% if (my $invalid = stash('invalid')) {
	<div class="row">
		<div class="col s12">
			<div class="card red darken-4">
				<div class="card-content white-text">
					% if ($invalid eq 'csrf') {
						<span class="card-title">Ungültiger CSRF-Token</span>
						<p>Sind Cookies aktiviert? Ansonsten könnte es sich um einen
						Fall von <a
						href="https://de.wikipedia.org/wiki/Cross-Site-Request-Forgery">CSRF</a>
						handeln.</p>
					% }
					% elsif ($invalid eq 'credentials') {
						<span class="card-title">Ungültige Logindaten</span>
						<p>Falscher Account oder falsches Passwort.</p>
					% }
					% else {
						<span class="card-title">Unbekannter Fehler</span>
						<p>Das sollte nicht passieren™</p>
					% }
				</div>
			</div>
		</div>
	</div>
% }
<div class="row">
	%= form_for '/x/login' => (class => 'col s12', method => 'POST') => begin
		%= csrf_field
		<div class="row">
			<div class="input-field col s12">
				<i class="material-icons prefix">account_circle</i>
				<input name="user" id="user" type="text" class="validate">
				<label for="user">Account</label>
			</div>
			<div class="input-field col s12">
				<i class="material-icons prefix">lock</i>
				<input name="password" id="password" type="password" class="validate">
				<label for="password">Passwort</label>
			</div>
		</div>
		<div class="row">
			<div class="col s3 m3 l3">
			</div>
			<div class="col s6 m6 l6 center-align">
				<button class="btn waves-effect waves-light" type="submit" name="action" value="login">
					Anmelden
					<i class="material-icons right">send</i>
				</button>
			</div>
			<div class="col s3 m3 l3">
			</div>
		</div>
	%= end
</div>