplayName}}
- </a>
- {{end}}
+ <h4 class="ui top attached header center">
+ {{if .LinkAccountMode}}
+ {{ctx.Locale.Tr "auth.oauth_signin_title"}}
+ {{else}}
+ {{ctx.Locale.Tr "auth.login_userpass"}}
+ {{end}}
+ </h4>
+ <div class="ui attached segment">
+ <form class="ui form" action="{{.SignInLink}}" method="post">
+ {{.CsrfTokenHtml}}
+ <div class="required field {{if and (.Err_UserName) (or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeSignIn))}}error{{end}}">
+ <label for="user_name">{{ctx.Locale.Tr "home.uname_holder"}}</label>
+ <input id="user_name" type="text" name="user_name" value="{{.user_name}}" autofocus required>
</div>
- </div>
+ {{if or (not .DisablePassword) .LinkAccountMode}}
+ <div class="required field {{if and (.Err_Password) (or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeSignIn))}}error{{end}} form-field-content-aside-label">
+ <label for="password">{{ctx.Locale.Tr "password"}}</label>
+ <a href="{{AppSubUrl}}/user/forgot_password">{{ctx.Locale.Tr "auth.forgot_password"}}</a>
+ <input id="password" name="password" type="password" value="{{.password}}" autocomplete="current-password" required>
+ </div>
+ {{end}}
+ {{if not .LinkAccountMode}}
+ <div class="inline field">
+ <div class="ui checkbox">
+ <label>{{ctx.Locale.Tr "auth.remember_me"}}</label>
+ <input name="remember" type="checkbox">
+ </div>
+ </div>
+ {{end}}
+
+ {{template "user/auth/captcha" .}}
+
+ <div class="field">
+ <button class="ui primary button tw-w-full">
+ {{if .LinkAccountMode}}
+ {{ctx.Locale.Tr "auth.oauth_signin_submit"}}
+ {{else}}
+ {{ctx.Locale.Tr "sign_in"}}
+ {{end}}
+ </button>
+ </div>
+ </form>
+
+ {{template "user/auth/oauth_container" .}}
+ </div>
+</div>
+
+<div class="ui container fluid">
+ {{template "user/auth/webauthn_error" .}}
+
+ <div class="ui attached segment header top tw-max-w-2xl tw-m-auto tw-flex tw-flex-col tw-items-center">
+ <a class="signin-passkey">{{ctx.Locale.Tr "auth.signin_passkey"}}</a>
+
+ {{if .ShowRegistrationButton}}
+ <div class="field">
+ <span>{{ctx.Locale.Tr "auth.need_account"}}</span>
+ <a href="{{AppSubUrl}}/user/sign_up">{{ctx.Locale.Tr "auth.sign_up_now"}}</a>
+ </div>
+ {{end}}
</div>
- {{end}}
- </form>
</div>
diff --git a/templates/user/auth/signin_navbar.tmpl b/templates/user/auth/signin_navbar.tmpl
deleted file mode 100644
index 01b994b98..000000000
--- a/templates/user/auth/signin_navbar.tmpl
+++ /dev/null
@@ -1,24 +0,0 @@
-{{if or .EnableOpenIDSignIn .EnableSSPI}}
-<overflow-menu class="ui secondary pointing tabular top attached borderless menu navbar secondary-nav">
- <div class="overflow-menu-items tw-justify-center">
- <a class="{{if .PageIsLogin}}active {{end}}item" rel="nofollow" href="{{AppSubUrl}}/user/login">
- {{ctx.Locale.Tr "auth.tab_signin"}}
- </a>
- <a class="{{if .PageIsSignUp}}active{{end}} item" rel="nofollow" href="{{AppSubUrl}}/user/sign_up">
- {{ctx.Locale.Tr "auth.tab_signup"}}
- </a>
- {{if .EnableOpenIDSignIn}}
- <a class="{{if .PageIsLoginOpenID}}active {{end}}item" rel="nofollow" href="{{AppSubUrl}}/user/login/openid">
- {{svg "fontawesome-openid"}}
- {{ctx.Locale.Tr "auth.tab_openid"}}
- </a>
- {{end}}
- {{if .EnableSSPI}}
- <a class="item" rel="nofollow" href="{{AppSubUrl}}/user/login?auth_with_sspi=1">
- {{svg "fontawesome-windows"}}
- SSPI
- </a>
- {{end}}
- </div>
-</overflow-menu>
-{{end}}
diff --git a/templates/user/auth/signin_openid.tmpl b/templates/user/auth/signin_openid.tmpl
index c1f392dc1..20c7bdc92 100644
--- a/templates/user/auth/signin_openid.tmpl
+++ b/templates/user/auth/signin_openid.tmpl
@@ -1,35 +1,50 @@
{{template "base/head" .}}
<div role="main" aria-label="{{.Title}}" class="page-content user signin openid">
- {{template "user/auth/signin_navbar" .}}
- <div class="ui container">
- {{template "base/alert" .}}
- <h4 class="ui top attached header center">
- {{svg "fontawesome-openid"}}
- OpenID
- </h4>
- <div class="ui attached segment">
- <form class="ui form tw-m-auto" action="{{.Link}}" method="post">
- {{.CsrfTokenHtml}}
- <div class="inline field">
- {{ctx.Locale.Tr "auth.openid_signin_desc"}}
- </div>
- <div class="required field {{if .Err_OpenID}}error{{end}}">
- <label for="openid">
- {{svg "fontawesome-openid"}}
- OpenID URI
- </label>
- <input id="openid" name="openid" value="{{.openid}}" autofocus required>
- </div>
- <div class="inline field">
- <div class="ui checkbox">
- <label>{{ctx.Locale.Tr "auth.remember_me"}}</label>
- <input name="remember" type="checkbox">
+ <div class="ui middle very relaxed page grid">
+ <div class="column tw-flex tw-flex-col tw-gap-4 tw-max-w-2xl tw-m-auto">
+ <a href="{{AppSubUrl}}/user/login" class="tw-mx-auto">
+ <img width="100" height="100" src="{{AssetUrlPrefix}}/img/logo.svg" alt="{{ctx.Locale.Tr "logo"}}">
+ </a>
+
+ <div class="ui container fluid">
+ {{template "base/alert" .}}
+ <h4 class="ui top attached header center">
+ {{svg "fontawesome-openid"}}
+ OpenID
+ </h4>
+ <div class="ui attached segment">
+ <form class="ui form tw-m-auto" action="{{.Link}}" method="post">
+ {{.CsrfTokenHtml}}
+ <div class="inline field">
+ {{ctx.Locale.Tr "auth.openid_signin_desc"}}
+ </div>
+ <div class="required field {{if .Err_OpenID}}error{{end}}">
+ <label for="openid">
+ {{svg "fontawesome-openid"}}
+ OpenID URI
+ </label>
+ <input id="openid" name="openid" value="{{.openid}}" autofocus required>
+ </div>
+ <div class="inline field">
+ <div class="ui checkbox">
+ <label>{{ctx.Locale.Tr "auth.remember_me"}}</label>
+ <input name="remember" type="checkbox">
+ </div>
+ </div>
+ <div class="inline field">
+ <button class="ui primary button tw-w-full">{{ctx.Locale.Tr "sign_in"}}</button>
+ </div>
+ </form>
</div>
</div>
- <div class="inline field">
- <button class="ui primary button">{{ctx.Locale.Tr "sign_in"}}</button>
+
+ <div class="ui container fluid">
+ {{template "user/auth/webauthn_error" .}}
+
+ <div class="ui attached segment header top tw-flex tw-flex-col tw-items-center">
+ <a href="{{AppSubUrl}}/user/login">{{ctx.Locale.Tr "auth.back_to_sign_in"}}</a>
+ </div>
</div>
- </form>
</div>
</div>
</div>
diff --git a/templates/user/auth/signup.tmpl b/templates/user/auth/signup.tmpl
index f238413ce..1ce3934f8 100644
--- a/templates/user/auth/signup.tmpl
+++ b/templates/user/auth/signup.tmpl
@@ -1,8 +1,9 @@
{{template "base/head" .}}
<div role="main" aria-label="{{.Title}}" class="page-content user signin{{if .LinkAccountMode}} icon{{end}}">
- {{template "user/auth/signin_navbar" .}}
<div class="ui middle very relaxed page grid">
- {{template "user/auth/signup_inner" .}}
+ <div class="column tw-flex tw-flex-col tw-gap-4 tw-max-w-2xl tw-m-auto">
+ {{template "user/auth/signup_inner" .}}
+ </div>
</div>
</div>
{{template "base/footer" .}}
diff --git a/templates/user/auth/signup_inner.tmpl b/templates/user/auth/signup_inner.tmpl
index bdb691d83..08507e545 100644
--- a/templates/user/auth/signup_inner.tmpl
+++ b/templates/user/auth/signup_inner.tmpl
@@ -1,4 +1,4 @@
-<div class="ui container column fluid{{if .LinkAccountMode}} icon{{end}}">
+<div class="ui container fluid{{if .LinkAccountMode}} icon{{end}}">
<h4 class="ui top attached header center">
{{if .LinkAccountMode}}
{{ctx.Locale.Tr "auth.oauth_signup_title"}}
@@ -7,7 +7,7 @@
{{end}}
</h4>
<div class="ui attached segment">
- <form class="ui form tw-max-w-2xl tw-m-auto" action="{{.SignUpLink}}" method="post">
+ <form class="ui form" action="{{.SignUpLink}}" method="post">
{{.CsrfTokenHtml}}
{{if or (not .LinkAccountMode) (and .LinkAccountMode .LinkAccountModeRegister)}}
{{template "base/alert" .}}
@@ -38,7 +38,7 @@
{{template "user/auth/captcha" .}}
<div class="inline field">
- <button class="ui primary button">
+ <button class="ui primary button tw-w-full">
{{if .LinkAccountMode}}
{{ctx.Locale.Tr "auth.oauth_signup_submit"}}
{{else}}
@@ -46,31 +46,20 @@
{{end}}
</button>
</div>
-
- {{if not .LinkAccountMode}}
- <div class="inline field">
- <a href="{{AppSubUrl}}/user/login">{{ctx.Locale.Tr "auth.register_helper_msg"}}</a>
- </div>
- {{end}}
{{end}}
- {{if .OAuth2Providers}}
- <div class="divider divider-text">
- {{ctx.Locale.Tr "sign_in_or"}}
- </div>
- <div id="oauth2-login-navigator" class="tw-py-1">
- <div class="tw-flex tw-flex-col tw-justify-center">
- <div id="oauth2-login-navigator-inner" class="tw-flex tw-flex-col tw-flex-wrap tw-items-center tw-gap-2">
- {{range $provider := .OAuth2Providers}}
- <a class="{{$provider.Name}} ui button tw-flex tw-items-center tw-justify-center tw-py-2 tw-w-full oauth-login-link" href="{{AppSubUrl}}/user/oauth2/{{$provider.DisplayName}}">
- {{$provider.IconHTML 28}}
- {{ctx.Locale.Tr "sign_in_with_provider" $provider.DisplayName}}
- </a>
- {{end}}
- </div>
- </div>
- </div>
- {{end}}
+ {{template "user/auth/oauth_container" .}}
</form>
</div>
</div>
+
+<div class="ui container fluid">
+ <div class="ui attached segment header top tw-flex tw-flex-col tw-items-center">
+ {{if not .LinkAccountMode}}
+ <div class="field">
+ <span>{{ctx.Locale.Tr "auth.already_have_account"}}</span>
+ <a href="{{AppSubUrl}}/user/login">{{ctx.Locale.Tr "auth.sign_in_now"}}</a>
+ </div>
+ {{end}}
+ </div>
+</div>
diff --git a/web_src/css/form.css b/web_src/css/form.css
index dd2788f54..44b096a5e 100644
--- a/web_src/css/form.css
+++ b/web_src/css/form.css
@@ -448,6 +448,24 @@ textarea:focus,
}
}
+/* form fields with additional content besides their label, used on login form
+ * use like <div class="field"><label/><a/><input/></div> */
+.form-field-content-aside-label {
+ display: grid;
+ grid-template-columns: 1fr 1fr;
+}
+.form-field-content-aside-label > *:nth-child(2) {
+ text-align: right;
+ margin-bottom: 4px;
+}
+.form-field-content-aside-label input {
+ grid-column: span 2;
+}
+
+.ui.form .field > .selection.dropdown {
+ min-width: 14em; /* matches the default min width */
+}
+
.new.webhook form .help {
margin-left: 25px;
}