Create sign_up_modified.html

[Moumita-08]

Pull Request for Resum-Resume 💡
Issue Title: Implement Sign-Up Page with Form Validation and API Integration
Info about the related issue (Aim of the project): This pull request adds the sign-up page to the LinkedIn Resume Builder, allowing new users to create an account with basic form validation, password visibility toggle, and submission via a POST request to the backend.
Name: Moumita Shee
GitHub ID: Moumita-08
Email ID: [email protected]

This PR introduces a fully functional sign-up page with the following features:

Form Elements: Includes input fields for full name, email, password, and password confirmation.
Validation: Ensures all fields are required before allowing form submission.
Password Toggle Visibility: Users can toggle the visibility of the password fields using an eye icon, enhancing user experience.
Form Submission: Submits form data as a JSON object to the backend endpoint /auth/signup to handle user registration.
Styling: Styled the sign-up page using custom colors and fonts to maintain a cohesive user interface across the application.
Type of change ☑️
Bug fix (non-breaking change which fixes an issue)
New feature (non-breaking change which adds functionality)
Code style update (formatting, local variables)
Breaking change (fix or feature that would cause existing functionality to not work as expected)
This change requires a documentation update
How Has This Been Tested? ⚙️
The sign-up page was tested in the following ways:

Manual Testing: Checked that all fields validate correctly, that the form only submits when all fields are filled, and that password visibility toggles as expected.
Backend Response: Verified the form submission using a local server to confirm that data is correctly sent as JSON to the specified endpoint.
Styling: Ensured the page layout displays correctly across different screen sizes.
Checklist: ☑️
My code follows the guidelines of this project.
I have performed a self-review of my own code.
I have commented my code, particularly wherever it was hard to understand.
I have made corresponding changes to the documentation.
My changes generate no new warnings.
I have added things that prove my fix is effective or that my feature works.
Any dependent changes have been merged and published in downstream modules.
This should help you present a clear, comprehensive pull request for your GSSoC or GirlScript Summer of Code contribution! Let me know if you'd like further adjustments.

Summary by CodeRabbit

• New Features
  • Introduced a responsive sign-up page for the LinkedIn Resume Builder application.
  • Implemented a user registration form with fields for full name, email, password, and password confirmation.
  • Added password visibility toggle for enhanced user experience.
  • Included error handling and validation for form submission.
  • Navigation options to the homepage and login page are available.

[coderabbitai]

Walkthrough

The changes introduce a new HTML file, sign_up_modified.html, for a sign-up page in a LinkedIn Resume Builder application. It features a responsive layout using Bootstrap, a user registration form with input fields for name, email, and password, and includes a password visibility toggle. The form submission is handled asynchronously, validating inputs and sending a POST request to a specified endpoint. The design focuses on user accessibility and includes navigation elements such as a logo and a login button.

Changes

File	Change Summary
sign_up_modified.html	Introduced a complete HTML structure for a sign-up page with a responsive layout, form validation, and asynchronous submission handling.

Suggested labels

hacktoberfest, level2, gssoc-ext, hacktoberfest-accepted

Poem

In a world of code, a new page blooms,
With fields for names and passwords' rooms.
A button to log in, a logo to see,
A sign-up so easy, just hop like me!
With Bootstrap's grace, it’s all set to go,
Join the fun, let your resume glow! 🐇✨

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 7

🧹 Outside diff range and nitpick comments (1)

sign_up_modified.html (1)

1-204: Consider implementing additional security measures.

1. Implement rate limiting to prevent brute force attacks
2. Add security headers (CSP, X-Frame-Options, etc.)
3. Consider implementing reCAPTCHA or similar anti-bot measures
4. Ensure proper server-side validation is in place

Consider implementing these security headers in your server configuration:

add_header Content-Security-Policy "default-src 'self'; style-src 'self' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com; script-src 'self' 'unsafe-inline'";
add_header X-Frame-Options "DENY";
add_header X-Content-Type-Options "nosniff";
add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header Permissions-Policy "geolocation=(), microphone=(), camera=()";

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 7b65fe0 and 9014840.

📒 Files selected for processing (1)

• sign_up_modified.html (1 hunks)

🔇 Additional comments (1)

sign_up_modified.html (1)

10-10: Verify the favicon path accessibility.

The favicon path images/favicon-removebg-preview.png is using a relative path. This might cause issues depending on the URL structure of your application.

✅ Verification successful

Favicon path is correctly configured

The verification confirms that the favicon file exists at the exact relative path specified in the HTML (images/favicon-removebg-preview.png), making the current implementation correct and accessible.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if the favicon exists in the expected location
fd -t f "favicon-removebg-preview.png"

Length of output: 74

[coderabbitai]

⚠️ Potential issue

Remove text-transform: capitalize from global styles.

The text-transform: capitalize rule will affect email addresses in the form, which should maintain their original case.

-            text-transform: capitalize;

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

text-transform: capitalize;

[coderabbitai]

⚠️ Potential issue

Replace absolute positioning with responsive layout.

Using fixed pixel values for positioning the logo will break the layout on different screen sizes.

-            position: absolute;
-            top: 20px;
-            left: 635px;
+            text-align: center;
+            margin: 20px auto;

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	position: absolute;
	top: 20px;
	left: 635px;
	}
	text-align: center;
	margin: 20px auto;
	}

[coderabbitai]

⚠️ Potential issue

Reconsider overflow: hidden on body.

This might prevent scrolling on smaller screens or when the keyboard is visible on mobile devices.

        body {
            background-color: var(--deep-teal);
-            overflow: hidden;
+            min-height: 100vh;
        }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	background-color: var(--deep-teal);
	overflow: hidden;
	}
	background-color: var(--deep-teal);
	min-height: 100vh;
	}

[coderabbitai]

⚠️ Potential issue

Add password validation before submission.

The form should validate that the password and confirm password match before submission.

             if (!name || !email || !password || !confirmPassword) {
                 alert("All fields are required");
                 return;
             }
+            
+            if (password !== confirmPassword) {
+                alert("Passwords do not match");
+                return;
+            }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	if (!name || !email || !password || !confirmPassword) {
	alert("All fields are required");
	return;
	}
	if (!name || !email || !password || !confirmPassword) {
	alert("All fields are required");
	return;
	}
	if (password !== confirmPassword) {
	alert("Passwords do not match");
	return;
	}

[coderabbitai]

🛠️ Refactor suggestion

Improve error message handling.

Replace generic alert with a more user-friendly error display mechanism.

-                    alert("Sign Up failed: " + data.message);
+                    const errorDiv = document.createElement('div');
+                    errorDiv.className = 'alert alert-danger';
+                    errorDiv.textContent = data.message || 'Sign up failed. Please try again.';
+                    document.getElementById('signupForm').prepend(errorDiv);

Committable suggestion was skipped due to low confidence.

[coderabbitai]

⚠️ Potential issue

Enhance form security and accessibility.

Several important security and accessibility features are missing:

1. No CSRF protection
2. No password strength requirements or validation
3. Missing ARIA labels and form validation messages

Add CSRF protection and improve accessibility:

-            <form id="signupForm">
+            <form id="signupForm" novalidate>
+                <input type="hidden" name="_csrf" value="<%= csrfToken %>">
-                <input type="text" id="name" placeholder="Full Name" required>
+                <input type="text" id="name" name="name" placeholder="Full Name" required
+                    aria-label="Full Name" aria-required="true"
+                    pattern="^[a-zA-Z ]+$">
+                <div class="invalid-feedback">Please enter a valid name</div>

-                <input type="email" id="email" placeholder="Email Address" required>
+                <input type="email" id="email" name="email" placeholder="Email Address" required
+                    aria-label="Email Address" aria-required="true">
+                <div class="invalid-feedback">Please enter a valid email address</div>

                 <div class="password-container">
-                    <input type="password" id="password" placeholder="Password" required>
+                    <input type="password" id="password" name="password" placeholder="Password" required
+                        aria-label="Password" aria-required="true"
+                        pattern="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&])[A-Za-z\d@$!%*?&]{8,}$">
+                    <div class="password-requirements">
+                        Password must contain at least 8 characters, including uppercase, lowercase, 
+                        numbers and special characters
+                    </div>

Committable suggestion was skipped due to low confidence.

[coderabbitai]

⚠️ Potential issue

Avoid hardcoding API URL and improve security headers.

The API URL should be configurable, and additional security headers should be included.

-                const res = await fetch("http://localhost:5000/auth/signup", {
+                const res = await fetch(`${process.env.API_BASE_URL}/auth/signup`, {
                     method: "POST",
-                    headers: { "content-type": "application/json" },
+                    headers: {
+                        "Content-Type": "application/json",
+                        "X-CSRF-Token": document.querySelector('[name="_csrf"]').value
+                    },
                     body: JSON.stringify(userData)
                 });

Committable suggestion was skipped due to low confidence.