From b20b31d7cdd2d1e89f59d574125967d4db96f378 Mon Sep 17 00:00:00 2001
From: Mek <michael.karpeles@gmail.com>
Date: Wed, 29 Jan 2025 10:33:20 -0800
Subject: [PATCH 1/5] Fix registration errors from xauthn

---
 openlibrary/accounts/model.py | 29 +++++++++++++++++------------
 1 file changed, 17 insertions(+), 12 deletions(-)

diff --git a/openlibrary/accounts/model.py b/openlibrary/accounts/model.py
index b0623444c74..4910f379e20 100644
--- a/openlibrary/accounts/model.py
+++ b/openlibrary/accounts/model.py
@@ -688,18 +688,23 @@ def create(
                     ia_account.test = True
                 return ia_account
 
-            elif 'screenname' not in response.get('values', {}):
-                error = OLAuthenticationError('undefined_error')
-                error.response = response
-                raise error
-
-            elif attempt >= retries:
-                e = OLAuthenticationError('username_registered')
-                e.value = _screenname
-                raise e
-
-            _screenname = append_random_suffix(screenname)
-            attempt += 1
+            # Response has returned "failure" with reasons in "values"
+            failures = response.get('values', {})
+            if 'screenname' not in failures:
+                for field in failures:
+                    # raise the first error if multiple
+                    # e.g. bad_email, bad_password
+                    error = OLAuthenticationError(f'bad_{field}')
+                    error.response = response
+                    raise error
+            else:
+                if attempt < retries:
+                    _screenname = append_random_suffix(screenname)
+                    attempt += 1
+                else:
+                    e = OLAuthenticationError('username_registered')
+                    e.value = _screenname
+                    raise e
 
     @classmethod
     def xauth(cls, op, test=None, s3_key=None, s3_secret=None, xauth_url=None, **data):

From 290bec8682159dee1f8e1086b4f46e2c41af5860 Mon Sep 17 00:00:00 2001
From: "pre-commit-ci[bot]"
 <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Date: Wed, 29 Jan 2025 18:36:21 +0000
Subject: [PATCH 2/5] [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci
---
 openlibrary/accounts/model.py | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/openlibrary/accounts/model.py b/openlibrary/accounts/model.py
index 4910f379e20..db98363a829 100644
--- a/openlibrary/accounts/model.py
+++ b/openlibrary/accounts/model.py
@@ -697,14 +697,13 @@ def create(
                     error = OLAuthenticationError(f'bad_{field}')
                     error.response = response
                     raise error
+            elif attempt < retries:
+                _screenname = append_random_suffix(screenname)
+                attempt += 1
             else:
-                if attempt < retries:
-                    _screenname = append_random_suffix(screenname)
-                    attempt += 1
-                else:
-                    e = OLAuthenticationError('username_registered')
-                    e.value = _screenname
-                    raise e
+                e = OLAuthenticationError('username_registered')
+                e.value = _screenname
+                raise e
 
     @classmethod
     def xauth(cls, op, test=None, s3_key=None, s3_secret=None, xauth_url=None, **data):

From d723cc5e29a7a05d581db24c12701bd7bb315b73 Mon Sep 17 00:00:00 2001
From: jachamp <28732543+jimchamp@users.noreply.github.com>
Date: Wed, 29 Jan 2025 14:12:01 -0800
Subject: [PATCH 3/5] Add new `get_login_error` error messages

Adds new error messages that correspond to `xauthn` request failures:
- `bad_password`
- `bad_email`

Also adds a catch-all response that will help surface other `xauthn` failures.
---
 openlibrary/plugins/upstream/account.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/openlibrary/plugins/upstream/account.py b/openlibrary/plugins/upstream/account.py
index 55b26516ae8..60d30618471 100644
--- a/openlibrary/plugins/upstream/account.py
+++ b/openlibrary/plugins/upstream/account.py
@@ -93,9 +93,11 @@ def get_login_error(error_key):
         "request_timeout": _(
             "Servers are experiencing unusually high traffic, please try again later or email openlibrary@archive.org for help."
         ),
+        "bad_email": _("Email provider not recognized."),
+        "bad_password": _("Password requirements not met."),
         "undefined_error": _('A problem occurred and we were unable to log you in'),
     }
-    return LOGIN_ERRORS[error_key]
+    return LOGIN_ERRORS[error_key] if error_key in LOGIN_ERRORS else _("Request failed with error code: %(error_code)s", error_code=error_key)
 
 
 class availability(delegate.page):

From 718ba3d7702493742ca75f644c980ed81417e521 Mon Sep 17 00:00:00 2001
From: jachamp <28732543+jimchamp@users.noreply.github.com>
Date: Wed, 29 Jan 2025 16:35:31 -0800
Subject: [PATCH 4/5] Display errors in a `flash-message`

---
 openlibrary/templates/account/create.html |  8 +++++++-
 openlibrary/templates/login.html          | 11 ++++++++---
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git a/openlibrary/templates/account/create.html b/openlibrary/templates/account/create.html
index 9ce793a0411..d24adfee8d9 100644
--- a/openlibrary/templates/account/create.html
+++ b/openlibrary/templates/account/create.html
@@ -60,7 +60,13 @@ <h1 class="ol-signup-hero__title">$_("Sign Up")</h1>
     $else:
         <form class="olform create create-form" name="signup" method="post" data-i18n="$json_encode(i18n_strings)" action="">
             $if form.note:
-                <div class="ol-signup-form__note">$form.note</div>
+                <div class="flash-messages">
+                    <div class="error ol-signup-form__info-box">
+                        <span>
+                            $:form.note
+                        </span>
+                    </div>
+                </div>
 
             $def screenname_url(): $_('Your URL'): https://openlibrary.org/people/<span id="userUrl">$(form.username.value or _('screenname'))</span>
 
diff --git a/openlibrary/templates/login.html b/openlibrary/templates/login.html
index 21d9b957b41..ec9f8a372cf 100644
--- a/openlibrary/templates/login.html
+++ b/openlibrary/templates/login.html
@@ -29,7 +29,6 @@ <h1 class="ol-signup-hero__title">$_("Log In")</h1>
     $if not ctx.user:
         $:render_template("account/ia_thirdparty_logins")
         <div class="ol-signup-form__big-or">$_('OR')</div>
-        <div class="ol-signup-form__info">$:_('Please enter your <a href="https://archive.org">Internet Archive</a> email and password to access your Open Library account.')</div>
 
     $if ctx.user:
         <p>$:_("You are already logged into Open Library as %(user)s.", user='<a href="%s">%s</a>' % (ctx.user.key, ctx.user.displayname))</p>
@@ -38,8 +37,14 @@ <h1 class="ol-signup-hero__title">$_("Log In")</h1>
     $else:
         <form id="register" class="login olform" name="login" method="post" data-i18n="$json_encode(i18n_strings)">
             $if form.note:
-                <div class="note">$form.note</div>
-
+                <div class="flash-messages">
+                    <div class="error ol-signup-form__info-box">
+                        <span>
+                            $:form.note
+                        </span>
+                    </div>
+                </div>
+            <div class="ol-signup-form__info">$:_('Please enter your <a href="https://archive.org">Internet Archive</a> email and password to access your Open Library account.')</div>
             <div class="formElement ol-signup-form__input">
                 <div class="label">
                 <label for="username">$_("Email")</label>

From 523d507dd998a682e390da6127f6c04029944a6d Mon Sep 17 00:00:00 2001
From: "pre-commit-ci[bot]"
 <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Date: Thu, 30 Jan 2025 00:42:43 +0000
Subject: [PATCH 5/5] [pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci
---
 openlibrary/i18n/messages.pot           | 25 +++++++++++++++++++------
 openlibrary/plugins/upstream/account.py |  6 +++++-
 2 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/openlibrary/i18n/messages.pot b/openlibrary/i18n/messages.pot
index 538ed42914b..5b9a30ff50a 100644
--- a/openlibrary/i18n/messages.pot
+++ b/openlibrary/i18n/messages.pot
@@ -485,12 +485,6 @@ msgstr ""
 msgid "OR"
 msgstr ""
 
-#: login.html
-msgid ""
-"Please enter your <a href=\"https://archive.org\">Internet Archive</a> "
-"email and password to access your Open Library account."
-msgstr ""
-
 #: account/create.html login.html
 #, python-format
 msgid "You are already logged into Open Library as %(user)s."
@@ -503,6 +497,12 @@ msgid ""
 "logout'].submit()\">log out</a> and start the signup process afresh."
 msgstr ""
 
+#: login.html
+msgid ""
+"Please enter your <a href=\"https://archive.org\">Internet Archive</a> "
+"email and password to access your Open Library account."
+msgstr ""
+
 #: forms.py login.html
 msgid "Email"
 msgstr ""
@@ -7828,10 +7828,23 @@ msgid ""
 "or email openlibrary@archive.org for help."
 msgstr ""
 
+#: account.py
+msgid "Email provider not recognized."
+msgstr ""
+
+#: account.py
+msgid "Password requirements not met."
+msgstr ""
+
 #: account.py
 msgid "A problem occurred and we were unable to log you in"
 msgstr ""
 
+#: account.py
+#, python-format
+msgid "Request failed with error code: %(error_code)s"
+msgstr ""
+
 #: account.py
 #, python-format
 msgid ""
diff --git a/openlibrary/plugins/upstream/account.py b/openlibrary/plugins/upstream/account.py
index 60d30618471..a4a5a7b63a5 100644
--- a/openlibrary/plugins/upstream/account.py
+++ b/openlibrary/plugins/upstream/account.py
@@ -97,7 +97,11 @@ def get_login_error(error_key):
         "bad_password": _("Password requirements not met."),
         "undefined_error": _('A problem occurred and we were unable to log you in'),
     }
-    return LOGIN_ERRORS[error_key] if error_key in LOGIN_ERRORS else _("Request failed with error code: %(error_code)s", error_code=error_key)
+    return (
+        LOGIN_ERRORS[error_key]
+        if error_key in LOGIN_ERRORS
+        else _("Request failed with error code: %(error_code)s", error_code=error_key)
+    )
 
 
 class availability(delegate.page):