...issue by deleting the session cookie after successful password change
and forcing the user to re-authenticate.
additionally, split the InitialPasswordChange func into separate "GET"
and "POST" variants.
* add user onboarding workflow
* fix user editing (no edits of passwords of regular users after
onboarding)
* refresh HIBP breach cache in DB on app start-up
* display HIBP breach details
* fix request scheduling to prevent panics (this still needs some love..)
* fix middleware auth
* add TODOs
* update head.tmpl
* reword some error messages
* add handlers for signin,singup,logout...
* introduce ent ORM and add user schema
* add live mode, devel mode to selectively turn on features via
config/flags
* add templates, handle embedding moar smarter:
* live mode uses live folder structure, else embedded templates are
used
* start using tailwindcss to style stuff
* add development goodies for hot-reloading (browser-sync - bs.js)
* pimp-up config.dhall with actual custom config Type (enables remote
schema and local values only as needed)
* add justfile (alternative to makefile for process automation)