;; Auth page components (device auth — account-specific)
;; Login and check-email components are shared: see shared/sx/templates/auth.sx

(defcomp ~account-device-error (&key error)
  (when error
    (div :class "bg-red-50 border border-red-200 text-red-700 p-3 rounded mb-4"
      error)))

(defcomp ~account-device-form (&key error action csrf-token code)
  (div :class "py-8 max-w-md mx-auto"
    (h1 :class "text-2xl font-bold mb-6" "Authorize device")
    (p :class "text-stone-600 mb-4" "Enter the code shown in your terminal to sign in.")
    error
    (form :method "post" :action action :class "space-y-4"
      (input :type "hidden" :name "csrf_token" :value csrf-token)
      (div
        (label :for "code" :class "block text-sm font-medium mb-1" "Device code")
        (input :type "text" :name "code" :id "code" :value code :placeholder "XXXX-XXXX"
          :required true :autofocus true :maxlength "9" :autocomplete "off" :spellcheck "false"
          :class "w-full border border-stone-300 rounded px-3 py-3 text-center text-2xl tracking-widest font-mono uppercase focus:outline-none focus:ring-2 focus:ring-stone-500"))
      (button :type "submit"
        :class "w-full bg-stone-800 text-white py-2 px-4 rounded hover:bg-stone-700 transition"
        "Authorize"))))

(defcomp ~account-device-approved ()
  (div :class "py-8 max-w-md mx-auto text-center"
    (h1 :class "text-2xl font-bold mb-4" "Device authorized")
    (p :class "text-stone-600" "You can close this window and return to your terminal.")))

;; Assembled auth page content — replaces Python _login_page_content etc.

(defcomp ~account-login-content (&key error email)
  (~auth-login-form
    :error (when error (~auth-error-banner :error error))
    :action (url-for "auth.start_login")
    :csrf-token (csrf-token)
    :email (or email "")))

(defcomp ~account-device-content (&key error code)
  (~account-device-form
    :error (when error (~account-device-error :error error))
    :action (url-for "auth.device_submit")
    :csrf-token (csrf-token)
    :code (or code "")))

(defcomp ~account-check-email-content (&key email email-error)
  (~auth-check-email
    :email (escape (or email ""))
    :error (when email-error
             (~auth-check-email-error :error (escape email-error)))))