diff --git a/.djlintrc b/.djlintrc
new file mode 100644
index 00000000..79a88ccd
--- /dev/null
+++ b/.djlintrc
@@ -0,0 +1,11 @@
+{
+    "ignore": "H017,H025,H030,H031",
+    "extension": "html",
+    "indent": "2",
+    "profile": "jinja",
+    "format_attribute_template_tags": "true",
+    "max_line_length": 120,
+    "max_attribute_length": 240,
+    "blank_line_after_tag": "from,endmacro",
+    "blank_line_before_tag": "block,extends"
+}
diff --git a/flask_security/templates/security/_macros.html b/flask_security/templates/security/_macros.html
index d01f2654..1f4fae48 100644
--- a/flask_security/templates/security/_macros.html
+++ b/flask_security/templates/security/_macros.html
@@ -3,9 +3,7 @@
     {{ field.label }} {{ field(**kwargs)|safe }}
     {% if field.errors %}
       <ul>
-      {% for error in field.errors %}
-        <li class="fs-error-msg">{{ error }}</li>
-      {% endfor %}
+        {% for error in field.errors %}<li class="fs-error-msg">{{ error }}</li>{% endfor %}
       </ul>
     {% endif %}
   </div>
@@ -19,9 +17,7 @@
   <div class="fs-div" id="{{ field.id if field else 'fs-field' }}">
     {% if field and field.errors %}
       <ul>
-      {% for error in field.errors %}
-        <li class="fs-error-msg">{{ error }}</li>
-      {% endfor %}
+        {% for error in field.errors %}<li class="fs-error-msg">{{ error }}</li>{% endfor %}
       </ul>
     {% endif %}
   </div>
@@ -31,11 +27,9 @@
 {% macro render_form_errors(form) %}
   {% if form.form_errors %}
     <div class="fs-div" id="fs-form-errors">
-    <ul>
-    {% for error in form.form_errors %}
-      <li class="fs-error-msg">{{ error }}</li>
-    {% endfor %}
-    </ul>
+      <ul>
+        {% for error in form.form_errors %}<li class="fs-error-msg">{{ error }}</li>{% endfor %}
+      </ul>
     </div>
   {% endif %}
 {% endmacro %}
diff --git a/flask_security/templates/security/_menu.html b/flask_security/templates/security/_menu.html
index b5538e02..819f66db 100644
--- a/flask_security/templates/security/_menu.html
+++ b/flask_security/templates/security/_menu.html
@@ -1,38 +1,58 @@
 {% if security.registerable or security.recoverable or security.confirmable or security.unified_signin or security.two_factor or security.webauthn %}
-<hr>
-<h2>{{ _fsdomain('Menu') }}</h2>
-<ul>
-  {% if current_user and current_user.is_authenticated %}
-    {# already authenticated user #}
-    <li><a href="{{ url_for_security('logout') }}">{{ _fsdomain("Sign out") }}</a></li>
-    {% if security.changeable %}
-      <li><a href="{{ url_for_security('change_password') }}">{{ _fsdomain("Change Password") }}</li>
-    {% endif %}
-    {% if security.two_factor %}
-      <li><a href="{{ url_for_security('two_factor_setup') }}">{{ _fsdomain("Two Factor Setup") }}</li>
-    {% endif %}
-    {% if security.unified_signin %}
-      <li><a href="{{ url_for_security('us_setup') }}">{{ _fsdomain("Unified Signin Setup") }}</li>
-    {% endif %}
-    {% if security.webauthn %}
-      <li><a href="{{ url_for_security('wan_register') }}">{{ _fsdomain("WebAuthn Setup") }}</li>
-    {% endif %}
-  {% else %}
-    {% if not skip_login_menu %}
-      <li><a href="{{ url_for_security('login') }}{% if 'next' in request.args %}?next={{ request.args.next|urlencode }}{% endif %}">{{ _fsdomain('Login') }}</a></li>
-    {% endif %}
-    {% if security.unified_signin and not skip_login_menu %}
-    <li><a href="{{ url_for_security('us_signin') }}{% if 'next' in request.args %}?next={{ request.args.next|urlencode }}{% endif %}">{{ _fsdomain("Unified Sign In") }}</a><br/></li>
-    {% endif %}
-    {% if security.registerable %}
-    <li><a href="{{ url_for_security('register') }}{% if 'next' in request.args %}?next={{ request.args.next|urlencode }}{% endif %}">{{ _fsdomain('Register') }}</a><br/></li>
-    {% endif %}
-    {% if security.recoverable %}
-    <li><a href="{{ url_for_security('forgot_password') }}">{{ _fsdomain('Forgot password') }}</a><br/></li>
-    {% endif %}
-    {% if security.confirmable %}
-    <li><a href="{{ url_for_security('send_confirmation') }}">{{ _fsdomain('Confirm account') }}</a></li>
-    {% endif %}
-  {% endif %}
-</ul>
+  <hr>
+  <h2>{{ _fsdomain('Menu') }}</h2>
+  <ul>
+    {% if current_user and current_user.is_authenticated %}
+      {# already authenticated user #}
+      <li>
+        <a href="{{ url_for_security('logout') }}">{{ _fsdomain("Sign out") }}</a>
+      </li>
+      {% if security.changeable %}
+        <li>
+          <a href="{{ url_for_security('change_password') }}">{{ _fsdomain("Change Password") }}
+        </li>
+      {% endif %}
+      {% if security.two_factor %}
+        <li>
+          <a href="{{ url_for_security('two_factor_setup') }}">{{ _fsdomain("Two Factor Setup") }}
+        </li>
+      {% endif %}
+      {% if security.unified_signin %}
+        <li>
+          <a href="{{ url_for_security('us_setup') }}">{{ _fsdomain("Unified Signin Setup") }}
+        </li>
+      {% endif %}
+      {% if security.webauthn %}
+        <li>
+          <a href="{{ url_for_security('wan_register') }}">{{ _fsdomain("WebAuthn Setup") }}
+        </li>
+      {% endif %}
+    {% else %}
+      {% if not skip_login_menu %}
+        <li>
+          <a href="{{ url_for_security('login') }}{%- if 'next' in request.args -%}?next={{ request.args.next|urlencode }}{%- endif -%}">{{ _fsdomain('Login') }}</a>
+        </li>
+      {% endif %}
+      {% if security.unified_signin and not skip_login_menu %}
+        <li>
+          <a href="{{ url_for_security('us_signin') }}{%- if 'next' in request.args -%}?next={{ request.args.next|urlencode }}{%- endif -%}">{{ _fsdomain('Unified Sign In') }}</a>
+        </li>
+      {% endif %}
+      {% if security.registerable %}
+        <li>
+          <a href="{{ url_for_security('register') }}{%- if 'next' in request.args -%}?next={{ request.args.next|urlencode }}{%- endif -%}">{{ _fsdomain('Register') }}</a>
+        </li>
+      {% endif %}
+      {% if security.recoverable %}
+        <li>
+          <a href="{{ url_for_security('forgot_password') }}">{{ _fsdomain('Forgot password') }}</a>
+        </li>
+      {% endif %}
+      {% if security.confirmable %}
+        <li>
+          <a href="{{ url_for_security('send_confirmation') }}">{{ _fsdomain('Confirm account') }}</a>
+        </li>
+      {% endif %}
+    {% endif %}
+  </ul>
 {% endif %}
diff --git a/flask_security/templates/security/_messages.html b/flask_security/templates/security/_messages.html
index 2052ce5b..286c1dcb 100644
--- a/flask_security/templates/security/_messages.html
+++ b/flask_security/templates/security/_messages.html
@@ -1,9 +1,7 @@
 {%- with messages = get_flashed_messages(with_categories=true) -%}
   {% if messages %}
     <ul class="flashes">
-    {% for category, message in messages %}
-      <li class="{{ category }} fs-error-msg">{{ message }}</li>
-    {% endfor %}
+      {% for category, message in messages %}<li class="{{ category }} fs-error-msg">{{ message }}</li>{% endfor %}
     </ul>
   {% endif %}
 {%- endwith %}
diff --git a/flask_security/templates/security/base.html b/flask_security/templates/security/base.html
index 4469292a..f0fcdd85 100644
--- a/flask_security/templates/security/base.html
+++ b/flask_security/templates/security/base.html
@@ -7,7 +7,7 @@
     <title>{% block title %}{{ title|default }}{% endblock title %}</title>
 
       {%- block metas %}
-      <meta name="viewport" content="width=device-width, initial-scale=1.0">
+        <meta name="viewport" content="width=device-width, initial-scale=1.0">
       {%- endblock metas %}
 
       {%- block head_scripts %}
diff --git a/flask_security/templates/security/change_password.html b/flask_security/templates/security/change_password.html
index 2624e55e..a34632cb 100644
--- a/flask_security/templates/security/change_password.html
+++ b/flask_security/templates/security/change_password.html
@@ -2,17 +2,17 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field %}
 
 {% block content %}
-{% include "security/_messages.html" %}
-<h1>{{ _fsdomain('Change password') }}</h1>
-<form action="{{ url_for_security('change_password') }}" method="POST" name="change_password_form">
-  {{ change_password_form.hidden_tag() }}
-  {% if active_password %}
-    {{ render_field_with_errors(change_password_form.password) }}
-  {% else %}
-    <h3>{{ _fsdomain('You do not currently have a password - this will add one.') }}</h3>
-  {% endif %}
-  {{ render_field_with_errors(change_password_form.new_password) }}
-  {{ render_field_with_errors(change_password_form.new_password_confirm) }}
-  {{ render_field(change_password_form.submit) }}
-</form>
-{% endblock %}
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain('Change password') }}</h1>
+  <form action="{{ url_for_security('change_password') }}" method="post" name="change_password_form">
+    {{ change_password_form.hidden_tag() }}
+    {% if active_password %}
+      {{ render_field_with_errors(change_password_form.password) }}
+    {% else %}
+      <h3>{{ _fsdomain('You do not currently have a password - this will add one.') }}</h3>
+    {% endif %}
+    {{ render_field_with_errors(change_password_form.new_password) }}
+    {{ render_field_with_errors(change_password_form.new_password_confirm) }}
+    {{ render_field(change_password_form.submit) }}
+  </form>
+{% endblock content %}
diff --git a/flask_security/templates/security/email/change_notice.html b/flask_security/templates/security/email/change_notice.html
index 1bb2445c..4f9af730 100644
--- a/flask_security/templates/security/email/change_notice.html
+++ b/flask_security/templates/security/email/change_notice.html
@@ -1,4 +1,6 @@
 <p>{{ _fsdomain('Your password has been changed.') }}</p>
 {% if security.recoverable %}
-<p>{{ _fsdomain('If you did not change your password,') }} <a href="{{ url_for_security('forgot_password', _external=True) }}">{{ _fsdomain('click here to reset it') }}</a>.</p>
+  <p>
+    {{ _fsdomain('If you did not change your password,') }} <a href="{{ url_for_security('forgot_password', _external=True) }}">{{ _fsdomain('click here to reset it') }}</a>.
+  </p>
 {% endif %}
diff --git a/flask_security/templates/security/email/confirmation_instructions.html b/flask_security/templates/security/email/confirmation_instructions.html
index 233127e1..3b0ff63b 100644
--- a/flask_security/templates/security/email/confirmation_instructions.html
+++ b/flask_security/templates/security/email/confirmation_instructions.html
@@ -6,5 +6,6 @@
   security - the Flask-Security configuration
 #}
 <p>{{ _fsdomain('Please confirm your email through the link below:') }}</p>
-
-<p><a href="{{ confirmation_link }}">{{ _fsdomain('Confirm my account') }}</a></p>
+<p>
+  <a href="{{ confirmation_link }}">{{ _fsdomain('Confirm my account') }}</a>
+</p>
diff --git a/flask_security/templates/security/email/login_instructions.html b/flask_security/templates/security/email/login_instructions.html
index aeac9905..ab156dde 100644
--- a/flask_security/templates/security/email/login_instructions.html
+++ b/flask_security/templates/security/email/login_instructions.html
@@ -1,5 +1,5 @@
 <p>{{ _fsdomain('Welcome %(email)s!', email=user.email) }}</p>
-
 <p>{{ _fsdomain('You can log into your account through the link below:') }}</p>
-
-<p><a href="{{ login_link }}">{{ _fsdomain('Login now') }}</a></p>
+<p>
+  <a href="{{ login_link }}">{{ _fsdomain('Login now') }}</a>
+</p>
diff --git a/flask_security/templates/security/email/reset_instructions.html b/flask_security/templates/security/email/reset_instructions.html
index 09f41338..5daab327 100644
--- a/flask_security/templates/security/email/reset_instructions.html
+++ b/flask_security/templates/security/email/reset_instructions.html
@@ -5,4 +5,6 @@
   user - the entire user model object
   security - the Flask-Security configuration
 #}
-<p><a href="{{ reset_link }}">{{ _fsdomain('Click here to reset your password') }}</a></p>
+<p>
+  <a href="{{ reset_link }}">{{ _fsdomain('Click here to reset your password') }}</a>
+</p>
diff --git a/flask_security/templates/security/email/two_factor_instructions.html b/flask_security/templates/security/email/two_factor_instructions.html
index ede54c10..4518d7ab 100644
--- a/flask_security/templates/security/email/two_factor_instructions.html
+++ b/flask_security/templates/security/email/two_factor_instructions.html
@@ -1,3 +1,2 @@
 <p>{{ _fsdomain("Welcome") }} {{ username }}!</p>
-
 <p>{{ _fsdomain("You can log into your account using the following code:") }} {{ token }}</p>
diff --git a/flask_security/templates/security/email/two_factor_rescue.html b/flask_security/templates/security/email/two_factor_rescue.html
index 4859e660..e51523c1 100644
--- a/flask_security/templates/security/email/two_factor_rescue.html
+++ b/flask_security/templates/security/email/two_factor_rescue.html
@@ -1 +1 @@
-<p> {{ user.email }} {{ _fsdomain("can not access mail account") }}</p>
+<p>{{ user.email }} {{ _fsdomain("can not access mail account") }}</p>
diff --git a/flask_security/templates/security/email/us_instructions.html b/flask_security/templates/security/email/us_instructions.html
index 646f6c1f..1fb3e690 100644
--- a/flask_security/templates/security/email/us_instructions.html
+++ b/flask_security/templates/security/email/us_instructions.html
@@ -7,11 +7,10 @@
   security - the Flask-Security configuration
 #}
 <p>{{ _fsdomain("Welcome") }} {{ username }}!</p>
-
 <p>{{ _fsdomain("You can sign into your account using the following code:") }} {{ token }}</p>
-
 {% if login_link %}
   <p>{{ _fsdomain("Or use the link below:") }}</p>
-
-  <p><a href="{{ login_link }}">{{ _fsdomain("Sign In") }}</a></p>
-{%  endif %}
+  <p>
+    <a href="{{ login_link }}">{{ _fsdomain("Sign In") }}</a>
+  </p>
+{% endif %}
diff --git a/flask_security/templates/security/email/welcome.html b/flask_security/templates/security/email/welcome.html
index c0bc3751..b48ac66e 100644
--- a/flask_security/templates/security/email/welcome.html
+++ b/flask_security/templates/security/email/welcome.html
@@ -6,9 +6,9 @@
   security - the Flask-Security configuration
 #}
 <p>{{ _fsdomain('Welcome %(email)s!', email=user.email) }}</p>
-
 {% if security.confirmable %}
-<p>{{ _fsdomain('You can confirm your email through the link below:') }}</p>
-
-<p><a href="{{ confirmation_link }}">{{ _fsdomain('Confirm my account') }}</a></p>
+  <p>{{ _fsdomain('You can confirm your email through the link below:') }}</p>
+  <p>
+    <a href="{{ confirmation_link }}">{{ _fsdomain('Confirm my account') }}</a>
+  </p>
 {% endif %}
diff --git a/flask_security/templates/security/email/welcome_existing.html b/flask_security/templates/security/email/welcome_existing.html
index a41bbbf9..b3fd1d07 100644
--- a/flask_security/templates/security/email/welcome_existing.html
+++ b/flask_security/templates/security/email/welcome_existing.html
@@ -9,15 +9,15 @@
   enumeration.
 #}
 <div>{{ _fsdomain('Hello %(email)s!', email=user.email) }}</div>
-
 <div>{{ _fsdomain('Someone (you?) tried to register this email - which is already in our system.') }}</div>
-
 {% if user.username %}
-<div>{{ _fsdomain('This account also has the following username associated with it: %(username)s.', username=user.username) }}</div>
+  <div>
+    {{ _fsdomain('This account also has the following username associated with it: %(username)s.', username=user.username) }}
+  </div>
 {% endif %}
-
 {% if recovery_link %}
-  <div>{{ _fsdomain('If you forgot your password you can reset it') }}
-  <a href="{{ recovery_link }}">{{ _fsdomain(' here.') }}</a>
+  <div>
+    {{ _fsdomain('If you forgot your password you can reset it') }}
+    <a href="{{ recovery_link }}">{{ _fsdomain(' here.') }}</a>
   </div>
 {% endif %}
diff --git a/flask_security/templates/security/email/welcome_existing_username.html b/flask_security/templates/security/email/welcome_existing_username.html
index 82126f86..e7b88211 100644
--- a/flask_security/templates/security/email/welcome_existing_username.html
+++ b/flask_security/templates/security/email/welcome_existing_username.html
@@ -9,8 +9,7 @@
   for username enumeration.
 #}
 <div>{{ _fsdomain('Hello %(email)s!', email=email) }}</div>
-
-<div>{{ _fsdomain('You attempted to register with a username "%(username)s" that is already associated with another account.',
-  username=username) }}</div>
-
+<div>
+  {{ _fsdomain('You attempted to register with a username "%(username)s" that is already associated with another account.', username=username) }}
+</div>
 <div>{{ _fsdomain('Please restart the registration process with a different username.') }}</div>
diff --git a/flask_security/templates/security/forgot_password.html b/flask_security/templates/security/forgot_password.html
index 8e897086..1b07a09d 100644
--- a/flask_security/templates/security/forgot_password.html
+++ b/flask_security/templates/security/forgot_password.html
@@ -2,12 +2,12 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field %}
 
 {% block content %}
-{% include "security/_messages.html" %}
-<h1>{{ _fsdomain('Send password reset instructions') }}</h1>
-<form action="{{ url_for_security('forgot_password') }}" method="POST" name="forgot_password_form">
-  {{ forgot_password_form.hidden_tag() }}
-  {{ render_field_with_errors(forgot_password_form.email) }}
-  {{ render_field(forgot_password_form.submit) }}
-</form>
-{% include "security/_menu.html" %}
-{% endblock %}
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain('Send password reset instructions') }}</h1>
+  <form action="{{ url_for_security('forgot_password') }}" method="post" name="forgot_password_form">
+    {{ forgot_password_form.hidden_tag() }}
+    {{ render_field_with_errors(forgot_password_form.email) }}
+    {{ render_field(forgot_password_form.submit) }}
+  </form>
+  {% include "security/_menu.html" %}
+{% endblock content %}
diff --git a/flask_security/templates/security/login_user.html b/flask_security/templates/security/login_user.html
index d1bc297b..0991a68b 100644
--- a/flask_security/templates/security/login_user.html
+++ b/flask_security/templates/security/login_user.html
@@ -2,22 +2,17 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field, render_field_errors, render_form_errors, prop_next %}
 
 {% block content %}
-{% include "security/_messages.html" %}
-<h1>{{ _fsdomain('Login') }}</h1>
-  <form action="{{ url_for_security('login') }}{{ prop_next() }}" method="POST" name="login_user_form">
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain('Login') }}</h1>
+  <form action="{{ url_for_security('login') }}{{ prop_next() }}" method="post" name="login_user_form">
     {{ login_user_form.hidden_tag() }}
     {{ render_form_errors(login_user_form) }}
-    {% if "email" in identity_attributes %}
-      {{ render_field_with_errors(login_user_form.email) }}
-    {% endif %}
+    {% if "email" in identity_attributes %}{{ render_field_with_errors(login_user_form.email) }}{% endif %}
     {% if login_user_form.username and "username" in identity_attributes %}
-      {% if "email" in identity_attributes %}
-        <h3>{{ _fsdomain("or") }}</h3>
-      {% endif %}
+      {% if "email" in identity_attributes %}<h3>{{ _fsdomain("or") }}</h3>{% endif %}
       {{ render_field_with_errors(login_user_form.username) }}
     {% endif %}
-    <div class="fs-gap">
-      {{ render_field_with_errors(login_user_form.password) }}</div>
+    <div class="fs-gap">{{ render_field_with_errors(login_user_form.password) }}</div>
     {{ render_field_with_errors(login_user_form.remember) }}
     {{ render_field_errors(login_user_form.csrf_token) }}
     {{ render_field(login_user_form.submit) }}
@@ -26,9 +21,8 @@ <h3>{{ _fsdomain("or") }}</h3>
     <hr class="fs-gap">
     <h2>{{ _fsdomain("Use WebAuthn to Sign In") }}</h2>
     <div>
-      <form method="GET" id="wan-signin-form" name="wan_signin_form">
-        <input id="wan_signin" name="wan_signin" type="submit" value="{{ _fsdomain('Sign in with WebAuthn') }}"
-          formaction="{{ url_for_security('wan_signin') }}{{ prop_next() }}">
+      <form method="get" id="wan-signin-form" name="wan_signin_form">
+        <input id="wan_signin" name="wan_signin" type="submit" value="{{ _fsdomain('Sign in with WebAuthn') }}" formaction="{{ url_for_security('wan_signin') }}{{ prop_next() }}">
       </form>
     </div>
   {% endif %}
@@ -37,12 +31,11 @@ <h2>{{ _fsdomain("Use WebAuthn to Sign In") }}</h2>
     <h2>{{ _fsdomain("Use Social Oauth to Sign In") }}</h2>
     {% for provider in security.oauthglue.provider_names %}
       <div class="fs-gap">
-        <form method="POST" id={{ provider }}-form name={{ provider }}_form>
-          <input id={{ provider }} name={{ provider }} type="submit" value="{{ _fsdomain('Sign in with ')~provider }}"
-            formaction="{{ url_for_security('oauthstart', name=provider) }}{{ prop_next() }}">
+        <form method="post" id="{{ provider }}"-form name="{{ provider }}"_form>
+          <input id="{{ provider }}" name="{{ provider }}" type="submit" value="{{ _fsdomain('Sign in with ')~provider }}" formaction="{{ url_for_security('oauthstart', name=provider) }}{{ prop_next() }}">
         </form>
       </div>
     {% endfor %}
   {% endif %}
-{% include "security/_menu.html" %}
-{% endblock %}
+  {% include "security/_menu.html" %}
+{% endblock content %}
diff --git a/flask_security/templates/security/mf_recovery.html b/flask_security/templates/security/mf_recovery.html
index 699f883a..953a904c 100644
--- a/flask_security/templates/security/mf_recovery.html
+++ b/flask_security/templates/security/mf_recovery.html
@@ -2,12 +2,11 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field %}
 
 {% block content %}
-    {% include "security/_messages.html" %}
-    <h1>{{ _fsdomain("Enter Recovery Code") }}</h1>
-    <form action="{{ url_for_security('mf_recovery') }}" method="POST"
-          name="mf_recovery_form">
-        {{ mf_recovery_form.hidden_tag() }}
-        {{ render_field_with_errors(mf_recovery_form.code) }}
-        {{ render_field(mf_recovery_form.submit) }}
-    </form>
-{% endblock %}
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain("Enter Recovery Code") }}</h1>
+  <form action="{{ url_for_security('mf_recovery') }}" method="post" name="mf_recovery_form">
+    {{ mf_recovery_form.hidden_tag() }}
+    {{ render_field_with_errors(mf_recovery_form.code) }}
+    {{ render_field(mf_recovery_form.submit) }}
+  </form>
+{% endblock content %}
diff --git a/flask_security/templates/security/mf_recovery_codes.html b/flask_security/templates/security/mf_recovery_codes.html
index 988c0c32..38853ad7 100644
--- a/flask_security/templates/security/mf_recovery_codes.html
+++ b/flask_security/templates/security/mf_recovery_codes.html
@@ -2,31 +2,26 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field, render_field_errors %}
 
 {% block content %}
-    {% include "security/_messages.html" %}
-    <h1>{{ _fsdomain("Recovery Codes") }}</h1>
-    {% if recovery_codes %}
-      <ul>
-        {% for rc in recovery_codes %}
-          <li class="fs-div">{{ rc }}</li>
-        {% endfor %}
-      </ul>
-      <div class="fs-important">
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain("Recovery Codes") }}</h1>
+  {% if recovery_codes %}
+    <ul>
+      {% for rc in recovery_codes %}<li class="fs-div">{{ rc }}</li>{% endfor %}
+    </ul>
+    <div class="fs-important">
       {{ _fsdomain("Be sure to copy these and store in a safe place. Each code can be used only once.") }}
-      </div>
-    {% else %}
-      <form action="{{ url_for_security('mf_recovery_codes') }}" method="GET"
-            name="mf_recovery_codes_form">
-
-          {{ render_field_with_errors(mf_recovery_codes_form.show_codes) }}
-      </form>
-    {% endif %}
-    <hr class="fs-gap">
-    <h2>{{ _fsdomain("Generate new Recovery Codes") }}</h2>
-    <form action="{{ url_for_security('mf_recovery_codes') }}" method="POST"
-      name="mf_recovery_codes_form">
-        {{ mf_recovery_codes_form.hidden_tag() }}
-        {{ render_field_errors(mf_recovery_codes_form.csrf_token) }}
-        {{ render_field(mf_recovery_codes_form.generate_new_codes) }}
+    </div>
+  {% else %}
+    <form action="{{ url_for_security('mf_recovery_codes') }}" method="get" name="mf_recovery_codes_form">
+      {{ render_field_with_errors(mf_recovery_codes_form.show_codes) }}
     </form>
-    {% include "security/_menu.html" %}
-{% endblock %}
+  {% endif %}
+  <hr class="fs-gap">
+  <h2>{{ _fsdomain("Generate new Recovery Codes") }}</h2>
+  <form action="{{ url_for_security('mf_recovery_codes') }}" method="post" name="mf_recovery_codes_form">
+    {{ mf_recovery_codes_form.hidden_tag() }}
+    {{ render_field_errors(mf_recovery_codes_form.csrf_token) }}
+    {{ render_field(mf_recovery_codes_form.generate_new_codes) }}
+  </form>
+  {% include "security/_menu.html" %}
+{% endblock content %}
diff --git a/flask_security/templates/security/register_user.html b/flask_security/templates/security/register_user.html
index 1650b3a3..6bee960b 100644
--- a/flask_security/templates/security/register_user.html
+++ b/flask_security/templates/security/register_user.html
@@ -2,20 +2,18 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field, render_form_errors %}
 
 {% block content %}
-{% include "security/_messages.html" %}
-<h1>{{ _fsdomain('Register') }}</h1>
-<form action="{{ url_for_security('register') }}" method="POST" name="register_user_form">
-  {{ register_user_form.hidden_tag() }}
-  {{ render_form_errors(register_user_form) }}
-  {{ render_field_with_errors(register_user_form.email) }}
-  {% if security.username_enable %}
-    {{ render_field_with_errors(register_user_form.username) }}
-  {%  endif %}
-  {{ render_field_with_errors(register_user_form.password) }}
-  {% if register_user_form.password_confirm %}
-    {{ render_field_with_errors(register_user_form.password_confirm) }}
-  {% endif %}
-  {{ render_field(register_user_form.submit) }}
-</form>
-{% include "security/_menu.html" %}
-{% endblock %}
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain('Register') }}</h1>
+  <form action="{{ url_for_security('register') }}" method="post" name="register_user_form">
+    {{ register_user_form.hidden_tag() }}
+    {{ render_form_errors(register_user_form) }}
+    {{ render_field_with_errors(register_user_form.email) }}
+    {% if security.username_enable %}{{ render_field_with_errors(register_user_form.username) }}{% endif %}
+    {{ render_field_with_errors(register_user_form.password) }}
+    {% if register_user_form.password_confirm %}
+      {{ render_field_with_errors(register_user_form.password_confirm) }}
+    {% endif %}
+    {{ render_field(register_user_form.submit) }}
+  </form>
+  {% include "security/_menu.html" %}
+{% endblock content %}
diff --git a/flask_security/templates/security/reset_password.html b/flask_security/templates/security/reset_password.html
index ab074d1a..1a9b593e 100644
--- a/flask_security/templates/security/reset_password.html
+++ b/flask_security/templates/security/reset_password.html
@@ -2,13 +2,13 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field %}
 
 {% block content %}
-{% include "security/_messages.html" %}
-<h1>{{ _fsdomain('Reset password') }}</h1>
-<form action="{{ url_for_security('reset_password', token=reset_password_token) }}" method="POST" name="reset_password_form">
-  {{ reset_password_form.hidden_tag() }}
-  {{ render_field_with_errors(reset_password_form.password) }}
-  {{ render_field_with_errors(reset_password_form.password_confirm) }}
-  {{ render_field(reset_password_form.submit) }}
-</form>
-{% include "security/_menu.html" %}
-{% endblock %}
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain('Reset password') }}</h1>
+  <form action="{{ url_for_security('reset_password', token=reset_password_token) }}" method="post" name="reset_password_form">
+    {{ reset_password_form.hidden_tag() }}
+    {{ render_field_with_errors(reset_password_form.password) }}
+    {{ render_field_with_errors(reset_password_form.password_confirm) }}
+    {{ render_field(reset_password_form.submit) }}
+  </form>
+  {% include "security/_menu.html" %}
+{% endblock content %}
diff --git a/flask_security/templates/security/send_confirmation.html b/flask_security/templates/security/send_confirmation.html
index 3ee1de1d..82e88e41 100644
--- a/flask_security/templates/security/send_confirmation.html
+++ b/flask_security/templates/security/send_confirmation.html
@@ -2,12 +2,12 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field %}
 
 {% block content %}
-{% include "security/_messages.html" %}
-<h1>{{ _fsdomain('Resend confirmation instructions') }}</h1>
-<form action="{{ url_for_security('send_confirmation') }}" method="POST" name="send_confirmation_form">
-  {{ send_confirmation_form.hidden_tag() }}
-  {{ render_field_with_errors(send_confirmation_form.email) }}
-  {{ render_field(send_confirmation_form.submit) }}
-</form>
-{% include "security/_menu.html" %}
-{% endblock %}
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain('Resend confirmation instructions') }}</h1>
+  <form action="{{ url_for_security('send_confirmation') }}" method="post" name="send_confirmation_form">
+    {{ send_confirmation_form.hidden_tag() }}
+    {{ render_field_with_errors(send_confirmation_form.email) }}
+    {{ render_field(send_confirmation_form.submit) }}
+  </form>
+  {% include "security/_menu.html" %}
+{% endblock content %}
diff --git a/flask_security/templates/security/send_login.html b/flask_security/templates/security/send_login.html
index 4e5a25d1..bafccb38 100644
--- a/flask_security/templates/security/send_login.html
+++ b/flask_security/templates/security/send_login.html
@@ -2,12 +2,12 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field %}
 
 {% block content %}
-{% include "security/_messages.html" %}
-<h1>{{ _fsdomain('Login') }}</h1>
-<form action="{{ url_for_security('login') }}" method="POST" name="send_login_form">
-  {{ send_login_form.hidden_tag() }}
-  {{ render_field_with_errors(send_login_form.email) }}
-  {{ render_field(send_login_form.submit) }}
-</form>
-{% include "security/_menu.html" %}
-{% endblock %}
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain('Login') }}</h1>
+  <form action="{{ url_for_security('login') }}" method="post" name="send_login_form">
+    {{ send_login_form.hidden_tag() }}
+    {{ render_field_with_errors(send_login_form.email) }}
+    {{ render_field(send_login_form.submit) }}
+  </form>
+  {% include "security/_menu.html" %}
+{% endblock content %}
diff --git a/flask_security/templates/security/two_factor_select.html b/flask_security/templates/security/two_factor_select.html
index fbb72c91..44d620fc 100644
--- a/flask_security/templates/security/two_factor_select.html
+++ b/flask_security/templates/security/two_factor_select.html
@@ -2,12 +2,12 @@
 {% from "security/_macros.html" import prop_next, render_field_with_errors, render_field %}
 
 {% block content %}
-{% include "security/_messages.html" %}
-<h1>{{ _fsdomain('Select Two Factor Method') }}</h1>
-<form action="{{ url_for_security('tf_select') }}{{ prop_next() }}" method="POST" name="tf_select">
-  {{ two_factor_select_form.hidden_tag() }}
-  {{ render_field_with_errors(two_factor_select_form.which) }}
-  {{ render_field(two_factor_select_form.submit) }}
-</form>
-{% include "security/_menu.html" %}
-{% endblock %}
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain('Select Two Factor Method') }}</h1>
+  <form action="{{ url_for_security('tf_select') }}{{ prop_next() }}" method="post" name="tf_select">
+    {{ two_factor_select_form.hidden_tag() }}
+    {{ render_field_with_errors(two_factor_select_form.which) }}
+    {{ render_field(two_factor_select_form.submit) }}
+  </form>
+  {% include "security/_menu.html" %}
+{% endblock content %}
diff --git a/flask_security/templates/security/two_factor_setup.html b/flask_security/templates/security/two_factor_setup.html
index 8a377c54..d7055a3d 100644
--- a/flask_security/templates/security/two_factor_setup.html
+++ b/flask_security/templates/security/two_factor_setup.html
@@ -20,67 +20,63 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field, render_field_no_label, render_field_errors %}
 
 {% block content %}
-    {% include "security/_messages.html" %}
-    <h1>{{ _fsdomain("Two-factor authentication adds an extra layer of security to your account") }}</h1>
-    <h3>{{ _fsdomain("In addition to your username and password, you'll need to use a code.") }}</h3>
-    <form action="{{ url_for_security('two_factor_setup') }}" method="POST" name="two_factor_setup_form">
-        {{ two_factor_setup_form.hidden_tag() }}
-        <div class="fs-div">{{ _fsdomain("Currently setup two-factor method: %(method)s", method=primary_method) }}</div>
-        <div class="fs-gap"></div>
-        {% for subfield in two_factor_setup_form.setup %}
-            {% if subfield.data in choices %}
-                {{ render_field_with_errors(subfield) }}
-            {% endif %}
-        {% endfor %}
-        {{ render_field_errors(two_factor_setup_form.setup) }}
-        {{ render_field(two_factor_setup_form.submit) }}
-        {% if chosen_method=="email" and chosen_method in choices %}
-            <div>{{ _fsdomain("To complete logging in, please enter the code sent to your mail") }}</div>
-        {% endif %}
-        {% if chosen_method=="authenticator" and chosen_method in choices %}
-          <hr>
-          <div class="fs-center">
-            <div>
-              {{ _fsdomain("Open an authenticator app on your device and scan the following QRcode (or enter the code below manually) to start receiving codes:") }}
-            </div>
-            <div>
-               <img alt="{{ _fsdomain("Two factor authentication code") }}" id="qrcode" src="{{ authr_qrcode }}">
-            </div>
-            <div>
-              {{ authr_key }}
-            </div>
-          </div>
-        {% endif %}
-        {% if chosen_method=="sms" and chosen_method in choices %}
-            <p>{{ _fsdomain("To Which Phone Number Should We Send Code To?") }}</p>
-            {{ two_factor_setup_form.hidden_tag() }}
-            {{ render_field_with_errors(two_factor_setup_form.phone) }}
-            {{ render_field(two_factor_setup_form.submit) }}
-        {% endif %}
-    </form>
-    {% if security.webauthn and not chosen_method %}
-      <h3>{{ _fsdomain("WebAuthn") }}</h3>
-      <div class="fs-div">
-        {{ _fsdomain("This application supports WebAuthn security keys.") }}
-        <a href="{{ url_for_security('wan_register') }}">{{ _fsdomain("You can set them up here.") }}</a>
-      </div>
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain("Two-factor authentication adds an extra layer of security to your account") }}</h1>
+  <h3>{{ _fsdomain("In addition to your username and password, you'll need to use a code.") }}</h3>
+  <form action="{{ url_for_security('two_factor_setup') }}" method="post" name="two_factor_setup_form">
+    {{ two_factor_setup_form.hidden_tag() }}
+    <div class="fs-div">{{ _fsdomain("Currently setup two-factor method: %(method)s", method=primary_method) }}</div>
+    <hr class="fs-gap">
+    {% for subfield in two_factor_setup_form.setup %}
+      {% if subfield.data in choices %}{{ render_field_with_errors(subfield) }}{% endif %}
+    {% endfor %}
+    {{ render_field_errors(two_factor_setup_form.setup) }}
+    {{ render_field(two_factor_setup_form.submit) }}
+    {% if chosen_method=="email" and chosen_method in choices %}
+      <div>{{ _fsdomain("To complete logging in, please enter the code sent to your mail") }}</div>
     {% endif %}
-    {% if chosen_method %}
-      {# Hide this when first setting up #}
+    {% if chosen_method=="authenticator" and chosen_method in choices %}
       <hr>
-      <form action="{{ url_for_security("two_factor_token_validation") }}" method="POST"
-            name="two_factor_verify_code_form">
-          {{ two_factor_verify_code_form.hidden_tag() }}
-          {{ render_field_with_errors(two_factor_verify_code_form.code) }}
-          {{ render_field(two_factor_verify_code_form.submit) }}
-      </form>
-    {% endif %}
-    {% if security.support_mfa and security.multi_factor_recovery_codes %}
-      <h3>{{ _fsdomain("Recovery Codes") }}</h3>
-      <div class="fs-div">
-        {{ _fsdomain("This application supports setting up recovery codes.") }}
-        <a href="{{ url_for_security('mf_recovery_codes') }}">{{ _fsdomain("You can set them up here.") }}</a>
+      <div class="fs-center">
+        <div>
+          {{ _fsdomain("Open an authenticator app on your device and scan the following QRcode (or enter the code below manually) to start receiving codes:") }}
+        </div>
+        <div>
+          <img alt="{{ _fsdomain('Two factor authentication code') }}" id="qrcode" src="{{ authr_qrcode }}">
+          {# TODO: add width and heigth attrs #}%}
+        </div>
+        <div>{{ authr_key }}</div>
       </div>
     {% endif %}
-    {% include "security/_menu.html" %}
-{% endblock %}
+    {% if chosen_method=="sms" and chosen_method in choices %}
+      <p>{{ _fsdomain("To Which Phone Number Should We Send Code To?") }}</p>
+      {{ two_factor_setup_form.hidden_tag() }}
+      {{ render_field_with_errors(two_factor_setup_form.phone) }}
+      {{ render_field(two_factor_setup_form.submit) }}
+    {% endif %}
+  </form>
+  {% if security.webauthn and not chosen_method %}
+    <h3>{{ _fsdomain("WebAuthn") }}</h3>
+    <div class="fs-div">
+      {{ _fsdomain("This application supports WebAuthn security keys.") }}
+      <a href="{{ url_for_security('wan_register') }}">{{ _fsdomain("You can set them up here.") }}</a>
+    </div>
+  {% endif %}
+  {% if chosen_method %}
+    {# Hide this when first setting up #}
+    <hr>
+    <form action="{{ url_for_security('two_factor_token_validation') }}" method="post" name="two_factor_verify_code_form">
+      {{ two_factor_verify_code_form.hidden_tag() }}
+      {{ render_field_with_errors(two_factor_verify_code_form.code) }}
+      {{ render_field(two_factor_verify_code_form.submit) }}
+    </form>
+  {% endif %}
+  {% if security.support_mfa and security.multi_factor_recovery_codes %}
+    <h3>{{ _fsdomain("Recovery Codes") }}</h3>
+    <div class="fs-div">
+      {{ _fsdomain("This application supports setting up recovery codes.") }}
+      <a href="{{ url_for_security('mf_recovery_codes') }}">{{ _fsdomain("You can set them up here.") }}</a>
+    </div>
+  {% endif %}
+  {% include "security/_menu.html" %}
+{% endblock content %}
diff --git a/flask_security/templates/security/two_factor_verify_code.html b/flask_security/templates/security/two_factor_verify_code.html
index 63c8e27f..61cc41ff 100644
--- a/flask_security/templates/security/two_factor_verify_code.html
+++ b/flask_security/templates/security/two_factor_verify_code.html
@@ -2,26 +2,25 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field, prop_next %}
 
 {% block content %}
-    {% include "security/_messages.html" %}
-    <h1>{{ _fsdomain("Two-factor Authentication") }}</h1>
-    <h2>{{ _fsdomain("Please enter your authentication code generated via: %(method)s", method=chosen_method) }}</h2>
-    <form action="{{ url_for_security('two_factor_token_validation') }}{{ prop_next() }}" method="POST"
-          name="two_factor_verify_code_form">
-        {{ two_factor_verify_code_form.hidden_tag() }}
-        {{ render_field_with_errors(two_factor_verify_code_form.code, placeholder="enter code") }}
-        {{ render_field(two_factor_verify_code_form.submit) }}
-    </form>
-    <hr class="fs-gap">
-    <form action="{{ url_for_security('two_factor_rescue') }}{{  prop_next() }}" method="POST" name="two_factor_rescue_form">
-        {{ two_factor_rescue_form.hidden_tag() }}
-        {{ render_field_with_errors(two_factor_rescue_form.help_setup) }}
-        {% if problem=="email" %}
-            <div>{{ _fsdomain("The code for authentication was sent to your email address") }}</div>
-        {% endif %}
-        {% if problem=="help" %}
-            <div>{{ _fsdomain("A mail was sent to us in order to reset your application account") }}</div>
-        {% endif %}
-        {{ render_field(two_factor_rescue_form.submit) }}
-    </form>
-    {% include "security/_menu.html" %}
-{% endblock %}
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain("Two-factor Authentication") }}</h1>
+  <h2>{{ _fsdomain("Please enter your authentication code generated via: %(method)s", method=chosen_method) }}</h2>
+  <form action="{{ url_for_security('two_factor_token_validation') }}{{ prop_next() }}" method="post" name="two_factor_verify_code_form">
+    {{ two_factor_verify_code_form.hidden_tag() }}
+    {{ render_field_with_errors(two_factor_verify_code_form.code, placeholder="enter code") }}
+    {{ render_field(two_factor_verify_code_form.submit) }}
+  </form>
+  <hr class="fs-gap">
+  <form action="{{ url_for_security('two_factor_rescue') }}{{ prop_next() }}" method="post" name="two_factor_rescue_form">
+    {{ two_factor_rescue_form.hidden_tag() }}
+    {{ render_field_with_errors(two_factor_rescue_form.help_setup) }}
+    {% if problem=="email" %}
+      <div>{{ _fsdomain("The code for authentication was sent to your email address") }}</div>
+    {% endif %}
+    {% if problem=="help" %}
+      <div>{{ _fsdomain("A mail was sent to us in order to reset your application account") }}</div>
+    {% endif %}
+    {{ render_field(two_factor_rescue_form.submit) }}
+  </form>
+  {% include "security/_menu.html" %}
+{% endblock content %}
diff --git a/flask_security/templates/security/us_setup.html b/flask_security/templates/security/us_setup.html
index 0af21599..928d791f 100644
--- a/flask_security/templates/security/us_setup.html
+++ b/flask_security/templates/security/us_setup.html
@@ -24,82 +24,75 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field, render_field_errors, render_form_errors %}
 
 {% block content %}
-    {% include "security/_messages.html" %}
-    <h1>{{ _fsdomain("Setup Unified Sign In") }}</h1>
-    <form action="{{ url_for_security('us_setup') }}" method="POST"
-          name="us_setup_form">
-      {{ us_setup_form.hidden_tag() }}
-      {{ render_form_errors(us_setup_form) }}
-      {% if setup_methods %}
-        <div class="fs-div">{{ _fsdomain("Currently active sign in options:") }}<em>
-        {% if active_methods %}
-          {{ ", ".join(active_methods) }}
-        {% else %}
-          None.
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain("Setup Unified Sign In") }}</h1>
+  <form action="{{ url_for_security('us_setup') }}" method="post" name="us_setup_form">
+    {{ us_setup_form.hidden_tag() }}
+    {{ render_form_errors(us_setup_form) }}
+    {% if setup_methods %}
+      <div class="fs-div">
+        {{ _fsdomain("Currently active sign in options:") }}
+        <em>
+          {% if active_methods %}
+            {{ ", ".join(active_methods) }}
+          {% else %}
+            None.
+          {% endif %}
+        </em>
+      </div>
+      <h3>{{ us_setup_form.chosen_method.label }}</h3>
+      <div class="fs-div">
+        {% for subfield in us_setup_form.chosen_method %}{{ render_field_with_errors(subfield) }}{% endfor %}
+        {{ render_field_errors(us_setup_form.chosen_method) }}
+      </div>
+      <div class="fs-div">
+        {% if "sms" in available_methods and "sms" not in active_methods %}
+          {{ render_field_with_errors(us_setup_form.phone) }}
         {% endif %}
-        </em></div>
-
-        <h3>{{ us_setup_form.chosen_method.label }}</h3>
-        <div class="fs-div">
-          {% for subfield in us_setup_form.chosen_method %}
-              {{ render_field_with_errors(subfield) }}
-          {% endfor %}
-          {{ render_field_errors(us_setup_form.chosen_method) }}
-        </div>
-
+      </div>
+      {% if us_setup_form.delete_method.choices and not state %}
+        {#  don't show delete if we're trying to validate a setup #}
+        <h3>{{ us_setup_form.delete_method.label }}</h3>
         <div class="fs-div">
-          {% if "sms" in available_methods and "sms" not in active_methods %}
-            {{ render_field_with_errors(us_setup_form.phone) }}
-          {% endif %}
+          {% for subfield in us_setup_form.delete_method %}{{ render_field_with_errors(subfield) }}{% endfor %}
+          {{ render_field_errors(us_setup_form.delete_method) }}
         </div>
-        {% if us_setup_form.delete_method.choices and not state %}
-          {#  don't show delete if we're trying to validate a setup #}
-          <h3>{{ us_setup_form.delete_method.label }}</h3>
-          <div class="fs-div">
-            {% for subfield in us_setup_form.delete_method %}
-              {{ render_field_with_errors(subfield) }}
-            {% endfor %}
-            {{ render_field_errors(us_setup_form.delete_method) }}
+      {% endif %}
+      <div class="fs-gap">{{ render_field(us_setup_form.submit) }}</div>
+      {% if chosen_method == "authenticator" %}
+        <hr>
+        <div class="fs-center">
+          <div>
+            {{ _fsdomain("Open an authenticator app on your device and scan the following QRcode (or enter the code below manually) to start receiving codes:") }}
           </div>
-        {% endif %}
-        <div class="fs-gap">{{ render_field(us_setup_form.submit) }}</div>
-
-        {% if chosen_method == "authenticator" %}
-          <hr>
-          <div class="fs-center">
-            <div>
-              {{ _fsdomain("Open an authenticator app on your device and scan the following QRcode (or enter the code below manually) to start receiving codes:") }}
-            </div>
-            <div>
-              <img alt="{{ _fsdomain('Passwordless QRCode') }}" id="qrcode" src="{{ authr_qrcode }}">
-            </div>
-            <div>
-              {{ authr_key }}
-            </div>
+          <div>
+            <img alt="{{ _fsdomain('Passwordless QRCode') }}" id="qrcode" src="{{ authr_qrcode }}">
+            {# TODO: add width and heigth attrs #}%}
           </div>
-        {% endif %}
-      {% else %}
-        <h3>{{ _fsdomain("No methods have been enabled - nothing to setup") }}</h3>
+          <div>{{ authr_key }}</div>
+        </div>
       {% endif %}
-    </form>
-    {% if state %}
-      {# Completing setup by entering code #}
-      <hr class="fs-gap">
-      <div class="fs-important">{{ _fsdomain("Enter code here to complete setup") }}</div>
-      <form action="{{ url_for_security('us_setup_validate', token=state) }}" method="POST"
-          name="us_setup_validate_form">
-        {{ us_setup_validate_form.hidden_tag() }}
-        {{ render_field_with_errors(us_setup_validate_form.passcode) }}
-        <div class="fs-gap">{{ render_field(us_setup_validate_form.submit) }}</div>
-      </form>
+    {% else %}
+      <h3>{{ _fsdomain("No methods have been enabled - nothing to setup") }}</h3>
     {% endif %}
-    {% if security.webauthn %}
-      <hr class="fs-gap">
-      <h2>WebAuthn</h2>
-      <div class="fs-div">
-        {{ _fsdomain("This application supports WebAuthn security keys.") }}
-        <a href="{{ url_for_security('wan_register') }}">{{ _fsdomain("You can set them up here.") }}</a>
-      </div>
-    {% endif %}
-    {% include "security/_menu.html" %}
-{% endblock %}
+  </form>
+  {% if state %}
+    {# Completing setup by entering code #}
+    <hr class="fs-gap">
+    <div class="fs-important">{{ _fsdomain("Enter code here to complete setup") }}</div>
+    <form action="{{ url_for_security('us_setup_validate', token=state) }}" method="post" name="us_setup_validate_form">
+      {{ us_setup_validate_form.hidden_tag() }}
+      {{ render_field_with_errors(us_setup_validate_form.passcode) }}
+      <div class="fs-gap">{{ render_field(us_setup_validate_form.submit) }}</div>
+    </form>
+  {% endif %}
+  {% if security.webauthn %}
+    <hr class="fs-gap">
+    <h2>WebAuthn</h2>
+    <div class="fs-div">
+      {{ _fsdomain("This application supports WebAuthn security keys.") }}
+      <a href="{{ url_for_security('wan_register') }}">{{ _fsdomain("You can set them up here.") }}</a>
+    </div>
+  {% endif %}
+  {% include "security/_menu.html" %}
+{% endblock content %}
diff --git a/flask_security/templates/security/us_signin.html b/flask_security/templates/security/us_signin.html
index 81764409..b29a43cb 100644
--- a/flask_security/templates/security/us_signin.html
+++ b/flask_security/templates/security/us_signin.html
@@ -2,34 +2,30 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field, render_field_errors, render_form_errors, prop_next %}
 
 {% block content %}
-    {% include "security/_messages.html" %}
-    <h1>{{ _fsdomain("Sign In") }}</h1>
-      <form action="{{ url_for_security('us_signin') }}{{ prop_next() }}" method="POST"
-          name="us_signin_form">
-      {{ us_signin_form.hidden_tag() }}
-      {{ render_form_errors(us_signin_form) }}
-      {{ render_field_with_errors(us_signin_form.identity) }}
-      {{ render_field_with_errors(us_signin_form.passcode) }}
-      {{ render_field_with_errors(us_signin_form.remember) }}
-      {{ render_field(us_signin_form.submit) }}
-      {% if code_methods %}
-        <h4>{{ _fsdomain("Request one-time code be sent") }}</h4>
-        {% for subfield in us_signin_form.chosen_method %}
-          {% if subfield.data in code_methods %}
-            {{ render_field_with_errors(subfield) }}
-          {% endif %}
-        {% endfor %}
-        {{ render_field_errors(us_signin_form.chosen_method) }}
-        {{ render_field(us_signin_form.submit_send_code, formaction=url_for_security('us_signin_send_code')) }}
-      {% endif %}
-      </form>
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain("Sign In") }}</h1>
+  <form action="{{ url_for_security('us_signin') }}{{ prop_next() }}" method="post" name="us_signin_form">
+    {{ us_signin_form.hidden_tag() }}
+    {{ render_form_errors(us_signin_form) }}
+    {{ render_field_with_errors(us_signin_form.identity) }}
+    {{ render_field_with_errors(us_signin_form.passcode) }}
+    {{ render_field_with_errors(us_signin_form.remember) }}
+    {{ render_field(us_signin_form.submit) }}
+    {% if code_methods %}
+      <h4>{{ _fsdomain("Request one-time code be sent") }}</h4>
+      {% for subfield in us_signin_form.chosen_method %}
+        {% if subfield.data in code_methods %}{{ render_field_with_errors(subfield) }}{% endif %}
+      {% endfor %}
+      {{ render_field_errors(us_signin_form.chosen_method) }}
+      {{ render_field(us_signin_form.submit_send_code, formaction=url_for_security('us_signin_send_code')) }}
+    {% endif %}
+  </form>
   {% if security.webauthn %}
     <hr class="fs-gap">
     <h2>{{ _fsdomain("Use WebAuthn to Sign In") }}</h2>
-    <div>
-      <form method="GET" id="wan-signin-form" name="wan_signin_form">
-        <input id="wan_signin" name="wan_signin" type="submit" value="{{ _fsdomain('Sign in with WebAuthn') }}"
-          formaction="{{ url_for_security('wan_signin') }}{{ prop_next() }}">
+    <div class="fs-gap">
+      <form method="get" id="wan-signin-form" name="wan_signin_form">
+        <input id="wan_signin" name="wan_signin" type="submit" value="{{ _fsdomain('Sign in with WebAuthn') }}" formaction="{{ url_for_security('wan_signin') }}{{ prop_next() }}">
       </form>
     </div>
   {% endif %}
@@ -38,12 +34,11 @@ <h2>{{ _fsdomain("Use WebAuthn to Sign In") }}</h2>
     <h2>{{ _fsdomain("Use Social Oauth to Sign In") }}</h2>
     {% for provider in security.oauthglue.provider_names %}
       <div class="fs-gap">
-        <form method="POST" id={{ provider }}-form name={{ provider }}_form>
-          <input id={{ provider }} name={{ provider }} type="submit" value="{{ _fsdomain('Sign in with ')~provider }}"
-            formaction="{{ url_for_security('oauthstart', name=provider) }}{{ prop_next() }}">
+        <form method="post" id="{{ provider }}"-form name="{{ provider }}_form">
+          <input id="{{ provider }}" name="{{ provider }}" type="submit" value="{{ _fsdomain('Sign in with ')~provider }}" formaction="{{ url_for_security('oauthstart', name=provider) }}{{ prop_next() }}">
         </form>
       </div>
     {% endfor %}
   {% endif %}
   {% include "security/_menu.html" %}
-{% endblock %}
+{% endblock content %}
diff --git a/flask_security/templates/security/us_verify.html b/flask_security/templates/security/us_verify.html
index 99cfe68a..0efd6378 100644
--- a/flask_security/templates/security/us_verify.html
+++ b/flask_security/templates/security/us_verify.html
@@ -2,35 +2,31 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field, render_field_errors, prop_next %}
 
 {% block content %}
-    {% include "security/_messages.html" %}
-    <h1>{{ _fsdomain("Please Reauthenticate") }}</h1>
-      <form action="{{ url_for_security('us_verify') }}{{ prop_next() }}" method="POST"
-          name="us_verify_form">
-      {{ us_verify_form.hidden_tag() }}
-      {{ render_field_with_errors(us_verify_form.passcode) }}
-      {{ render_field(us_verify_form.submit) }}
-      {% if code_methods %}
-        <h4>{{ _fsdomain("Request one-time code be sent") }}</h4>
-        {% for subfield in us_verify_form.chosen_method %}
-          {% if subfield.data in code_methods %}
-            {{ render_field_with_errors(subfield) }}
-          {% endif %}
-        {% endfor %}
-        {{ render_field_errors(us_verify_form.chosen_method) }}
-        {% if code_sent %}
-          <p>{{ _fsdomain("Code has been sent") }}
-        {% endif %}
-        <div class="fs-gap">{{ render_field(us_verify_form.submit_send_code, formaction=url_for_security("us_verify_send_code")~prop_next()) }}</div>
-      {% endif %}
-      </form>
-      {% if has_webauthn_verify_credential %}
-        <hr class="fs-gap">
-        <h2>{{ _fsdomain("Use a WebAuthn Security Key to Reauthenticate") }}</h2>
-        <form action="{{ url_for_security('wan_verify') }}{{ prop_next() }}" method="POST"
-          name="wan_verify_form">
-            {{ wan_verify_form.hidden_tag() }}
-            {{ render_field(wan_verify_form.submit) }}
-        </form>
-      {% endif %}
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain("Please Reauthenticate") }}</h1>
+  <form action="{{ url_for_security('us_verify') }}{{ prop_next() }}" method="post" name="us_verify_form">
+    {{ us_verify_form.hidden_tag() }}
+    {{ render_field_with_errors(us_verify_form.passcode) }}
+    {{ render_field(us_verify_form.submit) }}
+    {% if code_methods %}
+      <h4>{{ _fsdomain("Request one-time code be sent") }}</h4>
+      {% for subfield in us_verify_form.chosen_method %}
+        {% if subfield.data in code_methods %}{{ render_field_with_errors(subfield) }}{% endif %}
+      {% endfor %}
+      {{ render_field_errors(us_verify_form.chosen_method) }}
+      {% if code_sent %}<p>{{ _fsdomain("Code has been sent") }}</p>{% endif %}
+      <div class="fs-gap">
+        {{ render_field(us_verify_form.submit_send_code, formaction=url_for_security("us_verify_send_code")~prop_next()) }}
+      </div>
+    {% endif %}
+  </form>
+  {% if has_webauthn_verify_credential %}
+    <hr class="fs-gap">
+    <h2>{{ _fsdomain("Use a WebAuthn Security Key to Reauthenticate") }}</h2>
+    <form action="{{ url_for_security('wan_verify') }}{{ prop_next() }}" method="post" name="wan_verify_form">
+      {{ wan_verify_form.hidden_tag() }}
+      {{ render_field(wan_verify_form.submit) }}
+    </form>
+  {% endif %}
   {% include "security/_menu.html" %}
-{% endblock %}
+{% endblock content %}
diff --git a/flask_security/templates/security/verify.html b/flask_security/templates/security/verify.html
index b0875581..d90bd028 100644
--- a/flask_security/templates/security/verify.html
+++ b/flask_security/templates/security/verify.html
@@ -2,21 +2,19 @@
 {% from "security/_macros.html" import render_field_with_errors, render_field, prop_next %}
 
 {% block content %}
-    {% include "security/_messages.html" %}
-    <h1>{{ _fsdomain("Please Reauthenticate") }}</h1>
-    <form action="{{ url_for_security('verify') }}{{ prop_next() }}" method="POST"
-          name="verify_form">
-        {{ verify_form.hidden_tag() }}
-        {{ render_field_with_errors(verify_form.password) }}
-        {{ render_field(verify_form.submit) }}
+  {% include "security/_messages.html" %}
+  <h1>{{ _fsdomain("Please Reauthenticate") }}</h1>
+  <form action="{{ url_for_security('verify') }}{{ prop_next() }}" method="post" name="verify_form">
+    {{ verify_form.hidden_tag() }}
+    {{ render_field_with_errors(verify_form.password) }}
+    {{ render_field(verify_form.submit) }}
+  </form>
+  {% if has_webauthn_verify_credential %}
+    <hr class="fs-gap">
+    <h2>{{ _fsdomain("Use a WebAuthn Security Key to Reauthenticate") }}</h2>
+    <form action="{{ url_for_security('wan_verify') }}{{ prop_next() }}" method="post" name="wan_verify_form">
+      {{ wan_verify_form.hidden_tag() }}
+      {{ render_field(wan_verify_form.submit) }}
     </form>
-   {% if has_webauthn_verify_credential %}
-      <hr class="fs-gap">
-      <h2>{{ _fsdomain("Use a WebAuthn Security Key to Reauthenticate") }}</h2>
-      <form action="{{ url_for_security('wan_verify') }}{{ prop_next() }}" method="POST"
-        name="wan_verify_form">
-          {{ wan_verify_form.hidden_tag() }}
-          {{ render_field(wan_verify_form.submit) }}
-      </form>
-    {% endif %}
-{% endblock %}
+  {% endif %}
+{% endblock content %}
diff --git a/flask_security/templates/security/wan_register.html b/flask_security/templates/security/wan_register.html
index de9de767..a54c09d8 100644
--- a/flask_security/templates/security/wan_register.html
+++ b/flask_security/templates/security/wan_register.html
@@ -7,8 +7,7 @@
 
 {% block head_scripts %}
   {{ super() }}
-  <script src="{{ url_for('.static', filename='js/webauthn.js') }}"
-          xmlns="http://www.w3.org/1999/html"></script>
+  <script src="{{ url_for('.static', filename='js/webauthn.js') }}" xmlns="http://www.w3.org/1999/html"></script>
   <script src="{{ url_for('.static', filename='js/base64.js') }}"></script>
 {% endblock head_scripts %}
 
@@ -18,63 +17,58 @@ <h1>{{ _fsdomain("Setup New WebAuthn Security Key") }}</h1>
   {% if not credential_options %}
     {# Initial form to get CreateOptions #}
     <div>{{ _fsdomain("Start by providing a unique name for your new security key:") }}</div>
-    <form action="{{ url_for_security('wan_register') }}" method="POST"
-            name="wan_register_form" id="wan-register-form">
-        {{ wan_register_form.hidden_tag() }}
-        {{ render_field_with_errors(wan_register_form.name) }}
-        {# Default is just second factor #}
-        {% if security.wan_allow_as_first_factor %}
-          <div>
-          {% for subfield in wan_register_form.usage %}
-            {{ render_field_with_errors(subfield) }}
-          {% endfor %}
-          </div>
-        {% endif %}
-        {{ render_field(wan_register_form.submit) }}
+    <form action="{{ url_for_security('wan_register') }}" method="post" name="wan_register_form" id="wan-register-form">
+      {{ wan_register_form.hidden_tag() }}
+      {{ render_field_with_errors(wan_register_form.name) }}
+      {# Default is just second factor #}
+      {% if security.wan_allow_as_first_factor %}
+        <div>
+          {% for subfield in wan_register_form.usage %}{{ render_field_with_errors(subfield) }}{% endfor %}
+        </div>
+      {% endif %}
+      {{ render_field(wan_register_form.submit) }}
     </form>
   {% else %}
-    <form action="{{ url_for_security('wan_register_response', token=wan_state) }}" method="POST"
-          name="wan_register_response_form" id="wan-register-response-form">
+    <form action="{{ url_for_security('wan_register_response', token=wan_state) }}" method="post" name="wan_register_response_form" id="wan-register-response-form">
       {{ wan_register_response_form.hidden_tag() }}
       <div id="wan-errors"></div>
     </form>
-      <script type="text/javascript">
-        handleRegister('{{ credential_options|safe }}')
-          .then((result) => {
-            if (result.error_msg) {
-              const error_element = document.getElementById("wan-errors")
-              error_element.innerHTML = `<em>${result.error_msg}</em`
-            } else {
-              document.getElementById("credential").value = result.credential
-              {# We auto-submit this form - there is a Submit button on the
-                 form we could use - but there really isn't any reason to force the
-                 user to click yet another button
-               #}
-              document.forms["wan-register-response-form"].submit()
-            }
-          })
-      </script>
+    <script type="text/javascript">
+      handleRegister('{{ credential_options|safe }}')
+        .then((result) => {
+          if (result.error_msg) {
+            const error_element = document.getElementById("wan-errors");
+            error_element.innerHTML = `<em>${result.error_msg}</em>`;
+          } else {
+            document.getElementById("credential").value = result.credential;
+            {# We auto-submit this form - there is a Submit button on the
+                form we could use - but there really isn't any reason to force the
+                user to click yet another button
+            #}
+            document.forms["wan-register-response-form"].submit();
+          }
+        });
+    </script>
   {% endif %}
-
   {% if registered_credentials %}
     <h3>{{ _fsdomain("Currently registered security keys:") }}</h3>
     {% set listing = _fsdomain('Nickname: "%s" Usage: "%s" Transports: "%s" Discoverable: "%s" Device Type: "%s" Backed up? "%s" Last used on: %s') %}
     <ul>
       {% for cred in registered_credentials %}
-        <li>{{ listing|format(cred.name, cred.usage, cred.transports|join(", "), cred.discoverable, cred.device_type, cred.backup_state, cred.lastuse)}}</li>
+        <li>
+          {{ listing|format(cred.name, cred.usage, cred.transports|join(", "), cred.discoverable, cred.device_type, cred.backup_state, cred.lastuse) }}
+        </li>
       {% endfor %}
     </ul>
   {% endif %}
-
   {% if wan_delete_form %}
     <hr>
     <h2>{{ _fsdomain("Delete Existing WebAuthn Security Key") }}</h2>
-      <form action="{{ url_for_security('wan_delete') }}" method="POST"
-            name="wan_delete_form">
-        {{ wan_delete_form.hidden_tag() }}
-        {{ render_field_with_errors(wan_delete_form.name) }}
-        {{ render_field(wan_delete_form.submit) }}
-      </form>
+    <form action="{{ url_for_security('wan_delete') }}" method="post" name="wan_delete_form">
+      {{ wan_delete_form.hidden_tag() }}
+      {{ render_field_with_errors(wan_delete_form.name) }}
+      {{ render_field(wan_delete_form.submit) }}
+    </form>
   {% endif %}
   {% if security.support_mfa and security.multi_factor_recovery_codes %}
     <hr>
@@ -83,6 +77,6 @@ <h2>{{ _fsdomain("Recovery Codes") }}</h2>
       {{ _fsdomain("This application supports setting up recovery codes.") }}
       <a href="{{ url_for_security('mf_recovery_codes') }}">{{ _fsdomain("You can set them up here.") }}</a>
     </div>
-    {% endif %}
+  {% endif %}
   {% include "security/_menu.html" %}
-{% endblock %}
+{% endblock content %}
diff --git a/flask_security/templates/security/wan_signin.html b/flask_security/templates/security/wan_signin.html
index f93386a0..05b486d5 100644
--- a/flask_security/templates/security/wan_signin.html
+++ b/flask_security/templates/security/wan_signin.html
@@ -7,8 +7,7 @@
 
 {% block head_scripts %}
   {{ super() }}
-  <script src="{{ url_for('.static', filename='js/webauthn.js') }}"
-          xmlns="http://www.w3.org/1999/html"></script>
+  <script src="{{ url_for('.static', filename='js/webauthn.js') }}" xmlns="http://www.w3.org/1999/html"></script>
   <script src="{{ url_for('.static', filename='js/base64.js') }}"></script>
 {% endblock head_scripts %}
 
@@ -20,8 +19,7 @@ <h1>{{ _fsdomain("Sign In Using WebAuthn Security Key") }}</h1>
     <h1>{{ _fsdomain("Use Your WebAuthn Security Key as a Second Factor") }}</h1>
   {% endif %}
   {% if not credential_options %}
-    <form action="{{ url_for_security('wan_signin') }}{{ prop_next() }}" method="POST"
-          name="wan_signin_form" id="wan-signin-form">
+    <form action="{{ url_for_security('wan_signin') }}{{ prop_next() }}" method="post" name="wan_signin_form" id="wan-signin-form">
       {{ wan_signin_form.hidden_tag() }}
       {% if not is_secondary %}
         {{ render_field_with_errors(wan_signin_form.identity) }}
@@ -31,8 +29,7 @@ <h1>{{ _fsdomain("Use Your WebAuthn Security Key as a Second Factor") }}</h1>
       {{ render_field(wan_signin_form.submit) }}
     </form>
   {% else %}
-    <form action="{{ url_for_security('wan_signin_response', token=wan_state) }}{{ prop_next() }}" method="POST"
-          name="wan_signin_response_form" id="wan-signin-response-form">
+    <form action="{{ url_for_security('wan_signin_response', token=wan_state) }}{{ prop_next() }}" method="post" name="wan_signin_response_form" id="wan-signin-response-form">
       {{ wan_signin_response_form.hidden_tag() }}
       {{ render_field_errors(wan_signin_form.remember) }}
       {#  the following is important even though it is hidden - some browsers
@@ -41,21 +38,21 @@ <h1>{{ _fsdomain("Use Your WebAuthn Security Key as a Second Factor") }}</h1>
       {{ render_field(wan_signin_response_form.credential) }}
       <div id="wan-errors"></div>
     </form>
-      <script type="text/javascript">
-        handleSignin('{{ credential_options|safe }}')
+    <script type="text/javascript">
+      handleSignin('{{ credential_options|safe }}')
         .then((result) => {
           if (result.error_msg) {
-            const error_element = document.getElementById("wan-errors")
-            error_element.innerHTML = `<em>${result.error_msg}</em`
+            const error_element = document.getElementById("wan-errors");
+            error_element.innerHTML = `<em>${result.error_msg}</em>`;
           } else {
-            document.getElementById("credential").value = result.credential
+            document.getElementById("credential").value = result.credential;
             {# We auto-submit this form - there is a Submit button on the
-               form we could use - but there really isn't any reason to force the
-               user to click yet another button
-             #}
-            document.forms["wan-signin-response-form"].submit()
+                form we could use - but there really isn't any reason to force the
+                user to click yet another button
+              #}
+            document.forms["wan-signin-response-form"].submit();
           }
-        })
-      </script>
+        });
+    </script>
   {% endif %}
-{% endblock %}
+{% endblock content %}
diff --git a/flask_security/templates/security/wan_verify.html b/flask_security/templates/security/wan_verify.html
index 264db3dc..38e91337 100644
--- a/flask_security/templates/security/wan_verify.html
+++ b/flask_security/templates/security/wan_verify.html
@@ -12,8 +12,7 @@
 
 {% block head_scripts %}
   {{ super() }}
-  <script src="{{ url_for('.static', filename='js/webauthn.js') }}"
-          xmlns="http://www.w3.org/1999/html"></script>
+  <script src="{{ url_for('.static', filename='js/webauthn.js') }}" xmlns="http://www.w3.org/1999/html"></script>
   <script src="{{ url_for('.static', filename='js/base64.js') }}"></script>
 {% endblock head_scripts %}
 
@@ -21,32 +20,30 @@
   {% include "security/_messages.html" %}
   <h1>{{ _fsdomain("Please Re-Authenticate Using Your WebAuthn Security Key") }}</h1>
   {% if not credential_options %}
-    <form action="{{ url_for_security('wan_verify') }}{{ prop_next() }}" method="POST"
-          name="wan_verify_form">
-        {{ wan_verify_form.hidden_tag() }}
-        {{ render_field(wan_verify_form.submit) }}
+    <form action="{{ url_for_security('wan_verify') }}{{ prop_next() }}" method="post" name="wan_verify_form">
+      {{ wan_verify_form.hidden_tag() }}
+      {{ render_field(wan_verify_form.submit) }}
     </form>
   {% else %}
-    <form action="{{ url_for_security('wan_verify_response', token=wan_state) }}{{ prop_next() }}" method="POST"
-          name="wan_signin_response_form" id="wan-signin-response-form">
+    <form action="{{ url_for_security('wan_verify_response', token=wan_state) }}{{ prop_next() }}" method="post" name="wan_signin_response_form" id="wan-signin-response-form">
       {{ wan_signin_response_form.hidden_tag() }}
       <div id="wan-errors"></div>
     </form>
-      <script type="text/javascript">
-        handleSignin('{{ credential_options|safe }}')
+    <script type="text/javascript">
+      handleSignin('{{ credential_options|safe }}')
         .then((result) => {
           if (result.credential) {
-            document.getElementById("credential").value = result.credential
+            document.getElementById("credential").value = result.credential;
             {# We auto-submit this form - there is a Submit button on the
-               form we could use - but there really isn't any reason to force the
-               user to click yet another button
-             #}
-            document.forms["wan-signin-response-form"].submit()
+                form we could use - but there really isn't any reason to force the
+                user to click yet another button
+              #}
+            document.forms["wan-signin-response-form"].submit();
           } else {
-            const error_element = document.getElementById("wan-errors")
-            error_element.innerHTML = `<em>${result.error_msg}</em`
+            const error_element = document.getElementById("wan-errors");
+            error_element.innerHTML = `<em>${result.error_msg}</em>`;
           }
-        })
-      </script>
+        });
+    </script>
   {% endif %}
-{% endblock %}
+{% endblock content %}
diff --git a/requirements/tests.txt b/requirements/tests.txt
index 8e8466bc..cfbba15e 100644
--- a/requirements/tests.txt
+++ b/requirements/tests.txt
@@ -13,6 +13,7 @@ bleach
 check-manifest
 coverage
 cryptography
+djlint
 python-dateutil
 mongoengine
 mongomock