Merge pull request #1607 from GSA/1546-remove-effective-april-16-login-landing-page

Remove "Effective April 16" Login Landing Page

.ds.baseline

@@ -586,20 +586,12 @@
       }
     ],
     "tests/app/main/views/test_sign_in.py": [
-      {
-        "type": "Private Key",
-        "filename": "tests/app/main/views/test_sign_in.py",
-        "hashed_secret": "1348b145fa1a555461c1b790a2f66614781091e9",
-        "is_verified": false,
-        "line_number": 31,
-        "is_secret": false
-      },
       {
         "type": "Secret Keyword",
         "filename": "tests/app/main/views/test_sign_in.py",
         "hashed_secret": "8b8b69116ee882b5e987e330f55db81aba0636f9",
         "is_verified": false,
-        "line_number": 104,
+        "line_number": 90,
         "is_secret": false
       }
     ],
@@ -710,5 +702,5 @@
       }
     ]
   },
-  "generated_at": "2024-06-05T22:01:56Z"
+  "generated_at": "2024-06-11T22:26:18Z"
 }

app/assets/images/logo-login.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 292.1 39.47"><path fill="#fff" d="M7.44 6.89h17.2v22.06H7.44z"/><path fill="#112e51" d="M53.45 5.28h-6.16v27.31h17.87v-5.38H53.45V5.28zm30.76-.19c-8.35 0-14.67 5.89-14.67 13.85s6.32 13.93 14.67 13.93 14.67-6 14.67-13.93S92.56 5.09 84.21 5.09zm.08 22.39a8.49 8.49 0 0 1-8.43-8.54 8.4 8.4 0 0 1 8.43-8.47 8.29 8.29 0 0 1 8.27 8.47 8.36 8.36 0 0 1-8.27 8.54zm35.36-17.05a11.43 11.43 0 0 1 7.49 3l3.47-4.41a17.21 17.21 0 0 0-11-4c-8.51 0-14.9 6-14.9 13.85s6.29 13.99 14.58 13.99a20.21 20.21 0 0 0 11.08-3.55V17.57h-10.11v4.82H125V26a12.42 12.42 0 0 1-5.34 1.48 8.52 8.52 0 1 1 0-17zm19.61-5.15h6.17v27.31h-6.17zm34.53 17.56L160.52 5.28h-5.61v27.31h5.89V15.07l13.22 17.52h5.62V5.28h-5.85v17.56zm17.47 2.85a3.39 3.39 0 0 0-3.47 3.56 3.47 3.47 0 1 0 6.94 0 3.36 3.36 0 0 0-3.47-3.56zm23.15-15.26a11.43 11.43 0 0 1 7.49 3l3.47-4.41a17.21 17.21 0 0 0-11-4c-8.51 0-14.9 6-14.9 13.85s6.28 13.93 14.55 13.93a20.21 20.21 0 0 0 11.08-3.55V17.57H215v4.82h4.77V26a12.42 12.42 0 0 1-5.34 1.48 8.52 8.52 0 1 1 0-17zm32.23-5.34C238.29 5.09 232 11 232 18.94s6.32 13.93 14.67 13.93 14.67-6 14.67-13.93S255 5.09 246.64 5.09zm.08 22.39a8.49 8.49 0 0 1-8.43-8.54 8.4 8.4 0 0 1 8.43-8.47 8.29 8.29 0 0 1 8.28 8.47 8.36 8.36 0 0 1-8.28 8.54zm39.02-22.2-7.49 20.6-7.45-20.6h-6.63l10.73 27.31h6.36L292.1 5.28h-6.36z"/><path fill="#e21d3e" d="m11.38 25.34 1.45-8.28a4.39 4.39 0 0 1 2.71-7.86V0H4.34A4.34 4.34 0 0 0 0 4.34v21.28a2.62 2.62 0 0 0 .26 1.16c.94 1.9 4.65 8 15.27 12.69V25.7a24.3 24.3 0 0 1-4.15-.36z"/><path fill="#b51e23" d="M26.72 0H15.53v9.19A4.39 4.39 0 0 1 18.28 17l1.45 8.32a24.29 24.29 0 0 1-4.2.36v13.79C26.14 34.8 29.86 28.68 30.8 26.79a2.62 2.62 0 0 0 .26-1.16V4.34A4.34 4.34 0 0 0 26.72 0z"/></svg>

app/assets/sass/uswds/_uswds-theme-custom-styles.scss

@@ -157,6 +157,18 @@ td.table-empty-message {
    }
 }
 
+.usa-button img {
+   margin-left: .5rem;
+   height: 1rem;
+}
+
+.usa-button.login-button.login-button--primary,.login-button.login-button--primary:hover{
+   color:#112e51;background-color:#fff;
+   border:1px solid #767676;
+   display: inline-flex;
+   justify-content: center;
+}
+
 .user-list-edit-link:active:before,
 .user-list-edit-link:focus:before {
    box-shadow: none;

app/main/views/index.py

@@ -1,6 +1,6 @@
 import os
 
-from flask import abort, redirect, render_template, request, url_for
+from flask import abort, current_app, redirect, render_template, request, url_for
 from flask_login import current_user
 
 from app import status_api_client
@@ -9,20 +9,28 @@ from app.main import main
 from app.main.views.pricing import CURRENT_SMS_RATE
 from app.main.views.sub_navigation_dictionaries import features_nav, using_notify_nav
 from app.utils.user import user_is_logged_in
-
-login_dot_gov_url = os.getenv("LOGIN_DOT_GOV_INITIAL_SIGNIN_URL")
+from notifications_utils.url_safe_token import generate_token
 
 
 @main.route("/")
 def index():
     if current_user and current_user.is_authenticated:
         return redirect(url_for("main.choose_account"))
-
+    token = generate_token(
+        str(request.remote_addr),
+        current_app.config["SECRET_KEY"],
+        current_app.config["DANGEROUS_SALT"],
+    )
+    url = os.getenv("LOGIN_DOT_GOV_INITIAL_SIGNIN_URL")
+    # handle unit tests
+    if url is not None:
+        url = url.replace("NONCE", token)
+        url = url.replace("STATE", token)
     return render_template(
         "views/signedout.html",
         sms_rate=CURRENT_SMS_RATE,
         counts=status_api_client.get_count_of_live_services_and_organizations(),
-        login_dot_gov_url=login_dot_gov_url,
+        initial_signin_url=url,
     )
 
 

app/templates/views/signedout.html

@@ -21,7 +21,8 @@ Notify.gov
               <h1 class="font-serif-2xl usa-hero__heading">Reach people where they are with government-powered text messages</h1>
               <p class="font-sans-lg">Notify.gov is a text message service that helps federal, state, local, tribal and territorial governments more effectively communicate with the people they serve.</p>
               <div class="usa-button-group margin-bottom-5">
-                <a class="usa-button usa-button--big margin-right-2" href="{{ url_for('main.sign_in' ) }}">Sign in</a>
+                <a class="usa-button usa-button login-button login-button--primary margin-right-2" href="{{ initial_signin_url }}">Sign in with <img src="{{ asset_url('images/logo-login.svg') }}" alt="Login.gov logo">
+                </a>
                 if you are an existing pilot partner
               </div>
               <p class="font-sans-md">Currently we are only working with select pilot partners. If you are interested in using Notify.gov in the future, please contact <br><a href="mailto:tts-benefits-studio@gsa.gov">tts-benefits-studio@gsa.gov</a> to learn more.</p>

app/templates/views/signin.html

@@ -32,22 +32,6 @@
       <a class="usa-link usa-button" href="{{ initial_signin_url }}">Sign in with Login.gov</a>
     {% endif %}
   </div>
-    <div class="tablet:grid-col-6 tablet:grid-offset-1 margin-top-2 padding-y-2 padding-x-4 bg-base-lightest">
-      <h2 class="font-body-lg">Effective April 16, 2024 Notify.gov requires you sign-in through Login.gov</h2>
-      <p>Why are we doing this?</p>
-      <ul class="usa-list">
-        <li><strong>Enhanced security:</strong> Login.gov is really secure and trustworthy</li>
-        <li><strong>One single source for signing in:</strong> You can use Login.gov for other services within the federal government</li>
-        <li><strong>2FA flexibility:</strong> Login.gov supports multiple methods for users to verify their identity.</li>
-      </ul>
-      <p>What do I need to do?</p>
-      <ul class="usa-list">
-        <li>If you have a Login.gov account, start using it to sign in to Notify today.</li>
-        <li>If you don’t have a Login.gov account, you must create one to continue to access Notify.</li>
-      </ul>
-      <div class="border-bottom border-base-lighter margin-y-4"></div>
-      <a class="usa-link usa-button usa-button--outline margin-bottom-3" href="{{ initial_signin_url }}">Create Login.gov account</a>
-    </div>
-  </div>
+</div>
 
 {% endblock %}

tests/app/main/views/test_index.py

@@ -19,10 +19,9 @@ def test_non_logged_in_user_can_see_homepage(
         "Reach people where they are with government-powered text messages"
     )
 
-    assert page.select_one("a.usa-button.usa-button--big")["href"] == url_for(
-        "main.sign_in",
-    )
-
+    assert page.select_one(
+        "a.usa-button.login-button.login-button--primary.margin-right-2"
+    ).text == "Sign in with \n"
     assert page.select_one("meta[name=description]") is not None
     # This area is hidden for the pilot
     # assert normalize_spaces(page.select_one('#whos-using-notify').text) == (

tests/app/main/views/test_sign_in.py

@@ -3,7 +3,6 @@ import uuid
 import pytest
 from flask import url_for
 
-from app.main.views.sign_in import _reformat_keystring
 from app.models.user import User
 from tests.conftest import SERVICE_ONE_ID, normalize_spaces
 
@@ -20,25 +19,12 @@ def test_render_sign_in_template_for_new_user(client_request):
     #        then these indices need to be 1 instead of 0.
     #        Currently it's not enabled for the test or production environments.
     assert page.select("main a")[0].text == "Sign in with Login.gov"
-    assert page.select("main a")[1].text == "Create Login.gov account"
 
     # TODO:  We'll have to adjust this depending on whether Login.gov is
     #        enabled or not; fix this in the future.
     assert "Sign in again" not in normalize_spaces(page.text)
 
 
-def test_reformat_keystring():
-    orig = "-----BEGIN PRIVATE KEY----- blah blah blah -----END PRIVATE KEY-----"
-    expected = """-----BEGIN PRIVATE KEY-----
-blah
-blah
-blah
------END PRIVATE KEY-----
-"""
-    reformatted = _reformat_keystring(orig)
-    assert reformatted == expected
-
-
 def test_sign_in_explains_session_timeout(client_request):
     client_request.logout()
     page = client_request.get("main.sign_in", next="/foo")

tests/end_to_end/test_landing_and_sign_in_pages.py

@@ -22,7 +22,7 @@ def test_landing_page(end_to_end_context):
         "heading",
         name="Reach people where they are with government-powered text messages",
     )
-    sign_in_button = page.get_by_role("link", name="Sign in")
+    sign_in_button = page.get_by_role("link", name="Sign in with")
     benefits_studio_email = page.get_by_role("link", name="tts-benefits-studio@gsa.gov")
 
     # Check to make sure the elements are visible.
@@ -31,7 +31,8 @@ def test_landing_page(end_to_end_context):
     expect(benefits_studio_email).to_be_visible()
 
     # Check to make sure the sign-in button and email links are correct.
-    expect(sign_in_button).to_have_attribute("href", "/sign-in")
+    href_value = sign_in_button.get_attribute('href')
+    assert href_value is not None, "The sign-in button does not have an href attribute"
     expect(benefits_studio_email).to_have_attribute(
         "href", "mailto:tts-benefits-studio@gsa.gov"
     )