{%extends "base.html"%}

{%block title%}Authorise User{%endblock%}

{%block pagetitle%}Authenticate to the API Server{%endblock%}

{%block content%}
{{flash_messages()}}

<form method="POST" action="{{url_for('oauth2.auth.authorise')}}">
  <input type="hidden" name="response_type" value="{{response_type}}" />
  <input type="hidden" name="scope" value="{{scope | join(' ')}}" />
  <input type="hidden" name="client_id" value="{{client.client_id}}" />
  <p>
    You are authorising "{{client.client_metadata.client_name}}" to access
    Genenetwork 3 with the following scope:
  </p>
  <fieldset>
    <legend>Scope</legend>
    {%for scp in scope%}
    <div class="checkbox disabled">
      <label for="scope:{{scp}}">
	<input id="scope:{{scp}}" type="checkbox" name="scope[]" value="{{scp}}"
	       checked="checked" disabled="disabled" />
	{{scp}}
      </label>
    </div>
    {%endfor%}
  </fieldset>

  <fieldset>
    <legend>User Credentials</legend>
    <fieldset class="form-group">
      <label for="user:email" class="form-label">Email</label>
      <input type="email" name="user:email" id="user:email" required="required"
	     class="form-control"/>
    </fieldset>

    <fieldset class="form-group">
    <label for="user:password" class="form-label">Password</label>
    <input type="password" name="user:password" id="user:password"
	   required="required" class="form-control" />
    </fieldset>
  </fieldset>
  
  <input type="submit" value="authorise" class="btn btn-primary" />
</form>
{%endblock%}