[HIDP-235] Add logout option if unable to verify or setup device (#338)

Author: ramonakira

packages/hidp/hidp/locale/django.pot

@@ -804,6 +804,10 @@ msgid_plural "Your account is currently linked with the following services:"
 msgstr[0] ""
 msgstr[1] ""
 
+#: hidp/templates/hidp/includes/forms/logout_form.html
+msgid "Cancel and return to login"
+msgstr ""
+
 #: hidp/templates/hidp/otp/disable.html
 #: hidp/templates/hidp/otp/disable_recovery_code.html
 msgid "Disable two-factor authentication"

packages/hidp/hidp/locale/nl/LC_MESSAGES/django.po

@@ -805,6 +805,10 @@ msgid_plural "Your account is currently linked with the following services:"
 msgstr[0] "Je account is momenteel aan de volgende dienst gekoppeld:"
 msgstr[1] "Je account is momenteel aan de volgende diensten gekoppeld:"
 
+#: hidp/templates/hidp/includes/forms/logout_form.html
+msgid "Cancel and return to login"
+msgstr "Annuleren en terug naar inloggen"
+
 #: hidp/templates/hidp/otp/disable.html
 #: hidp/templates/hidp/otp/disable_recovery_code.html
 msgid "Disable two-factor authentication"

packages/hidp/hidp/otp/views.py

@@ -201,9 +201,7 @@ def get_form_kwargs(self):
         return kwargs
 
     def get_context_data(self, **kwargs):
-        context = super().get_context_data(**kwargs)
-
-        return context | {
+        context = {
             "title": _("Set up two-factor authentication"),
             "device": self.device,
             "backup_device": self.backup_device,
@@ -213,7 +211,9 @@ def get_context_data(self, **kwargs):
                 self.backup_device.token_set.values_list("token", flat=True)
             ),
             "back_url": reverse("hidp_otp_management:manage"),
+            "logout_url": reverse("hidp_accounts:logout"),
         }
+        return super().get_context_data() | context | kwargs
 
     def form_valid(self, form):
         form.save()
@@ -280,9 +280,11 @@ def get_recovery_code_url(self, request):  # noqa: PLR6301
         return base_url
 
     def get_context_data(self, **kwargs):
-        context = super().get_context_data(**kwargs)
-        context["recovery_code_url"] = self.get_recovery_code_url(self.request)
-        return context
+        context = {
+            "recovery_code_url": self.get_recovery_code_url(self.request),
+            "logout_url": reverse("hidp_accounts:logout"),
+        }
+        return super().get_context_data() | context | kwargs
 
 
 class VerifyRecoveryCodeView(VerifyOTPBase):
@@ -296,6 +298,10 @@ def form_valid(self, form):
 
         return result
 
+    def get_context_data(self, **kwargs):
+        context = {"logout_url": reverse("hidp_accounts:logout")}
+        return super().get_context_data() | context | kwargs
+
     def send_mail(self):
         """Notify the user that a recovery code was used."""
         base_url = self.request.build_absolute_uri("/")

packages/hidp/hidp/templates/hidp/includes/forms/logout_form.html

@@ -0,0 +1,14 @@
+{% load i18n %}
+{% comment %}
+The logout_url is required for the form action. It is passed in from the view
+that renders this template. If the logout_url is not provided, the form will not
+be rendered.
+{% endcomment %}
+{% if logout_url %}
+  <form action="{{ logout_url }}" method="post">
+    {% csrf_token %}
+    <button type="submit">
+      {{ logout_label|default:_("Cancel and return to login") }}
+    </button>
+  </form>
+{% endif %}

packages/hidp/hidp/templates/hidp/otp/setup_device.html

@@ -66,6 +66,9 @@ <h2>{% translate 'Recovery codes' %}</h2>
       {{ form.confirm_stored_backup_tokens }}
     </p>
 
-    {% include 'hidp/includes/forms/submit_row.html' with submit_label=_('Submit') cancel_label=_('Back') cancel_url=back_url %}
+    {% include 'hidp/includes/forms/submit_row.html' with submit_label=_('Submit') %}
   </form>
+
+  {% include 'hidp/includes/forms/logout_form.html' %}
+  <a href="{{ back_url }}">{% translate 'Back' %}</a>
 {% endblock %}

packages/hidp/hidp/templates/hidp/otp/verify.html

@@ -7,12 +7,14 @@
   <h1>{% translate 'Two-factor authentication' %}</h1>
 
   <form method="post">
-  {% csrf_token %}
-  {{ form }}
+    {% csrf_token %}
+    {{ form }}
 
-  {% include 'hidp/includes/forms/submit_row.html' with submit_label=_('Verify') %}
+    {% include 'hidp/includes/forms/submit_row.html' with submit_label=_('Verify') %}
   </form>
 
+  {% include 'hidp/includes/forms/logout_form.html' %}
+
   <p>
     {% blocktranslate trimmed %}
       If you have lost your device, you can <a href="{{ recovery_code_url }}">use a recovery code</a> instead.

packages/hidp/hidp/templates/hidp/otp/verify_recovery_code.html

@@ -7,10 +7,11 @@
   <h1>{% translate 'Two-factor authentication' %}</h1>
 
   <form method="post">
-  {% csrf_token %}
-  {{ form }}
+    {% csrf_token %}
+    {{ form }}
 
-  {% include 'hidp/includes/forms/submit_row.html' with submit_label=_('Verify') %}
+    {% include 'hidp/includes/forms/submit_row.html' with submit_label=_('Verify') %}
   </form>
 
+  {% include 'hidp/includes/forms/logout_form.html' %}
 {% endblock %}