Show warning if user already set an application password

[DL6ER]

What does this implement/fix?

See title.

No app password is set

App password is already set

---

Related issue or feature (if applicable): N/A

Pull request in docs with documentation (if applicable): N/A

---

By submitting this pull request, I confirm the following:

1. I have read and understood the contributors guide, as well as this entire template. I understand which branch to base my commits and Pull Requests against.
2. I have commented my proposed changes within the code.
3. I am willing to help maintain this change if there are issues with it later.
4. It is compatible with the EUPL 1.2 license
5. I have squashed any insignificant commits. (git rebase)

Checklist:

• [x] The code change is tested and works locally.
• [x] I based my code and PRs against the repositories developmental branch.
• [x] I signed off all commits. Pi-hole enforces the DCO for all contributions
• [x] I signed all my commits. Pi-hole requires signatures to verify authorship
• [x] I have read the above and my PR is ready for review.

[yubiuser]

This is a nice idea. I only fear that the hint is not strong enough. Could we have this warning as a preceding modal that allows to cancel or proceed (to the actual app password modal) and requires an active click to continue?

[rdwebdesign]

Screenshots:

[rdwebdesign]

1.

On midnight and high contrast dark theme the cross is hard to see

Fixed.

2.

Why do those two buttons have different colors? Is one more important than the other?

I don't know why they were created like this, but I don't mind the different colors in this case. Maybe someone else has an explanation for the colors.

3.

If no app password is currently set, we should not show the button to remove it.

I agree. Actually, the app password is always generated when this modal is opened: https://github.com/pi-hole/FTL/blob/0367117cad371bb9cbe41dfd0ead69c39e8e5192/src/api/api.c#L39

https://github.com/pi-hole/FTL/blob/0367117cad371bb9cbe41dfd0ead69c39e8e5192/src/api/2fa.c#L312-L338

[yubiuser]

Actually, the app password is always generated when this modal is opened:

Mhh.. sure, it must be generated already to show it to the user. But is it already saved when the modal is opened?

[rdwebdesign]

But is it already saved when the modal is opened?

I'm not sure. Maybe @DL6ER can answer this question.

[DL6ER]

Actually, the app password is always generated when this modal is opened

Mhh.. sure, it must be generated already to show it to the user. But is it already saved when the modal is opened?

Yes and No. It is only saved (and, hence, made active) once the user confirms this.

Maybe someone else has an explanation for the colors.

Enable 2FA is green as it is "good" (as in: it enhances security, especially with very simple passwords). App passwords, on the other hand, are neutral in terms of security (as long as they are kept secret it's basically impossible to brute-force it due to its design complexity and a cryptographically secure source of randomness used to generate it).