also update AuthFallback database
* re-write fallback auth to use alias or ssbid
* replace Create() with SetPassword() which does an upsert
* Add reset tokens to sqlite
* add test for SetPassword with reset token
* disable ui if user is unelevated
* disable revoke button if unelevated and not own invite
* improve styling of disabled elements
* remove revoke if alias not made my current user
to make sure the list of languages is sorted, we now use a slice of
TagTranslation{Tag: string, Translation: string} structs, sorted
by `TagTranslation.Tag`.
while working on the /set-language route, i noticed that i was getting a
csrf error for all /admin views when setting the language, while it
worked well on non-admin routes.
the issue, it turned out, was that we needed to configure gorilla's csrf
feature to set all cookies on the same route. when unconfigured, the
set cookies will only be set for the path they are being set at.
see more in the gorilla.csrf documentation (in particular the csrf.Path
option): https://pkg.go.dev/github.com/gorilla/csrf?utm_source=godoc#Path
* fix test compilation
* fix aliases on member page
* add tests for aliases on member.GetByID and ByFeed
* fix admin tests
* use webassert helper for flash messages
* fix flashes
* fill in sid and sc
* fix logout
* cascade member removal
* fix links
* trim suffix from signature
* fix /sse/login link
* fix sse links and filenames
* fix logout
* fix typos
* fix test compilation
* fix bridge test
* correct alias url test
* add some comments
* fix potentiall "can't send" deadlock on bridge
some documentation and license headers
A helper package so that handler and render code isnt directly tied to
the authentication package.
Also reduces db lookup overhead to one request to sqlite per request for
the user lookup.