Description

To provide OAuth2 and OIDC in the future, we require an Ory Hydra instance.
This tasks focuses on adding the required containers to the docker compose file and add an initial configuration.

Description

Since the currently used session is not part of the API response, the UI should show a dummy item for the current session. It should look the same as the other items, besides the "revoke" button being replaced with a "this session" text or something like that.

Description

There is a button to navigate from settings to the dashboard missing.

Description

At the moment the text node only shows two strings as text, which works but could be better.
With this issue, the text node should show specific UI depending on what text is shown.

Description

At the moment, the session is always closed by clicking a button in the application.
There should be a path '/flow/logout' which closes the session when called.
After logout the user should be redirected to the root path

Description

At the moment, the frontend api created is exported in $lib/ory/index.ts as the default.
This is to be changed to an export const frontendApi and changed accordingly for all uses.

Description

The current WebAuthn configuration for the deployment version throws an error. This has to be fixed.
Further more WebAuthn should be disabled in the development configuration since it is not available on localhost.

Description

The verification page redirects to the dashboard, if a valid session exists.
This makes validating the email address only possible if logged out, even if a verified email is not required to log in.

Description

In the FlowSet.svelte are two UI node types (script and a) missing.
This issue focuses on implementing the script node.

Description

The Flow.svelte component currently creates a form like this:

<form action={ui.action} method={ui.method}>
    <FlowSet {nodes} />
</form>

Using the "built-in" form mechanisms works, but causes some problems.
Some endpoints of the Kratos API send different responses depending on the headers set for the request. See here
Setting headers is not supported in the HTML form tag.

This is the reason for redirects on every submission on the settings page and for stacking entries in the navigation history, as described in #37.

The official NextJS implementation solves this by passing an onSubmit function to the Flow component, which calls the Kratos FrontendApi via the SDK instead of using an HTML form.

The Flow.svelte component should be redesigned to work in the same way.
This will also make error handling (#15) easier to resolve.

Description

At the moment each Flow shows the flows messages. This leads to a ton of duplicate messages on the settings page when saving changes. This should be optional, the flow component will get a parameter if the messages should be shown inside the card.

Additionally the messages will become their own component to be used at places outside a Flow component.

Description

In the FlowSet.svelte are two UI node types (script and a) missing.
This issue focuses on implementing the a node.

Description

Currently the Flow component gets the flow object returned by the SDK and the list of messages to show, which is a property of the flow object. This should be refactored to a boolean prop if the messages should be shown or not. The list of messages should come from the flow object.

Description

Since multiple files must be adjusted when deploying to a remote machine, a working test setup should be provided.

This setup should contain the following:

• A customised docker compose file, equipped with labels for a Traefik proxy that's configured separately.
• Customised configurations for Ory Kratos and Ory Hydra using a sample URL.
• A configurable shell script that runs the docker deployment automatically.
• Adjustments in the authentication UI to configure different values per .env file on the environments.

Description

The deploy script is restarting all containers right now.
This should be changed by adding an option to specify which containers will be restarted.

Description

The authentication UI should support a dark mode with a toggle on the screen.

Description

For deployments the SvelteKit application will be executed inside a Docker container.
In the scope of this task, this Dockerfile is to be created.

Description

The login screen has already been modified to include the login challenge in requested login flow.
Now the consent screen showing the requested scopes and buttons for accepting or rejecting the access has to be implemented.

Description

The initial setup of the project was a while ago. All dependencies should be checked for updates.

Description

After refactoring the submission system, the consent flow isn't working anymore.
The reason is a redirect to the homepage, if the user tries to access the /login page but a session already exists.
The redirect should only happen if no login_challenge query parameter was passed.

Description

When a user saves changes on the settings page, the site doesn't just reload but navigates to the same site again.
This leads to a growing navigation stack of settings pages.

Description

Description

No description necessary.

Description

The logout button used in multiple places should be moved to a separate component.

Description

The mobile representation should be improved by using dynamic values for global padding, text sizes and other parameters.

Description

Requesting another recovery code when resetting your password is not possible, since the form requires a code entered to be submitted. The solution is to move this button out of the form. It has to be analysed how to do this in the dynamic flow system without adding bugs to other forms.

Description

The current identity view styling only supports the dark mode.
Also the styling should be moved to app.css file to be available globally.

Description

The "Revoke all" button on the session management page is always active, even if there are no active sessions.
The button should be disabled, if there is no session to revoke.
Also there should be a text saying, that there are no other sessions.

Description

The flow component receives an array of strings for the group(s) to display, but fact is that it doesn't make sense to pass more than one group per component. The type of the parameter should be changed to type string to prevent misuse.

Description

With a previous issue, the messages on the settings page were moved from the flows to a separate component to avoid showing 100x the same message on the screen. This should be done on the login page as well but was forgotten. This is to be fixed in the scope of this issue.

Description

A user should have the possibility to see and manage all sessions associated to their account.
Therefor a subpage to the account settings will be created, listing all sessions with buttons to revoke them.

Description

There are some errors which are not handled correctly yet.
An error handling similar to this one should be implemented.

Description

The i18n support so far only translates strings that are not supplied by the ORY api.
In the scope of this issue the translation will be extended to translate strings of all UiNodes.

Description

All components used for the Ory flows should contain documentation.

Description

Social logins are not supported in the UI right now. This shall be changed in the scope of this issue.
Also, adding a sample provider with a mapper can help others to understand how to integrate new providers.