/*
 * Auth page styling (login, registration, password reset, confirmations)
 * — modern, clean, mobile-first.
 *
 * Color palette mirrors the LOGGED-IN webapp (style.css `.btn-primary`
 * is blue #1d76b0; navbar is dark slate #2c3e50). The /start/ landing
 * page uses a teal accent that does NOT match — auth pages need to feel
 * like a continuation of the app, not the marketing site.
 *
 * Loaded by every auth template via
 * {{ asset('bundles/erepsuser/css/auth.css') }}. Capistrano runs
 * assets:install on each deploy to symlink Resources/public/ → web/bundles/.
 */

/*
 * CSS variables are scoped to the page wrapper (not :root) so they
 * cannot leak into other stylesheets bundled on the same render.
 */
.auth-page {
  /*
   * Colors mirror the logged-in webapp's primary palette
   * (style.css `.btn-primary` = #1d76b0, navbar = #2c3e50). The
   * `--auth-accent` is the legacy teal used for success/checkmarks
   * only — DO NOT use as a primary CTA color, the webapp's primary
   * action color is blue.
   */
  --auth-primary: #1d76b0;
  --auth-primary-dark: #155d8c;
  --auth-primary-darker: #054e7d;
  --auth-accent: #1abc9c;
  --auth-accent-dark: #16a085;
  --auth-dark: #2c3e50;
  --auth-text: #333;
  --auth-text-light: #555;
  --auth-text-muted: #888;
  --auth-bg: #f5f7fa;
  --auth-card-bg: #ffffff;
  --auth-border: #d0d7de;
  --auth-border-focus: #1d76b0;
  --auth-error: #e74c3c;
  --auth-error-bg: #fdecea;
  --auth-radius: 12px;
  --auth-radius-sm: 8px;
  --auth-shadow: 0 1px 3px rgba(0,0,0,0.06), 0 12px 40px rgba(15, 27, 45, 0.08);

  min-height: 100vh;
  background: var(--auth-bg);
  font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif;
  color: var(--auth-text);
  line-height: 1.5;
  padding: 24px 16px 56px;
  -webkit-font-smoothing: antialiased;
  display: flex;
  align-items: flex-start;
  justify-content: center;
}

.auth-shell {
  width: 100%;
  max-width: 460px;
  display: flex;
  flex-direction: column;
  align-items: center;
}

.auth-logo {
  display: inline-block;
  margin-bottom: 18px;
}
.auth-logo img {
  height: 44px;
  width: auto;
  display: block;
}

.auth-card {
  width: 100%;
  background: var(--auth-card-bg);
  border-radius: var(--auth-radius);
  box-shadow: var(--auth-shadow);
  padding: 40px 32px 32px;
}

.auth-header {
  text-align: center;
  margin-bottom: 28px;
}
.auth-header h1 {
  margin: 0 0 10px;
  font-size: 1.875rem;
  font-weight: 700;
  color: var(--auth-dark);
  letter-spacing: -0.01em;
}
.auth-subtitle {
  margin: 0;
  color: var(--auth-text-light);
  font-size: 1.0625rem;
  line-height: 1.5;
}

.auth-form { margin: 0; }

.auth-field {
  margin-bottom: 20px;
}
.auth-field label {
  display: block;
  font-size: 0.9375rem;
  font-weight: 600;
  color: var(--auth-dark);
  margin-bottom: 8px;
}
.auth-field-label-row {
  display: flex;
  align-items: baseline;
  justify-content: space-between;
  gap: 12px;
  margin-bottom: 8px;
}
.auth-field-label-row label { margin-bottom: 0; }
.auth-field-link {
  font-size: 0.875rem;
  color: var(--auth-primary);
  font-weight: 500;
  text-decoration: none;
}
.auth-field-link:hover { text-decoration: underline; }
.auth-input {
  display: block;
  width: 100%;
  padding: 13px 14px;
  font-size: 1.0625rem;
  font-family: inherit;
  color: var(--auth-text);
  background: #fff;
  border: 1px solid var(--auth-border);
  border-radius: var(--auth-radius-sm);
  transition: border-color 0.15s ease, box-shadow 0.15s ease;
  -webkit-appearance: none;
  appearance: none;
}
.auth-input:focus {
  outline: none;
  border-color: var(--auth-border-focus);
  box-shadow: 0 0 0 3px rgba(29, 118, 176, 0.18);
}
.auth-input::placeholder { color: var(--auth-text-muted); }

.auth-field.has-error .auth-input {
  border-color: var(--auth-error);
  background: #fff;
}
.auth-field ul,
.auth-error-summary ul,
.auth-terms ul {
  list-style: none;
  margin: 6px 0 0;
  padding: 0;
  font-size: 0.85rem;
  color: var(--auth-error);
}
.auth-error-summary {
  background: var(--auth-error-bg);
  border: 1px solid #f5c6cb;
  border-radius: var(--auth-radius-sm);
  padding: 12px 14px;
  margin-bottom: 16px;
  color: #842029;
  font-size: 0.9rem;
}
.auth-error-summary ul { margin: 0; color: #842029; }

/*
 * Flash message variants. Symfony flashBag types map to these so a
 * "success" or "warning" flash (e.g. "An email has been sent" after
 * password reset) doesn't render as a red error block.
 */
.auth-flash {
  border: 1px solid;
  border-radius: var(--auth-radius-sm);
  padding: 12px 14px;
  margin-bottom: 16px;
  font-size: 0.9rem;
}
.auth-flash--success {
  background: #e8faf1;
  border-color: #b7ebcb;
  color: #155724;
}
.auth-flash--warning,
.auth-flash--notice,
.auth-flash--info {
  background: #fff8e1;
  border-color: #ffe7a3;
  color: #7a5a08;
}
.auth-flash--error,
.auth-flash--danger {
  background: var(--auth-error-bg);
  border-color: #f5c6cb;
  color: #842029;
}

.auth-terms {
  display: block;
  margin: 4px 0 24px;
  font-size: 0.9375rem;
  color: var(--auth-text);
}
.auth-terms label {
  display: flex;
  align-items: center;
  gap: 12px;
  cursor: pointer;
  line-height: 1.4;
}
.auth-terms input[type="checkbox"] {
  width: 18px;
  height: 18px;
  margin: 0;
  accent-color: var(--auth-accent);
  flex-shrink: 0;
  cursor: pointer;
}
.auth-terms a {
  color: var(--auth-primary);
  text-decoration: none;
}
.auth-terms a:hover { text-decoration: underline; }
.auth-terms.has-error label span { color: var(--auth-error); }

.auth-submit {
  display: block;
  width: 100%;
  padding: 15px 24px;
  font-size: 1.1rem;
  font-weight: 600;
  font-family: inherit;
  color: #fff;
  background: var(--auth-primary);
  border: 1px solid var(--auth-primary-darker);
  border-radius: var(--auth-radius-sm);
  cursor: pointer;
  transition: background 0.15s ease, box-shadow 0.15s ease, transform 0.1s ease;
  -webkit-appearance: none;
  appearance: none;
}
.auth-submit:hover {
  background: var(--auth-primary-dark);
  border-color: var(--auth-primary-darker);
  box-shadow: 0 4px 12px rgba(29, 118, 176, 0.3);
}
.auth-submit:active {
  transform: translateY(1px);
  box-shadow: none;
}
.auth-submit:focus {
  outline: none;
  box-shadow: 0 0 0 3px rgba(29, 118, 176, 0.35);
}

/* Used when the "submit" is actually a link (e.g., the post-confirmation
   "Go to dashboard" CTA) so it inherits all the button styling. */
.auth-submit--link {
  text-decoration: none;
  text-align: center;
  display: block;
}

/* Tips list on the check-your-email page. */
.auth-tips {
  list-style: none;
  margin: 0 0 8px;
  padding: 16px 18px;
  background: #f8fafc;
  border: 1px solid var(--auth-border);
  border-radius: var(--auth-radius-sm);
  font-size: 0.9rem;
  color: var(--auth-text);
}
.auth-tips li {
  margin: 0 0 6px;
  padding-left: 18px;
  position: relative;
}
.auth-tips li:last-child { margin-bottom: 0; }
.auth-tips li::before {
  content: "•";
  position: absolute;
  left: 4px;
  color: var(--auth-accent);
  font-weight: 700;
}
.auth-tips a {
  color: var(--auth-primary);
  font-weight: 600;
  text-decoration: none;
}
.auth-tips a:hover { text-decoration: underline; }

/* Success card variant — used by the post-confirmation page. */
.auth-card--success { text-align: center; }
.auth-success-mark {
  width: 64px;
  height: 64px;
  margin: 0 auto 20px;
  background: var(--auth-accent);
  color: #fff;
  border-radius: 50%;
  display: flex;
  align-items: center;
  justify-content: center;
  font-size: 2rem;
  font-weight: 700;
  box-shadow: 0 4px 16px rgba(26, 188, 156, 0.35);
}

.auth-signin {
  text-align: center;
  margin: 24px 0 0;
  font-size: 0.9375rem;
  color: var(--auth-text-light);
}
.auth-signin a {
  color: var(--auth-primary);
  font-weight: 600;
  text-decoration: none;
}
.auth-signin a:hover { text-decoration: underline; }

.auth-reassurance {
  list-style: none;
  margin: 28px 0 0;
  padding: 0;
  display: flex;
  flex-wrap: wrap;
  justify-content: center;
  gap: 10px 28px;
  font-size: 0.95rem;
  font-weight: 600;
  color: var(--auth-dark);
}
.auth-reassurance li {
  position: relative;
  padding-left: 26px;
  display: flex;
  align-items: center;
}
.auth-reassurance li::before {
  content: "";
  position: absolute;
  left: 0;
  top: 50%;
  transform: translateY(-50%);
  width: 18px;
  height: 18px;
  border-radius: 50%;
  background: var(--auth-accent);
  background-image: url("data:image/svg+xml,%3Csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24' fill='none' stroke='white' stroke-width='3.5' stroke-linecap='round' stroke-linejoin='round'%3E%3Cpolyline points='20 6 9 17 4 12'/%3E%3C/svg%3E");
  background-size: 14px 14px;
  background-position: center;
  background-repeat: no-repeat;
}

.auth-honeypot {
  position: absolute;
  left: -9999px;
  top: -9999px;
  height: 0;
  overflow: hidden;
}

/*
 * Login is shorter than registration (no name, no terms, no plan
 * select), so a 460px-wide card feels sparse. Use a slimmer shell
 * and a bit less terms-bottom margin only when the page is in
 * "compact" layout mode.
 */
.auth-page--compact .auth-shell { max-width: 400px; }
.auth-page--compact .auth-terms { margin-bottom: 16px; }

@media (max-width: 480px) {
  .auth-page { padding: 16px 12px 48px; }
  .auth-card { padding: 28px 20px 24px; border-radius: 10px; }
  .auth-header h1 { font-size: 1.5rem; }
  .auth-field-label-row { flex-wrap: wrap; }
}