The [previously used U2F library](https://github.com/fido-alliance/google-u2f-ref-code/) has been deprecated. The new one does not override the browsers `window.u2f` functionality if it is natively supported. It also displays the appropriate errors and falls back nicely in case the browser does not support U2F.
This allows plugins to create custom dbcontexts, which would be namespaced in the scheme with a prefix. Migrations are supported too and the table would be prefixed too
* BTCPay Extensions Part 2
This PR cleans up the extension system a bit in that:
* It renames the test extension to a more uniform name
* Allows yo uto have system extensions, which are extensions but bundled by default with the release (and cannot be removed)
* Adds a tool to help you generate an extension package from a csproj
* Refactors the UI extension points to a view component
* Moves some more interfaces to the Abstractions csproj
* Rename to plugins
* Allow disabling notifications per user and disabling specific notifications per use
closes#1974
* Add disable notifs for all users
* fix term generator for notifications
* sow checkboxes instead of multiselect when js is enabled
* remove js dependency
* fix notif conditions
* Rename user param to userId in API key redirect
This way it is clearer what to expect and it also make the parameteer easier to consume.
* Post redirect: Allow form url and prettify page
- Form URL as alternative to controller/action for external URLs
- Making it look nice and add explanation for non-JS case
* APIKeys: Minor view updates
fix
* APIKeys: Use POST redirect for confirmation
fix
* UI: Minor update to confirm view
Tidies it up and adapts to the newly added ConfirmAPIKeys view.
* APIKeys: Update delete view
Structures the information in title and description better.
* APIKeys: Distinguish authorize and confirm (reuse)
* Upgrade ChromeDriver
* Test fixes
* Clean up PostRedirect view
By adding missing forgery token
* Re-add tests for callback post values
* Rename key param to apiKey in API key redirect
* Update BTCPayServer/wwwroot/swagger/v1/swagger.template.authorization.json
Co-authored-by: Andrew Camilleri <evilkukka@gmail.com>
* Use DEBUG conditional for postredirect-callback-test route
* Remove unnecessary ChromeDriver references
* Add debug flag
* Remove debug flags
Co-authored-by: Andrew Camilleri <evilkukka@gmail.com>
* This refactors the email sending so that all the logic related to users and emails are now contained in one location.
* The Reset password screen has been updated from its ugly plain self to use the same layout as the login.
* An admin can now create a new account without specifying a password. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email
* An admin can now create accounts that still require the user to verify their if the setting is enabled from the server settings. A link is generated that can be given to the intended user to configure the password. If emails are configured, it also sends an email.
* The above features can be used in conjunction: An email will have to verify their email through a link. Once verified, the user is redirected to setting the password.
* When an email has been verified OR a password has been set, users are now redirected to the login page with the email filled in and a success status message shown instead of a dedicated thank you page.
This lets the authorize api key screen redirect to the defined url and provide it with the user id, permissions granted and the key.
This also allows apps to match existing api keys generated for it specifically using the application identifier, and if matched, presented with a confirmation page before redirection.
Builds on #1368
This PR adds a new endpoint: Get current user.. It only returns the current user's id and email for now( let's extend later)
It also adds a new permission: `ProfileManagement` which is needed for this endpoint (and for update endpoints later)
* init u2f
* ux fixes
* Cleanup Manage Controller
* final changes
* remove logs
* remove console log
* fix text for u2f
* Use Is Secure instead of IsHttps
* add some basic u2f tests
* move loaders to before title
* missing commit
* refactor after nicolas wtf moment
