<%# Admin user create/edit form body (todo §5), captured into the shell content slot. Config: form { action, csrfToken, submitLabel, cancelHref, fields: field.ejs config[] } edit? { nextLabel, stateAction, recoveryAction, deleteAction } (edit mode only) recovery? { code? } shown after a recovery code is generated (recovery is code-based) error? string shown when a write was rejected %><% const form = locals.form; const edit = locals.edit; const recovery = locals.recovery; -%>

<% if (locals.error) { -%> <%- include("alert", { text: locals.error, tone: "neg" }) %> <% } -%> <% if (recovery) { -%>

Recovery code generatedGive it to the user — they enter it on the password-reset screen to set a new password (generate a fresh one if it has expired).<% if (recovery.code) { %><%= recovery.code %><% } %>

<% } -%> <% if (edit) { -%>

Delete user

<% } -%>