* Add confirmation step for email changes
This adds a confirmation step for email changes of existing users.
Like the initial account confirmation, a confirmation link is sent
to the new address.
Additionally, a notification is sent to the existing address when
the change is initiated. This message includes instruction to reset
the password immediately or to contact the instance admin if the
change was not initiated by the account owner.
Fixes#3871
* Add review fixes
This uses (more or less) absolute references to external assets, which
allows imported stylesheets (like components.scss) to work from other
locations that may not have the expected path structure (e.g. the win95
theme).
* Add GET /api/v1/instance/peers API to reveal known domains
* Add GET /api/v1/instance/activity API
* Make new APIs disableable, exclude private statuses from activity stats
* Fix code style issue
* Fix week timestamps
* Make host_meta/webfinger replies cacheable (fixes#6100)
Drop common code for handling users and sessions as webfinger queries
are very basic, public APIs.
Also explicitly mark results as cacheable with “expires_in”.
* Add “Vary: Accept” header for caching since content-negociation is used
Getting Started column obtained many links, and it became much taller.
Because of its height, Getting Started column required long scrolling on
devices with small screen, such as 4 inch phones and 10 inch laptops.
This change moves the mastodon which took large space on the column to
drawer column. The drawer column has only the compose form and has more
space.
* removed references to hideOnMobile in column_link and getting_started
* add mute, block, conversationMute actions to detailed status dropdown (fixes#1226)
* remove unused withDismiss in detailed status
* Add aria-autocomplete='list' in Textaria
ref: https://www.w3.org/TR/wai-aria-1.1/#aria-autocomplete
* Make detect empty string brefore assign upload description
* Change code elements in keyboard-shortcuts component to kbd
* Add validation for onMuteNotifications
Deleted users are technically suspended, but the code displaying their status
in the admin interface was broken and displayed a javascript object holding
translations of the possible user roles instead.
Specifically, this commit:
- changes S::TFA::{Confirmations,RecoveryCodes}Controller to derive from
S::BaseController, because this gives us the necessary actions and
packs
- prepends set_pack to Auth::SessionsController's action chain so that
it takes effect in time for render :two_factor