From 41560274c129aaa5c7273b21c31713fa008e2664 Mon Sep 17 00:00:00 2001
From: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Date: Fri, 18 Jun 2021 10:31:53 +0200
Subject: [PATCH] fix: err id as title (shown on hover) (#1895)

---
 internal/ui/login/handler/change_password_handler.go   |  6 +++---
 internal/ui/login/handler/external_login_handler.go    |  6 +++---
 internal/ui/login/handler/init_password_handler.go     |  6 +++---
 internal/ui/login/handler/init_user_handler.go         |  6 +++---
 internal/ui/login/handler/login_handler.go             |  6 +++---
 internal/ui/login/handler/login_success_handler.go     |  6 +++---
 internal/ui/login/handler/mail_verify_handler.go       |  6 +++---
 internal/ui/login/handler/mfa_init_u2f.go              |  6 +++---
 internal/ui/login/handler/mfa_init_verify_handler.go   |  6 +++---
 internal/ui/login/handler/mfa_prompt_handler.go        |  6 +++---
 internal/ui/login/handler/mfa_verify_handler.go        |  6 +++---
 internal/ui/login/handler/mfa_verify_u2f_handler.go    |  6 +++---
 internal/ui/login/handler/password_handler.go          |  6 +++---
 internal/ui/login/handler/password_reset_handler.go    |  6 +++---
 .../ui/login/handler/passwordless_login_handler.go     |  6 +++---
 internal/ui/login/handler/register_handler.go          |  6 +++---
 internal/ui/login/handler/register_option_handler.go   |  6 +++---
 internal/ui/login/handler/register_org_handler.go      |  6 +++---
 internal/ui/login/handler/renderer.go                  | 10 +++++-----
 internal/ui/login/handler/username_change_handler.go   |  6 +++---
 internal/ui/login/static/templates/error-message.html  |  4 ++--
 21 files changed, 64 insertions(+), 64 deletions(-)

diff --git a/internal/ui/login/handler/change_password_handler.go b/internal/ui/login/handler/change_password_handler.go
index f15ddf91f4..9a8adf8213 100644
--- a/internal/ui/login/handler/change_password_handler.go
+++ b/internal/ui/login/handler/change_password_handler.go
@@ -35,12 +35,12 @@ func (l *Login) handleChangePassword(w http.ResponseWriter, r *http.Request) {
 }
 
 func (l *Login) renderChangePassword(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	data := passwordData{
-		baseData:    l.getBaseData(r, authReq, "Change Password", errType, errMessage),
+		baseData:    l.getBaseData(r, authReq, "Change Password", errID, errMessage),
 		profileData: l.getProfileData(authReq),
 	}
 	policy, description, _ := l.getPasswordComplexityPolicy(r, authReq.UserOrgID)
diff --git a/internal/ui/login/handler/external_login_handler.go b/internal/ui/login/handler/external_login_handler.go
index 47bd938260..62671e3df3 100644
--- a/internal/ui/login/handler/external_login_handler.go
+++ b/internal/ui/login/handler/external_login_handler.go
@@ -141,12 +141,12 @@ func (l *Login) handleExternalUserAuthenticated(w http.ResponseWriter, r *http.R
 }
 
 func (l *Login) renderExternalNotFoundOption(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	data := externalNotFoundOptionData{
-		baseData: l.getBaseData(r, authReq, "ExternalNotFoundOption", errType, errMessage),
+		baseData: l.getBaseData(r, authReq, "ExternalNotFoundOption", errID, errMessage),
 	}
 	l.renderer.RenderTemplate(w, r, l.renderer.Templates[tmplExternalNotFoundOption], data, nil)
 }
diff --git a/internal/ui/login/handler/init_password_handler.go b/internal/ui/login/handler/init_password_handler.go
index 882f145334..608353209a 100644
--- a/internal/ui/login/handler/init_password_handler.go
+++ b/internal/ui/login/handler/init_password_handler.go
@@ -96,16 +96,16 @@ func (l *Login) resendPasswordSet(w http.ResponseWriter, r *http.Request, authRe
 }
 
 func (l *Login) renderInitPassword(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, userID, code string, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	if userID == "" && authReq != nil {
 		userID = authReq.UserID
 	}
 
 	data := initPasswordData{
-		baseData:    l.getBaseData(r, authReq, "Init Password", errType, errMessage),
+		baseData:    l.getBaseData(r, authReq, "Init Password", errID, errMessage),
 		profileData: l.getProfileData(authReq),
 		UserID:      userID,
 		Code:        code,
diff --git a/internal/ui/login/handler/init_user_handler.go b/internal/ui/login/handler/init_user_handler.go
index b4a32692d7..1b6dbda8d2 100644
--- a/internal/ui/login/handler/init_user_handler.go
+++ b/internal/ui/login/handler/init_user_handler.go
@@ -90,15 +90,15 @@ func (l *Login) resendUserInit(w http.ResponseWriter, r *http.Request, authReq *
 }
 
 func (l *Login) renderInitUser(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, userID, code string, passwordSet bool, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	if authReq != nil {
 		userID = authReq.UserID
 	}
 	data := initUserData{
-		baseData:    l.getBaseData(r, authReq, "Init User", errType, errMessage),
+		baseData:    l.getBaseData(r, authReq, "Init User", errID, errMessage),
 		profileData: l.getProfileData(authReq),
 		UserID:      userID,
 		Code:        code,
diff --git a/internal/ui/login/handler/login_handler.go b/internal/ui/login/handler/login_handler.go
index 2915e356ac..163aa014bd 100644
--- a/internal/ui/login/handler/login_handler.go
+++ b/internal/ui/login/handler/login_handler.go
@@ -64,11 +64,11 @@ func (l *Login) handleLoginNameCheck(w http.ResponseWriter, r *http.Request) {
 }
 
 func (l *Login) renderLogin(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
-	data := l.getUserData(r, authReq, "Login", errType, errMessage)
+	data := l.getUserData(r, authReq, "Login", errID, errMessage)
 	funcs := map[string]interface{}{
 		"hasUsernamePasswordLogin": func() bool {
 			return authReq.LoginPolicy != nil && authReq.LoginPolicy.AllowUsernamePassword
diff --git a/internal/ui/login/handler/login_success_handler.go b/internal/ui/login/handler/login_success_handler.go
index a25be5ba70..8712959f81 100644
--- a/internal/ui/login/handler/login_success_handler.go
+++ b/internal/ui/login/handler/login_success_handler.go
@@ -31,12 +31,12 @@ func (l *Login) handleLoginSuccess(w http.ResponseWriter, r *http.Request) {
 }
 
 func (l *Login) renderSuccessAndCallback(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	data := loginSuccessData{
-		userData: l.getUserData(r, authReq, "Login Successful", errType, errMessage),
+		userData: l.getUserData(r, authReq, "Login Successful", errID, errMessage),
 	}
 	if authReq != nil {
 		data.RedirectURI = l.oidcAuthCallbackURL
diff --git a/internal/ui/login/handler/mail_verify_handler.go b/internal/ui/login/handler/mail_verify_handler.go
index 9b3c47772c..e577b3c953 100644
--- a/internal/ui/login/handler/mail_verify_handler.go
+++ b/internal/ui/login/handler/mail_verify_handler.go
@@ -69,15 +69,15 @@ func (l *Login) checkMailCode(w http.ResponseWriter, r *http.Request, authReq *d
 }
 
 func (l *Login) renderMailVerification(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, userID string, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	if userID == "" {
 		userID = authReq.UserID
 	}
 	data := mailVerificationData{
-		baseData:    l.getBaseData(r, authReq, "Mail Verification", errType, errMessage),
+		baseData:    l.getBaseData(r, authReq, "Mail Verification", errID, errMessage),
 		UserID:      userID,
 		profileData: l.getProfileData(authReq),
 	}
diff --git a/internal/ui/login/handler/mfa_init_u2f.go b/internal/ui/login/handler/mfa_init_u2f.go
index 9859909e86..4c8abbf4ce 100644
--- a/internal/ui/login/handler/mfa_init_u2f.go
+++ b/internal/ui/login/handler/mfa_init_u2f.go
@@ -19,20 +19,20 @@ type u2fInitData struct {
 }
 
 func (l *Login) renderRegisterU2F(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, err error) {
-	var errType, errMessage, credentialData string
+	var errID, errMessage, credentialData string
 	var u2f *domain.WebAuthNToken
 	if err == nil {
 		u2f, err = l.command.HumanAddU2FSetup(setContext(r.Context(), authReq.UserOrgID), authReq.UserID, authReq.UserOrgID, true)
 	}
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	if u2f != nil {
 		credentialData = base64.RawURLEncoding.EncodeToString(u2f.CredentialCreationData)
 	}
 	data := &u2fInitData{
 		webAuthNData: webAuthNData{
-			userData:               l.getUserData(r, authReq, "Register WebAuthNToken", errType, errMessage),
+			userData:               l.getUserData(r, authReq, "Register WebAuthNToken", errID, errMessage),
 			CredentialCreationData: credentialData,
 		},
 		MFAType: model.MFATypeU2F,
diff --git a/internal/ui/login/handler/mfa_init_verify_handler.go b/internal/ui/login/handler/mfa_init_verify_handler.go
index 14f85be166..ab68f1ff4a 100644
--- a/internal/ui/login/handler/mfa_init_verify_handler.go
+++ b/internal/ui/login/handler/mfa_init_verify_handler.go
@@ -65,11 +65,11 @@ func (l *Login) handleOTPVerify(w http.ResponseWriter, r *http.Request, authReq
 }
 
 func (l *Login) renderMFAInitVerify(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, data *mfaVerifyData, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
-	data.baseData = l.getBaseData(r, authReq, "MFA Init Verify", errType, errMessage)
+	data.baseData = l.getBaseData(r, authReq, "MFA Init Verify", errID, errMessage)
 	data.profileData = l.getProfileData(authReq)
 	if data.MFAType == domain.MFATypeOTP {
 		code, err := generateQrCode(data.otpData.Url)
diff --git a/internal/ui/login/handler/mfa_prompt_handler.go b/internal/ui/login/handler/mfa_prompt_handler.go
index 54bf3bb83e..5cec5fcd67 100644
--- a/internal/ui/login/handler/mfa_prompt_handler.go
+++ b/internal/ui/login/handler/mfa_prompt_handler.go
@@ -49,12 +49,12 @@ func (l *Login) handleMFAPromptSelection(w http.ResponseWriter, r *http.Request)
 }
 
 func (l *Login) renderMFAPrompt(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, mfaPromptData *domain.MFAPromptStep, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	data := mfaData{
-		baseData:    l.getBaseData(r, authReq, "MFA Prompt", errType, errMessage),
+		baseData:    l.getBaseData(r, authReq, "MFA Prompt", errID, errMessage),
 		profileData: l.getProfileData(authReq),
 	}
 
diff --git a/internal/ui/login/handler/mfa_verify_handler.go b/internal/ui/login/handler/mfa_verify_handler.go
index 001c41f679..fdb1617f5f 100644
--- a/internal/ui/login/handler/mfa_verify_handler.go
+++ b/internal/ui/login/handler/mfa_verify_handler.go
@@ -53,11 +53,11 @@ func (l *Login) renderMFAVerify(w http.ResponseWriter, r *http.Request, authReq
 }
 
 func (l *Login) renderMFAVerifySelected(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, verificationStep *domain.MFAVerificationStep, selectedProvider domain.MFAType, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
-	data := l.getUserData(r, authReq, "MFA Verify", errType, errMessage)
+	data := l.getUserData(r, authReq, "MFA Verify", errID, errMessage)
 	if verificationStep == nil {
 		l.renderError(w, r, authReq, err)
 		return
diff --git a/internal/ui/login/handler/mfa_verify_u2f_handler.go b/internal/ui/login/handler/mfa_verify_u2f_handler.go
index 25f2f724ed..fce4417705 100644
--- a/internal/ui/login/handler/mfa_verify_u2f_handler.go
+++ b/internal/ui/login/handler/mfa_verify_u2f_handler.go
@@ -24,21 +24,21 @@ type mfaU2FFormData struct {
 }
 
 func (l *Login) renderU2FVerification(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, providers []domain.MFAType, err error) {
-	var errType, errMessage, credentialData string
+	var errID, errMessage, credentialData string
 	var webAuthNLogin *domain.WebAuthNLogin
 	if err == nil {
 		userAgentID, _ := http_mw.UserAgentIDFromCtx(r.Context())
 		webAuthNLogin, err = l.authRepo.BeginMFAU2FLogin(setContext(r.Context(), authReq.UserOrgID), authReq.UserID, authReq.UserOrgID, authReq.ID, userAgentID)
 	}
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	if webAuthNLogin != nil {
 		credentialData = base64.RawURLEncoding.EncodeToString(webAuthNLogin.CredentialAssertionData)
 	}
 	data := &mfaU2FData{
 		webAuthNData: webAuthNData{
-			userData:               l.getUserData(r, authReq, "Login WebAuthNToken", errType, errMessage),
+			userData:               l.getUserData(r, authReq, "Login WebAuthNToken", errID, errMessage),
 			CredentialCreationData: credentialData,
 		},
 		MFAProviders:     providers,
diff --git a/internal/ui/login/handler/password_handler.go b/internal/ui/login/handler/password_handler.go
index af84565116..3d86b24d79 100644
--- a/internal/ui/login/handler/password_handler.go
+++ b/internal/ui/login/handler/password_handler.go
@@ -16,11 +16,11 @@ type passwordFormData struct {
 }
 
 func (l *Login) renderPassword(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
-	data := l.getUserData(r, authReq, "Password", errType, errMessage)
+	data := l.getUserData(r, authReq, "Password", errID, errMessage)
 	funcs := map[string]interface{}{
 		"showPasswordReset": func() bool {
 			if authReq.LoginPolicy != nil {
diff --git a/internal/ui/login/handler/password_reset_handler.go b/internal/ui/login/handler/password_reset_handler.go
index 6379f950f9..bf6e263c93 100644
--- a/internal/ui/login/handler/password_reset_handler.go
+++ b/internal/ui/login/handler/password_reset_handler.go
@@ -25,10 +25,10 @@ func (l *Login) handlePasswordReset(w http.ResponseWriter, r *http.Request) {
 }
 
 func (l *Login) renderPasswordResetDone(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
-	data := l.getUserData(r, authReq, "Password Reset Done", errType, errMessage)
+	data := l.getUserData(r, authReq, "Password Reset Done", errID, errMessage)
 	l.renderer.RenderTemplate(w, r, l.renderer.Templates[tmplPasswordResetDone], data, nil)
 }
diff --git a/internal/ui/login/handler/passwordless_login_handler.go b/internal/ui/login/handler/passwordless_login_handler.go
index 889d1cbc1e..ce545f071a 100644
--- a/internal/ui/login/handler/passwordless_login_handler.go
+++ b/internal/ui/login/handler/passwordless_login_handler.go
@@ -23,14 +23,14 @@ type passwordlessFormData struct {
 }
 
 func (l *Login) renderPasswordlessVerification(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, err error) {
-	var errType, errMessage, credentialData string
+	var errID, errMessage, credentialData string
 	var webAuthNLogin *domain.WebAuthNLogin
 	if err == nil {
 		userAgentID, _ := http_mw.UserAgentIDFromCtx(r.Context())
 		webAuthNLogin, err = l.authRepo.BeginPasswordlessLogin(setContext(r.Context(), authReq.UserOrgID), authReq.UserID, authReq.UserOrgID, authReq.ID, userAgentID)
 	}
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	if webAuthNLogin != nil {
 		credentialData = base64.RawURLEncoding.EncodeToString(webAuthNLogin.CredentialAssertionData)
@@ -41,7 +41,7 @@ func (l *Login) renderPasswordlessVerification(w http.ResponseWriter, r *http.Re
 	}
 	data := &passwordlessData{
 		webAuthNData{
-			userData:               l.getUserData(r, authReq, "Login Passwordless", errType, errMessage),
+			userData:               l.getUserData(r, authReq, "Login Passwordless", errID, errMessage),
 			CredentialCreationData: credentialData,
 		},
 		passwordLogin,
diff --git a/internal/ui/login/handler/register_handler.go b/internal/ui/login/handler/register_handler.go
index ba7d98bdd8..be5e6a86cb 100644
--- a/internal/ui/login/handler/register_handler.go
+++ b/internal/ui/login/handler/register_handler.go
@@ -92,9 +92,9 @@ func (l *Login) handleRegisterCheck(w http.ResponseWriter, r *http.Request) {
 }
 
 func (l *Login) renderRegister(w http.ResponseWriter, r *http.Request, authRequest *domain.AuthRequest, formData *registerFormData, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	if formData == nil {
 		formData = new(registerFormData)
@@ -103,7 +103,7 @@ func (l *Login) renderRegister(w http.ResponseWriter, r *http.Request, authReque
 		formData.Language = l.renderer.Lang(r).String()
 	}
 	data := registerData{
-		baseData:         l.getBaseData(r, authRequest, "Register", errType, errMessage),
+		baseData:         l.getBaseData(r, authRequest, "Register", errID, errMessage),
 		registerFormData: *formData,
 	}
 
diff --git a/internal/ui/login/handler/register_option_handler.go b/internal/ui/login/handler/register_option_handler.go
index e86389542d..20b9eaaad3 100644
--- a/internal/ui/login/handler/register_option_handler.go
+++ b/internal/ui/login/handler/register_option_handler.go
@@ -28,12 +28,12 @@ func (l *Login) handleRegisterOption(w http.ResponseWriter, r *http.Request) {
 }
 
 func (l *Login) renderRegisterOption(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	data := registerOptionData{
-		baseData: l.getBaseData(r, authReq, "RegisterOption", errType, errMessage),
+		baseData: l.getBaseData(r, authReq, "RegisterOption", errID, errMessage),
 	}
 	funcs := map[string]interface{}{
 		"hasExternalLogin": func() bool {
diff --git a/internal/ui/login/handler/register_org_handler.go b/internal/ui/login/handler/register_org_handler.go
index 8ced091370..7a5d1a452c 100644
--- a/internal/ui/login/handler/register_org_handler.go
+++ b/internal/ui/login/handler/register_org_handler.go
@@ -78,16 +78,16 @@ func (l *Login) handleRegisterOrgCheck(w http.ResponseWriter, r *http.Request) {
 }
 
 func (l *Login) renderRegisterOrg(w http.ResponseWriter, r *http.Request, authRequest *domain.AuthRequest, formData *registerOrgFormData, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
 	if formData == nil {
 		formData = new(registerOrgFormData)
 	}
 
 	data := registerOrgData{
-		baseData:            l.getBaseData(r, authRequest, "Register", errType, errMessage),
+		baseData:            l.getBaseData(r, authRequest, "Register", errID, errMessage),
 		registerOrgFormData: *formData,
 	}
 	pwPolicy, description, _ := l.getPasswordComplexityPolicy(r, "0")
diff --git a/internal/ui/login/handler/renderer.go b/internal/ui/login/handler/renderer.go
index 1db5a1e513..c26d652e23 100644
--- a/internal/ui/login/handler/renderer.go
+++ b/internal/ui/login/handler/renderer.go
@@ -301,7 +301,7 @@ func (l *Login) getUserData(r *http.Request, authReq *domain.AuthRequest, title
 func (l *Login) getBaseData(r *http.Request, authReq *domain.AuthRequest, title string, errType, errMessage string) baseData {
 	baseData := baseData{
 		errorData: errorData{
-			ErrType:    errType,
+			ErrID:      errType,
 			ErrMessage: errMessage,
 		},
 		Lang:                   l.renderer.Lang(r).String(),
@@ -343,14 +343,14 @@ func (l *Login) getProfileData(authReq *domain.AuthRequest) profileData {
 	}
 }
 
-func (l *Login) getErrorMessage(r *http.Request, err error) (errMsg string) {
+func (l *Login) getErrorMessage(r *http.Request, err error) (errID, errMsg string) {
 	caosErr := new(caos_errs.CaosError)
 	if errors.As(err, &caosErr) {
 		localized := l.renderer.LocalizeFromRequest(r, caosErr.Message, nil)
-		return localized + " (" + caosErr.ID + ")"
+		return caosErr.ID, localized
 
 	}
-	return err.Error()
+	return "", err.Error()
 }
 
 func (l *Login) getTheme(r *http.Request) string {
@@ -446,7 +446,7 @@ type baseData struct {
 }
 
 type errorData struct {
-	ErrType    string
+	ErrID      string
 	ErrMessage string
 }
 
diff --git a/internal/ui/login/handler/username_change_handler.go b/internal/ui/login/handler/username_change_handler.go
index 526a41fc0c..eb360ef029 100644
--- a/internal/ui/login/handler/username_change_handler.go
+++ b/internal/ui/login/handler/username_change_handler.go
@@ -15,11 +15,11 @@ type changeUsernameData struct {
 }
 
 func (l *Login) renderChangeUsername(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, err error) {
-	var errType, errMessage string
+	var errID, errMessage string
 	if err != nil {
-		errMessage = l.getErrorMessage(r, err)
+		errID, errMessage = l.getErrorMessage(r, err)
 	}
-	data := l.getUserData(r, authReq, "Change Username", errType, errMessage)
+	data := l.getUserData(r, authReq, "Change Username", errID, errMessage)
 	l.renderer.RenderTemplate(w, r, l.renderer.Templates[tmplChangeUsername], data, nil)
 }
 
diff --git a/internal/ui/login/static/templates/error-message.html b/internal/ui/login/static/templates/error-message.html
index 95372b0964..6c56caad1c 100644
--- a/internal/ui/login/static/templates/error-message.html
+++ b/internal/ui/login/static/templates/error-message.html
@@ -1,9 +1,9 @@
 {{ define "error-message" }}
 {{if .ErrMessage }}
-<div class="lgn-error">
+<div class="lgn-error" title="{{.ErrID}}">
     <i class="lgn-icon-exclamation-circle-solid lgn-warn"></i>
     <p class="lgn-error-message">
-        {{ if .ErrType }}{{ .ErrType }} - {{end}}{{ .ErrMessage }}
+        {{ .ErrMessage }}
     </p>
 </div>
 {{end}}