Compare revisions

98fe5690 · 98fe5690 · 98fe5690 · 98fe5690 · 98fe5690 · 98fe5690
--- a/uffd/signup/templates/signup/submitted.html
+++ b/uffd/signup/templates/signup/submitted.html
 {% extends 'base.html' %}

 {% block body %}
-
 <div class="row mt-2 justify-content-center">
-	<div class="col-lg-6 col-md-10" style="background: #f7f7f7; box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.3); padding: 30px;">
+	<div class="col-lg-6 col-md-10 narrow-card">
 		<div class="text-center">
 			<img alt="branding logo" src="{{ config.get("BRANDING_LOGO_URL") }}" class="col-lg-8 col-md-12" >
 		</div>
-		<div class="col-12 mb-3">
-			<h2 class="text-center">{{_('Confirm your E-Mail Address')}}</h2>
+		<div class="col-12">
+			<h2 class="text-center">{{ _('Access Denied') }}</h2>
+		</div>
+		<div class="form-group col-12">
+			<p>
+				{% if description %}
+				{{ description|safe }}
+				{% else %}
+				{{ _("You don't have the permission to access this page.") }}
+				{% endif %}
+			</p>
 		</div>
-		<p>{{_('We sent a confirmation mail to <b>%(signup_mail)s</b>. You need to confirm your mail address within 48 hours to complete the account registration.', signup_mail=signup.mail|e)|safe}}</p>
-		<p>{{_("If you mistyped your mail address or don't receive the confirmation mail for another reason, retry the registration procedure from the beginning.")}}</p>
 	</div>
 </div>
 {% endblock %}
--- a/uffd/templates/base.html
+++ b/uffd/templates/base.html
@@ -4,13 +4,14 @@
 		{% block head %}
 		<meta charset="utf-8">
 		<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-		<title>{% block title %}uffd{% endblock %}</title>
+		<title>{% block title %}{{ config['SITE_TITLE'] }}{% endblock %}</title>

 		<link href="{{ url_for('static', filename="bootstrap/bootstrap.min.css") }}" rel="stylesheet">
+		<link href="{{ url_for('static', filename="bootstrap/bootstrap-prefers-dark-color-only.min.css") }}" rel="stylesheet">
 		<link href="{{ url_for('static', filename="fa/css/all.css") }}" rel="stylesheet">
-		<link href="{{ url_for('static', filename="style.css") }}" rel="stylesheet">
+		<link href="{{ url_for('static', filename="style-1.css") }}" rel="stylesheet">
 		<script src="{{ url_for('static', filename="jquery/jquery-3.4.1.min.js") }}"></script>
-		<script src="{{ url_for('static', filename="popper/popper.min.js") }}"></script>
+		<script src="{{ url_for('static', filename="popper/popper-1.16.0.min.js") }}"></script>
 		<script src="{{ url_for('static', filename="bootstrap/bootstrap.min.js") }}"></script>

 		<link rel="icon" href="{{ url_for('static', filename='favicon.ico') }}" type="image/png">
@@ -35,8 +36,8 @@
 		{%- endmacro %}

 		<nav class="navbar navbar-expand-md navbar-dark bg-dark static-top" >
-			<a class="navbar-brand" href="{{ url_for('index') }}">uffd</a>
-			{% if getnavbar() or request.user or config['LANGUAGES']|length > 1 %}
+			<a class="navbar-brand" href="{{ url_for('index') }}">{{ config['SITE_TITLE'] }}</a>
+			{% if getnavbar() or request.user or request.endpoint != 'session.login' or config['LANGUAGES']|length > 1 %}
 			<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#baseNavbar" aria-controls="baseNavbar" aria-expanded="false" aria-label="Toggle navigation">
 				<span class="navbar-toggler-icon"></span>
 			</button>
@@ -69,7 +70,7 @@
 				</ul>
 				{% endif %}

-				{% if request.user or config['LANGUAGES']|length > 1 %}
+				{% if request.user or request.endpoint != 'session.login' or config['LANGUAGES']|length > 1 %}
 				<ul class="navbar-nav ml-auto">
 					{% if config['LANGUAGES']|length > 1 %}
 					<li class="nav-item">
@@ -99,6 +100,13 @@
 							{{_("Logout")}}
 						</a>
 					</li>
+					{% elif request.endpoint != 'session.login' %}
+					<li class="nav-item">
+						<a class="nav-link" href="{{ url_for("session.login", ref=request.full_path) }}">
+							<span aria-hidden="true" class="fa fa-sign-in-alt"></span>
+							{{ _("Login") }}
+						</a>
+					</li>
 					{% endif %}
 				</ul>
 				{% endif %}
@@ -107,26 +115,26 @@
 		</nav>
 		{% endblock navbar %}

-		<div class="container mt-2">
+		{% block main %}
+		<main role="main" class="container mt-3">
 			<div class="row">
-				{% for message in get_flashed_messages() %}
+				{% for category, message in get_flashed_messages(with_categories=true) %}
 				<div class="col-12">
-					<div class="alert alert-primary" role="alert">{{ message }}</div>
+					<div class="alert alert-{{ 'danger' if category == 'error' else 'warning' if category == 'warning' else 'primary' }}" role="alert">{{ message }}</div>
 				</div>
 				{% endfor %}
 			</div>
-		</div>

-		<main role="main" class="container">
 			{% block body %}
 			{% endblock body %}
-			<!-- spacer for floating footer -->
-			<div class="mb-5"></div>
 		</main>
+		{% endblock main %}

+		<!-- spacer for floating footer -->
+		<div class="mb-5"></div>
 		<footer class="footer">
 			{% block footer %}
-			<div class="container">
+			<div class="container-fluid">
 				<ul class="list-inline">
 					{% for link in config["FOOTER_LINKS"]%}
 					<li class="list-inline-item"><a href="{{ link.url }}">{{ link.title }}</a></li>

--- a/uffd/templates/base_narrow.html
+++ b/uffd/templates/base_narrow.html
+{% extends 'base.html' %}
+
+{% block main %}
+<main role="main" class="container mt-3">
+	<div class="row justify-content-center">
+		<div class="col-lg-6 col-md-10 px-0">
+			<div class="row">
+				{% for category, message in get_flashed_messages(with_categories=true) %}
+				<div class="col-12">
+					<div class="alert alert-{{ 'danger' if category == 'error' else 'warning' if category == 'warning' else 'primary' }}" role="alert">{{ message }}</div>
+				</div>
+				{% endfor %}
+			</div>
+		</div>
+	</div>
+	<div class="row justify-content-center">
+		<div class="col-lg-6 col-md-10 narrow-card">
+			<div class="text-center">
+				<img alt="branding logo" src="{{ config.get("BRANDING_LOGO_URL") }}" class="col-lg-8 col-md-12" >
+			</div>
+			{% block body %}
+			{% endblock body %}
+		</div>
+	</div>
+</main>
+{% endblock main %}
--- a/uffd/user/templates/group/list.html
+++ b/uffd/user/templates/group/list.html
@@ -3,6 +3,11 @@
 {% block body %}
 <div class="row">
 	<div class="col">
+		<p class="text-right">
+			<a class="btn btn-primary" href="{{ url_for("group.show") }}">
+				<i class="fa fa-plus" aria-hidden="true"></i> {{_("New")}}
+			</a>
+		</p>
 		<table class="table table-striped table-sm">
 			<thead>
 				<tr>
@@ -12,13 +17,13 @@
 				</tr>
 			</thead>
 			<tbody>
-				{% for group in groups|sort(attribute="gid") %}
-				<tr id="group-{{ group.gid }}">
+				{% for group in groups|sort(attribute="unix_gid") %}
+				<tr id="group-{{ group.id }}">
 					<th scope="row">
-						{{ group.gid }}
+						{{ group.unix_gid }}
 					</th>
 					<td>
-						<a href="{{ url_for("group.show", gid=group.gid) }}">
+						<a href="{{ url_for("group.show", id=group.id) }}">
 							{{ group.name }}
 						</a>
 					</td>

--- a/uffd/templates/group/show.html
+++ b/uffd/templates/group/show.html
+{% extends 'base.html' %}
+
+{% block body %}
+<form action="{{ url_for("group.update", id=group.id) }}" method="POST" autocomplete="off">
+<div class="align-self-center">
+	<div class="clearfix pb-2 col">
+		<div class="float-sm-right">
+			<button type="submit" class="btn btn-primary"><i class="fa fa-save" aria-hidden="true"></i> {{_("Save")}}</button>
+			<a href="{{ url_for("group.index") }}" class="btn btn-secondary">{{_("Cancel")}}</a>
+			{% if group.id %}
+				<a href="{{ url_for("group.delete", id=group.id) }}" onClick='return confirm({{_("Are you sure?")|tojson}});' class="btn btn-danger"><i class="fa fa-trash" aria-hidden="true"></i> {{_("Delete")}}</a>
+			{% else %}
+				<a href="#" class="btn btn-danger disabled"><i class="fa fa-trash" aria-hidden="true"></i> {{_("Delete")}}</a>
+			{% endif %}
+		</div>
+	</div>
+	<div class="form-group col">
+		<label for="group-gid">{{_("Group ID")}}</label>
+		{% if not group.id %}
+		<input type="number" class="form-control" id="group-gid" name="unix_gid" value="" placeholder="Automatically chosen if empty">
+		{% else %}
+		<input type="number" class="form-control" id="group-gid" name="unix_gid" value="{{ group.unix_gid }}" readonly>
+		{% endif %}
+	</div>
+	<div class="form-group col">
+		<label for="group-loginname">{{_("Name")}}</label>
+		<input type="text" class="form-control" id="group-loginname" name="name" minlength=1 maxlength=32 pattern="[a-z0-9_-]*" value="{{ group.name or '' }}" {{ 'readonly' if group.id }}>
+		<small class="form-text text-muted">
+			{{_('At least one and at most 32 lower-case characters, digits, dashes ("-") or underscores ("_"). <b>Cannot be changed later!</b>')|safe}}
+		</small>
+	</div>
+	<div class="form-group col">
+		<label for="group-description">{{_("Description")}}</label>
+		<textarea class="form-control" id="group-description" name="description" rows="5">{{ group.description or '' }}</textarea>
+		<small class="form-text text-muted">
+		</small>
+	</div>
+	{% if group.id %}
+	<div class="col"> 
+		<span>{{_("Members")}}:</span>
+		<ul class="row">
+		{% for member in group.members|sort(attribute='loginname') %}
+			<li class="col-12 col-xs-6 col-sm-4 col-md-3 col-lg-2"><a href="{{ url_for("user.show", id=member.id) }}">{{ member.loginname }}</a></li>
+		{% endfor %}
+		</ul>
+	</div>
+	{% endif %}
+</div>
+</form>
+{% endblock %}
--- a/uffd/invite/templates/invite/list.html
+++ b/uffd/invite/templates/invite/list.html
@@ -22,17 +22,15 @@
 			<tr>
 				<td>
 					{% if invite.creator == request.user and invite.active %}
-					<a href="{{ url_for('invite.use', token=invite.token) }}"><code>{{ invite.short_token }}</code></a>
-					<button type="button" class="btn btn-link btn-sm p-0 copy-clipboard" data-copy="{{ url_for('invite.use', token=invite.token, _external=True) }}" title="{{_('Copy link to clipboard')}}"><i class="fas fa-clipboard"></i></button>
+					<a href="{{ url_for('invite.use', invite_id=invite.id, token=invite.token) }}"><code>{{ invite.short_token }}</code></a>
+					<button type="button" class="btn btn-link btn-sm p-0 copy-clipboard" data-copy="{{ url_for('invite.use', invite_id=invite.id, token=invite.token, _external=True) }}" title="{{_('Copy link to clipboard')}}"><i class="fas fa-clipboard"></i></button>
 					<button type="button" class="btn btn-link btn-sm p-0" data-toggle="modal" data-target="#modal-{{ invite.id }}-qrcode" title="{{_('Show link as QR code')}}"><i class="fas fa-qrcode"></i></button>
 					{% else %}
 					<code>{{ invite.short_token }}</code>
 					{% endif %}
 				</td>
 				<td>
-					{% if not invite.creator_dn %}
-						{{ '<admin>' }}
-					{% elif not invite.creator %}
+					{% if not invite.creator %}
 						{{ '<deleted user>' }}
 					{% else %}
 						{{ invite.creator.loginname }}
@@ -43,7 +41,7 @@
 					{% for role in invite.roles %}{{ ', ' if loop.index != 1 }}<i class="fas fa-key"></i>&thinsp;{{ role.name }}{% endfor %}
 				</td>
 				<td>
-					<span style="white-space: nowrap;">{{ invite.signups|selectattr('completed')|list|length }} <i class="fas fa-users" title="user registrations"></i></span>,
+					<span style="white-space: nowrap;">{{ invite.signups|selectattr('completed')|list|length }} <i class="fas fa-users" title="{{ _('user signups') }}"></i></span>,
 					<span style="white-space: nowrap;">{{ invite.grants|length }} <i class="fas fa-key" title="role grants"></i></span>
 				</td>
 				<td>
@@ -58,9 +56,9 @@
 					{% elif not invite.active %}
 						{{_('Invalid')}}
 					{% elif invite.single_use %}
-						{{ _('Valid once, expires %(expiry_date)s', expiry_date=invite.valid_until.strftime('%Y-%m-%d')) }}
+						{{ _('Valid once, expires %(expiry_date)s', expiry_date=invite.valid_until|dateformat) }}
 					{% else %}
-						{{ _('Valid, expires %(expiry_date)s',expiry_date=invite.valid_until.strftime('%Y-%m-%d')) }}
+						{{ _('Valid, expires %(expiry_date)s', expiry_date=invite.valid_until|dateformat) }}
 					{% endif %}
 				</td>
 				<td class="text-right">
@@ -85,8 +83,8 @@
 			<div class="modal-body">
 				<ul class="list-unstyled">
 					<li><b>{{_('Type:')}}</b> {% if invite.single_use %}{{_('Single-use')}}{% else %}{{_('Multi-use')}}{% endif %}</li>
-					<li><b>{{_('Created:')}}</b> {{ invite.created.strftime('%Y-%m-%d %H:%M:%S') }}</li>
-					<li><b>{{_('Expires:')}}</b> {{ invite.valid_until.strftime('%Y-%m-%d %H:%M:%S') }}</li>
+					<li><b>{{_('Created:')}}</b> {{ invite.created|datetimeformat }}</li>
+					<li><b>{{_('Expires:')}}</b> {{ invite.valid_until|datetimeformat }}</li>
 					<li><b>{{_('Permissions:')}}</b>
 						<ul>
 							{% if invite.allow_signup %}
@@ -105,10 +103,10 @@
 						{% else %}
 						<ul>
 							{% for signup in invite.signups if signup.completed %}
-							<li>{{_('Registration of user <a href="%(user_url)s">%(user_name)s</a>', user_url=url_for('user.show', uid=signup.user.uid)|e, user_name=signup.user.loginname|e)|safe}}</li>
+							<li>{{_('Registration of user <a href="%(user_url)s">%(user_name)s</a>', user_url=url_for('user.show', id=signup.user.id)|e, user_name=signup.user.loginname|e)|safe}}</li>
 							{% endfor %}
 							{% for grant in invite.grants if grant.user %}
-							<li>{{_('Roles granted to <a href="%(user_url)s">%(user_name)s</a>', user_url=url_for('user.show', uid=grant.user.uid)|e, user_name=grant.user.loginname|e)|safe}}</li>
+							<li>{{_('Roles granted to <a href="%(user_url)s">%(user_name)s</a>', user_url=url_for('user.show', id=grant.user.id)|e, user_name=grant.user.loginname|e)|safe}}</li>
 							{% endfor %}
 						</ul>
 						{% endif %}
@@ -143,7 +141,7 @@
 				</button>
 			</div>
 			<div class="modal-body">
-				{{ url_for('invite.use', token=invite.token, _external=True)|qrcode_svg(width='100%', height='100%') }}
+				{{ url_for('invite.use', invite_id=invite.id, token=invite.token, _external=True)|qrcode_svg(width='100%', height='100%') }}
 			</div>
 		</div>
 	</div>

--- a/uffd/invite/templates/invite/new.html
+++ b/uffd/invite/templates/invite/new.html
 {% extends 'base.html' %}

 {% block body %}
-<form action="{{ url_for("invite.new_submit") }}" method="POST" class="form">
+<form action="{{ url_for("invite.new_submit") }}" method="POST" autocomplete="off" class="form">
 	<div class="form-group">
 		<label for="single-use">{{_('Link Type')}}</label>
 		<select class="form-control" id="single-use" name="single-use">
-			<option value="1">{{_('Valid for a single successful use')}}</option>
-			<option value="0">{{_('Multi-use')}}</option>
+			<option value="1" {{ 'selected' if request.values.get('single-use', '1') == '1' }}>{{_('Valid for a single successful use')}}</option>
+			<option value="0" {{ 'selected' if request.values.get('single-use', '1') == '0' }}>{{_('Multi-use')}}</option>
 		</select>
 	</div>
 	<div class="form-group">
 		<label for="valid-until">{{_('Valid Until')}}</label>
-		<input class="form-control" type="datetime-local" id="valid-until" name="valid-until" value="{{ (datetime.now() + timedelta(hours=36)).replace(hour=23, minute=59, second=59, microsecond=0).isoformat(timespec='minutes') }}">
+		<input class="form-control" type="datetime-local" id="valid-until" name="valid-until" value="{{ request.values.get('valid-until') or (datetime.now() + timedelta(hours=36)).replace(hour=23, minute=59).isoformat(timespec='minutes') }}" min="{{ datetime.now().isoformat(timespec='minutes') }}" max="{{ (datetime.now() + timedelta(days=config['INVITE_MAX_VALID_DAYS'])).isoformat(timespec='minutes') }}">
 		<small class="text-muted">{{_('Must be within the next %(max_valid_days)d days', max_valid_days=config['INVITE_MAX_VALID_DAYS'])}}</small>
 	</div>
 	{% if allow_signup %}
 	<div class="form-group">
 		<label for="allow-signup">{{_('Account Registration')}}</label>
 		<select class="form-control" id="allow-signup" name="allow-signup">
-			<option value="1">{{_('Link allows account registration')}}</option>
-			<option value="0">{{_('No account registration allowed')}}</option>
+			<option value="1" {{ 'selected' if request.values.get('allow-signup', '1') == '1' }}>{{_('Link allows account registration')}}</option>
+			<option value="0" {{ 'selected' if request.values.get('allow-signup', '1') == '0' }}>{{_('No account registration allowed')}}</option>
 		</select>
 	</div>
 	{% else %}

--- a/uffd/templates/invite/use.html
+++ b/uffd/templates/invite/use.html
+{% extends 'base_narrow.html' %}
+
+{% block body %}
+	<div class="col-12 mb-3">
+		<h2 class="text-center">{{_('Invite Link')}}</h2>
+	</div>
+	{% if not request.user %}
+	<p>{{_('Welcome to the %(org_name)s Single-Sign-On!', org_name=config.ORGANISATION_NAME)}}</p>
+	{% endif %}
+
+	{% if invite.roles and invite.allow_signup %}
+	<p>{{_('With this link you can register a new user account with the following roles or add the roles to an existing account:')}}</p>
+	{% elif invite.roles %}
+	<p>{{_('With this link you can add the following roles to an existing account:')}}</p>
+	{% elif invite.allow_signup %}
+	<p>{{_('With this link you can register a new user account.')}}</p>
+	{% endif %}
+	{% if invite.roles %}
+	<ul>
+		{% for role in invite.roles %}
+		<li>{{ role.name }}{% if role.description %}: {{ role.description }}{% endif %}</li>
+		{% endfor %}
+	</ul>
+	{% endif %}
+	{% if request.user %}
+		{% if invite.roles %}
+			<form method="POST" action="{{ url_for("invite.grant", invite_id=invite.id, token=invite.token) }}" class="mb-2">
+				<button type="submit" class="btn btn-primary btn-block">{{_('Add the roles to your account now')}}</button>
+			</form>
+			<a href="{{ url_for("session.logout", ref=url_for("session.login", ref=request.full_path)) }}" class="btn btn-secondary btn-block">{{_('Logout and switch to a different account')}}</a>
+		{% endif %}
+		{% if invite.allow_signup %}
+			<a href="{{ url_for("session.logout", ref=url_for("invite.signup_start", invite_id=invite.id, token=invite.token)) }}" class="btn btn-secondary btn-block">{{_('Logout to register a new account')}}</a>
+		{% endif %}
+	{% else %}
+		{% if invite.allow_signup %}
+			<a href="{{ url_for("invite.signup_start", invite_id=invite.id, token=invite.token) }}" class="btn btn-primary btn-block">{{_('Register a new account')}}</a>
+		{% endif %}
+		{% if invite.roles %}
+			<a href="{{ url_for("session.login", ref=request.full_path) }}" class="btn btn-primary btn-block">{{_('Login and add the roles to your account')}}</a>
+		{% endif %}
+	{% endif %}
+{% endblock %}
--- a/uffd/mail/templates/mail/list.html
+++ b/uffd/mail/templates/mail/list.html
@@ -18,9 +18,9 @@
 			</thead>
 			<tbody>
 				{% for mail in mails|sort(attribute="uid") %}
-				<tr id="mail-{{ mail.uid }}">
+				<tr id="mail-{{ mail.id }}">
 					<th scope="row">
-						<a href="{{ url_for("mail.show", uid=mail.uid) }}">
+						<a href="{{ url_for("mail.show", mail_id=mail.id) }}">
 						{{ mail.uid }}
 						</a>
 					</th>

--- a/uffd/mail/templates/mail/show.html
+++ b/uffd/mail/templates/mail/show.html
 {% extends 'base.html' %}

 {% block body %}
-<form action="{{ url_for("mail.update", uid=mail.uid) }}" method="POST">
+<form action="{{ url_for("mail.update", mail_id=mail.id) }}" method="POST" autocomplete="off">
 <div class="align-self-center">
 	<div class="form-group col">
 		<label for="mail-name">{{_('Name')}}</label>
-		<input type="text" class="form-control" id="mail-name" name="mail-uid" {% if mail.uid %} value="{{ mail.uid }}" readonly {% else %} value=""{% endif %}>
+		<input type="text" class="form-control" id="mail-name" name="mail-uid" {% if mail.id %} value="{{ mail.uid }}" readonly {% else %} value=""{% endif %}>
 		<small class="form-text text-muted">
 		</small>
 	</div>
@@ -13,7 +13,7 @@
 		<label for="mail-receivers">{{_('Receiving addresses')}}</label>
 		<textarea rows="10" class="form-control" id="mail-receivers" name="mail-receivers">{{ mail.receivers|join('\n') }}</textarea>
 		<small class="form-text text-muted">
-			{{_('One address per line')}}
+			{{_('One address pattern (local+ext@domain, local@domain, local, @domain) per line. Only lower-case ASCII letters, digits and symbols.')}}
 		</small>
 	</div>
 	<div class="form-group col">
@@ -26,8 +26,8 @@
 	<div class="form-group col">
 		<button type="submit" class="btn btn-primary"><i class="fa fa-save" aria-hidden="true"></i> {{_('Save')}}</button>
 		<a href="{{ url_for("mail.index") }}" class="btn btn-secondary">{{_('Cancel')}}</a>
-		{% if mail.uid %}
-			<a href="{{ url_for("mail.delete", uid=mail.uid) }}" class="btn btn-danger"><i class="fa fa-trash" aria-hidden="true"></i> {{_('Delete')}}</a>
+		{% if mail.id %}
+			<a href="{{ url_for("mail.delete", mail_id=mail.id) }}" class="btn btn-danger"><i class="fa fa-trash" aria-hidden="true"></i> {{_('Delete')}}</a>
 		{% else %}
 			<a href="#" class="btn btn-danger disabled"><i class="fa fa-trash" aria-hidden="true"></i> {{_('Delete')}}</a>
 		{% endif %}

--- a/uffd/oauth2/templates/oauth2/error.html
+++ b/uffd/oauth2/templates/oauth2/error.html
@@ -3,14 +3,6 @@
 {% block body %}
 <h1>OAuth2.0 Authorization Error</h1>
 <p><b>Error: {{ error }}</b> {{ '(' + error_description + ')' if error_description else '' }}</p>
-{% if args %}
-<p>Parameters:</p>
-<ul>
-	{% for key, value in args.items() %}
-	<li>{{ key }}={{ value }}</li>
-	{% endfor %}
-</ul>
-{% endif %}

 <hr>


--- a/uffd/oauth2/templates/oauth2/logout.html
+++ b/uffd/oauth2/templates/oauth2/logout.html
-{% extends 'base.html' %}
+{% extends 'base_narrow.html' %}

 {% block body %}
-<div class="row mt-2 justify-content-center">
-	<div class="col-lg-6 col-md-10" style="background: #f7f7f7; box-shadow: 0px 2px 2px rgba(0, 0, 0, 0.3); padding: 30px;">
-		<div class="text-center">
-			<img alt="branding logo" src="{{ config.get("BRANDING_LOGO_URL") }}" class="col-lg-8 col-md-12" >
-		</div>
-		<div class="col-12">
-			<h2 class="text-center">{{_('Logout')}}</h2>
-		</div>
+<div class="col-12">
+	<h2 class="text-center">{{_('Logout')}}</h2>
+</div>

-		<div class="col-12">
-			<noscript>
-				<div class="alert alert-warning" role="alert">{{_('Javascript is required for automatic logout')}}</div>
-			</noscript>
-			<p>{{_('While you successfully logged out of the Single-Sign-On service, you may still be logged in on these services:')}}</p>
-			<ul>
-			{% for client in clients if client.logout_urls %}
-				<li class="client" data-urls='{{ client.logout_urls|tojson }}'>
-					{{ client.client_id }}
-					<span class="status-active spinner-border spinner-border-sm d-none" role="status" aria-hidden="true"></span>
-					<i class="status-success fas fa-check d-none"></i>
-					<i class="status-failed fas fa-exclamation d-none"></i>
-				</li>
-			{% endfor %}
-			</ul>
+<div class="col-12">
+	<noscript>
+		<div class="alert alert-warning" role="alert">{{_('Javascript is required for automatic logout')}}</div>
+	</noscript>
+	<p>{{_('While you successfully logged out of the Single-Sign-On service, you may still be logged in on these services:')}}</p>
+	<ul>
+	{% for client in clients if client.logout_uris %}
+		<li class="client" data-urls='{{ client.logout_uris_json }}'>
+			{{ client.service.name }}
+			<span class="status-active spinner-border spinner-border-sm d-none" role="status" aria-hidden="true"></span>
+			<i class="status-success fas fa-check d-none"></i>
+			<i class="status-failed fas fa-exclamation d-none"></i>
+		</li>
+	{% endfor %}
+	</ul>

-			<p>
-				{{_('Please wait until you have been automatically logged out of all services or make sure of this yourself.')}}
-			</p>
+	<p>
+		{{_('Please wait until you have been automatically logged out of all services or make sure of this yourself.')}}
+	</p>

-			<button id="retry-button" class="btn btn-block btn-primary d-none" disabled>
-				<span id="cont-text">{{_('Logging you out on all services ...')}}</span>
-			</button>
+	<button id="retry-button" class="btn btn-block btn-primary d-none" disabled>
+		<span id="cont-text">{{_('Logging you out on all services ...')}}</span>
+	</button>

-			<a href="{{ request.values.get('ref') or '/' }}" class="btn btn-block btn-secondary">
-				<span>{{_('Skip this and continue')}}</span>
-			</a>
+	<a href="{{ request.values.get('ref') or '/' }}" class="btn btn-block btn-secondary">
+		<span>{{_('Skip this and continue')}}</span>
+	</a>

-		</div>
-	</div>
 </div>

 <script>
@@ -60,7 +53,6 @@ function logout_services() {
 			});
 		});
 		p = p.then(function () {
-			console.log('done', elem);
 			elem.find('.status-active').addClass('d-none');
 			elem.find('.status-success').removeClass('d-none');
 			elem.removeClass('client');
@@ -68,13 +60,11 @@ function logout_services() {
 		.catch(function (err) {
 			elem.find('.status-active').addClass('d-none');
 			elem.find('.status-failed').removeClass('d-none');
-			console.log(err);
 			throw err;
 		});
 		all_promises.push(p);
 	});
 	Promise.allSettled(all_promises).then(function (results) {
-		console.log(results);
 		for (result of results) {
 			if (result.status == 'rejected')
 				throw result.reason;

--- a/uffd/role/templates/role/list.html
+++ b/uffd/role/templates/role/list.html
--- a/uffd/role/templates/role/show.html
+++ b/uffd/role/templates/role/show.html
@@ -7,9 +7,9 @@
 </div>
 {% endif %}

-<form action="{{ url_for("role.update", roleid=role.id) }}" method="POST">
+<form action="{{ url_for("role.update", roleid=role.id) }}" method="POST" autocomplete="off">
 <div class="align-self-center">
-	<div class="float-sm-right pb-2">
+	<div class="clearfix pb-2"><div class="float-sm-right">
 		<button type="submit" class="btn btn-primary"><i class="fa fa-save" aria-hidden="true"></i> {{_("Save")}}</button>
 		<a href="{{ url_for("role.index") }}" class="btn btn-secondary">{{_("Cancel")}}</a>
 		{% if role.id %}
@@ -23,7 +23,7 @@
 			<a href="#" class="btn btn-secondary disabled">{{_("Set as default")}}</a>
 			<a href="#" class="btn btn-danger disabled"><i class="fa fa-trash" aria-hidden="true"></i> {{_("Delete")}}</a>
 		{% endif %}
-	</div>
+	</div></div>
 	<ul class="nav nav-tabs pt-2 border-0" id="tablist" role="tablist">
 		<li class="nav-item">
 			<a class="nav-link active" id="settings-tab" data-toggle="tab" href="#settings" role="tab" aria-controls="settings" aria-selected="true">{{_("Settings")}}</a>
@@ -55,7 +55,7 @@
 				<select class="form-control" id="moderator-group" name="moderator-group" {{ 'disabled' if role.locked }}>
 					<option value="" class="text-muted">{{_("No Moderator Group")}}</option>
 					{% for group in groups %}
-					<option value="{{ group.dn }}" {{ 'selected' if group == role.moderator_group }}>{{ group.name }}</option>
+					<option value="{{ group.id }}" {{ 'selected' if group == role.moderator_group }}>{{ group.name }}</option>
 					{% endfor %}
 				</select>
 			</div>
@@ -63,7 +63,7 @@
 				<span>{{_("Moderators")}}:</span>
 				<ul class="row">
 					{% for moderator in role.moderator_group.members %}
-					<li class="col-12 col-xs-6 col-sm-4 col-md-3 col-lg-2"><a href="{{ url_for("user.show", uid=moderator.uid) }}">{{ moderator.loginname }}</a></li>
+					<li class="col-12 col-xs-6 col-sm-4 col-md-3 col-lg-2"><a href="{{ url_for("user.show", id=moderator.id) }}">{{ moderator.loginname }}</a></li>
 					{% endfor %}
 				</ul>
 			</div>
@@ -71,7 +71,7 @@
 				<span>{{_("Members")}}:</span>
 				<ul class="row">
 				{% for member in role.members|sort(attribute='loginname') %}
-					<li class="col-12 col-xs-6 col-sm-4 col-md-3 col-lg-2"><a href="{{ url_for("user.show", uid=member.uid) }}">{{ member.loginname }}</a></li>
+					<li class="col-12 col-xs-6 col-sm-4 col-md-3 col-lg-2"><a href="{{ url_for("user.show", id=member.id) }}">{{ member.loginname }}</a></li>
 				{% endfor %}
 				</ul>
 			</div>
@@ -90,7 +90,7 @@
 					</thead>
 					<tbody>
 						{% for r in roles|sort(attribute="name")|sort(attribute='name') %}
-						<tr id="include-role-{{ role.id }}">
+						<tr id="include-role-{{ r.id }}">
 							<td>
 								<div class="form-check">
 									<input class="form-check-input" type="checkbox" id="include-role-{{ r.id }}-checkbox" name="include-role-{{ r.id }}" value="1" aria-label="enabled"
@@ -108,7 +108,7 @@
 							</td>
 							<td>
 								{% for group in r.groups_effective|sort(attribute='name') %}
-									<a href="{{ url_for("group.show", gid=group.gid) }}">{{ group.name }}</a>{{ ', ' if not loop.last }}
+									<a href="{{ url_for("group.show", id=group.id) }}">{{ group.name }}</a>{{ ', ' if not loop.last }}
 								{% endfor %}
 							</td>
 						</tr>
@@ -131,14 +131,14 @@
 					</thead>
 					<tbody>
 						{% for group in groups|sort(attribute="name") %}
-						<tr id="group-{{ group.gid }}">
+						<tr id="group-{{ group.id }}">
 							<td>
 								<div class="form-check">
-									<input class="form-check-input" type="checkbox" id="group-{{ group.gid }}-checkbox" name="group-{{ group.gid }}" value="1" aria-label="enabled" {% if group in role.groups %}checked{% endif %} {{ 'disabled' if role.locked }}>
+									<input class="form-check-input" type="checkbox" id="group-{{ group.id }}-checkbox" name="group-{{ group.id }}" value="1" aria-label="enabled" {% if group in role.groups %}checked{% endif %} {{ 'disabled' if role.locked }}>
 								</div>
 							</td>
 							<td>
-								<a href="{{ url_for("group.show", gid=group.gid) }}">
+								<a href="{{ url_for("group.show", id=group.id) }}">
 									{{ group.name }}
 								</a>
 							</td>
@@ -147,7 +147,7 @@
 							</td>
 							<td>
 								<div class="form-check">
-									<input class="form-check-input" type="checkbox" id="group-mfa-{{ group.gid }}-checkbox" name="group-mfa-{{ group.gid }}" value="1" aria-label="enabled" {% if group in role.groups and role.groups[group].requires_mfa %}checked{% endif %} {{ 'disabled' if role.locked }}>
+									<input class="form-check-input" type="checkbox" id="group-mfa-{{ group.id }}-checkbox" name="group-mfa-{{ group.id }}" value="1" aria-label="enabled" {% if group in role.groups and role.groups[group].requires_mfa %}checked{% endif %} {{ 'disabled' if role.locked }}>
 								</div>
 							</td>
 						</tr>

--- a/uffd/rolemod/templates/rolemod/list.html
+++ b/uffd/rolemod/templates/rolemod/list.html
--- a/uffd/rolemod/templates/rolemod/show.html
+++ b/uffd/rolemod/templates/rolemod/show.html
@@ -4,9 +4,7 @@

 <form method="POST" action="{{ url_for("rolemod.update", role_id=role.id) }}">
 	<div class="float-sm-right pb-2">
-		{% if config['ENABLE_INVITE'] %}
 		<a href="{{ url_for("invite.new", **{"role-%d"%role.id: 1}) }}" class="btn btn-primary mr-2"><i class="fa fa-link" aria-hidden="true"></i> {{_('Invite Members')}}</a>
-		{% endif %}
 		<button type="submit" class="btn btn-primary"><i class="fa fa-save" aria-hidden="true"></i> {{_('Save')}}</button>
 		<a href="{{ url_for("rolemod.index") }}" class="btn btn-secondary">{{_('Cancel')}}</a>
 	</div>
@@ -52,7 +50,7 @@
 						<tr>
 							<td>{{ member.displayname }} ({{ member.loginname }})</td>
 							<td class="text-right">
-								<a class="btn btn-danger py-0" href="{{ url_for('rolemod.delete_member', role_id=role.id, member_dn=member.dn) }}">{{_('Remove')}}</a>
+								<a class="btn btn-danger py-0" href="{{ url_for('rolemod.delete_member', role_id=role.id, member_id=member.id) }}">{{_('Remove')}}</a>
 							</td>
 						</tr>
 						{% endfor %}

--- a/uffd/mfa/templates/mfa/disable.html
+++ b/uffd/mfa/templates/mfa/disable.html
@@ -7,7 +7,7 @@
 	You can later generate new recovery codes and setup your applications and devices again.")}}
 </p>

-<form class="form" action="{{ url_for('mfa.disable_confirm') }}" method="POST">
+<form class="form" action="{{ url_for('selfservice.disable_mfa_confirm') }}" method="POST">
 	<button type="submit" class="btn btn-danger btn-block">{{_("Disable two-factor authentication")}}</button>
 </form>


--- a/uffd/templates/selfservice/forgot_password.html
+++ b/uffd/templates/selfservice/forgot_password.html
+{% extends 'base_narrow.html' %}
+
+{% block body %}
+<form action="{{ url_for("selfservice.forgot_password") }}" method="POST">
+	<div class="col-12">
+		<h2 class="text-center">{{_("Forgot password")}}</h2>
+	</div>
+	<div class="form-group col-12">
+		<label for="user-loginname">{{_("Login Name")}}</label>
+		<input type="text" autocomplete="username" class="form-control" id="user-loginname" name="loginname" required="required" tabindex="1">
+	</div>
+	<div class="form-group col-12">
+		<label for="user-mail">{{_("Mail Address")}}</label>
+		<input type="email" autocomplete="email" class="form-control" id="user-mail" name="mail" required="required" tabindex="2">
+	</div>
+	<div class="form-group col-12">
+		<button type="submit" class="btn btn-primary btn-block" tabindex="3">{{_("Send password reset mail")}}</button>
+	</div>
+</form>
+{% endblock %}
--- a/uffd/selfservice/templates/selfservice/mailverification.mail.txt
+++ b/uffd/selfservice/templates/selfservice/mailverification.mail.txt
 Hi {{ user.displayname }},

 you have requested to change your mail address. To confirm the change, please visit the following url:
-{{ url_for('selfservice.token_mail', token=token, _external=True) }}
+{{ url_for('selfservice.verify_email', email_id=email.id, secret=secret, _external=True) }}

 **The link is valid for 48h**
--- a/uffd/selfservice/templates/selfservice/newuser.mail.txt
+++ b/uffd/selfservice/templates/selfservice/newuser.mail.txt
@@ -4,7 +4,7 @@ welcome to the {{ config.ORGANISATION_NAME }} infrastructure! An account was cre

 Please visit the following url to set your password:

-{{ url_for('selfservice.token_password', token=token, _external=True) }}
+{{ url_for('selfservice.token_password', token_id=token.id, token=token.token, _external=True) }}

 **The link is valid for 48h**
No results found