Basic Login Component/Form
The basic Login component consists of a title (Log in), two input fields (Username and Password), and two buttons (Log in and Forgot password).
You can customize the form’s title and labels using internationalization.
The basic Login component can be used to create log-in pages featuring rich content.
Password managersLogin is incompatible with password managers if placed inside another component’s  shadow root. This isn’t an issue when using Login’s modal overlay.
Login features its own modal overlay. Use it to create simple log-in pages — which are full-screen on mobile devices — or to handle authentication without a dedicated log-in page. You can also use it to handle re-authentication when the user’s session has expired.
The overlay can be opened programmatically or through user interaction, for example, by using a log-in button.
Login shows an error message when authentication fails. The error message consists of a title and a message. It’s displayed directly below the title of the form.
The error message is customizable using internationalization. It should contain instructions on how to resolve the problem.
More information can also be provided to the user, for example by linking to a page with helpful material or by displaying contact information.
Login’s titles, descriptions, labels, and messages are all customizable using internationalization.
The header is only shown for modal log-in forms.
Customize the form’s title, input field and button labels.
When authentication fails, the component shows a Login error message. It consists of a title and message.
"Incorrect username or password"
"Check that you have entered the correct username and password and try again."
You can add a listener to log-in events and/or define an action for which a
POST request is fired.
From the event, you can prevent the
The log-in button is disabled when clicked, to prevent multiple submissions.
To restore it, call
You can add an event listener, which allows you to offer users instructions for password recovery.
Cross-Site Request Forgery (CSRF) Tokens
If the page contains the following meta tags with a CSRF token, the token is automatically included in a form
<meta name="_csrf_parameter" content="_csrf"> <meta name="_csrf" content="71dac59f-34ee-4b31-b478-2891cbd0c55d">
This token is submitted as
_csrf=71dac59f-34ee-4b31-b478-2891cbd0c55d, that is, using the
_csrf_parameter content as the variable name and the
_csrf content as the value.
|You can find more information in the corresponding article on vaadin.com.|