Add Toast Messages for Bad Logins by rosenjcb · Pull Request #1874 · LemmyNet/lemmy-ui
github.com
Description Right now if you try to login and you provide an unknown username/email or a wrong password, you will get no toast message. This PR adds toast messages for those scenarios and uses the ...

Let’s gooooooooo

  • eroc1990@lemmy.parastor.netEnglish
    0·
    1 year ago

    Not a bad idea! The attack vector issue they mention in the PR comments is valid, though. Not displaying those errors gives an attacker no confirmation that a user whose account they’re trying to attack exists, if they’re trying known used passwords. But good on you doing what you can to contribute to the project!

    • Venator@kbin.social
      1·
      1 year ago

      There should be an error, but it shouldn’t say whether it was the email or password that was wrong.

    • rosenjcb@lemmy.worldOPEnglish
      0·
      1 year ago

      Sounds like a cool feature. I’m honestly down for doing a good chunk of lemmy-ui dev work as I’m kind of getting rusty in React with my new job being strictly backend these days.

      • (des)mosthenes@lemmy.worldEnglish
        0·
        1 year ago

        I might look into it myself, definitely curious but i’m always cautious with open source projects when committing a decently sized PR - yea that’s a great way to keep the knives sharp

        • aaaantoine@lemmy.worldEnglish
          0·
          1 year ago

          If the size of the PR is a concern, maybe the maintainers will allow a staged approach. Create an Issue describing the feature and indicate step by step how you would implement. Then break the work into multiple pull requests.

          If necessary, you could introduce a toggle that’s switched off by default until the feature is fully implemented.