<% if @done %>

<%= t 'change_email.confirmed' %>

"><%= t('change_email.please_continue', site_name: SiteSetting.title) %>

<% elsif @error %>
<%= @error %>
<% else %>

<%= t 'change_email.authorizing_new.title' %>

<% if @change_request&.old_email %> <%= t 'change_email.authorizing_new.description' %> <% else %> <%= t 'change_email.authorizing_new.description_add' %> <% end %>

<%= @to_email %>

<%=form_tag(u_confirm_new_email_path, method: :put) do %> <%= hidden_field_tag 'token', params[:token] %> <%= hidden_field_tag 'second_factor_token', nil, id: 'security-key-credential' %>
<% if @show_invalid_second_factor_error %>
<%= @invalid_second_factor_message %>
<% end %> <% if @show_backup_codes %>
<%= hidden_field_tag 'second_factor_method', UserSecondFactor.methods[:backup_code] %>

<%= t('login.second_factor_backup_title') %>

<%= label_tag(:second_factor_token, t("login.second_factor_backup_description")) %>
<%= render 'common/second_factor_backup_input' %>
<%= submit_tag(t("submit"), class: "btn btn-primary") %>

<%= link_to t("login.second_factor_toggle.totp"), show_backup: "false" %>
<% elsif @show_security_key %> <%= hidden_field_tag 'security_key_challenge', @security_key_challenge, id: 'security-key-challenge' %> <%= hidden_field_tag 'second_factor_method', UserSecondFactor.methods[:security_key] %> <%= hidden_field_tag 'security_key_allowed_credential_ids', @security_key_allowed_credential_ids.join(","), id: 'security-key-allowed-credential-ids' %>

<%= t('login.security_key_authenticate') %>

<%= t('login.security_key_description') %>

<%= button_tag t('login.security_key_authenticate'), id: 'submit-security-key', class: 'btn btn-primary' %>

<% if @show_second_factor %> <%= link_to t("login.security_key_alternative"), show_totp: "true" %> <% end %>
<% if @backup_codes_enabled %> <%= link_to t("login.second_factor_toggle.backup_code"), show_backup: "true" %> <% end %> <% elsif @show_second_factor %>
<%= hidden_field_tag 'second_factor_method', UserSecondFactor.methods[:totp] %>

<%= t('login.second_factor_title') %>

<%= label_tag(:second_factor_token, t('login.second_factor_description')) %>
<%= render 'common/second_factor_text_field' %>
<%= submit_tag t('submit'), class: "btn btn-primary" %>

<% if @backup_codes_enabled %> <%= link_to t("login.second_factor_toggle.backup_code"), show_backup: "true" %> <% end %> <% else %> <%= submit_tag t('change_email.confirm'), class: "btn btn-primary" %> <% end %> <%end%> <% end%> <%= preload_script "vendor" %> <%= preload_script "locales/#{I18n.locale}" %> <%- if ExtraLocalesController.client_overrides_exist? %> <%= preload_script_url ExtraLocalesController.url('overrides') %> <%- end %> <% # TODO: move all this logic into the ember app %> <%= preload_script "discourse/app/lib/webauthn" %> <%= preload_script "confirm-new-email/confirm-new-email" %> <%= preload_script "confirm-new-email/bootstrap" %>