- Fix bug where setup paths were not mountpathed so twofactor_verify
would redirect to a 404.
- Fix bug in remember where a user would be remembered even if logged in
depending on the middleware order (if something had previously called
LoadCurrentUser/LoadCurrentUserID it was fine, if not, the user was
half-authed even if he was cleared of half-auth previously).
- Change changelog format to use keepachangelog standard
- Refactor the config to be made of substructs to help organize all the
pieces
- Add the new interfaces to the configuration
- Clean up module loading (no unnecessary reflection to create new value)
- Change User interface to have a Get/SetPID not E-mail/Username, this
way we don't ever have to refer to one or the other, we just always
assume pid. In the case of Confirm/Recover we'll have to make a GetEmail
or there won't be a way for us to get the e-mail to send to.
- Delete the xsrf nonsense in the core
