Files
plainpages/views/partials/consent-body.ejs
T

22 lines
1.1 KiB
Plaintext

<%#
OAuth2 consent form body: the inner of the auth-card form — the signed-in account, the
CSRF + challenge hidden inputs, the requested scopes, then Allow / Deny submit buttons (one
`decision` field). Locals: account?, challenge, csrfField, csrfToken, scopes (string[]). Captured
by views/oauth-consent.ejs.
-%>
<% const labels = { email: "Your email address", offline_access: "Stay signed in (offline access)", openid: "Verify your identity", profile: "Your basic profile (name)" }; -%>
<% if (locals.account) { -%>
<p class="auth-sub">Signed in as <strong><%= account %></strong></p>
<% } -%>
<input type="hidden" name="<%= csrfField %>" value="<%= csrfToken %>">
<input type="hidden" name="consent_challenge" value="<%= challenge %>">
<% if (scopes.length) { -%>
<ul class="plain-list consent-scopes">
<% scopes.forEach((s) => { -%>
<li><strong><%= s %></strong><% if (labels[s]) { %> — <%= labels[s] %><% } %></li>
<% }) -%>
</ul>
<% } -%>
<button type="submit" class="btn btn-block btn-primary" name="decision" value="allow">Allow</button>
<button type="submit" class="btn btn-block" name="decision" value="deny">Deny</button>