Add RemoteStorageAuthorization model

RemoteStorage OAuth dialog
Basic RemoteStorage settings
2023-03-28 01:21:28 +02:00 · 2023-03-28 01:21:28 +02:00 · 2023-03-27 22:52:01 +02:00
123 changed files with 696 additions and 1668 deletions
--- a/.env.example
+++ b/.env.example
@@ -1,5 +1,3 @@
-AKKOUNTS_DOMAIN=accounts.example.com
-
 SMTP_SERVER=smtp.example.com
 SMTP_PORT=587
 SMTP_LOGIN=accounts
@@ -9,8 +7,6 @@ SMTP_DOMAIN=example.com
 SMTP_AUTH_METHOD=plain
 SMTP_ENABLE_STARTTLS=auto

-REDIS_URL='redis://localhost:6379/1'
-
 LDAP_HOST=localhost
 LDAP_PORT=389
 LDAP_ADMIN_PASSWORD=passthebutter
@@ -19,8 +15,6 @@ LDAP_SUFFIX='dc=kosmos,dc=org'
 WEBHOOKS_ALLOWED_IPS='10.1.1.163'

 DISCOURSE_PUBLIC_URL='https://community.kosmos.org'
-DISCOURSE_CONNECT_SECRET='discourse_connect_ftw'
-
 GITEA_PUBLIC_URL='https://gitea.kosmos.org'
 MASTODON_PUBLIC_URL='https://kosmos.social'
 MEDIAWIKI_PUBLIC_URL='https://wiki.kosmos.org'
--- a/.env.test
+++ b/.env.test
@@ -1,6 +1,3 @@
-DISCOURSE_PUBLIC_URL='http://discourse.example.com'
-DISCOURSE_CONNECT_SECRET='discourse_connect_ftw'
-
 EJABBERD_API_URL='http://xmpp.example.com/api'

 BTCPAY_API_URL='http://btcpay.example.com/api/v1'
@@ -9,6 +6,4 @@ LNDHUB_API_URL='http://localhost:3026'
 LNDHUB_PUBLIC_URL='https://lndhub.kosmos.org'
 LNDHUB_PUBLIC_KEY='024cd3be18617f39cf645851e3ba63f51fc13f0bb09e3bb25e6fd4de556486d946'

-RS_STORAGE_URL='https://storage.kosmos.org'
-
 WEBHOOKS_ALLOWED_IPS='10.1.1.23'
--- a/.gitea/release-drafter.yml
+++ b/.gitea/release-drafter.yml
@@ -1,13 +0,0 @@
-name-template: 'v$RESOLVED_VERSION'
-tag-template: 'v$RESOLVED_VERSION'
-version-resolver:
-  major:
-    labels:
-      - 'release/major'
-  minor:
-    labels:
-      - 'release/minor'
-  patch:
-    labels:
-      - 'release/patch'
-  default: patch
--- a/.gitea/workflows/release_drafter.yml
+++ b/.gitea/workflows/release_drafter.yml
@@ -1,11 +0,0 @@
-name: Release Drafter
-on:
-  pull_request:
-    types: [closed]
-jobs:
-  release_drafter_job:
-    name: Update release notes draft
-    runs-on: ubuntu-latest
-    steps:
-      - name: Release Drafter
-        uses: https://github.com/raucao/gitea-release-drafter@dev
--- a/15
+++ b/15
@@ -1,13 +1,8 @@
 # syntax=docker/dockerfile:1
 FROM ruby:2.7.6
-
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
-
-RUN apt-get update -qq && apt-get install -y --no-install-recommends curl \
-      ldap-utils tini
+RUN apt-get update -qq && apt-get install -y curl ldap-utils
 RUN curl -fsSL https://deb.nodesource.com/setup_lts.x | bash -
 RUN apt-get update && apt-get install -y nodejs
-
 WORKDIR /akkounts
 COPY Gemfile /akkounts/Gemfile
 COPY Gemfile.lock /akkounts/Gemfile.lock
@@ -17,5 +12,11 @@ RUN gem install foreman
 RUN npm install -g yarn
 RUN yarn install

-ENTRYPOINT ["/usr/bin/tini", "--"]
+# Add a script to be executed every time the container starts.
+COPY docker/entrypoint.sh /usr/bin/
+RUN chmod +x /usr/bin/entrypoint.sh
+ENTRYPOINT ["entrypoint.sh"]
 EXPOSE 3000
+
+# Configure the main process to run when running the image
+CMD ["bin", "dev"]
--- a/11
+++ b/11
@@ -40,9 +40,6 @@ gem 'net-ldap'
 gem "rqrcode", "~> 2.0"
 gem 'rails-settings-cached', '~> 2.8.3'
 gem 'pagy', '~> 6.0', '>= 6.0.2'
-gem 'flipper'
-gem 'flipper-active_record'
-gem 'flipper-ui'

 # HTTP requests
 gem 'faraday'
@@ -51,13 +48,6 @@ gem 'faraday'
 gem 'sidekiq', '< 7'
 gem 'sidekiq-scheduler'

-# Service integrations
-gem 'discourse_api'
-
-# Monitoring
-gem "sentry-ruby"
-gem "sentry-rails"
-
 group :development, :test do
  # Use sqlite3 as the database for Active Record
  gem 'sqlite3', '~> 1.4'
@@ -72,7 +62,6 @@ group :development do
  gem 'letter_opener'
  gem 'letter_opener_web'
  gem 'faker'
-  gem 'solargraph'
 end

 group :test do
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -68,10 +68,7 @@ GEM
      tzinfo (~> 2.0)
    addressable (2.8.1)
      public_suffix (>= 2.0.2, < 6.0)
-    ast (2.4.2)
-    backport (1.2.0)
    bcrypt (3.1.18)
-    benchmark (0.2.1)
    bindex (0.8.1)
    builder (3.2.4)
    byebug (11.1.3)
@@ -108,16 +105,10 @@ GEM
      devise (>= 3.4.1)
      net-ldap (>= 0.16.0)
    diff-lcs (1.5.0)
-    discourse_api (2.0.0)
-      faraday (~> 2.7)
-      faraday-follow_redirects
-      faraday-multipart
-      rack (>= 1.6)
    dotenv (2.8.1)
    dotenv-rails (2.8.1)
      dotenv (= 2.8.1)
      railties (>= 3.2)
-    e2mmap (0.1.0)
    erubi (1.11.0)
    et-orbi (1.2.7)
      tzinfo
@@ -131,23 +122,8 @@ GEM
    faraday (2.7.1)
      faraday-net_http (>= 2.0, < 3.1)
      ruby2_keywords (>= 0.0.4)
-    faraday-follow_redirects (0.3.0)
-      faraday (>= 1, < 3)
-    faraday-multipart (1.0.4)
-      multipart-post (~> 2)
    faraday-net_http (3.0.2)
    ffi (1.15.5)
-    flipper (0.28.0)
-      concurrent-ruby (< 2)
-    flipper-active_record (0.28.0)
-      activerecord (>= 4.2, < 8)
-      flipper (~> 0.28.0)
-    flipper-ui (0.28.0)
-      erubi (>= 1.0.0, < 2.0.0)
-      flipper (~> 0.28.0)
-      rack (>= 1.4, < 3)
-      rack-protection (>= 1.5.3, <= 4.0.0)
-      sanitize (< 7)
    fugit (1.7.2)
      et-orbi (~> 1, >= 1.2.7)
      raabro (~> 1.4)
@@ -159,15 +135,9 @@ GEM
    importmap-rails (1.1.5)
      actionpack (>= 6.0.0)
      railties (>= 6.0.0)
-    jaro_winkler (1.5.4)
    jbuilder (2.11.5)
      actionview (>= 5.0.0)
      activesupport (>= 5.0.0)
-    json (2.6.3)
-    kramdown (2.4.0)
-      rexml
-    kramdown-parser-gfm (1.1.0)
-      kramdown (~> 2.0)
    launchy (2.5.0)
      addressable (~> 2.7)
    letter_opener (1.8.1)
@@ -192,7 +162,6 @@ GEM
    mini_mime (1.1.2)
    mini_portile2 (2.8.0)
    minitest (5.16.3)
-    multipart-post (2.3.0)
    net-imap (0.3.1)
      net-protocol
    net-ldap (0.17.1)
@@ -210,9 +179,6 @@ GEM
      racc (~> 1.4)
    orm_adapter (0.5.0)
    pagy (6.0.2)
-    parallel (1.22.1)
-    parser (3.2.1.1)
-      ast (~> 2.4.1)
    pg (1.2.3)
    public_suffix (5.0.0)
    puma (4.3.12)
@@ -220,8 +186,6 @@ GEM
    raabro (1.4.0)
    racc (1.6.0)
    rack (2.2.4)
-    rack-protection (3.0.6)
-      rack
    rack-test (2.0.2)
      rack (>= 1.3)
    rails (7.0.4)
@@ -253,7 +217,6 @@ GEM
      rake (>= 12.2)
      thor (~> 1.0)
      zeitwerk (~> 2.5)
-    rainbow (3.1.1)
    rake (13.0.6)
    rb-fsevent (0.11.2)
    rb-inotify (0.10.1)
@@ -266,8 +229,6 @@ GEM
    responders (3.1.0)
      actionpack (>= 5.2)
      railties (>= 5.2)
-    reverse_markdown (2.1.1)
-      nokogiri
    rexml (3.2.5)
    rqrcode (2.1.2)
      chunky_png (~> 1.0)
@@ -290,30 +251,9 @@ GEM
      rspec-mocks (~> 3.11)
      rspec-support (~> 3.11)
    rspec-support (3.12.0)
-    rubocop (1.48.1)
-      json (~> 2.3)
-      parallel (~> 1.10)
-      parser (>= 3.2.0.0)
-      rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.26.0, < 2.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.28.0)
-      parser (>= 3.2.1.0)
-    ruby-progressbar (1.13.0)
    ruby2_keywords (0.0.5)
    rufus-scheduler (3.8.2)
      fugit (~> 1.1, >= 1.1.6)
-    sanitize (6.0.1)
-      crass (~> 1.0.2)
-      nokogiri (>= 1.12.0)
-    sentry-rails (5.8.0)
-      railties (>= 5.0)
-      sentry-ruby (~> 5.8.0)
-    sentry-ruby (5.8.0)
-      concurrent-ruby (~> 1.0, >= 1.0.2)
    sidekiq (6.5.5)
      connection_pool (>= 2.2.2)
      rack (~> 2.0)
@@ -323,21 +263,6 @@ GEM
      rufus-scheduler (~> 3.2)
      sidekiq (>= 4, < 7)
      tilt (>= 1.4.0)
-    solargraph (0.48.0)
-      backport (~> 1.2)
-      benchmark
-      bundler (>= 1.17.2)
-      diff-lcs (~> 1.4)
-      e2mmap
-      jaro_winkler (~> 1.5)
-      kramdown (~> 2.3)
-      kramdown-parser-gfm (~> 1.1)
-      parser (~> 3.0)
-      reverse_markdown (>= 1.0.5, < 3)
-      rubocop (>= 0.52)
-      thor (~> 1.0)
-      tilt (~> 2.0)
-      yard (~> 0.9, >= 0.9.24)
    sprockets (4.1.1)
      concurrent-ruby (~> 1.0)
      rack (> 1, < 3)
@@ -359,7 +284,6 @@ GEM
      railties (>= 6.0.0)
    tzinfo (2.0.5)
      concurrent-ruby (~> 1.0)
-    unicode-display_width (2.4.2)
    view_component (2.78.0)
      activesupport (>= 5.0.0, < 8.0)
      concurrent-ruby (~> 1.0)
@@ -375,14 +299,11 @@ GEM
      addressable (>= 2.8.0)
      crack (>= 0.3.2)
      hashdiff (>= 0.4.0, < 2.0.0)
-    webrick (1.7.0)
    websocket-driver (0.7.5)
      websocket-extensions (>= 0.1.0)
    websocket-extensions (0.1.5)
    xpath (3.2.0)
      nokogiri (~> 1.8)
-    yard (0.9.28)
-      webrick (~> 1.7.0)
    zeitwerk (2.6.6)

 PLATFORMS
@@ -396,14 +317,10 @@ DEPENDENCIES
  database_cleaner
  devise (~> 4.9.0)
  devise_ldap_authenticatable
-  discourse_api
  dotenv-rails
  factory_bot_rails
  faker
  faraday
-  flipper
-  flipper-active_record
-  flipper-ui
  importmap-rails
  jbuilder (~> 2.7)
  letter_opener
@@ -418,11 +335,8 @@ DEPENDENCIES
  rails-settings-cached (~> 2.8.3)
  rqrcode (~> 2.0)
  rspec-rails
-  sentry-rails
-  sentry-ruby
  sidekiq (< 7)
  sidekiq-scheduler
-  solargraph
  sprockets-rails
  sqlite3 (~> 1.4)
  stimulus-rails
--- a/README.md
+++ b/README.md
@@ -14,7 +14,7 @@ so:

 1. Make sure [Docker Compose is installed][1] and Docker is running (included in
   Docker Desktop)
-2. Uncomment the `redis`, `web`, and `sidekiq` sections in `docker-compose.yml`
+2. Uncomment the `web` section in `docker-compose.yml`
 3. Run `docker compose up` and wait until 389ds announces its successful start
   in the log output
 4. `docker-compose exec ldap dsconf localhost backend create --suffix="dc=kosmos,dc=org" --be-name="dev"`
@@ -23,8 +23,9 @@ so:

 After these steps, you should have a working Rails app with a handful of test
 users running on [http://localhost:3000](http://localhost:3000).
+
 Log in with username "admin" and password "admin is admin". All users listed on
-[http://localhost:3000/admin/users](http://localhost:3000/admin/users)
+[http://localhost:3000/admin/ldap_users](http://localhost:3000/admin/ldap_users)
 have the password "user is user".

 ### Rails app
@@ -78,15 +79,6 @@ The setup task will first delete any existing entries in the directory tree
 Note that all 389ds data is stored in `tmp/389ds`. So if you want to start over
 with a fresh installation, delete both that directory as well as the container.

-### Solargraph
-
-[Solargraph](https://solargraph.org/) is a Ruby language server, which you may
-use with your editor to add features like auto-completion and syntax
-validation. You can add inline documentation for bundled gems with this
-command:
-
-    bundle exec yard gems
-
 ## Documentation

 ### Rails
@@ -114,10 +106,6 @@ command:
 * [Sidekiq](https://github.com/mperham/sidekiq/wiki/)
 * [ActiveJob](https://github.com/mperham/sidekiq/wiki/Active-Job)

-### Feature Flags
-
-* [Flipper](https://www.flippercloud.io/docs/get-started/self-hosted)
-
 ## License

 [GNU Affero General Public License v3.0](https://choosealicense.com/licenses/agpl-3.0/)
--- a/app/assets/stylesheets/components/buttons.css
+++ b/app/assets/stylesheets/components/buttons.css
@@ -32,4 +32,8 @@
    @apply bg-red-600 hover:bg-red-700 text-white
           focus:ring-red-500 focus:ring-opacity-75;
  }
+
+  input[type=text]:disabled {
+    @apply text-gray-700;
+  }
 }
--- a/app/assets/stylesheets/components/forms.css
+++ b/app/assets/stylesheets/components/forms.css
@@ -6,13 +6,12 @@
           focus:ring-blue-600 focus:ring-opacity-75;
  }

-  input[type=text]:disabled,
-  input[type=email]:disabled {
-    @apply text-gray-700;
+  .field_with_errors {
+    @apply inline-block;
  }

-  input.field_with_errors {
-    @apply border-b-red-600;
+  .field_with_errors input {
+    @apply w-full bg-red-100;
  }

  .error-msg {
--- a/app/assets/stylesheets/components/links.css
+++ b/app/assets/stylesheets/components/links.css
@@ -5,4 +5,10 @@
    &:visited { @apply text-indigo-600; }
    &:active  { @apply text-red-600; }
  }
+
+  .devise-links {
+    a {
+      @apply ks-text-link;
+    }
+  }
 }
--- a/app/components/form_elements/fieldset_component.html.erb
+++ b/app/components/form_elements/fieldset_component.html.erb
@@ -1,5 +1,4 @@
 <%= tag.public_send(@tag, class: "mb-6 last:mb-0") do %>
-  <% if @positioning == :vertical %>
  <label class="block">
    <p class="font-bold <%= @descripton.present? ? "mb-1" : "mb-2" %>">
      <%= @title %>
@@ -11,19 +10,4 @@
    <% end %>
    <%= content %>
  </label>
-  <% elsif @positioning == :horizontal %>
-  <label class="block flex items-center justify-between">
-    <div class="flex flex-col">
-      <label class="font-bold mb-1"><%= @title %></label>
-      <% if @descripton.present? %>
-      <p class="text-gray-500"><%= @descripton %></p>
-      <% end %>
-    </div>
-    <div class="relative ml-4 inline-flex flex-shrink-0">
-      <%= content %>
-    </div>
-  </label>
-  <% else %>
-  <p>Invalid <code>positioning<code> argument for <code>FieldsetComponent</code>.</p>
-  <% end %>
 <% end %>
--- a/app/components/form_elements/fieldset_component.rb
+++ b/app/components/form_elements/fieldset_component.rb
@@ -2,11 +2,10 @@

 module FormElements
  class FieldsetComponent < ViewComponent::Base
-    def initialize(tag: "li", positioning: :vertical, title:, description: nil)
-      @tag         = tag
-      @positioning = positioning
-      @title       = title
-      @descripton  = description
+    def initialize(tag: "li", title:, description: nil)
+      @tag = tag
+      @title = title
+      @descripton = description
    end
  end
 end
--- a/app/components/form_elements/fieldset_toggle_component.html.erb
+++ b/app/components/form_elements/fieldset_toggle_component.html.erb
@@ -1,5 +1,5 @@
 <%= tag.public_send @tag, class: "flex items-center justify-between mb-6 last:mb-0",
-      data: @form_enabled ? {
+      data: @form.present? ? {
        controller: "settings--toggle",
        :'settings--toggle-switch-enabled-value' => @enabled.to_s
      } : nil do %>
@@ -11,23 +11,16 @@
    <%= render FormElements::ToggleComponent.new(
          enabled: @enabled,
          input_enabled: @input_enabled,
-          class_names: @form_enabled ? "hidden" : nil,
+          class_names: @form.present? ? "hidden" : nil,
          data: {
            :'settings--toggle-target' => "button",
            action: "settings--toggle#toggleSwitch"
          }) %>
-    <% if @form_enabled %>
-      <% if @attribute.present? %>
-        <%= @form.check_box @attribute, {
-              checked: @enabled,
-              data: { :'settings--toggle-target' => "checkbox" }
-            }, "true", "false" %>
-      <% else %>
-        <input name="<%= @field_name %>" type="hidden" value="false" autocomplete="off">
-        <%= check_box_tag @field_name, "true", @enabled, {
-              data: { :'settings--toggle-target' => "checkbox" }
-            } %>
-      <% end %>
+    <% if @form.present? %>
+      <%= @form.check_box @attribute, {
+            checked: @enabled,
+            data: { :'settings--toggle-target' => "checkbox" }
+          }, "true", "false" %>
    <% end %>
  </div>
 <% end %>
--- a/app/components/form_elements/fieldset_toggle_component.rb
+++ b/app/components/form_elements/fieldset_toggle_component.rb
@@ -2,13 +2,11 @@

 module FormElements
  class FieldsetToggleComponent < ViewComponent::Base
-    def initialize(tag: "li", form: nil, attribute: nil, field_name: nil,
-                   enabled: false, input_enabled: true, title:, description:)
-      @tag = tag
+    def initialize(form: nil, attribute: nil, tag: "li", enabled: false,
+                   input_enabled: true, title:, description:)
      @form = form
      @attribute = attribute
-      @field_name = field_name
-      @form_enabled = @form.present? || @field_name.present?
+      @tag = tag
      @enabled = enabled
      @input_enabled = input_enabled
      @title = title
--- a/app/components/form_elements/toggle_component.html.erb
+++ b/app/components/form_elements/toggle_component.html.erb
@@ -1,6 +1,6 @@
 <%= button_tag type: "button", name: "toggle", data: @data,
      role: "switch", aria: { checked: @enabled.to_s },
-      tabindex: @tabindex, disabled: !@input_enabled,
+      disabled: !@input_enabled,
      class: "#{ @enabled ? 'bg-blue-600' : 'bg-gray-200' }
              #{ @class_names.present? ? @class_names : '' }
              relative inline-flex h-6 w-11 flex-shrink-0 cursor-pointer
--- a/app/components/form_elements/toggle_component.rb
+++ b/app/components/form_elements/toggle_component.rb
@@ -2,12 +2,11 @@

 module FormElements
  class ToggleComponent < ViewComponent::Base
-    def initialize(enabled:, input_enabled: true, data: nil, class_names: nil, tabindex: nil)
+    def initialize(enabled:, input_enabled: true, data: nil, class_names: nil)
      @enabled = !!enabled
      @input_enabled = input_enabled
      @data = data
      @class_names = class_names
-      @tabindex = tabindex
    end
  end
 end
--- a/app/components/header_tab_link_component.html.erb
+++ b/app/components/header_tab_link_component.html.erb
@@ -1,3 +0,0 @@
-<%= link_to @path, class: @link_class do %>
-  <%= @name %>
-<% end %>
--- a/app/components/header_tab_link_component.rb
+++ b/app/components/header_tab_link_component.rb
@@ -1,20 +0,0 @@
-# frozen_string_literal: true
-
-class HeaderTabLinkComponent < ViewComponent::Base
-  def initialize(name:, path:, active: false, disabled: false)
-    @name = name
-    @path = path
-    @active = active
-    @disabled = disabled
-    @link_class = class_names_link(path)
-  end
-
-  def class_names_link(path)
-    common = "block md:inline-block px-5 py-2 rounded-md font-medium text-base md:text-xl"
-    if @active
-      "#{common} bg-gray-900/50 text-white"
-    else
-      "#{common} text-gray-300 hover:bg-gray-900/30 hover:text-white active:bg-gray-900/30 active:text-white"
-    end
-  end
-end
--- a/app/components/header_with_tabs_component.html.erb
+++ b/app/components/header_with_tabs_component.html.erb
@@ -1,12 +0,0 @@
-<header class="py-10">
-  <div class="max-w-6xl md:flex md:gap-x-10 mx-auto px-4 sm:px-6 lg:px-8">
-    <% if @title.present? %>
-    <h1 class="text-3xl font-bold text-white">
-      <%= @title %>
-    </h1>
-    <% end %>
-    <nav class="md:grow flex gap-x-4 <%= @title.present? ? "justify-end" : "justify-start" %>" aria-label="Tabs">
-      <%= render partial: @tabnav_partial %>
-    </nav>
-  </div>
-</header>
--- a/app/components/header_with_tabs_component.rb
+++ b/app/components/header_with_tabs_component.rb
@@ -1,8 +0,0 @@
-# frozen_string_literal: true
-
-class HeaderWithTabsComponent < ViewComponent::Base
-  def initialize(title: nil, tabnav_partial:)
-    @title = title
-    @tabnav_partial = tabnav_partial
-  end
-end
--- a/app/controllers/account_controller.rb
+++ b/app/controllers/account_controller.rb
@@ -1,5 +1,5 @@
 class AccountController < ApplicationController
-  before_action :authenticate_user!
+  before_action :require_user_signed_in

  def index
    @current_section = :account
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -3,18 +3,6 @@ class ApplicationController < ActionController::Base
    render :text => exception, :status => 500
  end

-  before_action :sentry_set_user
-
-  def sentry_set_user
-    return unless Setting.sentry_enabled
-
-    if user_signed_in?
-      Sentry.set_user(id: current_user.id, username: current_user.cn)
-    else
-      Sentry.set_user({})
-    end
-  end
-
  def require_user_signed_in
    unless user_signed_in?
      redirect_to welcome_path and return
--- a/app/controllers/contributions/donations_controller.rb
+++ b/app/controllers/contributions/donations_controller.rb
@@ -1,5 +1,5 @@
 class Contributions::DonationsController < ApplicationController
-  before_action :authenticate_user!
+  before_action :require_user_signed_in

  # GET /donations
  # GET /donations.json
--- a/app/controllers/contributions/projects_controller.rb
+++ b/app/controllers/contributions/projects_controller.rb
@@ -1,5 +1,5 @@
 class Contributions::ProjectsController < ApplicationController
-  before_action :authenticate_user!
+  before_action :require_user_signed_in

  # GET /contributions
  def index
--- a/app/controllers/dashboard_controller.rb
+++ b/app/controllers/dashboard_controller.rb
@@ -2,6 +2,6 @@ class DashboardController < ApplicationController
  before_action :require_user_signed_in

  def index
-    @current_section = :services
+    @current_section = :dashboard
  end
 end
--- a/app/controllers/discourse/sso_controller.rb
+++ b/app/controllers/discourse/sso_controller.rb
@@ -1,17 +0,0 @@
-class Discourse::SsoController < ApplicationController
-  before_action :authenticate_user!
-
-  def connect
-    secret = Setting.discourse_connect_secret
-    sso = DiscourseApi::SingleSignOn.parse(request.query_string, secret)
-    sso.external_id = current_user.id
-    sso.email = current_user.email
-    sso.username = current_user.cn
-    sso.name = current_user.display_name
-    sso.admin = current_user.is_admin?
-    sso.sso_secret = secret
-
-    redirect_to sso.to_url("#{Setting.discourse_public_url}/session/sso_login"),
-                allow_other_host: true
-  end
-end
--- a/app/controllers/invitations_controller.rb
+++ b/app/controllers/invitations_controller.rb
@@ -1,5 +1,5 @@
 class InvitationsController < ApplicationController
-  before_action :authenticate_user!, except: ["show"]
+  before_action :require_user_signed_in, except: ["show"]
  before_action :require_user_signed_out, only: ["show"]

  # GET /invitations
--- a/app/controllers/rs/oauth_controller.rb
+++ b/app/controllers/rs/oauth_controller.rb
@@ -0,0 +1,130 @@
+class Rs::OauthController < ApplicationController
+  before_action :require_user_signed_in
+
+  def new
+    username, org  = params[:useraddress].split("@")
+    @user          = User.where(cn: username.downcase, ou: org).first
+    @scopes        = parse_scopes params[:scope]
+    @redirect_uri  = params[:redirect_uri]
+    @client_id     = params[:client_id]
+    @state         = params[:state]
+    @root_access_requested = (@scopes & [":r",":rw"]).any?
+
+    @denial_url = url_with_state("#{@redirect_uri}#error=access_denied", @state)
+
+    @expire_at_dates = [["Never", nil],
+                        ["In 1 month", 1.month.from_now],
+                        ["In 1 day", 1.day.from_now]]
+
+    http_status :bad_request and return unless @redirect_uri.present?
+
+    unless current_user == @user
+      sign_out :user
+
+      redirect_to new_rs_oauth_url(@user.address,
+                                   scope: params[:scope],
+                                   redirect_uri: params[:redirect_uri],
+                                   client_id: params[:client_id],
+                                   state: params[:state])
+      return
+    end
+
+    unless @client_id.present?
+      redirect_to url_with_state("#{@redirect_uri}#error=invalid_request", @state) and return
+    end
+
+    if @scopes.empty?
+      redirect_to url_with_state("#{@redirect_uri}#error=invalid_scope", @state) and return
+    end
+
+    unless hostname_of(@client_id) == hostname_of(@redirect_uri)
+      redirect_to url_with_state("#{@redirect_uri}#error=invalid_client", @state) and return
+    end
+
+    @client_id.gsub!(/http(s)?:\/\//, "")
+
+    # TODO
+    # if auth = current_user.remote_storage_authorizations.valid.where(permissions: @scopes, client_id: @client_id).first
+    #   redirect_to url_with_state("#{@redirect_uri}#access_token=#{auth.token}", @state), allow_other_host: true
+    # end
+  end
+
+  def create
+    unless current_user.id.to_s == params[:user_id]
+      Rails.logger.info("NO MATCH: #{params[:user_id]}, #{current_user.id}")
+      http_status :forbidden and return
+    end
+
+    permissions  = parse_scopes params[:scope]
+    redirect_uri = params[:redirect_uri].presence
+    client_id    = params[:client_id].presence
+    state        = params[:state].presence
+    expire_at    = params[:expire_at].presence
+
+    http_status :bad_request and return unless redirect_uri.present?
+
+    if permissions.empty?
+      redirect_to url_with_state("#{redirect_uri}#error=invalid_scope", state), allow_other_host: true and return
+    end
+
+    unless client_id.present?
+      redirect_to url_with_state("#{redirect_uri}#error=invalid_request", state), allow_other_host: true and return
+    end
+
+    unless hostname_of(client_id) == hostname_of(redirect_uri)
+      redirect_to url_with_state("#{redirect_uri}#error=invalid_client", state), allow_other_host: true and return
+    end
+
+    client_id.gsub!(/http(s)?:\/\//, "")
+
+    auth = current_user.remote_storage_authorizations.create!(
+      permissions: permissions,
+      client_id: client_id,
+      redirect_uri: redirect_uri,
+      app_name: client_id, #TODO use user-defined name
+      expire_at: expire_at
+    )
+
+    redirect_to url_with_state("#{redirect_uri}#access_token=#{auth.token}", state), allow_other_host: true
+  end
+
+  # GET /rs/oauth/token/:id/launch_app
+  def launch_app
+    auth = current_user.remote_storage_authorizations.find(params[:id])
+
+    redirect_to app_auth_url(auth)
+  end
+
+  private
+
+  def app_auth_url(auth)
+    url = "#{auth.url}#remotestorage=#{current_user.address}"
+    url += "&access_token=#{auth.token}"
+    url
+  end
+
+  def hostname_of(uri)
+    uri.gsub(/http(s)?:\/\//, "").split(":")[0].split("/")[0]
+  end
+
+  def parse_scopes(scope_string)
+    return [] if scope_string.blank?
+
+    scopes = scope_string.
+      gsub(/\[|\]/, "").
+      gsub(/\,/, " ").
+      gsub(/\/:/, ":").
+      split(/\s/).map(&:strip).
+      reject(&:empty?)
+
+    scopes = [":r"] if scopes.include?("*:r")
+    scopes = [":rw"] if scopes.include?("*:rw")
+
+    scopes
+  end
+
+  def url_with_state(url, state)
+    state ? "#{url}&state=#{CGI.escape(state)}" : url
+  end
+
+end
--- a/app/controllers/services/remotestorage_controller.rb
+++ b/app/controllers/services/remotestorage_controller.rb
@@ -1,30 +0,0 @@
-class Services::RemotestorageController < ApplicationController
-  before_action :require_user_signed_in
-  before_action :require_service_enabled
-  before_action :require_feature_enabled
-  before_action :set_current_section
-
-  def dashboard
-    # unless current_user.services_enabled.include?(:remotestorage)
-    #   redirect_to service_remotestorage_info_path
-    # end
-  end
-
-  private
-
-    def require_feature_enabled
-      unless Flipper.enabled?(:remotestorage, current_user)
-        http_status :forbidden
-      end
-    end
-
-    def require_service_enabled
-      unless Setting.remotestorage_enabled?
-        http_status :not_found
-      end
-    end
-
-    def set_current_section
-      @current_section = :services
-    end
-end
--- a/app/controllers/settings/account_controller.rb
+++ b/app/controllers/settings/account_controller.rb
@@ -0,0 +1,13 @@
+class Settings::AccountController < SettingsController
+
+  def index
+  end
+
+  def reset_password
+    current_user.send_reset_password_instructions
+    sign_out current_user
+    msg = "We have sent you an email with a link to reset your password."
+    redirect_to check_your_email_path, notice: msg
+  end
+
+end
--- a/app/controllers/settings/profile_controller.rb
+++ b/app/controllers/settings/profile_controller.rb
@@ -0,0 +1,11 @@
+class Settings::ProfileController < SettingsController
+
+  def index
+    @user = current_user
+  end
+
+  def update
+
+  end
+
+end
--- a/app/controllers/settings_controller.rb
+++ b/app/controllers/settings_controller.rb
@@ -1,85 +1,13 @@
 class SettingsController < ApplicationController
-  before_action :authenticate_user!
-  before_action :set_main_nav_section
-  before_action :set_settings_section, only: [:show, :update, :update_email]
-  before_action :set_user, only: [:show, :update, :update_email]
+  before_action :require_user_signed_in
+  before_action :set_current_section

  def index
-    redirect_to setting_path(:profile)
-  end
-
-  def show
-  end
-
-  def update
-    @user.preferences.merge!(user_params[:preferences] || {})
-    @user.display_name = user_params[:display_name]
-
-    if @user.save
-      if @user.display_name && (@user.display_name != @user.ldap_entry[:display_name])
-        LdapManager::UpdateDisplayName.call(@user.dn, user_params[:display_name])
-      end
-
-      redirect_to setting_path(@settings_section), flash: {
-        success: 'Settings saved.'
-      }
-    else
-      @validation_errors = @user.errors
-      render :show, status: :unprocessable_entity
-    end
-  end
-
-  def update_email
-    if @user.valid_ldap_authentication?(email_params[:current_password])
-      if @user.update email: email_params[:email]
-        redirect_to setting_path(:account), flash: {
-          notice: 'Please confirm your new address using the confirmation link we just sent you.'
-        }
-      else
-        @validation_errors = @user.errors
-        render :show, status: :unprocessable_entity
-      end
-    else
-      redirect_to setting_path(:account), flash: {
-        error: 'Password did not match your current password. Try again.'
-      }
-    end
-  end
-
-  def reset_password
-    current_user.send_reset_password_instructions
-    sign_out current_user
-    msg = "We have sent you an email with a link to reset your password."
-    redirect_to check_your_email_path, notice: msg
  end

  private

-    def set_main_nav_section
-      @current_section = :settings
-    end
-
-    def set_settings_section
-      @settings_section = params[:section]
-      allowed_sections = [:profile, :account, :lightning, :xmpp]
-
-      unless allowed_sections.include?(@settings_section.to_sym)
-        redirect_to setting_path(:profile)
-      end
-    end
-
-    def set_user
-      @user = current_user
-    end
-
-    def user_params
-      params.require(:user).permit(:display_name, preferences: [
-        :lightning_notify_sats_received,
-        :xmpp_exchange_contacts_with_invitees
-      ])
-    end
-
-    def email_params
-      params.require(:user).permit(:email, :current_password)
-    end
+  def set_current_section
+    @current_section = :settings
+  end
 end
--- a/app/controllers/services/lightning_controller.rb
+++ b/app/controllers/services/lightning_controller.rb
@@ -1,7 +1,7 @@
 require "rqrcode"

-class Services::LightningController < ApplicationController
-  before_action :authenticate_user!
+class WalletController < ApplicationController
+  before_action :require_user_signed_in
  before_action :authenticate_with_lndhub
  before_action :set_current_section
  before_action :fetch_balance
@@ -37,21 +37,21 @@ class Services::LightningController < ApplicationController
      session[:ln_auth_token] = auth_token
      @ln_auth_token = auth_token
    end
-  rescue => e
-    Sentry.capture_exception(e) if Setting.sentry_enabled?
+  rescue
+    # TODO add exception tracking
  end

  def set_current_section
-    @current_section = :services
+    @current_section = :wallet
  end

  def fetch_balance
    lndhub = Lndhub.new
    data = lndhub.balance @ln_auth_token
    @balance = data["BTC"]["AvailableBalance"] rescue nil
-  rescue AuthError
+  rescue
    authenticate_with_lndhub(force_reauth: true)
-    raise if @fetch_balance_retried
+    return nil if @fetch_balance_retried
    @fetch_balance_retried = true
    fetch_balance
  end
@@ -61,9 +61,9 @@ class Services::LightningController < ApplicationController
    txs = lndhub.gettxs @ln_auth_token
    invoices = lndhub.getuserinvoices(@ln_auth_token).select{|i| i["ispaid"]}
    process_transactions(txs + invoices)
-  rescue AuthError
+  rescue
    authenticate_with_lndhub(force_reauth: true)
-    raise if @fetch_transactions_retried
+    return [] if @fetch_transactions_retried
    @fetch_transactions_retried = true
    fetch_transactions
  end
@@ -78,7 +78,6 @@ class Services::LightningController < ApplicationController
        tx["received"] = true
      else
        tx["amount_sats"] = tx["value"] || tx["amt"]
-        tx["fee"] = tx["type"] == "paid_invoice" ? tx["fee"] : nil
        tx["datetime"] = Time.at(tx["timestamp"].to_i)
        tx["title"] = tx["type"] == "paid_invoice" ? "Sent" : "Received"
        tx["description"] = tx["memo"] || tx["description"]
@@ -86,10 +85,6 @@ class Services::LightningController < ApplicationController
      end
    end

-    # Handle an edge case where lndhub.go includes a failed payment in the
-    # list, which wasn't actually booked
-    txs.reject!{ |tx| tx["type"] == "paid_invoice" && tx["payment_preimage"].blank? }
-
    txs.sort{ |a,b| b["datetime"] <=> a["datetime"] }
  end
 end
--- a/app/controllers/webfinger_controller.rb
+++ b/app/controllers/webfinger_controller.rb
@@ -1,57 +0,0 @@
-class WebfingerController < ApplicationController
-  before_action :allow_cross_origin_requests, only: [:show]
-
-  layout false
-
-  def show
-    resource = params[:resource]
-
-    if resource && resource.match(/acct:\w+/)
-      useraddress = resource.split(":").last
-      username, org = useraddress.split("@")
-      username.downcase!
-      unless User.where(cn: username, ou: org).any?
-        head 404 and return
-      end
-
-      render json: webfinger(useraddress).to_json,
-             content_type: "application/jrd+json"
-    else
-      head 422 and return
-    end
-  end
-
-  private
-
-  def webfinger(useraddress)
-    links = [];
-
-    links << remotestorage_link(useraddress) if Setting.remotestorage_enabled
-
-    { "links" => links }
-  end
-
-  def remotestorage_link(useraddress)
-    # TODO use when OAuth routes are available
-    # auth_url = new_rs_oauth_url(useraddress)
-    auth_url = "https://example.com/rs/oauth"
-    storage_url = "#{Setting.rs_storage_url}/#{useraddress}"
-
-    {
-      "rel" => "http://tools.ietf.org/id/draft-dejong-remotestorage",
-      "href" => storage_url,
-      "properties" => {
-        "http://remotestorage.io/spec/version" => "draft-dejong-remotestorage-13",
-        "http://tools.ietf.org/html/rfc6749#section-4.2" => auth_url,
-        "http://tools.ietf.org/html/rfc6750#section-2.3" => nil, # access token via a HTTP query parameter
-        "http://tools.ietf.org/html/rfc7233": "GET", # content range requests
-        "http://remotestorage.io/spec/web-authoring": nil
-      }
-    }
-  end
-
-  def allow_cross_origin_requests
-    headers['Access-Control-Allow-Origin'] = '*'
-    headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, OPTIONS'
-  end
-end
--- a/app/controllers/webhooks_controller.rb
+++ b/app/controllers/webhooks_controller.rb
@@ -12,28 +12,22 @@ class WebhooksController < ApplicationController
    end

    user = User.find_by!(ln_account: payload[:user_login])
-    notify = user.preferences[:lightning_notify_sats_received]
-    case notify
-    when "xmpp"
-      notify_xmpp(user.address, payload[:amount], payload[:memo])
-    when "email"
-      NotificationMailer.with(user: user, amount_sats: payload[:amount])
-                        .lightning_sats_received.deliver_later
-    end
+
+    # TODO make configurable
+    notify_xmpp(user.address, payload[:amount], payload[:memo])

    head :ok
  end

  private

-  # TODO refactor into mailer-like generic class/service
  def notify_xmpp(address, amt_sats, memo)
    payload = {
      type: "normal",
      from: "kosmos.org", # TODO domain config
      to: address,
      subject: "Sats received!",
-      body: "#{helpers.number_with_delimiter amt_sats} sats received in your Lightning wallet:\n> #{memo}"
+      body: "#{amt_sats} sats received in your Lightning wallet:\n> #{memo}"
    }
    XmppSendMessageJob.perform_later(payload)
  end
--- a/app/errors/auth_error.rb
+++ b/app/errors/auth_error.rb
@@ -1 +0,0 @@
-class AuthError < StandardError; end
--- a/app/helpers/oauth_helper.rb
+++ b/app/helpers/oauth_helper.rb
@@ -0,0 +1,11 @@
+module OauthHelper
+
+  def scope_name(scope)
+    scope.gsub(/(\:.+)/, '')
+  end
+
+  def scope_permissions(scope)
+    scope.match(/\:r$/) ? "r" : "rw"
+  end
+
+end
--- a/app/javascript/controllers/notification_controller.js
+++ b/app/javascript/controllers/notification_controller.js
@@ -4,10 +4,6 @@ export default class extends Controller {
  static targets = ["buttons", "countdown"]

  connect() {
-    // Devise timeoutable ends up adding a second flash message without content
-    // TODO investigate bug
-    if (this.element.textContent.trim() == "true") return;
-
    const timeoutSeconds = parseInt(this.data.get("timeout"));

    setTimeout(() => {
--- a/app/javascript/controllers/settings/account/email_controller.js
+++ b/app/javascript/controllers/settings/account/email_controller.js
@@ -1,27 +0,0 @@
-import { Controller } from "@hotwired/stimulus"
-
-export default class extends Controller {
-  static targets = [ "emailField", "editEmailButton" ]
-  static values = { validationFailed: Boolean }
-
-  connect () {
-    if (this.validationFailedValue) return;
-
-    this.emailFieldTarget.disabled = true;
-    this.element.querySelectorAll(".initial-hidden").forEach(el => {
-      el.classList.add("hidden");
-    })
-    this.element.querySelectorAll(".initial-visible").forEach(el => {
-      el.classList.remove("hidden");
-    })
-  }
-
-  editEmail () {
-    this.emailFieldTarget.disabled = false;
-    this.emailFieldTarget.select();
-    this.editEmailButtonTarget.classList.add("hidden");
-    this.element.querySelectorAll(".initial-hidden").forEach(el => {
-      el.classList.remove("hidden");
-    })
-  }
-}
--- a/app/jobs/xmpp_exchange_contacts_job.rb
+++ b/app/jobs/xmpp_exchange_contacts_job.rb
@@ -1,22 +1,18 @@
 class XmppExchangeContactsJob < ApplicationJob
  queue_as :default

-  def perform(inviter, invitee)
-    return unless inviter.services_enabled.include?("xmpp") &&
-                  invitee.services_enabled.include?("xmpp") &&
-                  inviter.preferences[:xmpp_exchange_contacts_with_invitees]
-
+  def perform(inviter, username, domain)
    ejabberd = EjabberdApiClient.new

    ejabberd.add_rosteritem({
-      "localuser": invitee.cn, "localhost": invitee.ou,
+      "localuser": username, "localhost": domain,
      "user": inviter.cn, "host": inviter.ou,
      "nick": inviter.cn, "group": Setting.ejabberd_buddy_roster, "subs": "both"
    })
    ejabberd.add_rosteritem({
      "localuser": inviter.cn, "localhost": inviter.ou,
-      "user": invitee.cn, "host": invitee.ou,
-      "nick": invitee.cn, "group": Setting.ejabberd_buddy_roster, "subs": "both"
+      "user": username, "host": domain,
+      "nick": username, "group": Setting.ejabberd_buddy_roster, "subs": "both"
    })
  end
 end
--- a/app/jobs/xmpp_set_default_bookmarks_job.rb
+++ b/app/jobs/xmpp_set_default_bookmarks_job.rb
@@ -1,26 +0,0 @@
-class XmppSetDefaultBookmarksJob < ApplicationJob
-  queue_as :default
-
-  def perform(user)
-    return unless Setting.xmpp_default_rooms.any?
-    @user = user
-    ejabberd = EjabberdApiClient.new
-    ejabberd.private_set user, storage_content
-  end
-
-  def storage_content
-    bookmarks = ""
-    Setting.xmpp_default_rooms.each do |r|
-      bookmarks << conference_element(
-        jid: r[/<(.+)>/, 1], name: r[/^(.+)\s/, 1], nick: @user.cn,
-        autojoin: Setting.xmpp_autojoin_default_rooms
-      )
-    end
-
-    "<storage xmlns='storage:bookmarks'>#{bookmarks}</storage>"
-  end
-
-  def conference_element(jid:, name:, autojoin: false, nick:)
-    "<conference jid='#{jid}' name='#{name}' autojoin='#{autojoin.to_s}'><nick>#{nick}</nick></conference>"
-  end
-end
--- a/app/mailers/devise/mailer.rb
+++ b/app/mailers/devise/mailer.rb
@@ -1,34 +0,0 @@
-# frozen_string_literal: true
-
-if defined?(ActionMailer)
-  class Devise::Mailer < Devise.parent_mailer.constantize
-    include Devise::Mailers::Helpers
-
-    def confirmation_instructions(record, token, opts = {})
-      @token = token
-      if record.pending_reconfirmation?
-        devise_mail(record, :reconfirmation_instructions, opts)
-      else
-        devise_mail(record, :confirmation_instructions, opts)
-      end
-    end
-
-    def reset_password_instructions(record, token, opts = {})
-      @token = token
-      devise_mail(record, :reset_password_instructions, opts)
-    end
-
-    def unlock_instructions(record, token, opts = {})
-      @token = token
-      devise_mail(record, :unlock_instructions, opts)
-    end
-
-    def email_changed(record, opts = {})
-      devise_mail(record, :email_changed, opts)
-    end
-
-    def password_change(record, opts = {})
-      devise_mail(record, :password_change, opts)
-    end
-  end
-end
--- a/app/mailers/notification_mailer.rb
+++ b/app/mailers/notification_mailer.rb
@@ -1,8 +0,0 @@
-class NotificationMailer < ApplicationMailer
-  def lightning_sats_received
-    @user = params[:user]
-    @amount_sats = params[:amount_sats]
-    @subject = "Sats received"
-    mail to: @user.email, subject: @subject
-  end
-end
--- a/app/models/remote_storage_authorization.rb
+++ b/app/models/remote_storage_authorization.rb
@@ -0,0 +1,32 @@
+class RemoteStorageAuthorization < ApplicationRecord
+  belongs_to :user
+
+  serialize :permissions
+
+  validates_presence_of :permissions
+  validates_presence_of :client_id
+
+  scope :valid, -> { where(expire_at: nil).or(where(expire_at: (DateTime.now)..)) }
+  scope :expired, -> { where(expire_at: ..(DateTime.now)) }
+
+  after_initialize do |a|
+    a.permisisons = [] if a.permissions == nil
+  end
+
+  before_create  :generate_token
+
+  def url
+    if self.redirect_uri
+      uri = URI.parse self.redirect_uri
+      "#{uri.scheme}://#{client_id}"
+    else
+      "http://#{client_id}"
+    end
+  end
+
+  private
+
+  def generate_token(length=16)
+    self.token = SecureRandom.hex(length) if self.token.blank?
+  end
+end
--- a/app/models/setting.rb
+++ b/app/models/setting.rb
@@ -2,16 +2,6 @@
 class Setting < RailsSettings::Base
  cache_prefix { "v1" }

-  field :accounts_domain, type: :string,
-    default: ENV["AKKOUNTS_DOMAIN"].presence
-
-  #
-  # Internal services
-  #
-
-  field :redis_url, type: :string, readonly: true,
-    default: ENV["REDIS_URL"] || "redis://localhost:6379/0"
-
  #
  # Registrations
  #
@@ -20,20 +10,6 @@ class Setting < RailsSettings::Base
    account accounts donations mail webmaster support
  ]

-  #
-  # XMPP
-  #
-
-  field :xmpp_default_rooms, type: :array, default: []
-  field :xmpp_autojoin_default_rooms, type: :boolean, default: false
-
-  #
-  # Sentry
-  #
-
-  field :sentry_enabled, type: :boolean, readonly: true,
-    default: (ENV["SENTRY_DSN"].present?.to_s || false)
-
  #
  # Discourse
  #
@@ -44,9 +20,6 @@ class Setting < RailsSettings::Base
  field :discourse_enabled, type: :boolean,
    default: (ENV["DISCOURSE_PUBLIC_URL"].present?.to_s || false)

-  field :discourse_connect_secret, type: :string, readonly: true,
-    default: ENV["DISCOURSE_CONNECT_SECRET"].presence
-
  #
  # ejabberd
  #
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -1,10 +1,6 @@
 class User < ApplicationRecord
  include EmailValidatable

-  attr_accessor :display_name
-
-  serialize :preferences, UserPreferences
-
  # Relations
  has_many :invitations, dependent: :destroy
  has_one  :invitation, inverse_of: :invitee, foreign_key: 'invited_user_id'
@@ -18,24 +14,22 @@ class User < ApplicationRecord

  has_many :accounts, through: :lndhub_user

+  has_many :remote_storage_authorizations
+
  validates_uniqueness_of :cn
-  validates_length_of :cn, minimum: 3
+  validates_length_of :cn, :minimum => 3
  validates_format_of :cn, with: /\A([a-z0-9\-])*\z/,
                           if: Proc.new{ |u| u.cn.present? },
                           message: "is invalid. Please use only letters, numbers and -"
  validates_format_of :cn, without: /\A-/,
                           if: Proc.new{ |u| u.cn.present? },
                           message: "is invalid. Usernames need to start with a letter."
-  # FIXME This needs a server restart to apply values
  validates_format_of :cn, without: /\A(#{Setting.reserved_usernames.join('|')})\z/i,
                           message: "has already been taken"

  validates_uniqueness_of :email
  validates :email, email: true

-  validates_length_of :display_name, minimum: 3, maximum: 35, allow_blank: true,
-                                     if: -> { defined?(@display_name) }
-
  scope :confirmed, -> { where.not(confirmed_at: nil) }
  scope :pending,   -> { where(confirmed_at: nil) }

@@ -46,9 +40,7 @@ class User < ApplicationRecord
  devise :ldap_authenticatable,
         :confirmable,
         :recoverable,
-         :validatable,
-         :timeoutable,
-         :rememberable
+         :validatable

  def ldap_before_save
    self.email = Devise::LDAP::Adapter.get_ldap_param(self.cn, "mail").first
@@ -63,25 +55,16 @@ class User < ApplicationRecord
  end

  def devise_after_confirmation
-    if ldap_entry[:mail] != self.email
-      # E-Mail update confirmed
-      LdapManager::UpdateEmail.call(self.dn, self.email)
-    else
-      # E-Mail from signup confirmed (i.e. account activation)
-      enable_service %w[ discourse gitea mediawiki xmpp ]
+    enable_service %w[ discourse ejabberd gitea mediawiki ]

-      #TODO enable in development when we have easy setup of ejabberd etc.
-      return if Rails.env.development? || !Setting.ejabberd_enabled?
+    #TODO enable in development when we have easy setup of ejabberd etc.
+    return if Rails.env.development?

-      XmppExchangeContactsJob.perform_later(inviter, self) if inviter.present?
-      XmppSetDefaultBookmarksJob.perform_later(self)
+    if inviter.present?
+      exchange_xmpp_contact_with_inviter if Setting.ejabberd_enabled?
    end
  end

-  def send_devise_notification(notification, *args)
-    devise_mailer.send(notification, self, *args).deliver_later
-  end
-
  def reset_password(new_password, new_password_confirmation)
    self.password = new_password
    self.password_confirmation = new_password_confirmation
@@ -120,13 +103,8 @@ class User < ApplicationRecord
    @dn = Devise::LDAP::Adapter.get_dn(self.cn)
  end

-  def ldap_entry(reload: false)
-    return @ldap_entry if defined?(@ldap_entry) && !reload
-    @ldap_entry = ldap.fetch_users(uid: self.cn, ou: self.ou).first
-  end
-
-  def display_name
-    @display_name ||= ldap_entry[:display_name]
+  def ldap_entry
+    ldap.fetch_users(uid: self.cn, ou: self.ou).first
  end

  def services_enabled
@@ -151,6 +129,12 @@ class User < ApplicationRecord
    ldap.delete_attribute(dn,:service)
  end

+  def exchange_xmpp_contact_with_inviter
+    return unless inviter.services_enabled.include?("ejabberd") &&
+                  services_enabled.include?("ejabberd")
+    XmppExchangeContactsJob.perform_later(inviter, self.cn, self.ou)
+  end
+
  private

    def ldap
--- a/app/models/user_preferences.rb
+++ b/app/models/user_preferences.rb
@@ -1,29 +0,0 @@
-DEFAULT_PREFS = YAML.load_file("#{Rails.root}/config/default_preferences.yml")
-
-class UserPreferences
-  def self.dump(value)
-    process(value).to_yaml
-  end
-
-  def self.load(string)
-    stored_prefs = YAML.load(string || "{}")
-    DEFAULT_PREFS.merge(stored_prefs).with_indifferent_access
-  end
-
-  def self.is_integer?(value)
-    value.to_i.to_s == value
-  end
-
-  def self.process(hash)
-    hash.each do |key, value|
-      if value == "true"
-        hash[key] = true
-      elsif value == "false"
-        hash[key] = false
-      elsif value.is_a?(String) && is_integer?(value)
-        hash[key] = value.to_i
-      end
-    end
-    hash.stringify_keys!.to_h
-  end
-end
--- a/app/services/ejabberd_api_client.rb
+++ b/app/services/ejabberd_api_client.rb
@@ -1,6 +1,6 @@
 class EjabberdApiClient
  def initialize
-    @base_url = Setting.ejabberd_api_url
+    @base_url = ENV["EJABBERD_API_URL"]
  end

  def post(endpoint, payload)
@@ -10,7 +10,7 @@ class EjabberdApiClient
    if res.status != 200
      Rails.logger.error "[ejabberd] API request failed:"
      Rails.logger.error res.body
-      #TODO Send custom event to Sentry
+      #TODO add some kind of exception tracking/notifications
    end
  end

@@ -21,9 +21,4 @@ class EjabberdApiClient
  def send_message(payload)
    post "send_message", payload
  end
-
-  def private_set(user, content)
-    payload = { user: user.cn, host: user.ou, element: content }
-    post "private_set", payload
-  end
 end
--- a/app/services/ldap_manager/update_display_name.rb
+++ b/app/services/ldap_manager/update_display_name.rb
@@ -1,12 +0,0 @@
-module LdapManager
-  class UpdateDisplayName < LdapManagerService
-    def initialize(dn, display_name)
-      @dn = dn
-      @display_name = display_name
-    end
-
-    def call
-      replace_attribute @dn, :displayName, @display_name
-    end
-  end
-end
--- a/app/services/ldap_manager/update_email.rb
+++ b/app/services/ldap_manager/update_email.rb
@@ -1,12 +0,0 @@
-module LdapManager
-  class UpdateEmail < LdapManagerService
-    def initialize(dn, address)
-      @dn = dn
-      @address = address
-    end
-
-    def call
-      replace_attribute @dn, :mail, @address
-    end
-  end
-end
--- a/app/services/ldap_manager_service.rb
+++ b/app/services/ldap_manager_service.rb
@@ -1,2 +0,0 @@
-class LdapManagerService < LdapService
-end
--- a/app/services/ldap_service.rb
+++ b/app/services/ldap_service.rb
@@ -50,7 +50,7 @@ class LdapService < ApplicationService
      treebase = ldap_config["base"]
    end

-    attributes = %w{dn cn uid mail displayName admin service}
+    attributes = %w{dn cn uid mail admin service}
    filter     = Net::LDAP::Filter.eq("uid", args[:uid] || "*")

    entries = ldap_client.search(base: treebase, filter: filter, attributes: attributes)
@@ -59,7 +59,6 @@ class LdapService < ApplicationService
      {
        uid: e.uid.first,
        mail: e.try(:mail) ? e.mail.first : nil,
-        display_name: e.try(:displayName) ? e.displayName.first : nil,
        admin: e.try(:admin) ? 'admin' : nil,
        service: e.try(:service)
      }
--- a/app/services/lndhub.rb
+++ b/app/services/lndhub.rb
@@ -12,7 +12,12 @@ class Lndhub
    end

    res = Faraday.post "#{@base_url}/#{endpoint}", payload.to_json, headers
-    log_error(res) if res.status != 200
+
+    if res.status != 200
+      Rails.logger.error "[lndhub] API request failed:"
+      Rails.logger.error res.body
+      #TODO add some kind of exception tracking/notifications
+    end

    JSON.parse(res.body)
  end
@@ -26,7 +31,7 @@ class Lndhub
    data = JSON.parse(res.body)

    if data.is_a?(Hash) && data["error"] && data["message"] == "bad auth"
-      raise AuthError
+      raise "BAD_AUTH"
    else
      data
    end
@@ -63,13 +68,4 @@ class Lndhub

    invoice["payment_request"]
  end
-
-  def log_error(res)
-    Rails.logger.error "[lndhub] API request failed:"
-    Rails.logger.error res.body
-
-    if Setting.sentry_enabled?
-      Sentry.capture_message("Lndhub API request failed: #{res.body}")
-    end
-  end
 end
--- a/app/services/lndhub_v2.rb
+++ b/app/services/lndhub_v2.rb
@@ -1,4 +1,9 @@
-class LndhubV2 < Lndhub
+class LndhubV2
+  attr_accessor :auth_token
+
+  def initialize
+    @base_url = ENV["LNDHUB_API_URL"]
+  end

  def post(endpoint, payload, options={})
    headers = { "Content-Type" => "application/json" }
@@ -7,12 +12,64 @@ class LndhubV2 < Lndhub
    elsif options[:admin_token]
      headers.merge!({ "Authorization" => "Bearer #{options[:admin_token]}" })
    end
+
    res = Faraday.post "#{@base_url}/#{endpoint}", payload.to_json, headers
-    log_error(res) if res.status != 200
+
+    if res.status != 200
+      Rails.logger.error "[lndhub] API request failed:"
+      Rails.logger.error res.body
+      #TODO add some kind of exception tracking/notifications
+    end

    JSON.parse(res.body)
  end

+  def get(endpoint, auth_token)
+    res = Faraday.get("#{@base_url}/#{endpoint}", {}, {
+      "Content-Type" => "application/json",
+      "Accept" => "application/json",
+      "Authorization" => "Bearer #{auth_token}"
+    })
+
+    JSON.parse(res.body)
+  end
+
+  def create(payload)
+    post "create", payload
+  end
+
+  def authenticate(user)
+    credentials = post "auth?type=auth", { login: user.ln_account, password: user.ln_password }
+    self.auth_token = credentials["access_token"]
+    self.auth_token
+  end
+
+  def balance(user_token=nil)
+    get "balance", user_token || auth_token
+  end
+
+  def gettxs(user_token)
+    get "gettxs", user_token || auth_token
+  end
+
+  def getuserinvoices(user_token)
+    get "getuserinvoices", user_token || auth_token
+  end
+
+  def addinvoice(payload)
+    invoice = post "addinvoice", {
+      amt: payload[:amount],
+      memo: payload[:memo],
+      description_hash: payload[:description_hash]
+    }
+
+    invoice["payment_request"]
+  end
+
+  #
+  # V2
+  #
+
  def create_account(payload={})
    post "v2/users", payload, admin_token: Rails.application.credentials.lndhub[:admin_token]
  end
@@ -21,5 +78,4 @@ class LndhubV2 < Lndhub
    # Payload: { amount: 1000, description: "", description_hash: "" }
    post "v2/invoices", payload
  end
-
 end
--- a/app/views/admin/settings/services/_discourse.html.erb
+++ b/app/views/admin/settings/services/_discourse.html.erb
@@ -7,46 +7,11 @@
    title: "Enable Discourse integration",
    description: "Discourse configuration present and features enabled"
  ) %>
-<% if Setting.discourse_enabled? %>
-  <%= render FormElements::FieldsetComponent.new(title: "Public URL") do %>
-    <%= f.text_field :discourse_public_url,
-      value: Setting.discourse_public_url,
-      class: "w-full", disabled: true %>
+  <% if Setting.discourse_enabled? %>
+    <%= render FormElements::FieldsetComponent.new(title: "Public URL") do %>
+      <%= f.text_field :discourse_public_url,
+        value: Setting.discourse_public_url,
+        class: "w-full", disabled: true %>
+    <% end %>
  <% end %>
-  <%= render FormElements::FieldsetComponent.new(title: "Connect secret") do %>
-    <%= f.password_field :discourse_connect_secret,
-      value: Setting.discourse_connect_secret,
-      class: "w-full", disabled: true %>
-  <% end %>
-<% end %>
 </ul>
-<% if Setting.discourse_enabled? %>
-  <% content_for :documentation do %>
-    <h3 class="mt-8">How to configure Discourse</h3>
-    <ol class="list-decimal list-inside">
-    <li class="mb-6">
-      Set the <strong>Discourse Connect URL</strong> to the following URL:
-    </li>
-    <li data-controller="clipboard" class="mb-6 flex gap-1">
-      <input type="text" class="grow" disabled="disabled"
-             value="https://<%= Setting.accounts_domain %>/discourse/connect"
-             data-clipboard-target="source" />
-      <button class="btn-md btn-icon btn-blue shrink-0"
-              data-clipboard-target="trigger" data-action="clipboard#copy"
-              title="Copy to clipboard">
-        <span class="content-initial">
-          <%= render partial: "icons/copy", locals: { custom_class: "text-white h-4 w-4 inline" } %>
-        </span>
-        <span class="content-active hidden">
-          <%= render partial: "icons/check", locals: { custom_class: "text-white h-4 w-4 inline" } %>
-        </span>
-      </button>
-    </li>
-    <li class="mb-6">
-      Set the <strong>Discourse Connect Secret</strong> to the value above.
-    </li>
-    <li>
-      Enable Discourse Connect.
-    </li>
-  <% end %>
-<% end %>
--- a/app/views/admin/settings/services/_ejabberd.html.erb
+++ b/app/views/admin/settings/services/_ejabberd.html.erb
@@ -7,43 +7,24 @@
    title: "Enable ejabberd integration",
    description: "ejabberd configuration present and features enabled"
  ) %>
-<% if Setting.ejabberd_enabled? %>
-  <%= render FormElements::FieldsetComponent.new(title: "API URL") do %>
-    <%= f.text_field :ejabberd_api_url,
-      value: Setting.ejabberd_api_url,
-      class: "w-full", disabled: true %>
-  <% end %>
-  <%= render FormElements::FieldsetComponent.new(title: "Admin URL") do %>
-    <%= f.text_field :ejabberd_admin_url,
-      value: Setting.ejabberd_admin_url,
-      class: "w-full", disabled: true %>
+  <% if Setting.ejabberd_enabled? %>
+    <%= render FormElements::FieldsetComponent.new(title: "API URL") do %>
+      <%= f.text_field :ejabberd_api_url,
+        value: Setting.ejabberd_api_url,
+        class: "w-full", disabled: true %>
+    <% end %>
+    <%= render FormElements::FieldsetComponent.new(title: "Admin URL") do %>
+      <%= f.text_field :ejabberd_admin_url,
+        value: Setting.ejabberd_admin_url,
+        class: "w-full", disabled: true %>
+    <% end %>
+    <%= render FormElements::FieldsetComponent.new(
+          title: "Contact roster name",
+          description: "Used when exchanging contacts after signup from invitation"
+        ) do %>
+      <%= f.text_field :ejabberd_buddy_roster,
+        value: Setting.ejabberd_buddy_roster,
+        class: "w-full" %>
+    <% end %>
  <% end %>
 </ul>
-<h3 class="mt-10">User default settings</h3>
-<ul role="list">
-  <%= render FormElements::FieldsetComponent.new(
-        title: "Default rooms",
-        description: "Add these default rooms to new users' bookmarks"
-      ) do %>
-    <%= f.text_area :xmpp_default_rooms,
-          value: Setting.xmpp_default_rooms.join("\n"),
-          placeholder: "Welcome <welcome@kosmos.chat>\nKosmos <kosmos@kosmos.chat>",
-          class: "h-24 w-full" %>
-  <% end %>
-  <%= render FormElements::FieldsetToggleComponent.new(
-    form: f,
-    attribute: :xmpp_autojoin_default_rooms,
-    enabled: Setting.xmpp_autojoin_default_rooms?,
-    title: "Auto-join default rooms",
-    description: "Automatically join above default rooms in chat clients"
-  ) %>
-  <%= render FormElements::FieldsetComponent.new(
-        title: "Contact roster name",
-        description: "Used when exchanging contacts after signup from invitation"
-      ) do %>
-    <%= f.text_field :ejabberd_buddy_roster,
-      value: Setting.ejabberd_buddy_roster,
-      class: "w-full" %>
-  <% end %>
-<% end %>
-</ul>
--- a/app/views/admin/settings/services/index.html.erb
+++ b/app/views/admin/settings/services/index.html.erb
@@ -20,10 +20,4 @@
      </p>
    </section>
  <% end %>
-
-  <% if content_for?(:documentation) %>
-  <section>
-    <%= yield :documentation %>
-  </section>
-  <% end %>
 <% end %>
--- a/app/views/admin/users/show.html.erb
+++ b/app/views/admin/users/show.html.erb
@@ -6,10 +6,6 @@
      <h3>Account</h3>
      <table class="divided">
        <tbody>
-          <tr>
-            <th>ID</th>
-            <td><%= @user.id %></td>
-          </tr>
          <tr>
            <th>Created at</th>
            <td><%= @user.created_at.strftime("%Y-%m-%d (%H:%M UTC)") %></td>
@@ -139,7 +135,7 @@
          <td>XMPP (ejabberd)</td>
          <td>
            <%= render FormElements::ToggleComponent.new(
-              enabled: @services_enabled.include?("xmpp"),
+              enabled: @services_enabled.include?("ejabberd"),
              input_enabled: false
            ) %>
          </td>
--- a/app/views/contributions/donations/index.html.erb
+++ b/app/views/contributions/donations/index.html.erb
@@ -1,10 +1,6 @@
-<%# <%= render HeaderComponent.new(title: "Contributions") %>
-<%= render HeaderWithTabsComponent.new(
-  # title: "Contributions",
-  tabnav_partial: "shared/tabnav_contributions"
-) %>
+<%= render HeaderComponent.new(title: "Contributions") %>

-<%= render MainSimpleComponent.new do %>
+<%= render MainWithTabnavComponent.new(tabnav_partial: "shared/tabnav_contributions") do %>
  <section>
    <% if @donations.any? %>
      <p class="mb-12">
--- a/app/views/contributions/projects/index.html.erb
+++ b/app/views/contributions/projects/index.html.erb
@@ -1,9 +1,6 @@
-<%= render HeaderWithTabsComponent.new(
-  # title: "Contributions",
-  tabnav_partial: "shared/tabnav_contributions"
-) %>
+<%= render HeaderComponent.new(title: "Contributions") %>

-<%= render MainSimpleComponent.new do %>
+<%= render MainWithTabnavComponent.new(tabnav_partial: "shared/tabnav_contributions") do %>
  <section>
    <p class="mb-8">
      Project contributions are how we develop and run all Kosmos software and
--- a/app/views/dashboard/index.html.erb
+++ b/app/views/dashboard/index.html.erb
@@ -21,7 +21,7 @@
      <div class="border border-gray-300 rounded-md hover:border-gray-400
                  bg-[length:95%] bg-center bg-no-repeat
                  bg-[url(/img/logos/icon_discourse.svg)]">
-        <%= link_to "#{Setting.discourse_public_url}/session/sso?return_path=/",
+        <%= link_to "https://community.kosmos.org",
              class: "block h-full px-6 py-6 rounded-md" do %>
          <h3 class="mb-3.5">Discourse</h3>
          <p class="text-gray-600">
@@ -43,9 +43,9 @@
      <div class="border border-gray-300 rounded-md hover:border-gray-400
                  bg-cover bg-center sm:bg-[center_top_-140px] bg-no-repeat
                  bg-[url(/img/logos/icon_lightning.svg)]">
-        <%= link_to services_lightning_index_path,
+        <%= link_to wallet_path,
              class: "block h-full px-6 py-6 rounded-md" do %>
-          <h3 class="mb-3.5">Lightning Network</h3>
+          <h3 class="mb-3.5">Wallet</h3>
          <p class="text-gray-600">
            Send and receive sats over the Bitcoin Lightning Network
          </p>
@@ -73,17 +73,6 @@
          </p>
        <% end %>
      </div>
-      <% if Setting.remotestorage_enabled? && Flipper.enabled?(:remotestorage, current_user) %>
-        <div class="border border-gray-300 rounded-md hover:border-gray-400">
-          <%= link_to services_storage_path,
-                class: "block h-full px-6 py-6 rounded-md" do %>
-            <h3 class="mb-3.5">Storage</h3>
-            <p class="text-gray-600">
-              Sync your data between apps and devices
-            </p>
-          <% end %>
-        </div>
-      <% end %>
      <!-- <div class="border border&#45;gray&#45;300 rounded&#45;md hover:border&#45;gray&#45;400 -->
      <!--             bg&#45;[length:80%] bg&#45;[right_top_&#45;30px] bg&#45;no&#45;repeat -->
      <!--             bg&#45;[url(/img/logos/icon_mastodon.svg)]"> -->
--- a/app/views/devise/mailer/confirmation_instructions.html.erb
+++ b/app/views/devise/mailer/confirmation_instructions.html.erb
@@ -1,5 +1,5 @@
-<p>Welcome <%= @resource.cn %>!</p>
+<p>Welcome <%= @email %>!</p>

-<p>Please confirm your email address through the link below:</p>
+<p>You can confirm your account email through the link below:</p>

 <p><%= link_to 'Confirm my account', confirmation_url(@resource, confirmation_token: @token) %></p>
--- a/app/views/devise/mailer/email_changed.html.erb
+++ b/app/views/devise/mailer/email_changed.html.erb
@@ -1,4 +1,4 @@
-<p>Hello <%= @resource.cn %>!</p>
+<p>Hello <%= @email %>!</p>

 <% if @resource.try(:unconfirmed_email?) %>
  <p>We're contacting you to notify you that your email is being changed to <%= @resource.unconfirmed_email %>.</p>
--- a/app/views/devise/mailer/password_change.html.erb
+++ b/app/views/devise/mailer/password_change.html.erb
@@ -1,3 +1,3 @@
-<p>Hello <%= @resource.cn %>!</p>
+<p>Hello <%= @resource.email %>!</p>

 <p>We're contacting you to notify you that your password has been changed.</p>
--- a/app/views/devise/mailer/reconfirmation_instructions.html.erb
+++ b/app/views/devise/mailer/reconfirmation_instructions.html.erb
@@ -1,5 +0,0 @@
-<p>Hello <%= @resource.cn %>,</p>
-
-<p>Please confirm your new email address through the link below:</p>
-
-<p><%= link_to 'Confirm my address', confirmation_url(@resource, confirmation_token: @token) %></p>
--- a/app/views/devise/mailer/reset_password_instructions.html.erb
+++ b/app/views/devise/mailer/reset_password_instructions.html.erb
@@ -1,4 +1,4 @@
-<p>Hello <%= @resource.cn %>!</p>
+<p>Hello <%= @resource.email %>!</p>

 <p>Someone has requested a link to change your password. You can do this through the link below.</p>

--- a/app/views/devise/mailer/unlock_instructions.html.erb
+++ b/app/views/devise/mailer/unlock_instructions.html.erb
@@ -1,4 +1,4 @@
-<p>Hello <%= @resource.cn %>!</p>
+<p>Hello <%= @resource.email %>!</p>

 <p>Your account has been locked due to an excessive number of unsuccessful sign in attempts.</p>

--- a/app/views/devise/sessions/new.html.erb
+++ b/app/views/devise/sessions/new.html.erb
@@ -1,55 +1,25 @@
-<%
-  # TODO remove when https://github.com/hotwired/turbo/issues/203 is fixed
-  enable_turbo = !session[:user_return_to] || !session[:user_return_to].match?('/discourse/connect')
-%>
-
 <%= render HeaderCompactComponent.new(title: "Log in") %>

 <%= render MainCompactComponent.new do %>
-  <%= form_for(resource, as: resource_name, url: session_path(resource_name),
-                         data: { turbo: enable_turbo.to_s }) do |f| %>
+  <%= form_for(resource, as: resource_name, url: session_path(resource_name)) do |f| %>
    <%= render "devise/shared/error_messages", resource: resource %>
    <div class="mb-6">
      <%= f.label :cn, 'User', class: 'block mb-2 font-bold' %>
      <p class="flex gap-2 items-center">
        <%= f.text_field :cn, autofocus: true, autocomplete: "username",
-              required: true, class: "relative grow", tabindex: "1" %>
+                              required: true, class: "relative grow"%>
        <span class="relative shrink-0 text-gray-500">@ kosmos.org</span>
      </p>
    </div>
-    <p class="mb-8">
+    <p>
      <%= f.label :password, class: 'block mb-2 font-bold' %>
      <%= f.password_field :password, autocomplete: "current-password",
-            required: true, class: "w-full", tabindex: "2" %>
+                                      required: true, class: "w-full"%>
    </p>
-
-    <%= tag.div class: "flex items-center mb-8 gap-x-3", data: {
-          controller: "settings--toggle",
-          :'settings--toggle-switch-enabled-value' => "false"
-        } do %>
-      <div class="relative inline-flex flex-shrink-0">
-        <%= render FormElements::ToggleComponent.new(
-              enabled: false, input_enabled: true, class_names: "hidden",
-              tabindex: "3", data: {
-                :'settings--toggle-target' => "button",
-                action: "settings--toggle#toggleSwitch"
-              }) %>
-        <%= f.check_box :remember_me, {
-              checked: false,
-              data: { :'settings--toggle-target' => "checkbox" }
-            }, "true", "false" %>
-      </div>
-      <%= f.label :remember_me,
-            class: "text-gray-500 flex flex-col",
-            data: { action: "click->settings--toggle#toggleSwitch" } %>
-      <p class="grow text-sm text-right">
-        <%= link_to "Forgot your password?", new_password_path(resource_name),
-              class: "text-gray-500 underline" %><br />
-      </p>
-    <% end %>
-
-    <p>
-      <%= f.submit "Log in", class: 'btn-md btn-blue w-full', tabindex: "4" %>
+    <p class="mt-8">
+      <%= f.submit "Log in", class: 'btn-md btn-blue w-full' %>
    </p>
  <% end %>
+
+  <%= render "devise/shared/links" %>
 <% end %>
--- a/app/views/devise/shared/_links.html.erb
+++ b/app/views/devise/shared/_links.html.erb
@@ -1,29 +1,25 @@
 <div class="devise-links mt-8 text-sm">
  <%- if controller_name != 'sessions' %>
-    <p class="mb-2">
-      <%= link_to "Log in", new_session_path(resource_name),
-            class: "text-gray-500 underline" %>
+    <p class="mb-1.5">
+      <%= link_to "Log in", new_session_path(resource_name) %><br />
    </p>
  <% end %>

  <%- if devise_mapping.recoverable? && controller_name != 'passwords' && controller_name != 'registrations' %>
-    <p class="mb-2">
-      <%= link_to "Forgot your password?", new_password_path(resource_name),
-            class: "text-gray-500 underline" %>
+    <p class="mb-1.5">
+      <%= link_to "Forgot your password?", new_password_path(resource_name) %><br />
    </p>
  <% end %>

-  <%- if devise_mapping.confirmable? && !controller_name.match(/^(confirmations|sessions)$/) %>
-    <p class="mb-2">
-      <%= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name),
-            class: "text-gray-500 underline" %>
+  <%- if devise_mapping.confirmable? && controller_name != 'confirmations' %>
+    <p class="mb-1.5">
+      <%= link_to "Didn't receive confirmation instructions?", new_confirmation_path(resource_name) %><br />
    </p>
  <% end %>

  <%- if devise_mapping.lockable? && resource_class.unlock_strategy_enabled?(:email) && controller_name != 'unlocks' %>
-    <p class="mb-2">
-      <%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name),
-            class: "text-gray-500 underline" %>
+    <p class="mb-1.5">
+      <%= link_to "Didn't receive unlock instructions?", new_unlock_path(resource_name) %><br />
    </p>
  <% end %>
 </div>
--- a/app/views/icons/_asterisk.html.erb
+++ b/app/views/icons/_asterisk.html.erb
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 512 512" fill="currentColor" stroke="currentColor" stroke-width="2" class="<%= custom_class %>"><path d="M475.31 364.144L288 256l187.31-108.144c5.74-3.314 7.706-10.653 4.392-16.392l-4-6.928c-3.314-5.74-10.653-7.706-16.392-4.392L272 228.287V12c0-6.627-5.373-12-12-12h-8c-6.627 0-12 5.373-12 12v216.287L52.69 120.144c-5.74-3.314-13.079-1.347-16.392 4.392l-4 6.928c-3.314 5.74-1.347 13.079 4.392 16.392L224 256 36.69 364.144c-5.74 3.314-7.706 10.653-4.392 16.392l4 6.928c3.314 5.74 10.653 7.706 16.392 4.392L240 283.713V500c0 6.627 5.373 12 12 12h8c6.627 0 12-5.373 12-12V283.713l187.31 108.143c5.74 3.314 13.079 1.347 16.392-4.392l4-6.928c3.314-5.74 1.347-13.079-4.392-16.392z"/></svg>
--- a/app/views/icons/_bell.html.erb
+++ b/app/views/icons/_bell.html.erb
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-bell <%= custom_class %>"><path d="M18 8A6 6 0 0 0 6 8c0 7-3 9-3 9h18s-3-2-3-9"></path><path d="M13.73 21a2 2 0 0 1-3.46 0"></path></svg>
+<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-bell"><path d="M18 8A6 6 0 0 0 6 8c0 7-3 9-3 9h18s-3-2-3-9"></path><path d="M13.73 21a2 2 0 0 1-3.46 0"></path></svg>
--- a/app/views/icons/_edit-2.html.erb
+++ b/app/views/icons/_edit-2.html.erb
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit-2 <%= custom_class %>"><path d="M17 3a2.828 2.828 0 1 1 4 4L7.5 20.5 2 22l1.5-5.5L17 3z"></path></svg>
+<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit-2"><path d="M17 3a2.828 2.828 0 1 1 4 4L7.5 20.5 2 22l1.5-5.5L17 3z"></path></svg>
--- a/app/views/icons/_edit-3.html.erb
+++ b/app/views/icons/_edit-3.html.erb
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit-3 <%= custom_class %>"><path d="M12 20h9"></path><path d="M16.5 3.5a2.121 2.121 0 0 1 3 3L7 19l-4 1 1-4L16.5 3.5z"></path></svg>
+<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit-3"><path d="M12 20h9"></path><path d="M16.5 3.5a2.121 2.121 0 0 1 3 3L7 19l-4 1 1-4L16.5 3.5z"></path></svg>
--- a/app/views/icons/_edit.html.erb
+++ b/app/views/icons/_edit.html.erb
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit <%= custom_class %>"><path d="M11 4H4a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14a2 2 0 0 0 2-2v-7"></path><path d="M18.5 2.5a2.121 2.121 0 0 1 3 3L12 15l-4 1 1-4 9.5-9.5z"></path></svg>
+<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-edit"><path d="M11 4H4a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14a2 2 0 0 0 2-2v-7"></path><path d="M18.5 2.5a2.121 2.121 0 0 1 3 3L12 15l-4 1 1-4 9.5-9.5z"></path></svg>
--- a/app/views/icons/_folder.html.erb
+++ b/app/views/icons/_folder.html.erb
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-folder"><path d="M22 19a2 2 0 0 1-2 2H4a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h5l2 3h9a2 2 0 0 1 2 2z"></path></svg>
+<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-folder <%= custom_class %>"><path d="M22 19a2 2 0 0 1-2 2H4a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h5l2 3h9a2 2 0 0 1 2 2z"></path></svg>
--- a/app/views/icons/_message-circle.html.erb
+++ b/app/views/icons/_message-circle.html.erb
@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-message-circle <%= custom_class %>"><path d="M21 11.5a8.38 8.38 0 0 1-.9 3.8 8.5 8.5 0 0 1-7.6 4.7 8.38 8.38 0 0 1-3.8-.9L3 21l1.9-5.7a8.38 8.38 0 0 1-.9-3.8 8.5 8.5 0 0 1 4.7-7.6 8.38 8.38 0 0 1 3.8-.9h.5a8.48 8.48 0 0 1 8 8v.5z"></path></svg>
+<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" class="feather feather-message-circle"><path d="M21 11.5a8.38 8.38 0 0 1-.9 3.8 8.5 8.5 0 0 1-7.6 4.7 8.38 8.38 0 0 1-3.8-.9L3 21l1.9-5.7a8.38 8.38 0 0 1-.9-3.8 8.5 8.5 0 0 1 4.7-7.6 8.38 8.38 0 0 1 3.8-.9h.5a8.48 8.48 0 0 1 8 8v.5z"></path></svg>
--- a/app/views/notification_mailer/lightning_sats_received.text.erb
+++ b/app/views/notification_mailer/lightning_sats_received.text.erb
@@ -1,3 +0,0 @@
-You just received <%= number_with_delimiter @amount_sats %> sats in your Lightning account (<%= @user.address %>). Check your wallet app, or open the account page for details:
-
-<%= transactions_services_lightning_index_url %>
--- a/app/views/rs/oauth/new.html.erb
+++ b/app/views/rs/oauth/new.html.erb
@@ -0,0 +1,60 @@
+<%= render HeaderComponent.new(title: "App Authorization") %>
+
+<%= render MainSimpleComponent.new do %>
+  <section class="px-16 pb-8 mt-8">
+    <p class="text-lg mb-8">
+      The app
+      <%= link_to @client_id, "https://#{@client_id}", class: "ks-text-link" %>
+      is asking for access to these folders:
+    </p>
+
+    <p class="text-xl mb-8">
+      <% if @root_access_requested %>
+        <span class="text-red-700">
+          <span class="text-red-700">
+            <%= render partial: "icons/asterisk", locals: { custom_class: "inline-block align-middle mb-1" } %>
+            All files and directories
+          </span>
+          <% if (@scopes & [":r"]).any? %>
+            <span class="text-sm text-gray-500">(read only)</span>
+          <% end %>
+        </span>
+      <% else %>
+        <% @scopes.each do |scope| %>
+          <span class="text-gray-500">
+            <span>
+              <%= render partial: "icons/folder", locals: { custom_class: "inline-block align-middle mb-2" } %>
+              <%= scope_name(scope) %>
+            </span>
+            <% if scope_permissions(scope) == "r" %>
+              <span class="text-sm text-gray-500">(read only)</span>
+            <% end %>
+          </span>
+        <% end %>
+      <% end %>
+    </p>
+
+    <%= form_with(url: rs_oauth_path, method: :post, data: { turbo: false }) do |f| %>
+      <%= f.hidden_field :redirect_uri, value: @redirect_uri %>
+      <%= f.hidden_field :scope, value: @scopes.join(" ") %>
+      <%= f.hidden_field :user_id, value: @user.id %>
+      <%= f.hidden_field :client_id, value: @client_id %>
+      <%= f.hidden_field :state, value: @state %>
+      <p>
+        <%= f.label :expire_at, "Expire:" %>
+        <%= f.select :expire_at, options_for_select(@expire_at_dates) %>
+      </p>
+      <p class="text-sm text-gray-500 my-10">
+        You can revoke access for this app at any time on your storage dashboard.
+      </p>
+      <div>
+        <%= f.submit class: "btn-md btn-blue w-full sm:w-auto", data: { disable_with: "Saving..." } do %>
+          Allow
+        <% end %>
+        <%= link_to @denial_url, class: "btn-md btn-red w-full sm:w-auto" do %>
+          Deny
+        <% end %>
+      </div>
+    <% end %>
+  </section>
+<% end %>
--- a/app/views/services/remotestorage/dashboard.html.erb
+++ b/app/views/services/remotestorage/dashboard.html.erb
@@ -1,7 +0,0 @@
-<%= render HeaderComponent.new(title: "Storage") %>
-
-<%= render MainSimpleComponent.new do %>
-  <section>
-    <h3>Feature enabled</h3>
-  </section>
-<% end %>
--- a/app/views/settings/_account.html.erb
+++ b/app/views/settings/_account.html.erb
@@ -1,50 +0,0 @@
-<%= tag.section data: {
-      controller: "settings--account--email",
-      "settings--account--email-validation-failed-value": @validation_errors.present?
-    } do %>
-  <h3>E-Mail</h3>
-  <%= form_for(@user, url: update_email_settings_path, method: "post") do |f| %>
-    <%= hidden_field_tag :section, "account" %>
-    <p class="mb-2">
-      <%= f.label :email, 'Address', class: 'font-bold' %>
-    </p>
-    <p class="mb-2 flex gap-1 sm:w-3/5">
-      <%= f.email_field :email, class: "grow", data: {
-            'settings--account--email-target': 'emailField'
-          }, required: true %>
-      <button type="button" id="edit-email"
-              class="btn-md btn-icon btn-blue shrink-0 hidden initial-visible"
-              data-settings--account--email-target="editEmailButton"
-              data-action="settings--account--email#editEmail"
-              title="Edit email address">
-        <span class="">
-          <%= render partial: "icons/edit-3", locals: {
-                custom_class: "text-white h-4 w-4 inline" } %>
-        </span>
-      </button>
-    </p>
-    <% if @validation_errors.present? && @validation_errors[:email].present? %>
-      <p class="error-msg"><%= @validation_errors[:email].first %></p>
-    <% end %>
-    <div class="initial-hidden">
-      <p class="mt-4 mb-2">
-        <%= f.label :current_password, 'Current password', class: 'font-bold' %>
-      </p>
-      <p class="sm:w-3/5">
-        <%= f.password_field :current_password, class: "w-full", required: true %>
-      </p>
-      <p class="mt-6">
-        <%= f.submit "Update", class: "btn-md btn-blue w-full md:w-auto" %>
-      </p>
-    </div>
-  <% end %>
-<% end %>
-<section>
-  <h3>Password</h3>
-  <p class="mb-8">Use the following button to request an email with a password reset link:</p>
-  <%= form_with(url: reset_password_settings_path, method: :post) do %>
-    <p>
-      <%= submit_tag("Send me a password reset link", class: 'btn-md btn-gray w-full sm:w-auto') %>
-    </p>
-  <% end %>
-</section>
--- a/app/views/settings/_lightning.html.erb
+++ b/app/views/settings/_lightning.html.erb
@@ -1,25 +0,0 @@
-<%= form_for @user, url: setting_path(:lightning), html: { :method => :put } do |f| %>
-<section>
-  <h3>Notifications</h3>
-  <ul role="list">
-    <%= render FormElements::FieldsetComponent.new(
-      positioning: :horizontal,
-      title: "Sats received",
-      description: "Notify me when sats are sent to my Lightning Address"
-    ) do %>
-      <% f.fields_for :preferences do |p| %>
-        <%= p.select :lightning_notify_sats_received, options_for_select([
-          ["off", "disabled"],
-          ["Chat (Jabber)", "xmpp"],
-          ["E-Mail", "email"]
-        ], selected: @user.preferences[:lightning_notify_sats_received]) %>
-      <% end %>
-    <% end %>
-  </ul>
-</section>
-<section>
-  <p class="pt-6 border-t border-gray-200 text-right">
-    <%= f.submit 'Save', class: "btn-md btn-blue w-full md:w-auto" %>
-  </p>
-</section>
-<% end %>
--- a/app/views/settings/_notifications.html.erb
+++ b/app/views/settings/_notifications.html.erb
@@ -1,16 +0,0 @@
-<section>
-  <h3>Lightning Wallet</h3>
-
-  <ul role="list">
-    <%= render FormElements::FieldsetComponent.new(
-      positioning: :horizontal,
-      title: "Sats received",
-      description: "Notify when sats are sent to my Lightning Address"
-    ) do %>
-    <%= select_tag :sats_received, options_for_select([
-      ["off", "off"],
-      ["Chat (Jabber)", "xmpp"]
-    ]) %>
-    <% end %>
-  </ul>
-</section>
--- a/app/views/settings/_profile.html.erb
+++ b/app/views/settings/_profile.html.erb
@@ -1,35 +0,0 @@
-<section>
-  <h3>Profile</h3>
-  <p class="mb-2">
-    <%= label :user_address, 'User address', class: 'font-bold' %>
-  </p>
-  <p data-controller="clipboard" class="flex gap-1 mb-2 sm:w-3/5">
-    <input type="text" id="user_address" class="grow"
-           value=<%= @user.address %> disabled="disabled"
-           data-clipboard-target="source" />
-    <button id="copy-user-address" class="btn-md btn-icon btn-blue shrink-0"
-            data-clipboard-target="trigger" data-action="clipboard#copy"
-            title="Copy to clipboard">
-      <span class="content-initial">
-        <%= render partial: "icons/copy", locals: { custom_class: "text-white h-4 w-4 inline" } %>
-      </span>
-      <span class="content-active hidden">
-        <%= render partial: "icons/check", locals: { custom_class: "text-white h-4 w-4 inline" } %>
-      </span>
-    </button>
-  </p>
-  <p class="text-sm text-gray-500">
-    Your user address for Chat and Lightning Network.
-  </p>
-  <%= form_for(@user, url: setting_path(:profile), html: { :method => :put }) do |f| %>
-    <%= render FormElements::FieldsetComponent.new(tag: "div", title: "Display name") do %>
-      <%= f.text_field :display_name, class: "w-full sm:w-3/5 mb-2" %>
-      <% if @validation_errors.present? && @validation_errors[:display_name].present? %>
-        <p class="error-msg"><%= @validation_errors[:display_name].first %></p>
-      <% end %>
-    <% end %>
-    <p class="mt-8 pt-6 border-t border-gray-200 text-right">
-      <%= f.submit 'Save', class: "btn-md btn-blue w-full md:w-auto" %>
-    </p>
-  <% end %>
-</section>
--- a/app/views/settings/_xmpp.html.erb
+++ b/app/views/settings/_xmpp.html.erb
@@ -1,18 +0,0 @@
-<%= form_for @user, url: setting_path(:xmpp), html: { :method => :put } do |f| %>
-<section>
-  <h3>Contacts</h3>
-  <ul role="list">
-    <%= render FormElements::FieldsetToggleComponent.new(
-      field_name: "user[preferences][xmpp_exchange_contacts_with_invitees]",
-      enabled: @user.preferences[:xmpp_exchange_contacts_with_invitees],
-      title: "Exchange contacts when invited user signs up",
-      description: "Add each others contacts, so you can chat with them immediately"
-    ) %>
-  </ul>
-</section>
-<section>
-  <p class="pt-6 border-t border-gray-200 text-right">
-    <%= f.submit 'Save', class: "btn-md btn-blue w-full md:w-auto" %>
-  </p>
-</section>
-<% end %>
--- a/app/views/settings/account/index.html.erb
+++ b/app/views/settings/account/index.html.erb
@@ -0,0 +1,23 @@
+<%= render HeaderComponent.new(title: "Settings") %>
+
+<%= render MainWithSidenavComponent.new(sidenav_partial: 'shared/sidenav_settings') do %>
+  <section>
+    <h3>E-Mail</h3>
+    <p class="mb-2">
+      <%= label :email, 'Address', class: 'font-bold' %>
+    </p>
+    <p class="flex gap-1 mb-2 sm:w-3/5">
+      <input type="text" id="email" class="grow"
+             value=<%= current_user.email %> disabled="disabled" />
+    </p>
+  </section>
+  <section>
+    <h3>Password</h3>
+    <p class="mb-8">Use the following button to request an email with a password reset link:</p>
+    <%= form_with(url: settings_reset_password_path, method: :post) do %>
+      <p>
+        <%= submit_tag("Send me a password reset link", class: 'btn-md btn-gray w-full sm:w-auto') %>
+      </p>
+    <% end %>
+  </section>
+<% end %>
--- a/app/views/settings/profile/index.html.erb
+++ b/app/views/settings/profile/index.html.erb
@@ -0,0 +1,34 @@
+<%= render HeaderComponent.new(title: "Settings") %>
+
+<%= render MainWithSidenavComponent.new(sidenav_partial: 'shared/sidenav_settings') do %>
+  <section>
+    <h3>Profile</h3>
+    <p class="mb-2">
+      <%= label :user_address, 'User address', class: 'font-bold' %>
+    </p>
+    <p data-controller="clipboard" class="flex gap-1 mb-2 sm:w-3/5">
+      <input type="text" id="user_address" class="grow"
+             value=<%= @user.address %> disabled="disabled"
+             data-clipboard-target="source" />
+      <button id="copy-user-address" class="btn-md btn-icon btn-blue shrink-0"
+              data-clipboard-target="trigger" data-action="clipboard#copy"
+              title="Copy to clipboard">
+        <span class="content-initial">
+          <%= render partial: "icons/copy", locals: { custom_class: "text-white h-4 w-4 inline" } %>
+        </span>
+        <span class="content-active hidden">
+          <%= render partial: "icons/check", locals: { custom_class: "text-white h-4 w-4 inline" } %>
+        </span>
+      </button>
+    </p>
+    <p class="text-sm text-gray-500">
+      Your user address for Chat and Lightning Network.
+    </p>
+
+    <%# <%= form_for(@user, as: "profile", url: settings_profile_path) do |f| %>
+    <%#   <p class="mt-8">
+    <%#     <%= f.submit "Save changes", class: 'btn-md btn-blue w-full sm:w-auto' %>
+    <%#   </p>
+    <%# <% end %>
+  </section>
+<% end %>
--- a/app/views/settings/show.html.erb
+++ b/app/views/settings/show.html.erb
@@ -1,5 +0,0 @@
-<%= render HeaderComponent.new(title: "Settings") %>
-
-<%= render MainWithSidenavComponent.new(sidenav_partial: 'shared/sidenav_settings') do %>
-  <%= render partial: @settings_section %>
-<% end %>
--- a/app/views/shared/_main_nav.html.erb
+++ b/app/views/shared/_main_nav.html.erb
@@ -1,8 +1,10 @@
 <%= link_to "Services", root_path,
-      class: main_nav_class(@current_section, :services) %>
-<%= link_to "Invitations", invitations_path,
-      class: main_nav_class(@current_section, :invitations) %>
+      class: main_nav_class(@current_section, :dashboard) %>
 <%= link_to "Contributions", contributions_donations_path,
      class: main_nav_class(@current_section, :contributions) %>
-<%= link_to "Settings", settings_path,
+<%= link_to "Invitations", invitations_path,
+      class: main_nav_class(@current_section, :invitations) %>
+<%= link_to "Wallet", wallet_path,
+      class: main_nav_class(@current_section, :wallet) %>
+<%= link_to "Settings", settings_profile_path,
      class: main_nav_class(@current_section, :settings) %>
--- a/app/views/shared/_sidenav_settings.html.erb
+++ b/app/views/shared/_sidenav_settings.html.erb
@@ -1,20 +1,11 @@
 <%= render SidenavLinkComponent.new(
-  name: "Profile", path: setting_path(:profile), icon: "user",
-  active: @settings_section.to_s == "profile"
+  name: "Profile", path: settings_profile_path, icon: "user",
+  active: current_page?(settings_profile_path)
 ) %>
 <%= render SidenavLinkComponent.new(
-  name: "Account", path: setting_path(:account), icon: "key",
-  active: @settings_section.to_s == "account"
+  name: "Account", path: settings_account_path, icon: "key",
+  active: current_page?(settings_account_path)
 ) %>
-<% if Setting.ejabberd_enabled %>
 <%= render SidenavLinkComponent.new(
-  name: "Chat", path: setting_path(:xmpp), icon: "message-circle",
-  active: @settings_section.to_s == "xmpp"
+  name: "Security", path: "#", icon: "shield", disabled: true
 ) %>
-<% end %>
-<% if Setting.lndhub_enabled %>
-<%= render SidenavLinkComponent.new(
-  name: "Lightning", path: setting_path(:lightning), icon: "zap",
-  active: @settings_section.to_s == "lightning"
-) %>
-<% end %>
--- a/app/views/shared/_tabnav_contributions.html.erb
+++ b/app/views/shared/_tabnav_contributions.html.erb
@@ -1,8 +1,12 @@
-<%= render HeaderTabLinkComponent.new(
-  name: "Donations", path: contributions_donations_path,
-  active: current_page?(contributions_donations_path)
-) %>
-<%= render HeaderTabLinkComponent.new(
-  name: "Projects", path: contributions_projects_path,
-  active: current_page?(contributions_projects_path)
-) %>
+<div class="border-b border-gray-200">
+  <nav class="-mb-px flex" aria-label="Tabs">
+    <%= render TabnavLinkComponent.new(
+      name: "Donations", path: contributions_donations_path,
+      active: current_page?(contributions_donations_path)
+    ) %>
+    <%= render TabnavLinkComponent.new(
+      name: "Projects", path: contributions_projects_path,
+      active: current_page?(contributions_projects_path)
+    ) %>
+  </nav>
+</div>
--- a/app/views/shared/_tabnav_lightning.html.erb
+++ b/app/views/shared/_tabnav_lightning.html.erb
@@ -1,14 +0,0 @@
-<section>
-  <div class="border-b border-gray-200">
-    <nav class="-mb-px flex" aria-label="Tabs">
-      <%= render TabnavLinkComponent.new(
-        name: "Info", path: services_lightning_index_path,
-        active: current_page?(services_lightning_index_path)
-      ) %>
-      <%= render TabnavLinkComponent.new(
-        name: "Transactions", path: transactions_services_lightning_index_path,
-        active: current_page?(transactions_services_lightning_index_path)
-      ) %>
-    </nav>
-  </div>
-</section>
--- a/app/views/shared/_tabnav_wallet.html.erb
+++ b/app/views/shared/_tabnav_wallet.html.erb
@@ -0,0 +1,14 @@
+<section>
+  <div class="border-b border-gray-200">
+    <nav class="-mb-px flex" aria-label="Tabs">
+      <%= render TabnavLinkComponent.new(
+        name: "Info", path: wallet_path,
+        active: current_page?(wallet_path)
+      ) %>
+      <%= render TabnavLinkComponent.new(
+        name: "Transactions", path: wallet_transactions_path,
+        active: current_page?(wallet_transactions_path)
+      ) %>
+    </nav>
+  </div>
+</section>
--- a/app/views/services/lightning/index.html.erb
+++ b/app/views/services/lightning/index.html.erb
@@ -1,9 +1,9 @@
-<%= render HeaderComponent.new(title: "Lightning Network") %>
+<%= render HeaderComponent.new(title: "Wallet") %>

 <%= render MainSimpleComponent.new do %>
  <%= render WalletSummaryComponent.new(balance: @balance) %>

-  <%= render partial: "shared/tabnav_lightning" %>
+  <%= render partial: "shared/tabnav_wallet" %>

  <section>
    <h3>Lightning Address</h3>
--- a/app/views/services/lightning/transactions.html.erb
+++ b/app/views/services/lightning/transactions.html.erb
@@ -1,9 +1,9 @@
-<%= render HeaderComponent.new(title: "Lightning Network") %>
+<%= render HeaderComponent.new(title: "Wallet") %>

 <%= render MainSimpleComponent.new do %>
  <%= render WalletSummaryComponent.new(balance: @balance) %>

-  <%= render partial: "shared/tabnav_lightning" %>
+  <%= render partial: "shared/tabnav_wallet" %>

  <section>
    <h3 class="hidden">Transactions</h3>
@@ -27,7 +27,7 @@
            <p class="col-span-2 md:col-span-1 mb-0 text-right">
              <span class="text-xl font-mono <%= tx["received"] ? "text-emerald-600" : "" %>">
                <%= tx["received"] ? "+" : "" %><%= number_with_delimiter tx["amount_sats"]  %>
-                <span class="text-base md:text-lg">sats</span>
+                <span class="hidden md:inline">sats</span>
              </span>
            </p>
            <p class="col-span-4 md:col-span-3 mb-0 text-gray-500">
@@ -35,10 +35,7 @@
            </p>
            <p class="col-span-4 md:col-span-1 md:text-right mb-0">
              <span class="col-span-2 md:col-span-1 text-sm text-gray-500">
-                <%= tx["datetime"].strftime("%B %e, %H:%M") -%>
-                <% if tx["fee"] && (tx["fee"] > 0) %>
-                  ~ Fee: <%= pluralize tx["fee"], "sat" %>
-                <% end %>
+                <%= tx["datetime"].strftime("%B %e, %H:%M") %>
              </span>
            </p>
          </li>
--- a/config/default_preferences.yml
+++ b/config/default_preferences.yml
@@ -1,2 +0,0 @@
-lightning_notify_sats_received: disabled # or xmpp, email
-xmpp_exchange_contacts_with_invitees: true
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -62,11 +62,6 @@ Rails.application.configure do
  outgoing_email_address = ENV.fetch('SMTP_FROM_ADDRESS', 'accounts@localhost')
  outgoing_email_domain  = Mail::Address.new(outgoing_email_address).domain

-  config.action_mailer.default_url_options = {
-    host: ENV['AKKOUNTS_DOMAIN'],
-    protocol: "https",
-  }
-
  config.action_mailer.default_options = {
    from: outgoing_email_address,
    message_id: -> { "<#{Mail.random_tag}@#{outgoing_email_domain}>" },
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -186,13 +186,13 @@ Devise.setup do |config|

  # ==> Configuration for :rememberable
  # The time the user will be remembered without asking for credentials again.
-  config.remember_for = 2.weeks
+  # config.remember_for = 2.weeks

  # Invalidates all the remember me tokens when the user signs out.
  config.expire_all_remember_me_on_sign_out = true

  # If true, extends the user's remember period when remembered via cookie.
-  config.extend_remember_period = true
+  # config.extend_remember_period = false

  # Options to be passed to the created cookie. For instance, you can set
  # secure: true in order to force SSL only cookies.
@@ -210,7 +210,7 @@ Devise.setup do |config|
  # ==> Configuration for :timeoutable
  # The time you want to timeout the user session without activity. After this
  # time the user will be asked for credentials again. Default is 30 minutes.
-  config.timeout_in = 30.minutes
+  # config.timeout_in = 30.minutes

  # ==> Configuration for :lockable
  # Defines which strategy will be used to lock an account.
--- a/config/initializers/field_with_errors.rb
+++ b/config/initializers/field_with_errors.rb
@@ -1,9 +0,0 @@
-ActionView::Base.field_error_proc = Proc.new do |html_tag, instance|
-  if html_tag.match('class')
-    html_tag.gsub(/class="(.*?)"/, 'class="\1 field_with_errors"').html_safe
-  else
-    parts = html_tag.split('>', 2)
-    parts[0] += ' class="field_with_errors">'
-    (parts[0] + parts[1]).html_safe
-  end
-end
--- a/config/initializers/sentry.rb
+++ b/config/initializers/sentry.rb
@@ -1,9 +0,0 @@
-if ENV["SENTRY_DSN"].present?
-  Sentry.init do |config|
-    config.dsn = ENV["SENTRY_DSN"]
-    config.breadcrumbs_logger = [:active_support_logger, :http_logger]
-    config.traces_sampler = lambda do |context|
-      true
-    end
-  end
-end
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Garret Alfert	ee42d68471	Add RemoteStorageAuthorization model All checks were successful continuous-integration/drone/push Build is passing Details continuous-integration/drone/pr Build is passing Details	2023-03-28 01:21:28 +02:00
Garret Alfert	7acc3b2106	RemoteStorage OAuth dialog	2023-03-28 01:21:28 +02:00
Garret Alfert	20c014607c	Basic RemoteStorage settings	2023-03-27 22:52:01 +02:00
				`@@ -0,0 +1 @@`
				<svg xmlns="http://www.w3.org/2000/svg" width="20" height="20" viewBox="0 0 512 512" fill="currentColor" stroke="currentColor" stroke-width="2" class="<%= custom_class %>"><path d="M475.31 364.144L288 256l187.31-108.144c5.74-3.314 7.706-10.653 4.392-16.392l-4-6.928c-3.314-5.74-10.653-7.706-16.392-4.392L272 228.287V12c0-6.627-5.373-12-12-12h-8c-6.627 0-12 5.373-12 12v216.287L52.69 120.144c-5.74-3.314-13.079-1.347-16.392 4.392l-4 6.928c-3.314 5.74-1.347 13.079 4.392 16.392L224 256 36.69 364.144c-5.74 3.314-7.706 10.653-4.392 16.392l4 6.928c3.314 5.74 10.653 7.706 16.392 4.392L240 283.713V500c0 6.627 5.373 12 12 12h8c6.627 0 12-5.373 12-12V283.713l187.31 108.143c5.74 3.314 13.079 1.347 16.392-4.392l4-6.928c3.314-5.74 1.347-13.079-4.392-16.392z"/></svg>