Closed DL6ER closed 3 months ago
This is a nice idea. I only fear that the hint is not strong enough. Could we have this warning as a preceding modal that allows to cancel or proceed (to the actual app password modal) and requires an active click to continue?
Screenshots:
On midnight and high contrast dark theme the cross is hard to see
Fixed.
Why do those two buttons have different colors? Is one more important than the other?
I don't know why they were created like this, but I don't mind the different colors in this case. Maybe someone else has an explanation for the colors.
If no app password is currently set, we should not show the button to remove it.
I agree. Actually, the app password is always generated when this modal is opened:
https://github.com/pi-hole/FTL/blob/0367117cad371bb9cbe41dfd0ead69c39e8e5192/src/api/api.c#L39
https://github.com/pi-hole/FTL/blob/0367117cad371bb9cbe41dfd0ead69c39e8e5192/src/api/2fa.c#L312-L338
Actually, the app password is always generated when this modal is opened:
Mhh.. sure, it must be generated already to show it to the user. But is it already saved when the modal is opened?
But is it already saved when the modal is opened?
I'm not sure. Maybe @DL6ER can answer this question.
Actually, the app password is always generated when this modal is opened
Mhh.. sure, it must be generated already to show it to the user. But is it already saved when the modal is opened?
Yes and No. It is only saved (and, hence, made active) once the user confirms this.
Maybe someone else has an explanation for the colors.
Enable 2FA
is green as it is "good" (as in: it enhances security, especially with very simple passwords). App passwords, on the other hand, are neutral in terms of security (as long as they are kept secret it's basically impossible to brute-force it due to its design complexity and a cryptographically secure source of randomness used to generate it).
What does this implement/fix?
See title.
No app password is set
App password is already set
Related issue or feature (if applicable): N/A
Pull request in docs with documentation (if applicable): N/A
By submitting this pull request, I confirm the following:
git rebase
)Checklist:
developmental
branch.