45ef31e61f
Existing and new accounts default to 2FA off. Registration signs users in directly. Users can enable it under My Account. Administrators can manage it under Users & Staff. Verified password-only and opted-in email-code login flows. PHP/JavaScript checks and browser console passed.
36 lines
1.8 KiB
PHP
36 lines
1.8 KiB
PHP
<section class="auth-section section">
|
|
<div class="container auth-grid">
|
|
<div class="auth-intro">
|
|
<span class="eyebrow">Welcome back</span>
|
|
<h1>Your usual is waiting.</h1>
|
|
<p>Sign in to check past orders, save your pickup information, and manage restaurant news.</p>
|
|
<div class="auth-callout">
|
|
<strong>Staff member?</strong>
|
|
<span>Your staff account uses the same secure sign-in.</span>
|
|
</div>
|
|
</div>
|
|
<form class="auth-card form-stack" action="<?= e(url('/login')) ?>" method="post">
|
|
<?= csrf_field() ?>
|
|
<div>
|
|
<span class="eyebrow">Account access</span>
|
|
<h2>Sign In</h2>
|
|
</div>
|
|
<label>Email address
|
|
<input type="email" name="email" required autocomplete="email" value="<?= e($old['email'] ?? '') ?>">
|
|
</label>
|
|
<label>Password
|
|
<input type="password" name="password" required autocomplete="current-password">
|
|
</label>
|
|
<div class="honeypot" aria-hidden="true">
|
|
<label>Website <input type="text" name="website" tabindex="-1" autocomplete="off"></label>
|
|
</div>
|
|
<label>Quick check: what is <?= (int) $captcha[0] ?> + <?= (int) $captcha[1] ?>?
|
|
<input type="number" name="captcha" required inputmode="numeric" autocomplete="off">
|
|
</label>
|
|
<button class="button button-large button-block" type="submit">Continue Securely</button>
|
|
<p class="form-footnote">Email verification is requested only when optional email 2FA is enabled for your account.</p>
|
|
<p class="auth-switch">New here? <a href="<?= e(url('/register')) ?>">Create an account</a></p>
|
|
</form>
|
|
</div>
|
|
</section>
|