* feat: add unix passwod reset to security web ui
* refactor: fetch profile info in ViewsApp
prevents constant re-fetching of the profile page and allows every view
to access the current_user property
* refactor: move unix password change to component
* docs: add @theSuess to contributors
* fix: further specify kind of password updated
* refactor: perform validity check before submit
* chore: regenerate vendored wasm package
* implementation of passkeys as an auth mech
* listing the current passkeys when asking to remove one
* tweaking insecure dev server config so passkeys will work
* Fix domain rename
Co-authored-by: James Hodgkinson <james@terminaloutcomes.com>
* Instead of wasm_bindgen creating a JS snippet to externalize code, we're now loading pure-JS util functions from wasmloader.js (#[wasm_bindgen(raw_module = "/pkg/wasmloader.js")])
* Sign out is now a confirmation box instead of "oh no I have to log back in because I'm clumsy and clicked a thing"
* Now using the urlencoding crate for encoding the TOTP URLs because string replacing encoded characters felt like writing our own crypto (and now you can call yourself whatever arbitrary string you want)
* This fixed an issue in the web UI where the "Add a TOTP" interface would show URL-encoded things, but also made things easier for consistency.
* Moved the other web middleware objects into the middleware module because the main module was getting a bit unwieldy.
* Started auto-generating the integrity hashes in a different way on start up, which removes a middleware doing random string replacements to inject them, and means we can update modules without having to manually update the string values in the HTML.
* Add 'account person set' command
This command allows a user to modify, say, their legal name in a
self-service fashion.
This wasn't possible before by default since the 'extend' operation
required additional ACPs in order to operate which not every user would
have.
The new "person set" api is compatible with the default self_write ACP,
and so allows self-service modification.
* Add a short section on people attributes to the book
Fixes#357 - this allows the password MFA handler to correct handle a mixed totp or webauthn credential with passwords. This is likely the "majority" of accounts we will see on the service.
Fixes#202 - This adds support for enrolling and removing totp on the cli, as well as a rebuilt work flow for login to allow dynamic prompting of what credetials are required.
