Add LoginForm Component for User Authentication

[mralaminahamed]

All Submissions:

• My code follow the WordPress' coding standards
• My code satisfies feature requirements
• My code is tested
• My code passes the PHPCS tests
• My code has proper inline documentation
• I've included related pull request(s) (optional)
• I've included developer documentation (optional)
• I've added proper labels to this pull request

Changes proposed in this Pull Request:

This PR introduces a new reusable LoginForm component to the Dokan components library. The component provides a standardized, secure way to handle user authentication across various parts of the Dokan ecosystem.

Key Features Added:

• Clean, responsive login form with Tailwind CSS styling
• Form validation for required username/password fields
• Error handling and display for failed authentication attempts
• Customizable button labels and callback functions
• WordPress Slot system integration for extensibility
• jQuery AJAX integration maintaining WordPress authentication compatibility
• TypeScript support with proper type definitions

Technical Implementation:

• Uses WordPress @wordpress/element for state management
• Integrates with WordPress hooks system for filtering and customization
• Follows Dokan UI design system patterns
• Implements proper sanitization and nonce verification
• Supports both success and error callback handling

Related Pull Request(s)

• refactor: Remove the global mutation observer #2788
• https://github.com/getdokan/dokan-pro/pull/4440

Closes

• Closes https://github.com/getdokan/plugin-internal-tasks/issues/613

How to test the changes in this Pull Request:

1. Basic Functionality Test:

   import { LoginForm } from '@dokan/components';
   
   // Test basic login form rendering
   <LoginForm 
     onLoginSuccess={() => console.log('Login successful')}
     onCreateAccount={() => console.log('Create account clicked')}
   />

2. Validation Test:

   • Try submitting form with empty username/password (should show disabled state)
   • Enter invalid credentials (should display error message)
   • Enter valid credentials (should trigger success callback)

3. Customization Test:

   <LoginForm 
     loginButtonLabel="Sign In"
     createAccountLabel="Register Now"
     onLoginSuccess={() => window.location.reload()}
   />

4. Slot Integration Test:

   • Verify WordPress slot system works for extensibility
   • Test filter hooks for component customization

Changelog entry

Title: Add LoginForm Component for Standardized User Authentication

Detailed Description:
Added a new reusable LoginForm component that provides consistent user authentication functionality across the Dokan ecosystem. The component includes form validation, error handling, and customizable callbacks for login success and account creation actions. Previous behavior required developers to implement authentication forms manually. This component standardizes the authentication experience with proper WordPress integration, security measures, and extensibility through the WordPress slot system.

Before Changes

Issue:

• No standardized login component available in Dokan components library
• Developers had to create custom authentication forms for each implementation
• Inconsistent user authentication experience across different parts of the application
• Manual implementation of form validation and error handling required

Screenshot:
No existing LoginForm component - developers used custom implementations

After Changes

Solution:

• Unified LoginForm component available through @dokan/components
• Consistent authentication experience with proper validation and error handling
• Easy integration with customizable callbacks and labels
• WordPress-compliant security with nonce verification and AJAX handling
• Extensible through WordPress slot system for advanced customizations

Key Benefits:

• Reduced development time for authentication features
• Consistent UI/UX across all Dokan applications
• Built-in security best practices
• TypeScript support for better developer experience

Feature Video (optional)

To be added if needed for demonstration

PR Self Review Checklist:

• Code is following WordPress and Dokan coding style guidelines
• Good naming: component and props are clearly named and self-explanatory
• KISS: Component is simple and focused on authentication functionality
• DRY: Reusable component prevents code duplication across projects
• Code is readable with clear structure and proper commenting
• Performance: Efficient state management and AJAX handling
• Well-structured component with clear separation of concerns
• Grammar and documentation are correct

Additional Notes:

• Component follows React functional component patterns
• Proper TypeScript interfaces and prop types defined
• WordPress hooks integration for extensibility
• Comprehensive documentation added to components.md
• Security considerations implemented (nonces, proper data handling)

FOR PR REVIEWER ONLY:

As a reviewer, your feedback should be focused on the idea, not the person. Seek to understand, be respectful, and focus on constructive dialog.

As a contributor, your responsibility is to learn from suggestions and iterate your pull request should it be needed based on feedback. Seek to collaborate and produce the best possible contribution to the greater whole.

• Correct — Does the change do what it's supposed to? ie: code 100% fulfilling the requirements?
• Secure — Would a nefarious party find some way to exploit this change? ie: everything is sanitized/escaped appropriately for any SQL or XSS injection possibilities?
• Readable — Will your future self be able to understand this change months down the road?
• Elegant — Does the change fit aesthetically within the overall style and architecture?

Summary by CodeRabbit

• New Features
  • Introduced a new LoginForm component for user authentication, supporting customizable button labels and callbacks for login success and account creation.
• Documentation
  • Updated documentation to include the new LoginForm component with detailed usage examples and integration details.

[coderabbitai]

Walkthrough

A new LoginForm React component was introduced to handle user authentication, including state management, callbacks, and UI. Documentation was updated for formatting consistency and to add a new section describing the LoginForm component. The LoginForm was also exported from the component index.

Changes

File(s)	Change Summary
docs/frontend/components.md	Reformatted documentation for consistency, added section for LoginForm component.
src/components/LoginForm.tsx	Added new LoginForm React component for authentication with props, state, and UI logic.
src/components/index.tsx	Added export for DokanLoginForm from LoginForm.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant LoginForm
    participant Server

    User->>LoginForm: Enter username & password, click Login
    LoginForm->>Server: POST credentials via AJAX
    Server-->>LoginForm: Respond with success or error
    alt Success
        LoginForm->>User: Call onLoginSuccess callback
    else Error
        LoginForm->>User: Display error message
    end
    User->>LoginForm: Click Create Account (optional)
    LoginForm->>User: Call onCreateAccount callback

Loading

Assessment against linked issues

Objective	Addressed	Explanation
Implement a global Login Modal component with REST API authentication (#613)	✅
Provide test cases for the Login Modal component (#613)	❌	No test cases or test files were added or referenced in the changes.

Assessment against linked issues: Out-of-scope changes

Code Change (file_path)	Explanation
Documentation formatting and minor rewording (docs/frontend/components.md)	Formatting and minor rewording are not directly related to the Login Modal component objective.

Suggested labels

:+1: Dev Review Done

Suggested reviewers

• mrabbani

Poem

A login form hops in, brand new and neat,
With callbacks and states, it cannot be beat!
The docs are now tidy, with sections aligned,
While users log in, no one’s left behind.
🐇✨
A bunny’s delight: new features complete!

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

npm error Exit handler never called!
npm error This is an error with npm itself. Please report this error at:
npm error https://github.com/npm/cli/issues
npm error A complete log of this run can be found in: /.npm/_logs/2025-06-24T06_02_49_881Z-debug-0.log

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 3

🧹 Nitpick comments (3)

src/components/LoginForm.tsx (2)

120-170: Internationalization domain inconsistency
Most strings use the 'dokan-lite' text-domain, but the placeholders for username/password use 'dokan'. Mixing domains makes translation generation harder.

- placeholder: __( 'Write your username', 'dokan' ),
+ placeholder: __( 'Write your username', 'dokan-lite' ),
...
- placeholder: __( 'Write your password', 'dokan' ),
+ placeholder: __( 'Write your password', 'dokan-lite' ),

---

184-201: Accessibility: add type="submit" & form semantics
The buttons live outside any <form> element, so keyboard “Enter” submission won’t work and screen-reader form semantics are lost. Consider wrapping inputs in a <form> and turning the login button into type="submit" with a handler on onSubmit.

docs/frontend/components.md (1)

920-933: Minor wording – “scripts dependency” → “script dependency”
Consider singular form for grammatical correctness: “include the dokan-react-components as a script dependency”.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 97b88e3 and 2a4d047.

📒 Files selected for processing (3)

• docs/frontend/components.md (17 hunks)
• src/components/LoginForm.tsx (1 hunks)
• src/components/index.tsx (1 hunks)

🧰 Additional context used

🪛 Biome (1.9.4)

src/components/LoginForm.tsx

[error] 67-67: Change to an optional chain.

Unsafe fix: Change to an optional chain.

(lint/complexity/useOptionalChain)

🪛 LanguageTool

docs/frontend/components.md

[uncategorized] ~70-~70: You might be missing the article “a” here.
Context: ...include the dokan-react-components as scripts dependency and the @dokan/components ...

(AI_EN_LECTOR_MISSING_DETERMINER_A)

⏰ Context from checks skipped due to timeout of 90000ms (4)

• GitHub Check: e2e tests (1, 3)
• GitHub Check: e2e tests (2, 3)
• GitHub Check: api tests (1, 1)
• GitHub Check: e2e tests (3, 3)

🔇 Additional comments (2)

src/components/LoginForm.tsx (1)

67-77: Minor: can use optional chaining to simplify null-checks
Static-analysis flagged this; replacing the explicit response && check with response?.success is cleaner and eliminates one level of nesting.

-if ( response && response.success ) {
+if ( response?.success ) {

[ suggest_nitpick ]

docs/frontend/components.md (1)

884-906: Import in example does not exist in public API
import {LoginForm} from '@dokan/components'; will fail because only DokanLoginForm is exported. Sync the example with the actual export name or add the additional export as noted in index.tsx.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (6)

docs/frontend/components.md (6)

5-6: Consistent Markdown formatting for generic terms

Suggest removing backticks around generic terms and version names for clarity and consistency:

- `Dokan` provides a set of reusable `components` that can be used across both `Free` and `Pro` versions.
+ Dokan provides a set of reusable components that can be used across both Free and Pro versions.

---

26-27: Improve grammar and clarity in dependency instruction

Consider updating phrasing for readability and proper article usage:

- For both `Dokan Free and Pro` versions, we must register the `dokan-react-components` dependency when using `global` components.
+ For both the Free and Pro versions of Dokan, register the `dokan-react-components` dependency when using global components.

---

68-68: Include LoginForm in import example

To showcase the new component, include LoginForm in the import statement:

-import {DataViews, DokanBadge, DokanButton, DokanAlert, DokanLink, DokanMaskInput} from '@dokan/components';
+import {DataViews, DokanBadge, DokanButton, DokanAlert, DokanLink, DokanMaskInput, LoginForm} from '@dokan/components';

---

71-73: Consistent formatting for external plugin instructions

The sentence structure and backtick usage can be streamlined:

- For external `plugins`, we must include the `dokan-react-components` as scripts dependency and the `@dokan/components`
- should be introduced as an external resource configuration to resolve the path via `webpack`:
+ For external plugins, include `dokan-react-components` as a script dependency and configure `@dokan/components` as an external resource in your webpack settings:

---

76-78: Fix code block formatting for externals configuration

The key and colon should be on the same line for valid JavaScript syntax:

- '@dokan/components'
-:
-    'dokan.components',
+ '@dokan/components': 'dokan.components',

---

113-114: Enhance clarity in export instruction

Consider rephrasing for smoother flow and accurate naming:

- **Finally,** we need to export the new `component` from the `src/components/index.tsx` file. Then, we can import the new
- component from `@dokan/components` in `dokan pro` version.
+ Finally, export the new LoginForm from `src/components/index.tsx`, then import it via `@dokan/components` in the Dokan Pro version.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2a4d047 and e5fc8e3.

📒 Files selected for processing (1)

• docs/frontend/components.md (19 hunks)

🧰 Additional context used

🪛 LanguageTool

docs/frontend/components.md

[uncategorized] ~71-~71: You might be missing the article “a” here.
Context: ...include the dokan-react-components as scripts dependency and the @dokan/components ...

(AI_EN_LECTOR_MISSING_DETERMINER_A)

⏰ Context from checks skipped due to timeout of 90000ms (4)

• GitHub Check: e2e tests (2, 3)
• GitHub Check: api tests (1, 1)
• GitHub Check: e2e tests (3, 3)
• GitHub Check: e2e tests (1, 3)

🔇 Additional comments (3)

docs/frontend/components.md (3)

22-22: Approve addition of LoginForm to component list

The new LoginForm entry correctly adds the login form component to the available components list.

---

101-101: Verify component file path in documentation

Ensure that src/components/LoginForm.tsx exists in the codebase with the correct filename and casing.

#!/bin/bash
# Check for LoginForm component file
fd --max-depth 3 LoginForm.tsx src/components

---

117-127: Let’s locate the actual index.tsx and search for any LoginForm export:

#!/bin/bash
# 1. Find all index.tsx files in the repo
find . -type f -name "index.tsx"

# 2. Search across the repo for any export or reference to LoginForm
grep -R "LoginForm" -n .

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (3)

docs/frontend/components.md (3)

5-6: Consistency: unify backtick usage for "components"
The term “components” is backticked on line 5 but not on line 6; consider removing the backticks around both instances or applying them consistently throughout this section.

---

26-27: Grammar: clarify article usage for dependency registration
Rephrase to “we must register the dokan-react-components dependency when using global components” to remove the extra article and improve readability.

---

79-80: Grammar: clarify script vs dependency phrasing
Consider rephrasing to “include dokan-react-components as a script dependency and configure @dokan/components as an external resource” for clearer intent.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e5fc8e3 and 5834275.

📒 Files selected for processing (1)

• docs/frontend/components.md (19 hunks)

🧰 Additional context used

🪛 LanguageTool

docs/frontend/components.md

[uncategorized] ~79-~79: You might be missing the article “a” here.
Context: ...include the dokan-react-components as scripts dependency and the @dokan/components ...

(AI_EN_LECTOR_MISSING_DETERMINER_A)

🔇 Additional comments (1)

docs/frontend/components.md (1)

109-109: File structure: confirm LoginForm path
The tree shows LoginForm.tsx; please verify that this matches the actual file path (including casing and directory name) to prevent broken links in docs.

[coderabbitai]

Actionable comments posted: 1

♻️ Duplicate comments (2)

src/components/LoginForm.tsx (2)

24-29: Add TypeScript interface for component props.

The component still lacks a typed Props interface, as previously noted. This prevents TypeScript from providing proper type checking and IDE support.

Define the interface above the component:

+interface LoginFormProps {
+    onLoginSuccess?: () => void;
+    onCreateAccount?: () => void;
+    createAccountLabel?: string;
+    loginButtonLabel?: string;
+}
+
-const LoginForm = ( {
+const LoginForm: React.FC<LoginFormProps> = ( {

---

41-100: Remove unnecessary async keyword or properly handle the Promise.

The onUserLogin function is declared async but doesn't use await, making it misleading and causing it to return undefined immediately.

Since you're using jQuery.ajax (which doesn't return a Promise), either remove async:

-const onUserLogin = async () => {
+const onUserLogin = () => {

Or if you want proper async handling, wrap the jQuery call in a Promise:

const onUserLogin = async () => {
    // ... existing setup code ...
    
-    $.ajax({
+    await new Promise((resolve, reject) => {
+        $.ajax({
             // ... existing ajax config ...
+            success: (response) => {
+                // ... existing success logic ...
+                resolve(response);
+            },
+            error: (err) => {
+                // ... existing error logic ...
+                reject(err);
+            },
+        });
+    });
-    } catch ( err: any ) {
-        // This catch block is unreachable with current implementation
-    }

🧹 Nitpick comments (3)

src/components/LoginForm.tsx (3)

67-67: Use optional chaining for cleaner conditional checks.

Replace the logical AND with optional chaining for better readability and safety.

-if ( response && response.success ) {
+if ( response?.success ) {

---

64-88: Improve error handling consistency.

The error handling in success and error callbacks could be more robust and consistent.

Consider extracting error handling logic:

+const handleError = (errorMessage: string) => {
+    setIsLoading(false);
+    setError(errorMessage);
+};

+const getErrorMessage = (response: any, fallback: string) => {
+    return response?.data?.message || fallback;
+};

 success( response: any ) {
     setIsLoading( false );
     if ( response?.success ) {
         onLoginSuccess();
     } else {
-        setError(
-            response.data?.message ||
-                __(
-                    'Failed to login. Please try again later.',
-                    'dokan-lite'
-                )
-        );
+        handleError(
+            getErrorMessage(response, __('Failed to login. Please try again later.', 'dokan-lite'))
+        );
     }
 },
 error( err: any ) {
-    setIsLoading( false );
-    setError(
-        err.responseJSON?.data?.message ||
-            __(
-                'Failed to login. Please try again later.',
-                'dokan-lite'
-            )
-    );
+    handleError(
+        getErrorMessage(err.responseJSON, __('Failed to login. Please try again later.', 'dokan-lite'))
+    );
 },

---

133-133: Inconsistent i18n domain usage.

The placeholders use 'dokan' while other strings use 'dokan-lite'. This inconsistency could cause translation issues.

-placeholder: __( 'Write your username', 'dokan' ),
+placeholder: __( 'Write your username', 'dokan-lite' ),

-placeholder: __( 'Write your password', 'dokan' ),
+placeholder: __( 'Write your password', 'dokan-lite' ),

Also applies to: 158-158

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5834275 and c312751.

📒 Files selected for processing (2)

• docs/frontend/components.md (5 hunks)
• src/components/LoginForm.tsx (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• docs/frontend/components.md

🧰 Additional context used

🪛 Biome (1.9.4)

src/components/LoginForm.tsx

[error] 67-67: Change to an optional chain.

Unsafe fix: Change to an optional chain.

(lint/complexity/useOptionalChain)

⏰ Context from checks skipped due to timeout of 90000ms (4)

• GitHub Check: api tests (1, 1)
• GitHub Check: e2e tests (3, 3)
• GitHub Check: e2e tests (1, 3)
• GitHub Check: e2e tests (2, 3)

🔇 Additional comments (1)

src/components/LoginForm.tsx (1)

115-212: LGTM: Well-structured component UI with extensibility.

The component structure is well-designed with proper slot integration for extensibility, appropriate state management, and good UX considerations like disabled states and loading indicators.

[coderabbitai]

🛠️ Refactor suggestion

Remove unreachable catch block.

The try-catch block is misleading since $.ajax() doesn't throw exceptions - it uses callback-based error handling. This catch block will never execute.

-        } catch ( err: any ) {
-            setIsLoading( false );
-            setError(
-                err.message ||
-                    __(
-                        'Failed to login. Please try again later.',
-                        'dokan-lite'
-                    )
-            );
-        }

If you implement the Promise-based approach suggested above, then this catch block would be meaningful.

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In src/components/LoginForm.tsx around lines 90 to 99, the catch block is
unreachable because $.ajax() uses callbacks and does not throw exceptions. To
fix this, refactor the AJAX call to use a Promise-based approach (e.g., wrapping
$.ajax in a Promise or using fetch) so that errors can be caught in the catch
block. Then keep the catch block to handle errors properly; otherwise, remove
the catch block entirely.

[dev-shahed]

We need to test again after the upcoming fixes. Currently, there's an issue with the UI due to changes at the component level from development.

[dev-shahed]

CC: @mrabbani

Need to merge different related PRO PRs to test the PR. As far as @mralaminahamed is concerned, we should proceed to resolve the initial branch conflict for testing this PR