{# JS-only redirect to /authenticate. Kept minimal so prefetching doesn't consume the one-time code before the user actually navigates. The one_time_code is emitted via tojson + encodeURIComponent because Jinja's HTML autoescape is not a JS-string escaper. #} Authenticating...

Authenticating...