forked from fedi/mastodon
9f4930ec11
Fixes #20067 Our password autocomplete hints were “off” but that does not prevent current browsers from trying to autocomplete them anyway, so use `current-password` and `new-password` so they don't put a newly-generated password in a password confirmation prompt, or the old password for a password renewal prompt.
21 lines
1.2 KiB
Plaintext
21 lines
1.2 KiB
Plaintext
- content_for :page_title do
|
|
= t('auth.set_new_password')
|
|
|
|
= simple_form_for(resource, as: resource_name, url: password_path(resource_name), html: { method: :put, novalidate: false }) do |f|
|
|
= render 'shared/error_messages', object: resource
|
|
|
|
- if !use_seamless_external_login? || resource.encrypted_password.present?
|
|
= f.input :reset_password_token, as: :hidden
|
|
|
|
.fields-group
|
|
= f.input :password, wrapper: :with_label, autofocus: true, label: t('simple_form.labels.defaults.new_password'), input_html: { 'aria-label' => t('simple_form.labels.defaults.new_password'), :autocomplete => 'new-password', :minlength => User.password_length.first, :maxlength => User.password_length.last }, required: true
|
|
.fields-group
|
|
= f.input :password_confirmation, wrapper: :with_label, label: t('simple_form.labels.defaults.confirm_new_password'), input_html: { 'aria-label' => t('simple_form.labels.defaults.confirm_new_password'), :autocomplete => 'new-password' }, required: true
|
|
|
|
.actions
|
|
= f.button :button, t('auth.set_new_password'), type: :submit
|
|
- else
|
|
%p.hint= t('users.seamless_external_login')
|
|
|
|
.form-footer= render 'auth/shared/links'
|