{% extends 'base.html' %}

{% block navbar %}{% endblock %}

{% block styles %}
{{ super() }}
<style>
body {
    background: linear-gradient(135deg,
        {{ config['STYLE_NAV_BACKGROUND_COLOR'] or '#2c3e50' }} 0%,
        #1a1a2e 100%);
    min-height: 100vh;
}

.login-wrapper {
    min-height: 100vh;
    display: flex;
    align-items: center;
    justify-content: center;
    padding: 2rem 1rem;
}

.login-card {
    width: 100%;
    max-width: 420px;
    background: #ffffff;
    border-radius: 12px;
    box-shadow: 0 10px 40px rgba(0, 0, 0, 0.25);
    padding: 2.5rem 2rem;
}

.login-card .login-brand {
    text-align: center;
    margin-bottom: 1.5rem;
}

.login-card .login-brand img {
    width: 56px;
    height: 56px;
    margin-bottom: 0.5rem;
}

.login-card .login-brand h2 {
    font-size: 1.4rem;
    margin: 0;
    font-weight: 600;
    color: #222;
}

.login-card .login-brand small {
    color: #6c757d;
    font-size: 0.75rem;
    text-transform: uppercase;
    letter-spacing: 0.5px;
}

.login-card .form-group {
    margin-bottom: 1rem;
}

.login-card .form-group label {
    font-size: 0.85rem;
    font-weight: 500;
    color: #555;
    margin-bottom: 0.35rem;
}

.login-card .input-with-icon {
    position: relative;
}

.login-card .input-with-icon .fa {
    position: absolute;
    left: 12px;
    top: 50%;
    transform: translateY(-50%);
    color: #9aa0a6;
    pointer-events: none;
}

.login-card .input-with-icon input {
    padding-left: 36px;
    height: 42px;
    border-radius: 8px;
    border: 1px solid #d7dbe0;
    transition: border-color 0.15s, box-shadow 0.15s;
}

.login-card .input-with-icon input:focus {
    border-color: #5b9bd5;
    box-shadow: 0 0 0 3px rgba(91, 155, 213, 0.15);
    outline: none;
}

.login-card .btn-login {
    width: 100%;
    height: 44px;
    border-radius: 8px;
    font-weight: 600;
    letter-spacing: 0.3px;
    background: linear-gradient(135deg, #3498db 0%, #2c6da8 100%);
    border: none;
    color: #fff;
    transition: transform 0.05s, box-shadow 0.15s;
}

.login-card .btn-login:hover {
    box-shadow: 0 4px 14px rgba(52, 152, 219, 0.35);
}

.login-card .btn-login:active {
    transform: translateY(1px);
}

.login-card .login-footer {
    margin-top: 1.25rem;
    text-align: center;
    font-size: 0.85rem;
}

.login-card .login-footer a {
    color: #5b9bd5;
    text-decoration: none;
}

.login-card .login-footer a:hover {
    text-decoration: underline;
}

.login-card .invalid-feedback {
    display: block;
    color: #d9534f;
    font-size: 0.8rem;
    margin-top: 0.25rem;
}

.login-flash {
    position: fixed;
    top: 1rem;
    left: 50%;
    transform: translateX(-50%);
    z-index: 1050;
    min-width: 280px;
    max-width: 90vw;
}
</style>
{% endblock %}

{% block content %}
<div class="login-wrapper">
    <div class="login-card">
        <div class="login-brand">
            <img src="{{ config['BASE_PREFIX'] }}static/logo_white.png" alt="Logo">
            <h2>cmdbsyncer</h2>
            {% if config['HEADER_HINT'] %}
            <small>{{ config['HEADER_HINT'] }}</small>
            {% endif %}
        </div>

        {% if show_https_warning %}
        <div class="alert alert-warning" role="alert" style="font-size: 0.85rem;">
            <strong>HTTPS is required but not in use.</strong>
            Login over plain HTTP is blocked because
            <code>SESSION_COOKIE_SECURE</code> is on. Either configure
            TLS (directly or via a reverse proxy with
            <code>TRUSTED_PROXIES</code> set), or — if you intentionally
            want to keep running on HTTP — add
            <code>REQUIRE_HTTPS = False</code> to
            <code>local_config.py</code> and restart the service.
        </div>
        {% endif %}

        <form method="POST" novalidate>
            {{ LoginForm.hidden_tag() }}

            <div class="form-group">
                <label for="{{ LoginForm.login_email.id }}">E-Mail</label>
                <div class="input-with-icon">
                    <i class="fa fa-envelope"></i>
                    {{ LoginForm.login_email(class="form-control",
                        placeholder="you@example.com",
                        autocomplete="username",
                        autofocus=true) }}
                </div>
                {% for err in LoginForm.login_email.errors %}
                <div class="invalid-feedback">{{ err }}</div>
                {% endfor %}
            </div>

            <div class="form-group">
                <label for="{{ LoginForm.password.id }}">Password</label>
                <div class="input-with-icon">
                    <i class="fa fa-lock"></i>
                    {{ LoginForm.password(class="form-control",
                        placeholder="••••••••",
                        autocomplete="current-password") }}
                </div>
                {% for err in LoginForm.password.errors %}
                <div class="invalid-feedback">{{ err }}</div>
                {% endfor %}
            </div>

            <div class="form-group">
                <label for="{{ LoginForm.otp.id }}">
                    OTP <small class="text-muted">(only if 2FA is enabled)</small>
                </label>
                <div class="input-with-icon">
                    <i class="fa fa-key"></i>
                    {{ LoginForm.otp(class="form-control",
                        placeholder="123 456",
                        autocomplete="one-time-code") }}
                </div>
                {% for err in LoginForm.otp.errors %}
                <div class="invalid-feedback">{{ err }}</div>
                {% endfor %}
            </div>

            {{ LoginForm.login_submit(class="btn btn-login") }}
        </form>

        <div class="login-footer">
            <a href="{{ url_for('auth.request_password') }}">Forgot your password?</a>
        </div>
    </div>
</div>

{% for category, message in get_flashed_messages(with_categories=true) %}
<div class="alert alert-{{ category }} alert-dismissable login-flash">
    <button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
    {{ message }}
</div>
{% endfor %}
{% endblock %}