User Sign-in Section (Hero)

Full-height hero section with background image, badge, headline, description, and sign-in form card. Composes Badge + Typography + Button + Form Elements without custom styling.

Hero Authentication Sign-in Form Glassy Card

User Sign-in Section - Full Preview

Complete hero section with sign-in form composed from Design System primitives.

Live Preview (Full Viewport)
HTML Structure 
<section class="user-signin-section">
  <!-- Background Image -->
  <div class="user-signin-section__bg">
    <img
      src="background.jpg"
      alt="Forest path"
      class="user-signin-section__bg-image"
    >
    <div class="user-signin-section__bg-overlay"></div>
  </div>

  <!-- Hero Content -->
  <div class="user-signin-section__content">
    <div class="grid grid-cols-1 lg:grid-cols-2 gap-12 lg:gap-16 items-center">
      <!-- Left: Text Content -->
      <div>
        <span class="badge badge--primary mb-6">
          👋 Welcome back
        </span>

        <h1 class="t-display mb-6 text-white">
          Sign in to your account
        </h1>

        <p class="t-lead mb-8 text-white-90">
          Manage your bookings, messages, and account settings in one place.
        </p>
      </div>

      <!-- Right: Sign-in Form Card -->
      <div class="user-signin-section__card">
        <h3 class="t-lead t-semibold mb-2 text-white">Sign in</h3>
        <p class="user-signin-section__card-subtitle">Use your email and password to continue.</p>

        <form action="#" method="post" class="space-y-4">
          <!-- Email Field -->
          <div>
            <label for="email">Email</label>
            <input
              type="email"
              id="email"
              name="email"
              class="input"
              placeholder="your@email.com"
              autocomplete="email"
              required
            >
          </div>

          <!-- Password Field -->
          <div>
            <label for="password">Password</label>
            <input
              type="password"
              id="password"
              name="password"
              class="input"
              placeholder="••••••••"
              autocomplete="current-password"
              required
            >
            <a href="#" class="user-signin-section__forgot-password">
              Forgot password?
            </a>
          </div>

          <!-- Remember Me Checkbox -->
          <div class="flex items-center gap-2">
            <input
              type="checkbox"
              id="remember"
              name="remember"
              class="checkbox"
            >
            <label for="remember" class="mb-0 cursor-pointer">
              Remember me
            </label>
          </div>

          <!-- GDPR Acknowledgment -->
          <div class="flex items-start gap-2">
            <input
              type="checkbox"
              id="gdpr"
              name="gdpr"
              class="checkbox"
              required
              style="margin-top: 0.125rem;"
            >
            <label for="gdpr" class="user-signin-section__gdpr-text mb-0 cursor-pointer">
              I have read the <a href="#">Privacy Policy</a> and consent to the processing of my personal data for authentication purposes.
            </label>
          </div>

          <!-- Submit Button -->
          <button type="submit" class="btn btn--primary w-full">
            Sign In
          </button>
        </form>
      </div>
    </div>
  </div>
</section>

CSS Location

The styling for this pattern is located at:

/assets/css/ui/views/user-signin-section.css

This file is automatically included via /assets/css/ui-system.css.

Usage Guidelines

✅ Do
  • Use this pattern for the main sign-in page
  • Keep the form simple (email + password + checkboxes)
  • Add CSRF token in production: <input type="hidden" name="_csrf_token" value="...">
  • Update the form action attribute to your sign-in endpoint
  • Link "Forgot password?" to your password reset page
  • Link "Privacy Policy" to your actual privacy policy page
  • Test both light and dark themes
  • Test on mobile (form should stack below content)
  • Use accessible labels and autocomplete attributes
  • Add server-side validation and error handling
❌ Don't
  • Don't add more fields (keep sign-in focused)
  • Don't create custom button classes (use .btn .btn--primary)
  • Don't create custom input styling (use .input and .checkbox)
  • Don't use Tailwind text utilities for typography (use .t-display, .t-lead)
  • Don't forget to validate on the server (never trust client-side validation)
  • Don't expose detailed error messages (e.g., "email not found" vs "password incorrect")
  • Don't skip GDPR acknowledgment in production
  • Don't remove accessibility attributes (autocomplete, aria-labels)

Integration Notes

Backend Integration

When integrating this pattern into your application:

  1. Update the action attribute to your authentication endpoint (e.g., //auth/signin)
  2. Add CSRF token protection: <input type="hidden" name="_csrf_token" value="">
  3. Replace static text with translation keys:
  4. Add server-side validation for email format and password requirements
  5. Implement rate limiting to prevent brute-force attacks
  6. Add error message display above the form (use Design System message components)
  7. Redirect authenticated users away from this page
  8. Log authentication attempts for security monitoring

Security Considerations

  • Always use HTTPS for authentication pages
  • Store passwords using strong hashing (bcrypt, Argon2)
  • Implement account lockout after failed attempts
  • Use secure session management (httpOnly, secure, sameSite cookies)
  • Consider adding 2FA/MFA for enhanced security
  • Log authentication events for audit trails

Related Components

Buttons Form Inputs Badges Typography Colors Spacing Welcome Section (similar pattern)