{% extends "base.html" %}

{% block title %}
	{% if client %}
		{{ _("Edit - %(name)s", name=client.title) }}
	{% else %}
		{{ _("Create OAuth Client") }}
	{% endif %}
{% endblock %}

{% from "macros/forms.html" import render_field, render_submit_field %}

{% block content %}
	{% if client %}
		<form class="float-end" method="POST" action="{{ url_for('oauth.delete_client', username=client.owner.username, id_=client.id) }}">
			<input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
			<input class="btn btn-danger" type="submit" value="{{ _('Delete') }}">
		</form>
	{% endif %}

	<h1 class="mt-0">{{ self.title() }}</h1>

	{% if client %}
		{% if not client.approved %}
			<aside class="alert alert-info my-5">
				<h3 class="mt-0">{{ _("Application isn't approved yet") }}</h3>
				<p class="mb-0">
					{{ _("To allow users other than yourself to log in, you'll need to contact ContentDB staff and ask them to approve your app.") }}
				</p>
			</aside>
		{% endif %}

		<form class="card my-5" method="POST" action="{{ url_for("oauth.revoke_all", username=client.owner.username, id_=client.id) }}">
			<input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
			<div class="card-body d-flex flex-row align-items-center">
				<p class="col my-0">{{ _("Your application has %(count)d users", count=client.tokens.count()) }}</p>
				<input type="submit" class="btn btn-danger col-auto" value="{{ _('Revoke all user tokens') }}">
			</div>
		</form>
		<div class="card my-5">
			<div class="card-body">
				<div class="form-group mb-3">
					<label class="form-label" for="client_id">client_id</label>
					<input class="form-control" type="text" id="client_id" name="client_id" value="{{ client.id }}" readonly>
				</div>
				<div class="form-group">
					<label class="form-label" for="client_secret">client_secret</label>
					<input class="form-control" type="text" id="client_secret" name="client_secret" value="{{ client.secret }}" readonly>
					<p class="form-text text-muted">
						{% if not client.is_clientside %}
							{{ _("You must keep the secret safe. If you are unable, set the app type to 'client-side'.") }}
						{% endif %}
					</p>
				</div>
				<div class="form-group">
					<label class="form-label" for="authorize_url">{{ _("Example Authorize URL") }}</label>
					<input class="form-control" type="text" id="authorize_url" name="authorize_url" readonly
						value="{{ abs_url_for("oauth.oauth_start", response_type="code", client_id=client.id, redirect_uri=client.redirect_url) }}">
				</div>
			</div>
		</div>
	{% endif %}

	<form method="POST" action="" enctype="multipart/form-data">
		{{ form.hidden_tag() }}

		{{ render_field(form.title) }}
		{{ render_field(form.description, hint=_("Shown to users when you request access to their account")) }}
		{{ render_field(form.redirect_url) }}
		{{ render_field(form.app_type, hint=_("Where will you store your client_secret?")) }}

		{{ render_submit_field(form.submit) }}
	</form>
{% endblock %}