Function session_end_confirm_html 

pub(super) async fn session_end_confirm_html(
    user_id: &UserId,
    device_id: &str,
    login_token: &str,
) -> Result<String>

Shows a POST confirmation form. The login_token is the original SSO-issued token, peeked (not consumed) by the GET handler and embedded here as the CSRF/auth token. It is consumed when the user submits this form.