Opened 3 years ago

Last modified 12 months ago

#12641 reopened enhancement

Proposed Tutorial on Login forms

Reported by: neek Owned by: neek
Priority: high Milestone: tbd
Component: Documentation Version: 1.6.0
Keywords: Cc: iTorrey, sfoster, dylanks
Blocked by: Blocking:

Description

The issue of implementing a login form that triggers browser username/password autocompletion is a thorny subject. This is different to simply setting autocomplete=true on <input> fields.. the browser will still refuse to recognise it's a password submission, and offer to remember the username/password combination, if the fields were created dynamically.

The solution seems to be to:

  • have the <form> and <input> fields it contains be loaded as plain html in the initial page load
  • submit the form using traditional form submission

This means one cannot:

  • use any _Templated dijits
  • use ajax to submit the logon attempt

However, one _can_ have the contents in a _Templated dijit, thus building it into a dojo-esque user interface, using a little dojo.place() trickery.

  • let the content be loaded with visibility:hidden and display:none as a direct child of <body>
  • when required, dojo.place() it into the dijit of your choice
  • if dijit is destroyed, dojo.place() it back to body.
  • allow form submission to go ahead as normal.

http://dojo-sandbox.net/public/3046c/2 is a rough example of how to move the controls into a dijit.Dialog. The form submission won't work, but you can close/reopen the Dialog and it'll move the controls to/from the Dialog properly.

Main problems people will see with this are:

  • the controls are not dijits and so do not get themed
  • I found that when creating dijits in the hiddenLogin div, when they are dojo.place()'d back to body and then used again (i.e. open/close/open the dialog) their UI disappeared. e.g. http://dojo-sandbox.net/public/3046c/3 .. this might work with a little prodding, but I think then the browser wouldn't store the username/password as they would no longer be the original <input> fields being submitted. Perhaps people would suggest a workaround with hidden textboxes?
  • cannot do dojo.xhrPost or similar ajax logon, so must completely re-load app, breaking single-page-per-app paradigm. However, because one would want to post to a https:// scheme and stay on https, and the app would most likely be loaded from http://, this might be seen as acceptable.

What do people think? Is this the right approach, and a suitable basis for a Tutorial?

Change History (4)

comment:1 Changed 13 months ago by dylan

  • Cc changed from iTorrey,sfoster to iTorrey, sfoster
  • Owner set to neek
  • Status changed from new to pending

Would need an update to AMD, but yes, could see something like this being useful for a tutorial.

Let me know if you have interest creating one, and I can work with you to get it on the site when it's ready.

Note, I'm getting married this month, so my availability will be limited until May.

comment:2 Changed 12 months ago by trac-o-bot

  • Resolution set to invalid
  • Status changed from pending to closed

Because we get so many tickets, we often need to return them to the initial reporter for more information. If that person does not reply within 14 days, the ticket will automatically be closed, and that has happened in this case. If you still are interested in pursuing this issue, feel free to add a comment with the requested information and we will be happy to reopen the ticket if it is still valid. Thanks!

comment:3 Changed 12 months ago by neek

I'd be interested in pursuing this. I'm crazy busy with work at the moment. Suggest we keep this open for the time being, glad to hear the dojo team is interested in this contribution.

Is there a guideline doc for formatting etc of modern tutorials? The dojotoolkit.com/documentation page has changed since I last saw things. I've contributed to the livedocs.dojotoolkit.org and am familiar with that syntax and codeglass. Given enough time I would probably put together a basic tutorial on this subject.

comment:4 Changed 12 months ago by bill

  • Cc dylanks added
  • Resolution invalid deleted
  • Status changed from closed to reopened

OK, guess we should reopen, not that it matters much, because you don't need a ticket to submit a tutorial.

There is a certain format to tutorials but I don't know where (if anywhere) it's documented. Maybe Dylan can answer.

Last edited 12 months ago by bill (previous) (diff)
Note: See TracTickets for help on using tickets.