dictia-public/templates/auth/oauth_finish_signup.html

{% extends 'marketing/base.html' %}

{% block title %}Finaliser votre inscription DictIA{% endblock %}
{% block description %}Finalisez votre inscription DictIA — consentements Loi 25 requis pour créer votre compte.{% endblock %}

{% block content %}
<section class="min-h-[calc(100vh-62px)] bg-brand-bg py-16 px-4" aria-labelledby="finish-title">
  <div class="max-w-md mx-auto bg-white p-8 rounded-[18px] border border-brand-border shadow-cta">
    <h1 id="finish-title" class="text-3xl font-black text-brand-navy mb-2">Finaliser votre inscription</h1>
    <p class="text-sm text-brand-navy/70 mb-6">
      Vous vous inscrivez via <strong>{{ provider_display or provider | capitalize }}</strong>. Avant de créer votre compte DictIA, nous devons obtenir vos consentements conformément à la {{ "Loi&nbsp;25" | safe }} du Québec.
    </p>

    {% with messages = get_flashed_messages(with_categories=true) %}
      {% if messages %}
        {% for category, message in messages %}
          <div role="alert" class="mb-3 p-3 rounded-lg text-sm
            {% if category == 'danger' %}bg-red-50 text-red-900 border border-red-200
            {% elif category == 'warning' %}bg-amber-50 text-amber-900 border border-amber-200
            {% elif category == 'success' %}bg-green-50 text-green-900 border border-green-200
            {% else %}bg-blue-50 text-blue-900 border border-blue-200{% endif %}">
            {{ message }}
          </div>
        {% endfor %}
      {% endif %}
    {% endwith %}

    {# Pre-filled email from OAuth provider — display only, not editable #}
    <div class="bg-brand-bg border border-brand-border rounded-[0.5rem] p-3 mb-6 text-sm">
      <p class="text-brand-navy/70 mb-1">Compte fédéré :</p>
      <p class="text-brand-navy font-semibold break-all">{{ userinfo.email }}</p>
      {% if userinfo.name %}<p class="text-brand-navy/80 text-xs mt-1">{{ userinfo.name }}</p>{% endif %}
    </div>

    <form method="POST" action="{{ url_for('auth.oauth_finish_signup') }}" class="space-y-4" novalidate>
      <input type="hidden" name="csrf_token" value="{{ csrf_token() }}">

      {# 4 SEPARATE consent checkboxes — Loi 25 art. 14 (consent must be granular, free, informed) #}
      <fieldset class="space-y-3 pt-2">
        <legend class="text-xs font-semibold text-brand-navy uppercase tracking-wide mb-1">{{ "Consentements — Loi&nbsp;25" | safe }}</legend>

        <label for="consent_cgu" class="flex items-start gap-2 text-sm text-brand-navy/90">
          <input type="checkbox" id="consent_cgu" name="consent_cgu" value="y" required aria-required="true"
                 class="mt-1 focus-visible:outline-2 focus-visible:outline-brand-b1 focus-visible:outline-offset-2">
          <span>J'accepte les <a href="/legal/conditions" target="_blank" rel="noopener" class="grad-text underline">conditions d'utilisation</a>. <span class="text-red-600" aria-hidden="true">*</span></span>
        </label>
        {% if errors.consent_cgu %}<p class="text-xs text-red-900 mt-1" role="alert">{{ errors.consent_cgu }}</p>{% endif %}

        <label for="consent_confidentialite" class="flex items-start gap-2 text-sm text-brand-navy/90">
          <input type="checkbox" id="consent_confidentialite" name="consent_confidentialite" value="y" required aria-required="true"
                 class="mt-1 focus-visible:outline-2 focus-visible:outline-brand-b1 focus-visible:outline-offset-2">
          <span>J'accepte la <a href="/legal/confidentialite" target="_blank" rel="noopener" class="grad-text underline">politique de confidentialité</a>. <span class="text-red-600" aria-hidden="true">*</span></span>
        </label>
        {% if errors.consent_confidentialite %}<p class="text-xs text-red-900 mt-1" role="alert">{{ errors.consent_confidentialite }}</p>{% endif %}

        <label for="consent_marketing" class="flex items-start gap-2 text-sm text-brand-navy/90">
          <input type="checkbox" id="consent_marketing" name="consent_marketing" value="y"
                 class="mt-1 focus-visible:outline-2 focus-visible:outline-brand-b1 focus-visible:outline-offset-2">
          <span>J'accepte de recevoir des communications marketing (optionnel, désactivable à tout moment).</span>
        </label>

        <label for="consent_analytics" class="flex items-start gap-2 text-sm text-brand-navy/90">
          <input type="checkbox" id="consent_analytics" name="consent_analytics" value="y"
                 class="mt-1 focus-visible:outline-2 focus-visible:outline-brand-b1 focus-visible:outline-offset-2">
          <span>J'accepte les statistiques d'usage anonymisées (optionnel, désactivable à tout moment).</span>
        </label>
      </fieldset>

      <button type="submit" class="w-full grad-bg text-white font-semibold py-3 rounded-[0.75rem] shadow-cta hover:shadow-cta-hover transition focus-visible:outline-2 focus-visible:outline-brand-b1 focus-visible:outline-offset-2">
        Créer mon compte DictIA
      </button>
    </form>

    <p class="text-center text-sm text-brand-navy/70 mt-6">
      Vous voulez utiliser un autre courriel&nbsp;?
      <a href="{{ url_for('auth.signup') }}" class="grad-text font-semibold hover:underline">Inscription manuelle</a>
    </p>
  </div>
</section>
{% endblock %}