* Fix#3910 - Require OTP authentication to disable 2FA. Also, remove ability
to generate new OTP backup codes *after* initial backup codes were handed
out during activation
* Restore recovery code re-generation
* Improve display of some 2FA elements
* Add overview of active sessions
* Better display of browser/platform name
* Improve how browser information is stored and displayed for sessions overview
* Fix test
* Fix#2347 - Bind web UI access token to session
When you logout, session also destroys the access token, so it's no longer
valid. If access token is destroyed some other way, the session is also
destroyed, requiring a re-login.
Fix#1681 - Add scheduler to remove revoked access tokens and grants
* Fix test
* Add overview of active sessions
* Better display of browser/platform name
* Improve how browser information is stored and displayed for sessions overview
* Fix test
Setting ASSET_HOST to `http://0.0.0.0:8080` makes urls in manifest.json to
be invalid, e.g. `http://0.0.0.0:8080/packs/application.js`.
Anyway, we don't need set this on build:development because assets would
be delivered from same origin in development (and w/o dev-server).
Webpack seems to fail to import `react-intl/locale-data/*.js` if those
files has been proceed by babel, and this also breaks applying our translation.
Note that this won't be a problem on English locale, because react-intl
includes it as default and works fine without manually added locale-data.
Also this issue seems to only occurs on production build, but I'm not sure
about reason.
kibigo!
Takuya Yoshida
unarist
Surinna Curtis
Eugen Rochko
amazedkoumei
Sorin Davidoi
Akihiko Odaki (@fn_aki@pawoo.net)
Shel Raphen
PFM
Yamagishi Kazutoshi
beatrix-bitrot
Matthew Walsh