fix(login): fix back button on 2fa screen to allow username change (#11125)

# Which Problems Are Solved As reported to support, the back button on the various 2FA pages in login V1 opened the default redirect URI, which likely started a new auth request (e.g. from Console). # How the Problems Are Solved Change the back buttons to navigate to the login screen again, where a user can change the username. Additionally, the back button has been added to the U2F verification screen. # Additional Changes None # Additional Context - from support - backport to v4 (cherry picked from commit dfe064f902)
2025-12-12 18:12:22 +00:00 · 2025-12-09 13:37:26 +01:00
parent 4aa25347c3
commit 1c3b447dde
3 changed files with 6 additions and 2 deletions
--- a/internal/api/ui/login/static/templates/mfa_verification_u2f.html
+++ b/internal/api/ui/login/static/templates/mfa_verification_u2f.html
@@ -26,6 +26,10 @@
    {{ template "error-message" .}}

    <div class="lgn-actions" id="webauthn">
+        <!-- position element in header -->
+        <a class="lgn-icon-button lgn-left-action" href="{{ loginNameChangeUrl .AuthReqID }}">
+            <i class="lgn-icon-arrow-left-solid"></i>
+        </a>
        <span class="fill-space"></span>
        <a id="btn-login" class="lgn-raised-button lgn-primary wa-support">{{t "VerifyMFAU2F.ValidateTokenButtonText"}}</a>
    </div>
--- a/internal/api/ui/login/static/templates/mfa_verify_otp.html
+++ b/internal/api/ui/login/static/templates/mfa_verify_otp.html
@@ -24,7 +24,7 @@

    <div class="lgn-actions lgn-reverse-order">
        <!-- position element in header -->
-        <a class="lgn-icon-button lgn-left-action" href="{{ loginUrl }}">
+        <a class="lgn-icon-button lgn-left-action" href="{{ loginNameChangeUrl .AuthReqID }}">
            <i class="lgn-icon-arrow-left-solid"></i>
        </a>
        <button class="lgn-raised-button lgn-primary" id="submit-button" type="submit">{{t "VerifyOTP.NextButtonText"}}</button>
--- a/internal/api/ui/login/static/templates/mfa_verify_totp.html
+++ b/internal/api/ui/login/static/templates/mfa_verify_totp.html
@@ -24,7 +24,7 @@

    <div class="lgn-actions">
        <!-- position element in header -->
-        <a class="lgn-icon-button lgn-left-action" href="{{ loginUrl }}">
+        <a class="lgn-icon-button lgn-left-action" href="{{ loginNameChangeUrl .AuthReqID }}">
            <i class="lgn-icon-arrow-left-solid"></i>
        </a>
        <span class="fill-space"></span>