0bb057d65b
All checks were successful
Build and Deploy / build-and-deploy (push) Successful in 37s
Both forms were missing the hidden csrf_token input, causing 400 Bad Request on POST. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
36 lines
1.0 KiB
HTML
36 lines
1.0 KiB
HTML
{% extends "federation/base.html" %}
|
|
{% block title %}Login — Rose Ash{% endblock %}
|
|
{% block content %}
|
|
<div class="py-8 max-w-md mx-auto">
|
|
<h1 class="text-2xl font-bold mb-6">Sign in</h1>
|
|
|
|
{% if error %}
|
|
<div class="bg-red-50 border border-red-200 text-red-700 p-3 rounded mb-4">
|
|
{{ error }}
|
|
</div>
|
|
{% endif %}
|
|
|
|
<form method="post" action="{{ url_for('auth.start_login') }}" class="space-y-4">
|
|
<input type="hidden" name="csrf_token" value="{{ csrf_token() }}">
|
|
<div>
|
|
<label for="email" class="block text-sm font-medium mb-1">Email address</label>
|
|
<input
|
|
type="email"
|
|
name="email"
|
|
id="email"
|
|
value="{{ email | default('') }}"
|
|
required
|
|
autofocus
|
|
class="w-full border border-stone-300 rounded px-3 py-2 focus:outline-none focus:ring-2 focus:ring-stone-500"
|
|
>
|
|
</div>
|
|
<button
|
|
type="submit"
|
|
class="w-full bg-stone-800 text-white py-2 px-4 rounded hover:bg-stone-700 transition"
|
|
>
|
|
Send magic link
|
|
</button>
|
|
</form>
|
|
</div>
|
|
{% endblock %}
|