Port login page to preact

[mtomilov]

Refs #9588

Here we port login page to react in a hybrid way.
React app renders the form, but we actually submit it. And POST request is handled by the backend.
Login form controller is mostly based on group form controller.
For now it only affects regular login and open authorization popup login still uses Jinja2 for easier porting, which we'll address next.
Reusable components like text field will need to be lifted up from group form app.

Testing

• Go to /login page
• Try logging with valid and invalid credentials
• Go to /login?for_oauth=true page
• Try logging with valid and invalid credentials to make sure it continues to work as before

[robertknight]

For the files which are re-used unchanged from the group forms app, I would suggest to simply re-import them from there for the moment. One of the frontend devs can then look at moving them to a shared directory and adjusting the tests etc.

[mtomilov]

For the files which are re-used unchanged from the group forms app, I would suggest to simply re-import them from there for the moment. One of the frontend devs can then look at moving them to a shared directory and adjusting the tests etc.

Thank you. I was going to lift them up to /scripts, but sure not problem.
Duplicated them for draft because I wanted to make sure that I can reuse them as is.

[mtomilov]

We need to make some changes for text properties because we actually submit this React form, not make API calls from here.

[mtomilov]

And this is field validation error we get from backend login schema.
I've tried to make regular input error work but unfortunately it seems to be designed for in-place submit validation, not when the error is coming from the outside.

[mtomilov]

Conditionally rendering the field error

[mtomilov]

This works, but I'm not a fan. Maybe we actually need a separate text field for login/signup form, but the changes seem to be minor, so I'm not sure.

[robertknight]

You can set these fields but use the value undefined and they won't appear in the HTML:

diff --git a/h/static/scripts/group-forms/components/forms/TextField.tsx b/h/static/scripts/group-forms/components/forms/TextField.tsx
index 0925b7177..bea45fcfe 100644
--- a/h/static/scripts/group-forms/components/forms/TextField.tsx
+++ b/h/static/scripts/group-forms/components/forms/TextField.tsx
@@ -78,7 +78,7 @@ export type TextFieldProps = {
  */
 export default function TextField({
   type = 'input',
-  inputType = 'text',
+  inputType,
   value,
   onChangeValue,
   minLength = 0,
@@ -87,7 +87,7 @@ export default function TextField({
   required = false,
   autofocus = false,
   classes = '',
-  name = '',
+  name,
   fieldError = '',
 }: TextFieldProps) {
   const id = useId();
@@ -131,8 +131,8 @@ export default function TextField({
         autofocus={autofocus}
         autocomplete="off"
         required={required}
-        {...(name ? { name: name } : {})}
-        {...(inputType === 'password' ? { type: 'password' } : {})}
+        name={name}
+        type={inputType}
       />
       {typeof maxLength === 'number' && (
         <CharacterCounter

[mtomilov]

Perfect, thank you!

[mtomilov]

I'm thinking to extend this with sign up route in the switch when we get to that rather than creating a new sign up react app.

[robertknight]

Yes, I think that will make sense.

[mtomilov]

Setting csrf token from js config on the form for pyramid.

[mtomilov]

This mostly follows what we have in group jinja2 html template.

[mtomilov]

Splitting these two routes for now to limit the scope of this PR.
So, regular login is covered by React app and open authorization login is covered by Jinja2 at this point.

[mtomilov]

Reusing group form styles because basically these are just tailwind styles, which is exactly the same we need for login form.

[robertknight]

Something to know about how Tailwind works is that it scans a specified set of files looking for Tailwind classes that are used and only generates those styles in the CSS. The set of files that are scanned includes all of our TSX files under h/static/scripts, so re-using the CSS here will work. It will probably make sense to rename this bundle to something more general.

[mtomilov]

Sure, renamed to forms.css

[mtomilov]

We need to pass back both form errors and form data for pre-fill if backend POST validation fails.
Again, this is a separate route to take care of regular POST login for now.
I'm using camel case here because this data is prepared by backend but used by frontend.

[mtomilov]

Since login form is now rendered by React, we need to make POST request here for login, taking csrf token from HTML page body.

[robertknight]

For the benefit of non-developers, the old login screen:

New login screen:

[robertknight]

This is looking good overall from an initial glance. I think we should remove the visible "required" markers from the fields in this form, though we will need to keep the required attribute on the form field. This will require a small change to the TextField API.

[robertknight]

You can set these fields but use the value undefined and they won't appear in the HTML:

diff --git a/h/static/scripts/group-forms/components/forms/TextField.tsx b/h/static/scripts/group-forms/components/forms/TextField.tsx
index 0925b7177..bea45fcfe 100644
--- a/h/static/scripts/group-forms/components/forms/TextField.tsx
+++ b/h/static/scripts/group-forms/components/forms/TextField.tsx
@@ -78,7 +78,7 @@ export type TextFieldProps = {
  */
 export default function TextField({
   type = 'input',
-  inputType = 'text',
+  inputType,
   value,
   onChangeValue,
   minLength = 0,
@@ -87,7 +87,7 @@ export default function TextField({
   required = false,
   autofocus = false,
   classes = '',
-  name = '',
+  name,
   fieldError = '',
 }: TextFieldProps) {
   const id = useId();
@@ -131,8 +131,8 @@ export default function TextField({
         autofocus={autofocus}
         autocomplete="off"
         required={required}
-        {...(name ? { name: name } : {})}
-        {...(inputType === 'password' ? { type: 'password' } : {})}
+        name={name}
+        type={inputType}
       />
       {typeof maxLength === 'number' && (
         <CharacterCounter

[robertknight]

Yes, I think that will make sense.

[robertknight]

For a login form I think it is sufficiently obvious that the username and password are required that we can omit this visual indicator. We do need to make sure that the required field is still set on the <input> though.

[mtomilov]

Yep, should've made it the same as the original form rather than taking that from group form. Thanks.

[robertknight]

I think it will make sense to re-use the readConfig function from the group forms module, and make that generic, but this can be done as part of some refactoring after this lands.

[robertknight]

I suspect we can simplify things for ourselves by removing the use of shadow DOM in this form, but that's out of scope for this PR.

[robertknight]

This file appears to be unused.

[mtomilov]

Yep, removed

[robertknight]

Something to know about how Tailwind works is that it scans a specified set of files looking for Tailwind classes that are used and only generates those styles in the CSS. The set of files that are scanned includes all of our TSX files under h/static/scripts, so re-using the CSS here will work. It will probably make sense to rename this bundle to something more general.

[mtomilov]

This is looking good overall from an initial glance. I think we should remove the visible "required" markers from the fields in this form, though we will need to keep the required attribute on the form field. This will require a small change to the TextField API.

Added separate showRequired argument, defaulting to required which we set in LoginForm.
Probably we want opt-out behavior for the indication here.