From 3fb4d95fd790c785e2f230299bbedb428983dfc6 Mon Sep 17 00:00:00 2001
From: Brandon <brandon@mauldin314.com>
Date: Thu, 2 May 2024 10:16:45 -0700
Subject: [PATCH 01/63] Adding basic MFA in the form of TOTP

---
 package-lock.json                             |   30 +
 package.json                                  |    3 +-
 .../widgets/type_widgets/content_widget.js    |  134 +-
 .../options/multi_factor_authentication.js    |  109 ++
 src/routes/api/totp.ts                        |   24 +
 src/routes/routes.ts                          | 1577 ++++++++++++-----
 src/services/encryption/my_scrypt.ts          |   39 +-
 .../encryption/password_encryption.ts         |   50 +-
 src/services/encryption/totp_secret.ts        |  110 ++
 .../encryption/totp_secret_encryption.ts      |   52 +
 src/services/hidden_subtree.ts                |  834 +++++----
 src/views/login.ejs                           |  134 +-
 12 files changed, 2188 insertions(+), 908 deletions(-)
 create mode 100644 src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
 create mode 100644 src/routes/api/totp.ts
 create mode 100644 src/services/encryption/totp_secret.ts
 create mode 100644 src/services/encryption/totp_secret_encryption.ts

diff --git a/package-lock.json b/package-lock.json
index 2dd4a639d1..037578fba5 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -73,6 +73,7 @@
         "semver": "7.6.0",
         "serve-favicon": "2.5.0",
         "session-file-store": "1.5.0",
+        "speakeasy": "^2.0.0",
         "split.js": "1.6.5",
         "stream-throttle": "0.1.3",
         "striptags": "3.2.0",
@@ -2708,6 +2709,11 @@
       "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz",
       "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c="
     },
+    "node_modules/base32.js": {
+      "version": "0.0.1",
+      "resolved": "https://registry.npmjs.org/base32.js/-/base32.js-0.0.1.tgz",
+      "integrity": "sha512-EGHIRiegFa62/SsA1J+Xs2tIzludPdzM064N9wjbiEgHnGnJ1V0WEpA4pEwCYT5nDvZk3ubf0shqaCS7k6xeUQ=="
+    },
     "node_modules/base64-js": {
       "version": "1.5.1",
       "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz",
@@ -11795,6 +11801,17 @@
       "integrity": "sha512-oie3/+gKf7QtpitB0LYLETe+k8SifzsX4KixvpOsbI6S0kRiRQ5MKOio8eMSAKQ17N06+wdEOXRiId+zOxo0hA==",
       "dev": true
     },
+    "node_modules/speakeasy": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/speakeasy/-/speakeasy-2.0.0.tgz",
+      "integrity": "sha512-lW2A2s5LKi8rwu77ewisuUOtlCydF/hmQSOJjpTqTj1gZLkNgTaYnyvfxy2WBr4T/h+9c4g8HIITfj83OkFQFw==",
+      "dependencies": {
+        "base32.js": "0.0.1"
+      },
+      "engines": {
+        "node": ">= 0.10.0"
+      }
+    },
     "node_modules/split.js": {
       "version": "1.6.5",
       "resolved": "https://registry.npmjs.org/split.js/-/split.js-1.6.5.tgz",
@@ -15542,6 +15559,11 @@
       "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz",
       "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c="
     },
+    "base32.js": {
+      "version": "0.0.1",
+      "resolved": "https://registry.npmjs.org/base32.js/-/base32.js-0.0.1.tgz",
+      "integrity": "sha512-EGHIRiegFa62/SsA1J+Xs2tIzludPdzM064N9wjbiEgHnGnJ1V0WEpA4pEwCYT5nDvZk3ubf0shqaCS7k6xeUQ=="
+    },
     "base64-js": {
       "version": "1.5.1",
       "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz",
@@ -22382,6 +22404,14 @@
       "integrity": "sha512-oie3/+gKf7QtpitB0LYLETe+k8SifzsX4KixvpOsbI6S0kRiRQ5MKOio8eMSAKQ17N06+wdEOXRiId+zOxo0hA==",
       "dev": true
     },
+    "speakeasy": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/speakeasy/-/speakeasy-2.0.0.tgz",
+      "integrity": "sha512-lW2A2s5LKi8rwu77ewisuUOtlCydF/hmQSOJjpTqTj1gZLkNgTaYnyvfxy2WBr4T/h+9c4g8HIITfj83OkFQFw==",
+      "requires": {
+        "base32.js": "0.0.1"
+      }
+    },
     "split.js": {
       "version": "1.6.5",
       "resolved": "https://registry.npmjs.org/split.js/-/split.js-1.6.5.tgz",
diff --git a/package.json b/package.json
index cbfcd7e325..fdbd270a66 100644
--- a/package.json
+++ b/package.json
@@ -97,6 +97,7 @@
     "semver": "7.6.0",
     "serve-favicon": "2.5.0",
     "session-file-store": "1.5.0",
+    "speakeasy": "^2.0.0",
     "split.js": "1.6.5",
     "stream-throttle": "0.1.3",
     "striptags": "3.2.0",
@@ -155,4 +156,4 @@
   "optionalDependencies": {
     "electron-installer-debian": "3.2.0"
   }
-}
\ No newline at end of file
+}
diff --git a/src/public/app/widgets/type_widgets/content_widget.js b/src/public/app/widgets/type_widgets/content_widget.js
index fe7f105afb..f72e00fcfa 100644
--- a/src/public/app/widgets/type_widgets/content_widget.js
+++ b/src/public/app/widgets/type_widgets/content_widget.js
@@ -32,6 +32,7 @@ import DatabaseAnonymizationOptions from "./options/advanced/database_anonymizat
 import BackendLogWidget from "./content/backend_log.js";
 import AttachmentErasureTimeoutOptions from "./options/other/attachment_erasure_timeout.js";
 import RibbonOptions from "./options/appearance/ribbon.js";
+import MultiFactorAuthenticationOptions from "./options/multi_factor_authentication.js";
 
 const TPL = `<div class="note-detail-content-widget note-detail-printable">
     <style>
@@ -53,79 +54,84 @@ const TPL = `<div class="note-detail-content-widget note-detail-printable">
 </div>`;
 
 const CONTENT_WIDGETS = {
-    _optionsAppearance: [
-        ThemeOptions,
-        FontsOptions,
-        ZoomFactorOptions,
-        NativeTitleBarOptions,
-        MaxContentWidthOptions,
-        RibbonOptions
-    ],
-    _optionsShortcuts: [ KeyboardShortcutsOptions ],
-    _optionsTextNotes: [
-        HeadingStyleOptions,
-        TableOfContentsOptions,
-        HighlightsListOptions,
-        TextAutoReadOnlySizeOptions
-    ],
-    _optionsCodeNotes: [
-        VimKeyBindingsOptions,
-        WrapLinesOptions,
-        CodeAutoReadOnlySizeOptions,
-        CodeMimeTypesOptions
-    ],
-    _optionsImages: [ ImageOptions ],
-    _optionsSpellcheck: [ SpellcheckOptions ],
-    _optionsPassword: [ PasswordOptions ],
-    _optionsEtapi: [ EtapiOptions ],
-    _optionsBackup: [ BackupOptions ],
-    _optionsSync: [ SyncOptions ],
-    _optionsOther: [
-        SearchEngineOptions,
-        TrayOptions,
-        NoteErasureTimeoutOptions,
-        AttachmentErasureTimeoutOptions,
-        RevisionsSnapshotIntervalOptions,
-        NetworkConnectionsOptions
-    ],
-    _optionsAdvanced: [
-        DatabaseIntegrityCheckOptions,
-        ConsistencyChecksOptions,
-        DatabaseAnonymizationOptions,
-        AdvancedSyncOptions,
-        VacuumDatabaseOptions
-    ],
-    _backendLog: [ BackendLogWidget ]
+  _optionsAppearance: [
+    ThemeOptions,
+    FontsOptions,
+    ZoomFactorOptions,
+    NativeTitleBarOptions,
+    MaxContentWidthOptions,
+    RibbonOptions,
+  ],
+  _optionsShortcuts: [KeyboardShortcutsOptions],
+  _optionsTextNotes: [
+    HeadingStyleOptions,
+    TableOfContentsOptions,
+    HighlightsListOptions,
+    TextAutoReadOnlySizeOptions,
+  ],
+  _optionsCodeNotes: [
+    VimKeyBindingsOptions,
+    WrapLinesOptions,
+    CodeAutoReadOnlySizeOptions,
+    CodeMimeTypesOptions,
+  ],
+  _optionsMFA: [MultiFactorAuthenticationOptions],
+  _optionsImages: [ImageOptions],
+  _optionsSpellcheck: [SpellcheckOptions],
+  _optionsPassword: [PasswordOptions],
+  _optionsEtapi: [EtapiOptions],
+  _optionsBackup: [BackupOptions],
+  _optionsSync: [SyncOptions],
+  _optionsOther: [
+    SearchEngineOptions,
+    TrayOptions,
+    NoteErasureTimeoutOptions,
+    AttachmentErasureTimeoutOptions,
+    RevisionsSnapshotIntervalOptions,
+    NetworkConnectionsOptions,
+  ],
+  _optionsAdvanced: [
+    DatabaseIntegrityCheckOptions,
+    ConsistencyChecksOptions,
+    DatabaseAnonymizationOptions,
+    AdvancedSyncOptions,
+    VacuumDatabaseOptions,
+  ],
+  _backendLog: [BackendLogWidget],
 };
 
 export default class ContentWidgetTypeWidget extends TypeWidget {
-    static getType() { return "contentWidget"; }
+  static getType() {
+    return "contentWidget";
+  }
 
-    doRender() {
-        this.$widget = $(TPL);
-        this.$content = this.$widget.find(".note-detail-content-widget-content");
+  doRender() {
+    this.$widget = $(TPL);
+    this.$content = this.$widget.find(".note-detail-content-widget-content");
 
-        super.doRender();
-    }
+    super.doRender();
+  }
 
-    async doRefresh(note) {
-        this.$content.empty();
-        this.children = [];
+  async doRefresh(note) {
+    this.$content.empty();
+    this.children = [];
 
-        const contentWidgets = CONTENT_WIDGETS[note.noteId];
+    const contentWidgets = CONTENT_WIDGETS[note.noteId];
 
-        if (contentWidgets) {
-            for (const clazz of contentWidgets) {
-                const widget = new clazz();
+    if (contentWidgets) {
+      for (const clazz of contentWidgets) {
+        const widget = new clazz();
 
-                await widget.handleEvent('setNoteContext', { noteContext: this.noteContext });
-                this.child(widget);
+        await widget.handleEvent("setNoteContext", {
+          noteContext: this.noteContext,
+        });
+        this.child(widget);
 
-                this.$content.append(widget.render());
-                await widget.refresh();
-            }
-        } else {
-            this.$content.append(`Unknown widget for "${note.noteId}"`);
-        }
+        this.$content.append(widget.render());
+        await widget.refresh();
+      }
+    } else {
+      this.$content.append(`Unknown widget for "${note.noteId}"`);
     }
+  }
 }
diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
new file mode 100644
index 0000000000..4a8f93c0ae
--- /dev/null
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -0,0 +1,109 @@
+import server from "../../../services/server.js";
+import protectedSessionHolder from "../../../services/protected_session_holder.js";
+import toastService from "../../../services/toast.js";
+import OptionsWidget from "./options_widget.js";
+// import { randomBytes } from "crypto";
+
+// import { generateSecret } from "../../../services/totp.js";
+
+// const speakeasy = require("speakeasy");
+// ${speakeasy.generateSecret().base32}
+
+const TPL = `
+<div class="options-section">
+    <h4 class="mfa-heading"></h4>
+    
+    <div class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">
+      Use TOTP (Time-based One-Time Password) to safeguard your data in this application because it adds an additional layer of security by generating unique passcodes that expire quickly, making it harder for unauthorized access. TOTP also reduces the risk of account compromise through common threats like phishing attacks or password breaches.
+    </div>
+    
+    <span class="totp-secret" >  </span>
+    <br>
+    <button class="regenerate-totp"> Regenerate TOTP Secret </button>
+</div>`;
+
+export default class MultiFactorAuthenticationOptions extends OptionsWidget {
+  doRender() {
+    this.$widget = $(TPL);
+
+    this.$mfaHeadding = this.$widget.find(".mfa-heading");
+    this.$regenerateTotpButton = this.$widget.find(".regenerate-totp");
+    this.$totpSecret = this.$widget.find(".totp-secret");
+
+    this.$mfaHeadding.text("Multi-Factor Authentication");
+    this.generateKey();
+
+    // var gen = require("speakeasy");
+    // toastService.showMessage("***REMOVED***");
+
+    this.$regenerateTotpButton.on("click", async () => {
+      this.generateKey();
+    });
+
+    this.$protectedSessionTimeout = this.$widget.find(
+      ".protected-session-timeout-in-seconds"
+    );
+    this.$protectedSessionTimeout.on("change", () =>
+      this.updateOption(
+        "protectedSessionTimeout",
+        this.$protectedSessionTimeout.val()
+      )
+    );
+  }
+
+  async generateKey() {
+    server.get("totp/generate").then((result) => {
+      if (result.success) {
+        // password changed so current protected session is invalid and needs to be cleared
+        this.$totpSecret.text(result.message);
+      } else {
+        toastService.showError(result.message);
+      }
+    });
+  }
+
+  optionsLoaded(options) {
+    const isPasswordSet = options.isPasswordSet === "true";
+
+    this.$widget.find(".old-password-form-group").toggle(isPasswordSet);
+    this.$savePasswordButton.text(
+      isPasswordSet ? "Change fff Password" : "Set Password"
+    );
+    this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
+  }
+
+  save() {
+    const oldPassword = this.$oldPassword.val();
+    const newPassword1 = this.$newPassword1.val();
+    const newPassword2 = this.$newPassword2.val();
+
+    this.$oldPassword.val("");
+    this.$newPassword1.val("");
+    this.$newPassword2.val("");
+
+    if (newPassword1 !== newPassword2) {
+      toastService.showError("New passwords are not the same.");
+      return false;
+    }
+
+    server
+      .post("password/change", {
+        current_password: oldPassword,
+        new_password: newPassword1,
+      })
+      .then((result) => {
+        if (result.success) {
+          toastService.showError(
+            "Password has been changed. Trilium will be reloaded after you press OK."
+          );
+
+          // password changed so current protected session is invalid and needs to be cleared
+          protectedSessionHolder.resetProtectedSession();
+        } else {
+          toastService.showError(result.message);
+        }
+      });
+
+    return false;
+  }
+}
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
new file mode 100644
index 0000000000..d4c48bfb33
--- /dev/null
+++ b/src/routes/api/totp.ts
@@ -0,0 +1,24 @@
+const speakeasy = require("speakeasy");
+
+function verifyOTPToken(guessedToken: any) {
+  console.log("[" + guessedToken + "]");
+  console.log(typeof guessedToken);
+
+  const tokenValidates = speakeasy.totp.verify({
+    secret: process.env.MFA_SECRET,
+    encoding: "base32",
+    token: guessedToken,
+    window: 1,
+  });
+
+  return tokenValidates;
+}
+
+function generateSecret() {
+  return { success: "true", message: speakeasy.generateSecret().base32 };
+}
+
+export = {
+  verifyOTPToken,
+  generateSecret,
+};
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 55cad4cd59..5d9d6c034d 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -1,522 +1,1179 @@
 "use strict";
 
-import utils = require('../services/utils');
-import multer = require('multer');
-import log = require('../services/log');
-import express = require('express');
+import utils = require("../services/utils");
+import multer = require("multer");
+import log = require("../services/log");
+import express = require("express");
 const router = express.Router();
-import auth = require('../services/auth');
-import cls = require('../services/cls');
-import sql = require('../services/sql');
-import entityChangesService = require('../services/entity_changes');
-import csurf = require('csurf');
+import auth = require("../services/auth");
+import cls = require("../services/cls");
+import sql = require("../services/sql");
+import entityChangesService = require("../services/entity_changes");
+import csurf = require("csurf");
 import { createPartialContentHandler } from "express-partial-content";
 import rateLimit = require("express-rate-limit");
-import AbstractBeccaEntity = require('../becca/entities/abstract_becca_entity');
-import NotFoundError = require('../errors/not_found_error');
-import ValidationError = require('../errors/validation_error');
+import AbstractBeccaEntity = require("../becca/entities/abstract_becca_entity");
+import NotFoundError = require("../errors/not_found_error");
+import ValidationError = require("../errors/validation_error");
 
 // page routes
-import setupRoute = require('./setup');
-import loginRoute = require('./login');
-import indexRoute = require('./index');
+import setupRoute = require("./setup");
+import loginRoute = require("./login");
+import indexRoute = require("./index");
 
 // API routes
-import treeApiRoute = require('./api/tree');
-import notesApiRoute = require('./api/notes');
-import branchesApiRoute = require('./api/branches');
-import attachmentsApiRoute = require('./api/attachments');
-import autocompleteApiRoute = require('./api/autocomplete');
-import cloningApiRoute = require('./api/cloning');
-import revisionsApiRoute = require('./api/revisions');
-import recentChangesApiRoute = require('./api/recent_changes');
-import optionsApiRoute = require('./api/options');
-import passwordApiRoute = require('./api/password');
-import syncApiRoute = require('./api/sync');
-import loginApiRoute = require('./api/login');
-import recentNotesRoute = require('./api/recent_notes');
-import appInfoRoute = require('./api/app_info');
-import exportRoute = require('./api/export');
-import importRoute = require('./api/import');
-import setupApiRoute = require('./api/setup');
-import sqlRoute = require('./api/sql');
-import databaseRoute = require('./api/database');
-import imageRoute = require('./api/image');
-import attributesRoute = require('./api/attributes');
-import scriptRoute = require('./api/script');
-import senderRoute = require('./api/sender');
-import filesRoute = require('./api/files');
-import searchRoute = require('./api/search');
-import bulkActionRoute = require('./api/bulk_action');
-import specialNotesRoute = require('./api/special_notes');
-import noteMapRoute = require('./api/note_map');
-import clipperRoute = require('./api/clipper');
-import similarNotesRoute = require('./api/similar_notes');
-import keysRoute = require('./api/keys');
-import backendLogRoute = require('./api/backend_log');
-import statsRoute = require('./api/stats');
-import fontsRoute = require('./api/fonts');
-import etapiTokensApiRoutes = require('./api/etapi_tokens');
-import relationMapApiRoute = require('./api/relation-map');
-import otherRoute = require('./api/other');
-import shareRoutes = require('../share/routes');
-
-import etapiAuthRoutes = require('../etapi/auth');
-import etapiAppInfoRoutes = require('../etapi/app_info');
-import etapiAttachmentRoutes = require('../etapi/attachments');
-import etapiAttributeRoutes = require('../etapi/attributes');
-import etapiBranchRoutes = require('../etapi/branches');
-import etapiNoteRoutes = require('../etapi/notes');
-import etapiSpecialNoteRoutes = require('../etapi/special_notes');
-import etapiSpecRoute = require('../etapi/spec');
-import etapiBackupRoute = require('../etapi/backup');
-import { AppRequest, AppRequestHandler } from './route-interface';
+import treeApiRoute = require("./api/tree");
+import notesApiRoute = require("./api/notes");
+import branchesApiRoute = require("./api/branches");
+import attachmentsApiRoute = require("./api/attachments");
+import autocompleteApiRoute = require("./api/autocomplete");
+import cloningApiRoute = require("./api/cloning");
+import revisionsApiRoute = require("./api/revisions");
+import recentChangesApiRoute = require("./api/recent_changes");
+import optionsApiRoute = require("./api/options");
+import passwordApiRoute = require("./api/password");
+import syncApiRoute = require("./api/sync");
+import loginApiRoute = require("./api/login");
+import recentNotesRoute = require("./api/recent_notes");
+import appInfoRoute = require("./api/app_info");
+import exportRoute = require("./api/export");
+import importRoute = require("./api/import");
+import setupApiRoute = require("./api/setup");
+import sqlRoute = require("./api/sql");
+import databaseRoute = require("./api/database");
+import imageRoute = require("./api/image");
+import attributesRoute = require("./api/attributes");
+import scriptRoute = require("./api/script");
+import senderRoute = require("./api/sender");
+import filesRoute = require("./api/files");
+import searchRoute = require("./api/search");
+import bulkActionRoute = require("./api/bulk_action");
+import specialNotesRoute = require("./api/special_notes");
+import noteMapRoute = require("./api/note_map");
+import clipperRoute = require("./api/clipper");
+import similarNotesRoute = require("./api/similar_notes");
+import keysRoute = require("./api/keys");
+import backendLogRoute = require("./api/backend_log");
+import statsRoute = require("./api/stats");
+import fontsRoute = require("./api/fonts");
+import etapiTokensApiRoutes = require("./api/etapi_tokens");
+import relationMapApiRoute = require("./api/relation-map");
+import otherRoute = require("./api/other");
+import shareRoutes = require("../share/routes");
+import totp = require("./api/totp");
+
+import etapiAuthRoutes = require("../etapi/auth");
+import etapiAppInfoRoutes = require("../etapi/app_info");
+import etapiAttachmentRoutes = require("../etapi/attachments");
+import etapiAttributeRoutes = require("../etapi/attributes");
+import etapiBranchRoutes = require("../etapi/branches");
+import etapiNoteRoutes = require("../etapi/notes");
+import etapiSpecialNoteRoutes = require("../etapi/special_notes");
+import etapiSpecRoute = require("../etapi/spec");
+import etapiBackupRoute = require("../etapi/backup");
+import { AppRequest, AppRequestHandler } from "./route-interface";
 
 const csrfMiddleware = csurf({
-    cookie: {
-        path: ""       // empty, so cookie is valid only for the current path
-    }
+  cookie: {
+    path: "", // empty, so cookie is valid only for the current path
+  },
 });
 
 const MAX_ALLOWED_FILE_SIZE_MB = 250;
-const GET = 'get', PST = 'post', PUT = 'put', PATCH = 'patch', DEL = 'delete';
-
-type ApiResultHandler = (req: express.Request, res: express.Response, result: unknown) => number;
+const GET = "get",
+  PST = "post",
+  PUT = "put",
+  PATCH = "patch",
+  DEL = "delete";
+
+type ApiResultHandler = (
+  req: express.Request,
+  res: express.Response,
+  result: unknown
+) => number;
 
 // TODO: Deduplicate with etapi_utils.ts afterwards.
-type HttpMethod = "all" | "get" | "post" | "put" | "delete" | "patch" | "options" | "head";
+type HttpMethod =
+  | "all"
+  | "get"
+  | "post"
+  | "put"
+  | "delete"
+  | "patch"
+  | "options"
+  | "head";
 
 const uploadMiddleware = createUploadMiddleware();
 
-const uploadMiddlewareWithErrorHandling = function (req: express.Request, res: express.Response, next: express.NextFunction) {
-    uploadMiddleware(req, res, function (err) {
-        if (err?.code === 'LIMIT_FILE_SIZE') {
-            res.setHeader("Content-Type", "text/plain")
-                .status(400)
-                .send(`Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`);
-        }
-        else {
-            next();
-        }
-    });
+const uploadMiddlewareWithErrorHandling = function (
+  req: express.Request,
+  res: express.Response,
+  next: express.NextFunction
+) {
+  uploadMiddleware(req, res, function (err) {
+    if (err?.code === "LIMIT_FILE_SIZE") {
+      res
+        .setHeader("Content-Type", "text/plain")
+        .status(400)
+        .send(
+          `Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`
+        );
+    } else {
+      next();
+    }
+  });
 };
 
 function register(app: express.Application) {
-    route(GET, '/', [auth.checkAuth, csrfMiddleware], indexRoute.index);
-    route(GET, '/login', [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage);
-    route(GET, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage);
-
-    const loginRateLimiter = rateLimit.rateLimit({
-        windowMs: 15 * 60 * 1000, // 15 minutes
-        max: 10, // limit each IP to 10 requests per windowMs
-        skipSuccessfulRequests: true // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
-    });
-
-    route(PST, '/login', [loginRateLimiter], loginRoute.login);
-    route(PST, '/logout', [csrfMiddleware, auth.checkAuth], loginRoute.logout);
-    route(PST, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPassword);
-    route(GET, '/setup', [], setupRoute.setupPage);
-
-    apiRoute(GET, '/api/tree', treeApiRoute.getTree);
-    apiRoute(PST, '/api/tree/load', treeApiRoute.load);
-
-    apiRoute(GET, '/api/notes/:noteId', notesApiRoute.getNote);
-    apiRoute(GET, '/api/notes/:noteId/blob', notesApiRoute.getNoteBlob);
-    apiRoute(GET, '/api/notes/:noteId/metadata', notesApiRoute.getNoteMetadata);
-    apiRoute(PUT, '/api/notes/:noteId/data', notesApiRoute.updateNoteData);
-    apiRoute(DEL, '/api/notes/:noteId', notesApiRoute.deleteNote);
-    apiRoute(PUT, '/api/notes/:noteId/undelete', notesApiRoute.undeleteNote);
-    apiRoute(PST, '/api/notes/:noteId/revision', notesApiRoute.forceSaveRevision);
-    apiRoute(PST, '/api/notes/:parentNoteId/children', notesApiRoute.createNote);
-    apiRoute(PUT, '/api/notes/:noteId/sort-children', notesApiRoute.sortChildNotes);
-    apiRoute(PUT, '/api/notes/:noteId/protect/:isProtected', notesApiRoute.protectNote);
-    apiRoute(PUT, '/api/notes/:noteId/type', notesApiRoute.setNoteTypeMime);
-    apiRoute(PUT, '/api/notes/:noteId/title', notesApiRoute.changeTitle);
-    apiRoute(PST, '/api/notes/:noteId/duplicate/:parentNoteId', notesApiRoute.duplicateSubtree);
-    apiRoute(PUT, '/api/notes/:noteId/clone-to-branch/:parentBranchId', cloningApiRoute.cloneNoteToBranch);
-    apiRoute(PUT, '/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present', cloningApiRoute.toggleNoteInParent);
-    apiRoute(PUT, '/api/notes/:noteId/clone-to-note/:parentNoteId', cloningApiRoute.cloneNoteToParentNote);
-    apiRoute(PUT, '/api/notes/:noteId/clone-after/:afterBranchId', cloningApiRoute.cloneNoteAfter);
-    route(PUT, '/api/notes/:noteId/file', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-        filesRoute.updateFile, apiResultHandler);
-    route(GET, '/api/notes/:noteId/open', [auth.checkApiAuthOrElectron], filesRoute.openFile);
-    route(GET, '/api/notes/:noteId/open-partial', [auth.checkApiAuthOrElectron],
-        createPartialContentHandler(filesRoute.fileContentProvider, {
-            debug: (string, extra) => { console.log(string, extra); }
-        }));
-    route(GET, '/api/notes/:noteId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
-    // this "hacky" path is used for easier referencing of CSS resources
-    route(GET, '/api/notes/download/:noteId', [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
-    apiRoute(PST, '/api/notes/:noteId/save-to-tmp-dir', filesRoute.saveNoteToTmpDir);
-    apiRoute(PST, '/api/notes/:noteId/upload-modified-file', filesRoute.uploadModifiedFileToNote);
-    apiRoute(PST, '/api/notes/:noteId/convert-to-attachment', notesApiRoute.convertNoteToAttachment);
-
-    apiRoute(PUT, '/api/branches/:branchId/move-to/:parentBranchId', branchesApiRoute.moveBranchToParent);
-    apiRoute(PUT, '/api/branches/:branchId/move-before/:beforeBranchId', branchesApiRoute.moveBranchBeforeNote);
-    apiRoute(PUT, '/api/branches/:branchId/move-after/:afterBranchId', branchesApiRoute.moveBranchAfterNote);
-    apiRoute(PUT, '/api/branches/:branchId/expanded/:expanded', branchesApiRoute.setExpanded);
-    apiRoute(PUT, '/api/branches/:branchId/expanded-subtree/:expanded', branchesApiRoute.setExpandedForSubtree);
-    apiRoute(DEL, '/api/branches/:branchId', branchesApiRoute.deleteBranch);
-    apiRoute(PUT, '/api/branches/:branchId/set-prefix', branchesApiRoute.setPrefix);
-
-    apiRoute(GET, '/api/notes/:noteId/attachments', attachmentsApiRoute.getAttachments);
-    apiRoute(PST, '/api/notes/:noteId/attachments', attachmentsApiRoute.saveAttachment);
-    route(PST, '/api/notes/:noteId/attachments/upload', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], attachmentsApiRoute.uploadAttachment, apiResultHandler);
-    apiRoute(GET, '/api/attachments/:attachmentId', attachmentsApiRoute.getAttachment);
-    apiRoute(GET, '/api/attachments/:attachmentId/all', attachmentsApiRoute.getAllAttachments);
-    apiRoute(PST, '/api/attachments/:attachmentId/convert-to-note', attachmentsApiRoute.convertAttachmentToNote);
-    apiRoute(DEL, '/api/attachments/:attachmentId', attachmentsApiRoute.deleteAttachment);
-    apiRoute(PUT, '/api/attachments/:attachmentId/rename', attachmentsApiRoute.renameAttachment);
-    apiRoute(GET, '/api/attachments/:attachmentId/blob', attachmentsApiRoute.getAttachmentBlob);
-    route(GET, '/api/attachments/:attachmentId/image/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnAttachedImage);
-    route(GET, '/api/attachments/:attachmentId/open', [auth.checkApiAuthOrElectron], filesRoute.openAttachment);
-    route(GET, '/api/attachments/:attachmentId/open-partial', [auth.checkApiAuthOrElectron],
-        createPartialContentHandler(filesRoute.attachmentContentProvider, {
-            debug: (string, extra) => { console.log(string, extra); }
-        }));
-    route(GET, '/api/attachments/:attachmentId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
-    // this "hacky" path is used for easier referencing of CSS resources
-    route(GET, '/api/attachments/download/:attachmentId', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
-    apiRoute(PST, '/api/attachments/:attachmentId/save-to-tmp-dir', filesRoute.saveAttachmentToTmpDir);
-    apiRoute(PST, '/api/attachments/:attachmentId/upload-modified-file', filesRoute.uploadModifiedFileToAttachment);
-    route(PUT, '/api/attachments/:attachmentId/file', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-        filesRoute.updateAttachment, apiResultHandler);
-
-    apiRoute(GET, '/api/notes/:noteId/revisions', revisionsApiRoute.getRevisions);
-    apiRoute(DEL, '/api/notes/:noteId/revisions', revisionsApiRoute.eraseAllRevisions);
-    apiRoute(GET, '/api/revisions/:revisionId', revisionsApiRoute.getRevision);
-    apiRoute(GET, '/api/revisions/:revisionId/blob', revisionsApiRoute.getRevisionBlob);
-    apiRoute(DEL, '/api/revisions/:revisionId', revisionsApiRoute.eraseRevision);
-    apiRoute(PST, '/api/revisions/:revisionId/restore', revisionsApiRoute.restoreRevision);
-    route(GET, '/api/revisions/:revisionId/image/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromRevision);
-
-    route(GET, '/api/revisions/:revisionId/download', [auth.checkApiAuthOrElectron], revisionsApiRoute.downloadRevision);
-
-
-    route(GET, '/api/branches/:branchId/export/:type/:format/:version/:taskId', [auth.checkApiAuthOrElectron], exportRoute.exportBranch);
-    route(PST, '/api/notes/:parentNoteId/notes-import', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], importRoute.importNotesToBranch, apiResultHandler);
-    route(PST, '/api/notes/:parentNoteId/attachments-import', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], importRoute.importAttachmentsToNote, apiResultHandler);
-
-    apiRoute(GET, '/api/notes/:noteId/attributes', attributesRoute.getEffectiveNoteAttributes);
-    apiRoute(PST, '/api/notes/:noteId/attributes', attributesRoute.addNoteAttribute);
-    apiRoute(PUT, '/api/notes/:noteId/attributes', attributesRoute.updateNoteAttributes);
-    apiRoute(PUT, '/api/notes/:noteId/attribute', attributesRoute.updateNoteAttribute);
-    apiRoute(PUT, '/api/notes/:noteId/set-attribute', attributesRoute.setNoteAttribute);
-    apiRoute(PUT, '/api/notes/:noteId/relations/:name/to/:targetNoteId', attributesRoute.createRelation);
-    apiRoute(DEL, '/api/notes/:noteId/relations/:name/to/:targetNoteId', attributesRoute.deleteRelation);
-    apiRoute(DEL, '/api/notes/:noteId/attributes/:attributeId', attributesRoute.deleteNoteAttribute);
-    apiRoute(GET, '/api/attribute-names', attributesRoute.getAttributeNames);
-    apiRoute(GET, '/api/attribute-values/:attributeName', attributesRoute.getValuesForAttribute);
-
-    // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
-    route(GET, '/api/images/:noteId/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromNote);
-    route(PUT, '/api/images/:noteId', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], imageRoute.updateImage, apiResultHandler);
-
-    apiRoute(GET, '/api/options', optionsApiRoute.getOptions);
-    // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
-    apiRoute(PUT, '/api/options/:name/:value*', optionsApiRoute.updateOption);
-    apiRoute(PUT, '/api/options', optionsApiRoute.updateOptions);
-    apiRoute(GET, '/api/options/user-themes', optionsApiRoute.getUserThemes);
-
-    apiRoute(PST, '/api/password/change', passwordApiRoute.changePassword);
-    apiRoute(PST, '/api/password/reset', passwordApiRoute.resetPassword);
-
-    apiRoute(PST, '/api/sync/test', syncApiRoute.testSync);
-    apiRoute(PST, '/api/sync/now', syncApiRoute.syncNow);
-    apiRoute(PST, '/api/sync/fill-entity-changes', syncApiRoute.fillEntityChanges);
-    apiRoute(PST, '/api/sync/force-full-sync', syncApiRoute.forceFullSync);
-    route(GET, '/api/sync/check', [auth.checkApiAuth], syncApiRoute.checkSync, apiResultHandler);
-    route(GET, '/api/sync/changed', [auth.checkApiAuth], syncApiRoute.getChanged, apiResultHandler);
-    route(PUT, '/api/sync/update', [auth.checkApiAuth], syncApiRoute.update, apiResultHandler);
-    route(PST, '/api/sync/finished', [auth.checkApiAuth], syncApiRoute.syncFinished, apiResultHandler);
-    route(PST, '/api/sync/check-entity-changes', [auth.checkApiAuth], syncApiRoute.checkEntityChanges, apiResultHandler);
-    route(PST, '/api/sync/queue-sector/:entityName/:sector', [auth.checkApiAuth], syncApiRoute.queueSector, apiResultHandler);
-    route(GET, '/api/sync/stats', [], syncApiRoute.getStats, apiResultHandler);
-
-    apiRoute(PST, '/api/recent-notes', recentNotesRoute.addRecentNote);
-    apiRoute(GET, '/api/app-info', appInfoRoute.getAppInfo);
-
-    // docker health check
-    route(GET, '/api/health-check', [], () => ({ "status": "ok" }), apiResultHandler);
-
-    // group of the services below are meant to be executed from the outside
-    route(GET, '/api/setup/status', [], setupApiRoute.getStatus, apiResultHandler);
-    route(PST, '/api/setup/new-document', [auth.checkAppNotInitialized], setupApiRoute.setupNewDocument, apiResultHandler, false);
-    route(PST, '/api/setup/sync-from-server', [auth.checkAppNotInitialized], setupApiRoute.setupSyncFromServer, apiResultHandler, false);
-    route(GET, '/api/setup/sync-seed', [auth.checkCredentials], setupApiRoute.getSyncSeed, apiResultHandler);
-    route(PST, '/api/setup/sync-seed', [auth.checkAppNotInitialized], setupApiRoute.saveSyncSeed, apiResultHandler, false);
-
-    apiRoute(GET, '/api/autocomplete', autocompleteApiRoute.getAutocomplete);
-    apiRoute(GET, '/api/quick-search/:searchString', searchRoute.quickSearch);
-    apiRoute(GET, '/api/search-note/:noteId', searchRoute.searchFromNote);
-    apiRoute(PST, '/api/search-and-execute-note/:noteId', searchRoute.searchAndExecute);
-    apiRoute(PST, '/api/search-related', searchRoute.getRelatedNotes);
-    apiRoute(GET, '/api/search/:searchString', searchRoute.search);
-    apiRoute(GET, '/api/search-templates', searchRoute.searchTemplates);
-
-    apiRoute(PST, '/api/bulk-action/execute', bulkActionRoute.execute);
-    apiRoute(PST, '/api/bulk-action/affected-notes', bulkActionRoute.getAffectedNoteCount);
-
-    route(PST, '/api/login/sync', [], loginApiRoute.loginSync, apiResultHandler);
-    // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
-    apiRoute(PST, '/api/login/protected', loginApiRoute.loginToProtectedSession);
-    apiRoute(PST, '/api/login/protected/touch', loginApiRoute.touchProtectedSession);
-    apiRoute(PST, '/api/logout/protected', loginApiRoute.logoutFromProtectedSession);
-
-    route(PST, '/api/login/token', [loginRateLimiter], loginApiRoute.token, apiResultHandler);
-
-    apiRoute(GET, '/api/etapi-tokens', etapiTokensApiRoutes.getTokens);
-    apiRoute(PST, '/api/etapi-tokens', etapiTokensApiRoutes.createToken);
-    apiRoute(PATCH, '/api/etapi-tokens/:etapiTokenId', etapiTokensApiRoutes.patchToken);
-    apiRoute(DEL, '/api/etapi-tokens/:etapiTokenId', etapiTokensApiRoutes.deleteToken);
-
-    // in case of local electron, local calls are allowed unauthenticated, for server they need auth
-    const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
-
-    route(GET, '/api/clipper/handshake', clipperMiddleware, clipperRoute.handshake, apiResultHandler);
-    route(PST, '/api/clipper/clippings', clipperMiddleware, clipperRoute.addClipping, apiResultHandler);
-    route(PST, '/api/clipper/notes', clipperMiddleware, clipperRoute.createNote, apiResultHandler);
-    route(PST, '/api/clipper/open/:noteId', clipperMiddleware, clipperRoute.openNote, apiResultHandler);
-    route(GET, '/api/clipper/notes-by-url/:noteUrl', clipperMiddleware, clipperRoute.findNotesByUrl, apiResultHandler);
-
-    apiRoute(GET, '/api/special-notes/inbox/:date', specialNotesRoute.getInboxNote);
-    apiRoute(GET, '/api/special-notes/days/:date', specialNotesRoute.getDayNote);
-    apiRoute(GET, '/api/special-notes/weeks/:date', specialNotesRoute.getWeekNote);
-    apiRoute(GET, '/api/special-notes/months/:month', specialNotesRoute.getMonthNote);
-    apiRoute(GET, '/api/special-notes/years/:year', specialNotesRoute.getYearNote);
-    apiRoute(GET, '/api/special-notes/notes-for-month/:month', specialNotesRoute.getDayNotesForMonth);
-    apiRoute(PST, '/api/special-notes/sql-console', specialNotesRoute.createSqlConsole);
-    apiRoute(PST, '/api/special-notes/save-sql-console', specialNotesRoute.saveSqlConsole);
-    apiRoute(PST, '/api/special-notes/search-note', specialNotesRoute.createSearchNote);
-    apiRoute(PST, '/api/special-notes/save-search-note', specialNotesRoute.saveSearchNote);
-    apiRoute(PST, '/api/special-notes/launchers/:noteId/reset', specialNotesRoute.resetLauncher);
-    apiRoute(PST, '/api/special-notes/launchers/:parentNoteId/:launcherType', specialNotesRoute.createLauncher);
-    apiRoute(PUT, '/api/special-notes/api-script-launcher', specialNotesRoute.createOrUpdateScriptLauncherFromApi);
-
-    apiRoute(GET, '/api/sql/schema', sqlRoute.getSchema);
-    apiRoute(PST, '/api/sql/execute/:noteId', sqlRoute.execute);
-    route(PST, '/api/database/anonymize/:type', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.anonymize, apiResultHandler, false);
-    apiRoute(GET, '/api/database/anonymized-databases', databaseRoute.getExistingAnonymizedDatabases);
-
-    // backup requires execution outside of transaction
-    route(PST, '/api/database/backup-database', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.backupDatabase, apiResultHandler, false);
-    apiRoute(GET, '/api/database/backups', databaseRoute.getExistingBackups);
-
-    // VACUUM requires execution outside of transaction
-    route(PST, '/api/database/vacuum-database', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.vacuumDatabase, apiResultHandler, false);
-
-    route(PST, '/api/database/find-and-fix-consistency-issues', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.findAndFixConsistencyIssues, apiResultHandler, false);
-
-    apiRoute(GET, '/api/database/check-integrity', databaseRoute.checkIntegrity);
-
-    route(PST, '/api/script/exec', [auth.checkApiAuth, csrfMiddleware], scriptRoute.exec, apiResultHandler, false);
-
-    apiRoute(PST, '/api/script/run/:noteId', scriptRoute.run);
-    apiRoute(GET, '/api/script/startup', scriptRoute.getStartupBundles);
-    apiRoute(GET, '/api/script/widgets', scriptRoute.getWidgetBundles);
-    apiRoute(PST, '/api/script/bundle/:noteId', scriptRoute.getBundle);
-    apiRoute(GET, '/api/script/relation/:noteId/:relationName', scriptRoute.getRelationBundles);
-
-    // no CSRF since this is called from android app
-    route(PST, '/api/sender/login', [loginRateLimiter], loginApiRoute.token, apiResultHandler);
-    route(PST, '/api/sender/image', [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling], senderRoute.uploadImage, apiResultHandler);
-    route(PST, '/api/sender/note', [auth.checkEtapiToken], senderRoute.saveNote, apiResultHandler);
-
-    apiRoute(GET, '/api/keyboard-actions', keysRoute.getKeyboardActions);
-    apiRoute(GET, '/api/keyboard-shortcuts-for-notes', keysRoute.getShortcutsForNotes);
-
-    apiRoute(PST, '/api/relation-map', relationMapApiRoute.getRelationMap);
-    apiRoute(PST, '/api/notes/erase-deleted-notes-now', notesApiRoute.eraseDeletedNotesNow);
-    apiRoute(PST, '/api/notes/erase-unused-attachments-now', notesApiRoute.eraseUnusedAttachmentsNow);
-    apiRoute(GET, '/api/similar-notes/:noteId', similarNotesRoute.getSimilarNotes);
-    apiRoute(GET, '/api/backend-log', backendLogRoute.getBackendLog);
-    apiRoute(GET, '/api/stats/note-size/:noteId', statsRoute.getNoteSize);
-    apiRoute(GET, '/api/stats/subtree-size/:noteId', statsRoute.getSubtreeSize);
-    apiRoute(PST, '/api/delete-notes-preview', notesApiRoute.getDeleteNotesPreview);
-    route(GET, '/api/fonts', [auth.checkApiAuthOrElectron], fontsRoute.getFontCss);
-    apiRoute(GET, '/api/other/icon-usage', otherRoute.getIconUsage);
-    apiRoute(PST, '/api/other/render-markdown', otherRoute.renderMarkdown);
-    apiRoute(GET, '/api/recent-changes/:ancestorNoteId', recentChangesApiRoute.getRecentChanges);
-    apiRoute(GET, '/api/edited-notes/:date', revisionsApiRoute.getEditedNotesOnDate);
-
-    apiRoute(PST, '/api/note-map/:noteId/tree', noteMapRoute.getTreeMap);
-    apiRoute(PST, '/api/note-map/:noteId/link', noteMapRoute.getLinkMap);
-    apiRoute(GET, '/api/note-map/:noteId/backlink-count', noteMapRoute.getBacklinkCount);
-    apiRoute(GET, '/api/note-map/:noteId/backlinks', noteMapRoute.getBacklinks);
-
-    shareRoutes.register(router);
-
-    etapiAuthRoutes.register(router, [loginRateLimiter]);
-    etapiAppInfoRoutes.register(router);
-    etapiAttachmentRoutes.register(router);
-    etapiAttributeRoutes.register(router);
-    etapiBranchRoutes.register(router);
-    etapiNoteRoutes.register(router);
-    etapiSpecialNoteRoutes.register(router);
-    etapiSpecRoute.register(router);
-    etapiBackupRoute.register(router);
-
-    app.use('', router);
+  route(GET, "/", [auth.checkAuth, csrfMiddleware], indexRoute.index);
+  route(
+    GET,
+    "/login",
+    [auth.checkAppInitialized, auth.checkPasswordSet],
+    loginRoute.loginPage
+  );
+  route(
+    GET,
+    "/set-password",
+    [auth.checkAppInitialized, auth.checkPasswordNotSet],
+    loginRoute.setPasswordPage
+  );
+
+  const loginRateLimiter = rateLimit.rateLimit({
+    windowMs: 15 * 60 * 1000, // 15 minutes
+    max: 10, // limit each IP to 10 requests per windowMs
+    skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
+  });
+
+  route(PST, "/login", [loginRateLimiter], loginRoute.login);
+  route(PST, "/logout", [csrfMiddleware, auth.checkAuth], loginRoute.logout);
+  route(
+    PST,
+    "/set-password",
+    [auth.checkAppInitialized, auth.checkPasswordNotSet],
+    loginRoute.setPassword
+  );
+  route(GET, "/setup", [], setupRoute.setupPage);
+
+  apiRoute(GET, "/api/totp/generate", totp.generateSecret);
+
+  apiRoute(GET, "/api/tree", treeApiRoute.getTree);
+  apiRoute(PST, "/api/tree/load", treeApiRoute.load);
+
+  apiRoute(GET, "/api/notes/:noteId", notesApiRoute.getNote);
+  apiRoute(GET, "/api/notes/:noteId/blob", notesApiRoute.getNoteBlob);
+  apiRoute(GET, "/api/notes/:noteId/metadata", notesApiRoute.getNoteMetadata);
+  apiRoute(PUT, "/api/notes/:noteId/data", notesApiRoute.updateNoteData);
+  apiRoute(DEL, "/api/notes/:noteId", notesApiRoute.deleteNote);
+  apiRoute(PUT, "/api/notes/:noteId/undelete", notesApiRoute.undeleteNote);
+  apiRoute(PST, "/api/notes/:noteId/revision", notesApiRoute.forceSaveRevision);
+  apiRoute(PST, "/api/notes/:parentNoteId/children", notesApiRoute.createNote);
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/sort-children",
+    notesApiRoute.sortChildNotes
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/protect/:isProtected",
+    notesApiRoute.protectNote
+  );
+  apiRoute(PUT, "/api/notes/:noteId/type", notesApiRoute.setNoteTypeMime);
+  apiRoute(PUT, "/api/notes/:noteId/title", notesApiRoute.changeTitle);
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/duplicate/:parentNoteId",
+    notesApiRoute.duplicateSubtree
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/clone-to-branch/:parentBranchId",
+    cloningApiRoute.cloneNoteToBranch
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present",
+    cloningApiRoute.toggleNoteInParent
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/clone-to-note/:parentNoteId",
+    cloningApiRoute.cloneNoteToParentNote
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/clone-after/:afterBranchId",
+    cloningApiRoute.cloneNoteAfter
+  );
+  route(
+    PUT,
+    "/api/notes/:noteId/file",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    filesRoute.updateFile,
+    apiResultHandler
+  );
+  route(
+    GET,
+    "/api/notes/:noteId/open",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.openFile
+  );
+  route(
+    GET,
+    "/api/notes/:noteId/open-partial",
+    [auth.checkApiAuthOrElectron],
+    createPartialContentHandler(filesRoute.fileContentProvider, {
+      debug: (string, extra) => {
+        console.log(string, extra);
+      },
+    })
+  );
+  route(
+    GET,
+    "/api/notes/:noteId/download",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.downloadFile
+  );
+  // this "hacky" path is used for easier referencing of CSS resources
+  route(
+    GET,
+    "/api/notes/download/:noteId",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.downloadFile
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/save-to-tmp-dir",
+    filesRoute.saveNoteToTmpDir
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/upload-modified-file",
+    filesRoute.uploadModifiedFileToNote
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/convert-to-attachment",
+    notesApiRoute.convertNoteToAttachment
+  );
+
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/move-to/:parentBranchId",
+    branchesApiRoute.moveBranchToParent
+  );
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/move-before/:beforeBranchId",
+    branchesApiRoute.moveBranchBeforeNote
+  );
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/move-after/:afterBranchId",
+    branchesApiRoute.moveBranchAfterNote
+  );
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/expanded/:expanded",
+    branchesApiRoute.setExpanded
+  );
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/expanded-subtree/:expanded",
+    branchesApiRoute.setExpandedForSubtree
+  );
+  apiRoute(DEL, "/api/branches/:branchId", branchesApiRoute.deleteBranch);
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/set-prefix",
+    branchesApiRoute.setPrefix
+  );
+
+  apiRoute(
+    GET,
+    "/api/notes/:noteId/attachments",
+    attachmentsApiRoute.getAttachments
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/attachments",
+    attachmentsApiRoute.saveAttachment
+  );
+  route(
+    PST,
+    "/api/notes/:noteId/attachments/upload",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    attachmentsApiRoute.uploadAttachment,
+    apiResultHandler
+  );
+  apiRoute(
+    GET,
+    "/api/attachments/:attachmentId",
+    attachmentsApiRoute.getAttachment
+  );
+  apiRoute(
+    GET,
+    "/api/attachments/:attachmentId/all",
+    attachmentsApiRoute.getAllAttachments
+  );
+  apiRoute(
+    PST,
+    "/api/attachments/:attachmentId/convert-to-note",
+    attachmentsApiRoute.convertAttachmentToNote
+  );
+  apiRoute(
+    DEL,
+    "/api/attachments/:attachmentId",
+    attachmentsApiRoute.deleteAttachment
+  );
+  apiRoute(
+    PUT,
+    "/api/attachments/:attachmentId/rename",
+    attachmentsApiRoute.renameAttachment
+  );
+  apiRoute(
+    GET,
+    "/api/attachments/:attachmentId/blob",
+    attachmentsApiRoute.getAttachmentBlob
+  );
+  route(
+    GET,
+    "/api/attachments/:attachmentId/image/:filename",
+    [auth.checkApiAuthOrElectron],
+    imageRoute.returnAttachedImage
+  );
+  route(
+    GET,
+    "/api/attachments/:attachmentId/open",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.openAttachment
+  );
+  route(
+    GET,
+    "/api/attachments/:attachmentId/open-partial",
+    [auth.checkApiAuthOrElectron],
+    createPartialContentHandler(filesRoute.attachmentContentProvider, {
+      debug: (string, extra) => {
+        console.log(string, extra);
+      },
+    })
+  );
+  route(
+    GET,
+    "/api/attachments/:attachmentId/download",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.downloadAttachment
+  );
+  // this "hacky" path is used for easier referencing of CSS resources
+  route(
+    GET,
+    "/api/attachments/download/:attachmentId",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.downloadAttachment
+  );
+  apiRoute(
+    PST,
+    "/api/attachments/:attachmentId/save-to-tmp-dir",
+    filesRoute.saveAttachmentToTmpDir
+  );
+  apiRoute(
+    PST,
+    "/api/attachments/:attachmentId/upload-modified-file",
+    filesRoute.uploadModifiedFileToAttachment
+  );
+  route(
+    PUT,
+    "/api/attachments/:attachmentId/file",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    filesRoute.updateAttachment,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/notes/:noteId/revisions", revisionsApiRoute.getRevisions);
+  apiRoute(
+    DEL,
+    "/api/notes/:noteId/revisions",
+    revisionsApiRoute.eraseAllRevisions
+  );
+  apiRoute(GET, "/api/revisions/:revisionId", revisionsApiRoute.getRevision);
+  apiRoute(
+    GET,
+    "/api/revisions/:revisionId/blob",
+    revisionsApiRoute.getRevisionBlob
+  );
+  apiRoute(DEL, "/api/revisions/:revisionId", revisionsApiRoute.eraseRevision);
+  apiRoute(
+    PST,
+    "/api/revisions/:revisionId/restore",
+    revisionsApiRoute.restoreRevision
+  );
+  route(
+    GET,
+    "/api/revisions/:revisionId/image/:filename",
+    [auth.checkApiAuthOrElectron],
+    imageRoute.returnImageFromRevision
+  );
+
+  route(
+    GET,
+    "/api/revisions/:revisionId/download",
+    [auth.checkApiAuthOrElectron],
+    revisionsApiRoute.downloadRevision
+  );
+
+  route(
+    GET,
+    "/api/branches/:branchId/export/:type/:format/:version/:taskId",
+    [auth.checkApiAuthOrElectron],
+    exportRoute.exportBranch
+  );
+  route(
+    PST,
+    "/api/notes/:parentNoteId/notes-import",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    importRoute.importNotesToBranch,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/notes/:parentNoteId/attachments-import",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    importRoute.importAttachmentsToNote,
+    apiResultHandler
+  );
+
+  apiRoute(
+    GET,
+    "/api/notes/:noteId/attributes",
+    attributesRoute.getEffectiveNoteAttributes
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/attributes",
+    attributesRoute.addNoteAttribute
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/attributes",
+    attributesRoute.updateNoteAttributes
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/attribute",
+    attributesRoute.updateNoteAttribute
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/set-attribute",
+    attributesRoute.setNoteAttribute
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/relations/:name/to/:targetNoteId",
+    attributesRoute.createRelation
+  );
+  apiRoute(
+    DEL,
+    "/api/notes/:noteId/relations/:name/to/:targetNoteId",
+    attributesRoute.deleteRelation
+  );
+  apiRoute(
+    DEL,
+    "/api/notes/:noteId/attributes/:attributeId",
+    attributesRoute.deleteNoteAttribute
+  );
+  apiRoute(GET, "/api/attribute-names", attributesRoute.getAttributeNames);
+  apiRoute(
+    GET,
+    "/api/attribute-values/:attributeName",
+    attributesRoute.getValuesForAttribute
+  );
+
+  // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
+  route(
+    GET,
+    "/api/images/:noteId/:filename",
+    [auth.checkApiAuthOrElectron],
+    imageRoute.returnImageFromNote
+  );
+  route(
+    PUT,
+    "/api/images/:noteId",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    imageRoute.updateImage,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/options", optionsApiRoute.getOptions);
+  // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
+  apiRoute(PUT, "/api/options/:name/:value*", optionsApiRoute.updateOption);
+  apiRoute(PUT, "/api/options", optionsApiRoute.updateOptions);
+  apiRoute(GET, "/api/options/user-themes", optionsApiRoute.getUserThemes);
+
+  apiRoute(PST, "/api/password/change", passwordApiRoute.changePassword);
+  apiRoute(PST, "/api/password/reset", passwordApiRoute.resetPassword);
+
+  apiRoute(PST, "/api/sync/test", syncApiRoute.testSync);
+  apiRoute(PST, "/api/sync/now", syncApiRoute.syncNow);
+  apiRoute(
+    PST,
+    "/api/sync/fill-entity-changes",
+    syncApiRoute.fillEntityChanges
+  );
+  apiRoute(PST, "/api/sync/force-full-sync", syncApiRoute.forceFullSync);
+  route(
+    GET,
+    "/api/sync/check",
+    [auth.checkApiAuth],
+    syncApiRoute.checkSync,
+    apiResultHandler
+  );
+  route(
+    GET,
+    "/api/sync/changed",
+    [auth.checkApiAuth],
+    syncApiRoute.getChanged,
+    apiResultHandler
+  );
+  route(
+    PUT,
+    "/api/sync/update",
+    [auth.checkApiAuth],
+    syncApiRoute.update,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sync/finished",
+    [auth.checkApiAuth],
+    syncApiRoute.syncFinished,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sync/check-entity-changes",
+    [auth.checkApiAuth],
+    syncApiRoute.checkEntityChanges,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sync/queue-sector/:entityName/:sector",
+    [auth.checkApiAuth],
+    syncApiRoute.queueSector,
+    apiResultHandler
+  );
+  route(GET, "/api/sync/stats", [], syncApiRoute.getStats, apiResultHandler);
+
+  apiRoute(PST, "/api/recent-notes", recentNotesRoute.addRecentNote);
+  apiRoute(GET, "/api/app-info", appInfoRoute.getAppInfo);
+
+  // docker health check
+  route(
+    GET,
+    "/api/health-check",
+    [],
+    () => ({ status: "ok" }),
+    apiResultHandler
+  );
+
+  // group of the services below are meant to be executed from the outside
+  route(
+    GET,
+    "/api/setup/status",
+    [],
+    setupApiRoute.getStatus,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/setup/new-document",
+    [auth.checkAppNotInitialized],
+    setupApiRoute.setupNewDocument,
+    apiResultHandler,
+    false
+  );
+  route(
+    PST,
+    "/api/setup/sync-from-server",
+    [auth.checkAppNotInitialized],
+    setupApiRoute.setupSyncFromServer,
+    apiResultHandler,
+    false
+  );
+  route(
+    GET,
+    "/api/setup/sync-seed",
+    [auth.checkCredentials],
+    setupApiRoute.getSyncSeed,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/setup/sync-seed",
+    [auth.checkAppNotInitialized],
+    setupApiRoute.saveSyncSeed,
+    apiResultHandler,
+    false
+  );
+
+  apiRoute(GET, "/api/autocomplete", autocompleteApiRoute.getAutocomplete);
+  apiRoute(GET, "/api/quick-search/:searchString", searchRoute.quickSearch);
+  apiRoute(GET, "/api/search-note/:noteId", searchRoute.searchFromNote);
+  apiRoute(
+    PST,
+    "/api/search-and-execute-note/:noteId",
+    searchRoute.searchAndExecute
+  );
+  apiRoute(PST, "/api/search-related", searchRoute.getRelatedNotes);
+  apiRoute(GET, "/api/search/:searchString", searchRoute.search);
+  apiRoute(GET, "/api/search-templates", searchRoute.searchTemplates);
+
+  apiRoute(PST, "/api/bulk-action/execute", bulkActionRoute.execute);
+  apiRoute(
+    PST,
+    "/api/bulk-action/affected-notes",
+    bulkActionRoute.getAffectedNoteCount
+  );
+
+  route(PST, "/api/login/sync", [], loginApiRoute.loginSync, apiResultHandler);
+  // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
+  apiRoute(PST, "/api/login/protected", loginApiRoute.loginToProtectedSession);
+  apiRoute(
+    PST,
+    "/api/login/protected/touch",
+    loginApiRoute.touchProtectedSession
+  );
+  apiRoute(
+    PST,
+    "/api/logout/protected",
+    loginApiRoute.logoutFromProtectedSession
+  );
+
+  route(
+    PST,
+    "/api/login/token",
+    [loginRateLimiter],
+    loginApiRoute.token,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/etapi-tokens", etapiTokensApiRoutes.getTokens);
+  apiRoute(PST, "/api/etapi-tokens", etapiTokensApiRoutes.createToken);
+  apiRoute(
+    PATCH,
+    "/api/etapi-tokens/:etapiTokenId",
+    etapiTokensApiRoutes.patchToken
+  );
+  apiRoute(
+    DEL,
+    "/api/etapi-tokens/:etapiTokenId",
+    etapiTokensApiRoutes.deleteToken
+  );
+
+  // in case of local electron, local calls are allowed unauthenticated, for server they need auth
+  const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
+
+  route(
+    GET,
+    "/api/clipper/handshake",
+    clipperMiddleware,
+    clipperRoute.handshake,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/clipper/clippings",
+    clipperMiddleware,
+    clipperRoute.addClipping,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/clipper/notes",
+    clipperMiddleware,
+    clipperRoute.createNote,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/clipper/open/:noteId",
+    clipperMiddleware,
+    clipperRoute.openNote,
+    apiResultHandler
+  );
+  route(
+    GET,
+    "/api/clipper/notes-by-url/:noteUrl",
+    clipperMiddleware,
+    clipperRoute.findNotesByUrl,
+    apiResultHandler
+  );
+
+  apiRoute(
+    GET,
+    "/api/special-notes/inbox/:date",
+    specialNotesRoute.getInboxNote
+  );
+  apiRoute(GET, "/api/special-notes/days/:date", specialNotesRoute.getDayNote);
+  apiRoute(
+    GET,
+    "/api/special-notes/weeks/:date",
+    specialNotesRoute.getWeekNote
+  );
+  apiRoute(
+    GET,
+    "/api/special-notes/months/:month",
+    specialNotesRoute.getMonthNote
+  );
+  apiRoute(
+    GET,
+    "/api/special-notes/years/:year",
+    specialNotesRoute.getYearNote
+  );
+  apiRoute(
+    GET,
+    "/api/special-notes/notes-for-month/:month",
+    specialNotesRoute.getDayNotesForMonth
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/sql-console",
+    specialNotesRoute.createSqlConsole
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/save-sql-console",
+    specialNotesRoute.saveSqlConsole
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/search-note",
+    specialNotesRoute.createSearchNote
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/save-search-note",
+    specialNotesRoute.saveSearchNote
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/launchers/:noteId/reset",
+    specialNotesRoute.resetLauncher
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/launchers/:parentNoteId/:launcherType",
+    specialNotesRoute.createLauncher
+  );
+  apiRoute(
+    PUT,
+    "/api/special-notes/api-script-launcher",
+    specialNotesRoute.createOrUpdateScriptLauncherFromApi
+  );
+
+  apiRoute(GET, "/api/sql/schema", sqlRoute.getSchema);
+  apiRoute(PST, "/api/sql/execute/:noteId", sqlRoute.execute);
+  route(
+    PST,
+    "/api/database/anonymize/:type",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.anonymize,
+    apiResultHandler,
+    false
+  );
+  apiRoute(
+    GET,
+    "/api/database/anonymized-databases",
+    databaseRoute.getExistingAnonymizedDatabases
+  );
+
+  // backup requires execution outside of transaction
+  route(
+    PST,
+    "/api/database/backup-database",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.backupDatabase,
+    apiResultHandler,
+    false
+  );
+  apiRoute(GET, "/api/database/backups", databaseRoute.getExistingBackups);
+
+  // VACUUM requires execution outside of transaction
+  route(
+    PST,
+    "/api/database/vacuum-database",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.vacuumDatabase,
+    apiResultHandler,
+    false
+  );
+
+  route(
+    PST,
+    "/api/database/find-and-fix-consistency-issues",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.findAndFixConsistencyIssues,
+    apiResultHandler,
+    false
+  );
+
+  apiRoute(GET, "/api/database/check-integrity", databaseRoute.checkIntegrity);
+
+  route(
+    PST,
+    "/api/script/exec",
+    [auth.checkApiAuth, csrfMiddleware],
+    scriptRoute.exec,
+    apiResultHandler,
+    false
+  );
+
+  apiRoute(PST, "/api/script/run/:noteId", scriptRoute.run);
+  apiRoute(GET, "/api/script/startup", scriptRoute.getStartupBundles);
+  apiRoute(GET, "/api/script/widgets", scriptRoute.getWidgetBundles);
+  apiRoute(PST, "/api/script/bundle/:noteId", scriptRoute.getBundle);
+  apiRoute(
+    GET,
+    "/api/script/relation/:noteId/:relationName",
+    scriptRoute.getRelationBundles
+  );
+
+  // no CSRF since this is called from android app
+  route(
+    PST,
+    "/api/sender/login",
+    [loginRateLimiter],
+    loginApiRoute.token,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sender/image",
+    [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
+    senderRoute.uploadImage,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sender/note",
+    [auth.checkEtapiToken],
+    senderRoute.saveNote,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/keyboard-actions", keysRoute.getKeyboardActions);
+  apiRoute(
+    GET,
+    "/api/keyboard-shortcuts-for-notes",
+    keysRoute.getShortcutsForNotes
+  );
+
+  apiRoute(PST, "/api/relation-map", relationMapApiRoute.getRelationMap);
+  apiRoute(
+    PST,
+    "/api/notes/erase-deleted-notes-now",
+    notesApiRoute.eraseDeletedNotesNow
+  );
+  apiRoute(
+    PST,
+    "/api/notes/erase-unused-attachments-now",
+    notesApiRoute.eraseUnusedAttachmentsNow
+  );
+  apiRoute(
+    GET,
+    "/api/similar-notes/:noteId",
+    similarNotesRoute.getSimilarNotes
+  );
+  apiRoute(GET, "/api/backend-log", backendLogRoute.getBackendLog);
+  apiRoute(GET, "/api/stats/note-size/:noteId", statsRoute.getNoteSize);
+  apiRoute(GET, "/api/stats/subtree-size/:noteId", statsRoute.getSubtreeSize);
+  apiRoute(
+    PST,
+    "/api/delete-notes-preview",
+    notesApiRoute.getDeleteNotesPreview
+  );
+  route(
+    GET,
+    "/api/fonts",
+    [auth.checkApiAuthOrElectron],
+    fontsRoute.getFontCss
+  );
+  apiRoute(GET, "/api/other/icon-usage", otherRoute.getIconUsage);
+  apiRoute(PST, "/api/other/render-markdown", otherRoute.renderMarkdown);
+  apiRoute(
+    GET,
+    "/api/recent-changes/:ancestorNoteId",
+    recentChangesApiRoute.getRecentChanges
+  );
+  apiRoute(
+    GET,
+    "/api/edited-notes/:date",
+    revisionsApiRoute.getEditedNotesOnDate
+  );
+
+  apiRoute(PST, "/api/note-map/:noteId/tree", noteMapRoute.getTreeMap);
+  apiRoute(PST, "/api/note-map/:noteId/link", noteMapRoute.getLinkMap);
+  apiRoute(
+    GET,
+    "/api/note-map/:noteId/backlink-count",
+    noteMapRoute.getBacklinkCount
+  );
+  apiRoute(GET, "/api/note-map/:noteId/backlinks", noteMapRoute.getBacklinks);
+
+  shareRoutes.register(router);
+
+  etapiAuthRoutes.register(router, [loginRateLimiter]);
+  etapiAppInfoRoutes.register(router);
+  etapiAttachmentRoutes.register(router);
+  etapiAttributeRoutes.register(router);
+  etapiBranchRoutes.register(router);
+  etapiNoteRoutes.register(router);
+  etapiSpecialNoteRoutes.register(router);
+  etapiSpecRoute.register(router);
+  etapiBackupRoute.register(router);
+
+  app.use("", router);
 }
 
 /** Handling common patterns. If entity is not caught, serialization to JSON will fail */
 function convertEntitiesToPojo(result: unknown) {
-    if (result instanceof AbstractBeccaEntity) {
-        result = result.getPojo();
+  if (result instanceof AbstractBeccaEntity) {
+    result = result.getPojo();
+  } else if (Array.isArray(result)) {
+    for (const idx in result) {
+      if (result[idx] instanceof AbstractBeccaEntity) {
+        result[idx] = result[idx].getPojo();
+      }
     }
-    else if (Array.isArray(result)) {
-        for (const idx in result) {
-            if (result[idx] instanceof AbstractBeccaEntity) {
-                result[idx] = result[idx].getPojo();
-            }
-        }
+  } else if (result && typeof result === "object") {
+    if ("note" in result && result.note instanceof AbstractBeccaEntity) {
+      result.note = result.note.getPojo();
     }
-    else if (result && typeof result === "object") {
-        if ("note" in result && result.note instanceof AbstractBeccaEntity) {
-            result.note = result.note.getPojo();
-        }
 
-        if ("branch" in result && result.branch instanceof AbstractBeccaEntity) {
-            result.branch = result.branch.getPojo();
-        }
+    if ("branch" in result && result.branch instanceof AbstractBeccaEntity) {
+      result.branch = result.branch.getPojo();
     }
+  }
 
-    if (result && typeof result === "object" && "executionResult" in result) { // from runOnBackend()
-        result.executionResult = convertEntitiesToPojo(result.executionResult);
-    }
+  if (result && typeof result === "object" && "executionResult" in result) {
+    // from runOnBackend()
+    result.executionResult = convertEntitiesToPojo(result.executionResult);
+  }
 
-    return result;
+  return result;
 }
 
-function apiResultHandler(req: express.Request, res: express.Response, result: unknown) {
-    res.setHeader('trilium-max-entity-change-id', entityChangesService.getMaxEntityChangeId());
-
-    result = convertEntitiesToPojo(result);
-
-    // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
-    if (Array.isArray(result) && result.length > 0 && Number.isInteger(result[0])) {
-        const [statusCode, response] = result;
-
-        if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
-            log.info(`${req.method} ${req.originalUrl} returned ${statusCode} with response ${JSON.stringify(response)}`);
-        }
-
-        return send(res, statusCode, response);
-    }
-    else if (result === undefined) {
-        return send(res, 204, "");
-    }
-    else {
-        return send(res, 200, result);
+function apiResultHandler(
+  req: express.Request,
+  res: express.Response,
+  result: unknown
+) {
+  res.setHeader(
+    "trilium-max-entity-change-id",
+    entityChangesService.getMaxEntityChangeId()
+  );
+
+  result = convertEntitiesToPojo(result);
+
+  // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
+  if (
+    Array.isArray(result) &&
+    result.length > 0 &&
+    Number.isInteger(result[0])
+  ) {
+    const [statusCode, response] = result;
+
+    if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
+      log.info(
+        `${req.method} ${
+          req.originalUrl
+        } returned ${statusCode} with response ${JSON.stringify(response)}`
+      );
     }
+
+    return send(res, statusCode, response);
+  } else if (result === undefined) {
+    return send(res, 204, "");
+  } else {
+    return send(res, 200, result);
+  }
 }
 
 function send(res: express.Response, statusCode: number, response: unknown) {
-    if (typeof response === 'string') {
-        if (statusCode >= 400) {
-            res.setHeader("Content-Type", "text/plain");
-        }
+  if (typeof response === "string") {
+    if (statusCode >= 400) {
+      res.setHeader("Content-Type", "text/plain");
+    }
 
-        res.status(statusCode).send(response);
+    res.status(statusCode).send(response);
 
-        return response.length;
-    }
-    else {
-        const json = JSON.stringify(response);
+    return response.length;
+  } else {
+    const json = JSON.stringify(response);
 
-        res.setHeader("Content-Type", "application/json");
-        res.status(statusCode).send(json);
+    res.setHeader("Content-Type", "application/json");
+    res.status(statusCode).send(json);
 
-        return json.length;
-    }
+    return json.length;
+  }
 }
 
-function apiRoute(method: HttpMethod, path: string, routeHandler: express.Handler) {
-    route(method, path, [auth.checkApiAuth, csrfMiddleware], routeHandler, apiResultHandler);
+function apiRoute(
+  method: HttpMethod,
+  path: string,
+  routeHandler: express.Handler
+) {
+  route(
+    method,
+    path,
+    [auth.checkApiAuth, csrfMiddleware],
+    routeHandler,
+    apiResultHandler
+  );
 }
 
-function route(method: HttpMethod, path: string, middleware: (express.Handler | AppRequestHandler)[], routeHandler: AppRequestHandler, resultHandler: ApiResultHandler | null = null, transactional = true) {
-    router[method](path, ...(middleware as express.Handler[]), (req: express.Request, res: express.Response, next: express.NextFunction) => {
-        const start = Date.now();
-
-        try {
-            cls.namespace.bindEmitter(req);
-            cls.namespace.bindEmitter(res);
-
-            const result = cls.init(() => {
-                cls.set('componentId', req.headers['trilium-component-id']);
-                cls.set('localNowDateTime', req.headers['trilium-local-now-datetime']);
-                cls.set('hoistedNoteId', req.headers['trilium-hoisted-note-id'] || 'root');
-
-                const cb = () => routeHandler(req as AppRequest, res, next);
-
-                return transactional ? sql.transactional(cb) : cb();
-            });
-
-            if (!resultHandler) {
-                return;
-            }
-
-            if (result?.then) { // promise
-                result
-                    .then((promiseResult: unknown) => handleResponse(resultHandler, req, res, promiseResult, start))
-                    .catch((e: any) => handleException(e, method, path, res));
-            } else {
-                handleResponse(resultHandler, req, res, result, start)
-            }
+function route(
+  method: HttpMethod,
+  path: string,
+  middleware: (express.Handler | AppRequestHandler)[],
+  routeHandler: AppRequestHandler,
+  resultHandler: ApiResultHandler | null = null,
+  transactional = true
+) {
+  router[method](
+    path,
+    ...(middleware as express.Handler[]),
+    (
+      req: express.Request,
+      res: express.Response,
+      next: express.NextFunction
+    ) => {
+      const start = Date.now();
+
+      try {
+        cls.namespace.bindEmitter(req);
+        cls.namespace.bindEmitter(res);
+
+        const result = cls.init(() => {
+          cls.set("componentId", req.headers["trilium-component-id"]);
+          cls.set(
+            "localNowDateTime",
+            req.headers["trilium-local-now-datetime"]
+          );
+          cls.set(
+            "hoistedNoteId",
+            req.headers["trilium-hoisted-note-id"] || "root"
+          );
+
+          const cb = () => routeHandler(req as AppRequest, res, next);
+
+          return transactional ? sql.transactional(cb) : cb();
+        });
+
+        if (!resultHandler) {
+          return;
         }
-        catch (e) {
-            handleException(e, method, path, res);
+
+        if (result?.then) {
+          // promise
+          result
+            .then((promiseResult: unknown) =>
+              handleResponse(resultHandler, req, res, promiseResult, start)
+            )
+            .catch((e: any) => handleException(e, method, path, res));
+        } else {
+          handleResponse(resultHandler, req, res, result, start);
         }
-    });
+      } catch (e) {
+        handleException(e, method, path, res);
+      }
+    }
+  );
 }
 
-function handleResponse(resultHandler: ApiResultHandler, req: express.Request, res: express.Response, result: unknown, start: number) {
-    const responseLength = resultHandler(req, res, result);
+function handleResponse(
+  resultHandler: ApiResultHandler,
+  req: express.Request,
+  res: express.Response,
+  result: unknown,
+  start: number
+) {
+  const responseLength = resultHandler(req, res, result);
 
-    log.request(req, res, Date.now() - start, responseLength);
+  log.request(req, res, Date.now() - start, responseLength);
 }
 
-function handleException(e: any, method: HttpMethod, path: string, res: express.Response) {
-    log.error(`${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`);
-
-    if (e instanceof ValidationError) {
-        res.status(400)
-            .json({
-                message: e.message
-            });
-    } else if (e instanceof NotFoundError) {
-        res.status(404)
-            .json({
-                message: e.message
-            });
-    } else {
-        res.status(500)
-            .json({
-                message: e.message
-            });
-    }
+function handleException(
+  e: any,
+  method: HttpMethod,
+  path: string,
+  res: express.Response
+) {
+  log.error(
+    `${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`
+  );
+
+  if (e instanceof ValidationError) {
+    res.status(400).json({
+      message: e.message,
+    });
+  } else if (e instanceof NotFoundError) {
+    res.status(404).json({
+      message: e.message,
+    });
+  } else {
+    res.status(500).json({
+      message: e.message,
+    });
+  }
 }
 
 function createUploadMiddleware() {
-    const multerOptions: multer.Options = {
-        fileFilter: (req: express.Request, file, cb) => {
-            // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
-            // See https://github.com/expressjs/multer/pull/1102.
-            file.originalname = Buffer.from(file.originalname, "latin1").toString("utf-8");
-            cb(null, true);
-        }
+  const multerOptions: multer.Options = {
+    fileFilter: (req: express.Request, file, cb) => {
+      // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
+      // See https://github.com/expressjs/multer/pull/1102.
+      file.originalname = Buffer.from(file.originalname, "latin1").toString(
+        "utf-8"
+      );
+      cb(null, true);
+    },
+  };
+
+  if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
+    multerOptions.limits = {
+      fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024,
     };
+  }
 
-    if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
-        multerOptions.limits = {
-            fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024
-        };
-    }
-
-    return multer(multerOptions).single('upload');
+  return multer(multerOptions).single("upload");
 }
 
 export = {
-    register
+  register,
 };
diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index c80632bc06..53bae81b5c 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -1,28 +1,45 @@
 "use strict";
 
-import optionService = require('../options');
-import crypto = require('crypto');
+import optionService = require("../options");
+import crypto = require("crypto");
 
 function getVerificationHash(password: crypto.BinaryLike) {
-    const salt = optionService.getOption('passwordVerificationSalt');
+  const salt = optionService.getOption("passwordVerificationSalt");
 
-    return getScryptHash(password, salt);
+  return getScryptHash(password, salt);
 }
 
 function getPasswordDerivedKey(password: crypto.BinaryLike) {
-    const salt = optionService.getOption('passwordDerivedKeySalt');
+  const salt = optionService.getOption("passwordDerivedKeySalt");
 
-    return getScryptHash(password, salt);
+  return getScryptHash(password, salt);
 }
 
 function getScryptHash(password: crypto.BinaryLike, salt: crypto.BinaryLike) {
-    const hashed = crypto.scryptSync(password, salt, 32,
-        {N: 16384, r:8, p:1});
+  const hashed = crypto.scryptSync(password, salt, 32, {
+    N: 16384,
+    r: 8,
+    p: 1,
+  });
 
-    return hashed;
+  return hashed;
+}
+
+function getTotpSecretVerificationHash(secret: crypto.BinaryLike) {
+  const salt = optionService.getOption("totpSecretVerificationSalt");
+
+  return getScryptHash(secret, salt);
+}
+
+function getTotpSecretDerivedKey(secret: crypto.BinaryLike) {
+  const salt = optionService.getOption("totpSecretDerivedKeySalt");
+
+  return getScryptHash(secret, salt);
 }
 
 export = {
-    getVerificationHash,
-    getPasswordDerivedKey
+  getVerificationHash,
+  getPasswordDerivedKey,
+  getTotpSecretVerificationHash,
+  getTotpSecretDerivedKey,
 };
diff --git a/src/services/encryption/password_encryption.ts b/src/services/encryption/password_encryption.ts
index 36420d03d2..075f10f2de 100644
--- a/src/services/encryption/password_encryption.ts
+++ b/src/services/encryption/password_encryption.ts
@@ -1,40 +1,50 @@
-import optionService = require('../options');
-import myScryptService = require('./my_scrypt');
-import utils = require('../utils');
-import dataEncryptionService = require('./data_encryption');
+import optionService = require("../options");
+import myScryptService = require("./my_scrypt");
+import utils = require("../utils");
+import dataEncryptionService = require("./data_encryption");
 
 function verifyPassword(password: string) {
-    const givenPasswordHash = utils.toBase64(myScryptService.getVerificationHash(password));
+  const givenPasswordHash = utils.toBase64(
+    myScryptService.getVerificationHash(password)
+  );
 
-    const dbPasswordHash = optionService.getOptionOrNull('passwordVerificationHash');
+  const dbPasswordHash = optionService.getOptionOrNull(
+    "passwordVerificationHash"
+  );
 
-    if (!dbPasswordHash) {
-        return false;
-    }
+  if (!dbPasswordHash) {
+    return false;
+  }
 
-    return givenPasswordHash === dbPasswordHash;
+  return givenPasswordHash === dbPasswordHash;
 }
 
 function setDataKey(password: string, plainTextDataKey: string | Buffer) {
-    const passwordDerivedKey = myScryptService.getPasswordDerivedKey(password);
+  const passwordDerivedKey = myScryptService.getPasswordDerivedKey(password);
 
-    const newEncryptedDataKey = dataEncryptionService.encrypt(passwordDerivedKey, plainTextDataKey);
+  const newEncryptedDataKey = dataEncryptionService.encrypt(
+    passwordDerivedKey,
+    plainTextDataKey
+  );
 
-    optionService.setOption('encryptedDataKey', newEncryptedDataKey);
+  optionService.setOption("encryptedDataKey", newEncryptedDataKey);
 }
 
 function getDataKey(password: string) {
-    const passwordDerivedKey = myScryptService.getPasswordDerivedKey(password);
+  const passwordDerivedKey = myScryptService.getPasswordDerivedKey(password);
 
-    const encryptedDataKey = optionService.getOption('encryptedDataKey');
+  const encryptedDataKey = optionService.getOption("encryptedDataKey");
 
-    const decryptedDataKey = dataEncryptionService.decrypt(passwordDerivedKey, encryptedDataKey);
+  const decryptedDataKey = dataEncryptionService.decrypt(
+    passwordDerivedKey,
+    encryptedDataKey
+  );
 
-    return decryptedDataKey;
+  return decryptedDataKey;
 }
 
 export = {
-    verifyPassword,
-    getDataKey,
-    setDataKey
+  verifyPassword,
+  getDataKey,
+  setDataKey,
 };
diff --git a/src/services/encryption/totp_secret.ts b/src/services/encryption/totp_secret.ts
new file mode 100644
index 0000000000..9e2d553786
--- /dev/null
+++ b/src/services/encryption/totp_secret.ts
@@ -0,0 +1,110 @@
+"use strict";
+
+import sql = require("../sql");
+import optionService = require("../options");
+import myScryptService = require("./my_scrypt");
+import utils = require("../utils");
+import totpEncryptionService = require("./totp_secret_encryption");
+
+function isTotpSecretSet() {
+  return !!sql.getValue(
+    "SELECT value FROM options WHERE name = 'passwordVerificationHash'"
+  );
+}
+
+function changePassword(currentSecret: string, newSecret: string) {
+  if (!isTotpSecretSet()) {
+    throw new Error(
+      "TOTP Secret has not been set yet, so it cannot be changed. Use 'setTotpSecret' instead."
+    );
+  }
+
+  sql.transactional(() => {
+    const decryptedDataKey = totpEncryptionService.getDataKey(currentSecret);
+
+    optionService.setOption(
+      "totpSecretVerificationSalt",
+      utils.randomSecureToken(32)
+    );
+    optionService.setOption(
+      "totpSecretDerivedKeySalt",
+      utils.randomSecureToken(32)
+    );
+
+    const newTotpSecretVerificationKey = utils.toBase64(
+      myScryptService.getTotpSecretVerificationHash(newSecret)
+    );
+
+    if (decryptedDataKey) {
+      // TODO: what should happen if the decrypted data key is null?
+      totpEncryptionService.setDataKey(newSecret, decryptedDataKey);
+    }
+
+    optionService.setOption(
+      "totpSecretVerificationHash",
+      newTotpSecretVerificationKey
+    );
+  });
+
+  return {
+    success: true,
+  };
+}
+
+function setTotpSecret(secret: string) {
+  if (isTotpSecretSet()) {
+    throw new Error(
+      "TOTP Secret is set already. Either change it or perform 'reset TOTP' first."
+    );
+  }
+
+  optionService.createOption(
+    "totpSecretVerificationSalt",
+    utils.randomSecureToken(32),
+    true
+  );
+  optionService.createOption(
+    "totpSecretDerivedKeySalt",
+    utils.randomSecureToken(32),
+    true
+  );
+
+  const totpSecretVerificationKey = utils.toBase64(
+    myScryptService.getTotpSecretVerificationHash(secret)
+  );
+  optionService.createOption(
+    "totpSecretVerificationHash",
+    totpSecretVerificationKey,
+    true
+  );
+
+  // totpEncryptionService expects these options to already exist
+  optionService.createOption("encryptedTotpSecretDataKey", "", true);
+
+  totpEncryptionService.setDataKey(secret, utils.randomSecureToken(16));
+
+  return {
+    success: true,
+  };
+}
+
+function resetPassword() {
+  // user forgot the password,
+  sql.transactional(() => {
+    optionService.setOption("passwordVerificationSalt", "");
+    optionService.setOption("passwordDerivedKeySalt", "");
+    optionService.setOption("encryptedDataKey", "");
+    optionService.setOption("passwordVerificationHash", "");
+  });
+
+  return {
+    success: true,
+  };
+}
+
+export = {
+  isTotpSecretSet,
+  changePassword,
+  setTotpSecret,
+  resetPassword,
+};
diff --git a/src/services/encryption/totp_secret_encryption.ts b/src/services/encryption/totp_secret_encryption.ts
new file mode 100644
index 0000000000..4ff93f060c
--- /dev/null
+++ b/src/services/encryption/totp_secret_encryption.ts
@@ -0,0 +1,52 @@
+import optionService = require("../options");
+import myScryptService = require("./my_scrypt");
+import utils = require("../utils");
+import dataEncryptionService = require("./data_encryption");
+
+// function verifyPassword(password: string) {
+//   const givenPasswordHash = utils.toBase64(
+//     myScryptService.getVerificationHash(password)
+//   );
+
+//   const dbPasswordHash = optionService.getOptionOrNull(
+//     "passwordVerificationHash"
+//   );
+
+//   if (!dbPasswordHash) {
+//     return false;
+//   }
+
+//   return givenPasswordHash === dbPasswordHash;
+// }
+
+function setDataKey(secret: string, plainTextDataKey: string | Buffer) {
+  const totpSecretDerivedKey = myScryptService.getTotpSecretDerivedKey(secret);
+
+  const newEncryptedDataKey = dataEncryptionService.encrypt(
+    totpSecretDerivedKey,
+    plainTextDataKey
+  );
+
+  optionService.setOption("encryptedTotpSecretDataKey", newEncryptedDataKey);
+}
+
+function getDataKey(secret: string) {
+  const totpSecretDerivedKey = myScryptService.getTotpSecretDerivedKey(secret);
+
+  const encryptedDataKey = optionService.getOption(
+    "encryptedTotpSecretDataKey"
+  );
+
+  const decryptedDataKey = dataEncryptionService.decrypt(
+    totpSecretDerivedKey,
+    encryptedDataKey
+  );
+
+  return decryptedDataKey;
+}
+
+export = {
+  //   verifyPassword,
+  getDataKey,
+  setDataKey,
+};
diff --git a/src/services/hidden_subtree.ts b/src/services/hidden_subtree.ts
index 5478aed1cf..4fc679ea3a 100644
--- a/src/services/hidden_subtree.ts
+++ b/src/services/hidden_subtree.ts
@@ -1,10 +1,10 @@
 import BAttribute = require("../becca/entities/battribute");
 import { AttributeType, NoteType } from "../becca/entities/rows";
 
-import becca = require('../becca/becca');
-import noteService = require('./notes');
-import log = require('./log');
-import migrationService = require('./migration');
+import becca = require("../becca/becca");
+import noteService = require("./notes");
+import log = require("./log");
+import migrationService = require("./migration");
 
 const LBTPL_ROOT = "_lbTplRoot";
 const LBTPL_BASE = "_lbTplBase";
@@ -16,26 +16,38 @@ const LBTPL_SPACER = "_lbTplSpacer";
 const LBTPL_CUSTOM_WIDGET = "_lbTplCustomWidget";
 
 interface Attribute {
-    type: AttributeType;
-    name: string;
-    isInheritable?: boolean;
-    value?: string
+  type: AttributeType;
+  name: string;
+  isInheritable?: boolean;
+  value?: string;
 }
 
 interface Item {
-    notePosition?: number;
-    id: string;
-    title: string;
-    type: NoteType;
-    icon?: string;
-    attributes?: Attribute[];
-    children?: Item[];
-    isExpanded?: boolean;
-    baseSize?: string;
-    growthFactor?: string;
-    targetNoteId?: "_backendLog" | "_globalNoteMap";
-    builtinWidget?: "bookmarks" | "spacer" | "backInHistoryButton" | "forwardInHistoryButton" | "syncStatus" | "protectedSession" | "todayInJournal" | "calendar";
-    command?: "jumpToNote" | "searchNotes" | "createNoteIntoInbox" | "showRecentChanges";
+  notePosition?: number;
+  id: string;
+  title: string;
+  type: NoteType;
+  icon?: string;
+  attributes?: Attribute[];
+  children?: Item[];
+  isExpanded?: boolean;
+  baseSize?: string;
+  growthFactor?: string;
+  targetNoteId?: "_backendLog" | "_globalNoteMap";
+  builtinWidget?:
+    | "bookmarks"
+    | "spacer"
+    | "backInHistoryButton"
+    | "forwardInHistoryButton"
+    | "syncStatus"
+    | "protectedSession"
+    | "todayInJournal"
+    | "calendar";
+  command?:
+    | "jumpToNote"
+    | "searchNotes"
+    | "createNoteIntoInbox"
+    | "showRecentChanges";
 }
 
 /*
@@ -45,331 +57,555 @@ interface Item {
  */
 
 const HIDDEN_SUBTREE_DEFINITION: Item = {
-    id: '_hidden',
-    title: 'Hidden Notes',
-    type: 'doc',
-    icon: 'bx bx-chip',
-    // we want to keep the hidden subtree always last, otherwise there will be problems with e.g., keyboard navigation
-    // over tree when it's in the middle
-    notePosition: 999_999_999,
-    attributes: [
-        { type: 'label', name: 'excludeFromNoteMap', isInheritable: true },
-        { type: 'label', name: 'docName', value: 'hidden' }
-    ],
-    children: [
+  id: "_hidden",
+  title: "Hidden Notes",
+  type: "doc",
+  icon: "bx bx-chip",
+  // we want to keep the hidden subtree always last, otherwise there will be problems with e.g., keyboard navigation
+  // over tree when it's in the middle
+  notePosition: 999_999_999,
+  attributes: [
+    { type: "label", name: "excludeFromNoteMap", isInheritable: true },
+    { type: "label", name: "docName", value: "hidden" },
+  ],
+  children: [
+    {
+      id: "_search",
+      title: "Search History",
+      type: "doc",
+    },
+    {
+      id: "_globalNoteMap",
+      title: "Note Map",
+      type: "noteMap",
+      attributes: [
+        { type: "label", name: "mapRootNoteId", value: "hoisted" },
+        { type: "label", name: "keepCurrentHoisting" },
+      ],
+    },
+    {
+      id: "_sqlConsole",
+      title: "SQL Console History",
+      type: "doc",
+      icon: "bx-data",
+    },
+    {
+      id: "_share",
+      title: "Shared Notes",
+      type: "doc",
+      attributes: [{ type: "label", name: "docName", value: "share" }],
+    },
+    {
+      id: "_bulkAction",
+      title: "Bulk Action",
+      type: "doc",
+    },
+    {
+      id: "_backendLog",
+      title: "Backend Log",
+      type: "contentWidget",
+      icon: "bx-terminal",
+      attributes: [{ type: "label", name: "keepCurrentHoisting" }],
+    },
+    {
+      // place for user scripts hidden stuff (scripts should not create notes directly under hidden root)
+      id: "_userHidden",
+      title: "User Hidden",
+      type: "doc",
+      attributes: [{ type: "label", name: "docName", value: "user_hidden" }],
+    },
+    {
+      id: LBTPL_ROOT,
+      title: "Launch Bar Templates",
+      type: "doc",
+      children: [
         {
-            id: '_search',
-            title: 'Search History',
-            type: 'doc'
+          id: LBTPL_BASE,
+          title: "Base Abstract Launcher",
+          type: "doc",
         },
         {
-            id: '_globalNoteMap',
-            title: 'Note Map',
-            type: 'noteMap',
-            attributes: [
-                { type: 'label', name: 'mapRootNoteId', value: 'hoisted' },
-                { type: 'label', name: 'keepCurrentHoisting' }
-            ]
+          id: LBTPL_COMMAND,
+          title: "Command Launcher",
+          type: "doc",
+          attributes: [
+            { type: "relation", name: "template", value: LBTPL_BASE },
+            { type: "label", name: "launcherType", value: "command" },
+            {
+              type: "label",
+              name: "docName",
+              value: "launchbar_command_launcher",
+            },
+          ],
         },
         {
-            id: '_sqlConsole',
-            title: 'SQL Console History',
-            type: 'doc',
-            icon: 'bx-data'
+          id: LBTPL_NOTE_LAUNCHER,
+          title: "Note Launcher",
+          type: "doc",
+          attributes: [
+            { type: "relation", name: "template", value: LBTPL_BASE },
+            { type: "label", name: "launcherType", value: "note" },
+            { type: "label", name: "relation:target", value: "promoted" },
+            { type: "label", name: "relation:hoistedNote", value: "promoted" },
+            {
+              type: "label",
+              name: "label:keyboardShortcut",
+              value: "promoted,text",
+            },
+            {
+              type: "label",
+              name: "docName",
+              value: "launchbar_note_launcher",
+            },
+          ],
         },
         {
-            id: '_share',
-            title: 'Shared Notes',
-            type: 'doc',
-            attributes: [ { type: 'label', name: 'docName', value: 'share' } ]
+          id: LBTPL_SCRIPT,
+          title: "Script Launcher",
+          type: "doc",
+          attributes: [
+            { type: "relation", name: "template", value: LBTPL_BASE },
+            { type: "label", name: "launcherType", value: "script" },
+            { type: "label", name: "relation:script", value: "promoted" },
+            {
+              type: "label",
+              name: "label:keyboardShortcut",
+              value: "promoted,text",
+            },
+            {
+              type: "label",
+              name: "docName",
+              value: "launchbar_script_launcher",
+            },
+          ],
         },
         {
-            id: '_bulkAction',
-            title: 'Bulk Action',
-            type: 'doc',
+          id: LBTPL_BUILTIN_WIDGET,
+          title: "Built-in Widget",
+          type: "doc",
+          attributes: [
+            { type: "relation", name: "template", value: LBTPL_BASE },
+            { type: "label", name: "launcherType", value: "builtinWidget" },
+          ],
         },
         {
-            id: '_backendLog',
-            title: 'Backend Log',
-            type: 'contentWidget',
-            icon: 'bx-terminal',
-            attributes: [
-                { type: 'label', name: 'keepCurrentHoisting' }
-            ]
+          id: LBTPL_SPACER,
+          title: "Spacer",
+          type: "doc",
+          icon: "bx-move-vertical",
+          attributes: [
+            { type: "relation", name: "template", value: LBTPL_BUILTIN_WIDGET },
+            { type: "label", name: "builtinWidget", value: "spacer" },
+            { type: "label", name: "label:baseSize", value: "promoted,number" },
+            {
+              type: "label",
+              name: "label:growthFactor",
+              value: "promoted,number",
+            },
+            { type: "label", name: "docName", value: "launchbar_spacer" },
+          ],
         },
         {
-            // place for user scripts hidden stuff (scripts should not create notes directly under hidden root)
-            id: '_userHidden',
-            title: 'User Hidden',
-            type: 'doc',
-            attributes: [ { type: 'label', name: 'docName', value: 'user_hidden' } ]
+          id: LBTPL_CUSTOM_WIDGET,
+          title: "Custom Widget",
+          type: "doc",
+          attributes: [
+            { type: "relation", name: "template", value: LBTPL_BASE },
+            { type: "label", name: "launcherType", value: "customWidget" },
+            { type: "label", name: "relation:widget", value: "promoted" },
+            {
+              type: "label",
+              name: "docName",
+              value: "launchbar_widget_launcher",
+            },
+          ],
         },
+      ],
+    },
+    {
+      id: "_lbRoot",
+      title: "Launch Bar",
+      type: "doc",
+      icon: "bx-sidebar",
+      isExpanded: true,
+      attributes: [
+        { type: "label", name: "docName", value: "launchbar_intro" },
+      ],
+      children: [
         {
-            id: LBTPL_ROOT,
-            title: 'Launch Bar Templates',
-            type: 'doc',
-            children: [
+          id: "_lbAvailableLaunchers",
+          title: "Available Launchers",
+          type: "doc",
+          icon: "bx-hide",
+          isExpanded: true,
+          attributes: [
+            { type: "label", name: "docName", value: "launchbar_intro" },
+          ],
+          children: [
+            {
+              id: "_lbBackInHistory",
+              title: "Go to Previous Note",
+              type: "launcher",
+              builtinWidget: "backInHistoryButton",
+              icon: "bx bxs-left-arrow-square",
+              attributes: [
                 {
-                    id: LBTPL_BASE,
-                    title: 'Base Abstract Launcher',
-                    type: 'doc'
+                  type: "label",
+                  name: "docName",
+                  value: "launchbar_history_navigation",
                 },
+              ],
+            },
+            {
+              id: "_lbForwardInHistory",
+              title: "Go to Next Note",
+              type: "launcher",
+              builtinWidget: "forwardInHistoryButton",
+              icon: "bx bxs-right-arrow-square",
+              attributes: [
                 {
-                    id: LBTPL_COMMAND,
-                    title: 'Command Launcher',
-                    type: 'doc',
-                    attributes: [
-                        { type: 'relation', name: 'template', value: LBTPL_BASE },
-                        { type: 'label', name: 'launcherType', value: 'command' },
-                        { type: 'label', name: 'docName', value: 'launchbar_command_launcher' }
-                    ]
+                  type: "label",
+                  name: "docName",
+                  value: "launchbar_history_navigation",
                 },
-                {
-                    id: LBTPL_NOTE_LAUNCHER,
-                    title: 'Note Launcher',
-                    type: 'doc',
-                    attributes: [
-                        { type: 'relation', name: 'template', value: LBTPL_BASE },
-                        { type: 'label', name: 'launcherType', value: 'note' },
-                        { type: 'label', name: 'relation:target', value: 'promoted' },
-                        { type: 'label', name: 'relation:hoistedNote', value: 'promoted' },
-                        { type: 'label', name: 'label:keyboardShortcut', value: 'promoted,text' },
-                        { type: 'label', name: 'docName', value: 'launchbar_note_launcher' }
-                    ]
-                },
-                {
-                    id: LBTPL_SCRIPT,
-                    title: 'Script Launcher',
-                    type: 'doc',
-                    attributes: [
-                        { type: 'relation', name: 'template', value: LBTPL_BASE },
-                        { type: 'label', name: 'launcherType', value: 'script' },
-                        { type: 'label', name: 'relation:script', value: 'promoted' },
-                        { type: 'label', name: 'label:keyboardShortcut', value: 'promoted,text' },
-                        { type: 'label', name: 'docName', value: 'launchbar_script_launcher' }
-                    ]
-                },
-                {
-                    id: LBTPL_BUILTIN_WIDGET,
-                    title: 'Built-in Widget',
-                    type: 'doc',
-                    attributes: [
-                        { type: 'relation', name: 'template', value: LBTPL_BASE },
-                        { type: 'label', name: 'launcherType', value: 'builtinWidget' }
-                    ]
-                },
-                {
-                    id: LBTPL_SPACER,
-                    title: 'Spacer',
-                    type: 'doc',
-                    icon: 'bx-move-vertical',
-                    attributes: [
-                        { type: 'relation', name: 'template', value: LBTPL_BUILTIN_WIDGET },
-                        { type: 'label', name: 'builtinWidget', value: 'spacer' },
-                        { type: 'label', name: 'label:baseSize', value: 'promoted,number' },
-                        { type: 'label', name: 'label:growthFactor', value: 'promoted,number' },
-                        { type: 'label', name: 'docName', value: 'launchbar_spacer' }
-                    ]
-                },
-                {
-                    id: LBTPL_CUSTOM_WIDGET,
-                    title: 'Custom Widget',
-                    type: 'doc',
-                    attributes: [
-                        { type: 'relation', name: 'template', value: LBTPL_BASE },
-                        { type: 'label', name: 'launcherType', value: 'customWidget' },
-                        { type: 'label', name: 'relation:widget', value: 'promoted' },
-                        { type: 'label', name: 'docName', value: 'launchbar_widget_launcher' }
-                    ]
-                },
-            ]
+              ],
+            },
+            {
+              id: "_lbBackendLog",
+              title: "Backend Log",
+              type: "launcher",
+              targetNoteId: "_backendLog",
+              icon: "bx bx-terminal",
+            },
+          ],
         },
         {
-            id: '_lbRoot',
-            title: 'Launch Bar',
-            type: 'doc',
-            icon: 'bx-sidebar',
-            isExpanded: true,
-            attributes: [ { type: 'label', name: 'docName', value: 'launchbar_intro' } ],
-            children: [
-                {
-                    id: '_lbAvailableLaunchers',
-                    title: 'Available Launchers',
-                    type: 'doc',
-                    icon: 'bx-hide',
-                    isExpanded: true,
-                    attributes: [ { type: 'label', name: 'docName', value: 'launchbar_intro' } ],
-                    children: [
-                        { id: '_lbBackInHistory', title: 'Go to Previous Note', type: 'launcher', builtinWidget: 'backInHistoryButton', icon: 'bx bxs-left-arrow-square',
-                            attributes: [ { type: 'label', name: 'docName', value: 'launchbar_history_navigation' } ]},
-                        { id: '_lbForwardInHistory', title: 'Go to Next Note', type: 'launcher', builtinWidget: 'forwardInHistoryButton', icon: 'bx bxs-right-arrow-square',
-                            attributes: [ { type: 'label', name: 'docName', value: 'launchbar_history_navigation' } ]},
-                        { id: '_lbBackendLog', title: 'Backend Log', type: 'launcher', targetNoteId: '_backendLog', icon: 'bx bx-terminal' },
-                    ]
-                },
-                {
-                    id: '_lbVisibleLaunchers',
-                    title: 'Visible Launchers',
-                    type: 'doc',
-                    icon: 'bx-show',
-                    isExpanded: true,
-                    attributes: [ { type: 'label', name: 'docName', value: 'launchbar_intro' } ],
-                    children: [
-                        { id: '_lbNewNote', title: 'New Note', type: 'launcher', command: 'createNoteIntoInbox', icon: 'bx bx-file-blank' },
-                        { id: '_lbSearch', title: 'Search Notes', type: 'launcher', command: 'searchNotes', icon: 'bx bx-search', attributes: [
-                                { type: 'label', name: 'desktopOnly' }
-                            ] },
-                        { id: '_lbJumpTo', title: 'Jump to Note', type: 'launcher', command: 'jumpToNote', icon: 'bx bx-send', attributes: [
-                                { type: 'label', name: 'desktopOnly' }
-                            ] },
-                        { id: '_lbNoteMap', title: 'Note Map', type: 'launcher', targetNoteId: '_globalNoteMap', icon: 'bx bx-map-alt' },
-                        { id: '_lbCalendar', title: 'Calendar', type: 'launcher', builtinWidget: 'calendar', icon: 'bx bx-calendar' },
-                        { id: '_lbRecentChanges', title: 'Recent Changes', type: 'launcher', command: 'showRecentChanges', icon: 'bx bx-history', attributes: [
-                                { type: 'label', name: 'desktopOnly' }
-                            ] },
-                        { id: '_lbSpacer1', title: 'Spacer', type: 'launcher', builtinWidget: 'spacer', baseSize: "50", growthFactor: "0" },
-                        { id: '_lbBookmarks', title: 'Bookmarks', type: 'launcher', builtinWidget: 'bookmarks', icon: 'bx bx-bookmark' },
-                        { id: '_lbToday', title: "Open Today's Journal Note", type: 'launcher', builtinWidget: 'todayInJournal', icon: 'bx bx-calendar-star' },
-                        { id: '_lbSpacer2', title: 'Spacer', type: 'launcher', builtinWidget: 'spacer', baseSize: "0", growthFactor: "1" },
-                        { id: '_lbProtectedSession', title: 'Protected Session', type: 'launcher', builtinWidget: 'protectedSession', icon: 'bx bx bx-shield-quarter' },
-                        { id: '_lbSyncStatus', title: 'Sync Status', type: 'launcher', builtinWidget: 'syncStatus', icon: 'bx bx-wifi' }
-                    ]
-                }
-            ]
+          id: "_lbVisibleLaunchers",
+          title: "Visible Launchers",
+          type: "doc",
+          icon: "bx-show",
+          isExpanded: true,
+          attributes: [
+            { type: "label", name: "docName", value: "launchbar_intro" },
+          ],
+          children: [
+            {
+              id: "_lbNewNote",
+              title: "New Note",
+              type: "launcher",
+              command: "createNoteIntoInbox",
+              icon: "bx bx-file-blank",
+            },
+            {
+              id: "_lbSearch",
+              title: "Search Notes",
+              type: "launcher",
+              command: "searchNotes",
+              icon: "bx bx-search",
+              attributes: [{ type: "label", name: "desktopOnly" }],
+            },
+            {
+              id: "_lbJumpTo",
+              title: "Jump to Note",
+              type: "launcher",
+              command: "jumpToNote",
+              icon: "bx bx-send",
+              attributes: [{ type: "label", name: "desktopOnly" }],
+            },
+            {
+              id: "_lbNoteMap",
+              title: "Note Map",
+              type: "launcher",
+              targetNoteId: "_globalNoteMap",
+              icon: "bx bx-map-alt",
+            },
+            {
+              id: "_lbCalendar",
+              title: "Calendar",
+              type: "launcher",
+              builtinWidget: "calendar",
+              icon: "bx bx-calendar",
+            },
+            {
+              id: "_lbRecentChanges",
+              title: "Recent Changes",
+              type: "launcher",
+              command: "showRecentChanges",
+              icon: "bx bx-history",
+              attributes: [{ type: "label", name: "desktopOnly" }],
+            },
+            {
+              id: "_lbSpacer1",
+              title: "Spacer",
+              type: "launcher",
+              builtinWidget: "spacer",
+              baseSize: "50",
+              growthFactor: "0",
+            },
+            {
+              id: "_lbBookmarks",
+              title: "Bookmarks",
+              type: "launcher",
+              builtinWidget: "bookmarks",
+              icon: "bx bx-bookmark",
+            },
+            {
+              id: "_lbToday",
+              title: "Open Today's Journal Note",
+              type: "launcher",
+              builtinWidget: "todayInJournal",
+              icon: "bx bx-calendar-star",
+            },
+            {
+              id: "_lbSpacer2",
+              title: "Spacer",
+              type: "launcher",
+              builtinWidget: "spacer",
+              baseSize: "0",
+              growthFactor: "1",
+            },
+            {
+              id: "_lbProtectedSession",
+              title: "Protected Session",
+              type: "launcher",
+              builtinWidget: "protectedSession",
+              icon: "bx bx bx-shield-quarter",
+            },
+            {
+              id: "_lbSyncStatus",
+              title: "Sync Status",
+              type: "launcher",
+              builtinWidget: "syncStatus",
+              icon: "bx bx-wifi",
+            },
+          ],
+        },
+      ],
+    },
+    {
+      id: "_options",
+      title: "Options",
+      type: "book",
+      children: [
+        {
+          id: "_optionsAppearance",
+          title: "Appearance",
+          type: "contentWidget",
+          icon: "bx-layout",
+        },
+        {
+          id: "_optionsShortcuts",
+          title: "Shortcuts",
+          type: "contentWidget",
+          icon: "bxs-keyboard",
+        },
+        {
+          id: "_optionsTextNotes",
+          title: "Text Notes",
+          type: "contentWidget",
+          icon: "bx-text",
+        },
+        {
+          id: "_optionsMFA",
+          title: "MFA",
+          type: "contentWidget",
+          icon: "bx-lock",
+        },
+        {
+          id: "_optionsCodeNotes",
+          title: "Code Notes",
+          type: "contentWidget",
+          icon: "bx-code",
         },
         {
-            id: '_options',
-            title: 'Options',
-            type: 'book',
-            children: [
-                { id: '_optionsAppearance', title: 'Appearance', type: 'contentWidget', icon: 'bx-layout' },
-                { id: '_optionsShortcuts', title: 'Shortcuts', type: 'contentWidget', icon: 'bxs-keyboard' },
-                { id: '_optionsTextNotes', title: 'Text Notes', type: 'contentWidget', icon: 'bx-text' },
-                { id: '_optionsCodeNotes', title: 'Code Notes', type: 'contentWidget', icon: 'bx-code' },
-                { id: '_optionsImages', title: 'Images', type: 'contentWidget', icon: 'bx-image' },
-                { id: '_optionsSpellcheck', title: 'Spellcheck', type: 'contentWidget', icon: 'bx-check-double' },
-                { id: '_optionsPassword', title: 'Password', type: 'contentWidget', icon: 'bx-lock' },
-                { id: '_optionsEtapi', title: 'ETAPI', type: 'contentWidget', icon: 'bx-extension' },
-                { id: '_optionsBackup', title: 'Backup', type: 'contentWidget', icon: 'bx-data' },
-                { id: '_optionsSync', title: 'Sync', type: 'contentWidget', icon: 'bx-wifi' },
-                { id: '_optionsOther', title: 'Other', type: 'contentWidget', icon: 'bx-dots-horizontal' },
-                { id: '_optionsAdvanced', title: 'Advanced', type: 'contentWidget' }
-            ]
-        }
-    ]
+          id: "_optionsImages",
+          title: "Images",
+          type: "contentWidget",
+          icon: "bx-image",
+        },
+        {
+          id: "_optionsSpellcheck",
+          title: "Spellcheck",
+          type: "contentWidget",
+          icon: "bx-check-double",
+        },
+        {
+          id: "_optionsPassword",
+          title: "Password",
+          type: "contentWidget",
+          icon: "bx-lock",
+        },
+        {
+          id: "_optionsEtapi",
+          title: "ETAPI",
+          type: "contentWidget",
+          icon: "bx-extension",
+        },
+        {
+          id: "_optionsBackup",
+          title: "Backup",
+          type: "contentWidget",
+          icon: "bx-data",
+        },
+        {
+          id: "_optionsSync",
+          title: "Sync",
+          type: "contentWidget",
+          icon: "bx-wifi",
+        },
+        {
+          id: "_optionsOther",
+          title: "Other",
+          type: "contentWidget",
+          icon: "bx-dots-horizontal",
+        },
+        { id: "_optionsAdvanced", title: "Advanced", type: "contentWidget" },
+      ],
+    },
+  ],
 };
 
 function checkHiddenSubtree(force = false) {
-    if (!force && !migrationService.isDbUpToDate()) {
-        // on-delete hook might get triggered during some future migration and cause havoc
-        log.info("Will not check hidden subtree until migration is finished.");
-        return;
-    }
+  if (!force && !migrationService.isDbUpToDate()) {
+    // on-delete hook might get triggered during some future migration and cause havoc
+    log.info("Will not check hidden subtree until migration is finished.");
+    return;
+  }
 
-    checkHiddenSubtreeRecursively('root', HIDDEN_SUBTREE_DEFINITION);
+  checkHiddenSubtreeRecursively("root", HIDDEN_SUBTREE_DEFINITION);
 }
 
 function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
-    if (!item.id || !item.type || !item.title) {
-        throw new Error(`Item does not contain mandatory properties: ${JSON.stringify(item)}`);
-    }
+  if (!item.id || !item.type || !item.title) {
+    throw new Error(
+      `Item does not contain mandatory properties: ${JSON.stringify(item)}`
+    );
+  }
 
-    if (item.id.charAt(0) !== '_') {
-        throw new Error(`ID has to start with underscore, given '${item.id}'`);
-    }
+  if (item.id.charAt(0) !== "_") {
+    throw new Error(`ID has to start with underscore, given '${item.id}'`);
+  }
 
-    let note = becca.notes[item.id];
-    let branch;
+  let note = becca.notes[item.id];
+  let branch;
 
-    if (!note) {
-        ({note, branch} = noteService.createNewNote({
-            noteId: item.id,
-            title: item.title,
-            type: item.type,
-            parentNoteId: parentNoteId,
-            content: '',
-            ignoreForbiddenParents: true
-        }));
-    } else {
-        branch = note.getParentBranches().find(branch => branch.parentNoteId === parentNoteId);
-    }
+  if (!note) {
+    ({ note, branch } = noteService.createNewNote({
+      noteId: item.id,
+      title: item.title,
+      type: item.type,
+      parentNoteId: parentNoteId,
+      content: "",
+      ignoreForbiddenParents: true,
+    }));
+  } else {
+    branch = note
+      .getParentBranches()
+      .find((branch) => branch.parentNoteId === parentNoteId);
+  }
 
-    const attrs = [...(item.attributes || [])];
+  const attrs = [...(item.attributes || [])];
 
-    if (item.icon) {
-        attrs.push({ type: 'label', name: 'iconClass', value: `bx ${item.icon}` });
-    }
+  if (item.icon) {
+    attrs.push({ type: "label", name: "iconClass", value: `bx ${item.icon}` });
+  }
 
-    if (item.type === 'launcher') {
-        if (item.command) {
-            attrs.push({ type: 'relation', name: 'template', value: LBTPL_COMMAND });
-            attrs.push({ type: 'label', name: 'command', value: item.command });
-        } else if (item.builtinWidget) {
-            if (item.builtinWidget === 'spacer') {
-                attrs.push({ type: 'relation', name: 'template', value: LBTPL_SPACER });
-                attrs.push({ type: 'label', name: 'baseSize', value: item.baseSize });
-                attrs.push({ type: 'label', name: 'growthFactor', value: item.growthFactor });
-            } else {
-                attrs.push({ type: 'relation', name: 'template', value: LBTPL_BUILTIN_WIDGET });
-            }
+  if (item.type === "launcher") {
+    if (item.command) {
+      attrs.push({ type: "relation", name: "template", value: LBTPL_COMMAND });
+      attrs.push({ type: "label", name: "command", value: item.command });
+    } else if (item.builtinWidget) {
+      if (item.builtinWidget === "spacer") {
+        attrs.push({ type: "relation", name: "template", value: LBTPL_SPACER });
+        attrs.push({ type: "label", name: "baseSize", value: item.baseSize });
+        attrs.push({
+          type: "label",
+          name: "growthFactor",
+          value: item.growthFactor,
+        });
+      } else {
+        attrs.push({
+          type: "relation",
+          name: "template",
+          value: LBTPL_BUILTIN_WIDGET,
+        });
+      }
 
-            attrs.push({ type: 'label', name: 'builtinWidget', value: item.builtinWidget });
-        } else if (item.targetNoteId) {
-            attrs.push({ type: 'relation', name: 'template', value: LBTPL_NOTE_LAUNCHER });
-            attrs.push({ type: 'relation', name: 'target', value: item.targetNoteId });
-        } else {
-            throw new Error(`No action defined for launcher ${JSON.stringify(item)}`);
-        }
+      attrs.push({
+        type: "label",
+        name: "builtinWidget",
+        value: item.builtinWidget,
+      });
+    } else if (item.targetNoteId) {
+      attrs.push({
+        type: "relation",
+        name: "template",
+        value: LBTPL_NOTE_LAUNCHER,
+      });
+      attrs.push({
+        type: "relation",
+        name: "target",
+        value: item.targetNoteId,
+      });
+    } else {
+      throw new Error(`No action defined for launcher ${JSON.stringify(item)}`);
     }
+  }
 
-    if (note.type !== item.type) {
-        // enforce a correct note type
-        note.type = item.type;
-        note.save();
-    }
+  if (note.type !== item.type) {
+    // enforce a correct note type
+    note.type = item.type;
+    note.save();
+  }
 
-    if (branch) {
-        // in case of launchers the branch ID is not preserved and should not be relied upon - launchers which move between
-        // visible and available will change branch since the branch's parent-child relationship is immutable
-        if (item.notePosition !== undefined && branch.notePosition !== item.notePosition) {
-            branch.notePosition = item.notePosition;
-            branch.save();
-        }
+  if (branch) {
+    // in case of launchers the branch ID is not preserved and should not be relied upon - launchers which move between
+    // visible and available will change branch since the branch's parent-child relationship is immutable
+    if (
+      item.notePosition !== undefined &&
+      branch.notePosition !== item.notePosition
+    ) {
+      branch.notePosition = item.notePosition;
+      branch.save();
+    }
 
-        if (item.isExpanded !== undefined && branch.isExpanded !== item.isExpanded) {
-            branch.isExpanded = item.isExpanded;
-            branch.save();
-        }
+    if (
+      item.isExpanded !== undefined &&
+      branch.isExpanded !== item.isExpanded
+    ) {
+      branch.isExpanded = item.isExpanded;
+      branch.save();
     }
+  }
 
-    for (const attr of attrs) {
-        const attrId = note.noteId + "_" + attr.type.charAt(0) + attr.name;
+  for (const attr of attrs) {
+    const attrId = note.noteId + "_" + attr.type.charAt(0) + attr.name;
 
-        if (!note.getAttributes().find(attr => attr.attributeId === attrId)) {
-            new BAttribute({
-                attributeId: attrId,
-                noteId: note.noteId,
-                type: attr.type,
-                name: attr.name,
-                value: attr.value,
-                isInheritable: false
-            }).save();
-        }
+    if (!note.getAttributes().find((attr) => attr.attributeId === attrId)) {
+      new BAttribute({
+        attributeId: attrId,
+        noteId: note.noteId,
+        type: attr.type,
+        name: attr.name,
+        value: attr.value,
+        isInheritable: false,
+      }).save();
     }
+  }
 
-    for (const child of item.children || []) {
-        checkHiddenSubtreeRecursively(item.id, child);
-    }
+  for (const child of item.children || []) {
+    checkHiddenSubtreeRecursively(item.id, child);
+  }
 }
 
 export = {
-    checkHiddenSubtree,
-    LBTPL_ROOT,
-    LBTPL_BASE,
-    LBTPL_COMMAND,
-    LBTPL_NOTE_LAUNCHER,
-    LBTPL_SCRIPT,
-    LBTPL_BUILTIN_WIDGET,
-    LBTPL_SPACER,
-    LBTPL_CUSTOM_WIDGET
+  checkHiddenSubtree,
+  LBTPL_ROOT,
+  LBTPL_BASE,
+  LBTPL_COMMAND,
+  LBTPL_NOTE_LAUNCHER,
+  LBTPL_SCRIPT,
+  LBTPL_BUILTIN_WIDGET,
+  LBTPL_SPACER,
+  LBTPL_CUSTOM_WIDGET,
 };
diff --git a/src/views/login.ejs b/src/views/login.ejs
index 392e6e854b..b84780997e 100644
--- a/src/views/login.ejs
+++ b/src/views/login.ejs
@@ -1,83 +1,111 @@
 <!DOCTYPE html>
 <html lang="en">
-<head>
-    <meta charset="utf-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
+  <head>
+    <meta charset="utf-8" />
+    <meta
+      name="viewport"
+      content="width=device-width, initial-scale=1, maximum-scale=1"
+    />
     <title>Login</title>
-    <link rel="apple-touch-icon" sizes="180x180" href="<%= assetPath %>/images/app-icons/ios/apple-touch-icon.png">
-    <link rel="shortcut icon" href="favicon.ico">
-</head>
-<body>
-<div class="container">
-    <div class="col-xs-12 col-sm-10 col-md-6 col-lg-4 col-xl-4 mx-auto" style="padding-top: 25px;">
+    <link
+      rel="apple-touch-icon"
+      sizes="180x180"
+      href="<%= assetPath %>/images/app-icons/ios/apple-touch-icon.png"
+    />
+    <link rel="shortcut icon" href="favicon.ico" />
+  </head>
+  <body>
+    <div class="container">
+      <div
+        class="col-xs-12 col-sm-10 col-md-6 col-lg-4 col-xl-4 mx-auto"
+        style="padding-top: 25px"
+      >
         <h1>Trilium login</h1>
 
         <% if (failedAuth) { %>
-            <div class="alert alert-warning">
-                Password is incorrect. Please try again.
-            </div>
+        <div class="alert alert-warning">
+          Password is incorrect. Please try again.
+        </div>
         <% } %>
 
         <form action="login" method="POST">
-            <div class="form-group">
-                <label for="password">Password</label>
-                <div class="controls">
-                    <input id="password" name="password" placeholder="" class="form-control" type="password">
-                </div>
-            </div>
-            <div class="form-group">
-                <div class="checkbox">
-                    <label>
-                        <input id="remember-me" name="rememberMe" value="1" type="checkbox"> Remember me
-                    </label>
-                </div>
+          <div class="form-group">
+            <label for="password">Password</label>
+            <div class="controls">
+              <input
+                id="password"
+                name="password"
+                placeholder=""
+                class="form-control"
+                type="password"
+              />
             </div>
-            <div class="form-group">
-                <button class="btn btn-success">Login</button>
+          </div>
+          <div class="form-group">
+            <div class="checkbox">
+              <label>
+                <input
+                  id="remember-me"
+                  name="rememberMe"
+                  value="1"
+                  type="checkbox"
+                />
+                Remember me
+              </label>
             </div>
+          </div>
+          <div class="form-group">
+            <button class="btn btn-success">Login</button>
+          </div>
         </form>
+      </div>
     </div>
-</div>
 
-<script>
-    // Required for correct loading of scripts in Electron
-    if (typeof module === 'object') {window.module = module; module = undefined;}
+    <script>
+      // Required for correct loading of scripts in Electron
+      if (typeof module === "object") {
+        window.module = module;
+        module = undefined;
+      }
 
-    let device;
+      let device;
 
-    if (window.location.search === '?desktop') {
+      if (window.location.search === "?desktop") {
         device = "desktop";
-    }
-    else if (window.location.search === '?mobile') {
+      } else if (window.location.search === "?mobile") {
         device = "mobile";
-    }
-    else {
+      } else {
         device = isMobile() ? "mobile" : "desktop";
-    }
+      }
 
-    console.log("Setting device cookie to:", device);
+      console.log("Setting device cookie to:", device);
 
-    setCookie("trilium-device", device);
+      setCookie("trilium-device", device);
 
-    function setCookie(name, value) {
+      function setCookie(name, value) {
         const date = new Date(Date.now() + 10 * 365 * 24 * 60 * 60 * 1000);
         const expires = "; expires=" + date.toUTCString();
 
-        document.cookie = name + "=" + (value || "")  + expires + "; path=/";
-    }
+        document.cookie = name + "=" + (value || "") + expires + "; path=/";
+      }
 
-    // https://stackoverflow.com/a/73731646/944162
-    function isMobile() {
-        const mQ = matchMedia?.('(pointer:coarse)');
-        if (mQ?.media === '(pointer:coarse)') return !!mQ.matches;
+      // https://stackoverflow.com/a/73731646/944162
+      function isMobile() {
+        const mQ = matchMedia?.("(pointer:coarse)");
+        if (mQ?.media === "(pointer:coarse)") return !!mQ.matches;
 
-        if ('orientation' in window) return true;
+        if ("orientation" in window) return true;
 
-        return /\b(BlackBerry|webOS|iPhone|IEMobile)\b/i.test(navigator.userAgent) ||
-            /\b(Android|Windows Phone|iPad|iPod)\b/i.test(navigator.userAgent);
-    }
-</script>
+        return (
+          /\b(BlackBerry|webOS|iPhone|IEMobile)\b/i.test(navigator.userAgent) ||
+          /\b(Android|Windows Phone|iPad|iPod)\b/i.test(navigator.userAgent)
+        );
+      }
+    </script>
 
-<link href="<%= assetPath %>/libraries/bootstrap/css/bootstrap.min.css" rel="stylesheet">
-</body>
+    <link
+      href="<%= assetPath %>/libraries/bootstrap/css/bootstrap.min.css"
+      rel="stylesheet"
+    />
+  </body>
 </html>

From baca395c0a57db9326994d9b4d7df3049c31d364 Mon Sep 17 00:00:00 2001
From: Chesspro13 <brandon@mauldin314.com>
Date: Thu, 2 May 2024 16:06:54 -0700
Subject: [PATCH 02/63] Started integrating totp into startup sequance

---
 .../options/multi_factor_authentication.js    | 65 ++++++++++++++--
 .../type_widgets/options/options_widget.js    | 74 +++++++++----------
 src/routes/api/options.ts                     |  1 +
 src/routes/api/totp.ts                        | 19 +++++
 src/routes/login.ts                           |  3 +
 src/routes/routes.ts                          |  3 +
 src/services/options_init.ts                  |  3 +-
 src/views/login.ejs                           | 15 ++++
 8 files changed, 139 insertions(+), 44 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 4a8f93c0ae..3aee5b6d1e 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -17,6 +17,26 @@ const TPL = `
       Use TOTP (Time-based One-Time Password) to safeguard your data in this application because it adds an additional layer of security by generating unique passcodes that expire quickly, making it harder for unauthorized access. TOTP also reduces the risk of account compromise through common threats like phishing attacks or password breaches.
     </div>
     
+  <br>
+  <h4>TOTP Settings</h4>
+    <div>
+      <label>
+          Enable TOTP
+      </label>
+      <input type="checkbox" class="totp-enabled" />
+    </div>
+
+<br>
+    <div class="options-section">
+      <label>
+      TOTP Secret
+      </label>
+      <input class="totp-secret-input form-control" disabled="true" type="text">
+      <button class="save-totp" disabled="true"> Save TOTP Secret </button>
+    </div>
+
+    <br>
+ <h4> Generate TOTP Secret </h4>
     <span class="totp-secret" >  </span>
     <br>
     <button class="regenerate-totp"> Regenerate TOTP Secret </button>
@@ -28,7 +48,10 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
 
     this.$mfaHeadding = this.$widget.find(".mfa-heading");
     this.$regenerateTotpButton = this.$widget.find(".regenerate-totp");
+    this.$totpEnabled = this.$widget.find(".totp-enabled");
     this.$totpSecret = this.$widget.find(".totp-secret");
+    this.$totpSecretInput = this.$widget.find(".totp-secret-input");
+    this.$saveTotpButton = this.$widget.find(".save-totp");
 
     this.$mfaHeadding.text("Multi-Factor Authentication");
     this.generateKey();
@@ -36,6 +59,10 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     // var gen = require("speakeasy");
     // toastService.showMessage("***REMOVED***");
 
+    this.$totpEnabled.on("change", async () => {
+      this.updateCheckboxOption("totpEnabled", this.$totpEnabled);
+    });
+
     this.$regenerateTotpButton.on("click", async () => {
       this.generateKey();
     });
@@ -54,7 +81,6 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
   async generateKey() {
     server.get("totp/generate").then((result) => {
       if (result.success) {
-        // password changed so current protected session is invalid and needs to be cleared
         this.$totpSecret.text(result.message);
       } else {
         toastService.showError(result.message);
@@ -62,13 +88,40 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     });
   }
 
+  // async toggleTOTP() {
+  //   if (this.$totpEnabled)
+  //     server.post("totp/enable").then((result) => {
+  //       if (!result.success) toastService.showError(result.message);
+  //     });
+  //   else
+  //     server.post("totp/disable").then((result) => {
+  //       if (!result.success) toastService.showError(result.message);
+  //     });
+  // }
+
   optionsLoaded(options) {
-    const isPasswordSet = options.isPasswordSet === "true";
+    // I need to make sure that this is actually pinging the server and that this information is being pulled
+    // because it is telling me "totpEnabled is not allowed to be changed" in a toast every time I check the box
+    server.get("totp/enabled").then((result) => {
+      if (result.success) {
+        console.log("Result message: " + typeof result.message);
+        console.log("Result message: " + result.message);
+        this.setCheckboxState(this.$totpEnabled, result.message);
+
+        console.log("TOTP Status: " + typeof result.message);
+
+        if (result.message) {
+          this.$totpSecretInput.prop("disabled", false);
+          this.$saveTotpButton.prop("disabled", false);
+        } else {
+          this.$totpSecretInput.prop("disabled", true);
+          this.$saveTotpButton.prop("disabled", true);
+        }
+      } else {
+        toastService.showError(result.message);
+      }
+    });
 
-    this.$widget.find(".old-password-form-group").toggle(isPasswordSet);
-    this.$savePasswordButton.text(
-      isPasswordSet ? "Change fff Password" : "Set Password"
-    );
     this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
   }
 
diff --git a/src/public/app/widgets/type_widgets/options/options_widget.js b/src/public/app/widgets/type_widgets/options/options_widget.js
index 3f16308702..8798cd20bc 100644
--- a/src/public/app/widgets/type_widgets/options/options_widget.js
+++ b/src/public/app/widgets/type_widgets/options/options_widget.js
@@ -3,55 +3,55 @@ import toastService from "../../../services/toast.js";
 import NoteContextAwareWidget from "../../note_context_aware_widget.js";
 
 export default class OptionsWidget extends NoteContextAwareWidget {
-    constructor() {
-        super();
+  constructor() {
+    super();
 
-        this.contentSized();
-    }
+    this.contentSized();
+  }
 
-    async updateOption(name, value) {
-        const opts = { [name]: value };
+  async updateOption(name, value) {
+    const opts = { [name]: value };
 
-        await this.updateMultipleOptions(opts);
-    }
+    await this.updateMultipleOptions(opts);
+  }
 
-    async updateMultipleOptions(opts) {
-        await server.put('options', opts);
+  async updateMultipleOptions(opts) {
+    await server.put("options", opts);
 
-        this.showUpdateNotification();
-    }
+    this.showUpdateNotification();
+  }
 
-    showUpdateNotification() {
-        toastService.showPersistent({
-            id: "options-change-saved",
-            title: "Options status",
-            message: "Options change have been saved.",
-            icon: "slider",
-            closeAfter: 2000
-        });
-    }
+  showUpdateNotification() {
+    toastService.showPersistent({
+      id: "options-change-saved",
+      title: "Options status",
+      message: "Options change have been saved.",
+      icon: "slider",
+      closeAfter: 2000,
+    });
+  }
 
-    async updateCheckboxOption(name, $checkbox) {
-        const isChecked = $checkbox.prop("checked");
+  async updateCheckboxOption(name, $checkbox) {
+    const isChecked = $checkbox.prop("checked");
 
-        return await this.updateOption(name, isChecked ? 'true' : 'false');
-    }
+    return await this.updateOption(name, isChecked ? "true" : "false");
+  }
 
-    setCheckboxState($checkbox, optionValue) {
-        $checkbox.prop('checked', optionValue === 'true');
-    }
+  setCheckboxState($checkbox, optionValue) {
+    $checkbox.prop("checked", optionValue === "true");
+  }
 
-    optionsLoaded(options) {}
+  optionsLoaded(options) {}
 
-    async refreshWithNote(note) {
-        const options = await server.get('options');
+  async refreshWithNote(note) {
+    const options = await server.get("options");
 
-        this.optionsLoaded(options);
-    }
+    this.optionsLoaded(options);
+  }
 
-    async entitiesReloadedEvent({loadResults}) {
-        if (loadResults.getOptionNames().length > 0) {
-            this.refresh();
-        }
+  async entitiesReloadedEvent({ loadResults }) {
+    if (loadResults.getOptionNames().length > 0) {
+      this.refresh();
     }
+  }
 }
diff --git a/src/routes/api/options.ts b/src/routes/api/options.ts
index 54630e825d..24d7b35ade 100644
--- a/src/routes/api/options.ts
+++ b/src/routes/api/options.ts
@@ -86,6 +86,7 @@ function updateOption(req: Request) {
 
 function updateOptions(req: Request) {
     for (const optionName in req.body) {
+        console.log( optionName )
         if (!update(optionName, req.body[optionName])) {
             // this should be improved
             // it should return 400 instead of current 500, but at least it now rollbacks transaction
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index d4c48bfb33..a4297c1307 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -1,3 +1,4 @@
+import options = require("../../services/options");
 const speakeasy = require("speakeasy");
 
 function verifyOTPToken(guessedToken: any) {
@@ -18,7 +19,25 @@ function generateSecret() {
   return { success: "true", message: speakeasy.generateSecret().base32 };
 }
 
+function checkForTOTP() {
+  const totpEnabled = options.getOptionBool("totpEnabled")
+  return { success: "true", message: totpEnabled };
+}
+
+function enableTOTP() {
+  options.setOption("totpEnabled", true)
+  return { success: "true" };
+}
+
+function disableTOTP() {
+  options.setOption("totpEnabled", false)
+  return { success: "true" };
+}
+
 export = {
   verifyOTPToken,
   generateSecret,
+  checkForTOTP,
+  enableTOTP,
+  disableTOTP
 };
diff --git a/src/routes/login.ts b/src/routes/login.ts
index cce214fbef..14f12fdc05 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -14,6 +14,8 @@ import { AppRequest } from './route-interface';
 function loginPage(req: Request, res: Response) {
     res.render('login', {
         failedAuth: false,
+        // totpEnabled: optionService.getOption("hasOTPEnabled"),
+        totpEnabled: false,
         assetPath: assetPath,
         appPath: appPath
     });
@@ -59,6 +61,7 @@ function setPassword(req: Request, res: Response) {
 
 function login(req: AppRequest, res: Response) {
     const guessedPassword = req.body.password;
+    const guessedTotp = req.body.token;
 
     if (verifyPassword(guessedPassword)) {
         const rememberMe = req.body.rememberMe;
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 5d9d6c034d..6f1eb3f1d6 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -156,6 +156,9 @@ function register(app: express.Application) {
   route(GET, "/setup", [], setupRoute.setupPage);
 
   apiRoute(GET, "/api/totp/generate", totp.generateSecret);
+  apiRoute(GET, "/api/totp/enabled", totp.checkForTOTP);
+  apiRoute(GET, "/api/totp/enable", totp.enableTOTP);
+  apiRoute(GET, "/api/totp/disable", totp.disableTOTP);
 
   apiRoute(GET, "/api/tree", treeApiRoute.getTree);
   apiRoute(PST, "/api/tree/load", treeApiRoute.load);
diff --git a/src/services/options_init.ts b/src/services/options_init.ts
index e2ba1520a1..49fa854611 100644
--- a/src/services/options_init.ts
+++ b/src/services/options_init.ts
@@ -96,7 +96,8 @@ const defaultOptions = [
     { name: 'customSearchEngineName', value: 'DuckDuckGo', isSynced: true },
     { name: 'customSearchEngineUrl', value: 'https://duckduckgo.com/?q={keyword}', isSynced: true },
     { name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true },
-    { name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true }
+    { name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true },
+    // { name: 'totpEnabled', value: 'false', isSynced: false }
 ];
 
 function initStartupOptions() {
diff --git a/src/views/login.ejs b/src/views/login.ejs
index b84780997e..4510fef076 100644
--- a/src/views/login.ejs
+++ b/src/views/login.ejs
@@ -41,6 +41,21 @@
               />
             </div>
           </div>
+          <% if( totpEnabled ) { %>
+            <div class="form-group">
+                <label for="otp-token">OTP Token</label>
+                <div class="controls">
+                <input
+                    id="token"
+                    name="token"
+                    placeholder=""
+                    class="form-control"
+                    type="number"
+                    maxlength="6"
+                    required
+                />
+            </div>
+        <% } %>
           <div class="form-group">
             <div class="checkbox">
               <label>

From fad51409a973159d2d64e3177bbf28cee8b16cb0 Mon Sep 17 00:00:00 2001
From: Brandon <brandon@mauldin314.com>
Date: Fri, 3 May 2024 08:05:35 -0700
Subject: [PATCH 03/63] Continued integrating TOTP.

---
 package-lock.json                             |   2 +-
 .../options/multi_factor_authentication.js    |  50 ++--
 src/routes/api/options.ts                     | 217 +++++++++---------
 src/routes/api/totp.ts                        |  21 +-
 src/routes/routes.ts                          |   8 +-
 5 files changed, 151 insertions(+), 147 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 037578fba5..05afb6ee61 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -7855,7 +7855,7 @@
     },
     "node_modules/isexe": {
       "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz",
+      "resolved": "https://registry.npmjs.org/ie/-/isexe-2.0.0.tgz",
       "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA="
     },
     "node_modules/isobject": {
diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 3aee5b6d1e..e755c62bbd 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -39,7 +39,7 @@ const TPL = `
  <h4> Generate TOTP Secret </h4>
     <span class="totp-secret" >  </span>
     <br>
-    <button class="regenerate-totp"> Regenerate TOTP Secret </button>
+    <button class="regenerate-totp" disabled="true"> Regenerate TOTP Secret </button>
 </div>`;
 
 export default class MultiFactorAuthenticationOptions extends OptionsWidget {
@@ -56,9 +56,6 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     this.$mfaHeadding.text("Multi-Factor Authentication");
     this.generateKey();
 
-    // var gen = require("speakeasy");
-    // toastService.showMessage("***REMOVED***");
-
     this.$totpEnabled.on("change", async () => {
       this.updateCheckboxOption("totpEnabled", this.$totpEnabled);
     });
@@ -67,6 +64,10 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
       this.generateKey();
     });
 
+    this.$saveTotpButton.on("click", async () => {
+      this.save();
+    });
+
     this.$protectedSessionTimeout = this.$widget.find(
       ".protected-session-timeout-in-seconds"
     );
@@ -100,49 +101,30 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
   // }
 
   optionsLoaded(options) {
-    // I need to make sure that this is actually pinging the server and that this information is being pulled
-    // because it is telling me "totpEnabled is not allowed to be changed" in a toast every time I check the box
     server.get("totp/enabled").then((result) => {
       if (result.success) {
-        console.log("Result message: " + typeof result.message);
-        console.log("Result message: " + result.message);
-        this.setCheckboxState(this.$totpEnabled, result.message);
-
-        console.log("TOTP Status: " + typeof result.message);
-
-        if (result.message) {
-          this.$totpSecretInput.prop("disabled", false);
-          this.$saveTotpButton.prop("disabled", false);
-        } else {
-          this.$totpSecretInput.prop("disabled", true);
-          this.$saveTotpButton.prop("disabled", true);
-        }
+        this.$totpEnabled.prop("checked", result.message);
+        this.$totpSecretInput.prop("disabled", !result.message);
+        this.$saveTotpButton.prop("disabled", !result.message);
+        this.$totpSecret.prop("disapbled", !result.message);
       } else {
         toastService.showError(result.message);
       }
     });
 
+    server.get("totp/get").then((result) => {
+      this.$totpSecretInput.text(result.secret);
+    });
+
     this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
   }
 
   save() {
-    const oldPassword = this.$oldPassword.val();
-    const newPassword1 = this.$newPassword1.val();
-    const newPassword2 = this.$newPassword2.val();
-
-    this.$oldPassword.val("");
-    this.$newPassword1.val("");
-    this.$newPassword2.val("");
-
-    if (newPassword1 !== newPassword2) {
-      toastService.showError("New passwords are not the same.");
-      return false;
-    }
+    // TODO: CHECK VALIDITY OF SECRET
 
     server
-      .post("password/change", {
-        current_password: oldPassword,
-        new_password: newPassword1,
+      .post("totp/set", {
+        secret: this.$totpSecretInput.val(),
       })
       .then((result) => {
         if (result.success) {
diff --git a/src/routes/api/options.ts b/src/routes/api/options.ts
index 24d7b35ade..97eab092c8 100644
--- a/src/routes/api/options.ts
+++ b/src/routes/api/options.ts
@@ -1,145 +1,152 @@
 "use strict";
 
-import optionService = require('../../services/options');
-import log = require('../../services/log');
-import searchService = require('../../services/search/services/search');
-import ValidationError = require('../../errors/validation_error');
-import { Request } from 'express';
+import optionService = require("../../services/options");
+import log = require("../../services/log");
+import searchService = require("../../services/search/services/search");
+import ValidationError = require("../../errors/validation_error");
+import { Request } from "express";
 
 // options allowed to be updated directly in the Options dialog
 const ALLOWED_OPTIONS = new Set([
-    'eraseEntitiesAfterTimeInSeconds',
-    'protectedSessionTimeout',
-    'revisionSnapshotTimeInterval',
-    'zoomFactor',
-    'theme',
-    'syncServerHost',
-    'syncServerTimeout',
-    'syncProxy',
-    'hoistedNoteId',
-    'mainFontSize',
-    'mainFontFamily',
-    'treeFontSize',
-    'treeFontFamily',
-    'detailFontSize',
-    'detailFontFamily',
-    'monospaceFontSize',
-    'monospaceFontFamily',
-    'openNoteContexts',
-    'vimKeymapEnabled',
-    'codeLineWrapEnabled',
-    'codeNotesMimeTypes',
-    'spellCheckEnabled',
-    'spellCheckLanguageCode',
-    'imageMaxWidthHeight',
-    'imageJpegQuality',
-    'leftPaneWidth',
-    'rightPaneWidth',
-    'leftPaneVisible',
-    'rightPaneVisible',
-    'nativeTitleBarVisible',
-    'headingStyle',
-    'autoCollapseNoteTree',
-    'autoReadonlySizeText',
-    'autoReadonlySizeCode',
-    'overrideThemeFonts',
-    'dailyBackupEnabled',
-    'weeklyBackupEnabled',
-    'monthlyBackupEnabled',
-    'maxContentWidth',
-    'compressImages',
-    'downloadImagesAutomatically',
-    'minTocHeadings',
-    'highlightsList',
-    'checkForUpdates',
-    'disableTray',
-    'eraseUnusedAttachmentsAfterSeconds',
-    'disableTray',
-    'customSearchEngineName',
-    'customSearchEngineUrl',
-    'promotedAttributesOpenInRibbon',
-    'editedNotesOpenInRibbon'
+  "eraseEntitiesAfterTimeInSeconds",
+  "protectedSessionTimeout",
+  "revisionSnapshotTimeInterval",
+  "zoomFactor",
+  "theme",
+  "syncServerHost",
+  "syncServerTimeout",
+  "syncProxy",
+  "hoistedNoteId",
+  "mainFontSize",
+  "mainFontFamily",
+  "treeFontSize",
+  "treeFontFamily",
+  "detailFontSize",
+  "detailFontFamily",
+  "monospaceFontSize",
+  "monospaceFontFamily",
+  "openNoteContexts",
+  "vimKeymapEnabled",
+  "codeLineWrapEnabled",
+  "codeNotesMimeTypes",
+  "spellCheckEnabled",
+  "spellCheckLanguageCode",
+  "imageMaxWidthHeight",
+  "imageJpegQuality",
+  "leftPaneWidth",
+  "rightPaneWidth",
+  "leftPaneVisible",
+  "rightPaneVisible",
+  "nativeTitleBarVisible",
+  "headingStyle",
+  "autoCollapseNoteTree",
+  "autoReadonlySizeText",
+  "autoReadonlySizeCode",
+  "overrideThemeFonts",
+  "dailyBackupEnabled",
+  "weeklyBackupEnabled",
+  "monthlyBackupEnabled",
+  "maxContentWidth",
+  "compressImages",
+  "downloadImagesAutomatically",
+  "minTocHeadings",
+  "highlightsList",
+  "checkForUpdates",
+  "disableTray",
+  "eraseUnusedAttachmentsAfterSeconds",
+  "disableTray",
+  "customSearchEngineName",
+  "customSearchEngineUrl",
+  "promotedAttributesOpenInRibbon",
+  "editedNotesOpenInRibbon",
+  "totpEnabled",
 ]);
 
 function getOptions() {
-    const optionMap = optionService.getOptionMap();
-    const resultMap: Record<string, string> = {};
+  const optionMap = optionService.getOptionMap();
+  const resultMap: Record<string, string> = {};
 
-    for (const optionName in optionMap) {
-        if (isAllowed(optionName)) {
-            resultMap[optionName] = optionMap[optionName];
-        }
+  for (const optionName in optionMap) {
+    if (isAllowed(optionName)) {
+      resultMap[optionName] = optionMap[optionName];
     }
+  }
 
-    resultMap['isPasswordSet'] = optionMap['passwordVerificationHash'] ? 'true' : 'false';
+  resultMap["isPasswordSet"] = optionMap["passwordVerificationHash"]
+    ? "true"
+    : "false";
 
-    return resultMap;
+  return resultMap;
 }
 
 function updateOption(req: Request) {
-    const {name, value} = req.params;
+  const { name, value } = req.params;
 
-    if (!update(name, value)) {
-        throw new ValidationError("not allowed option to change");
-    }
+  if (!update(name, value)) {
+    throw new ValidationError("not allowed option to change");
+  }
 }
 
 function updateOptions(req: Request) {
-    for (const optionName in req.body) {
-        console.log( optionName )
-        if (!update(optionName, req.body[optionName])) {
-            // this should be improved
-            // it should return 400 instead of current 500, but at least it now rollbacks transaction
-            throw new Error(`Option '${optionName}' is not allowed to be changed`);
-        }
+  for (const optionName in req.body) {
+    console.log(optionName);
+    if (!update(optionName, req.body[optionName])) {
+      // this should be improved
+      // it should return 400 instead of current 500, but at least it now rollbacks transaction
+      throw new Error(`Option '${optionName}' is not allowed to be changed`);
     }
+  }
 }
 
 function update(name: string, value: string) {
-    if (!isAllowed(name)) {
-        return false;
-    }
+  if (!isAllowed(name)) {
+    return false;
+  }
 
-    if (name !== 'openNoteContexts') {
-        log.info(`Updating option '${name}' to '${value}'`);
-    }
+  if (name !== "openNoteContexts") {
+    log.info(`Updating option '${name}' to '${value}'`);
+  }
 
-    optionService.setOption(name, value);
+  optionService.setOption(name, value);
 
-    return true;
+  return true;
 }
 
 function getUserThemes() {
-    const notes = searchService.searchNotes("#appTheme", {ignoreHoistedNote: true});
-    const ret = [];
+  const notes = searchService.searchNotes("#appTheme", {
+    ignoreHoistedNote: true,
+  });
+  const ret = [];
 
-    for (const note of notes) {
-        let value = note.getOwnedLabelValue('appTheme');
+  for (const note of notes) {
+    let value = note.getOwnedLabelValue("appTheme");
 
-        if (!value) {
-            value = note.title.toLowerCase().replace(/[^a-z0-9]/gi, '-');
-        }
-
-        ret.push({
-            val: value,
-            title: note.title,
-            noteId: note.noteId
-        });
+    if (!value) {
+      value = note.title.toLowerCase().replace(/[^a-z0-9]/gi, "-");
     }
 
-    return ret;
+    ret.push({
+      val: value,
+      title: note.title,
+      noteId: note.noteId,
+    });
+  }
+
+  return ret;
 }
 
 function isAllowed(name: string) {
-    return ALLOWED_OPTIONS.has(name)
-        || name.startsWith("keyboardShortcuts")
-        || name.endsWith("Collapsed")
-        || name.startsWith("hideArchivedNotes");
+  return (
+    ALLOWED_OPTIONS.has(name) ||
+    name.startsWith("keyboardShortcuts") ||
+    name.endsWith("Collapsed") ||
+    name.startsWith("hideArchivedNotes")
+  );
 }
 
 export = {
-    getOptions,
-    updateOption,
-    updateOptions,
-    getUserThemes
+  getOptions,
+  updateOption,
+  updateOptions,
+  getUserThemes,
 };
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index a4297c1307..020e7e55cd 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -1,4 +1,6 @@
 import options = require("../../services/options");
+import totp_secret = require("../../services/encryption/totp_secret");
+import { Request } from "express";
 const speakeasy = require("speakeasy");
 
 function verifyOTPToken(guessedToken: any) {
@@ -20,24 +22,35 @@ function generateSecret() {
 }
 
 function checkForTOTP() {
-  const totpEnabled = options.getOptionBool("totpEnabled")
+  const totpEnabled = options.getOptionBool("totpEnabled");
   return { success: "true", message: totpEnabled };
 }
 
 function enableTOTP() {
-  options.setOption("totpEnabled", true)
+  options.setOption("totpEnab| voidled", true);
   return { success: "true" };
 }
 
 function disableTOTP() {
-  options.setOption("totpEnabled", false)
+  options.setOption("totpEnabled", false);
   return { success: "true" };
 }
 
+function setTotpSecret(req: Request) {
+  console.log("TODO: Save Secret");
+  // totp_secret.setTotpSecret(req.body.secret);
+}
+
+function getSecret() {
+  return "TODO: Get Secret";
+}
+
 export = {
   verifyOTPToken,
   generateSecret,
   checkForTOTP,
   enableTOTP,
-  disableTOTP
+  disableTOTP,
+  setTotpSecret,
+  getSecret,
 };
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 6f1eb3f1d6..3b3c602255 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -157,8 +157,10 @@ function register(app: express.Application) {
 
   apiRoute(GET, "/api/totp/generate", totp.generateSecret);
   apiRoute(GET, "/api/totp/enabled", totp.checkForTOTP);
-  apiRoute(GET, "/api/totp/enable", totp.enableTOTP);
-  apiRoute(GET, "/api/totp/disable", totp.disableTOTP);
+  apiRoute(PST, "/api/totp/enable", totp.enableTOTP);
+  apiRoute(PST, "/api/totp/disable", totp.disableTOTP);
+  apiRoute(PST, "/api/totp/set", totp.setTotpSecret);
+  apiRoute(GET, "/api/totp/get", totp.getSecret);
 
   apiRoute(GET, "/api/tree", treeApiRoute.getTree);
   apiRoute(PST, "/api/tree/load", treeApiRoute.load);
@@ -185,7 +187,7 @@ function register(app: express.Application) {
   apiRoute(PUT, "/api/notes/:noteId/title", notesApiRoute.changeTitle);
   apiRoute(
     PST,
-    "/api/notes/:noteId/duplicate/:parentNoteId",
+    "/api/notes/:noteId/duplicPOSTate/:parentNoteId",
     notesApiRoute.duplicateSubtree
   );
   apiRoute(

From 4574b81caf82740cf7becc4c0d02ec2605dca4fa Mon Sep 17 00:00:00 2001
From: Chesspro13 <brandon@mauldin314.com>
Date: Fri, 3 May 2024 14:54:32 -0700
Subject: [PATCH 04/63] TOTP fully working MVP

---
 package-lock.json                             |  2 +-
 .../options/multi_factor_authentication.js    | 22 ++-----
 src/routes/api/totp.ts                        | 12 ++--
 src/routes/login.ts                           | 60 ++++++++++++++-----
 src/services/options_init.ts                  |  2 +-
 src/services/totp_secret.ts                   | 37 ++++++++++++
 6 files changed, 96 insertions(+), 39 deletions(-)
 create mode 100644 src/services/totp_secret.ts

diff --git a/package-lock.json b/package-lock.json
index 05afb6ee61..83e37b5842 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -19447,7 +19447,7 @@
     },
     "isexe": {
       "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz",
+      "resolved": "https://registry.npmjs.org/ie/-/isexe-2.0.0.tgz",
       "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA="
     },
     "isobject": {
diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index e755c62bbd..c96fcd0842 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -57,7 +57,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     this.generateKey();
 
     this.$totpEnabled.on("change", async () => {
-      this.updateCheckboxOption("totpEnabled", this.$totpEnabled);
+      this.updateSecret();
     });
 
     this.$regenerateTotpButton.on("click", async () => {
@@ -79,6 +79,11 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     );
   }
 
+  async updateSecret() {
+    if (this.$totpEnabled.prop("checked")) server.post("totp/enable");
+    else server.post("totp/disable");
+  }
+
   async generateKey() {
     server.get("totp/generate").then((result) => {
       if (result.success) {
@@ -89,17 +94,6 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     });
   }
 
-  // async toggleTOTP() {
-  //   if (this.$totpEnabled)
-  //     server.post("totp/enable").then((result) => {
-  //       if (!result.success) toastService.showError(result.message);
-  //     });
-  //   else
-  //     server.post("totp/disable").then((result) => {
-  //       if (!result.success) toastService.showError(result.message);
-  //     });
-  // }
-
   optionsLoaded(options) {
     server.get("totp/enabled").then((result) => {
       if (result.success) {
@@ -112,10 +106,6 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
       }
     });
 
-    server.get("totp/get").then((result) => {
-      this.$totpSecretInput.text(result.secret);
-    });
-
     this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
   }
 
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index 020e7e55cd..66ecf65c06 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -1,6 +1,7 @@
 import options = require("../../services/options");
 import totp_secret = require("../../services/encryption/totp_secret");
 import { Request } from "express";
+import totp_fs = require("../../services/totp_secret")
 const speakeasy = require("speakeasy");
 
 function verifyOTPToken(guessedToken: any) {
@@ -27,22 +28,23 @@ function checkForTOTP() {
 }
 
 function enableTOTP() {
-  options.setOption("totpEnab| voidled", true);
+  options.setOption("totpEnabled", true);
   return { success: "true" };
 }
 
 function disableTOTP() {
   options.setOption("totpEnabled", false);
-  return { success: "true" };
+
+  return { success: totp_fs.removeTotpSecret() };
 }
 
 function setTotpSecret(req: Request) {
-  console.log("TODO: Save Secret");
-  // totp_secret.setTotpSecret(req.body.secret);
+  options.setOption
+  totp_fs.saveTotpSecret(req.body.secret)
 }
 
 function getSecret() {
-  return "TODO: Get Secret";
+  return totp_fs.getTotpSecret()
 }
 
 export = {
diff --git a/src/routes/login.ts b/src/routes/login.ts
index 14f12fdc05..93526d9c17 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -8,14 +8,17 @@ import passwordService = require('../services/encryption/password');
 import assetPath = require('../services/asset_path');
 import appPath = require('../services/app_path');
 import ValidationError = require('../errors/validation_error');
+import totp_secret = require('../services/totp_secret');
 import { Request, Response } from 'express';
 import { AppRequest } from './route-interface';
 
+const speakeasy = require("speakeasy")
+
 function loginPage(req: Request, res: Response) {
     res.render('login', {
         failedAuth: false,
         // totpEnabled: optionService.getOption("hasOTPEnabled"),
-        totpEnabled: false,
+        totpEnabled: optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret(),
         assetPath: assetPath,
         appPath: appPath
     });
@@ -63,29 +66,54 @@ function login(req: AppRequest, res: Response) {
     const guessedPassword = req.body.password;
     const guessedTotp = req.body.token;
 
-    if (verifyPassword(guessedPassword)) {
-        const rememberMe = req.body.rememberMe;
+    if (!verifyPassword(guessedPassword))
+    {
+        sendLoginError( req, res)
+        return
+    }
 
-        req.session.regenerate(() => {
-            if (rememberMe) {
-                req.session.cookie.maxAge = 21 * 24 * 3600000;  // 3 weeks
-            } else {
-                req.session.cookie.expires = null;
-            }
+    if (optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret())
+        if (!verifyTOTP(guessedTotp))
+        {
+            sendLoginError( req, res)
+            return
+        }
 
-            req.session.loggedIn = true;
-            res.redirect('.');
-        });
-    }
-    else {
+
+    const rememberMe = req.body.rememberMe;
+
+    req.session.regenerate(() => {
+        if (rememberMe) {
+            req.session.cookie.maxAge = 21 * 24 * 3600000;  // 3 weeks
+        } else {
+            req.session.cookie.expires = null;
+        }
+
+        req.session.loggedIn = true;
+        res.redirect('.');
+    });
+}
+
+function sendLoginError(req: AppRequest, res: Response) {
         // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
-        log.info(`WARNING: Wrong password from ${req.ip}, rejecting.`);
+        log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
 
         res.status(401).render('login', {
             failedAuth: true,
+            totpEnabled: optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret(),
             assetPath: assetPath
         });
-    }
+}
+
+function verifyTOTP( guessedToken: string) {
+    const tokenValidates = speakeasy.totp.verify({
+        secret: totp_secret.getTotpSecret(),
+        encoding: "base32",
+        token: guessedToken,
+        window: 1,
+      });
+
+    return tokenValidates
 }
 
 function verifyPassword(guessedPassword: string) {
diff --git a/src/services/options_init.ts b/src/services/options_init.ts
index 49fa854611..4937871419 100644
--- a/src/services/options_init.ts
+++ b/src/services/options_init.ts
@@ -97,7 +97,7 @@ const defaultOptions = [
     { name: 'customSearchEngineUrl', value: 'https://duckduckgo.com/?q={keyword}', isSynced: true },
     { name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true },
     { name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true },
-    // { name: 'totpEnabled', value: 'false', isSynced: false }
+    { name: 'totpEnabled', value: 'false', isSynced: true }
 ];
 
 function initStartupOptions() {
diff --git a/src/services/totp_secret.ts b/src/services/totp_secret.ts
new file mode 100644
index 0000000000..cc4aa86a5b
--- /dev/null
+++ b/src/services/totp_secret.ts
@@ -0,0 +1,37 @@
+"use strict";
+
+import fs = require('fs');
+import crypto = require('crypto');
+import dataDir = require('./data_dir');
+import log = require('./log');
+
+const totpSecretPath = `${dataDir.TRILIUM_DATA_DIR}/totp_secret.txt`;
+
+function saveTotpSecret(secret: string)
+{
+    if (!fs.existsSync(totpSecretPath)) 
+        log.info("Generated totp secret file");
+
+    fs.writeFileSync(totpSecretPath, secret, "utf8");
+}
+
+function getTotpSecret(){
+
+    return fs.readFileSync(totpSecretPath, "utf8");
+}
+
+function checkForTotSecret() {
+    return fs.existsSync(totpSecretPath)
+}
+
+function removeTotpSecret() {
+    console.log("Attempting to remove secret")
+    fs.unlink( totpSecretPath, a => {
+        console.log("Unable to remove totp secret")
+        console.log(a)
+        return false
+    })
+    return true
+}
+
+export = {saveTotpSecret, getTotpSecret, checkForTotSecret, removeTotpSecret};

From f8d1d553dfa8342fcb55cf2227765e67b8400e5a Mon Sep 17 00:00:00 2001
From: Chesspro13 <brandon@mauldin314.com>
Date: Fri, 3 May 2024 15:22:19 -0700
Subject: [PATCH 05/63] Added regenerate totp button to the click event for
 enabling totp

---
 .../widgets/type_widgets/options/multi_factor_authentication.js  | 1 +
 src/routes/api/totp.ts                                           | 1 +
 2 files changed, 2 insertions(+)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index c96fcd0842..40643c0d46 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -101,6 +101,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
         this.$totpSecretInput.prop("disabled", !result.message);
         this.$saveTotpButton.prop("disabled", !result.message);
         this.$totpSecret.prop("disapbled", !result.message);
+        this.$regenerateTotpButton.prop("disabled", !result.message);
       } else {
         toastService.showError(result.message);
       }
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index 66ecf65c06..1e7506336f 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -39,6 +39,7 @@ function disableTOTP() {
 }
 
 function setTotpSecret(req: Request) {
+  // TODO: CHECK VALIDITY OF SECRET
   options.setOption
   totp_fs.saveTotpSecret(req.body.secret)
 }

From 18a2305c35af2c68fe41c72d915212b86786a65a Mon Sep 17 00:00:00 2001
From: Brandon <brandon@mauldin314.com>
Date: Fri, 3 May 2024 16:37:14 -0700
Subject: [PATCH 06/63] Added secret validation

---
 .../options/multi_factor_authentication.js        | 12 +++++++++++-
 src/routes/api/totp.ts                            | 15 +++++++--------
 2 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 40643c0d46..3948ba70ac 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -111,7 +111,17 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
   }
 
   save() {
-    // TODO: CHECK VALIDITY OF SECRET
+    const key = this.$totpSecretInput.val();
+    const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
+
+    if (key.length != 52) {
+      toastService.showError("Invalid Secret", 2000);
+      return;
+    }
+    if (regex.test(key)) {
+      toastService.showError("Invalid Secret", 2000);
+      return;
+    }
 
     server
       .post("totp/set", {
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index 1e7506336f..608bc4d0bf 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -1,13 +1,10 @@
 import options = require("../../services/options");
 import totp_secret = require("../../services/encryption/totp_secret");
 import { Request } from "express";
-import totp_fs = require("../../services/totp_secret")
+import totp_fs = require("../../services/totp_secret");
 const speakeasy = require("speakeasy");
 
 function verifyOTPToken(guessedToken: any) {
-  console.log("[" + guessedToken + "]");
-  console.log(typeof guessedToken);
-
   const tokenValidates = speakeasy.totp.verify({
     secret: process.env.MFA_SECRET,
     encoding: "base32",
@@ -39,13 +36,15 @@ function disableTOTP() {
 }
 
 function setTotpSecret(req: Request) {
-  // TODO: CHECK VALIDITY OF SECRET
-  options.setOption
-  totp_fs.saveTotpSecret(req.body.secret)
+  const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
+  if (req.body.secret.length != 52) return;
+  if (regex.test(req.body.secret)) return;
+
+  totp_fs.saveTotpSecret(req.body.secret);
 }
 
 function getSecret() {
-  return totp_fs.getTotpSecret()
+  return totp_fs.getTotpSecret();
 }
 
 export = {

From f466cd0b5a94b886b88bf0ad27066ea477c1c37d Mon Sep 17 00:00:00 2001
From: Chesspro13 <brandon@mauldin314.com>
Date: Mon, 6 May 2024 12:22:25 -0700
Subject: [PATCH 07/63] Saving TOTP secret requires password verification

---
 .../options/multi_factor_authentication.js    | 38 ++++++++++---------
 src/routes/api/totp.ts                        |  6 +++
 2 files changed, 26 insertions(+), 18 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 3948ba70ac..43713e924f 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -2,19 +2,13 @@ import server from "../../../services/server.js";
 import protectedSessionHolder from "../../../services/protected_session_holder.js";
 import toastService from "../../../services/toast.js";
 import OptionsWidget from "./options_widget.js";
-// import { randomBytes } from "crypto";
-
-// import { generateSecret } from "../../../services/totp.js";
-
-// const speakeasy = require("speakeasy");
-// ${speakeasy.generateSecret().base32}
 
 const TPL = `
 <div class="options-section">
     <h4 class="mfa-heading"></h4>
     
     <div class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">
-      Use TOTP (Time-based One-Time Password) to safeguard your data in this application because it adds an additional layer of security by generating unique passcodes that expire quickly, making it harder for unauthorized access. TOTP also reduces the risk of account compromise through common threats like phishing attacks or password breaches.
+      Use TOTP to safeguard your data in this application because it adds an additional layer of security by generating unique passcodes that expire quickly, making it harder for unauthorized access. TOTP also reduces the risk of account compromise through common threats like phishing attacks or password breaches.
     </div>
     
   <br>
@@ -27,14 +21,19 @@ const TPL = `
     </div>
 
 <br>
-    <div class="options-section">
-      <label>
-      TOTP Secret
-      </label>
-      <input class="totp-secret-input form-control" disabled="true" type="text">
-      <button class="save-totp" disabled="true"> Save TOTP Secret </button>
-    </div>
-
+  <div>
+      <div class="form-group">
+        <label>Password confirmation</label>
+        <input class="password form-control" type="password">
+      </div>
+      <div class="options-section">
+        <label>
+        TOTP Secret
+        </label>
+        <input class="totp-secret-input form-control" disabled="true" type="text">
+        <button class="save-totp" disabled="true"> Save TOTP Secret </button>
+      </div>
+  </div>
     <br>
  <h4> Generate TOTP Secret </h4>
     <span class="totp-secret" >  </span>
@@ -52,8 +51,9 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     this.$totpSecret = this.$widget.find(".totp-secret");
     this.$totpSecretInput = this.$widget.find(".totp-secret-input");
     this.$saveTotpButton = this.$widget.find(".save-totp");
+    this.$password = this.$widget.find(".password");
 
-    this.$mfaHeadding.text("Multi-Factor Authentication");
+    this.$mfaHeadding.text("Time-Based One Time Password (TOTP)");
     this.generateKey();
 
     this.$totpEnabled.on("change", async () => {
@@ -65,7 +65,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     });
 
     this.$saveTotpButton.on("click", async () => {
-      this.save();
+      this.saveTotpSecret();
     });
 
     this.$protectedSessionTimeout = this.$widget.find(
@@ -102,6 +102,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
         this.$saveTotpButton.prop("disabled", !result.message);
         this.$totpSecret.prop("disapbled", !result.message);
         this.$regenerateTotpButton.prop("disabled", !result.message);
+        this.$password.prop("disabled", !result.message);
       } else {
         toastService.showError(result.message);
       }
@@ -110,7 +111,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
   }
 
-  save() {
+  saveTotpSecret() {
     const key = this.$totpSecretInput.val();
     const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
 
@@ -126,6 +127,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     server
       .post("totp/set", {
         secret: this.$totpSecretInput.val(),
+        password: this.$password.val(),
       })
       .then((result) => {
         if (result.success) {
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index 608bc4d0bf..6a43813748 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -1,7 +1,9 @@
 import options = require("../../services/options");
 import totp_secret = require("../../services/encryption/totp_secret");
+import passwordEncryptionService = require('../../services/encryption/password_encryption');
 import { Request } from "express";
 import totp_fs = require("../../services/totp_secret");
+import ValidationError = require('../../errors/validation_error');
 const speakeasy = require("speakeasy");
 
 function verifyOTPToken(guessedToken: any) {
@@ -36,6 +38,10 @@ function disableTOTP() {
 }
 
 function setTotpSecret(req: Request) {
+
+  if(!passwordEncryptionService.verifyPassword(req.body.password))
+    throw new ValidationError("Incorrect password reset confirmation");
+
   const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
   if (req.body.secret.length != 52) return;
   if (regex.test(req.body.secret)) return;

From 25c9869cc8b2ac3d15082a20efd019998776be5f Mon Sep 17 00:00:00 2001
From: Brandon <brandon@mauldin314.com>
Date: Mon, 6 May 2024 17:06:21 -0700
Subject: [PATCH 08/63] Updated TOTP explination

---
 .../widgets/type_widgets/options/multi_factor_authentication.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 43713e924f..a3c7f672a9 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -8,7 +8,7 @@ const TPL = `
     <h4 class="mfa-heading"></h4>
     
     <div class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">
-      Use TOTP to safeguard your data in this application because it adds an additional layer of security by generating unique passcodes that expire quickly, making it harder for unauthorized access. TOTP also reduces the risk of account compromise through common threats like phishing attacks or password breaches.
+      Use TOTP to add an additional layer of security to safeguard your data.
     </div>
     
   <br>

From bc2f0823d9e9d0c8b669c26d4f40f05ffc4dd647 Mon Sep 17 00:00:00 2001
From: Chesspro13 <brandon@mauldin314.com>
Date: Tue, 7 May 2024 12:04:57 -0700
Subject: [PATCH 09/63] Corrected white space

---
 .../widgets/type_widgets/content_widget.js    |  142 +-
 .../options/multi_factor_authentication.js    |  196 +-
 .../type_widgets/options/options_widget.js    |   74 +-
 src/routes/api/options.ts                     |  216 +-
 src/routes/api/totp.ts                        |   63 +-
 src/routes/login.ts                           |  103 +-
 src/routes/routes.ts                          | 2131 +++++++++--------
 src/services/encryption/my_scrypt.ts          |   36 +-
 .../encryption/password_encryption.ts         |   52 +-
 src/services/encryption/totp_secret.ts        |  165 +-
 .../encryption/totp_secret_encryption.ts      |   38 +-
 src/services/hidden_subtree.ts                | 1166 +++++----
 src/services/options_init.ts                  |  263 +-
 src/services/totp_secret.ts                   |   35 +-
 14 files changed, 2456 insertions(+), 2224 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/content_widget.js b/src/public/app/widgets/type_widgets/content_widget.js
index f72e00fcfa..a6705d3741 100644
--- a/src/public/app/widgets/type_widgets/content_widget.js
+++ b/src/public/app/widgets/type_widgets/content_widget.js
@@ -54,84 +54,86 @@ const TPL = `<div class="note-detail-content-widget note-detail-printable">
 </div>`;
 
 const CONTENT_WIDGETS = {
-  _optionsAppearance: [
-    ThemeOptions,
-    FontsOptions,
-    ZoomFactorOptions,
-    NativeTitleBarOptions,
-    MaxContentWidthOptions,
-    RibbonOptions,
-  ],
-  _optionsShortcuts: [KeyboardShortcutsOptions],
-  _optionsTextNotes: [
-    HeadingStyleOptions,
-    TableOfContentsOptions,
-    HighlightsListOptions,
-    TextAutoReadOnlySizeOptions,
-  ],
-  _optionsCodeNotes: [
-    VimKeyBindingsOptions,
-    WrapLinesOptions,
-    CodeAutoReadOnlySizeOptions,
-    CodeMimeTypesOptions,
-  ],
-  _optionsMFA: [MultiFactorAuthenticationOptions],
-  _optionsImages: [ImageOptions],
-  _optionsSpellcheck: [SpellcheckOptions],
-  _optionsPassword: [PasswordOptions],
-  _optionsEtapi: [EtapiOptions],
-  _optionsBackup: [BackupOptions],
-  _optionsSync: [SyncOptions],
-  _optionsOther: [
-    SearchEngineOptions,
-    TrayOptions,
-    NoteErasureTimeoutOptions,
-    AttachmentErasureTimeoutOptions,
-    RevisionsSnapshotIntervalOptions,
-    NetworkConnectionsOptions,
-  ],
-  _optionsAdvanced: [
-    DatabaseIntegrityCheckOptions,
-    ConsistencyChecksOptions,
-    DatabaseAnonymizationOptions,
-    AdvancedSyncOptions,
-    VacuumDatabaseOptions,
-  ],
-  _backendLog: [BackendLogWidget],
+    _optionsAppearance: [
+        ThemeOptions,
+        FontsOptions,
+        ZoomFactorOptions,
+        NativeTitleBarOptions,
+        MaxContentWidthOptions,
+        RibbonOptions,
+    ],
+    _optionsShortcuts: [KeyboardShortcutsOptions],
+    _optionsTextNotes: [
+        HeadingStyleOptions,
+        TableOfContentsOptions,
+        HighlightsListOptions,
+        TextAutoReadOnlySizeOptions,
+    ],
+    _optionsCodeNotes: [
+        VimKeyBindingsOptions,
+        WrapLinesOptions,
+        CodeAutoReadOnlySizeOptions,
+        CodeMimeTypesOptions,
+    ],
+    _optionsMFA: [MultiFactorAuthenticationOptions],
+    _optionsImages: [ImageOptions],
+    _optionsSpellcheck: [SpellcheckOptions],
+    _optionsPassword: [PasswordOptions],
+    _optionsEtapi: [EtapiOptions],
+    _optionsBackup: [BackupOptions],
+    _optionsSync: [SyncOptions],
+    _optionsOther: [
+        SearchEngineOptions,
+        TrayOptions,
+        NoteErasureTimeoutOptions,
+        AttachmentErasureTimeoutOptions,
+        RevisionsSnapshotIntervalOptions,
+        NetworkConnectionsOptions,
+    ],
+    _optionsAdvanced: [
+        DatabaseIntegrityCheckOptions,
+        ConsistencyChecksOptions,
+        DatabaseAnonymizationOptions,
+        AdvancedSyncOptions,
+        VacuumDatabaseOptions,
+    ],
+    _backendLog: [BackendLogWidget],
 };
 
 export default class ContentWidgetTypeWidget extends TypeWidget {
-  static getType() {
-    return "contentWidget";
-  }
-
-  doRender() {
-    this.$widget = $(TPL);
-    this.$content = this.$widget.find(".note-detail-content-widget-content");
+    static getType() {
+        return "contentWidget";
+    }
+    2;
+    doRender() {
+        this.$widget = $(TPL);
+        this.$content = this.$widget.find(
+            ".note-detail-content-widget-content"
+        );
 
-    super.doRender();
-  }
+        super.doRender();
+    }
 
-  async doRefresh(note) {
-    this.$content.empty();
-    this.children = [];
+    async doRefresh(note) {
+        this.$content.empty();
+        this.children = [];
 
-    const contentWidgets = CONTENT_WIDGETS[note.noteId];
+        const contentWidgets = CONTENT_WIDGETS[note.noteId];
 
-    if (contentWidgets) {
-      for (const clazz of contentWidgets) {
-        const widget = new clazz();
+        if (contentWidgets) {
+            for (const clazz of contentWidgets) {
+                const widget = new clazz();
 
-        await widget.handleEvent("setNoteContext", {
-          noteContext: this.noteContext,
-        });
-        this.child(widget);
+                await widget.handleEvent("setNoteContext", {
+                    noteContext: this.noteContext,
+                });
+                this.child(widget);
 
-        this.$content.append(widget.render());
-        await widget.refresh();
-      }
-    } else {
-      this.$content.append(`Unknown widget for "${note.noteId}"`);
+                this.$content.append(widget.render());
+                await widget.refresh();
+            }
+        } else {
+            this.$content.append(`Unknown widget for "${note.noteId}"`);
+        }
     }
-  }
 }
diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index a3c7f672a9..f4ae6f38ea 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -8,7 +8,7 @@ const TPL = `
     <h4 class="mfa-heading"></h4>
     
     <div class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">
-      Use TOTP to add an additional layer of security to safeguard your data.
+      Use TOTP to add an additional layer of security to safeguard your data. Copy the generatred secret into your favorite authenticator.
     </div>
     
   <br>
@@ -42,106 +42,106 @@ const TPL = `
 </div>`;
 
 export default class MultiFactorAuthenticationOptions extends OptionsWidget {
-  doRender() {
-    this.$widget = $(TPL);
-
-    this.$mfaHeadding = this.$widget.find(".mfa-heading");
-    this.$regenerateTotpButton = this.$widget.find(".regenerate-totp");
-    this.$totpEnabled = this.$widget.find(".totp-enabled");
-    this.$totpSecret = this.$widget.find(".totp-secret");
-    this.$totpSecretInput = this.$widget.find(".totp-secret-input");
-    this.$saveTotpButton = this.$widget.find(".save-totp");
-    this.$password = this.$widget.find(".password");
-
-    this.$mfaHeadding.text("Time-Based One Time Password (TOTP)");
-    this.generateKey();
-
-    this.$totpEnabled.on("change", async () => {
-      this.updateSecret();
-    });
-
-    this.$regenerateTotpButton.on("click", async () => {
-      this.generateKey();
-    });
-
-    this.$saveTotpButton.on("click", async () => {
-      this.saveTotpSecret();
-    });
-
-    this.$protectedSessionTimeout = this.$widget.find(
-      ".protected-session-timeout-in-seconds"
-    );
-    this.$protectedSessionTimeout.on("change", () =>
-      this.updateOption(
-        "protectedSessionTimeout",
-        this.$protectedSessionTimeout.val()
-      )
-    );
-  }
-
-  async updateSecret() {
-    if (this.$totpEnabled.prop("checked")) server.post("totp/enable");
-    else server.post("totp/disable");
-  }
-
-  async generateKey() {
-    server.get("totp/generate").then((result) => {
-      if (result.success) {
-        this.$totpSecret.text(result.message);
-      } else {
-        toastService.showError(result.message);
-      }
-    });
-  }
-
-  optionsLoaded(options) {
-    server.get("totp/enabled").then((result) => {
-      if (result.success) {
-        this.$totpEnabled.prop("checked", result.message);
-        this.$totpSecretInput.prop("disabled", !result.message);
-        this.$saveTotpButton.prop("disabled", !result.message);
-        this.$totpSecret.prop("disapbled", !result.message);
-        this.$regenerateTotpButton.prop("disabled", !result.message);
-        this.$password.prop("disabled", !result.message);
-      } else {
-        toastService.showError(result.message);
-      }
-    });
-
-    this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
-  }
-
-  saveTotpSecret() {
-    const key = this.$totpSecretInput.val();
-    const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
-
-    if (key.length != 52) {
-      toastService.showError("Invalid Secret", 2000);
-      return;
+    doRender() {
+        this.$widget = $(TPL);
+
+        this.$mfaHeadding = this.$widget.find(".mfa-heading");
+        this.$regenerateTotpButton = this.$widget.find(".regenerate-totp");
+        this.$totpEnabled = this.$widget.find(".totp-enabled");
+        this.$totpSecret = this.$widget.find(".totp-secret");
+        this.$totpSecretInput = this.$widget.find(".totp-secret-input");
+        this.$saveTotpButton = this.$widget.find(".save-totp");
+        this.$password = this.$widget.find(".password");
+
+        this.$mfaHeadding.text("Time-Based One Time Password (TOTP)");
+        this.generateKey();
+
+        this.$totpEnabled.on("change", async () => {
+            this.updateSecret();
+        });
+
+        this.$regenerateTotpButton.on("click", async () => {
+            this.generateKey();
+        });
+
+        this.$saveTotpButton.on("click", async () => {
+            this.saveTotpSecret();
+        });
+
+        this.$protectedSessionTimeout = this.$widget.find(
+            ".protected-session-timeout-in-seconds"
+        );
+        this.$protectedSessionTimeout.on("change", () =>
+            this.updateOption(
+                "protectedSessionTimeout",
+                this.$protectedSessionTimeout.val()
+            )
+        );
     }
-    if (regex.test(key)) {
-      toastService.showError("Invalid Secret", 2000);
-      return;
+
+    async updateSecret() {
+        if (this.$totpEnabled.prop("checked")) server.post("totp/enable");
+        else server.post("totp/disable");
+    }
+
+    async generateKey() {
+        server.get("totp/generate").then((result) => {
+            if (result.success) {
+                this.$totpSecret.text(result.message);
+            } else {
+                toastService.showError(result.message);
+            }
+        });
+    }
+
+    optionsLoaded(options) {
+        server.get("totp/enabled").then((result) => {
+            if (result.success) {
+                this.$totpEnabled.prop("checked", result.message);
+                this.$totpSecretInput.prop("disabled", !result.message);
+                this.$saveTotpButton.prop("disabled", !result.message);
+                this.$totpSecret.prop("disapbled", !result.message);
+                this.$regenerateTotpButton.prop("disabled", !result.message);
+                this.$password.prop("disabled", !result.message);
+            } else {
+                toastService.showError(result.message);
+            }
+        });
+
+        this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
     }
 
-    server
-      .post("totp/set", {
-        secret: this.$totpSecretInput.val(),
-        password: this.$password.val(),
-      })
-      .then((result) => {
-        if (result.success) {
-          toastService.showError(
-            "Password has been changed. Trilium will be reloaded after you press OK."
-          );
-
-          // password changed so current protected session is invalid and needs to be cleared
-          protectedSessionHolder.resetProtectedSession();
-        } else {
-          toastService.showError(result.message);
+    saveTotpSecret() {
+        const key = this.$totpSecretInput.val();
+        const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
+
+        if (key.length != 52) {
+            toastService.showError("Invalid Secret", 2000);
+            return;
+        }
+        if (regex.test(key)) {
+            toastService.showError("Invalid Secret", 2000);
+            return;
         }
-      });
 
-    return false;
-  }
+        server
+            .post("totp/set", {
+                secret: this.$totpSecretInput.val(),
+                password: this.$password.val(),
+            })
+            .then((result) => {
+                if (result.success) {
+                    toastService.showError(
+                        "Password has been changed. Trilium will be reloaded after you press OK."
+                    );
+
+                    // password changed so current protected session is invalid and needs to be cleared
+                    protectedSessionHolder.resetProtectedSession();
+                } else {
+                    toastService.showError(result.message);
+                }
+            });
+
+        return false;
+    }
 }
diff --git a/src/public/app/widgets/type_widgets/options/options_widget.js b/src/public/app/widgets/type_widgets/options/options_widget.js
index 8798cd20bc..302305703c 100644
--- a/src/public/app/widgets/type_widgets/options/options_widget.js
+++ b/src/public/app/widgets/type_widgets/options/options_widget.js
@@ -3,55 +3,55 @@ import toastService from "../../../services/toast.js";
 import NoteContextAwareWidget from "../../note_context_aware_widget.js";
 
 export default class OptionsWidget extends NoteContextAwareWidget {
-  constructor() {
-    super();
+    constructor() {
+        super();
 
-    this.contentSized();
-  }
+        this.contentSized();
+    }
 
-  async updateOption(name, value) {
-    const opts = { [name]: value };
+    async updateOption(name, value) {
+        const opts = { [name]: value };
 
-    await this.updateMultipleOptions(opts);
-  }
+        await this.updateMultipleOptions(opts);
+    }
 
-  async updateMultipleOptions(opts) {
-    await server.put("options", opts);
+    async updateMultipleOptions(opts) {
+        await server.put("options", opts);
 
-    this.showUpdateNotification();
-  }
+        this.showUpdateNotification();
+    }
 
-  showUpdateNotification() {
-    toastService.showPersistent({
-      id: "options-change-saved",
-      title: "Options status",
-      message: "Options change have been saved.",
-      icon: "slider",
-      closeAfter: 2000,
-    });
-  }
+    showUpdateNotification() {
+        toastService.showPersistent({
+            id: "options-change-saved",
+            title: "Options status",
+            message: "Options change have been saved.",
+            icon: "slider",
+            closeAfter: 2000,
+        });
+    }
 
-  async updateCheckboxOption(name, $checkbox) {
-    const isChecked = $checkbox.prop("checked");
+    async updateCheckboxOption(name, $checkbox) {
+        const isChecked = $checkbox.prop("checked");
 
-    return await this.updateOption(name, isChecked ? "true" : "false");
-  }
+        return await this.updateOption(name, isChecked ? "true" : "false");
+    }
 
-  setCheckboxState($checkbox, optionValue) {
-    $checkbox.prop("checked", optionValue === "true");
-  }
+    setCheckboxState($checkbox, optionValue) {
+        $checkbox.prop("checked", optionValue === "true");
+    }
 
-  optionsLoaded(options) {}
+    optionsLoaded(options) {}
 
-  async refreshWithNote(note) {
-    const options = await server.get("options");
+    async refreshWithNote(note) {
+        const options = await server.get("options");
 
-    this.optionsLoaded(options);
-  }
+        this.optionsLoaded(options);
+    }
 
-  async entitiesReloadedEvent({ loadResults }) {
-    if (loadResults.getOptionNames().length > 0) {
-      this.refresh();
+    async entitiesReloadedEvent({ loadResults }) {
+        if (loadResults.getOptionNames().length > 0) {
+            this.refresh();
+        }
     }
-  }
 }
diff --git a/src/routes/api/options.ts b/src/routes/api/options.ts
index 97eab092c8..f1500135df 100644
--- a/src/routes/api/options.ts
+++ b/src/routes/api/options.ts
@@ -8,145 +8,147 @@ import { Request } from "express";
 
 // options allowed to be updated directly in the Options dialog
 const ALLOWED_OPTIONS = new Set([
-  "eraseEntitiesAfterTimeInSeconds",
-  "protectedSessionTimeout",
-  "revisionSnapshotTimeInterval",
-  "zoomFactor",
-  "theme",
-  "syncServerHost",
-  "syncServerTimeout",
-  "syncProxy",
-  "hoistedNoteId",
-  "mainFontSize",
-  "mainFontFamily",
-  "treeFontSize",
-  "treeFontFamily",
-  "detailFontSize",
-  "detailFontFamily",
-  "monospaceFontSize",
-  "monospaceFontFamily",
-  "openNoteContexts",
-  "vimKeymapEnabled",
-  "codeLineWrapEnabled",
-  "codeNotesMimeTypes",
-  "spellCheckEnabled",
-  "spellCheckLanguageCode",
-  "imageMaxWidthHeight",
-  "imageJpegQuality",
-  "leftPaneWidth",
-  "rightPaneWidth",
-  "leftPaneVisible",
-  "rightPaneVisible",
-  "nativeTitleBarVisible",
-  "headingStyle",
-  "autoCollapseNoteTree",
-  "autoReadonlySizeText",
-  "autoReadonlySizeCode",
-  "overrideThemeFonts",
-  "dailyBackupEnabled",
-  "weeklyBackupEnabled",
-  "monthlyBackupEnabled",
-  "maxContentWidth",
-  "compressImages",
-  "downloadImagesAutomatically",
-  "minTocHeadings",
-  "highlightsList",
-  "checkForUpdates",
-  "disableTray",
-  "eraseUnusedAttachmentsAfterSeconds",
-  "disableTray",
-  "customSearchEngineName",
-  "customSearchEngineUrl",
-  "promotedAttributesOpenInRibbon",
-  "editedNotesOpenInRibbon",
-  "totpEnabled",
+    "eraseEntitiesAfterTimeInSeconds",
+    "protectedSessionTimeout",
+    "revisionSnapshotTimeInterval",
+    "zoomFactor",
+    "theme",
+    "syncServerHost",
+    "syncServerTimeout",
+    "syncProxy",
+    "hoistedNoteId",
+    "mainFontSize",
+    "mainFontFamily",
+    "treeFontSize",
+    "treeFontFamily",
+    "detailFontSize",
+    "detailFontFamily",
+    "monospaceFontSize",
+    "monospaceFontFamily",
+    "openNoteContexts",
+    "vimKeymapEnabled",
+    "codeLineWrapEnabled",
+    "codeNotesMimeTypes",
+    "spellCheckEnabled",
+    "spellCheckLanguageCode",
+    "imageMaxWidthHeight",
+    "imageJpegQuality",
+    "leftPaneWidth",
+    "rightPaneWidth",
+    "leftPaneVisible",
+    "rightPaneVisible",
+    "nativeTitleBarVisible",
+    "headingStyle",
+    "autoCollapseNoteTree",
+    "autoReadonlySizeText",
+    "autoReadonlySizeCode",
+    "overrideThemeFonts",
+    "dailyBackupEnabled",
+    "weeklyBackupEnabled",
+    "monthlyBackupEnabled",
+    "maxContentWidth",
+    "compressImages",
+    "downloadImagesAutomatically",
+    "minTocHeadings",
+    "highlightsList",
+    "checkForUpdates",
+    "disableTray",
+    "eraseUnusedAttachmentsAfterSeconds",
+    "disableTray",
+    "customSearchEngineName",
+    "customSearchEngineUrl",
+    "promotedAttributesOpenInRibbon",
+    "editedNotesOpenInRibbon",
+    "totpEnabled",
 ]);
 
 function getOptions() {
-  const optionMap = optionService.getOptionMap();
-  const resultMap: Record<string, string> = {};
+    const optionMap = optionService.getOptionMap();
+    const resultMap: Record<string, string> = {};
 
-  for (const optionName in optionMap) {
-    if (isAllowed(optionName)) {
-      resultMap[optionName] = optionMap[optionName];
+    for (const optionName in optionMap) {
+        if (isAllowed(optionName)) {
+            resultMap[optionName] = optionMap[optionName];
+        }
     }
-  }
 
-  resultMap["isPasswordSet"] = optionMap["passwordVerificationHash"]
-    ? "true"
-    : "false";
+    resultMap["isPasswordSet"] = optionMap["passwordVerificationHash"]
+        ? "true"
+        : "false";
 
-  return resultMap;
+    return resultMap;
 }
 
 function updateOption(req: Request) {
-  const { name, value } = req.params;
+    const { name, value } = req.params;
 
-  if (!update(name, value)) {
-    throw new ValidationError("not allowed option to change");
-  }
+    if (!update(name, value)) {
+        throw new ValidationError("not allowed option to change");
+    }
 }
 
 function updateOptions(req: Request) {
-  for (const optionName in req.body) {
-    console.log(optionName);
-    if (!update(optionName, req.body[optionName])) {
-      // this should be improved
-      // it should return 400 instead of current 500, but at least it now rollbacks transaction
-      throw new Error(`Option '${optionName}' is not allowed to be changed`);
+    for (const optionName in req.body) {
+        console.log(optionName);
+        if (!update(optionName, req.body[optionName])) {
+            // this should be improved
+            // it should return 400 instead of current 500, but at least it now rollbacks transaction
+            throw new Error(
+                `Option '${optionName}' is not allowed to be changed`
+            );
+        }
     }
-  }
 }
 
 function update(name: string, value: string) {
-  if (!isAllowed(name)) {
-    return false;
-  }
+    if (!isAllowed(name)) {
+        return false;
+    }
 
-  if (name !== "openNoteContexts") {
-    log.info(`Updating option '${name}' to '${value}'`);
-  }
+    if (name !== "openNoteContexts") {
+        log.info(`Updating option '${name}' to '${value}'`);
+    }
 
-  optionService.setOption(name, value);
+    optionService.setOption(name, value);
 
-  return true;
+    return true;
 }
 
 function getUserThemes() {
-  const notes = searchService.searchNotes("#appTheme", {
-    ignoreHoistedNote: true,
-  });
-  const ret = [];
+    const notes = searchService.searchNotes("#appTheme", {
+        ignoreHoistedNote: true,
+    });
+    const ret = [];
 
-  for (const note of notes) {
-    let value = note.getOwnedLabelValue("appTheme");
+    for (const note of notes) {
+        let value = note.getOwnedLabelValue("appTheme");
 
-    if (!value) {
-      value = note.title.toLowerCase().replace(/[^a-z0-9]/gi, "-");
-    }
+        if (!value) {
+            value = note.title.toLowerCase().replace(/[^a-z0-9]/gi, "-");
+        }
 
-    ret.push({
-      val: value,
-      title: note.title,
-      noteId: note.noteId,
-    });
-  }
+        ret.push({
+            val: value,
+            title: note.title,
+            noteId: note.noteId,
+        });
+    }
 
-  return ret;
+    return ret;
 }
 
 function isAllowed(name: string) {
-  return (
-    ALLOWED_OPTIONS.has(name) ||
-    name.startsWith("keyboardShortcuts") ||
-    name.endsWith("Collapsed") ||
-    name.startsWith("hideArchivedNotes")
-  );
+    return (
+        ALLOWED_OPTIONS.has(name) ||
+        name.startsWith("keyboardShortcuts") ||
+        name.endsWith("Collapsed") ||
+        name.startsWith("hideArchivedNotes")
+    );
 }
 
 export = {
-  getOptions,
-  updateOption,
-  updateOptions,
-  getUserThemes,
+    getOptions,
+    updateOption,
+    updateOptions,
+    getUserThemes,
 };
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index 6a43813748..cb83449f00 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -1,64 +1,63 @@
 import options = require("../../services/options");
 import totp_secret = require("../../services/encryption/totp_secret");
-import passwordEncryptionService = require('../../services/encryption/password_encryption');
+import passwordEncryptionService = require("../../services/encryption/password_encryption");
 import { Request } from "express";
 import totp_fs = require("../../services/totp_secret");
-import ValidationError = require('../../errors/validation_error');
+import ValidationError = require("../../errors/validation_error");
 const speakeasy = require("speakeasy");
 
 function verifyOTPToken(guessedToken: any) {
-  const tokenValidates = speakeasy.totp.verify({
-    secret: process.env.MFA_SECRET,
-    encoding: "base32",
-    token: guessedToken,
-    window: 1,
-  });
-
-  return tokenValidates;
+    const tokenValidates = speakeasy.totp.verify({
+        secret: process.env.MFA_SECRET,
+        encoding: "base32",
+        token: guessedToken,
+        window: 1,
+    });
+
+    return tokenValidates;
 }
 
 function generateSecret() {
-  return { success: "true", message: speakeasy.generateSecret().base32 };
+    return { success: "true", message: speakeasy.generateSecret().base32 };
 }
 
 function checkForTOTP() {
-  const totpEnabled = options.getOptionBool("totpEnabled");
-  return { success: "true", message: totpEnabled };
+    const totpEnabled = options.getOptionBool("totpEnabled");
+    return { success: "true", message: totpEnabled };
 }
 
 function enableTOTP() {
-  options.setOption("totpEnabled", true);
-  return { success: "true" };
+    options.setOption("totpEnabled", true);
+    return { success: "true" };
 }
 
 function disableTOTP() {
-  options.setOption("totpEnabled", false);
+    options.setOption("totpEnabled", false);
 
-  return { success: totp_fs.removeTotpSecret() };
+    return { success: totp_fs.removeTotpSecret() };
 }
 
 function setTotpSecret(req: Request) {
+    if (!passwordEncryptionService.verifyPassword(req.body.password))
+        throw new ValidationError("Incorrect password reset confirmation");
 
-  if(!passwordEncryptionService.verifyPassword(req.body.password))
-    throw new ValidationError("Incorrect password reset confirmation");
-
-  const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
-  if (req.body.secret.length != 52) return;
-  if (regex.test(req.body.secret)) return;
+    const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
+    if (req.body.secret.length != 52) return;
+    if (regex.test(req.body.secret)) return;
 
-  totp_fs.saveTotpSecret(req.body.secret);
+    totp_fs.saveTotpSecret(req.body.secret);
 }
 
 function getSecret() {
-  return totp_fs.getTotpSecret();
+    return totp_fs.getTotpSecret();
 }
 
 export = {
-  verifyOTPToken,
-  generateSecret,
-  checkForTOTP,
-  enableTOTP,
-  disableTOTP,
-  setTotpSecret,
-  getSecret,
+    verifyOTPToken,
+    generateSecret,
+    checkForTOTP,
+    enableTOTP,
+    disableTOTP,
+    setTotpSecret,
+    getSecret,
 };
diff --git a/src/routes/login.ts b/src/routes/login.ts
index 93526d9c17..5e7817ced5 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -1,34 +1,36 @@
 "use strict";
 
-import utils = require('../services/utils');
-import optionService = require('../services/options');
-import myScryptService = require('../services/encryption/my_scrypt');
-import log = require('../services/log');
-import passwordService = require('../services/encryption/password');
-import assetPath = require('../services/asset_path');
-import appPath = require('../services/app_path');
-import ValidationError = require('../errors/validation_error');
-import totp_secret = require('../services/totp_secret');
-import { Request, Response } from 'express';
-import { AppRequest } from './route-interface';
-
-const speakeasy = require("speakeasy")
+import utils = require("../services/utils");
+import optionService = require("../services/options");
+import myScryptService = require("../services/encryption/my_scrypt");
+import log = require("../services/log");
+import passwordService = require("../services/encryption/password");
+import assetPath = require("../services/asset_path");
+import appPath = require("../services/app_path");
+import ValidationError = require("../errors/validation_error");
+import totp_secret = require("../services/totp_secret");
+import { Request, Response } from "express";
+import { AppRequest } from "./route-interface";
+
+const speakeasy = require("speakeasy");
 
 function loginPage(req: Request, res: Response) {
-    res.render('login', {
+    res.render("login", {
         failedAuth: false,
         // totpEnabled: optionService.getOption("hasOTPEnabled"),
-        totpEnabled: optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret(),
+        totpEnabled:
+            optionService.getOption("totpEnabled") &&
+            totp_secret.checkForTotSecret(),
         assetPath: assetPath,
-        appPath: appPath
+        appPath: appPath,
     });
 }
 
 function setPasswordPage(req: Request, res: Response) {
-    res.render('set_password', {
+    res.render("set_password", {
         error: false,
         assetPath: assetPath,
-        appPath: appPath
+        appPath: appPath,
     });
 }
 
@@ -37,7 +39,7 @@ function setPassword(req: Request, res: Response) {
         throw new ValidationError("Password has been already set");
     }
 
-    let {password1, password2} = req.body;
+    let { password1, password2 } = req.body;
     password1 = password1.trim();
     password2 = password2.trim();
 
@@ -50,74 +52,78 @@ function setPassword(req: Request, res: Response) {
     }
 
     if (error) {
-        res.render('set_password', {
+        res.render("set_password", {
             error,
-            assetPath: assetPath
+            assetPath: assetPath,
         });
         return;
     }
 
     passwordService.setPassword(password1);
 
-    res.redirect('login');
+    res.redirect("login");
 }
 
 function login(req: AppRequest, res: Response) {
     const guessedPassword = req.body.password;
     const guessedTotp = req.body.token;
 
-    if (!verifyPassword(guessedPassword))
-    {
-        sendLoginError( req, res)
-        return
+    if (!verifyPassword(guessedPassword)) {
+        sendLoginError(req, res);
+        return;
     }
 
-    if (optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret())
-        if (!verifyTOTP(guessedTotp))
-        {
-            sendLoginError( req, res)
-            return
+    if (
+        optionService.getOption("totpEnabled") &&
+        totp_secret.checkForTotSecret()
+    )
+        if (!verifyTOTP(guessedTotp)) {
+            sendLoginError(req, res);
+            return;
         }
 
-
     const rememberMe = req.body.rememberMe;
 
     req.session.regenerate(() => {
         if (rememberMe) {
-            req.session.cookie.maxAge = 21 * 24 * 3600000;  // 3 weeks
+            req.session.cookie.maxAge = 21 * 24 * 3600000; // 3 weeks
         } else {
             req.session.cookie.expires = null;
         }
 
         req.session.loggedIn = true;
-        res.redirect('.');
+        res.redirect(".");
     });
 }
 
 function sendLoginError(req: AppRequest, res: Response) {
-        // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
-        log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
-
-        res.status(401).render('login', {
-            failedAuth: true,
-            totpEnabled: optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret(),
-            assetPath: assetPath
-        });
+    // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
+    log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
+
+    res.status(401).render("login", {
+        failedAuth: true,
+        totpEnabled:
+            optionService.getOption("totpEnabled") &&
+            totp_secret.checkForTotSecret(),
+        assetPath: assetPath,
+    });
 }
 
-function verifyTOTP( guessedToken: string) {
+function verifyTOTP(guessedToken: string) {
     const tokenValidates = speakeasy.totp.verify({
         secret: totp_secret.getTotpSecret(),
         encoding: "base32",
         token: guessedToken,
         window: 1,
-      });
+    });
 
-    return tokenValidates
+    return tokenValidates;
 }
 
 function verifyPassword(guessedPassword: string) {
-    const hashed_password = utils.fromBase64(optionService.getOption('passwordVerificationHash'));
+    const hashed_password = utils.fromBase64(
+        optionService.getOption("passwordVerificationHash")
+    );
 
     const guess_hashed = myScryptService.getVerificationHash(guessedPassword);
 
@@ -128,9 +134,8 @@ function logout(req: AppRequest, res: Response) {
     req.session.regenerate(() => {
         req.session.loggedIn = false;
 
-        res.redirect('login');
+        res.redirect("login");
     });
-
 }
 
 export = {
@@ -138,5 +143,5 @@ export = {
     setPasswordPage,
     setPassword,
     login,
-    logout
+    logout,
 };
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 3b3c602255..ab145a8c27 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -74,1111 +74,1158 @@ import etapiBackupRoute = require("../etapi/backup");
 import { AppRequest, AppRequestHandler } from "./route-interface";
 
 const csrfMiddleware = csurf({
-  cookie: {
-    path: "", // empty, so cookie is valid only for the current path
-  },
+    cookie: {
+        path: "", // empty, so cookie is valid only for the current path
+    },
 });
 
 const MAX_ALLOWED_FILE_SIZE_MB = 250;
 const GET = "get",
-  PST = "post",
-  PUT = "put",
-  PATCH = "patch",
-  DEL = "delete";
+    PST = "post",
+    PUT = "put",
+    PATCH = "patch",
+    DEL = "delete";
 
 type ApiResultHandler = (
-  req: express.Request,
-  res: express.Response,
-  result: unknown
+    req: express.Request,
+    res: express.Response,
+    result: unknown
 ) => number;
 
 // TODO: Deduplicate with etapi_utils.ts afterwards.
 type HttpMethod =
-  | "all"
-  | "get"
-  | "post"
-  | "put"
-  | "delete"
-  | "patch"
-  | "options"
-  | "head";
+    | "all"
+    | "get"
+    | "post"
+    | "put"
+    | "delete"
+    | "patch"
+    | "options"
+    | "head";
 
 const uploadMiddleware = createUploadMiddleware();
 
 const uploadMiddlewareWithErrorHandling = function (
-  req: express.Request,
-  res: express.Response,
-  next: express.NextFunction
+    req: express.Request,
+    res: express.Response,
+    next: express.NextFunction
 ) {
-  uploadMiddleware(req, res, function (err) {
-    if (err?.code === "LIMIT_FILE_SIZE") {
-      res
-        .setHeader("Content-Type", "text/plain")
-        .status(400)
-        .send(
-          `Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`
-        );
-    } else {
-      next();
-    }
-  });
+    uploadMiddleware(req, res, function (err) {
+        if (err?.code === "LIMIT_FILE_SIZE") {
+            res.setHeader("Content-Type", "text/plain")
+                .status(400)
+                .send(
+                    `Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`
+                );
+        } else {
+            next();
+        }
+    });
 };
 
 function register(app: express.Application) {
-  route(GET, "/", [auth.checkAuth, csrfMiddleware], indexRoute.index);
-  route(
-    GET,
-    "/login",
-    [auth.checkAppInitialized, auth.checkPasswordSet],
-    loginRoute.loginPage
-  );
-  route(
-    GET,
-    "/set-password",
-    [auth.checkAppInitialized, auth.checkPasswordNotSet],
-    loginRoute.setPasswordPage
-  );
-
-  const loginRateLimiter = rateLimit.rateLimit({
-    windowMs: 15 * 60 * 1000, // 15 minutes
-    max: 10, // limit each IP to 10 requests per windowMs
-    skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
-  });
-
-  route(PST, "/login", [loginRateLimiter], loginRoute.login);
-  route(PST, "/logout", [csrfMiddleware, auth.checkAuth], loginRoute.logout);
-  route(
-    PST,
-    "/set-password",
-    [auth.checkAppInitialized, auth.checkPasswordNotSet],
-    loginRoute.setPassword
-  );
-  route(GET, "/setup", [], setupRoute.setupPage);
-
-  apiRoute(GET, "/api/totp/generate", totp.generateSecret);
-  apiRoute(GET, "/api/totp/enabled", totp.checkForTOTP);
-  apiRoute(PST, "/api/totp/enable", totp.enableTOTP);
-  apiRoute(PST, "/api/totp/disable", totp.disableTOTP);
-  apiRoute(PST, "/api/totp/set", totp.setTotpSecret);
-  apiRoute(GET, "/api/totp/get", totp.getSecret);
-
-  apiRoute(GET, "/api/tree", treeApiRoute.getTree);
-  apiRoute(PST, "/api/tree/load", treeApiRoute.load);
-
-  apiRoute(GET, "/api/notes/:noteId", notesApiRoute.getNote);
-  apiRoute(GET, "/api/notes/:noteId/blob", notesApiRoute.getNoteBlob);
-  apiRoute(GET, "/api/notes/:noteId/metadata", notesApiRoute.getNoteMetadata);
-  apiRoute(PUT, "/api/notes/:noteId/data", notesApiRoute.updateNoteData);
-  apiRoute(DEL, "/api/notes/:noteId", notesApiRoute.deleteNote);
-  apiRoute(PUT, "/api/notes/:noteId/undelete", notesApiRoute.undeleteNote);
-  apiRoute(PST, "/api/notes/:noteId/revision", notesApiRoute.forceSaveRevision);
-  apiRoute(PST, "/api/notes/:parentNoteId/children", notesApiRoute.createNote);
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/sort-children",
-    notesApiRoute.sortChildNotes
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/protect/:isProtected",
-    notesApiRoute.protectNote
-  );
-  apiRoute(PUT, "/api/notes/:noteId/type", notesApiRoute.setNoteTypeMime);
-  apiRoute(PUT, "/api/notes/:noteId/title", notesApiRoute.changeTitle);
-  apiRoute(
-    PST,
-    "/api/notes/:noteId/duplicPOSTate/:parentNoteId",
-    notesApiRoute.duplicateSubtree
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/clone-to-branch/:parentBranchId",
-    cloningApiRoute.cloneNoteToBranch
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present",
-    cloningApiRoute.toggleNoteInParent
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/clone-to-note/:parentNoteId",
-    cloningApiRoute.cloneNoteToParentNote
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/clone-after/:afterBranchId",
-    cloningApiRoute.cloneNoteAfter
-  );
-  route(
-    PUT,
-    "/api/notes/:noteId/file",
-    [
-      auth.checkApiAuthOrElectron,
-      uploadMiddlewareWithErrorHandling,
-      csrfMiddleware,
-    ],
-    filesRoute.updateFile,
-    apiResultHandler
-  );
-  route(
-    GET,
-    "/api/notes/:noteId/open",
-    [auth.checkApiAuthOrElectron],
-    filesRoute.openFile
-  );
-  route(
-    GET,
-    "/api/notes/:noteId/open-partial",
-    [auth.checkApiAuthOrElectron],
-    createPartialContentHandler(filesRoute.fileContentProvider, {
-      debug: (string, extra) => {
-        console.log(string, extra);
-      },
-    })
-  );
-  route(
-    GET,
-    "/api/notes/:noteId/download",
-    [auth.checkApiAuthOrElectron],
-    filesRoute.downloadFile
-  );
-  // this "hacky" path is used for easier referencing of CSS resources
-  route(
-    GET,
-    "/api/notes/download/:noteId",
-    [auth.checkApiAuthOrElectron],
-    filesRoute.downloadFile
-  );
-  apiRoute(
-    PST,
-    "/api/notes/:noteId/save-to-tmp-dir",
-    filesRoute.saveNoteToTmpDir
-  );
-  apiRoute(
-    PST,
-    "/api/notes/:noteId/upload-modified-file",
-    filesRoute.uploadModifiedFileToNote
-  );
-  apiRoute(
-    PST,
-    "/api/notes/:noteId/convert-to-attachment",
-    notesApiRoute.convertNoteToAttachment
-  );
-
-  apiRoute(
-    PUT,
-    "/api/branches/:branchId/move-to/:parentBranchId",
-    branchesApiRoute.moveBranchToParent
-  );
-  apiRoute(
-    PUT,
-    "/api/branches/:branchId/move-before/:beforeBranchId",
-    branchesApiRoute.moveBranchBeforeNote
-  );
-  apiRoute(
-    PUT,
-    "/api/branches/:branchId/move-after/:afterBranchId",
-    branchesApiRoute.moveBranchAfterNote
-  );
-  apiRoute(
-    PUT,
-    "/api/branches/:branchId/expanded/:expanded",
-    branchesApiRoute.setExpanded
-  );
-  apiRoute(
-    PUT,
-    "/api/branches/:branchId/expanded-subtree/:expanded",
-    branchesApiRoute.setExpandedForSubtree
-  );
-  apiRoute(DEL, "/api/branches/:branchId", branchesApiRoute.deleteBranch);
-  apiRoute(
-    PUT,
-    "/api/branches/:branchId/set-prefix",
-    branchesApiRoute.setPrefix
-  );
-
-  apiRoute(
-    GET,
-    "/api/notes/:noteId/attachments",
-    attachmentsApiRoute.getAttachments
-  );
-  apiRoute(
-    PST,
-    "/api/notes/:noteId/attachments",
-    attachmentsApiRoute.saveAttachment
-  );
-  route(
-    PST,
-    "/api/notes/:noteId/attachments/upload",
-    [
-      auth.checkApiAuthOrElectron,
-      uploadMiddlewareWithErrorHandling,
-      csrfMiddleware,
-    ],
-    attachmentsApiRoute.uploadAttachment,
-    apiResultHandler
-  );
-  apiRoute(
-    GET,
-    "/api/attachments/:attachmentId",
-    attachmentsApiRoute.getAttachment
-  );
-  apiRoute(
-    GET,
-    "/api/attachments/:attachmentId/all",
-    attachmentsApiRoute.getAllAttachments
-  );
-  apiRoute(
-    PST,
-    "/api/attachments/:attachmentId/convert-to-note",
-    attachmentsApiRoute.convertAttachmentToNote
-  );
-  apiRoute(
-    DEL,
-    "/api/attachments/:attachmentId",
-    attachmentsApiRoute.deleteAttachment
-  );
-  apiRoute(
-    PUT,
-    "/api/attachments/:attachmentId/rename",
-    attachmentsApiRoute.renameAttachment
-  );
-  apiRoute(
-    GET,
-    "/api/attachments/:attachmentId/blob",
-    attachmentsApiRoute.getAttachmentBlob
-  );
-  route(
-    GET,
-    "/api/attachments/:attachmentId/image/:filename",
-    [auth.checkApiAuthOrElectron],
-    imageRoute.returnAttachedImage
-  );
-  route(
-    GET,
-    "/api/attachments/:attachmentId/open",
-    [auth.checkApiAuthOrElectron],
-    filesRoute.openAttachment
-  );
-  route(
-    GET,
-    "/api/attachments/:attachmentId/open-partial",
-    [auth.checkApiAuthOrElectron],
-    createPartialContentHandler(filesRoute.attachmentContentProvider, {
-      debug: (string, extra) => {
-        console.log(string, extra);
-      },
-    })
-  );
-  route(
-    GET,
-    "/api/attachments/:attachmentId/download",
-    [auth.checkApiAuthOrElectron],
-    filesRoute.downloadAttachment
-  );
-  // this "hacky" path is used for easier referencing of CSS resources
-  route(
-    GET,
-    "/api/attachments/download/:attachmentId",
-    [auth.checkApiAuthOrElectron],
-    filesRoute.downloadAttachment
-  );
-  apiRoute(
-    PST,
-    "/api/attachments/:attachmentId/save-to-tmp-dir",
-    filesRoute.saveAttachmentToTmpDir
-  );
-  apiRoute(
-    PST,
-    "/api/attachments/:attachmentId/upload-modified-file",
-    filesRoute.uploadModifiedFileToAttachment
-  );
-  route(
-    PUT,
-    "/api/attachments/:attachmentId/file",
-    [
-      auth.checkApiAuthOrElectron,
-      uploadMiddlewareWithErrorHandling,
-      csrfMiddleware,
-    ],
-    filesRoute.updateAttachment,
-    apiResultHandler
-  );
-
-  apiRoute(GET, "/api/notes/:noteId/revisions", revisionsApiRoute.getRevisions);
-  apiRoute(
-    DEL,
-    "/api/notes/:noteId/revisions",
-    revisionsApiRoute.eraseAllRevisions
-  );
-  apiRoute(GET, "/api/revisions/:revisionId", revisionsApiRoute.getRevision);
-  apiRoute(
-    GET,
-    "/api/revisions/:revisionId/blob",
-    revisionsApiRoute.getRevisionBlob
-  );
-  apiRoute(DEL, "/api/revisions/:revisionId", revisionsApiRoute.eraseRevision);
-  apiRoute(
-    PST,
-    "/api/revisions/:revisionId/restore",
-    revisionsApiRoute.restoreRevision
-  );
-  route(
-    GET,
-    "/api/revisions/:revisionId/image/:filename",
-    [auth.checkApiAuthOrElectron],
-    imageRoute.returnImageFromRevision
-  );
-
-  route(
-    GET,
-    "/api/revisions/:revisionId/download",
-    [auth.checkApiAuthOrElectron],
-    revisionsApiRoute.downloadRevision
-  );
-
-  route(
-    GET,
-    "/api/branches/:branchId/export/:type/:format/:version/:taskId",
-    [auth.checkApiAuthOrElectron],
-    exportRoute.exportBranch
-  );
-  route(
-    PST,
-    "/api/notes/:parentNoteId/notes-import",
-    [
-      auth.checkApiAuthOrElectron,
-      uploadMiddlewareWithErrorHandling,
-      csrfMiddleware,
-    ],
-    importRoute.importNotesToBranch,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/notes/:parentNoteId/attachments-import",
-    [
-      auth.checkApiAuthOrElectron,
-      uploadMiddlewareWithErrorHandling,
-      csrfMiddleware,
-    ],
-    importRoute.importAttachmentsToNote,
-    apiResultHandler
-  );
-
-  apiRoute(
-    GET,
-    "/api/notes/:noteId/attributes",
-    attributesRoute.getEffectiveNoteAttributes
-  );
-  apiRoute(
-    PST,
-    "/api/notes/:noteId/attributes",
-    attributesRoute.addNoteAttribute
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/attributes",
-    attributesRoute.updateNoteAttributes
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/attribute",
-    attributesRoute.updateNoteAttribute
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/set-attribute",
-    attributesRoute.setNoteAttribute
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/relations/:name/to/:targetNoteId",
-    attributesRoute.createRelation
-  );
-  apiRoute(
-    DEL,
-    "/api/notes/:noteId/relations/:name/to/:targetNoteId",
-    attributesRoute.deleteRelation
-  );
-  apiRoute(
-    DEL,
-    "/api/notes/:noteId/attributes/:attributeId",
-    attributesRoute.deleteNoteAttribute
-  );
-  apiRoute(GET, "/api/attribute-names", attributesRoute.getAttributeNames);
-  apiRoute(
-    GET,
-    "/api/attribute-values/:attributeName",
-    attributesRoute.getValuesForAttribute
-  );
-
-  // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
-  route(
-    GET,
-    "/api/images/:noteId/:filename",
-    [auth.checkApiAuthOrElectron],
-    imageRoute.returnImageFromNote
-  );
-  route(
-    PUT,
-    "/api/images/:noteId",
-    [
-      auth.checkApiAuthOrElectron,
-      uploadMiddlewareWithErrorHandling,
-      csrfMiddleware,
-    ],
-    imageRoute.updateImage,
-    apiResultHandler
-  );
-
-  apiRoute(GET, "/api/options", optionsApiRoute.getOptions);
-  // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
-  apiRoute(PUT, "/api/options/:name/:value*", optionsApiRoute.updateOption);
-  apiRoute(PUT, "/api/options", optionsApiRoute.updateOptions);
-  apiRoute(GET, "/api/options/user-themes", optionsApiRoute.getUserThemes);
-
-  apiRoute(PST, "/api/password/change", passwordApiRoute.changePassword);
-  apiRoute(PST, "/api/password/reset", passwordApiRoute.resetPassword);
-
-  apiRoute(PST, "/api/sync/test", syncApiRoute.testSync);
-  apiRoute(PST, "/api/sync/now", syncApiRoute.syncNow);
-  apiRoute(
-    PST,
-    "/api/sync/fill-entity-changes",
-    syncApiRoute.fillEntityChanges
-  );
-  apiRoute(PST, "/api/sync/force-full-sync", syncApiRoute.forceFullSync);
-  route(
-    GET,
-    "/api/sync/check",
-    [auth.checkApiAuth],
-    syncApiRoute.checkSync,
-    apiResultHandler
-  );
-  route(
-    GET,
-    "/api/sync/changed",
-    [auth.checkApiAuth],
-    syncApiRoute.getChanged,
-    apiResultHandler
-  );
-  route(
-    PUT,
-    "/api/sync/update",
-    [auth.checkApiAuth],
-    syncApiRoute.update,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/sync/finished",
-    [auth.checkApiAuth],
-    syncApiRoute.syncFinished,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/sync/check-entity-changes",
-    [auth.checkApiAuth],
-    syncApiRoute.checkEntityChanges,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/sync/queue-sector/:entityName/:sector",
-    [auth.checkApiAuth],
-    syncApiRoute.queueSector,
-    apiResultHandler
-  );
-  route(GET, "/api/sync/stats", [], syncApiRoute.getStats, apiResultHandler);
-
-  apiRoute(PST, "/api/recent-notes", recentNotesRoute.addRecentNote);
-  apiRoute(GET, "/api/app-info", appInfoRoute.getAppInfo);
-
-  // docker health check
-  route(
-    GET,
-    "/api/health-check",
-    [],
-    () => ({ status: "ok" }),
-    apiResultHandler
-  );
-
-  // group of the services below are meant to be executed from the outside
-  route(
-    GET,
-    "/api/setup/status",
-    [],
-    setupApiRoute.getStatus,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/setup/new-document",
-    [auth.checkAppNotInitialized],
-    setupApiRoute.setupNewDocument,
-    apiResultHandler,
-    false
-  );
-  route(
-    PST,
-    "/api/setup/sync-from-server",
-    [auth.checkAppNotInitialized],
-    setupApiRoute.setupSyncFromServer,
-    apiResultHandler,
-    false
-  );
-  route(
-    GET,
-    "/api/setup/sync-seed",
-    [auth.checkCredentials],
-    setupApiRoute.getSyncSeed,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/setup/sync-seed",
-    [auth.checkAppNotInitialized],
-    setupApiRoute.saveSyncSeed,
-    apiResultHandler,
-    false
-  );
-
-  apiRoute(GET, "/api/autocomplete", autocompleteApiRoute.getAutocomplete);
-  apiRoute(GET, "/api/quick-search/:searchString", searchRoute.quickSearch);
-  apiRoute(GET, "/api/search-note/:noteId", searchRoute.searchFromNote);
-  apiRoute(
-    PST,
-    "/api/search-and-execute-note/:noteId",
-    searchRoute.searchAndExecute
-  );
-  apiRoute(PST, "/api/search-related", searchRoute.getRelatedNotes);
-  apiRoute(GET, "/api/search/:searchString", searchRoute.search);
-  apiRoute(GET, "/api/search-templates", searchRoute.searchTemplates);
-
-  apiRoute(PST, "/api/bulk-action/execute", bulkActionRoute.execute);
-  apiRoute(
-    PST,
-    "/api/bulk-action/affected-notes",
-    bulkActionRoute.getAffectedNoteCount
-  );
-
-  route(PST, "/api/login/sync", [], loginApiRoute.loginSync, apiResultHandler);
-  // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
-  apiRoute(PST, "/api/login/protected", loginApiRoute.loginToProtectedSession);
-  apiRoute(
-    PST,
-    "/api/login/protected/touch",
-    loginApiRoute.touchProtectedSession
-  );
-  apiRoute(
-    PST,
-    "/api/logout/protected",
-    loginApiRoute.logoutFromProtectedSession
-  );
-
-  route(
-    PST,
-    "/api/login/token",
-    [loginRateLimiter],
-    loginApiRoute.token,
-    apiResultHandler
-  );
-
-  apiRoute(GET, "/api/etapi-tokens", etapiTokensApiRoutes.getTokens);
-  apiRoute(PST, "/api/etapi-tokens", etapiTokensApiRoutes.createToken);
-  apiRoute(
-    PATCH,
-    "/api/etapi-tokens/:etapiTokenId",
-    etapiTokensApiRoutes.patchToken
-  );
-  apiRoute(
-    DEL,
-    "/api/etapi-tokens/:etapiTokenId",
-    etapiTokensApiRoutes.deleteToken
-  );
-
-  // in case of local electron, local calls are allowed unauthenticated, for server they need auth
-  const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
-
-  route(
-    GET,
-    "/api/clipper/handshake",
-    clipperMiddleware,
-    clipperRoute.handshake,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/clipper/clippings",
-    clipperMiddleware,
-    clipperRoute.addClipping,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/clipper/notes",
-    clipperMiddleware,
-    clipperRoute.createNote,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/clipper/open/:noteId",
-    clipperMiddleware,
-    clipperRoute.openNote,
-    apiResultHandler
-  );
-  route(
-    GET,
-    "/api/clipper/notes-by-url/:noteUrl",
-    clipperMiddleware,
-    clipperRoute.findNotesByUrl,
-    apiResultHandler
-  );
-
-  apiRoute(
-    GET,
-    "/api/special-notes/inbox/:date",
-    specialNotesRoute.getInboxNote
-  );
-  apiRoute(GET, "/api/special-notes/days/:date", specialNotesRoute.getDayNote);
-  apiRoute(
-    GET,
-    "/api/special-notes/weeks/:date",
-    specialNotesRoute.getWeekNote
-  );
-  apiRoute(
-    GET,
-    "/api/special-notes/months/:month",
-    specialNotesRoute.getMonthNote
-  );
-  apiRoute(
-    GET,
-    "/api/special-notes/years/:year",
-    specialNotesRoute.getYearNote
-  );
-  apiRoute(
-    GET,
-    "/api/special-notes/notes-for-month/:month",
-    specialNotesRoute.getDayNotesForMonth
-  );
-  apiRoute(
-    PST,
-    "/api/special-notes/sql-console",
-    specialNotesRoute.createSqlConsole
-  );
-  apiRoute(
-    PST,
-    "/api/special-notes/save-sql-console",
-    specialNotesRoute.saveSqlConsole
-  );
-  apiRoute(
-    PST,
-    "/api/special-notes/search-note",
-    specialNotesRoute.createSearchNote
-  );
-  apiRoute(
-    PST,
-    "/api/special-notes/save-search-note",
-    specialNotesRoute.saveSearchNote
-  );
-  apiRoute(
-    PST,
-    "/api/special-notes/launchers/:noteId/reset",
-    specialNotesRoute.resetLauncher
-  );
-  apiRoute(
-    PST,
-    "/api/special-notes/launchers/:parentNoteId/:launcherType",
-    specialNotesRoute.createLauncher
-  );
-  apiRoute(
-    PUT,
-    "/api/special-notes/api-script-launcher",
-    specialNotesRoute.createOrUpdateScriptLauncherFromApi
-  );
-
-  apiRoute(GET, "/api/sql/schema", sqlRoute.getSchema);
-  apiRoute(PST, "/api/sql/execute/:noteId", sqlRoute.execute);
-  route(
-    PST,
-    "/api/database/anonymize/:type",
-    [auth.checkApiAuthOrElectron, csrfMiddleware],
-    databaseRoute.anonymize,
-    apiResultHandler,
-    false
-  );
-  apiRoute(
-    GET,
-    "/api/database/anonymized-databases",
-    databaseRoute.getExistingAnonymizedDatabases
-  );
-
-  // backup requires execution outside of transaction
-  route(
-    PST,
-    "/api/database/backup-database",
-    [auth.checkApiAuthOrElectron, csrfMiddleware],
-    databaseRoute.backupDatabase,
-    apiResultHandler,
-    false
-  );
-  apiRoute(GET, "/api/database/backups", databaseRoute.getExistingBackups);
-
-  // VACUUM requires execution outside of transaction
-  route(
-    PST,
-    "/api/database/vacuum-database",
-    [auth.checkApiAuthOrElectron, csrfMiddleware],
-    databaseRoute.vacuumDatabase,
-    apiResultHandler,
-    false
-  );
-
-  route(
-    PST,
-    "/api/database/find-and-fix-consistency-issues",
-    [auth.checkApiAuthOrElectron, csrfMiddleware],
-    databaseRoute.findAndFixConsistencyIssues,
-    apiResultHandler,
-    false
-  );
-
-  apiRoute(GET, "/api/database/check-integrity", databaseRoute.checkIntegrity);
-
-  route(
-    PST,
-    "/api/script/exec",
-    [auth.checkApiAuth, csrfMiddleware],
-    scriptRoute.exec,
-    apiResultHandler,
-    false
-  );
-
-  apiRoute(PST, "/api/script/run/:noteId", scriptRoute.run);
-  apiRoute(GET, "/api/script/startup", scriptRoute.getStartupBundles);
-  apiRoute(GET, "/api/script/widgets", scriptRoute.getWidgetBundles);
-  apiRoute(PST, "/api/script/bundle/:noteId", scriptRoute.getBundle);
-  apiRoute(
-    GET,
-    "/api/script/relation/:noteId/:relationName",
-    scriptRoute.getRelationBundles
-  );
-
-  // no CSRF since this is called from android app
-  route(
-    PST,
-    "/api/sender/login",
-    [loginRateLimiter],
-    loginApiRoute.token,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/sender/image",
-    [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
-    senderRoute.uploadImage,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/sender/note",
-    [auth.checkEtapiToken],
-    senderRoute.saveNote,
-    apiResultHandler
-  );
-
-  apiRoute(GET, "/api/keyboard-actions", keysRoute.getKeyboardActions);
-  apiRoute(
-    GET,
-    "/api/keyboard-shortcuts-for-notes",
-    keysRoute.getShortcutsForNotes
-  );
-
-  apiRoute(PST, "/api/relation-map", relationMapApiRoute.getRelationMap);
-  apiRoute(
-    PST,
-    "/api/notes/erase-deleted-notes-now",
-    notesApiRoute.eraseDeletedNotesNow
-  );
-  apiRoute(
-    PST,
-    "/api/notes/erase-unused-attachments-now",
-    notesApiRoute.eraseUnusedAttachmentsNow
-  );
-  apiRoute(
-    GET,
-    "/api/similar-notes/:noteId",
-    similarNotesRoute.getSimilarNotes
-  );
-  apiRoute(GET, "/api/backend-log", backendLogRoute.getBackendLog);
-  apiRoute(GET, "/api/stats/note-size/:noteId", statsRoute.getNoteSize);
-  apiRoute(GET, "/api/stats/subtree-size/:noteId", statsRoute.getSubtreeSize);
-  apiRoute(
-    PST,
-    "/api/delete-notes-preview",
-    notesApiRoute.getDeleteNotesPreview
-  );
-  route(
-    GET,
-    "/api/fonts",
-    [auth.checkApiAuthOrElectron],
-    fontsRoute.getFontCss
-  );
-  apiRoute(GET, "/api/other/icon-usage", otherRoute.getIconUsage);
-  apiRoute(PST, "/api/other/render-markdown", otherRoute.renderMarkdown);
-  apiRoute(
-    GET,
-    "/api/recent-changes/:ancestorNoteId",
-    recentChangesApiRoute.getRecentChanges
-  );
-  apiRoute(
-    GET,
-    "/api/edited-notes/:date",
-    revisionsApiRoute.getEditedNotesOnDate
-  );
-
-  apiRoute(PST, "/api/note-map/:noteId/tree", noteMapRoute.getTreeMap);
-  apiRoute(PST, "/api/note-map/:noteId/link", noteMapRoute.getLinkMap);
-  apiRoute(
-    GET,
-    "/api/note-map/:noteId/backlink-count",
-    noteMapRoute.getBacklinkCount
-  );
-  apiRoute(GET, "/api/note-map/:noteId/backlinks", noteMapRoute.getBacklinks);
-
-  shareRoutes.register(router);
-
-  etapiAuthRoutes.register(router, [loginRateLimiter]);
-  etapiAppInfoRoutes.register(router);
-  etapiAttachmentRoutes.register(router);
-  etapiAttributeRoutes.register(router);
-  etapiBranchRoutes.register(router);
-  etapiNoteRoutes.register(router);
-  etapiSpecialNoteRoutes.register(router);
-  etapiSpecRoute.register(router);
-  etapiBackupRoute.register(router);
-
-  app.use("", router);
+    route(GET, "/", [auth.checkAuth, csrfMiddleware], indexRoute.index);
+    route(
+        GET,
+        "/login",
+        [auth.checkAppInitialized, auth.checkPasswordSet],
+        loginRoute.loginPage
+    );
+    route(
+        GET,
+        "/set-password",
+        [auth.checkAppInitialized, auth.checkPasswordNotSet],
+        loginRoute.setPasswordPage
+    );
+
+    const loginRateLimiter = rateLimit.rateLimit({
+        windowMs: 15 * 60 * 1000, // 15 minutes
+        max: 10, // limit each IP to 10 requests per windowMs
+        skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
+    });
+
+    route(PST, "/login", [loginRateLimiter], loginRoute.login);
+    route(PST, "/logout", [csrfMiddleware, auth.checkAuth], loginRoute.logout);
+    route(
+        PST,
+        "/set-password",
+        [auth.checkAppInitialized, auth.checkPasswordNotSet],
+        loginRoute.setPassword
+    );
+    route(GET, "/setup", [], setupRoute.setupPage);
+
+    apiRoute(GET, "/api/totp/generate", totp.generateSecret);
+    apiRoute(GET, "/api/totp/enabled", totp.checkForTOTP);
+    apiRoute(PST, "/api/totp/enable", totp.enableTOTP);
+    apiRoute(PST, "/api/totp/disable", totp.disableTOTP);
+    apiRoute(PST, "/api/totp/set", totp.setTotpSecret);
+    apiRoute(GET, "/api/totp/get", totp.getSecret);
+
+    apiRoute(GET, "/api/tree", treeApiRoute.getTree);
+    apiRoute(PST, "/api/tree/load", treeApiRoute.load);
+
+    apiRoute(GET, "/api/notes/:noteId", notesApiRoute.getNote);
+    apiRoute(GET, "/api/notes/:noteId/blob", notesApiRoute.getNoteBlob);
+    apiRoute(GET, "/api/notes/:noteId/metadata", notesApiRoute.getNoteMetadata);
+    apiRoute(PUT, "/api/notes/:noteId/data", notesApiRoute.updateNoteData);
+    apiRoute(DEL, "/api/notes/:noteId", notesApiRoute.deleteNote);
+    apiRoute(PUT, "/api/notes/:noteId/undelete", notesApiRoute.undeleteNote);
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/revision",
+        notesApiRoute.forceSaveRevision
+    );
+    apiRoute(
+        PST,
+        "/api/notes/:parentNoteId/children",
+        notesApiRoute.createNote
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/sort-children",
+        notesApiRoute.sortChildNotes
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/protect/:isProtected",
+        notesApiRoute.protectNote
+    );
+    apiRoute(PUT, "/api/notes/:noteId/type", notesApiRoute.setNoteTypeMime);
+    apiRoute(PUT, "/api/notes/:noteId/title", notesApiRoute.changeTitle);
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/duplicPOSTate/:parentNoteId",
+        notesApiRoute.duplicateSubtree
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/clone-to-branch/:parentBranchId",
+        cloningApiRoute.cloneNoteToBranch
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present",
+        cloningApiRoute.toggleNoteInParent
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/clone-to-note/:parentNoteId",
+        cloningApiRoute.cloneNoteToParentNote
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/clone-after/:afterBranchId",
+        cloningApiRoute.cloneNoteAfter
+    );
+    route(
+        PUT,
+        "/api/notes/:noteId/file",
+        [
+            auth.checkApiAuthOrElectron,
+            uploadMiddlewareWithErrorHandling,
+            csrfMiddleware,
+        ],
+        filesRoute.updateFile,
+        apiResultHandler
+    );
+    route(
+        GET,
+        "/api/notes/:noteId/open",
+        [auth.checkApiAuthOrElectron],
+        filesRoute.openFile
+    );
+    route(
+        GET,
+        "/api/notes/:noteId/open-partial",
+        [auth.checkApiAuthOrElectron],
+        createPartialContentHandler(filesRoute.fileContentProvider, {
+            debug: (string, extra) => {
+                console.log(string, extra);
+            },
+        })
+    );
+    route(
+        GET,
+        "/api/notes/:noteId/download",
+        [auth.checkApiAuthOrElectron],
+        filesRoute.downloadFile
+    );
+    // this "hacky" path is used for easier referencing of CSS resources
+    route(
+        GET,
+        "/api/notes/download/:noteId",
+        [auth.checkApiAuthOrElectron],
+        filesRoute.downloadFile
+    );
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/save-to-tmp-dir",
+        filesRoute.saveNoteToTmpDir
+    );
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/upload-modified-file",
+        filesRoute.uploadModifiedFileToNote
+    );
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/convert-to-attachment",
+        notesApiRoute.convertNoteToAttachment
+    );
+
+    apiRoute(
+        PUT,
+        "/api/branches/:branchId/move-to/:parentBranchId",
+        branchesApiRoute.moveBranchToParent
+    );
+    apiRoute(
+        PUT,
+        "/api/branches/:branchId/move-before/:beforeBranchId",
+        branchesApiRoute.moveBranchBeforeNote
+    );
+    apiRoute(
+        PUT,
+        "/api/branches/:branchId/move-after/:afterBranchId",
+        branchesApiRoute.moveBranchAfterNote
+    );
+    apiRoute(
+        PUT,
+        "/api/branches/:branchId/expanded/:expanded",
+        branchesApiRoute.setExpanded
+    );
+    apiRoute(
+        PUT,
+        "/api/branches/:branchId/expanded-subtree/:expanded",
+        branchesApiRoute.setExpandedForSubtree
+    );
+    apiRoute(DEL, "/api/branches/:branchId", branchesApiRoute.deleteBranch);
+    apiRoute(
+        PUT,
+        "/api/branches/:branchId/set-prefix",
+        branchesApiRoute.setPrefix
+    );
+
+    apiRoute(
+        GET,
+        "/api/notes/:noteId/attachments",
+        attachmentsApiRoute.getAttachments
+    );
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/attachments",
+        attachmentsApiRoute.saveAttachment
+    );
+    route(
+        PST,
+        "/api/notes/:noteId/attachments/upload",
+        [
+            auth.checkApiAuthOrElectron,
+            uploadMiddlewareWithErrorHandling,
+            csrfMiddleware,
+        ],
+        attachmentsApiRoute.uploadAttachment,
+        apiResultHandler
+    );
+    apiRoute(
+        GET,
+        "/api/attachments/:attachmentId",
+        attachmentsApiRoute.getAttachment
+    );
+    apiRoute(
+        GET,
+        "/api/attachments/:attachmentId/all",
+        attachmentsApiRoute.getAllAttachments
+    );
+    apiRoute(
+        PST,
+        "/api/attachments/:attachmentId/convert-to-note",
+        attachmentsApiRoute.convertAttachmentToNote
+    );
+    apiRoute(
+        DEL,
+        "/api/attachments/:attachmentId",
+        attachmentsApiRoute.deleteAttachment
+    );
+    apiRoute(
+        PUT,
+        "/api/attachments/:attachmentId/rename",
+        attachmentsApiRoute.renameAttachment
+    );
+    apiRoute(
+        GET,
+        "/api/attachments/:attachmentId/blob",
+        attachmentsApiRoute.getAttachmentBlob
+    );
+    route(
+        GET,
+        "/api/attachments/:attachmentId/image/:filename",
+        [auth.checkApiAuthOrElectron],
+        imageRoute.returnAttachedImage
+    );
+    route(
+        GET,
+        "/api/attachments/:attachmentId/open",
+        [auth.checkApiAuthOrElectron],
+        filesRoute.openAttachment
+    );
+    route(
+        GET,
+        "/api/attachments/:attachmentId/open-partial",
+        [auth.checkApiAuthOrElectron],
+        createPartialContentHandler(filesRoute.attachmentContentProvider, {
+            debug: (string, extra) => {
+                console.log(string, extra);
+            },
+        })
+    );
+    route(
+        GET,
+        "/api/attachments/:attachmentId/download",
+        [auth.checkApiAuthOrElectron],
+        filesRoute.downloadAttachment
+    );
+    // this "hacky" path is used for easier referencing of CSS resources
+    route(
+        GET,
+        "/api/attachments/download/:attachmentId",
+        [auth.checkApiAuthOrElectron],
+        filesRoute.downloadAttachment
+    );
+    apiRoute(
+        PST,
+        "/api/attachments/:attachmentId/save-to-tmp-dir",
+        filesRoute.saveAttachmentToTmpDir
+    );
+    apiRoute(
+        PST,
+        "/api/attachments/:attachmentId/upload-modified-file",
+        filesRoute.uploadModifiedFileToAttachment
+    );
+    route(
+        PUT,
+        "/api/attachments/:attachmentId/file",
+        [
+            auth.checkApiAuthOrElectron,
+            uploadMiddlewareWithErrorHandling,
+            csrfMiddleware,
+        ],
+        filesRoute.updateAttachment,
+        apiResultHandler
+    );
+
+    apiRoute(
+        GET,
+        "/api/notes/:noteId/revisions",
+        revisionsApiRoute.getRevisions
+    );
+    apiRoute(
+        DEL,
+        "/api/notes/:noteId/revisions",
+        revisionsApiRoute.eraseAllRevisions
+    );
+    apiRoute(GET, "/api/revisions/:revisionId", revisionsApiRoute.getRevision);
+    apiRoute(
+        GET,
+        "/api/revisions/:revisionId/blob",
+        revisionsApiRoute.getRevisionBlob
+    );
+    apiRoute(
+        DEL,
+        "/api/revisions/:revisionId",
+        revisionsApiRoute.eraseRevision
+    );
+    apiRoute(
+        PST,
+        "/api/revisions/:revisionId/restore",
+        revisionsApiRoute.restoreRevision
+    );
+    route(
+        GET,
+        "/api/revisions/:revisionId/image/:filename",
+        [auth.checkApiAuthOrElectron],
+        imageRoute.returnImageFromRevision
+    );
+
+    route(
+        GET,
+        "/api/revisions/:revisionId/download",
+        [auth.checkApiAuthOrElectron],
+        revisionsApiRoute.downloadRevision
+    );
+
+    route(
+        GET,
+        "/api/branches/:branchId/export/:type/:format/:version/:taskId",
+        [auth.checkApiAuthOrElectron],
+        exportRoute.exportBranch
+    );
+    route(
+        PST,
+        "/api/notes/:parentNoteId/notes-import",
+        [
+            auth.checkApiAuthOrElectron,
+            uploadMiddlewareWithErrorHandling,
+            csrfMiddleware,
+        ],
+        importRoute.importNotesToBranch,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/notes/:parentNoteId/attachments-import",
+        [
+            auth.checkApiAuthOrElectron,
+            uploadMiddlewareWithErrorHandling,
+            csrfMiddleware,
+        ],
+        importRoute.importAttachmentsToNote,
+        apiResultHandler
+    );
+
+    apiRoute(
+        GET,
+        "/api/notes/:noteId/attributes",
+        attributesRoute.getEffectiveNoteAttributes
+    );
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/attributes",
+        attributesRoute.addNoteAttribute
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/attributes",
+        attributesRoute.updateNoteAttributes
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/attribute",
+        attributesRoute.updateNoteAttribute
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/set-attribute",
+        attributesRoute.setNoteAttribute
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/relations/:name/to/:targetNoteId",
+        attributesRoute.createRelation
+    );
+    apiRoute(
+        DEL,
+        "/api/notes/:noteId/relations/:name/to/:targetNoteId",
+        attributesRoute.deleteRelation
+    );
+    apiRoute(
+        DEL,
+        "/api/notes/:noteId/attributes/:attributeId",
+        attributesRoute.deleteNoteAttribute
+    );
+    apiRoute(GET, "/api/attribute-names", attributesRoute.getAttributeNames);
+    apiRoute(
+        GET,
+        "/api/attribute-values/:attributeName",
+        attributesRoute.getValuesForAttribute
+    );
+
+    // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
+    route(
+        GET,
+        "/api/images/:noteId/:filename",
+        [auth.checkApiAuthOrElectron],
+        imageRoute.returnImageFromNote
+    );
+    route(
+        PUT,
+        "/api/images/:noteId",
+        [
+            auth.checkApiAuthOrElectron,
+            uploadMiddlewareWithErrorHandling,
+            csrfMiddleware,
+        ],
+        imageRoute.updateImage,
+        apiResultHandler
+    );
+
+    apiRoute(GET, "/api/options", optionsApiRoute.getOptions);
+    // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
+    apiRoute(PUT, "/api/options/:name/:value*", optionsApiRoute.updateOption);
+    apiRoute(PUT, "/api/options", optionsApiRoute.updateOptions);
+    apiRoute(GET, "/api/options/user-themes", optionsApiRoute.getUserThemes);
+
+    apiRoute(PST, "/api/password/change", passwordApiRoute.changePassword);
+    apiRoute(PST, "/api/password/reset", passwordApiRoute.resetPassword);
+
+    apiRoute(PST, "/api/sync/test", syncApiRoute.testSync);
+    apiRoute(PST, "/api/sync/now", syncApiRoute.syncNow);
+    apiRoute(
+        PST,
+        "/api/sync/fill-entity-changes",
+        syncApiRoute.fillEntityChanges
+    );
+    apiRoute(PST, "/api/sync/force-full-sync", syncApiRoute.forceFullSync);
+    route(
+        GET,
+        "/api/sync/check",
+        [auth.checkApiAuth],
+        syncApiRoute.checkSync,
+        apiResultHandler
+    );
+    route(
+        GET,
+        "/api/sync/changed",
+        [auth.checkApiAuth],
+        syncApiRoute.getChanged,
+        apiResultHandler
+    );
+    route(
+        PUT,
+        "/api/sync/update",
+        [auth.checkApiAuth],
+        syncApiRoute.update,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/sync/finished",
+        [auth.checkApiAuth],
+        syncApiRoute.syncFinished,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/sync/check-entity-changes",
+        [auth.checkApiAuth],
+        syncApiRoute.checkEntityChanges,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/sync/queue-sector/:entityName/:sector",
+        [auth.checkApiAuth],
+        syncApiRoute.queueSector,
+        apiResultHandler
+    );
+    route(GET, "/api/sync/stats", [], syncApiRoute.getStats, apiResultHandler);
+
+    apiRoute(PST, "/api/recent-notes", recentNotesRoute.addRecentNote);
+    apiRoute(GET, "/api/app-info", appInfoRoute.getAppInfo);
+
+    // docker health check
+    route(
+        GET,
+        "/api/health-check",
+        [],
+        () => ({ status: "ok" }),
+        apiResultHandler
+    );
+
+    // group of the services below are meant to be executed from the outside
+    route(
+        GET,
+        "/api/setup/status",
+        [],
+        setupApiRoute.getStatus,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/setup/new-document",
+        [auth.checkAppNotInitialized],
+        setupApiRoute.setupNewDocument,
+        apiResultHandler,
+        false
+    );
+    route(
+        PST,
+        "/api/setup/sync-from-server",
+        [auth.checkAppNotInitialized],
+        setupApiRoute.setupSyncFromServer,
+        apiResultHandler,
+        false
+    );
+    route(
+        GET,
+        "/api/setup/sync-seed",
+        [auth.checkCredentials],
+        setupApiRoute.getSyncSeed,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/setup/sync-seed",
+        [auth.checkAppNotInitialized],
+        setupApiRoute.saveSyncSeed,
+        apiResultHandler,
+        false
+    );
+
+    apiRoute(GET, "/api/autocomplete", autocompleteApiRoute.getAutocomplete);
+    apiRoute(GET, "/api/quick-search/:searchString", searchRoute.quickSearch);
+    apiRoute(GET, "/api/search-note/:noteId", searchRoute.searchFromNote);
+    apiRoute(
+        PST,
+        "/api/search-and-execute-note/:noteId",
+        searchRoute.searchAndExecute
+    );
+    apiRoute(PST, "/api/search-related", searchRoute.getRelatedNotes);
+    apiRoute(GET, "/api/search/:searchString", searchRoute.search);
+    apiRoute(GET, "/api/search-templates", searchRoute.searchTemplates);
+
+    apiRoute(PST, "/api/bulk-action/execute", bulkActionRoute.execute);
+    apiRoute(
+        PST,
+        "/api/bulk-action/affected-notes",
+        bulkActionRoute.getAffectedNoteCount
+    );
+
+    route(
+        PST,
+        "/api/login/sync",
+        [],
+        loginApiRoute.loginSync,
+        apiResultHandler
+    );
+    // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
+    apiRoute(
+        PST,
+        "/api/login/protected",
+        loginApiRoute.loginToProtectedSession
+    );
+    apiRoute(
+        PST,
+        "/api/login/protected/touch",
+        loginApiRoute.touchProtectedSession
+    );
+    apiRoute(
+        PST,
+        "/api/logout/protected",
+        loginApiRoute.logoutFromProtectedSession
+    );
+
+    route(
+        PST,
+        "/api/login/token",
+        [loginRateLimiter],
+        loginApiRoute.token,
+        apiResultHandler
+    );
+
+    apiRoute(GET, "/api/etapi-tokens", etapiTokensApiRoutes.getTokens);
+    apiRoute(PST, "/api/etapi-tokens", etapiTokensApiRoutes.createToken);
+    apiRoute(
+        PATCH,
+        "/api/etapi-tokens/:etapiTokenId",
+        etapiTokensApiRoutes.patchToken
+    );
+    apiRoute(
+        DEL,
+        "/api/etapi-tokens/:etapiTokenId",
+        etapiTokensApiRoutes.deleteToken
+    );
+
+    // in case of local electron, local calls are allowed unauthenticated, for server they need auth
+    const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
+
+    route(
+        GET,
+        "/api/clipper/handshake",
+        clipperMiddleware,
+        clipperRoute.handshake,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/clipper/clippings",
+        clipperMiddleware,
+        clipperRoute.addClipping,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/clipper/notes",
+        clipperMiddleware,
+        clipperRoute.createNote,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/clipper/open/:noteId",
+        clipperMiddleware,
+        clipperRoute.openNote,
+        apiResultHandler
+    );
+    route(
+        GET,
+        "/api/clipper/notes-by-url/:noteUrl",
+        clipperMiddleware,
+        clipperRoute.findNotesByUrl,
+        apiResultHandler
+    );
+
+    apiRoute(
+        GET,
+        "/api/special-notes/inbox/:date",
+        specialNotesRoute.getInboxNote
+    );
+    apiRoute(
+        GET,
+        "/api/special-notes/days/:date",
+        specialNotesRoute.getDayNote
+    );
+    apiRoute(
+        GET,
+        "/api/special-notes/weeks/:date",
+        specialNotesRoute.getWeekNote
+    );
+    apiRoute(
+        GET,
+        "/api/special-notes/months/:month",
+        specialNotesRoute.getMonthNote
+    );
+    apiRoute(
+        GET,
+        "/api/special-notes/years/:year",
+        specialNotesRoute.getYearNote
+    );
+    apiRoute(
+        GET,
+        "/api/special-notes/notes-for-month/:month",
+        specialNotesRoute.getDayNotesForMonth
+    );
+    apiRoute(
+        PST,
+        "/api/special-notes/sql-console",
+        specialNotesRoute.createSqlConsole
+    );
+    apiRoute(
+        PST,
+        "/api/special-notes/save-sql-console",
+        specialNotesRoute.saveSqlConsole
+    );
+    apiRoute(
+        PST,
+        "/api/special-notes/search-note",
+        specialNotesRoute.createSearchNote
+    );
+    apiRoute(
+        PST,
+        "/api/special-notes/save-search-note",
+        specialNotesRoute.saveSearchNote
+    );
+    apiRoute(
+        PST,
+        "/api/special-notes/launchers/:noteId/reset",
+        specialNotesRoute.resetLauncher
+    );
+    apiRoute(
+        PST,
+        "/api/special-notes/launchers/:parentNoteId/:launcherType",
+        specialNotesRoute.createLauncher
+    );
+    apiRoute(
+        PUT,
+        "/api/special-notes/api-script-launcher",
+        specialNotesRoute.createOrUpdateScriptLauncherFromApi
+    );
+
+    apiRoute(GET, "/api/sql/schema", sqlRoute.getSchema);
+    apiRoute(PST, "/api/sql/execute/:noteId", sqlRoute.execute);
+    route(
+        PST,
+        "/api/database/anonymize/:type",
+        [auth.checkApiAuthOrElectron, csrfMiddleware],
+        databaseRoute.anonymize,
+        apiResultHandler,
+        false
+    );
+    apiRoute(
+        GET,
+        "/api/database/anonymized-databases",
+        databaseRoute.getExistingAnonymizedDatabases
+    );
+
+    // backup requires execution outside of transaction
+    route(
+        PST,
+        "/api/database/backup-database",
+        [auth.checkApiAuthOrElectron, csrfMiddleware],
+        databaseRoute.backupDatabase,
+        apiResultHandler,
+        false
+    );
+    apiRoute(GET, "/api/database/backups", databaseRoute.getExistingBackups);
+
+    // VACUUM requires execution outside of transaction
+    route(
+        PST,
+        "/api/database/vacuum-database",
+        [auth.checkApiAuthOrElectron, csrfMiddleware],
+        databaseRoute.vacuumDatabase,
+        apiResultHandler,
+        false
+    );
+
+    route(
+        PST,
+        "/api/database/find-and-fix-consistency-issues",
+        [auth.checkApiAuthOrElectron, csrfMiddleware],
+        databaseRoute.findAndFixConsistencyIssues,
+        apiResultHandler,
+        false
+    );
+
+    apiRoute(
+        GET,
+        "/api/database/check-integrity",
+        databaseRoute.checkIntegrity
+    );
+
+    route(
+        PST,
+        "/api/script/exec",
+        [auth.checkApiAuth, csrfMiddleware],
+        scriptRoute.exec,
+        apiResultHandler,
+        false
+    );
+
+    apiRoute(PST, "/api/script/run/:noteId", scriptRoute.run);
+    apiRoute(GET, "/api/script/startup", scriptRoute.getStartupBundles);
+    apiRoute(GET, "/api/script/widgets", scriptRoute.getWidgetBundles);
+    apiRoute(PST, "/api/script/bundle/:noteId", scriptRoute.getBundle);
+    apiRoute(
+        GET,
+        "/api/script/relation/:noteId/:relationName",
+        scriptRoute.getRelationBundles
+    );
+
+    // no CSRF since this is called from android app
+    route(
+        PST,
+        "/api/sender/login",
+        [loginRateLimiter],
+        loginApiRoute.token,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/sender/image",
+        [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
+        senderRoute.uploadImage,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/sender/note",
+        [auth.checkEtapiToken],
+        senderRoute.saveNote,
+        apiResultHandler
+    );
+
+    apiRoute(GET, "/api/keyboard-actions", keysRoute.getKeyboardActions);
+    apiRoute(
+        GET,
+        "/api/keyboard-shortcuts-for-notes",
+        keysRoute.getShortcutsForNotes
+    );
+
+    apiRoute(PST, "/api/relation-map", relationMapApiRoute.getRelationMap);
+    apiRoute(
+        PST,
+        "/api/notes/erase-deleted-notes-now",
+        notesApiRoute.eraseDeletedNotesNow
+    );
+    apiRoute(
+        PST,
+        "/api/notes/erase-unused-attachments-now",
+        notesApiRoute.eraseUnusedAttachmentsNow
+    );
+    apiRoute(
+        GET,
+        "/api/similar-notes/:noteId",
+        similarNotesRoute.getSimilarNotes
+    );
+    apiRoute(GET, "/api/backend-log", backendLogRoute.getBackendLog);
+    apiRoute(GET, "/api/stats/note-size/:noteId", statsRoute.getNoteSize);
+    apiRoute(GET, "/api/stats/subtree-size/:noteId", statsRoute.getSubtreeSize);
+    apiRoute(
+        PST,
+        "/api/delete-notes-preview",
+        notesApiRoute.getDeleteNotesPreview
+    );
+    route(
+        GET,
+        "/api/fonts",
+        [auth.checkApiAuthOrElectron],
+        fontsRoute.getFontCss
+    );
+    apiRoute(GET, "/api/other/icon-usage", otherRoute.getIconUsage);
+    apiRoute(PST, "/api/other/render-markdown", otherRoute.renderMarkdown);
+    apiRoute(
+        GET,
+        "/api/recent-changes/:ancestorNoteId",
+        recentChangesApiRoute.getRecentChanges
+    );
+    apiRoute(
+        GET,
+        "/api/edited-notes/:date",
+        revisionsApiRoute.getEditedNotesOnDate
+    );
+
+    apiRoute(PST, "/api/note-map/:noteId/tree", noteMapRoute.getTreeMap);
+    apiRoute(PST, "/api/note-map/:noteId/link", noteMapRoute.getLinkMap);
+    apiRoute(
+        GET,
+        "/api/note-map/:noteId/backlink-count",
+        noteMapRoute.getBacklinkCount
+    );
+    apiRoute(GET, "/api/note-map/:noteId/backlinks", noteMapRoute.getBacklinks);
+
+    shareRoutes.register(router);
+
+    etapiAuthRoutes.register(router, [loginRateLimiter]);
+    etapiAppInfoRoutes.register(router);
+    etapiAttachmentRoutes.register(router);
+    etapiAttributeRoutes.register(router);
+    etapiBranchRoutes.register(router);
+    etapiNoteRoutes.register(router);
+    etapiSpecialNoteRoutes.register(router);
+    etapiSpecRoute.register(router);
+    etapiBackupRoute.register(router);
+
+    app.use("", router);
 }
 
 /** Handling common patterns. If entity is not caught, serialization to JSON will fail */
 function convertEntitiesToPojo(result: unknown) {
-  if (result instanceof AbstractBeccaEntity) {
-    result = result.getPojo();
-  } else if (Array.isArray(result)) {
-    for (const idx in result) {
-      if (result[idx] instanceof AbstractBeccaEntity) {
-        result[idx] = result[idx].getPojo();
-      }
-    }
-  } else if (result && typeof result === "object") {
-    if ("note" in result && result.note instanceof AbstractBeccaEntity) {
-      result.note = result.note.getPojo();
-    }
+    if (result instanceof AbstractBeccaEntity) {
+        result = result.getPojo();
+    } else if (Array.isArray(result)) {
+        for (const idx in result) {
+            if (result[idx] instanceof AbstractBeccaEntity) {
+                result[idx] = result[idx].getPojo();
+            }
+        }
+    } else if (result && typeof result === "object") {
+        if ("note" in result && result.note instanceof AbstractBeccaEntity) {
+            result.note = result.note.getPojo();
+        }
 
-    if ("branch" in result && result.branch instanceof AbstractBeccaEntity) {
-      result.branch = result.branch.getPojo();
+        if (
+            "branch" in result &&
+            result.branch instanceof AbstractBeccaEntity
+        ) {
+            result.branch = result.branch.getPojo();
+        }
     }
-  }
 
-  if (result && typeof result === "object" && "executionResult" in result) {
-    // from runOnBackend()
-    result.executionResult = convertEntitiesToPojo(result.executionResult);
-  }
+    if (result && typeof result === "object" && "executionResult" in result) {
+        // from runOnBackend()
+        result.executionResult = convertEntitiesToPojo(result.executionResult);
+    }
 
-  return result;
+    return result;
 }
 
 function apiResultHandler(
-  req: express.Request,
-  res: express.Response,
-  result: unknown
+    req: express.Request,
+    res: express.Response,
+    result: unknown
 ) {
-  res.setHeader(
-    "trilium-max-entity-change-id",
-    entityChangesService.getMaxEntityChangeId()
-  );
-
-  result = convertEntitiesToPojo(result);
-
-  // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
-  if (
-    Array.isArray(result) &&
-    result.length > 0 &&
-    Number.isInteger(result[0])
-  ) {
-    const [statusCode, response] = result;
-
-    if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
-      log.info(
-        `${req.method} ${
-          req.originalUrl
-        } returned ${statusCode} with response ${JSON.stringify(response)}`
-      );
-    }
+    res.setHeader(
+        "trilium-max-entity-change-id",
+        entityChangesService.getMaxEntityChangeId()
+    );
+
+    result = convertEntitiesToPojo(result);
+
+    // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
+    if (
+        Array.isArray(result) &&
+        result.length > 0 &&
+        Number.isInteger(result[0])
+    ) {
+        const [statusCode, response] = result;
+
+        if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
+            log.info(
+                `${req.method} ${
+                    req.originalUrl
+                } returned ${statusCode} with response ${JSON.stringify(
+                    response
+                )}`
+            );
+        }
 
-    return send(res, statusCode, response);
-  } else if (result === undefined) {
-    return send(res, 204, "");
-  } else {
-    return send(res, 200, result);
-  }
+        return send(res, statusCode, response);
+    } else if (result === undefined) {
+        return send(res, 204, "");
+    } else {
+        return send(res, 200, result);
+    }
 }
 
 function send(res: express.Response, statusCode: number, response: unknown) {
-  if (typeof response === "string") {
-    if (statusCode >= 400) {
-      res.setHeader("Content-Type", "text/plain");
-    }
+    if (typeof response === "string") {
+        if (statusCode >= 400) {
+            res.setHeader("Content-Type", "text/plain");
+        }
 
-    res.status(statusCode).send(response);
+        res.status(statusCode).send(response);
 
-    return response.length;
-  } else {
-    const json = JSON.stringify(response);
+        return response.length;
+    } else {
+        const json = JSON.stringify(response);
 
-    res.setHeader("Content-Type", "application/json");
-    res.status(statusCode).send(json);
+        res.setHeader("Content-Type", "application/json");
+        res.status(statusCode).send(json);
 
-    return json.length;
-  }
+        return json.length;
+    }
 }
 
 function apiRoute(
-  method: HttpMethod,
-  path: string,
-  routeHandler: express.Handler
+    method: HttpMethod,
+    path: string,
+    routeHandler: express.Handler
 ) {
-  route(
-    method,
-    path,
-    [auth.checkApiAuth, csrfMiddleware],
-    routeHandler,
-    apiResultHandler
-  );
+    route(
+        method,
+        path,
+        [auth.checkApiAuth, csrfMiddleware],
+        routeHandler,
+        apiResultHandler
+    );
 }
 
 function route(
-  method: HttpMethod,
-  path: string,
-  middleware: (express.Handler | AppRequestHandler)[],
-  routeHandler: AppRequestHandler,
-  resultHandler: ApiResultHandler | null = null,
-  transactional = true
+    method: HttpMethod,
+    path: string,
+    middleware: (express.Handler | AppRequestHandler)[],
+    routeHandler: AppRequestHandler,
+    resultHandler: ApiResultHandler | null = null,
+    transactional = true
 ) {
-  router[method](
-    path,
-    ...(middleware as express.Handler[]),
-    (
-      req: express.Request,
-      res: express.Response,
-      next: express.NextFunction
-    ) => {
-      const start = Date.now();
-
-      try {
-        cls.namespace.bindEmitter(req);
-        cls.namespace.bindEmitter(res);
-
-        const result = cls.init(() => {
-          cls.set("componentId", req.headers["trilium-component-id"]);
-          cls.set(
-            "localNowDateTime",
-            req.headers["trilium-local-now-datetime"]
-          );
-          cls.set(
-            "hoistedNoteId",
-            req.headers["trilium-hoisted-note-id"] || "root"
-          );
-
-          const cb = () => routeHandler(req as AppRequest, res, next);
-
-          return transactional ? sql.transactional(cb) : cb();
-        });
-
-        if (!resultHandler) {
-          return;
-        }
-
-        if (result?.then) {
-          // promise
-          result
-            .then((promiseResult: unknown) =>
-              handleResponse(resultHandler, req, res, promiseResult, start)
-            )
-            .catch((e: any) => handleException(e, method, path, res));
-        } else {
-          handleResponse(resultHandler, req, res, result, start);
+    router[method](
+        path,
+        ...(middleware as express.Handler[]),
+        (
+            req: express.Request,
+            res: express.Response,
+            next: express.NextFunction
+        ) => {
+            const start = Date.now();
+
+            try {
+                cls.namespace.bindEmitter(req);
+                cls.namespace.bindEmitter(res);
+
+                const result = cls.init(() => {
+                    cls.set("componentId", req.headers["trilium-component-id"]);
+                    cls.set(
+                        "localNowDateTime",
+                        req.headers["trilium-local-now-datetime"]
+                    );
+                    cls.set(
+                        "hoistedNoteId",
+                        req.headers["trilium-hoisted-note-id"] || "root"
+                    );
+
+                    const cb = () => routeHandler(req as AppRequest, res, next);
+
+                    return transactional ? sql.transactional(cb) : cb();
+                });
+
+                if (!resultHandler) {
+                    return;
+                }
+
+                if (result?.then) {
+                    // promise
+                    result
+                        .then((promiseResult: unknown) =>
+                            handleResponse(
+                                resultHandler,
+                                req,
+                                res,
+                                promiseResult,
+                                start
+                            )
+                        )
+                        .catch((e: any) =>
+                            handleException(e, method, path, res)
+                        );
+                } else {
+                    handleResponse(resultHandler, req, res, result, start);
+                }
+            } catch (e) {
+                handleException(e, method, path, res);
+            }
         }
-      } catch (e) {
-        handleException(e, method, path, res);
-      }
-    }
-  );
+    );
 }
 
 function handleResponse(
-  resultHandler: ApiResultHandler,
-  req: express.Request,
-  res: express.Response,
-  result: unknown,
-  start: number
+    resultHandler: ApiResultHandler,
+    req: express.Request,
+    res: express.Response,
+    result: unknown,
+    start: number
 ) {
-  const responseLength = resultHandler(req, res, result);
+    const responseLength = resultHandler(req, res, result);
 
-  log.request(req, res, Date.now() - start, responseLength);
+    log.request(req, res, Date.now() - start, responseLength);
 }
 
 function handleException(
-  e: any,
-  method: HttpMethod,
-  path: string,
-  res: express.Response
+    e: any,
+    method: HttpMethod,
+    path: string,
+    res: express.Response
 ) {
-  log.error(
-    `${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`
-  );
+    log.error(
+        `${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`
+    );
 
-  if (e instanceof ValidationError) {
-    res.status(400).json({
-      message: e.message,
-    });
-  } else if (e instanceof NotFoundError) {
-    res.status(404).json({
-      message: e.message,
-    });
-  } else {
-    res.status(500).json({
-      message: e.message,
-    });
-  }
+    if (e instanceof ValidationError) {
+        res.status(400).json({
+            message: e.message,
+        });
+    } else if (e instanceof NotFoundError) {
+        res.status(404).json({
+            message: e.message,
+        });
+    } else {
+        res.status(500).json({
+            message: e.message,
+        });
+    }
 }
 
 function createUploadMiddleware() {
-  const multerOptions: multer.Options = {
-    fileFilter: (req: express.Request, file, cb) => {
-      // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
-      // See https://github.com/expressjs/multer/pull/1102.
-      file.originalname = Buffer.from(file.originalname, "latin1").toString(
-        "utf-8"
-      );
-      cb(null, true);
-    },
-  };
-
-  if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
-    multerOptions.limits = {
-      fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024,
+    const multerOptions: multer.Options = {
+        fileFilter: (req: express.Request, file, cb) => {
+            // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
+            // See https://github.com/expressjs/multer/pull/1102.
+            file.originalname = Buffer.from(
+                file.originalname,
+                "latin1"
+            ).toString("utf-8");
+            cb(null, true);
+        },
     };
-  }
 
-  return multer(multerOptions).single("upload");
+    if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
+        multerOptions.limits = {
+            fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024,
+        };
+    }
+
+    return multer(multerOptions).single("upload");
 }
 
 export = {
-  register,
+    register,
 };
diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index 53bae81b5c..b162293078 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -4,42 +4,42 @@ import optionService = require("../options");
 import crypto = require("crypto");
 
 function getVerificationHash(password: crypto.BinaryLike) {
-  const salt = optionService.getOption("passwordVerificationSalt");
+    const salt = optionService.getOption("passwordVerificationSalt");
 
-  return getScryptHash(password, salt);
+    return getScryptHash(password, salt);
 }
 
 function getPasswordDerivedKey(password: crypto.BinaryLike) {
-  const salt = optionService.getOption("passwordDerivedKeySalt");
+    const salt = optionService.getOption("passwordDerivedKeySalt");
 
-  return getScryptHash(password, salt);
+    return getScryptHash(password, salt);
 }
 
 function getScryptHash(password: crypto.BinaryLike, salt: crypto.BinaryLike) {
-  const hashed = crypto.scryptSync(password, salt, 32, {
-    N: 16384,
-    r: 8,
-    p: 1,
-  });
+    const hashed = crypto.scryptSync(password, salt, 32, {
+        N: 16384,
+        r: 8,
+        p: 1,
+    });
 
-  return hashed;
+    return hashed;
 }
 
 function getTotpSecretVerificationHash(secret: crypto.BinaryLike) {
-  const salt = optionService.getOption("totpSecretVerificationSalt");
+    const salt = optionService.getOption("totpSecretVerificationSalt");
 
-  return getScryptHash(secret, salt);
+    return getScryptHash(secret, salt);
 }
 
 function getTotpSecretDerivedKey(secret: crypto.BinaryLike) {
-  const salt = optionService.getOption("totpSecretDerivedKeySalt");
+    const salt = optionService.getOption("totpSecretDerivedKeySalt");
 
-  return getScryptHash(secret, salt);
+    return getScryptHash(secret, salt);
 }
 
 export = {
-  getVerificationHash,
-  getPasswordDerivedKey,
-  getTotpSecretVerificationHash,
-  getTotpSecretDerivedKey,
+    getVerificationHash,
+    getPasswordDerivedKey,
+    getTotpSecretVerificationHash,
+    getTotpSecretDerivedKey,
 };
diff --git a/src/services/encryption/password_encryption.ts b/src/services/encryption/password_encryption.ts
index 075f10f2de..97db57bffe 100644
--- a/src/services/encryption/password_encryption.ts
+++ b/src/services/encryption/password_encryption.ts
@@ -4,47 +4,47 @@ import utils = require("../utils");
 import dataEncryptionService = require("./data_encryption");
 
 function verifyPassword(password: string) {
-  const givenPasswordHash = utils.toBase64(
-    myScryptService.getVerificationHash(password)
-  );
+    const givenPasswordHash = utils.toBase64(
+        myScryptService.getVerificationHash(password)
+    );
 
-  const dbPasswordHash = optionService.getOptionOrNull(
-    "passwordVerificationHash"
-  );
+    const dbPasswordHash = optionService.getOptionOrNull(
+        "passwordVerificationHash"
+    );
 
-  if (!dbPasswordHash) {
-    return false;
-  }
+    if (!dbPasswordHash) {
+        return false;
+    }
 
-  return givenPasswordHash === dbPasswordHash;
+    return givenPasswordHash === dbPasswordHash;
 }
 
 function setDataKey(password: string, plainTextDataKey: string | Buffer) {
-  const passwordDerivedKey = myScryptService.getPasswordDerivedKey(password);
+    const passwordDerivedKey = myScryptService.getPasswordDerivedKey(password);
 
-  const newEncryptedDataKey = dataEncryptionService.encrypt(
-    passwordDerivedKey,
-    plainTextDataKey
-  );
+    const newEncryptedDataKey = dataEncryptionService.encrypt(
+        passwordDerivedKey,
+        plainTextDataKey
+    );
 
-  optionService.setOption("encryptedDataKey", newEncryptedDataKey);
+    optionService.setOption("encryptedDataKey", newEncryptedDataKey);
 }
 
 function getDataKey(password: string) {
-  const passwordDerivedKey = myScryptService.getPasswordDerivedKey(password);
+    const passwordDerivedKey = myScryptService.getPasswordDerivedKey(password);
 
-  const encryptedDataKey = optionService.getOption("encryptedDataKey");
+    const encryptedDataKey = optionService.getOption("encryptedDataKey");
 
-  const decryptedDataKey = dataEncryptionService.decrypt(
-    passwordDerivedKey,
-    encryptedDataKey
-  );
+    const decryptedDataKey = dataEncryptionService.decrypt(
+        passwordDerivedKey,
+        encryptedDataKey
+    );
 
-  return decryptedDataKey;
+    return decryptedDataKey;
 }
 
 export = {
-  verifyPassword,
-  getDataKey,
-  setDataKey,
+    verifyPassword,
+    getDataKey,
+    setDataKey,
 };
diff --git a/src/services/encryption/totp_secret.ts b/src/services/encryption/totp_secret.ts
index 9e2d553786..cb38b495c1 100644
--- a/src/services/encryption/totp_secret.ts
+++ b/src/services/encryption/totp_secret.ts
@@ -7,104 +7,105 @@ import utils = require("../utils");
 import totpEncryptionService = require("./totp_secret_encryption");
 
 function isTotpSecretSet() {
-  return !!sql.getValue(
-    "SELECT value FROM options WHERE name = 'passwordVerificationHash'"
-  );
+    return !!sql.getValue(
+        "SELECT value FROM options WHERE name = 'passwordVerificationHash'"
+    );
 }
 
 function changePassword(currentSecret: string, newSecret: string) {
-  if (!isTotpSecretSet()) {
-    throw new Error(
-      "TOTP Secret has not been set yet, so it cannot be changed. Use 'setTotpSecret' instead."
-    );
-  }
+    if (!isTotpSecretSet()) {
+        throw new Error(
+            "TOTP Secret has not been set yet, so it cannot be changed. Use 'setTotpSecret' instead."
+        );
+    }
 
-  sql.transactional(() => {
-    const decryptedDataKey = totpEncryptionService.getDataKey(currentSecret);
+    sql.transactional(() => {
+        const decryptedDataKey =
+            totpEncryptionService.getDataKey(currentSecret);
+
+        optionService.setOption(
+            "totpSecretVerificationSalt",
+            utils.randomSecureToken(32)
+        );
+        optionService.setOption(
+            "totpSecretDerivedKeySalt",
+            utils.randomSecureToken(32)
+        );
+
+        const newTotpSecretVerificationKey = utils.toBase64(
+            myScryptService.getTotpSecretVerificationHash(newSecret)
+        );
+
+        if (decryptedDataKey) {
+            // TODO: what should happen if the decrypted data key is null?
+            totpEncryptionService.setDataKey(newSecret, decryptedDataKey);
+        }
+
+        optionService.setOption(
+            "totpSecretVerificationHash",
+            newTotpSecretVerificationKey
+        );
+    });
+
+    return {
+        success: true,
+    };
+}
+
+function setTotpSecret(secret: string) {
+    if (isTotpSecretSet()) {
+        throw new Error(
+            "TOTP Secret is set already. Either change it or perform 'reset TOTP' first."
+        );
+    }
 
-    optionService.setOption(
-      "totpSecretVerificationSalt",
-      utils.randomSecureToken(32)
+    optionService.createOption(
+        "totpSecretVerificationSalt",
+        utils.randomSecureToken(32),
+        true
     );
-    optionService.setOption(
-      "totpSecretDerivedKeySalt",
-      utils.randomSecureToken(32)
+    optionService.createOption(
+        "totpSecretDerivedKeySalt",
+        utils.randomSecureToken(32),
+        true
     );
 
-    const newTotpSecretVerificationKey = utils.toBase64(
-      myScryptService.getTotpSecretVerificationHash(newSecret)
+    const totpSecretVerificationKey = utils.toBase64(
+        myScryptService.getTotpSecretVerificationHash(secret)
     );
-
-    if (decryptedDataKey) {
-      // TODO: what should happen if the decrypted data key is null?
-      totpEncryptionService.setDataKey(newSecret, decryptedDataKey);
-    }
-
-    optionService.setOption(
-      "totpSecretVerificationHash",
-      newTotpSecretVerificationKey
+    optionService.createOption(
+        "totpSecretVerificationHash",
+        totpSecretVerificationKey,
+        true
     );
-  });
 
-  return {
-    success: true,
-  };
-}
+    // totpEncryptionService expects these options to already exist
+    optionService.createOption("encryptedTotpSecretDataKey", "", true);
 
-function setTotpSecret(secret: string) {
-  if (isTotpSecretSet()) {
-    throw new Error(
-      "TOTP Secret is set already. Either change it or perform 'reset TOTP' first."
-    );
-  }
-
-  optionService.createOption(
-    "totpSecretVerificationSalt",
-    utils.randomSecureToken(32),
-    true
-  );
-  optionService.createOption(
-    "totpSecretDerivedKeySalt",
-    utils.randomSecureToken(32),
-    true
-  );
-
-  const totpSecretVerificationKey = utils.toBase64(
-    myScryptService.getTotpSecretVerificationHash(secret)
-  );
-  optionService.createOption(
-    "totpSecretVerificationHash",
-    totpSecretVerificationKey,
-    true
-  );
-
-  // totpEncryptionService expects these options to already exist
-  optionService.createOption("encryptedTotpSecretDataKey", "", true);
-
-  totpEncryptionService.setDataKey(secret, utils.randomSecureToken(16));
-
-  return {
-    success: true,
-  };
+    totpEncryptionService.setDataKey(secret, utils.randomSecureToken(16));
+
+    return {
+        success: true,
+    };
 }
 
 function resetPassword() {
-  // user forgot the password,
-  sql.transactional(() => {
-    optionService.setOption("passwordVerificationSalt", "");
-    optionService.setOption("passwordDerivedKeySalt", "");
-    optionService.setOption("encryptedDataKey", "");
-    optionService.setOption("passwordVerificationHash", "");
-  });
-
-  return {
-    success: true,
-  };
+    // user forgot the password,
+    sql.transactional(() => {
+        optionService.setOption("passwordVerificationSalt", "");
+        optionService.setOption("passwordDerivedKeySalt", "");
+        optionService.setOption("encryptedDataKey", "");
+        optionService.setOption("passwordVerificationHash", "");
+    });
+
+    return {
+        success: true,
+    };
 }
 
 export = {
-  isTotpSecretSet,
-  changePassword,
-  setTotpSecret,
-  resetPassword,
+    isTotpSecretSet,
+    changePassword,
+    setTotpSecret,
+    resetPassword,
 };
diff --git a/src/services/encryption/totp_secret_encryption.ts b/src/services/encryption/totp_secret_encryption.ts
index 4ff93f060c..a0baa13730 100644
--- a/src/services/encryption/totp_secret_encryption.ts
+++ b/src/services/encryption/totp_secret_encryption.ts
@@ -20,33 +20,35 @@ import dataEncryptionService = require("./data_encryption");
 // }
 
 function setDataKey(secret: string, plainTextDataKey: string | Buffer) {
-  const totpSecretDerivedKey = myScryptService.getTotpSecretDerivedKey(secret);
+    const totpSecretDerivedKey =
+        myScryptService.getTotpSecretDerivedKey(secret);
 
-  const newEncryptedDataKey = dataEncryptionService.encrypt(
-    totpSecretDerivedKey,
-    plainTextDataKey
-  );
+    const newEncryptedDataKey = dataEncryptionService.encrypt(
+        totpSecretDerivedKey,
+        plainTextDataKey
+    );
 
-  optionService.setOption("encryptedTotpSecretDataKey", newEncryptedDataKey);
+    optionService.setOption("encryptedTotpSecretDataKey", newEncryptedDataKey);
 }
 
 function getDataKey(secret: string) {
-  const totpSecretDerivedKey = myScryptService.getTotpSecretDerivedKey(secret);
+    const totpSecretDerivedKey =
+        myScryptService.getTotpSecretDerivedKey(secret);
 
-  const encryptedDataKey = optionService.getOption(
-    "encryptedTotpSecretDataKey"
-  );
+    const encryptedDataKey = optionService.getOption(
+        "encryptedTotpSecretDataKey"
+    );
 
-  const decryptedDataKey = dataEncryptionService.decrypt(
-    totpSecretDerivedKey,
-    encryptedDataKey
-  );
+    const decryptedDataKey = dataEncryptionService.decrypt(
+        totpSecretDerivedKey,
+        encryptedDataKey
+    );
 
-  return decryptedDataKey;
+    return decryptedDataKey;
 }
 
 export = {
-  //   verifyPassword,
-  getDataKey,
-  setDataKey,
+    //   verifyPassword,
+    getDataKey,
+    setDataKey,
 };
diff --git a/src/services/hidden_subtree.ts b/src/services/hidden_subtree.ts
index 4fc679ea3a..9be6fd83ae 100644
--- a/src/services/hidden_subtree.ts
+++ b/src/services/hidden_subtree.ts
@@ -16,38 +16,38 @@ const LBTPL_SPACER = "_lbTplSpacer";
 const LBTPL_CUSTOM_WIDGET = "_lbTplCustomWidget";
 
 interface Attribute {
-  type: AttributeType;
-  name: string;
-  isInheritable?: boolean;
-  value?: string;
+    type: AttributeType;
+    name: string;
+    isInheritable?: boolean;
+    value?: string;
 }
 
 interface Item {
-  notePosition?: number;
-  id: string;
-  title: string;
-  type: NoteType;
-  icon?: string;
-  attributes?: Attribute[];
-  children?: Item[];
-  isExpanded?: boolean;
-  baseSize?: string;
-  growthFactor?: string;
-  targetNoteId?: "_backendLog" | "_globalNoteMap";
-  builtinWidget?:
-    | "bookmarks"
-    | "spacer"
-    | "backInHistoryButton"
-    | "forwardInHistoryButton"
-    | "syncStatus"
-    | "protectedSession"
-    | "todayInJournal"
-    | "calendar";
-  command?:
-    | "jumpToNote"
-    | "searchNotes"
-    | "createNoteIntoInbox"
-    | "showRecentChanges";
+    notePosition?: number;
+    id: string;
+    title: string;
+    type: NoteType;
+    icon?: string;
+    attributes?: Attribute[];
+    children?: Item[];
+    isExpanded?: boolean;
+    baseSize?: string;
+    growthFactor?: string;
+    targetNoteId?: "_backendLog" | "_globalNoteMap";
+    builtinWidget?:
+        | "bookmarks"
+        | "spacer"
+        | "backInHistoryButton"
+        | "forwardInHistoryButton"
+        | "syncStatus"
+        | "protectedSession"
+        | "todayInJournal"
+        | "calendar";
+    command?:
+        | "jumpToNote"
+        | "searchNotes"
+        | "createNoteIntoInbox"
+        | "showRecentChanges";
 }
 
 /*
@@ -57,555 +57,663 @@ interface Item {
  */
 
 const HIDDEN_SUBTREE_DEFINITION: Item = {
-  id: "_hidden",
-  title: "Hidden Notes",
-  type: "doc",
-  icon: "bx bx-chip",
-  // we want to keep the hidden subtree always last, otherwise there will be problems with e.g., keyboard navigation
-  // over tree when it's in the middle
-  notePosition: 999_999_999,
-  attributes: [
-    { type: "label", name: "excludeFromNoteMap", isInheritable: true },
-    { type: "label", name: "docName", value: "hidden" },
-  ],
-  children: [
-    {
-      id: "_search",
-      title: "Search History",
-      type: "doc",
-    },
-    {
-      id: "_globalNoteMap",
-      title: "Note Map",
-      type: "noteMap",
-      attributes: [
-        { type: "label", name: "mapRootNoteId", value: "hoisted" },
-        { type: "label", name: "keepCurrentHoisting" },
-      ],
-    },
-    {
-      id: "_sqlConsole",
-      title: "SQL Console History",
-      type: "doc",
-      icon: "bx-data",
-    },
-    {
-      id: "_share",
-      title: "Shared Notes",
-      type: "doc",
-      attributes: [{ type: "label", name: "docName", value: "share" }],
-    },
-    {
-      id: "_bulkAction",
-      title: "Bulk Action",
-      type: "doc",
-    },
-    {
-      id: "_backendLog",
-      title: "Backend Log",
-      type: "contentWidget",
-      icon: "bx-terminal",
-      attributes: [{ type: "label", name: "keepCurrentHoisting" }],
-    },
-    {
-      // place for user scripts hidden stuff (scripts should not create notes directly under hidden root)
-      id: "_userHidden",
-      title: "User Hidden",
-      type: "doc",
-      attributes: [{ type: "label", name: "docName", value: "user_hidden" }],
-    },
-    {
-      id: LBTPL_ROOT,
-      title: "Launch Bar Templates",
-      type: "doc",
-      children: [
+    id: "_hidden",
+    title: "Hidden Notes",
+    type: "doc",
+    icon: "bx bx-chip",
+    // we want to keep the hidden subtree always last, otherwise there will be problems with e.g., keyboard navigation
+    // over tree when it's in the middle
+    notePosition: 999_999_999,
+    attributes: [
+        { type: "label", name: "excludeFromNoteMap", isInheritable: true },
+        { type: "label", name: "docName", value: "hidden" },
+    ],
+    children: [
         {
-          id: LBTPL_BASE,
-          title: "Base Abstract Launcher",
-          type: "doc",
+            id: "_search",
+            title: "Search History",
+            type: "doc",
         },
         {
-          id: LBTPL_COMMAND,
-          title: "Command Launcher",
-          type: "doc",
-          attributes: [
-            { type: "relation", name: "template", value: LBTPL_BASE },
-            { type: "label", name: "launcherType", value: "command" },
-            {
-              type: "label",
-              name: "docName",
-              value: "launchbar_command_launcher",
-            },
-          ],
+            id: "_globalNoteMap",
+            title: "Note Map",
+            type: "noteMap",
+            attributes: [
+                { type: "label", name: "mapRootNoteId", value: "hoisted" },
+                { type: "label", name: "keepCurrentHoisting" },
+            ],
         },
         {
-          id: LBTPL_NOTE_LAUNCHER,
-          title: "Note Launcher",
-          type: "doc",
-          attributes: [
-            { type: "relation", name: "template", value: LBTPL_BASE },
-            { type: "label", name: "launcherType", value: "note" },
-            { type: "label", name: "relation:target", value: "promoted" },
-            { type: "label", name: "relation:hoistedNote", value: "promoted" },
-            {
-              type: "label",
-              name: "label:keyboardShortcut",
-              value: "promoted,text",
-            },
-            {
-              type: "label",
-              name: "docName",
-              value: "launchbar_note_launcher",
-            },
-          ],
+            id: "_sqlConsole",
+            title: "SQL Console History",
+            type: "doc",
+            icon: "bx-data",
         },
         {
-          id: LBTPL_SCRIPT,
-          title: "Script Launcher",
-          type: "doc",
-          attributes: [
-            { type: "relation", name: "template", value: LBTPL_BASE },
-            { type: "label", name: "launcherType", value: "script" },
-            { type: "label", name: "relation:script", value: "promoted" },
-            {
-              type: "label",
-              name: "label:keyboardShortcut",
-              value: "promoted,text",
-            },
-            {
-              type: "label",
-              name: "docName",
-              value: "launchbar_script_launcher",
-            },
-          ],
+            id: "_share",
+            title: "Shared Notes",
+            type: "doc",
+            attributes: [{ type: "label", name: "docName", value: "share" }],
         },
         {
-          id: LBTPL_BUILTIN_WIDGET,
-          title: "Built-in Widget",
-          type: "doc",
-          attributes: [
-            { type: "relation", name: "template", value: LBTPL_BASE },
-            { type: "label", name: "launcherType", value: "builtinWidget" },
-          ],
+            id: "_bulkAction",
+            title: "Bulk Action",
+            type: "doc",
         },
         {
-          id: LBTPL_SPACER,
-          title: "Spacer",
-          type: "doc",
-          icon: "bx-move-vertical",
-          attributes: [
-            { type: "relation", name: "template", value: LBTPL_BUILTIN_WIDGET },
-            { type: "label", name: "builtinWidget", value: "spacer" },
-            { type: "label", name: "label:baseSize", value: "promoted,number" },
-            {
-              type: "label",
-              name: "label:growthFactor",
-              value: "promoted,number",
-            },
-            { type: "label", name: "docName", value: "launchbar_spacer" },
-          ],
+            id: "_backendLog",
+            title: "Backend Log",
+            type: "contentWidget",
+            icon: "bx-terminal",
+            attributes: [{ type: "label", name: "keepCurrentHoisting" }],
         },
         {
-          id: LBTPL_CUSTOM_WIDGET,
-          title: "Custom Widget",
-          type: "doc",
-          attributes: [
-            { type: "relation", name: "template", value: LBTPL_BASE },
-            { type: "label", name: "launcherType", value: "customWidget" },
-            { type: "label", name: "relation:widget", value: "promoted" },
-            {
-              type: "label",
-              name: "docName",
-              value: "launchbar_widget_launcher",
-            },
-          ],
+            // place for user scripts hidden stuff (scripts should not create notes directly under hidden root)
+            id: "_userHidden",
+            title: "User Hidden",
+            type: "doc",
+            attributes: [
+                { type: "label", name: "docName", value: "user_hidden" },
+            ],
         },
-      ],
-    },
-    {
-      id: "_lbRoot",
-      title: "Launch Bar",
-      type: "doc",
-      icon: "bx-sidebar",
-      isExpanded: true,
-      attributes: [
-        { type: "label", name: "docName", value: "launchbar_intro" },
-      ],
-      children: [
         {
-          id: "_lbAvailableLaunchers",
-          title: "Available Launchers",
-          type: "doc",
-          icon: "bx-hide",
-          isExpanded: true,
-          attributes: [
-            { type: "label", name: "docName", value: "launchbar_intro" },
-          ],
-          children: [
-            {
-              id: "_lbBackInHistory",
-              title: "Go to Previous Note",
-              type: "launcher",
-              builtinWidget: "backInHistoryButton",
-              icon: "bx bxs-left-arrow-square",
-              attributes: [
+            id: LBTPL_ROOT,
+            title: "Launch Bar Templates",
+            type: "doc",
+            children: [
                 {
-                  type: "label",
-                  name: "docName",
-                  value: "launchbar_history_navigation",
+                    id: LBTPL_BASE,
+                    title: "Base Abstract Launcher",
+                    type: "doc",
                 },
-              ],
-            },
-            {
-              id: "_lbForwardInHistory",
-              title: "Go to Next Note",
-              type: "launcher",
-              builtinWidget: "forwardInHistoryButton",
-              icon: "bx bxs-right-arrow-square",
-              attributes: [
                 {
-                  type: "label",
-                  name: "docName",
-                  value: "launchbar_history_navigation",
+                    id: LBTPL_COMMAND,
+                    title: "Command Launcher",
+                    type: "doc",
+                    attributes: [
+                        {
+                            type: "relation",
+                            name: "template",
+                            value: LBTPL_BASE,
+                        },
+                        {
+                            type: "label",
+                            name: "launcherType",
+                            value: "command",
+                        },
+                        {
+                            type: "label",
+                            name: "docName",
+                            value: "launchbar_command_launcher",
+                        },
+                    ],
                 },
-              ],
-            },
-            {
-              id: "_lbBackendLog",
-              title: "Backend Log",
-              type: "launcher",
-              targetNoteId: "_backendLog",
-              icon: "bx bx-terminal",
-            },
-          ],
-        },
-        {
-          id: "_lbVisibleLaunchers",
-          title: "Visible Launchers",
-          type: "doc",
-          icon: "bx-show",
-          isExpanded: true,
-          attributes: [
-            { type: "label", name: "docName", value: "launchbar_intro" },
-          ],
-          children: [
-            {
-              id: "_lbNewNote",
-              title: "New Note",
-              type: "launcher",
-              command: "createNoteIntoInbox",
-              icon: "bx bx-file-blank",
-            },
-            {
-              id: "_lbSearch",
-              title: "Search Notes",
-              type: "launcher",
-              command: "searchNotes",
-              icon: "bx bx-search",
-              attributes: [{ type: "label", name: "desktopOnly" }],
-            },
-            {
-              id: "_lbJumpTo",
-              title: "Jump to Note",
-              type: "launcher",
-              command: "jumpToNote",
-              icon: "bx bx-send",
-              attributes: [{ type: "label", name: "desktopOnly" }],
-            },
-            {
-              id: "_lbNoteMap",
-              title: "Note Map",
-              type: "launcher",
-              targetNoteId: "_globalNoteMap",
-              icon: "bx bx-map-alt",
-            },
-            {
-              id: "_lbCalendar",
-              title: "Calendar",
-              type: "launcher",
-              builtinWidget: "calendar",
-              icon: "bx bx-calendar",
-            },
-            {
-              id: "_lbRecentChanges",
-              title: "Recent Changes",
-              type: "launcher",
-              command: "showRecentChanges",
-              icon: "bx bx-history",
-              attributes: [{ type: "label", name: "desktopOnly" }],
-            },
-            {
-              id: "_lbSpacer1",
-              title: "Spacer",
-              type: "launcher",
-              builtinWidget: "spacer",
-              baseSize: "50",
-              growthFactor: "0",
-            },
-            {
-              id: "_lbBookmarks",
-              title: "Bookmarks",
-              type: "launcher",
-              builtinWidget: "bookmarks",
-              icon: "bx bx-bookmark",
-            },
-            {
-              id: "_lbToday",
-              title: "Open Today's Journal Note",
-              type: "launcher",
-              builtinWidget: "todayInJournal",
-              icon: "bx bx-calendar-star",
-            },
-            {
-              id: "_lbSpacer2",
-              title: "Spacer",
-              type: "launcher",
-              builtinWidget: "spacer",
-              baseSize: "0",
-              growthFactor: "1",
-            },
-            {
-              id: "_lbProtectedSession",
-              title: "Protected Session",
-              type: "launcher",
-              builtinWidget: "protectedSession",
-              icon: "bx bx bx-shield-quarter",
-            },
-            {
-              id: "_lbSyncStatus",
-              title: "Sync Status",
-              type: "launcher",
-              builtinWidget: "syncStatus",
-              icon: "bx bx-wifi",
-            },
-          ],
-        },
-      ],
-    },
-    {
-      id: "_options",
-      title: "Options",
-      type: "book",
-      children: [
-        {
-          id: "_optionsAppearance",
-          title: "Appearance",
-          type: "contentWidget",
-          icon: "bx-layout",
-        },
-        {
-          id: "_optionsShortcuts",
-          title: "Shortcuts",
-          type: "contentWidget",
-          icon: "bxs-keyboard",
-        },
-        {
-          id: "_optionsTextNotes",
-          title: "Text Notes",
-          type: "contentWidget",
-          icon: "bx-text",
-        },
-        {
-          id: "_optionsMFA",
-          title: "MFA",
-          type: "contentWidget",
-          icon: "bx-lock",
-        },
-        {
-          id: "_optionsCodeNotes",
-          title: "Code Notes",
-          type: "contentWidget",
-          icon: "bx-code",
-        },
-        {
-          id: "_optionsImages",
-          title: "Images",
-          type: "contentWidget",
-          icon: "bx-image",
-        },
-        {
-          id: "_optionsSpellcheck",
-          title: "Spellcheck",
-          type: "contentWidget",
-          icon: "bx-check-double",
-        },
-        {
-          id: "_optionsPassword",
-          title: "Password",
-          type: "contentWidget",
-          icon: "bx-lock",
-        },
-        {
-          id: "_optionsEtapi",
-          title: "ETAPI",
-          type: "contentWidget",
-          icon: "bx-extension",
-        },
-        {
-          id: "_optionsBackup",
-          title: "Backup",
-          type: "contentWidget",
-          icon: "bx-data",
+                {
+                    id: LBTPL_NOTE_LAUNCHER,
+                    title: "Note Launcher",
+                    type: "doc",
+                    attributes: [
+                        {
+                            type: "relation",
+                            name: "template",
+                            value: LBTPL_BASE,
+                        },
+                        { type: "label", name: "launcherType", value: "note" },
+                        {
+                            type: "label",
+                            name: "relation:target",
+                            value: "promoted",
+                        },
+                        {
+                            type: "label",
+                            name: "relation:hoistedNote",
+                            value: "promoted",
+                        },
+                        {
+                            type: "label",
+                            name: "label:keyboardShortcut",
+                            value: "promoted,text",
+                        },
+                        {
+                            type: "label",
+                            name: "docName",
+                            value: "launchbar_note_launcher",
+                        },
+                    ],
+                },
+                {
+                    id: LBTPL_SCRIPT,
+                    title: "Script Launcher",
+                    type: "doc",
+                    attributes: [
+                        {
+                            type: "relation",
+                            name: "template",
+                            value: LBTPL_BASE,
+                        },
+                        {
+                            type: "label",
+                            name: "launcherType",
+                            value: "script",
+                        },
+                        {
+                            type: "label",
+                            name: "relation:script",
+                            value: "promoted",
+                        },
+                        {
+                            type: "label",
+                            name: "label:keyboardShortcut",
+                            value: "promoted,text",
+                        },
+                        {
+                            type: "label",
+                            name: "docName",
+                            value: "launchbar_script_launcher",
+                        },
+                    ],
+                },
+                {
+                    id: LBTPL_BUILTIN_WIDGET,
+                    title: "Built-in Widget",
+                    type: "doc",
+                    attributes: [
+                        {
+                            type: "relation",
+                            name: "template",
+                            value: LBTPL_BASE,
+                        },
+                        {
+                            type: "label",
+                            name: "launcherType",
+                            value: "builtinWidget",
+                        },
+                    ],
+                },
+                {
+                    id: LBTPL_SPACER,
+                    title: "Spacer",
+                    type: "doc",
+                    icon: "bx-move-vertical",
+                    attributes: [
+                        {
+                            type: "relation",
+                            name: "template",
+                            value: LBTPL_BUILTIN_WIDGET,
+                        },
+                        {
+                            type: "label",
+                            name: "builtinWidget",
+                            value: "spacer",
+                        },
+                        {
+                            type: "label",
+                            name: "label:baseSize",
+                            value: "promoted,number",
+                        },
+                        {
+                            type: "label",
+                            name: "label:growthFactor",
+                            value: "promoted,number",
+                        },
+                        {
+                            type: "label",
+                            name: "docName",
+                            value: "launchbar_spacer",
+                        },
+                    ],
+                },
+                {
+                    id: LBTPL_CUSTOM_WIDGET,
+                    title: "Custom Widget",
+                    type: "doc",
+                    attributes: [
+                        {
+                            type: "relation",
+                            name: "template",
+                            value: LBTPL_BASE,
+                        },
+                        {
+                            type: "label",
+                            name: "launcherType",
+                            value: "customWidget",
+                        },
+                        {
+                            type: "label",
+                            name: "relation:widget",
+                            value: "promoted",
+                        },
+                        {
+                            type: "label",
+                            name: "docName",
+                            value: "launchbar_widget_launcher",
+                        },
+                    ],
+                },
+            ],
         },
         {
-          id: "_optionsSync",
-          title: "Sync",
-          type: "contentWidget",
-          icon: "bx-wifi",
+            id: "_lbRoot",
+            title: "Launch Bar",
+            type: "doc",
+            icon: "bx-sidebar",
+            isExpanded: true,
+            attributes: [
+                { type: "label", name: "docName", value: "launchbar_intro" },
+            ],
+            children: [
+                {
+                    id: "_lbAvailableLaunchers",
+                    title: "Available Launchers",
+                    type: "doc",
+                    icon: "bx-hide",
+                    isExpanded: true,
+                    attributes: [
+                        {
+                            type: "label",
+                            name: "docName",
+                            value: "launchbar_intro",
+                        },
+                    ],
+                    children: [
+                        {
+                            id: "_lbBackInHistory",
+                            title: "Go to Previous Note",
+                            type: "launcher",
+                            builtinWidget: "backInHistoryButton",
+                            icon: "bx bxs-left-arrow-square",
+                            attributes: [
+                                {
+                                    type: "label",
+                                    name: "docName",
+                                    value: "launchbar_history_navigation",
+                                },
+                            ],
+                        },
+                        {
+                            id: "_lbForwardInHistory",
+                            title: "Go to Next Note",
+                            type: "launcher",
+                            builtinWidget: "forwardInHistoryButton",
+                            icon: "bx bxs-right-arrow-square",
+                            attributes: [
+                                {
+                                    type: "label",
+                                    name: "docName",
+                                    value: "launchbar_history_navigation",
+                                },
+                            ],
+                        },
+                        {
+                            id: "_lbBackendLog",
+                            title: "Backend Log",
+                            type: "launcher",
+                            targetNoteId: "_backendLog",
+                            icon: "bx bx-terminal",
+                        },
+                    ],
+                },
+                {
+                    id: "_lbVisibleLaunchers",
+                    title: "Visible Launchers",
+                    type: "doc",
+                    icon: "bx-show",
+                    isExpanded: true,
+                    attributes: [
+                        {
+                            type: "label",
+                            name: "docName",
+                            value: "launchbar_intro",
+                        },
+                    ],
+                    children: [
+                        {
+                            id: "_lbNewNote",
+                            title: "New Note",
+                            type: "launcher",
+                            command: "createNoteIntoInbox",
+                            icon: "bx bx-file-blank",
+                        },
+                        {
+                            id: "_lbSearch",
+                            title: "Search Notes",
+                            type: "launcher",
+                            command: "searchNotes",
+                            icon: "bx bx-search",
+                            attributes: [
+                                { type: "label", name: "desktopOnly" },
+                            ],
+                        },
+                        {
+                            id: "_lbJumpTo",
+                            title: "Jump to Note",
+                            type: "launcher",
+                            command: "jumpToNote",
+                            icon: "bx bx-send",
+                            attributes: [
+                                { type: "label", name: "desktopOnly" },
+                            ],
+                        },
+                        {
+                            id: "_lbNoteMap",
+                            title: "Note Map",
+                            type: "launcher",
+                            targetNoteId: "_globalNoteMap",
+                            icon: "bx bx-map-alt",
+                        },
+                        {
+                            id: "_lbCalendar",
+                            title: "Calendar",
+                            type: "launcher",
+                            builtinWidget: "calendar",
+                            icon: "bx bx-calendar",
+                        },
+                        {
+                            id: "_lbRecentChanges",
+                            title: "Recent Changes",
+                            type: "launcher",
+                            command: "showRecentChanges",
+                            icon: "bx bx-history",
+                            attributes: [
+                                { type: "label", name: "desktopOnly" },
+                            ],
+                        },
+                        {
+                            id: "_lbSpacer1",
+                            title: "Spacer",
+                            type: "launcher",
+                            builtinWidget: "spacer",
+                            baseSize: "50",
+                            growthFactor: "0",
+                        },
+                        {
+                            id: "_lbBookmarks",
+                            title: "Bookmarks",
+                            type: "launcher",
+                            builtinWidget: "bookmarks",
+                            icon: "bx bx-bookmark",
+                        },
+                        {
+                            id: "_lbToday",
+                            title: "Open Today's Journal Note",
+                            type: "launcher",
+                            builtinWidget: "todayInJournal",
+                            icon: "bx bx-calendar-star",
+                        },
+                        {
+                            id: "_lbSpacer2",
+                            title: "Spacer",
+                            type: "launcher",
+                            builtinWidget: "spacer",
+                            baseSize: "0",
+                            growthFactor: "1",
+                        },
+                        {
+                            id: "_lbProtectedSession",
+                            title: "Protected Session",
+                            type: "launcher",
+                            builtinWidget: "protectedSession",
+                            icon: "bx bx bx-shield-quarter",
+                        },
+                        {
+                            id: "_lbSyncStatus",
+                            title: "Sync Status",
+                            type: "launcher",
+                            builtinWidget: "syncStatus",
+                            icon: "bx bx-wifi",
+                        },
+                    ],
+                },
+            ],
         },
         {
-          id: "_optionsOther",
-          title: "Other",
-          type: "contentWidget",
-          icon: "bx-dots-horizontal",
+            id: "_options",
+            title: "Options",
+            type: "book",
+            children: [
+                {
+                    id: "_optionsAppearance",
+                    title: "Appearance",
+                    type: "contentWidget",
+                    icon: "bx-layout",
+                },
+                {
+                    id: "_optionsShortcuts",
+                    title: "Shortcuts",
+                    type: "contentWidget",
+                    icon: "bxs-keyboard",
+                },
+                {
+                    id: "_optionsTextNotes",
+                    title: "Text Notes",
+                    type: "contentWidget",
+                    icon: "bx-text",
+                },
+                {
+                    id: "_optionsMFA",
+                    title: "MFA",
+                    type: "contentWidget",
+                    icon: "bx-lock",
+                },
+                {
+                    id: "_optionsCodeNotes",
+                    title: "Code Notes",
+                    type: "contentWidget",
+                    icon: "bx-code",
+                },
+                {
+                    id: "_optionsImages",
+                    title: "Images",
+                    type: "contentWidget",
+                    icon: "bx-image",
+                },
+                {
+                    id: "_optionsSpellcheck",
+                    title: "Spellcheck",
+                    type: "contentWidget",
+                    icon: "bx-check-double",
+                },
+                {
+                    id: "_optionsPassword",
+                    title: "Password",
+                    type: "contentWidget",
+                    icon: "bx-lock",
+                },
+                {
+                    id: "_optionsEtapi",
+                    title: "ETAPI",
+                    type: "contentWidget",
+                    icon: "bx-extension",
+                },
+                {
+                    id: "_optionsBackup",
+                    title: "Backup",
+                    type: "contentWidget",
+                    icon: "bx-data",
+                },
+                {
+                    id: "_optionsSync",
+                    title: "Sync",
+                    type: "contentWidget",
+                    icon: "bx-wifi",
+                },
+                {
+                    id: "_optionsOther",
+                    title: "Other",
+                    type: "contentWidget",
+                    icon: "bx-dots-horizontal",
+                },
+                {
+                    id: "_optionsAdvanced",
+                    title: "Advanced",
+                    type: "contentWidget",
+                },
+            ],
         },
-        { id: "_optionsAdvanced", title: "Advanced", type: "contentWidget" },
-      ],
-    },
-  ],
+    ],
 };
 
 function checkHiddenSubtree(force = false) {
-  if (!force && !migrationService.isDbUpToDate()) {
-    // on-delete hook might get triggered during some future migration and cause havoc
-    log.info("Will not check hidden subtree until migration is finished.");
-    return;
-  }
+    if (!force && !migrationService.isDbUpToDate()) {
+        // on-delete hook might get triggered during some future migration and cause havoc
+        log.info("Will not check hidden subtree until migration is finished.");
+        return;
+    }
 
-  checkHiddenSubtreeRecursively("root", HIDDEN_SUBTREE_DEFINITION);
+    checkHiddenSubtreeRecursively("root", HIDDEN_SUBTREE_DEFINITION);
 }
 
 function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
-  if (!item.id || !item.type || !item.title) {
-    throw new Error(
-      `Item does not contain mandatory properties: ${JSON.stringify(item)}`
-    );
-  }
-
-  if (item.id.charAt(0) !== "_") {
-    throw new Error(`ID has to start with underscore, given '${item.id}'`);
-  }
+    if (!item.id || !item.type || !item.title) {
+        throw new Error(
+            `Item does not contain mandatory properties: ${JSON.stringify(
+                item
+            )}`
+        );
+    }
 
-  let note = becca.notes[item.id];
-  let branch;
+    if (item.id.charAt(0) !== "_") {
+        throw new Error(`ID has to start with underscore, given '${item.id}'`);
+    }
 
-  if (!note) {
-    ({ note, branch } = noteService.createNewNote({
-      noteId: item.id,
-      title: item.title,
-      type: item.type,
-      parentNoteId: parentNoteId,
-      content: "",
-      ignoreForbiddenParents: true,
-    }));
-  } else {
-    branch = note
-      .getParentBranches()
-      .find((branch) => branch.parentNoteId === parentNoteId);
-  }
+    let note = becca.notes[item.id];
+    let branch;
 
-  const attrs = [...(item.attributes || [])];
+    if (!note) {
+        ({ note, branch } = noteService.createNewNote({
+            noteId: item.id,
+            title: item.title,
+            type: item.type,
+            parentNoteId: parentNoteId,
+            content: "",
+            ignoreForbiddenParents: true,
+        }));
+    } else {
+        branch = note
+            .getParentBranches()
+            .find((branch) => branch.parentNoteId === parentNoteId);
+    }
 
-  if (item.icon) {
-    attrs.push({ type: "label", name: "iconClass", value: `bx ${item.icon}` });
-  }
+    const attrs = [...(item.attributes || [])];
 
-  if (item.type === "launcher") {
-    if (item.command) {
-      attrs.push({ type: "relation", name: "template", value: LBTPL_COMMAND });
-      attrs.push({ type: "label", name: "command", value: item.command });
-    } else if (item.builtinWidget) {
-      if (item.builtinWidget === "spacer") {
-        attrs.push({ type: "relation", name: "template", value: LBTPL_SPACER });
-        attrs.push({ type: "label", name: "baseSize", value: item.baseSize });
-        attrs.push({
-          type: "label",
-          name: "growthFactor",
-          value: item.growthFactor,
-        });
-      } else {
+    if (item.icon) {
         attrs.push({
-          type: "relation",
-          name: "template",
-          value: LBTPL_BUILTIN_WIDGET,
+            type: "label",
+            name: "iconClass",
+            value: `bx ${item.icon}`,
         });
-      }
-
-      attrs.push({
-        type: "label",
-        name: "builtinWidget",
-        value: item.builtinWidget,
-      });
-    } else if (item.targetNoteId) {
-      attrs.push({
-        type: "relation",
-        name: "template",
-        value: LBTPL_NOTE_LAUNCHER,
-      });
-      attrs.push({
-        type: "relation",
-        name: "target",
-        value: item.targetNoteId,
-      });
-    } else {
-      throw new Error(`No action defined for launcher ${JSON.stringify(item)}`);
     }
-  }
 
-  if (note.type !== item.type) {
-    // enforce a correct note type
-    note.type = item.type;
-    note.save();
-  }
+    if (item.type === "launcher") {
+        if (item.command) {
+            attrs.push({
+                type: "relation",
+                name: "template",
+                value: LBTPL_COMMAND,
+            });
+            attrs.push({ type: "label", name: "command", value: item.command });
+        } else if (item.builtinWidget) {
+            if (item.builtinWidget === "spacer") {
+                attrs.push({
+                    type: "relation",
+                    name: "template",
+                    value: LBTPL_SPACER,
+                });
+                attrs.push({
+                    type: "label",
+                    name: "baseSize",
+                    value: item.baseSize,
+                });
+                attrs.push({
+                    type: "label",
+                    name: "growthFactor",
+                    value: item.growthFactor,
+                });
+            } else {
+                attrs.push({
+                    type: "relation",
+                    name: "template",
+                    value: LBTPL_BUILTIN_WIDGET,
+                });
+            }
 
-  if (branch) {
-    // in case of launchers the branch ID is not preserved and should not be relied upon - launchers which move between
-    // visible and available will change branch since the branch's parent-child relationship is immutable
-    if (
-      item.notePosition !== undefined &&
-      branch.notePosition !== item.notePosition
-    ) {
-      branch.notePosition = item.notePosition;
-      branch.save();
+            attrs.push({
+                type: "label",
+                name: "builtinWidget",
+                value: item.builtinWidget,
+            });
+        } else if (item.targetNoteId) {
+            attrs.push({
+                type: "relation",
+                name: "template",
+                value: LBTPL_NOTE_LAUNCHER,
+            });
+            attrs.push({
+                type: "relation",
+                name: "target",
+                value: item.targetNoteId,
+            });
+        } else {
+            throw new Error(
+                `No action defined for launcher ${JSON.stringify(item)}`
+            );
+        }
     }
 
-    if (
-      item.isExpanded !== undefined &&
-      branch.isExpanded !== item.isExpanded
-    ) {
-      branch.isExpanded = item.isExpanded;
-      branch.save();
+    if (note.type !== item.type) {
+        // enforce a correct note type
+        note.type = item.type;
+        note.save();
     }
-  }
 
-  for (const attr of attrs) {
-    const attrId = note.noteId + "_" + attr.type.charAt(0) + attr.name;
+    if (branch) {
+        // in case of launchers the branch ID is not preserved and should not be relied upon - launchers which move between
+        // visible and available will change branch since the branch's parent-child relationship is immutable
+        if (
+            item.notePosition !== undefined &&
+            branch.notePosition !== item.notePosition
+        ) {
+            branch.notePosition = item.notePosition;
+            branch.save();
+        }
 
-    if (!note.getAttributes().find((attr) => attr.attributeId === attrId)) {
-      new BAttribute({
-        attributeId: attrId,
-        noteId: note.noteId,
-        type: attr.type,
-        name: attr.name,
-        value: attr.value,
-        isInheritable: false,
-      }).save();
+        if (
+            item.isExpanded !== undefined &&
+            branch.isExpanded !== item.isExpanded
+        ) {
+            branch.isExpanded = item.isExpanded;
+            branch.save();
+        }
     }
-  }
 
-  for (const child of item.children || []) {
-    checkHiddenSubtreeRecursively(item.id, child);
-  }
+    for (const attr of attrs) {
+        const attrId = note.noteId + "_" + attr.type.charAt(0) + attr.name;
+
+        if (!note.getAttributes().find((attr) => attr.attributeId === attrId)) {
+            new BAttribute({
+                attributeId: attrId,
+                noteId: note.noteId,
+                type: attr.type,
+                name: attr.name,
+                value: attr.value,
+                isInheritable: false,
+            }).save();
+        }
+    }
+
+    for (const child of item.children || []) {
+        checkHiddenSubtreeRecursively(item.id, child);
+    }
 }
 
 export = {
-  checkHiddenSubtree,
-  LBTPL_ROOT,
-  LBTPL_BASE,
-  LBTPL_COMMAND,
-  LBTPL_NOTE_LAUNCHER,
-  LBTPL_SCRIPT,
-  LBTPL_BUILTIN_WIDGET,
-  LBTPL_SPACER,
-  LBTPL_CUSTOM_WIDGET,
+    checkHiddenSubtree,
+    LBTPL_ROOT,
+    LBTPL_BASE,
+    LBTPL_COMMAND,
+    LBTPL_NOTE_LAUNCHER,
+    LBTPL_SCRIPT,
+    LBTPL_BUILTIN_WIDGET,
+    LBTPL_SPACER,
+    LBTPL_CUSTOM_WIDGET,
 };
diff --git a/src/services/options_init.ts b/src/services/options_init.ts
index 4937871419..c5e3bd2204 100644
--- a/src/services/options_init.ts
+++ b/src/services/options_init.ts
@@ -1,14 +1,22 @@
-import optionService = require('./options');
-import appInfo = require('./app_info');
-import utils = require('./utils');
-import log = require('./log');
-import dateUtils = require('./date_utils');
-import keyboardActions = require('./keyboard_actions');
-import { KeyboardShortcutWithRequiredActionName } from './keyboard_actions_interface';
+import optionService = require("./options");
+import appInfo = require("./app_info");
+import utils = require("./utils");
+import log = require("./log");
+import dateUtils = require("./date_utils");
+import keyboardActions = require("./keyboard_actions");
+import { KeyboardShortcutWithRequiredActionName } from "./keyboard_actions_interface";
 
 function initDocumentOptions() {
-    optionService.createOption('documentId', utils.randomSecureToken(16), false);
-    optionService.createOption('documentSecret', utils.randomSecureToken(16), false);
+    optionService.createOption(
+        "documentId",
+        utils.randomSecureToken(16),
+        false
+    );
+    optionService.createOption(
+        "documentSecret",
+        utils.randomSecureToken(16),
+        false
+    );
 }
 
 interface NotSyncedOpts {
@@ -17,95 +25,149 @@ interface NotSyncedOpts {
 }
 
 function initNotSyncedOptions(initialized: boolean, opts: NotSyncedOpts = {}) {
-    optionService.createOption('openNoteContexts', JSON.stringify([
-        {
-            notePath: 'root',
-            active: true
-        }
-    ]), false);
-
-    optionService.createOption('lastDailyBackupDate', dateUtils.utcNowDateTime(), false);
-    optionService.createOption('lastWeeklyBackupDate', dateUtils.utcNowDateTime(), false);
-    optionService.createOption('lastMonthlyBackupDate', dateUtils.utcNowDateTime(), false);
-    optionService.createOption('dbVersion', appInfo.dbVersion.toString(), false);
-
-    optionService.createOption('initialized', initialized ? 'true' : 'false', false);
-
-    optionService.createOption('lastSyncedPull', '0', false);
-    optionService.createOption('lastSyncedPush', '0', false);
-
-    let theme = 'dark'; // default based on the poll in https://github.com/zadam/trilium/issues/2516
+    optionService.createOption(
+        "openNoteContexts",
+        JSON.stringify([
+            {
+                notePath: "root",
+                active: true,
+            },
+        ]),
+        false
+    );
+
+    optionService.createOption(
+        "lastDailyBackupDate",
+        dateUtils.utcNowDateTime(),
+        false
+    );
+    optionService.createOption(
+        "lastWeeklyBackupDate",
+        dateUtils.utcNowDateTime(),
+        false
+    );
+    optionService.createOption(
+        "lastMonthlyBackupDate",
+        dateUtils.utcNowDateTime(),
+        false
+    );
+    optionService.createOption(
+        "dbVersion",
+        appInfo.dbVersion.toString(),
+        false
+    );
+
+    optionService.createOption(
+        "initialized",
+        initialized ? "true" : "false",
+        false
+    );
+
+    optionService.createOption("lastSyncedPull", "0", false);
+    optionService.createOption("lastSyncedPush", "0", false);
+
+    let theme = "dark"; // default based on the poll in https://github.com/zadam/trilium/issues/2516
 
     if (utils.isElectron()) {
-        const {nativeTheme} = require('electron');
+        const { nativeTheme } = require("electron");
 
-        theme = nativeTheme.shouldUseDarkColors ? 'dark' : 'light';
+        theme = nativeTheme.shouldUseDarkColors ? "dark" : "light";
     }
 
-    optionService.createOption('theme', theme, false);
+    optionService.createOption("theme", theme, false);
 
-    optionService.createOption('syncServerHost', opts.syncServerHost || '', false);
-    optionService.createOption('syncServerTimeout', '120000', false);
-    optionService.createOption('syncProxy', opts.syncProxy || '', false);
+    optionService.createOption(
+        "syncServerHost",
+        opts.syncServerHost || "",
+        false
+    );
+    optionService.createOption("syncServerTimeout", "120000", false);
+    optionService.createOption("syncProxy", opts.syncProxy || "", false);
 }
 
 const defaultOptions = [
-    { name: 'revisionSnapshotTimeInterval', value: '600', isSynced: true },
-    { name: 'protectedSessionTimeout', value: '600', isSynced: true },
-    { name: 'zoomFactor', value: process.platform === "win32" ? '0.9' : '1.0', isSynced: false },
-    { name: 'overrideThemeFonts', value: 'false', isSynced: false },
-    { name: 'mainFontFamily', value: 'theme', isSynced: false },
-    { name: 'mainFontSize', value: '100', isSynced: false },
-    { name: 'treeFontFamily', value: 'theme', isSynced: false },
-    { name: 'treeFontSize', value: '100', isSynced: false },
-    { name: 'detailFontFamily', value: 'theme', isSynced: false },
-    { name: 'detailFontSize', value: '110', isSynced: false },
-    { name: 'monospaceFontFamily', value: 'theme', isSynced: false },
-    { name: 'monospaceFontSize', value: '110', isSynced: false },
-    { name: 'spellCheckEnabled', value: 'true', isSynced: false },
-    { name: 'spellCheckLanguageCode', value: 'en-US', isSynced: false },
-    { name: 'imageMaxWidthHeight', value: '2000', isSynced: true },
-    { name: 'imageJpegQuality', value: '75', isSynced: true },
-    { name: 'autoFixConsistencyIssues', value: 'true', isSynced: false },
-    { name: 'vimKeymapEnabled', value: 'false', isSynced: false },
-    { name: 'codeLineWrapEnabled', value: 'true', isSynced: false },
-    { name: 'codeNotesMimeTypes', value: '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]', isSynced: true },
-    { name: 'leftPaneWidth', value: '25', isSynced: false },
-    { name: 'leftPaneVisible', value: 'true', isSynced: false },
-    { name: 'rightPaneWidth', value: '25', isSynced: false },
-    { name: 'rightPaneVisible', value: 'true', isSynced: false },
-    { name: 'nativeTitleBarVisible', value: 'false', isSynced: false },
-    { name: 'eraseEntitiesAfterTimeInSeconds', value: '604800', isSynced: true }, // default is 7 days
-    { name: 'hideArchivedNotes_main', value: 'false', isSynced: false },
-    { name: 'debugModeEnabled', value: 'false', isSynced: false },
-    { name: 'headingStyle', value: 'underline', isSynced: true },
-    { name: 'autoCollapseNoteTree', value: 'true', isSynced: true },
-    { name: 'autoReadonlySizeText', value: '10000', isSynced: false },
-    { name: 'autoReadonlySizeCode', value: '30000', isSynced: false },
-    { name: 'dailyBackupEnabled', value: 'true', isSynced: false },
-    { name: 'weeklyBackupEnabled', value: 'true', isSynced: false },
-    { name: 'monthlyBackupEnabled', value: 'true', isSynced: false },
-    { name: 'maxContentWidth', value: '1200', isSynced: false },
-    { name: 'compressImages', value: 'true', isSynced: true },
-    { name: 'downloadImagesAutomatically', value: 'true', isSynced: true },
-    { name: 'minTocHeadings', value: '5', isSynced: true },
-    { name: 'highlightsList', value: '["bold","italic","underline","color","bgColor"]', isSynced: true },
-    { name: 'checkForUpdates', value: 'true', isSynced: true },
-    { name: 'disableTray', value: 'false', isSynced: false },
-    { name: 'eraseUnusedAttachmentsAfterSeconds', value: '2592000', isSynced: true },
-    { name: 'customSearchEngineName', value: 'DuckDuckGo', isSynced: true },
-    { name: 'customSearchEngineUrl', value: 'https://duckduckgo.com/?q={keyword}', isSynced: true },
-    { name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true },
-    { name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true },
-    { name: 'totpEnabled', value: 'false', isSynced: true }
+    { name: "revisionSnapshotTimeInterval", value: "600", isSynced: true },
+    { name: "protectedSessionTimeout", value: "600", isSynced: true },
+    {
+        name: "zoomFactor",
+        value: process.platform === "win32" ? "0.9" : "1.0",
+        isSynced: false,
+    },
+    { name: "overrideThemeFonts", value: "false", isSynced: false },
+    { name: "mainFontFamily", value: "theme", isSynced: false },
+    { name: "mainFontSize", value: "100", isSynced: false },
+    { name: "treeFontFamily", value: "theme", isSynced: false },
+    { name: "treeFontSize", value: "100", isSynced: false },
+    { name: "detailFontFamily", value: "theme", isSynced: false },
+    { name: "detailFontSize", value: "110", isSynced: false },
+    { name: "monospaceFontFamily", value: "theme", isSynced: false },
+    { name: "monospaceFontSize", value: "110", isSynced: false },
+    { name: "spellCheckEnabled", value: "true", isSynced: false },
+    { name: "spellCheckLanguageCode", value: "en-US", isSynced: false },
+    { name: "imageMaxWidthHeight", value: "2000", isSynced: true },
+    { name: "imageJpegQuality", value: "75", isSynced: true },
+    { name: "autoFixConsistencyIssues", value: "true", isSynced: false },
+    { name: "vimKeymapEnabled", value: "false", isSynced: false },
+    { name: "codeLineWrapEnabled", value: "true", isSynced: false },
+    {
+        name: "codeNotesMimeTypes",
+        value: '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]',
+        isSynced: true,
+    },
+    { name: "leftPaneWidth", value: "25", isSynced: false },
+    { name: "leftPaneVisible", value: "true", isSynced: false },
+    { name: "rightPaneWidth", value: "25", isSynced: false },
+    { name: "rightPaneVisible", value: "true", isSynced: false },
+    { name: "nativeTitleBarVisible", value: "false", isSynced: false },
+    {
+        name: "eraseEntitiesAfterTimeInSeconds",
+        value: "604800",
+        isSynced: true,
+    }, // default is 7 days
+    { name: "hideArchivedNotes_main", value: "false", isSynced: false },
+    { name: "debugModeEnabled", value: "false", isSynced: false },
+    { name: "headingStyle", value: "underline", isSynced: true },
+    { name: "autoCollapseNoteTree", value: "true", isSynced: true },
+    { name: "autoReadonlySizeText", value: "10000", isSynced: false },
+    { name: "autoReadonlySizeCode", value: "30000", isSynced: false },
+    { name: "dailyBackupEnabled", value: "true", isSynced: false },
+    { name: "weeklyBackupEnabled", value: "true", isSynced: false },
+    { name: "monthlyBackupEnabled", value: "true", isSynced: false },
+    { name: "maxContentWidth", value: "1200", isSynced: false },
+    { name: "compressImages", value: "true", isSynced: true },
+    { name: "downloadImagesAutomatically", value: "true", isSynced: true },
+    { name: "minTocHeadings", value: "5", isSynced: true },
+    {
+        name: "highlightsList",
+        value: '["bold","italic","underline","color","bgColor"]',
+        isSynced: true,
+    },
+    { name: "checkForUpdates", value: "true", isSynced: true },
+    { name: "disableTray", value: "false", isSynced: false },
+    {
+        name: "eraseUnusedAttachmentsAfterSeconds",
+        value: "2592000",
+        isSynced: true,
+    },
+    { name: "customSearchEngineName", value: "DuckDuckGo", isSynced: true },
+    {
+        name: "customSearchEngineUrl",
+        value: "https://duckduckgo.com/?q={keyword}",
+        isSynced: true,
+    },
+    { name: "promotedAttributesOpenInRibbon", value: "true", isSynced: true },
+    { name: "editedNotesOpenInRibbon", value: "true", isSynced: true },
+    { name: "totpEnabled", value: "false", isSynced: true },
 ];
 
 function initStartupOptions() {
     const optionsMap = optionService.getOptionMap();
 
-    const allDefaultOptions = defaultOptions.concat(getKeyboardDefaultOptions());
+    const allDefaultOptions = defaultOptions.concat(
+        getKeyboardDefaultOptions()
+    );
 
-    for (const {name, value, isSynced} of allDefaultOptions) {
+    for (const { name, value, isSynced } of allDefaultOptions) {
         if (!(name in optionsMap)) {
             optionService.createOption(name, value, isSynced);
 
@@ -114,27 +176,34 @@ function initStartupOptions() {
     }
 
     if (process.env.TRILIUM_START_NOTE_ID || process.env.TRILIUM_SAFE_MODE) {
-        optionService.setOption('openNoteContexts', JSON.stringify([
-            {
-                notePath: process.env.TRILIUM_START_NOTE_ID || 'root',
-                active: true
-            }
-        ]));
+        optionService.setOption(
+            "openNoteContexts",
+            JSON.stringify([
+                {
+                    notePath: process.env.TRILIUM_START_NOTE_ID || "root",
+                    active: true,
+                },
+            ])
+        );
     }
 }
 
 function getKeyboardDefaultOptions() {
-    return (keyboardActions.DEFAULT_KEYBOARD_ACTIONS
-        .filter(ka => !!ka.actionName) as KeyboardShortcutWithRequiredActionName[])
-        .map(ka => ({
-            name: `keyboardShortcuts${ka.actionName.charAt(0).toUpperCase()}${ka.actionName.slice(1)}`,
-            value: JSON.stringify(ka.defaultShortcuts),
-            isSynced: false
-        }));
+    return (
+        keyboardActions.DEFAULT_KEYBOARD_ACTIONS.filter(
+            (ka) => !!ka.actionName
+        ) as KeyboardShortcutWithRequiredActionName[]
+    ).map((ka) => ({
+        name: `keyboardShortcuts${ka.actionName
+            .charAt(0)
+            .toUpperCase()}${ka.actionName.slice(1)}`,
+        value: JSON.stringify(ka.defaultShortcuts),
+        isSynced: false,
+    }));
 }
 
 export = {
     initDocumentOptions,
     initNotSyncedOptions,
-    initStartupOptions
+    initStartupOptions,
 };
diff --git a/src/services/totp_secret.ts b/src/services/totp_secret.ts
index cc4aa86a5b..86be25bdbf 100644
--- a/src/services/totp_secret.ts
+++ b/src/services/totp_secret.ts
@@ -1,37 +1,34 @@
 "use strict";
 
-import fs = require('fs');
-import crypto = require('crypto');
-import dataDir = require('./data_dir');
-import log = require('./log');
+import fs = require("fs");
+import crypto = require("crypto");
+import dataDir = require("./data_dir");
+import log = require("./log");
 
 const totpSecretPath = `${dataDir.TRILIUM_DATA_DIR}/totp_secret.txt`;
 
-function saveTotpSecret(secret: string)
-{
-    if (!fs.existsSync(totpSecretPath)) 
-        log.info("Generated totp secret file");
+function saveTotpSecret(secret: string) {
+    if (!fs.existsSync(totpSecretPath)) log.info("Generated totp secret file");
 
     fs.writeFileSync(totpSecretPath, secret, "utf8");
 }
 
-function getTotpSecret(){
-
+function getTotpSecret() {
     return fs.readFileSync(totpSecretPath, "utf8");
 }
 
 function checkForTotSecret() {
-    return fs.existsSync(totpSecretPath)
+    return fs.existsSync(totpSecretPath);
 }
 
 function removeTotpSecret() {
-    console.log("Attempting to remove secret")
-    fs.unlink( totpSecretPath, a => {
-        console.log("Unable to remove totp secret")
-        console.log(a)
-        return false
-    })
-    return true
+    console.log("Attempting to remove secret");
+    fs.unlink(totpSecretPath, (a) => {
+        console.log("Unable to remove totp secret");
+        console.log(a);
+        return false;
+    });
+    return true;
 }
 
-export = {saveTotpSecret, getTotpSecret, checkForTotSecret, removeTotpSecret};
+export = { saveTotpSecret, getTotpSecret, checkForTotSecret, removeTotpSecret };

From 4e22065fc5079a3b461d2345cb6608cc50a69125 Mon Sep 17 00:00:00 2001
From: Brandon <brandon@mauldin314.com>
Date: Wed, 8 May 2024 20:15:00 -0700
Subject: [PATCH 10/63] Started to add recovery code feature

---
 .../options/multi_factor_authentication.js    |  224 +-
 src/routes/api/recovery_codes.ts              |   22 +
 src/routes/routes.ts                          | 2135 ++++++++---------
 src/services/encryption/recovery_codes.ts     |   86 +
 4 files changed, 1278 insertions(+), 1189 deletions(-)
 create mode 100644 src/routes/api/recovery_codes.ts
 create mode 100644 src/services/encryption/recovery_codes.ts

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index f4ae6f38ea..14f687c8c2 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -36,112 +36,136 @@ const TPL = `
   </div>
     <br>
  <h4> Generate TOTP Secret </h4>
-    <span class="totp-secret" >  </span>
-    <br>
-    <button class="regenerate-totp" disabled="true"> Regenerate TOTP Secret </button>
+    <div>
+        <span class="totp-secret" >  </span>
+        <br>
+        <button class="regenerate-totp" disabled="true"> Regenerate TOTP Secret </button>
+    </div>
 </div>`;
 
 export default class MultiFactorAuthenticationOptions extends OptionsWidget {
-    doRender() {
-        this.$widget = $(TPL);
-
-        this.$mfaHeadding = this.$widget.find(".mfa-heading");
-        this.$regenerateTotpButton = this.$widget.find(".regenerate-totp");
-        this.$totpEnabled = this.$widget.find(".totp-enabled");
-        this.$totpSecret = this.$widget.find(".totp-secret");
-        this.$totpSecretInput = this.$widget.find(".totp-secret-input");
-        this.$saveTotpButton = this.$widget.find(".save-totp");
-        this.$password = this.$widget.find(".password");
-
-        this.$mfaHeadding.text("Time-Based One Time Password (TOTP)");
-        this.generateKey();
-
-        this.$totpEnabled.on("change", async () => {
-            this.updateSecret();
-        });
-
-        this.$regenerateTotpButton.on("click", async () => {
-            this.generateKey();
-        });
-
-        this.$saveTotpButton.on("click", async () => {
-            this.saveTotpSecret();
-        });
-
-        this.$protectedSessionTimeout = this.$widget.find(
-            ".protected-session-timeout-in-seconds"
-        );
-        this.$protectedSessionTimeout.on("change", () =>
-            this.updateOption(
-                "protectedSessionTimeout",
-                this.$protectedSessionTimeout.val()
-            )
-        );
-    }
-
-    async updateSecret() {
-        if (this.$totpEnabled.prop("checked")) server.post("totp/enable");
-        else server.post("totp/disable");
-    }
-
-    async generateKey() {
-        server.get("totp/generate").then((result) => {
-            if (result.success) {
-                this.$totpSecret.text(result.message);
-            } else {
-                toastService.showError(result.message);
-            }
-        });
+  doRender() {
+    this.$widget = $(TPL);
+
+    this.$mfaHeadding = this.$widget.find(".mfa-heading");
+    this.$regenerateTotpButton = this.$widget.find(".regenerate-totp");
+    this.$totpEnabled = this.$widget.find(".totp-enabled");
+    this.$totpSecret = this.$widget.find(".totp-secret");
+    this.$totpSecretInput = this.$widget.find(".totp-secret-input");
+    this.$saveTotpButton = this.$widget.find(".save-totp");
+    this.$password = this.$widget.find(".password");
+
+    this.$mfaHeadding.text("Time-Based One Time Password (TOTP)");
+    this.generateKey();
+
+    this.$totpEnabled.on("change", async () => {
+      this.updateSecret();
+    });
+
+    this.$regenerateTotpButton.on("click", async () => {
+      this.generateKey();
+    });
+
+    this.$saveTotpButton.on("click", async () => {
+      this.saveTotpSecret();
+    });
+
+    this.$protectedSessionTimeout = this.$widget.find(
+      ".protected-session-timeout-in-seconds"
+    );
+    this.$protectedSessionTimeout.on("change", () =>
+      this.updateOption(
+        "protectedSessionTimeout",
+        this.$protectedSessionTimeout.val()
+      )
+    );
+  }
+
+  async updateSecret() {
+    if (this.$totpEnabled.prop("checked")) server.post("totp/enable");
+    else server.post("totp/disable");
+  }
+
+  async generateKey() {
+    // DEBUG ONLY
+    const recoveryCodes = {
+      code1: "testCode1",
+      code2: "testCode2",
+      code3: "testCode3",
+    };
+
+    server.post("totp_recovery/set", {
+      recoveryCodes: JSON.stringify(recoveryCodes),
+    });
+
+    server
+      .post("totp_recovery/verify", { recovery_code_guess: "testCode2" })
+      .then((result) => {
+        console.log(result);
+        if (result.success) {
+          toastService.showError("VALID");
+        } else {
+          toastService.showError("INVALID");
+        }
+      });
+
+    server.get("totp/generate").then((result) => {
+      if (result.success) {
+        this.$totpSecret.text(result.message);
+      } else {
+        toastService.showError(result.message);
+      }
+    });
+  }
+
+  optionsLoaded(options) {
+    server.get("totp/enabled").then((result) => {
+      if (result.success) {
+        this.$totpEnabled.prop("checked", result.message);
+        this.$totpSecretInput.prop("disabled", !result.message);
+        this.$saveTotpButton.prop("disabled", !result.message);
+        this.$totpSecret.prop("disapbled", !result.message);
+        this.$regenerateTotpButton.prop("disabled", !result.message);
+        this.$password.prop("disabled", !result.message);
+      } else {
+        toastService.showError(result.message);
+      }
+    });
+
+    this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
+  }
+
+  saveTotpSecret() {
+    const key = this.$totpSecretInput.val();
+    const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
+
+    if (key.length != 52) {
+      toastService.showError("Invalid Secret", 2000);
+      return;
     }
-
-    optionsLoaded(options) {
-        server.get("totp/enabled").then((result) => {
-            if (result.success) {
-                this.$totpEnabled.prop("checked", result.message);
-                this.$totpSecretInput.prop("disabled", !result.message);
-                this.$saveTotpButton.prop("disabled", !result.message);
-                this.$totpSecret.prop("disapbled", !result.message);
-                this.$regenerateTotpButton.prop("disabled", !result.message);
-                this.$password.prop("disabled", !result.message);
-            } else {
-                toastService.showError(result.message);
-            }
-        });
-
-        this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
+    if (regex.test(key)) {
+      toastService.showError("Invalid Secret", 2000);
+      return;
     }
 
-    saveTotpSecret() {
-        const key = this.$totpSecretInput.val();
-        const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
-
-        if (key.length != 52) {
-            toastService.showError("Invalid Secret", 2000);
-            return;
-        }
-        if (regex.test(key)) {
-            toastService.showError("Invalid Secret", 2000);
-            return;
+    server
+      .post("totp/set", {
+        secret: this.$totpSecretInput.val(),
+        password: this.$password.val(),
+      })
+      .then((result) => {
+        if (result.success) {
+          toastService.showError(
+            "Password has been changed. Trilium will be reloaded after you press OK."
+          );
+
+          // password changed so current protected session is invalid and needs to be cleared
+          protectedSessionHolder.resetProtectedSession();
+        } else {
+          toastService.showError(result.message);
         }
+      });
 
-        server
-            .post("totp/set", {
-                secret: this.$totpSecretInput.val(),
-                password: this.$password.val(),
-            })
-            .then((result) => {
-                if (result.success) {
-                    toastService.showError(
-                        "Password has been changed. Trilium will be reloaded after you press OK."
-                    );
-
-                    // password changed so current protected session is invalid and needs to be cleared
-                    protectedSessionHolder.resetProtectedSession();
-                } else {
-                    toastService.showError(result.message);
-                }
-            });
-
-        return false;
-    }
+    return false;
+  }
 }
diff --git a/src/routes/api/recovery_codes.ts b/src/routes/api/recovery_codes.ts
new file mode 100644
index 0000000000..d99fef99a5
--- /dev/null
+++ b/src/routes/api/recovery_codes.ts
@@ -0,0 +1,22 @@
+import recovery_codes = require("../../services/encryption/recovery_codes");
+import { Request } from "express";
+
+function setRecoveryCodes(req: Request) {
+  const success = recovery_codes.setRecoveryCodes(req.body.recoveryCodes);
+  return { success: success, message: "Recovery codes set!" };
+}
+
+function veryifyRecoveryCode(req: Request) {
+  const success = recovery_codes.verifyRecoveryCode(
+    req.body.recovery_code_guess
+  );
+
+  if (success) {
+    // Reset password?
+  }
+}
+
+export = {
+  setRecoveryCodes,
+  veryifyRecoveryCode,
+};
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index ab145a8c27..c49ab566a4 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -61,6 +61,7 @@ import relationMapApiRoute = require("./api/relation-map");
 import otherRoute = require("./api/other");
 import shareRoutes = require("../share/routes");
 import totp = require("./api/totp");
+import recoveryCodes = require("./api/recovery_codes");
 
 import etapiAuthRoutes = require("../etapi/auth");
 import etapiAppInfoRoutes = require("../etapi/app_info");
@@ -74,1158 +75,1114 @@ import etapiBackupRoute = require("../etapi/backup");
 import { AppRequest, AppRequestHandler } from "./route-interface";
 
 const csrfMiddleware = csurf({
-    cookie: {
-        path: "", // empty, so cookie is valid only for the current path
-    },
+  cookie: {
+    path: "", // empty, so cookie is valid only for the current path
+  },
 });
 
 const MAX_ALLOWED_FILE_SIZE_MB = 250;
 const GET = "get",
-    PST = "post",
-    PUT = "put",
-    PATCH = "patch",
-    DEL = "delete";
+  PST = "post",
+  PUT = "put",
+  PATCH = "patch",
+  DEL = "delete";
 
 type ApiResultHandler = (
-    req: express.Request,
-    res: express.Response,
-    result: unknown
+  req: express.Request,
+  res: express.Response,
+  result: unknown
 ) => number;
 
 // TODO: Deduplicate with etapi_utils.ts afterwards.
 type HttpMethod =
-    | "all"
-    | "get"
-    | "post"
-    | "put"
-    | "delete"
-    | "patch"
-    | "options"
-    | "head";
+  | "all"
+  | "get"
+  | "post"
+  | "put"
+  | "delete"
+  | "patch"
+  | "options"
+  | "head";
 
 const uploadMiddleware = createUploadMiddleware();
 
 const uploadMiddlewareWithErrorHandling = function (
-    req: express.Request,
-    res: express.Response,
-    next: express.NextFunction
+  req: express.Request,
+  res: express.Response,
+  next: express.NextFunction
 ) {
-    uploadMiddleware(req, res, function (err) {
-        if (err?.code === "LIMIT_FILE_SIZE") {
-            res.setHeader("Content-Type", "text/plain")
-                .status(400)
-                .send(
-                    `Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`
-                );
-        } else {
-            next();
-        }
-    });
+  uploadMiddleware(req, res, function (err) {
+    if (err?.code === "LIMIT_FILE_SIZE") {
+      res
+        .setHeader("Content-Type", "text/plain")
+        .status(400)
+        .send(
+          `Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`
+        );
+    } else {
+      next();
+    }
+  });
 };
 
 function register(app: express.Application) {
-    route(GET, "/", [auth.checkAuth, csrfMiddleware], indexRoute.index);
-    route(
-        GET,
-        "/login",
-        [auth.checkAppInitialized, auth.checkPasswordSet],
-        loginRoute.loginPage
-    );
-    route(
-        GET,
-        "/set-password",
-        [auth.checkAppInitialized, auth.checkPasswordNotSet],
-        loginRoute.setPasswordPage
-    );
-
-    const loginRateLimiter = rateLimit.rateLimit({
-        windowMs: 15 * 60 * 1000, // 15 minutes
-        max: 10, // limit each IP to 10 requests per windowMs
-        skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
-    });
-
-    route(PST, "/login", [loginRateLimiter], loginRoute.login);
-    route(PST, "/logout", [csrfMiddleware, auth.checkAuth], loginRoute.logout);
-    route(
-        PST,
-        "/set-password",
-        [auth.checkAppInitialized, auth.checkPasswordNotSet],
-        loginRoute.setPassword
-    );
-    route(GET, "/setup", [], setupRoute.setupPage);
-
-    apiRoute(GET, "/api/totp/generate", totp.generateSecret);
-    apiRoute(GET, "/api/totp/enabled", totp.checkForTOTP);
-    apiRoute(PST, "/api/totp/enable", totp.enableTOTP);
-    apiRoute(PST, "/api/totp/disable", totp.disableTOTP);
-    apiRoute(PST, "/api/totp/set", totp.setTotpSecret);
-    apiRoute(GET, "/api/totp/get", totp.getSecret);
-
-    apiRoute(GET, "/api/tree", treeApiRoute.getTree);
-    apiRoute(PST, "/api/tree/load", treeApiRoute.load);
-
-    apiRoute(GET, "/api/notes/:noteId", notesApiRoute.getNote);
-    apiRoute(GET, "/api/notes/:noteId/blob", notesApiRoute.getNoteBlob);
-    apiRoute(GET, "/api/notes/:noteId/metadata", notesApiRoute.getNoteMetadata);
-    apiRoute(PUT, "/api/notes/:noteId/data", notesApiRoute.updateNoteData);
-    apiRoute(DEL, "/api/notes/:noteId", notesApiRoute.deleteNote);
-    apiRoute(PUT, "/api/notes/:noteId/undelete", notesApiRoute.undeleteNote);
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/revision",
-        notesApiRoute.forceSaveRevision
-    );
-    apiRoute(
-        PST,
-        "/api/notes/:parentNoteId/children",
-        notesApiRoute.createNote
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/sort-children",
-        notesApiRoute.sortChildNotes
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/protect/:isProtected",
-        notesApiRoute.protectNote
-    );
-    apiRoute(PUT, "/api/notes/:noteId/type", notesApiRoute.setNoteTypeMime);
-    apiRoute(PUT, "/api/notes/:noteId/title", notesApiRoute.changeTitle);
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/duplicPOSTate/:parentNoteId",
-        notesApiRoute.duplicateSubtree
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/clone-to-branch/:parentBranchId",
-        cloningApiRoute.cloneNoteToBranch
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present",
-        cloningApiRoute.toggleNoteInParent
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/clone-to-note/:parentNoteId",
-        cloningApiRoute.cloneNoteToParentNote
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/clone-after/:afterBranchId",
-        cloningApiRoute.cloneNoteAfter
-    );
-    route(
-        PUT,
-        "/api/notes/:noteId/file",
-        [
-            auth.checkApiAuthOrElectron,
-            uploadMiddlewareWithErrorHandling,
-            csrfMiddleware,
-        ],
-        filesRoute.updateFile,
-        apiResultHandler
-    );
-    route(
-        GET,
-        "/api/notes/:noteId/open",
-        [auth.checkApiAuthOrElectron],
-        filesRoute.openFile
-    );
-    route(
-        GET,
-        "/api/notes/:noteId/open-partial",
-        [auth.checkApiAuthOrElectron],
-        createPartialContentHandler(filesRoute.fileContentProvider, {
-            debug: (string, extra) => {
-                console.log(string, extra);
-            },
-        })
-    );
-    route(
-        GET,
-        "/api/notes/:noteId/download",
-        [auth.checkApiAuthOrElectron],
-        filesRoute.downloadFile
-    );
-    // this "hacky" path is used for easier referencing of CSS resources
-    route(
-        GET,
-        "/api/notes/download/:noteId",
-        [auth.checkApiAuthOrElectron],
-        filesRoute.downloadFile
-    );
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/save-to-tmp-dir",
-        filesRoute.saveNoteToTmpDir
-    );
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/upload-modified-file",
-        filesRoute.uploadModifiedFileToNote
-    );
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/convert-to-attachment",
-        notesApiRoute.convertNoteToAttachment
-    );
-
-    apiRoute(
-        PUT,
-        "/api/branches/:branchId/move-to/:parentBranchId",
-        branchesApiRoute.moveBranchToParent
-    );
-    apiRoute(
-        PUT,
-        "/api/branches/:branchId/move-before/:beforeBranchId",
-        branchesApiRoute.moveBranchBeforeNote
-    );
-    apiRoute(
-        PUT,
-        "/api/branches/:branchId/move-after/:afterBranchId",
-        branchesApiRoute.moveBranchAfterNote
-    );
-    apiRoute(
-        PUT,
-        "/api/branches/:branchId/expanded/:expanded",
-        branchesApiRoute.setExpanded
-    );
-    apiRoute(
-        PUT,
-        "/api/branches/:branchId/expanded-subtree/:expanded",
-        branchesApiRoute.setExpandedForSubtree
-    );
-    apiRoute(DEL, "/api/branches/:branchId", branchesApiRoute.deleteBranch);
-    apiRoute(
-        PUT,
-        "/api/branches/:branchId/set-prefix",
-        branchesApiRoute.setPrefix
-    );
-
-    apiRoute(
-        GET,
-        "/api/notes/:noteId/attachments",
-        attachmentsApiRoute.getAttachments
-    );
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/attachments",
-        attachmentsApiRoute.saveAttachment
-    );
-    route(
-        PST,
-        "/api/notes/:noteId/attachments/upload",
-        [
-            auth.checkApiAuthOrElectron,
-            uploadMiddlewareWithErrorHandling,
-            csrfMiddleware,
-        ],
-        attachmentsApiRoute.uploadAttachment,
-        apiResultHandler
-    );
-    apiRoute(
-        GET,
-        "/api/attachments/:attachmentId",
-        attachmentsApiRoute.getAttachment
-    );
-    apiRoute(
-        GET,
-        "/api/attachments/:attachmentId/all",
-        attachmentsApiRoute.getAllAttachments
-    );
-    apiRoute(
-        PST,
-        "/api/attachments/:attachmentId/convert-to-note",
-        attachmentsApiRoute.convertAttachmentToNote
-    );
-    apiRoute(
-        DEL,
-        "/api/attachments/:attachmentId",
-        attachmentsApiRoute.deleteAttachment
-    );
-    apiRoute(
-        PUT,
-        "/api/attachments/:attachmentId/rename",
-        attachmentsApiRoute.renameAttachment
-    );
-    apiRoute(
-        GET,
-        "/api/attachments/:attachmentId/blob",
-        attachmentsApiRoute.getAttachmentBlob
-    );
-    route(
-        GET,
-        "/api/attachments/:attachmentId/image/:filename",
-        [auth.checkApiAuthOrElectron],
-        imageRoute.returnAttachedImage
-    );
-    route(
-        GET,
-        "/api/attachments/:attachmentId/open",
-        [auth.checkApiAuthOrElectron],
-        filesRoute.openAttachment
-    );
-    route(
-        GET,
-        "/api/attachments/:attachmentId/open-partial",
-        [auth.checkApiAuthOrElectron],
-        createPartialContentHandler(filesRoute.attachmentContentProvider, {
-            debug: (string, extra) => {
-                console.log(string, extra);
-            },
-        })
-    );
-    route(
-        GET,
-        "/api/attachments/:attachmentId/download",
-        [auth.checkApiAuthOrElectron],
-        filesRoute.downloadAttachment
-    );
-    // this "hacky" path is used for easier referencing of CSS resources
-    route(
-        GET,
-        "/api/attachments/download/:attachmentId",
-        [auth.checkApiAuthOrElectron],
-        filesRoute.downloadAttachment
-    );
-    apiRoute(
-        PST,
-        "/api/attachments/:attachmentId/save-to-tmp-dir",
-        filesRoute.saveAttachmentToTmpDir
-    );
-    apiRoute(
-        PST,
-        "/api/attachments/:attachmentId/upload-modified-file",
-        filesRoute.uploadModifiedFileToAttachment
-    );
-    route(
-        PUT,
-        "/api/attachments/:attachmentId/file",
-        [
-            auth.checkApiAuthOrElectron,
-            uploadMiddlewareWithErrorHandling,
-            csrfMiddleware,
-        ],
-        filesRoute.updateAttachment,
-        apiResultHandler
-    );
-
-    apiRoute(
-        GET,
-        "/api/notes/:noteId/revisions",
-        revisionsApiRoute.getRevisions
-    );
-    apiRoute(
-        DEL,
-        "/api/notes/:noteId/revisions",
-        revisionsApiRoute.eraseAllRevisions
-    );
-    apiRoute(GET, "/api/revisions/:revisionId", revisionsApiRoute.getRevision);
-    apiRoute(
-        GET,
-        "/api/revisions/:revisionId/blob",
-        revisionsApiRoute.getRevisionBlob
-    );
-    apiRoute(
-        DEL,
-        "/api/revisions/:revisionId",
-        revisionsApiRoute.eraseRevision
-    );
-    apiRoute(
-        PST,
-        "/api/revisions/:revisionId/restore",
-        revisionsApiRoute.restoreRevision
-    );
-    route(
-        GET,
-        "/api/revisions/:revisionId/image/:filename",
-        [auth.checkApiAuthOrElectron],
-        imageRoute.returnImageFromRevision
-    );
-
-    route(
-        GET,
-        "/api/revisions/:revisionId/download",
-        [auth.checkApiAuthOrElectron],
-        revisionsApiRoute.downloadRevision
-    );
-
-    route(
-        GET,
-        "/api/branches/:branchId/export/:type/:format/:version/:taskId",
-        [auth.checkApiAuthOrElectron],
-        exportRoute.exportBranch
-    );
-    route(
-        PST,
-        "/api/notes/:parentNoteId/notes-import",
-        [
-            auth.checkApiAuthOrElectron,
-            uploadMiddlewareWithErrorHandling,
-            csrfMiddleware,
-        ],
-        importRoute.importNotesToBranch,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/notes/:parentNoteId/attachments-import",
-        [
-            auth.checkApiAuthOrElectron,
-            uploadMiddlewareWithErrorHandling,
-            csrfMiddleware,
-        ],
-        importRoute.importAttachmentsToNote,
-        apiResultHandler
-    );
-
-    apiRoute(
-        GET,
-        "/api/notes/:noteId/attributes",
-        attributesRoute.getEffectiveNoteAttributes
-    );
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/attributes",
-        attributesRoute.addNoteAttribute
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/attributes",
-        attributesRoute.updateNoteAttributes
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/attribute",
-        attributesRoute.updateNoteAttribute
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/set-attribute",
-        attributesRoute.setNoteAttribute
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/relations/:name/to/:targetNoteId",
-        attributesRoute.createRelation
-    );
-    apiRoute(
-        DEL,
-        "/api/notes/:noteId/relations/:name/to/:targetNoteId",
-        attributesRoute.deleteRelation
-    );
-    apiRoute(
-        DEL,
-        "/api/notes/:noteId/attributes/:attributeId",
-        attributesRoute.deleteNoteAttribute
-    );
-    apiRoute(GET, "/api/attribute-names", attributesRoute.getAttributeNames);
-    apiRoute(
-        GET,
-        "/api/attribute-values/:attributeName",
-        attributesRoute.getValuesForAttribute
-    );
-
-    // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
-    route(
-        GET,
-        "/api/images/:noteId/:filename",
-        [auth.checkApiAuthOrElectron],
-        imageRoute.returnImageFromNote
-    );
-    route(
-        PUT,
-        "/api/images/:noteId",
-        [
-            auth.checkApiAuthOrElectron,
-            uploadMiddlewareWithErrorHandling,
-            csrfMiddleware,
-        ],
-        imageRoute.updateImage,
-        apiResultHandler
-    );
-
-    apiRoute(GET, "/api/options", optionsApiRoute.getOptions);
-    // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
-    apiRoute(PUT, "/api/options/:name/:value*", optionsApiRoute.updateOption);
-    apiRoute(PUT, "/api/options", optionsApiRoute.updateOptions);
-    apiRoute(GET, "/api/options/user-themes", optionsApiRoute.getUserThemes);
-
-    apiRoute(PST, "/api/password/change", passwordApiRoute.changePassword);
-    apiRoute(PST, "/api/password/reset", passwordApiRoute.resetPassword);
-
-    apiRoute(PST, "/api/sync/test", syncApiRoute.testSync);
-    apiRoute(PST, "/api/sync/now", syncApiRoute.syncNow);
-    apiRoute(
-        PST,
-        "/api/sync/fill-entity-changes",
-        syncApiRoute.fillEntityChanges
-    );
-    apiRoute(PST, "/api/sync/force-full-sync", syncApiRoute.forceFullSync);
-    route(
-        GET,
-        "/api/sync/check",
-        [auth.checkApiAuth],
-        syncApiRoute.checkSync,
-        apiResultHandler
-    );
-    route(
-        GET,
-        "/api/sync/changed",
-        [auth.checkApiAuth],
-        syncApiRoute.getChanged,
-        apiResultHandler
-    );
-    route(
-        PUT,
-        "/api/sync/update",
-        [auth.checkApiAuth],
-        syncApiRoute.update,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/sync/finished",
-        [auth.checkApiAuth],
-        syncApiRoute.syncFinished,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/sync/check-entity-changes",
-        [auth.checkApiAuth],
-        syncApiRoute.checkEntityChanges,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/sync/queue-sector/:entityName/:sector",
-        [auth.checkApiAuth],
-        syncApiRoute.queueSector,
-        apiResultHandler
-    );
-    route(GET, "/api/sync/stats", [], syncApiRoute.getStats, apiResultHandler);
-
-    apiRoute(PST, "/api/recent-notes", recentNotesRoute.addRecentNote);
-    apiRoute(GET, "/api/app-info", appInfoRoute.getAppInfo);
-
-    // docker health check
-    route(
-        GET,
-        "/api/health-check",
-        [],
-        () => ({ status: "ok" }),
-        apiResultHandler
-    );
-
-    // group of the services below are meant to be executed from the outside
-    route(
-        GET,
-        "/api/setup/status",
-        [],
-        setupApiRoute.getStatus,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/setup/new-document",
-        [auth.checkAppNotInitialized],
-        setupApiRoute.setupNewDocument,
-        apiResultHandler,
-        false
-    );
-    route(
-        PST,
-        "/api/setup/sync-from-server",
-        [auth.checkAppNotInitialized],
-        setupApiRoute.setupSyncFromServer,
-        apiResultHandler,
-        false
-    );
-    route(
-        GET,
-        "/api/setup/sync-seed",
-        [auth.checkCredentials],
-        setupApiRoute.getSyncSeed,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/setup/sync-seed",
-        [auth.checkAppNotInitialized],
-        setupApiRoute.saveSyncSeed,
-        apiResultHandler,
-        false
-    );
-
-    apiRoute(GET, "/api/autocomplete", autocompleteApiRoute.getAutocomplete);
-    apiRoute(GET, "/api/quick-search/:searchString", searchRoute.quickSearch);
-    apiRoute(GET, "/api/search-note/:noteId", searchRoute.searchFromNote);
-    apiRoute(
-        PST,
-        "/api/search-and-execute-note/:noteId",
-        searchRoute.searchAndExecute
-    );
-    apiRoute(PST, "/api/search-related", searchRoute.getRelatedNotes);
-    apiRoute(GET, "/api/search/:searchString", searchRoute.search);
-    apiRoute(GET, "/api/search-templates", searchRoute.searchTemplates);
-
-    apiRoute(PST, "/api/bulk-action/execute", bulkActionRoute.execute);
-    apiRoute(
-        PST,
-        "/api/bulk-action/affected-notes",
-        bulkActionRoute.getAffectedNoteCount
-    );
-
-    route(
-        PST,
-        "/api/login/sync",
-        [],
-        loginApiRoute.loginSync,
-        apiResultHandler
-    );
-    // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
-    apiRoute(
-        PST,
-        "/api/login/protected",
-        loginApiRoute.loginToProtectedSession
-    );
-    apiRoute(
-        PST,
-        "/api/login/protected/touch",
-        loginApiRoute.touchProtectedSession
-    );
-    apiRoute(
-        PST,
-        "/api/logout/protected",
-        loginApiRoute.logoutFromProtectedSession
-    );
-
-    route(
-        PST,
-        "/api/login/token",
-        [loginRateLimiter],
-        loginApiRoute.token,
-        apiResultHandler
-    );
-
-    apiRoute(GET, "/api/etapi-tokens", etapiTokensApiRoutes.getTokens);
-    apiRoute(PST, "/api/etapi-tokens", etapiTokensApiRoutes.createToken);
-    apiRoute(
-        PATCH,
-        "/api/etapi-tokens/:etapiTokenId",
-        etapiTokensApiRoutes.patchToken
-    );
-    apiRoute(
-        DEL,
-        "/api/etapi-tokens/:etapiTokenId",
-        etapiTokensApiRoutes.deleteToken
-    );
-
-    // in case of local electron, local calls are allowed unauthenticated, for server they need auth
-    const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
-
-    route(
-        GET,
-        "/api/clipper/handshake",
-        clipperMiddleware,
-        clipperRoute.handshake,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/clipper/clippings",
-        clipperMiddleware,
-        clipperRoute.addClipping,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/clipper/notes",
-        clipperMiddleware,
-        clipperRoute.createNote,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/clipper/open/:noteId",
-        clipperMiddleware,
-        clipperRoute.openNote,
-        apiResultHandler
-    );
-    route(
-        GET,
-        "/api/clipper/notes-by-url/:noteUrl",
-        clipperMiddleware,
-        clipperRoute.findNotesByUrl,
-        apiResultHandler
-    );
-
-    apiRoute(
-        GET,
-        "/api/special-notes/inbox/:date",
-        specialNotesRoute.getInboxNote
-    );
-    apiRoute(
-        GET,
-        "/api/special-notes/days/:date",
-        specialNotesRoute.getDayNote
-    );
-    apiRoute(
-        GET,
-        "/api/special-notes/weeks/:date",
-        specialNotesRoute.getWeekNote
-    );
-    apiRoute(
-        GET,
-        "/api/special-notes/months/:month",
-        specialNotesRoute.getMonthNote
-    );
-    apiRoute(
-        GET,
-        "/api/special-notes/years/:year",
-        specialNotesRoute.getYearNote
-    );
-    apiRoute(
-        GET,
-        "/api/special-notes/notes-for-month/:month",
-        specialNotesRoute.getDayNotesForMonth
-    );
-    apiRoute(
-        PST,
-        "/api/special-notes/sql-console",
-        specialNotesRoute.createSqlConsole
-    );
-    apiRoute(
-        PST,
-        "/api/special-notes/save-sql-console",
-        specialNotesRoute.saveSqlConsole
-    );
-    apiRoute(
-        PST,
-        "/api/special-notes/search-note",
-        specialNotesRoute.createSearchNote
-    );
-    apiRoute(
-        PST,
-        "/api/special-notes/save-search-note",
-        specialNotesRoute.saveSearchNote
-    );
-    apiRoute(
-        PST,
-        "/api/special-notes/launchers/:noteId/reset",
-        specialNotesRoute.resetLauncher
-    );
-    apiRoute(
-        PST,
-        "/api/special-notes/launchers/:parentNoteId/:launcherType",
-        specialNotesRoute.createLauncher
-    );
-    apiRoute(
-        PUT,
-        "/api/special-notes/api-script-launcher",
-        specialNotesRoute.createOrUpdateScriptLauncherFromApi
-    );
-
-    apiRoute(GET, "/api/sql/schema", sqlRoute.getSchema);
-    apiRoute(PST, "/api/sql/execute/:noteId", sqlRoute.execute);
-    route(
-        PST,
-        "/api/database/anonymize/:type",
-        [auth.checkApiAuthOrElectron, csrfMiddleware],
-        databaseRoute.anonymize,
-        apiResultHandler,
-        false
-    );
-    apiRoute(
-        GET,
-        "/api/database/anonymized-databases",
-        databaseRoute.getExistingAnonymizedDatabases
-    );
-
-    // backup requires execution outside of transaction
-    route(
-        PST,
-        "/api/database/backup-database",
-        [auth.checkApiAuthOrElectron, csrfMiddleware],
-        databaseRoute.backupDatabase,
-        apiResultHandler,
-        false
-    );
-    apiRoute(GET, "/api/database/backups", databaseRoute.getExistingBackups);
-
-    // VACUUM requires execution outside of transaction
-    route(
-        PST,
-        "/api/database/vacuum-database",
-        [auth.checkApiAuthOrElectron, csrfMiddleware],
-        databaseRoute.vacuumDatabase,
-        apiResultHandler,
-        false
-    );
-
-    route(
-        PST,
-        "/api/database/find-and-fix-consistency-issues",
-        [auth.checkApiAuthOrElectron, csrfMiddleware],
-        databaseRoute.findAndFixConsistencyIssues,
-        apiResultHandler,
-        false
-    );
-
-    apiRoute(
-        GET,
-        "/api/database/check-integrity",
-        databaseRoute.checkIntegrity
-    );
-
-    route(
-        PST,
-        "/api/script/exec",
-        [auth.checkApiAuth, csrfMiddleware],
-        scriptRoute.exec,
-        apiResultHandler,
-        false
-    );
-
-    apiRoute(PST, "/api/script/run/:noteId", scriptRoute.run);
-    apiRoute(GET, "/api/script/startup", scriptRoute.getStartupBundles);
-    apiRoute(GET, "/api/script/widgets", scriptRoute.getWidgetBundles);
-    apiRoute(PST, "/api/script/bundle/:noteId", scriptRoute.getBundle);
-    apiRoute(
-        GET,
-        "/api/script/relation/:noteId/:relationName",
-        scriptRoute.getRelationBundles
-    );
-
-    // no CSRF since this is called from android app
-    route(
-        PST,
-        "/api/sender/login",
-        [loginRateLimiter],
-        loginApiRoute.token,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/sender/image",
-        [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
-        senderRoute.uploadImage,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/sender/note",
-        [auth.checkEtapiToken],
-        senderRoute.saveNote,
-        apiResultHandler
-    );
-
-    apiRoute(GET, "/api/keyboard-actions", keysRoute.getKeyboardActions);
-    apiRoute(
-        GET,
-        "/api/keyboard-shortcuts-for-notes",
-        keysRoute.getShortcutsForNotes
-    );
-
-    apiRoute(PST, "/api/relation-map", relationMapApiRoute.getRelationMap);
-    apiRoute(
-        PST,
-        "/api/notes/erase-deleted-notes-now",
-        notesApiRoute.eraseDeletedNotesNow
-    );
-    apiRoute(
-        PST,
-        "/api/notes/erase-unused-attachments-now",
-        notesApiRoute.eraseUnusedAttachmentsNow
-    );
-    apiRoute(
-        GET,
-        "/api/similar-notes/:noteId",
-        similarNotesRoute.getSimilarNotes
-    );
-    apiRoute(GET, "/api/backend-log", backendLogRoute.getBackendLog);
-    apiRoute(GET, "/api/stats/note-size/:noteId", statsRoute.getNoteSize);
-    apiRoute(GET, "/api/stats/subtree-size/:noteId", statsRoute.getSubtreeSize);
-    apiRoute(
-        PST,
-        "/api/delete-notes-preview",
-        notesApiRoute.getDeleteNotesPreview
-    );
-    route(
-        GET,
-        "/api/fonts",
-        [auth.checkApiAuthOrElectron],
-        fontsRoute.getFontCss
-    );
-    apiRoute(GET, "/api/other/icon-usage", otherRoute.getIconUsage);
-    apiRoute(PST, "/api/other/render-markdown", otherRoute.renderMarkdown);
-    apiRoute(
-        GET,
-        "/api/recent-changes/:ancestorNoteId",
-        recentChangesApiRoute.getRecentChanges
-    );
-    apiRoute(
-        GET,
-        "/api/edited-notes/:date",
-        revisionsApiRoute.getEditedNotesOnDate
-    );
-
-    apiRoute(PST, "/api/note-map/:noteId/tree", noteMapRoute.getTreeMap);
-    apiRoute(PST, "/api/note-map/:noteId/link", noteMapRoute.getLinkMap);
-    apiRoute(
-        GET,
-        "/api/note-map/:noteId/backlink-count",
-        noteMapRoute.getBacklinkCount
-    );
-    apiRoute(GET, "/api/note-map/:noteId/backlinks", noteMapRoute.getBacklinks);
-
-    shareRoutes.register(router);
-
-    etapiAuthRoutes.register(router, [loginRateLimiter]);
-    etapiAppInfoRoutes.register(router);
-    etapiAttachmentRoutes.register(router);
-    etapiAttributeRoutes.register(router);
-    etapiBranchRoutes.register(router);
-    etapiNoteRoutes.register(router);
-    etapiSpecialNoteRoutes.register(router);
-    etapiSpecRoute.register(router);
-    etapiBackupRoute.register(router);
-
-    app.use("", router);
+  route(GET, "/", [auth.checkAuth, csrfMiddleware], indexRoute.index);
+  route(
+    GET,
+    "/login",
+    [auth.checkAppInitialized, auth.checkPasswordSet],
+    loginRoute.loginPage
+  );
+  route(
+    GET,
+    "/set-password",
+    [auth.checkAppInitialized, auth.checkPasswordNotSet],
+    loginRoute.setPasswordPage
+  );
+
+  const loginRateLimiter = rateLimit.rateLimit({
+    windowMs: 15 * 60 * 1000, // 15 minutes
+    max: 10, // limit each IP to 10 requests per windowMs
+    skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
+  });
+
+  route(PST, "/login", [loginRateLimiter], loginRoute.login);
+  route(PST, "/logout", [csrfMiddleware, auth.checkAuth], loginRoute.logout);
+  route(
+    PST,
+    "/set-password",
+    [auth.checkAppInitialized, auth.checkPasswordNotSet],
+    loginRoute.setPassword
+  );
+  route(GET, "/setup", [], setupRoute.setupPage);
+
+  apiRoute(GET, "/api/totp/generate", totp.generateSecret);
+  apiRoute(GET, "/api/totp/enabled", totp.checkForTOTP);
+  apiRoute(PST, "/api/totp/enable", totp.enableTOTP);
+  apiRoute(PST, "/api/totp/disable", totp.disableTOTP);
+  apiRoute(PST, "/api/totp/set", totp.setTotpSecret);
+  apiRoute(GET, "/api/totp/get", totp.getSecret);
+
+  apiRoute(PST, "/api/totp_recovery/set", recoveryCodes.setRecoveryCodes);
+  apiRoute(PST, "/api/totp_recovery/verify", recoveryCodes.veryifyRecoveryCode);
+
+  apiRoute(GET, "/api/tree", treeApiRoute.getTree);
+  apiRoute(PST, "/api/tree/load", treeApiRoute.load);
+
+  apiRoute(GET, "/api/notes/:noteId", notesApiRoute.getNote);
+  apiRoute(GET, "/api/notes/:noteId/blob", notesApiRoute.getNoteBlob);
+  apiRoute(GET, "/api/notes/:noteId/metadata", notesApiRoute.getNoteMetadata);
+  apiRoute(PUT, "/api/notes/:noteId/data", notesApiRoute.updateNoteData);
+  apiRoute(DEL, "/api/notes/:noteId", notesApiRoute.deleteNote);
+  apiRoute(PUT, "/api/notes/:noteId/undelete", notesApiRoute.undeleteNote);
+  apiRoute(PST, "/api/notes/:noteId/revision", notesApiRoute.forceSaveRevision);
+  apiRoute(PST, "/api/notes/:parentNoteId/children", notesApiRoute.createNote);
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/sort-children",
+    notesApiRoute.sortChildNotes
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/protect/:isProtected",
+    notesApiRoute.protectNote
+  );
+  apiRoute(PUT, "/api/notes/:noteId/type", notesApiRoute.setNoteTypeMime);
+  apiRoute(PUT, "/api/notes/:noteId/title", notesApiRoute.changeTitle);
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/duplicPOSTate/:parentNoteId",
+    notesApiRoute.duplicateSubtree
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/clone-to-branch/:parentBranchId",
+    cloningApiRoute.cloneNoteToBranch
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present",
+    cloningApiRoute.toggleNoteInParent
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/clone-to-note/:parentNoteId",
+    cloningApiRoute.cloneNoteToParentNote
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/clone-after/:afterBranchId",
+    cloningApiRoute.cloneNoteAfter
+  );
+  route(
+    PUT,
+    "/api/notes/:noteId/file",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    filesRoute.updateFile,
+    apiResultHandler
+  );
+  route(
+    GET,
+    "/api/notes/:noteId/open",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.openFile
+  );
+  route(
+    GET,
+    "/api/notes/:noteId/open-partial",
+    [auth.checkApiAuthOrElectron],
+    createPartialContentHandler(filesRoute.fileContentProvider, {
+      debug: (string, extra) => {
+        console.log(string, extra);
+      },
+    })
+  );
+  route(
+    GET,
+    "/api/notes/:noteId/download",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.downloadFile
+  );
+  // this "hacky" path is used for easier referencing of CSS resources
+  route(
+    GET,
+    "/api/notes/download/:noteId",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.downloadFile
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/save-to-tmp-dir",
+    filesRoute.saveNoteToTmpDir
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/upload-modified-file",
+    filesRoute.uploadModifiedFileToNote
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/convert-to-attachment",
+    notesApiRoute.convertNoteToAttachment
+  );
+
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/move-to/:parentBranchId",
+    branchesApiRoute.moveBranchToParent
+  );
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/move-before/:beforeBranchId",
+    branchesApiRoute.moveBranchBeforeNote
+  );
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/move-after/:afterBranchId",
+    branchesApiRoute.moveBranchAfterNote
+  );
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/expanded/:expanded",
+    branchesApiRoute.setExpanded
+  );
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/expanded-subtree/:expanded",
+    branchesApiRoute.setExpandedForSubtree
+  );
+  apiRoute(DEL, "/api/branches/:branchId", branchesApiRoute.deleteBranch);
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/set-prefix",
+    branchesApiRoute.setPrefix
+  );
+
+  apiRoute(
+    GET,
+    "/api/notes/:noteId/attachments",
+    attachmentsApiRoute.getAttachments
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/attachments",
+    attachmentsApiRoute.saveAttachment
+  );
+  route(
+    PST,
+    "/api/notes/:noteId/attachments/upload",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    attachmentsApiRoute.uploadAttachment,
+    apiResultHandler
+  );
+  apiRoute(
+    GET,
+    "/api/attachments/:attachmentId",
+    attachmentsApiRoute.getAttachment
+  );
+  apiRoute(
+    GET,
+    "/api/attachments/:attachmentId/all",
+    attachmentsApiRoute.getAllAttachments
+  );
+  apiRoute(
+    PST,
+    "/api/attachments/:attachmentId/convert-to-note",
+    attachmentsApiRoute.convertAttachmentToNote
+  );
+  apiRoute(
+    DEL,
+    "/api/attachments/:attachmentId",
+    attachmentsApiRoute.deleteAttachment
+  );
+  apiRoute(
+    PUT,
+    "/api/attachments/:attachmentId/rename",
+    attachmentsApiRoute.renameAttachment
+  );
+  apiRoute(
+    GET,
+    "/api/attachments/:attachmentId/blob",
+    attachmentsApiRoute.getAttachmentBlob
+  );
+  route(
+    GET,
+    "/api/attachments/:attachmentId/image/:filename",
+    [auth.checkApiAuthOrElectron],
+    imageRoute.returnAttachedImage
+  );
+  route(
+    GET,
+    "/api/attachments/:attachmentId/open",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.openAttachment
+  );
+  route(
+    GET,
+    "/api/attachments/:attachmentId/open-partial",
+    [auth.checkApiAuthOrElectron],
+    createPartialContentHandler(filesRoute.attachmentContentProvider, {
+      debug: (string, extra) => {
+        console.log(string, extra);
+      },
+    })
+  );
+  route(
+    GET,
+    "/api/attachments/:attachmentId/download",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.downloadAttachment
+  );
+  // this "hacky" path is used for easier referencing of CSS resources
+  route(
+    GET,
+    "/api/attachments/download/:attachmentId",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.downloadAttachment
+  );
+  apiRoute(
+    PST,
+    "/api/attachments/:attachmentId/save-to-tmp-dir",
+    filesRoute.saveAttachmentToTmpDir
+  );
+  apiRoute(
+    PST,
+    "/api/attachments/:attachmentId/upload-modified-file",
+    filesRoute.uploadModifiedFileToAttachment
+  );
+  route(
+    PUT,
+    "/api/attachments/:attachmentId/file",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    filesRoute.updateAttachment,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/notes/:noteId/revisions", revisionsApiRoute.getRevisions);
+  apiRoute(
+    DEL,
+    "/api/notes/:noteId/revisions",
+    revisionsApiRoute.eraseAllRevisions
+  );
+  apiRoute(GET, "/api/revisions/:revisionId", revisionsApiRoute.getRevision);
+  apiRoute(
+    GET,
+    "/api/revisions/:revisionId/blob",
+    revisionsApiRoute.getRevisionBlob
+  );
+  apiRoute(DEL, "/api/revisions/:revisionId", revisionsApiRoute.eraseRevision);
+  apiRoute(
+    PST,
+    "/api/revisions/:revisionId/restore",
+    revisionsApiRoute.restoreRevision
+  );
+  route(
+    GET,
+    "/api/revisions/:revisionId/image/:filename",
+    [auth.checkApiAuthOrElectron],
+    imageRoute.returnImageFromRevision
+  );
+
+  route(
+    GET,
+    "/api/revisions/:revisionId/download",
+    [auth.checkApiAuthOrElectron],
+    revisionsApiRoute.downloadRevision
+  );
+
+  route(
+    GET,
+    "/api/branches/:branchId/export/:type/:format/:version/:taskId",
+    [auth.checkApiAuthOrElectron],
+    exportRoute.exportBranch
+  );
+  route(
+    PST,
+    "/api/notes/:parentNoteId/notes-import",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    importRoute.importNotesToBranch,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/notes/:parentNoteId/attachments-import",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    importRoute.importAttachmentsToNote,
+    apiResultHandler
+  );
+
+  apiRoute(
+    GET,
+    "/api/notes/:noteId/attributes",
+    attributesRoute.getEffectiveNoteAttributes
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/attributes",
+    attributesRoute.addNoteAttribute
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/attributes",
+    attributesRoute.updateNoteAttributes
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/attribute",
+    attributesRoute.updateNoteAttribute
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/set-attribute",
+    attributesRoute.setNoteAttribute
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/relations/:name/to/:targetNoteId",
+    attributesRoute.createRelation
+  );
+  apiRoute(
+    DEL,
+    "/api/notes/:noteId/relations/:name/to/:targetNoteId",
+    attributesRoute.deleteRelation
+  );
+  apiRoute(
+    DEL,
+    "/api/notes/:noteId/attributes/:attributeId",
+    attributesRoute.deleteNoteAttribute
+  );
+  apiRoute(GET, "/api/attribute-names", attributesRoute.getAttributeNames);
+  apiRoute(
+    GET,
+    "/api/attribute-values/:attributeName",
+    attributesRoute.getValuesForAttribute
+  );
+
+  // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
+  route(
+    GET,
+    "/api/images/:noteId/:filename",
+    [auth.checkApiAuthOrElectron],
+    imageRoute.returnImageFromNote
+  );
+  route(
+    PUT,
+    "/api/images/:noteId",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    imageRoute.updateImage,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/options", optionsApiRoute.getOptions);
+  // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
+  apiRoute(PUT, "/api/options/:name/:value*", optionsApiRoute.updateOption);
+  apiRoute(PUT, "/api/options", optionsApiRoute.updateOptions);
+  apiRoute(GET, "/api/options/user-themes", optionsApiRoute.getUserThemes);
+
+  apiRoute(PST, "/api/password/change", passwordApiRoute.changePassword);
+  apiRoute(PST, "/api/password/reset", passwordApiRoute.resetPassword);
+
+  apiRoute(PST, "/api/sync/test", syncApiRoute.testSync);
+  apiRoute(PST, "/api/sync/now", syncApiRoute.syncNow);
+  apiRoute(
+    PST,
+    "/api/sync/fill-entity-changes",
+    syncApiRoute.fillEntityChanges
+  );
+  apiRoute(PST, "/api/sync/force-full-sync", syncApiRoute.forceFullSync);
+  route(
+    GET,
+    "/api/sync/check",
+    [auth.checkApiAuth],
+    syncApiRoute.checkSync,
+    apiResultHandler
+  );
+  route(
+    GET,
+    "/api/sync/changed",
+    [auth.checkApiAuth],
+    syncApiRoute.getChanged,
+    apiResultHandler
+  );
+  route(
+    PUT,
+    "/api/sync/update",
+    [auth.checkApiAuth],
+    syncApiRoute.update,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sync/finished",
+    [auth.checkApiAuth],
+    syncApiRoute.syncFinished,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sync/check-entity-changes",
+    [auth.checkApiAuth],
+    syncApiRoute.checkEntityChanges,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sync/queue-sector/:entityName/:sector",
+    [auth.checkApiAuth],
+    syncApiRoute.queueSector,
+    apiResultHandler
+  );
+  route(GET, "/api/sync/stats", [], syncApiRoute.getStats, apiResultHandler);
+
+  apiRoute(PST, "/api/recent-notes", recentNotesRoute.addRecentNote);
+  apiRoute(GET, "/api/app-info", appInfoRoute.getAppInfo);
+
+  // docker health check
+  route(
+    GET,
+    "/api/health-check",
+    [],
+    () => ({ status: "ok" }),
+    apiResultHandler
+  );
+
+  // group of the services below are meant to be executed from the outside
+  route(
+    GET,
+    "/api/setup/status",
+    [],
+    setupApiRoute.getStatus,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/setup/new-document",
+    [auth.checkAppNotInitialized],
+    setupApiRoute.setupNewDocument,
+    apiResultHandler,
+    false
+  );
+  route(
+    PST,
+    "/api/setup/sync-from-server",
+    [auth.checkAppNotInitialized],
+    setupApiRoute.setupSyncFromServer,
+    apiResultHandler,
+    false
+  );
+  route(
+    GET,
+    "/api/setup/sync-seed",
+    [auth.checkCredentials],
+    setupApiRoute.getSyncSeed,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/setup/sync-seed",
+    [auth.checkAppNotInitialized],
+    setupApiRoute.saveSyncSeed,
+    apiResultHandler,
+    false
+  );
+
+  apiRoute(GET, "/api/autocomplete", autocompleteApiRoute.getAutocomplete);
+  apiRoute(GET, "/api/quick-search/:searchString", searchRoute.quickSearch);
+  apiRoute(GET, "/api/search-note/:noteId", searchRoute.searchFromNote);
+  apiRoute(
+    PST,
+    "/api/search-and-execute-note/:noteId",
+    searchRoute.searchAndExecute
+  );
+  apiRoute(PST, "/api/search-related", searchRoute.getRelatedNotes);
+  apiRoute(GET, "/api/search/:searchString", searchRoute.search);
+  apiRoute(GET, "/api/search-templates", searchRoute.searchTemplates);
+
+  apiRoute(PST, "/api/bulk-action/execute", bulkActionRoute.execute);
+  apiRoute(
+    PST,
+    "/api/bulk-action/affected-notes",
+    bulkActionRoute.getAffectedNoteCount
+  );
+
+  route(PST, "/api/login/sync", [], loginApiRoute.loginSync, apiResultHandler);
+  // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
+  apiRoute(PST, "/api/login/protected", loginApiRoute.loginToProtectedSession);
+  apiRoute(
+    PST,
+    "/api/login/protected/touch",
+    loginApiRoute.touchProtectedSession
+  );
+  apiRoute(
+    PST,
+    "/api/logout/protected",
+    loginApiRoute.logoutFromProtectedSession
+  );
+
+  route(
+    PST,
+    "/api/login/token",
+    [loginRateLimiter],
+    loginApiRoute.token,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/etapi-tokens", etapiTokensApiRoutes.getTokens);
+  apiRoute(PST, "/api/etapi-tokens", etapiTokensApiRoutes.createToken);
+  apiRoute(
+    PATCH,
+    "/api/etapi-tokens/:etapiTokenId",
+    etapiTokensApiRoutes.patchToken
+  );
+  apiRoute(
+    DEL,
+    "/api/etapi-tokens/:etapiTokenId",
+    etapiTokensApiRoutes.deleteToken
+  );
+
+  // in case of local electron, local calls are allowed unauthenticated, for server they need auth
+  const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
+
+  route(
+    GET,
+    "/api/clipper/handshake",
+    clipperMiddleware,
+    clipperRoute.handshake,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/clipper/clippings",
+    clipperMiddleware,
+    clipperRoute.addClipping,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/clipper/notes",
+    clipperMiddleware,
+    clipperRoute.createNote,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/clipper/open/:noteId",
+    clipperMiddleware,
+    clipperRoute.openNote,
+    apiResultHandler
+  );
+  route(
+    GET,
+    "/api/clipper/notes-by-url/:noteUrl",
+    clipperMiddleware,
+    clipperRoute.findNotesByUrl,
+    apiResultHandler
+  );
+
+  apiRoute(
+    GET,
+    "/api/special-notes/inbox/:date",
+    specialNotesRoute.getInboxNote
+  );
+  apiRoute(GET, "/api/special-notes/days/:date", specialNotesRoute.getDayNote);
+  apiRoute(
+    GET,
+    "/api/special-notes/weeks/:date",
+    specialNotesRoute.getWeekNote
+  );
+  apiRoute(
+    GET,
+    "/api/special-notes/months/:month",
+    specialNotesRoute.getMonthNote
+  );
+  apiRoute(
+    GET,
+    "/api/special-notes/years/:year",
+    specialNotesRoute.getYearNote
+  );
+  apiRoute(
+    GET,
+    "/api/special-notes/notes-for-month/:month",
+    specialNotesRoute.getDayNotesForMonth
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/sql-console",
+    specialNotesRoute.createSqlConsole
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/save-sql-console",
+    specialNotesRoute.saveSqlConsole
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/search-note",
+    specialNotesRoute.createSearchNote
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/save-search-note",
+    specialNotesRoute.saveSearchNote
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/launchers/:noteId/reset",
+    specialNotesRoute.resetLauncher
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/launchers/:parentNoteId/:launcherType",
+    specialNotesRoute.createLauncher
+  );
+  apiRoute(
+    PUT,
+    "/api/special-notes/api-script-launcher",
+    specialNotesRoute.createOrUpdateScriptLauncherFromApi
+  );
+
+  apiRoute(GET, "/api/sql/schema", sqlRoute.getSchema);
+  apiRoute(PST, "/api/sql/execute/:noteId", sqlRoute.execute);
+  route(
+    PST,
+    "/api/database/anonymize/:type",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.anonymize,
+    apiResultHandler,
+    false
+  );
+  apiRoute(
+    GET,
+    "/api/database/anonymized-databases",
+    databaseRoute.getExistingAnonymizedDatabases
+  );
+
+  // backup requires execution outside of transaction
+  route(
+    PST,
+    "/api/database/backup-database",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.backupDatabase,
+    apiResultHandler,
+    false
+  );
+  apiRoute(GET, "/api/database/backups", databaseRoute.getExistingBackups);
+
+  // VACUUM requires execution outside of transaction
+  route(
+    PST,
+    "/api/database/vacuum-database",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.vacuumDatabase,
+    apiResultHandler,
+    false
+  );
+
+  route(
+    PST,
+    "/api/database/find-and-fix-consistency-issues",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.findAndFixConsistencyIssues,
+    apiResultHandler,
+    false
+  );
+
+  apiRoute(GET, "/api/database/check-integrity", databaseRoute.checkIntegrity);
+
+  route(
+    PST,
+    "/api/script/exec",
+    [auth.checkApiAuth, csrfMiddleware],
+    scriptRoute.exec,
+    apiResultHandler,
+    false
+  );
+
+  apiRoute(PST, "/api/script/run/:noteId", scriptRoute.run);
+  apiRoute(GET, "/api/script/startup", scriptRoute.getStartupBundles);
+  apiRoute(GET, "/api/script/widgets", scriptRoute.getWidgetBundles);
+  apiRoute(PST, "/api/script/bundle/:noteId", scriptRoute.getBundle);
+  apiRoute(
+    GET,
+    "/api/script/relation/:noteId/:relationName",
+    scriptRoute.getRelationBundles
+  );
+
+  // no CSRF since this is called from android app
+  route(
+    PST,
+    "/api/sender/login",
+    [loginRateLimiter],
+    loginApiRoute.token,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sender/image",
+    [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
+    senderRoute.uploadImage,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sender/note",
+    [auth.checkEtapiToken],
+    senderRoute.saveNote,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/keyboard-actions", keysRoute.getKeyboardActions);
+  apiRoute(
+    GET,
+    "/api/keyboard-shortcuts-for-notes",
+    keysRoute.getShortcutsForNotes
+  );
+
+  apiRoute(PST, "/api/relation-map", relationMapApiRoute.getRelationMap);
+  apiRoute(
+    PST,
+    "/api/notes/erase-deleted-notes-now",
+    notesApiRoute.eraseDeletedNotesNow
+  );
+  apiRoute(
+    PST,
+    "/api/notes/erase-unused-attachments-now",
+    notesApiRoute.eraseUnusedAttachmentsNow
+  );
+  apiRoute(
+    GET,
+    "/api/similar-notes/:noteId",
+    similarNotesRoute.getSimilarNotes
+  );
+  apiRoute(GET, "/api/backend-log", backendLogRoute.getBackendLog);
+  apiRoute(GET, "/api/stats/note-size/:noteId", statsRoute.getNoteSize);
+  apiRoute(GET, "/api/stats/subtree-size/:noteId", statsRoute.getSubtreeSize);
+  apiRoute(
+    PST,
+    "/api/delete-notes-preview",
+    notesApiRoute.getDeleteNotesPreview
+  );
+  route(
+    GET,
+    "/api/fonts",
+    [auth.checkApiAuthOrElectron],
+    fontsRoute.getFontCss
+  );
+  apiRoute(GET, "/api/other/icon-usage", otherRoute.getIconUsage);
+  apiRoute(PST, "/api/other/render-markdown", otherRoute.renderMarkdown);
+  apiRoute(
+    GET,
+    "/api/recent-changes/:ancestorNoteId",
+    recentChangesApiRoute.getRecentChanges
+  );
+  apiRoute(
+    GET,
+    "/api/edited-notes/:date",
+    revisionsApiRoute.getEditedNotesOnDate
+  );
+
+  apiRoute(PST, "/api/note-map/:noteId/tree", noteMapRoute.getTreeMap);
+  apiRoute(PST, "/api/note-map/:noteId/link", noteMapRoute.getLinkMap);
+  apiRoute(
+    GET,
+    "/api/note-map/:noteId/backlink-count",
+    noteMapRoute.getBacklinkCount
+  );
+  apiRoute(GET, "/api/note-map/:noteId/backlinks", noteMapRoute.getBacklinks);
+
+  shareRoutes.register(router);
+
+  etapiAuthRoutes.register(router, [loginRateLimiter]);
+  etapiAppInfoRoutes.register(router);
+  etapiAttachmentRoutes.register(router);
+  etapiAttributeRoutes.register(router);
+  etapiBranchRoutes.register(router);
+  etapiNoteRoutes.register(router);
+  etapiSpecialNoteRoutes.register(router);
+  etapiSpecRoute.register(router);
+  etapiBackupRoute.register(router);
+
+  app.use("", router);
 }
 
 /** Handling common patterns. If entity is not caught, serialization to JSON will fail */
 function convertEntitiesToPojo(result: unknown) {
-    if (result instanceof AbstractBeccaEntity) {
-        result = result.getPojo();
-    } else if (Array.isArray(result)) {
-        for (const idx in result) {
-            if (result[idx] instanceof AbstractBeccaEntity) {
-                result[idx] = result[idx].getPojo();
-            }
-        }
-    } else if (result && typeof result === "object") {
-        if ("note" in result && result.note instanceof AbstractBeccaEntity) {
-            result.note = result.note.getPojo();
-        }
-
-        if (
-            "branch" in result &&
-            result.branch instanceof AbstractBeccaEntity
-        ) {
-            result.branch = result.branch.getPojo();
-        }
+  if (result instanceof AbstractBeccaEntity) {
+    result = result.getPojo();
+  } else if (Array.isArray(result)) {
+    for (const idx in result) {
+      if (result[idx] instanceof AbstractBeccaEntity) {
+        result[idx] = result[idx].getPojo();
+      }
+    }
+  } else if (result && typeof result === "object") {
+    if ("note" in result && result.note instanceof AbstractBeccaEntity) {
+      result.note = result.note.getPojo();
     }
 
-    if (result && typeof result === "object" && "executionResult" in result) {
-        // from runOnBackend()
-        result.executionResult = convertEntitiesToPojo(result.executionResult);
+    if ("branch" in result && result.branch instanceof AbstractBeccaEntity) {
+      result.branch = result.branch.getPojo();
     }
+  }
 
-    return result;
+  if (result && typeof result === "object" && "executionResult" in result) {
+    // from runOnBackend()
+    result.executionResult = convertEntitiesToPojo(result.executionResult);
+  }
+
+  return result;
 }
 
 function apiResultHandler(
-    req: express.Request,
-    res: express.Response,
-    result: unknown
+  req: express.Request,
+  res: express.Response,
+  result: unknown
 ) {
-    res.setHeader(
-        "trilium-max-entity-change-id",
-        entityChangesService.getMaxEntityChangeId()
-    );
-
-    result = convertEntitiesToPojo(result);
-
-    // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
-    if (
-        Array.isArray(result) &&
-        result.length > 0 &&
-        Number.isInteger(result[0])
-    ) {
-        const [statusCode, response] = result;
-
-        if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
-            log.info(
-                `${req.method} ${
-                    req.originalUrl
-                } returned ${statusCode} with response ${JSON.stringify(
-                    response
-                )}`
-            );
-        }
-
-        return send(res, statusCode, response);
-    } else if (result === undefined) {
-        return send(res, 204, "");
-    } else {
-        return send(res, 200, result);
+  res.setHeader(
+    "trilium-max-entity-change-id",
+    entityChangesService.getMaxEntityChangeId()
+  );
+
+  result = convertEntitiesToPojo(result);
+
+  // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
+  if (
+    Array.isArray(result) &&
+    result.length > 0 &&
+    Number.isInteger(result[0])
+  ) {
+    const [statusCode, response] = result;
+
+    if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
+      log.info(
+        `${req.method} ${
+          req.originalUrl
+        } returned ${statusCode} with response ${JSON.stringify(response)}`
+      );
     }
+
+    return send(res, statusCode, response);
+  } else if (result === undefined) {
+    return send(res, 204, "");
+  } else {
+    return send(res, 200, result);
+  }
 }
 
 function send(res: express.Response, statusCode: number, response: unknown) {
-    if (typeof response === "string") {
-        if (statusCode >= 400) {
-            res.setHeader("Content-Type", "text/plain");
-        }
+  if (typeof response === "string") {
+    if (statusCode >= 400) {
+      res.setHeader("Content-Type", "text/plain");
+    }
 
-        res.status(statusCode).send(response);
+    res.status(statusCode).send(response);
 
-        return response.length;
-    } else {
-        const json = JSON.stringify(response);
+    return response.length;
+  } else {
+    const json = JSON.stringify(response);
 
-        res.setHeader("Content-Type", "application/json");
-        res.status(statusCode).send(json);
+    res.setHeader("Content-Type", "application/json");
+    res.status(statusCode).send(json);
 
-        return json.length;
-    }
+    return json.length;
+  }
 }
 
 function apiRoute(
-    method: HttpMethod,
-    path: string,
-    routeHandler: express.Handler
+  method: HttpMethod,
+  path: string,
+  routeHandler: express.Handler
 ) {
-    route(
-        method,
-        path,
-        [auth.checkApiAuth, csrfMiddleware],
-        routeHandler,
-        apiResultHandler
-    );
+  route(
+    method,
+    path,
+    [auth.checkApiAuth, csrfMiddleware],
+    routeHandler,
+    apiResultHandler
+  );
 }
 
 function route(
-    method: HttpMethod,
-    path: string,
-    middleware: (express.Handler | AppRequestHandler)[],
-    routeHandler: AppRequestHandler,
-    resultHandler: ApiResultHandler | null = null,
-    transactional = true
+  method: HttpMethod,
+  path: string,
+  middleware: (express.Handler | AppRequestHandler)[],
+  routeHandler: AppRequestHandler,
+  resultHandler: ApiResultHandler | null = null,
+  transactional = true
 ) {
-    router[method](
-        path,
-        ...(middleware as express.Handler[]),
-        (
-            req: express.Request,
-            res: express.Response,
-            next: express.NextFunction
-        ) => {
-            const start = Date.now();
-
-            try {
-                cls.namespace.bindEmitter(req);
-                cls.namespace.bindEmitter(res);
-
-                const result = cls.init(() => {
-                    cls.set("componentId", req.headers["trilium-component-id"]);
-                    cls.set(
-                        "localNowDateTime",
-                        req.headers["trilium-local-now-datetime"]
-                    );
-                    cls.set(
-                        "hoistedNoteId",
-                        req.headers["trilium-hoisted-note-id"] || "root"
-                    );
-
-                    const cb = () => routeHandler(req as AppRequest, res, next);
-
-                    return transactional ? sql.transactional(cb) : cb();
-                });
-
-                if (!resultHandler) {
-                    return;
-                }
-
-                if (result?.then) {
-                    // promise
-                    result
-                        .then((promiseResult: unknown) =>
-                            handleResponse(
-                                resultHandler,
-                                req,
-                                res,
-                                promiseResult,
-                                start
-                            )
-                        )
-                        .catch((e: any) =>
-                            handleException(e, method, path, res)
-                        );
-                } else {
-                    handleResponse(resultHandler, req, res, result, start);
-                }
-            } catch (e) {
-                handleException(e, method, path, res);
-            }
+  router[method](
+    path,
+    ...(middleware as express.Handler[]),
+    (
+      req: express.Request,
+      res: express.Response,
+      next: express.NextFunction
+    ) => {
+      const start = Date.now();
+
+      try {
+        cls.namespace.bindEmitter(req);
+        cls.namespace.bindEmitter(res);
+
+        const result = cls.init(() => {
+          cls.set("componentId", req.headers["trilium-component-id"]);
+          cls.set(
+            "localNowDateTime",
+            req.headers["trilium-local-now-datetime"]
+          );
+          cls.set(
+            "hoistedNoteId",
+            req.headers["trilium-hoisted-note-id"] || "root"
+          );
+
+          const cb = () => routeHandler(req as AppRequest, res, next);
+
+          return transactional ? sql.transactional(cb) : cb();
+        });
+
+        if (!resultHandler) {
+          return;
+        }
+
+        if (result?.then) {
+          // promise
+          result
+            .then((promiseResult: unknown) =>
+              handleResponse(resultHandler, req, res, promiseResult, start)
+            )
+            .catch((e: any) => handleException(e, method, path, res));
+        } else {
+          handleResponse(resultHandler, req, res, result, start);
         }
-    );
+      } catch (e) {
+        handleException(e, method, path, res);
+      }
+    }
+  );
 }
 
 function handleResponse(
-    resultHandler: ApiResultHandler,
-    req: express.Request,
-    res: express.Response,
-    result: unknown,
-    start: number
+  resultHandler: ApiResultHandler,
+  req: express.Request,
+  res: express.Response,
+  result: unknown,
+  start: number
 ) {
-    const responseLength = resultHandler(req, res, result);
+  const responseLength = resultHandler(req, res, result);
 
-    log.request(req, res, Date.now() - start, responseLength);
+  log.request(req, res, Date.now() - start, responseLength);
 }
 
 function handleException(
-    e: any,
-    method: HttpMethod,
-    path: string,
-    res: express.Response
+  e: any,
+  method: HttpMethod,
+  path: string,
+  res: express.Response
 ) {
-    log.error(
-        `${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`
-    );
+  log.error(
+    `${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`
+  );
 
-    if (e instanceof ValidationError) {
-        res.status(400).json({
-            message: e.message,
-        });
-    } else if (e instanceof NotFoundError) {
-        res.status(404).json({
-            message: e.message,
-        });
-    } else {
-        res.status(500).json({
-            message: e.message,
-        });
-    }
+  if (e instanceof ValidationError) {
+    res.status(400).json({
+      message: e.message,
+    });
+  } else if (e instanceof NotFoundError) {
+    res.status(404).json({
+      message: e.message,
+    });
+  } else {
+    res.status(500).json({
+      message: e.message,
+    });
+  }
 }
 
 function createUploadMiddleware() {
-    const multerOptions: multer.Options = {
-        fileFilter: (req: express.Request, file, cb) => {
-            // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
-            // See https://github.com/expressjs/multer/pull/1102.
-            file.originalname = Buffer.from(
-                file.originalname,
-                "latin1"
-            ).toString("utf-8");
-            cb(null, true);
-        },
-    };
+  const multerOptions: multer.Options = {
+    fileFilter: (req: express.Request, file, cb) => {
+      // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
+      // See https://github.com/expressjs/multer/pull/1102.
+      file.originalname = Buffer.from(file.originalname, "latin1").toString(
+        "utf-8"
+      );
+      cb(null, true);
+    },
+  };
 
-    if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
-        multerOptions.limits = {
-            fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024,
-        };
-    }
+  if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
+    multerOptions.limits = {
+      fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024,
+    };
+  }
 
-    return multer(multerOptions).single("upload");
+  return multer(multerOptions).single("upload");
 }
 
 export = {
-    register,
+  register,
 };
diff --git a/src/services/encryption/recovery_codes.ts b/src/services/encryption/recovery_codes.ts
new file mode 100644
index 0000000000..9718285336
--- /dev/null
+++ b/src/services/encryption/recovery_codes.ts
@@ -0,0 +1,86 @@
+"use strict";
+
+import sql = require("../sql");
+import optionService = require("../options");
+import crypto = require("crypto");
+
+function isRecoveryCodeSet() {
+  return optionService.getOptionBool("encryptedRecoveryCodes");
+}
+
+function setRecoveryCodes(recoveryCodes: string) {
+  const iv = crypto.randomBytes(16);
+  const securityKey = crypto.randomBytes(32);
+  const cipher = crypto.createCipheriv("aes-256-cbc", securityKey, iv);
+  let encryptedRecoveryCodes = cipher.update(recoveryCodes, "utf-8", "hex");
+
+  sql.transactional(() => {
+    optionService.createOption(
+      "recoveryCodeInitialVector",
+      iv.toString("hex"),
+      true
+    );
+    optionService.createOption(
+      "recoveryCodeSecurityKey",
+      securityKey.toString("hex"),
+      true
+    );
+    optionService.createOption(
+      "recoveryCodesEncrypted",
+      encryptedRecoveryCodes + cipher.final("hex"),
+      true
+    );
+    optionService.createOption("encryptedRecoveryCodes", "true", true);
+    return true;
+  });
+  return false;
+}
+
+function verifyRecoveryCode(recoveryCodeGuess: string) {
+  if (!isRecoveryCodeSet()) {
+    throw new Error(
+      "Recovery codes have not been set yet, so it cannot be changed. Use 'setRecoveryCodes' instead."
+    );
+  }
+
+  sql.transactional(() => {
+    const iv = Buffer.from(
+      optionService.getOption("recoveryCodeInitialVector"),
+      "hex"
+    );
+    const securityKey = Buffer.from(
+      optionService.getOption("recoveryCodeSecurityKey"),
+      "hex"
+    );
+    const encryptedRecoveryCodes = optionService.getOption(
+      "recoveryCodesEncrypted"
+    );
+
+    const decipher = crypto.createDecipheriv("aes-256-cbc", securityKey, iv);
+    const decryptedData = decipher.update(
+      encryptedRecoveryCodes,
+      "hex",
+      "utf-8"
+    );
+    const finalOutput = JSON.parse(decryptedData + decipher.final("utf-8"));
+
+    console.log(
+      "Verifying [" + recoveryCodeGuess + "] {" + typeof recoveryCodeGuess + "}"
+    );
+    console.log("against " + JSON.stringify(finalOutput));
+
+    for (var a in finalOutput) {
+      console.log(finalOutput[a] + ": " + typeof finalOutput[a]);
+      if (recoveryCodeGuess === finalOutput[a]) {
+        return true;
+      }
+    }
+  });
+  return false;
+}
+
+function updateRecoveryCodes() {
+  // TODO: Remove used recovery code and reset
+}
+
+export = { setRecoveryCodes, verifyRecoveryCode };

From 8997eb57cae0b9e0f78246b8976392f06d55c9aa Mon Sep 17 00:00:00 2001
From: Chesspro13 <brandon@mauldin314.com>
Date: Thu, 9 May 2024 15:16:28 -0700
Subject: [PATCH 11/63] Updated api to pull codes from the server

---
 .../options/multi_factor_authentication.js    |  327 ++-
 src/routes/api/recovery_codes.ts              |   38 +-
 src/routes/routes.ts                          | 2151 +++++++++--------
 src/services/encryption/recovery_codes.ts     |  132 +-
 4 files changed, 1406 insertions(+), 1242 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 14f687c8c2..c5c1cc86a8 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -34,138 +34,215 @@ const TPL = `
         <button class="save-totp" disabled="true"> Save TOTP Secret </button>
       </div>
   </div>
+  <br>
+  <h4> Generate TOTP Secret </h4>
+  <div>
+      <span class="totp-secret" >  </span>
+      <br>
+      <button class="regenerate-totp" disabled="true"> Regenerate TOTP Secret </button>
+  </div>
+  <br>
+  <h4> Recovery Keys </h4>
+  <div>
+    <span >Recovery keys are used to login in the event you cannot access your Authenticator codes. Keep them somewhere safe and secure. </span>
+    <br><br>
+    <span class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">After a recovery key is used it cannot be used again.</span>
+    <br><br>
+      <table style="border: 0px solid white">
+        <tbody>
+        <tr>
+        <td class="key_0">Recover Key 1</td>
+        <td style="width: 20px" />
+        <td class="key_1">Recover Key 2</td>
+        </tr>
+        <tr>
+        <td class="key_2">Recover Key 3</td>
+        <td />
+        <td class="key_3">Recover Key 4</td>
+        </tr>
+        <tr>
+        <td class="key_4">Recover Key 5</td>
+        <td />
+        <td class="key_5">Recover Key 6</td>
+        </tr>
+        <tr>
+        <td class="key_6">Recover Key 7</td>
+        <td />
+        <td class="key_7">Recover Key 8</td>
+        </tr>
+        </tbody>
+    </table>
     <br>
- <h4> Generate TOTP Secret </h4>
-    <div>
-        <span class="totp-secret" >  </span>
-        <br>
-        <button class="regenerate-totp" disabled="true"> Regenerate TOTP Secret </button>
-    </div>
+      <button class="regenerate-totp" disabled="true"> Generate Recovery Keys </button>
+  </div>
 </div>`;
 
 export default class MultiFactorAuthenticationOptions extends OptionsWidget {
-  doRender() {
-    this.$widget = $(TPL);
-
-    this.$mfaHeadding = this.$widget.find(".mfa-heading");
-    this.$regenerateTotpButton = this.$widget.find(".regenerate-totp");
-    this.$totpEnabled = this.$widget.find(".totp-enabled");
-    this.$totpSecret = this.$widget.find(".totp-secret");
-    this.$totpSecretInput = this.$widget.find(".totp-secret-input");
-    this.$saveTotpButton = this.$widget.find(".save-totp");
-    this.$password = this.$widget.find(".password");
-
-    this.$mfaHeadding.text("Time-Based One Time Password (TOTP)");
-    this.generateKey();
-
-    this.$totpEnabled.on("change", async () => {
-      this.updateSecret();
-    });
-
-    this.$regenerateTotpButton.on("click", async () => {
-      this.generateKey();
-    });
-
-    this.$saveTotpButton.on("click", async () => {
-      this.saveTotpSecret();
-    });
-
-    this.$protectedSessionTimeout = this.$widget.find(
-      ".protected-session-timeout-in-seconds"
-    );
-    this.$protectedSessionTimeout.on("change", () =>
-      this.updateOption(
-        "protectedSessionTimeout",
-        this.$protectedSessionTimeout.val()
-      )
-    );
-  }
-
-  async updateSecret() {
-    if (this.$totpEnabled.prop("checked")) server.post("totp/enable");
-    else server.post("totp/disable");
-  }
-
-  async generateKey() {
-    // DEBUG ONLY
-    const recoveryCodes = {
-      code1: "testCode1",
-      code2: "testCode2",
-      code3: "testCode3",
-    };
-
-    server.post("totp_recovery/set", {
-      recoveryCodes: JSON.stringify(recoveryCodes),
-    });
-
-    server
-      .post("totp_recovery/verify", { recovery_code_guess: "testCode2" })
-      .then((result) => {
-        console.log(result);
-        if (result.success) {
-          toastService.showError("VALID");
-        } else {
-          toastService.showError("INVALID");
-        }
-      });
-
-    server.get("totp/generate").then((result) => {
-      if (result.success) {
-        this.$totpSecret.text(result.message);
-      } else {
-        toastService.showError(result.message);
-      }
-    });
-  }
-
-  optionsLoaded(options) {
-    server.get("totp/enabled").then((result) => {
-      if (result.success) {
-        this.$totpEnabled.prop("checked", result.message);
-        this.$totpSecretInput.prop("disabled", !result.message);
-        this.$saveTotpButton.prop("disabled", !result.message);
-        this.$totpSecret.prop("disapbled", !result.message);
-        this.$regenerateTotpButton.prop("disabled", !result.message);
-        this.$password.prop("disabled", !result.message);
-      } else {
-        toastService.showError(result.message);
-      }
-    });
-
-    this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
-  }
-
-  saveTotpSecret() {
-    const key = this.$totpSecretInput.val();
-    const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
-
-    if (key.length != 52) {
-      toastService.showError("Invalid Secret", 2000);
-      return;
+    doRender() {
+        this.$widget = $(TPL);
+
+        this.$mfaHeadding = this.$widget.find(".mfa-heading");
+        this.$regenerateTotpButton = this.$widget.find(".regenerate-totp");
+        this.$totpEnabled = this.$widget.find(".totp-enabled");
+        this.$totpSecret = this.$widget.find(".totp-secret");
+        this.$totpSecretInput = this.$widget.find(".totp-secret-input");
+        this.$saveTotpButton = this.$widget.find(".save-totp");
+        this.$password = this.$widget.find(".password");
+        this.$recoveryKeys = [];
+
+        for (let i = 0; i < 8; i++)
+            this.$recoveryKeys.push(this.$widget.find(".key_" + i));
+        this.setRecoveryKeys();
+
+        this.$mfaHeadding.text("Time-Based One Time Password (TOTP)");
+        this.generateKey();
+
+        this.$totpEnabled.on("change", async () => {
+            this.updateSecret();
+        });
+
+        this.$regenerateTotpButton.on("click", async () => {
+            this.generateKey();
+        });
+
+        this.$saveTotpButton.on("click", async () => {
+            this.saveTotpSecret();
+        });
+
+        this.$protectedSessionTimeout = this.$widget.find(
+            ".protected-session-timeout-in-seconds"
+        );
+        this.$protectedSessionTimeout.on("change", () =>
+            this.updateOption(
+                "protectedSessionTimeout",
+                this.$protectedSessionTimeout.val()
+            )
+        );
     }
-    if (regex.test(key)) {
-      toastService.showError("Invalid Secret", 2000);
-      return;
+
+    async updateSecret() {
+        if (this.$totpEnabled.prop("checked")) server.post("totp/enable");
+        else server.post("totp/disable");
     }
 
-    server
-      .post("totp/set", {
-        secret: this.$totpSecretInput.val(),
-        password: this.$password.val(),
-      })
-      .then((result) => {
-        if (result.success) {
-          toastService.showError(
-            "Password has been changed. Trilium will be reloaded after you press OK."
-          );
-
-          // password changed so current protected session is invalid and needs to be cleared
-          protectedSessionHolder.resetProtectedSession();
-        } else {
-          toastService.showError(result.message);
+    async setRecoveryKeys() {
+        server.get("totp_recovery/enabled").then((result) => {
+            console.log(result);
+            if (!result.success) {
+                this.keyFiller(Array(8).fill("Error fetching recovery key!"));
+                return;
+            }
+
+            if (!result.keysExist) {
+                this.keyFiller(Array(8).fill("No key set"));
+                return;
+            }
+
+            this.keyFiller(Array(8).fill("Key set. Cannot view."));
+        });
+
+        server.get("totp_recovery/generate").then((result) => {
+            if (!result.success) {
+                toastService.showError("Error in revevery code generation!");
+                return;
+            }
+
+            server.post("totp_recovery/set", {
+                recoveryCodes: JSON.stringify(result.recoveryCodes),
+            });
+        });
+    }
+
+    async keyFiller(values) {
+        console.log(values);
+        for (let i = 0; i < 8; i++) this.$recoveryKeys[i].text(values[i]);
+    }
+
+    async generateKey() {
+        // // DEBUG ONLY
+        // const recoveryCodes = server
+        //     .get("totp_recovery/generate")
+        //     .then((result) => {
+        //         if (!result.success) {
+        //             toastService.showError(
+        //                 "Error in revevery code generation!"
+        //             );
+        //             return;
+        //         }
+
+        //         server.post("totp_recovery/set", {
+        //             recoveryCodes: JSON.stringify(result.recoveryCodes),
+        //         });
+        //     });
+
+        // // DEBUG ONLY
+        // server
+        //     .post("totp_recovery/verify", { recovery_code_guess: "testCode2" })
+        //     .then((result) => {
+        //         if (result.success) {
+        //             toastService.showError("VALID");
+        //         } else {
+        //             toastService.showError("INVALID");
+        //         }
+        //     });
+
+        server.get("totp/generate").then((result) => {
+            if (result.success) {
+                this.$totpSecret.text(result.message);
+            } else {
+                toastService.showError(result.message);
+            }
+        });
+    }
+
+    optionsLoaded(options) {
+        server.get("totp/enabled").then((result) => {
+            if (result.success) {
+                this.$totpEnabled.prop("checked", result.message);
+                this.$totpSecretInput.prop("disabled", !result.message);
+                this.$saveTotpButton.prop("disabled", !result.message);
+                this.$totpSecret.prop("disapbled", !result.message);
+                this.$regenerateTotpButton.prop("disabled", !result.message);
+                this.$password.prop("disabled", !result.message);
+            } else {
+                toastService.showError(result.message);
+            }
+        });
+
+        this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
+    }
+
+    saveTotpSecret() {
+        const key = this.$totpSecretInput.val();
+        const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
+
+        if (key.length != 52) {
+            toastService.showError("Invalid Secret", 2000);
+            return;
+        }
+        if (regex.test(key)) {
+            toastService.showError("Invalid Secret", 2000);
+            return;
         }
-      });
 
-    return false;
-  }
+        server
+            .post("totp/set", {
+                secret: this.$totpSecretInput.val(),
+                password: this.$password.val(),
+            })
+            .then((result) => {
+                if (result.success) {
+                    toastService.showError(
+                        "Password has been changed. Trilium will be reloaded after you press OK."
+                    );
+
+                    // password changed so current protected session is invalid and needs to be cleared
+                    protectedSessionHolder.resetProtectedSession();
+                } else {
+                    toastService.showError(result.message);
+                }
+            });
+
+        return false;
+    }
 }
diff --git a/src/routes/api/recovery_codes.ts b/src/routes/api/recovery_codes.ts
index d99fef99a5..c2f7b9babe 100644
--- a/src/routes/api/recovery_codes.ts
+++ b/src/routes/api/recovery_codes.ts
@@ -1,22 +1,40 @@
 import recovery_codes = require("../../services/encryption/recovery_codes");
 import { Request } from "express";
+import { randomBytes } from "crypto";
 
 function setRecoveryCodes(req: Request) {
-  const success = recovery_codes.setRecoveryCodes(req.body.recoveryCodes);
-  return { success: success, message: "Recovery codes set!" };
+    const success = recovery_codes.setRecoveryCodes(req.body.recoveryCodes);
+    return { success: success, message: "Recovery codes set!" };
 }
 
 function veryifyRecoveryCode(req: Request) {
-  const success = recovery_codes.verifyRecoveryCode(
-    req.body.recovery_code_guess
-  );
+    const success = recovery_codes.verifyRecoveryCode(
+        req.body.recovery_code_guess
+    );
 
-  if (success) {
-    // Reset password?
-  }
+    if (success) {
+        // Reset password?
+        return { success: "true" };
+    }
+}
+
+function checkForRecoveryKeys() {
+    return { success: true, keysExist: false };
+}
+
+function generateRecoveryCodes() {
+    const recoveryCodes = {
+        code1: randomBytes(16).toString("base64"),
+        code2: randomBytes(16).toString("base64"),
+        code3: randomBytes(16).toString("base64"),
+    };
+
+    return { success: true, recoveryCodes: JSON.stringify(recoveryCodes) };
 }
 
 export = {
-  setRecoveryCodes,
-  veryifyRecoveryCode,
+    setRecoveryCodes,
+    generateRecoveryCodes,
+    veryifyRecoveryCode,
+    checkForRecoveryKeys,
 };
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index c49ab566a4..7cda890b57 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -75,1114 +75,1175 @@ import etapiBackupRoute = require("../etapi/backup");
 import { AppRequest, AppRequestHandler } from "./route-interface";
 
 const csrfMiddleware = csurf({
-  cookie: {
-    path: "", // empty, so cookie is valid only for the current path
-  },
+    cookie: {
+        path: "", // empty, so cookie is valid only for the current path
+    },
 });
 
 const MAX_ALLOWED_FILE_SIZE_MB = 250;
 const GET = "get",
-  PST = "post",
-  PUT = "put",
-  PATCH = "patch",
-  DEL = "delete";
+    PST = "post",
+    PUT = "put",
+    PATCH = "patch",
+    DEL = "delete";
 
 type ApiResultHandler = (
-  req: express.Request,
-  res: express.Response,
-  result: unknown
+    req: express.Request,
+    res: express.Response,
+    result: unknown
 ) => number;
 
 // TODO: Deduplicate with etapi_utils.ts afterwards.
 type HttpMethod =
-  | "all"
-  | "get"
-  | "post"
-  | "put"
-  | "delete"
-  | "patch"
-  | "options"
-  | "head";
+    | "all"
+    | "get"
+    | "post"
+    | "put"
+    | "delete"
+    | "patch"
+    | "options"
+    | "head";
 
 const uploadMiddleware = createUploadMiddleware();
 
 const uploadMiddlewareWithErrorHandling = function (
-  req: express.Request,
-  res: express.Response,
-  next: express.NextFunction
+    req: express.Request,
+    res: express.Response,
+    next: express.NextFunction
 ) {
-  uploadMiddleware(req, res, function (err) {
-    if (err?.code === "LIMIT_FILE_SIZE") {
-      res
-        .setHeader("Content-Type", "text/plain")
-        .status(400)
-        .send(
-          `Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`
-        );
-    } else {
-      next();
-    }
-  });
+    uploadMiddleware(req, res, function (err) {
+        if (err?.code === "LIMIT_FILE_SIZE") {
+            res.setHeader("Content-Type", "text/plain")
+                .status(400)
+                .send(
+                    `Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`
+                );
+        } else {
+            next();
+        }
+    });
 };
 
 function register(app: express.Application) {
-  route(GET, "/", [auth.checkAuth, csrfMiddleware], indexRoute.index);
-  route(
-    GET,
-    "/login",
-    [auth.checkAppInitialized, auth.checkPasswordSet],
-    loginRoute.loginPage
-  );
-  route(
-    GET,
-    "/set-password",
-    [auth.checkAppInitialized, auth.checkPasswordNotSet],
-    loginRoute.setPasswordPage
-  );
-
-  const loginRateLimiter = rateLimit.rateLimit({
-    windowMs: 15 * 60 * 1000, // 15 minutes
-    max: 10, // limit each IP to 10 requests per windowMs
-    skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
-  });
-
-  route(PST, "/login", [loginRateLimiter], loginRoute.login);
-  route(PST, "/logout", [csrfMiddleware, auth.checkAuth], loginRoute.logout);
-  route(
-    PST,
-    "/set-password",
-    [auth.checkAppInitialized, auth.checkPasswordNotSet],
-    loginRoute.setPassword
-  );
-  route(GET, "/setup", [], setupRoute.setupPage);
-
-  apiRoute(GET, "/api/totp/generate", totp.generateSecret);
-  apiRoute(GET, "/api/totp/enabled", totp.checkForTOTP);
-  apiRoute(PST, "/api/totp/enable", totp.enableTOTP);
-  apiRoute(PST, "/api/totp/disable", totp.disableTOTP);
-  apiRoute(PST, "/api/totp/set", totp.setTotpSecret);
-  apiRoute(GET, "/api/totp/get", totp.getSecret);
-
-  apiRoute(PST, "/api/totp_recovery/set", recoveryCodes.setRecoveryCodes);
-  apiRoute(PST, "/api/totp_recovery/verify", recoveryCodes.veryifyRecoveryCode);
-
-  apiRoute(GET, "/api/tree", treeApiRoute.getTree);
-  apiRoute(PST, "/api/tree/load", treeApiRoute.load);
-
-  apiRoute(GET, "/api/notes/:noteId", notesApiRoute.getNote);
-  apiRoute(GET, "/api/notes/:noteId/blob", notesApiRoute.getNoteBlob);
-  apiRoute(GET, "/api/notes/:noteId/metadata", notesApiRoute.getNoteMetadata);
-  apiRoute(PUT, "/api/notes/:noteId/data", notesApiRoute.updateNoteData);
-  apiRoute(DEL, "/api/notes/:noteId", notesApiRoute.deleteNote);
-  apiRoute(PUT, "/api/notes/:noteId/undelete", notesApiRoute.undeleteNote);
-  apiRoute(PST, "/api/notes/:noteId/revision", notesApiRoute.forceSaveRevision);
-  apiRoute(PST, "/api/notes/:parentNoteId/children", notesApiRoute.createNote);
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/sort-children",
-    notesApiRoute.sortChildNotes
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/protect/:isProtected",
-    notesApiRoute.protectNote
-  );
-  apiRoute(PUT, "/api/notes/:noteId/type", notesApiRoute.setNoteTypeMime);
-  apiRoute(PUT, "/api/notes/:noteId/title", notesApiRoute.changeTitle);
-  apiRoute(
-    PST,
-    "/api/notes/:noteId/duplicPOSTate/:parentNoteId",
-    notesApiRoute.duplicateSubtree
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/clone-to-branch/:parentBranchId",
-    cloningApiRoute.cloneNoteToBranch
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present",
-    cloningApiRoute.toggleNoteInParent
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/clone-to-note/:parentNoteId",
-    cloningApiRoute.cloneNoteToParentNote
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/clone-after/:afterBranchId",
-    cloningApiRoute.cloneNoteAfter
-  );
-  route(
-    PUT,
-    "/api/notes/:noteId/file",
-    [
-      auth.checkApiAuthOrElectron,
-      uploadMiddlewareWithErrorHandling,
-      csrfMiddleware,
-    ],
-    filesRoute.updateFile,
-    apiResultHandler
-  );
-  route(
-    GET,
-    "/api/notes/:noteId/open",
-    [auth.checkApiAuthOrElectron],
-    filesRoute.openFile
-  );
-  route(
-    GET,
-    "/api/notes/:noteId/open-partial",
-    [auth.checkApiAuthOrElectron],
-    createPartialContentHandler(filesRoute.fileContentProvider, {
-      debug: (string, extra) => {
-        console.log(string, extra);
-      },
-    })
-  );
-  route(
-    GET,
-    "/api/notes/:noteId/download",
-    [auth.checkApiAuthOrElectron],
-    filesRoute.downloadFile
-  );
-  // this "hacky" path is used for easier referencing of CSS resources
-  route(
-    GET,
-    "/api/notes/download/:noteId",
-    [auth.checkApiAuthOrElectron],
-    filesRoute.downloadFile
-  );
-  apiRoute(
-    PST,
-    "/api/notes/:noteId/save-to-tmp-dir",
-    filesRoute.saveNoteToTmpDir
-  );
-  apiRoute(
-    PST,
-    "/api/notes/:noteId/upload-modified-file",
-    filesRoute.uploadModifiedFileToNote
-  );
-  apiRoute(
-    PST,
-    "/api/notes/:noteId/convert-to-attachment",
-    notesApiRoute.convertNoteToAttachment
-  );
-
-  apiRoute(
-    PUT,
-    "/api/branches/:branchId/move-to/:parentBranchId",
-    branchesApiRoute.moveBranchToParent
-  );
-  apiRoute(
-    PUT,
-    "/api/branches/:branchId/move-before/:beforeBranchId",
-    branchesApiRoute.moveBranchBeforeNote
-  );
-  apiRoute(
-    PUT,
-    "/api/branches/:branchId/move-after/:afterBranchId",
-    branchesApiRoute.moveBranchAfterNote
-  );
-  apiRoute(
-    PUT,
-    "/api/branches/:branchId/expanded/:expanded",
-    branchesApiRoute.setExpanded
-  );
-  apiRoute(
-    PUT,
-    "/api/branches/:branchId/expanded-subtree/:expanded",
-    branchesApiRoute.setExpandedForSubtree
-  );
-  apiRoute(DEL, "/api/branches/:branchId", branchesApiRoute.deleteBranch);
-  apiRoute(
-    PUT,
-    "/api/branches/:branchId/set-prefix",
-    branchesApiRoute.setPrefix
-  );
-
-  apiRoute(
-    GET,
-    "/api/notes/:noteId/attachments",
-    attachmentsApiRoute.getAttachments
-  );
-  apiRoute(
-    PST,
-    "/api/notes/:noteId/attachments",
-    attachmentsApiRoute.saveAttachment
-  );
-  route(
-    PST,
-    "/api/notes/:noteId/attachments/upload",
-    [
-      auth.checkApiAuthOrElectron,
-      uploadMiddlewareWithErrorHandling,
-      csrfMiddleware,
-    ],
-    attachmentsApiRoute.uploadAttachment,
-    apiResultHandler
-  );
-  apiRoute(
-    GET,
-    "/api/attachments/:attachmentId",
-    attachmentsApiRoute.getAttachment
-  );
-  apiRoute(
-    GET,
-    "/api/attachments/:attachmentId/all",
-    attachmentsApiRoute.getAllAttachments
-  );
-  apiRoute(
-    PST,
-    "/api/attachments/:attachmentId/convert-to-note",
-    attachmentsApiRoute.convertAttachmentToNote
-  );
-  apiRoute(
-    DEL,
-    "/api/attachments/:attachmentId",
-    attachmentsApiRoute.deleteAttachment
-  );
-  apiRoute(
-    PUT,
-    "/api/attachments/:attachmentId/rename",
-    attachmentsApiRoute.renameAttachment
-  );
-  apiRoute(
-    GET,
-    "/api/attachments/:attachmentId/blob",
-    attachmentsApiRoute.getAttachmentBlob
-  );
-  route(
-    GET,
-    "/api/attachments/:attachmentId/image/:filename",
-    [auth.checkApiAuthOrElectron],
-    imageRoute.returnAttachedImage
-  );
-  route(
-    GET,
-    "/api/attachments/:attachmentId/open",
-    [auth.checkApiAuthOrElectron],
-    filesRoute.openAttachment
-  );
-  route(
-    GET,
-    "/api/attachments/:attachmentId/open-partial",
-    [auth.checkApiAuthOrElectron],
-    createPartialContentHandler(filesRoute.attachmentContentProvider, {
-      debug: (string, extra) => {
-        console.log(string, extra);
-      },
-    })
-  );
-  route(
-    GET,
-    "/api/attachments/:attachmentId/download",
-    [auth.checkApiAuthOrElectron],
-    filesRoute.downloadAttachment
-  );
-  // this "hacky" path is used for easier referencing of CSS resources
-  route(
-    GET,
-    "/api/attachments/download/:attachmentId",
-    [auth.checkApiAuthOrElectron],
-    filesRoute.downloadAttachment
-  );
-  apiRoute(
-    PST,
-    "/api/attachments/:attachmentId/save-to-tmp-dir",
-    filesRoute.saveAttachmentToTmpDir
-  );
-  apiRoute(
-    PST,
-    "/api/attachments/:attachmentId/upload-modified-file",
-    filesRoute.uploadModifiedFileToAttachment
-  );
-  route(
-    PUT,
-    "/api/attachments/:attachmentId/file",
-    [
-      auth.checkApiAuthOrElectron,
-      uploadMiddlewareWithErrorHandling,
-      csrfMiddleware,
-    ],
-    filesRoute.updateAttachment,
-    apiResultHandler
-  );
-
-  apiRoute(GET, "/api/notes/:noteId/revisions", revisionsApiRoute.getRevisions);
-  apiRoute(
-    DEL,
-    "/api/notes/:noteId/revisions",
-    revisionsApiRoute.eraseAllRevisions
-  );
-  apiRoute(GET, "/api/revisions/:revisionId", revisionsApiRoute.getRevision);
-  apiRoute(
-    GET,
-    "/api/revisions/:revisionId/blob",
-    revisionsApiRoute.getRevisionBlob
-  );
-  apiRoute(DEL, "/api/revisions/:revisionId", revisionsApiRoute.eraseRevision);
-  apiRoute(
-    PST,
-    "/api/revisions/:revisionId/restore",
-    revisionsApiRoute.restoreRevision
-  );
-  route(
-    GET,
-    "/api/revisions/:revisionId/image/:filename",
-    [auth.checkApiAuthOrElectron],
-    imageRoute.returnImageFromRevision
-  );
-
-  route(
-    GET,
-    "/api/revisions/:revisionId/download",
-    [auth.checkApiAuthOrElectron],
-    revisionsApiRoute.downloadRevision
-  );
-
-  route(
-    GET,
-    "/api/branches/:branchId/export/:type/:format/:version/:taskId",
-    [auth.checkApiAuthOrElectron],
-    exportRoute.exportBranch
-  );
-  route(
-    PST,
-    "/api/notes/:parentNoteId/notes-import",
-    [
-      auth.checkApiAuthOrElectron,
-      uploadMiddlewareWithErrorHandling,
-      csrfMiddleware,
-    ],
-    importRoute.importNotesToBranch,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/notes/:parentNoteId/attachments-import",
-    [
-      auth.checkApiAuthOrElectron,
-      uploadMiddlewareWithErrorHandling,
-      csrfMiddleware,
-    ],
-    importRoute.importAttachmentsToNote,
-    apiResultHandler
-  );
-
-  apiRoute(
-    GET,
-    "/api/notes/:noteId/attributes",
-    attributesRoute.getEffectiveNoteAttributes
-  );
-  apiRoute(
-    PST,
-    "/api/notes/:noteId/attributes",
-    attributesRoute.addNoteAttribute
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/attributes",
-    attributesRoute.updateNoteAttributes
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/attribute",
-    attributesRoute.updateNoteAttribute
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/set-attribute",
-    attributesRoute.setNoteAttribute
-  );
-  apiRoute(
-    PUT,
-    "/api/notes/:noteId/relations/:name/to/:targetNoteId",
-    attributesRoute.createRelation
-  );
-  apiRoute(
-    DEL,
-    "/api/notes/:noteId/relations/:name/to/:targetNoteId",
-    attributesRoute.deleteRelation
-  );
-  apiRoute(
-    DEL,
-    "/api/notes/:noteId/attributes/:attributeId",
-    attributesRoute.deleteNoteAttribute
-  );
-  apiRoute(GET, "/api/attribute-names", attributesRoute.getAttributeNames);
-  apiRoute(
-    GET,
-    "/api/attribute-values/:attributeName",
-    attributesRoute.getValuesForAttribute
-  );
-
-  // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
-  route(
-    GET,
-    "/api/images/:noteId/:filename",
-    [auth.checkApiAuthOrElectron],
-    imageRoute.returnImageFromNote
-  );
-  route(
-    PUT,
-    "/api/images/:noteId",
-    [
-      auth.checkApiAuthOrElectron,
-      uploadMiddlewareWithErrorHandling,
-      csrfMiddleware,
-    ],
-    imageRoute.updateImage,
-    apiResultHandler
-  );
-
-  apiRoute(GET, "/api/options", optionsApiRoute.getOptions);
-  // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
-  apiRoute(PUT, "/api/options/:name/:value*", optionsApiRoute.updateOption);
-  apiRoute(PUT, "/api/options", optionsApiRoute.updateOptions);
-  apiRoute(GET, "/api/options/user-themes", optionsApiRoute.getUserThemes);
-
-  apiRoute(PST, "/api/password/change", passwordApiRoute.changePassword);
-  apiRoute(PST, "/api/password/reset", passwordApiRoute.resetPassword);
-
-  apiRoute(PST, "/api/sync/test", syncApiRoute.testSync);
-  apiRoute(PST, "/api/sync/now", syncApiRoute.syncNow);
-  apiRoute(
-    PST,
-    "/api/sync/fill-entity-changes",
-    syncApiRoute.fillEntityChanges
-  );
-  apiRoute(PST, "/api/sync/force-full-sync", syncApiRoute.forceFullSync);
-  route(
-    GET,
-    "/api/sync/check",
-    [auth.checkApiAuth],
-    syncApiRoute.checkSync,
-    apiResultHandler
-  );
-  route(
-    GET,
-    "/api/sync/changed",
-    [auth.checkApiAuth],
-    syncApiRoute.getChanged,
-    apiResultHandler
-  );
-  route(
-    PUT,
-    "/api/sync/update",
-    [auth.checkApiAuth],
-    syncApiRoute.update,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/sync/finished",
-    [auth.checkApiAuth],
-    syncApiRoute.syncFinished,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/sync/check-entity-changes",
-    [auth.checkApiAuth],
-    syncApiRoute.checkEntityChanges,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/sync/queue-sector/:entityName/:sector",
-    [auth.checkApiAuth],
-    syncApiRoute.queueSector,
-    apiResultHandler
-  );
-  route(GET, "/api/sync/stats", [], syncApiRoute.getStats, apiResultHandler);
-
-  apiRoute(PST, "/api/recent-notes", recentNotesRoute.addRecentNote);
-  apiRoute(GET, "/api/app-info", appInfoRoute.getAppInfo);
-
-  // docker health check
-  route(
-    GET,
-    "/api/health-check",
-    [],
-    () => ({ status: "ok" }),
-    apiResultHandler
-  );
-
-  // group of the services below are meant to be executed from the outside
-  route(
-    GET,
-    "/api/setup/status",
-    [],
-    setupApiRoute.getStatus,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/setup/new-document",
-    [auth.checkAppNotInitialized],
-    setupApiRoute.setupNewDocument,
-    apiResultHandler,
-    false
-  );
-  route(
-    PST,
-    "/api/setup/sync-from-server",
-    [auth.checkAppNotInitialized],
-    setupApiRoute.setupSyncFromServer,
-    apiResultHandler,
-    false
-  );
-  route(
-    GET,
-    "/api/setup/sync-seed",
-    [auth.checkCredentials],
-    setupApiRoute.getSyncSeed,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/setup/sync-seed",
-    [auth.checkAppNotInitialized],
-    setupApiRoute.saveSyncSeed,
-    apiResultHandler,
-    false
-  );
-
-  apiRoute(GET, "/api/autocomplete", autocompleteApiRoute.getAutocomplete);
-  apiRoute(GET, "/api/quick-search/:searchString", searchRoute.quickSearch);
-  apiRoute(GET, "/api/search-note/:noteId", searchRoute.searchFromNote);
-  apiRoute(
-    PST,
-    "/api/search-and-execute-note/:noteId",
-    searchRoute.searchAndExecute
-  );
-  apiRoute(PST, "/api/search-related", searchRoute.getRelatedNotes);
-  apiRoute(GET, "/api/search/:searchString", searchRoute.search);
-  apiRoute(GET, "/api/search-templates", searchRoute.searchTemplates);
-
-  apiRoute(PST, "/api/bulk-action/execute", bulkActionRoute.execute);
-  apiRoute(
-    PST,
-    "/api/bulk-action/affected-notes",
-    bulkActionRoute.getAffectedNoteCount
-  );
-
-  route(PST, "/api/login/sync", [], loginApiRoute.loginSync, apiResultHandler);
-  // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
-  apiRoute(PST, "/api/login/protected", loginApiRoute.loginToProtectedSession);
-  apiRoute(
-    PST,
-    "/api/login/protected/touch",
-    loginApiRoute.touchProtectedSession
-  );
-  apiRoute(
-    PST,
-    "/api/logout/protected",
-    loginApiRoute.logoutFromProtectedSession
-  );
-
-  route(
-    PST,
-    "/api/login/token",
-    [loginRateLimiter],
-    loginApiRoute.token,
-    apiResultHandler
-  );
-
-  apiRoute(GET, "/api/etapi-tokens", etapiTokensApiRoutes.getTokens);
-  apiRoute(PST, "/api/etapi-tokens", etapiTokensApiRoutes.createToken);
-  apiRoute(
-    PATCH,
-    "/api/etapi-tokens/:etapiTokenId",
-    etapiTokensApiRoutes.patchToken
-  );
-  apiRoute(
-    DEL,
-    "/api/etapi-tokens/:etapiTokenId",
-    etapiTokensApiRoutes.deleteToken
-  );
-
-  // in case of local electron, local calls are allowed unauthenticated, for server they need auth
-  const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
-
-  route(
-    GET,
-    "/api/clipper/handshake",
-    clipperMiddleware,
-    clipperRoute.handshake,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/clipper/clippings",
-    clipperMiddleware,
-    clipperRoute.addClipping,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/clipper/notes",
-    clipperMiddleware,
-    clipperRoute.createNote,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/clipper/open/:noteId",
-    clipperMiddleware,
-    clipperRoute.openNote,
-    apiResultHandler
-  );
-  route(
-    GET,
-    "/api/clipper/notes-by-url/:noteUrl",
-    clipperMiddleware,
-    clipperRoute.findNotesByUrl,
-    apiResultHandler
-  );
-
-  apiRoute(
-    GET,
-    "/api/special-notes/inbox/:date",
-    specialNotesRoute.getInboxNote
-  );
-  apiRoute(GET, "/api/special-notes/days/:date", specialNotesRoute.getDayNote);
-  apiRoute(
-    GET,
-    "/api/special-notes/weeks/:date",
-    specialNotesRoute.getWeekNote
-  );
-  apiRoute(
-    GET,
-    "/api/special-notes/months/:month",
-    specialNotesRoute.getMonthNote
-  );
-  apiRoute(
-    GET,
-    "/api/special-notes/years/:year",
-    specialNotesRoute.getYearNote
-  );
-  apiRoute(
-    GET,
-    "/api/special-notes/notes-for-month/:month",
-    specialNotesRoute.getDayNotesForMonth
-  );
-  apiRoute(
-    PST,
-    "/api/special-notes/sql-console",
-    specialNotesRoute.createSqlConsole
-  );
-  apiRoute(
-    PST,
-    "/api/special-notes/save-sql-console",
-    specialNotesRoute.saveSqlConsole
-  );
-  apiRoute(
-    PST,
-    "/api/special-notes/search-note",
-    specialNotesRoute.createSearchNote
-  );
-  apiRoute(
-    PST,
-    "/api/special-notes/save-search-note",
-    specialNotesRoute.saveSearchNote
-  );
-  apiRoute(
-    PST,
-    "/api/special-notes/launchers/:noteId/reset",
-    specialNotesRoute.resetLauncher
-  );
-  apiRoute(
-    PST,
-    "/api/special-notes/launchers/:parentNoteId/:launcherType",
-    specialNotesRoute.createLauncher
-  );
-  apiRoute(
-    PUT,
-    "/api/special-notes/api-script-launcher",
-    specialNotesRoute.createOrUpdateScriptLauncherFromApi
-  );
-
-  apiRoute(GET, "/api/sql/schema", sqlRoute.getSchema);
-  apiRoute(PST, "/api/sql/execute/:noteId", sqlRoute.execute);
-  route(
-    PST,
-    "/api/database/anonymize/:type",
-    [auth.checkApiAuthOrElectron, csrfMiddleware],
-    databaseRoute.anonymize,
-    apiResultHandler,
-    false
-  );
-  apiRoute(
-    GET,
-    "/api/database/anonymized-databases",
-    databaseRoute.getExistingAnonymizedDatabases
-  );
-
-  // backup requires execution outside of transaction
-  route(
-    PST,
-    "/api/database/backup-database",
-    [auth.checkApiAuthOrElectron, csrfMiddleware],
-    databaseRoute.backupDatabase,
-    apiResultHandler,
-    false
-  );
-  apiRoute(GET, "/api/database/backups", databaseRoute.getExistingBackups);
-
-  // VACUUM requires execution outside of transaction
-  route(
-    PST,
-    "/api/database/vacuum-database",
-    [auth.checkApiAuthOrElectron, csrfMiddleware],
-    databaseRoute.vacuumDatabase,
-    apiResultHandler,
-    false
-  );
-
-  route(
-    PST,
-    "/api/database/find-and-fix-consistency-issues",
-    [auth.checkApiAuthOrElectron, csrfMiddleware],
-    databaseRoute.findAndFixConsistencyIssues,
-    apiResultHandler,
-    false
-  );
-
-  apiRoute(GET, "/api/database/check-integrity", databaseRoute.checkIntegrity);
-
-  route(
-    PST,
-    "/api/script/exec",
-    [auth.checkApiAuth, csrfMiddleware],
-    scriptRoute.exec,
-    apiResultHandler,
-    false
-  );
-
-  apiRoute(PST, "/api/script/run/:noteId", scriptRoute.run);
-  apiRoute(GET, "/api/script/startup", scriptRoute.getStartupBundles);
-  apiRoute(GET, "/api/script/widgets", scriptRoute.getWidgetBundles);
-  apiRoute(PST, "/api/script/bundle/:noteId", scriptRoute.getBundle);
-  apiRoute(
-    GET,
-    "/api/script/relation/:noteId/:relationName",
-    scriptRoute.getRelationBundles
-  );
-
-  // no CSRF since this is called from android app
-  route(
-    PST,
-    "/api/sender/login",
-    [loginRateLimiter],
-    loginApiRoute.token,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/sender/image",
-    [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
-    senderRoute.uploadImage,
-    apiResultHandler
-  );
-  route(
-    PST,
-    "/api/sender/note",
-    [auth.checkEtapiToken],
-    senderRoute.saveNote,
-    apiResultHandler
-  );
-
-  apiRoute(GET, "/api/keyboard-actions", keysRoute.getKeyboardActions);
-  apiRoute(
-    GET,
-    "/api/keyboard-shortcuts-for-notes",
-    keysRoute.getShortcutsForNotes
-  );
-
-  apiRoute(PST, "/api/relation-map", relationMapApiRoute.getRelationMap);
-  apiRoute(
-    PST,
-    "/api/notes/erase-deleted-notes-now",
-    notesApiRoute.eraseDeletedNotesNow
-  );
-  apiRoute(
-    PST,
-    "/api/notes/erase-unused-attachments-now",
-    notesApiRoute.eraseUnusedAttachmentsNow
-  );
-  apiRoute(
-    GET,
-    "/api/similar-notes/:noteId",
-    similarNotesRoute.getSimilarNotes
-  );
-  apiRoute(GET, "/api/backend-log", backendLogRoute.getBackendLog);
-  apiRoute(GET, "/api/stats/note-size/:noteId", statsRoute.getNoteSize);
-  apiRoute(GET, "/api/stats/subtree-size/:noteId", statsRoute.getSubtreeSize);
-  apiRoute(
-    PST,
-    "/api/delete-notes-preview",
-    notesApiRoute.getDeleteNotesPreview
-  );
-  route(
-    GET,
-    "/api/fonts",
-    [auth.checkApiAuthOrElectron],
-    fontsRoute.getFontCss
-  );
-  apiRoute(GET, "/api/other/icon-usage", otherRoute.getIconUsage);
-  apiRoute(PST, "/api/other/render-markdown", otherRoute.renderMarkdown);
-  apiRoute(
-    GET,
-    "/api/recent-changes/:ancestorNoteId",
-    recentChangesApiRoute.getRecentChanges
-  );
-  apiRoute(
-    GET,
-    "/api/edited-notes/:date",
-    revisionsApiRoute.getEditedNotesOnDate
-  );
-
-  apiRoute(PST, "/api/note-map/:noteId/tree", noteMapRoute.getTreeMap);
-  apiRoute(PST, "/api/note-map/:noteId/link", noteMapRoute.getLinkMap);
-  apiRoute(
-    GET,
-    "/api/note-map/:noteId/backlink-count",
-    noteMapRoute.getBacklinkCount
-  );
-  apiRoute(GET, "/api/note-map/:noteId/backlinks", noteMapRoute.getBacklinks);
-
-  shareRoutes.register(router);
-
-  etapiAuthRoutes.register(router, [loginRateLimiter]);
-  etapiAppInfoRoutes.register(router);
-  etapiAttachmentRoutes.register(router);
-  etapiAttributeRoutes.register(router);
-  etapiBranchRoutes.register(router);
-  etapiNoteRoutes.register(router);
-  etapiSpecialNoteRoutes.register(router);
-  etapiSpecRoute.register(router);
-  etapiBackupRoute.register(router);
-
-  app.use("", router);
+    route(GET, "/", [auth.checkAuth, csrfMiddleware], indexRoute.index);
+    route(
+        GET,
+        "/login",
+        [auth.checkAppInitialized, auth.checkPasswordSet],
+        loginRoute.loginPage
+    );
+    route(
+        GET,
+        "/set-password",
+        [auth.checkAppInitialized, auth.checkPasswordNotSet],
+        loginRoute.setPasswordPage
+    );
+
+    const loginRateLimiter = rateLimit.rateLimit({
+        windowMs: 15 * 60 * 1000, // 15 minutes
+        max: 10, // limit each IP to 10 requests per windowMs
+        skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
+    });
+
+    route(PST, "/login", [loginRateLimiter], loginRoute.login);
+    route(PST, "/logout", [csrfMiddleware, auth.checkAuth], loginRoute.logout);
+    route(
+        PST,
+        "/set-password",
+        [auth.checkAppInitialized, auth.checkPasswordNotSet],
+        loginRoute.setPassword
+    );
+    route(GET, "/setup", [], setupRoute.setupPage);
+
+    apiRoute(GET, "/api/totp/generate", totp.generateSecret);
+    apiRoute(GET, "/api/totp/enabled", totp.checkForTOTP);
+    apiRoute(PST, "/api/totp/enable", totp.enableTOTP);
+    apiRoute(PST, "/api/totp/disable", totp.disableTOTP);
+    apiRoute(PST, "/api/totp/set", totp.setTotpSecret);
+    apiRoute(GET, "/api/totp/get", totp.getSecret);
+
+    apiRoute(PST, "/api/totp_recovery/set", recoveryCodes.setRecoveryCodes);
+    apiRoute(
+        PST,
+        "/api/totp_recovery/verify",
+        recoveryCodes.veryifyRecoveryCode
+    );
+    apiRoute(
+        GET,
+        "/api/totp_recovery/generate",
+        recoveryCodes.generateRecoveryCodes
+    );
+    apiRoute(
+        GET,
+        "/api/totp_recovery/enabled",
+        recoveryCodes.checkForRecoveryKeys
+    );
+
+    apiRoute(GET, "/api/tree", treeApiRoute.getTree);
+    apiRoute(PST, "/api/tree/load", treeApiRoute.load);
+
+    apiRoute(GET, "/api/notes/:noteId", notesApiRoute.getNote);
+    apiRoute(GET, "/api/notes/:noteId/blob", notesApiRoute.getNoteBlob);
+    apiRoute(GET, "/api/notes/:noteId/metadata", notesApiRoute.getNoteMetadata);
+    apiRoute(PUT, "/api/notes/:noteId/data", notesApiRoute.updateNoteData);
+    apiRoute(DEL, "/api/notes/:noteId", notesApiRoute.deleteNote);
+    apiRoute(PUT, "/api/notes/:noteId/undelete", notesApiRoute.undeleteNote);
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/revision",
+        notesApiRoute.forceSaveRevision
+    );
+    apiRoute(
+        PST,
+        "/api/notes/:parentNoteId/children",
+        notesApiRoute.createNote
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/sort-children",
+        notesApiRoute.sortChildNotes
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/protect/:isProtected",
+        notesApiRoute.protectNote
+    );
+    apiRoute(PUT, "/api/notes/:noteId/type", notesApiRoute.setNoteTypeMime);
+    apiRoute(PUT, "/api/notes/:noteId/title", notesApiRoute.changeTitle);
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/duplicPOSTate/:parentNoteId",
+        notesApiRoute.duplicateSubtree
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/clone-to-branch/:parentBranchId",
+        cloningApiRoute.cloneNoteToBranch
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present",
+        cloningApiRoute.toggleNoteInParent
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/clone-to-note/:parentNoteId",
+        cloningApiRoute.cloneNoteToParentNote
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/clone-after/:afterBranchId",
+        cloningApiRoute.cloneNoteAfter
+    );
+    route(
+        PUT,
+        "/api/notes/:noteId/file",
+        [
+            auth.checkApiAuthOrElectron,
+            uploadMiddlewareWithErrorHandling,
+            csrfMiddleware,
+        ],
+        filesRoute.updateFile,
+        apiResultHandler
+    );
+    route(
+        GET,
+        "/api/notes/:noteId/open",
+        [auth.checkApiAuthOrElectron],
+        filesRoute.openFile
+    );
+    route(
+        GET,
+        "/api/notes/:noteId/open-partial",
+        [auth.checkApiAuthOrElectron],
+        createPartialContentHandler(filesRoute.fileContentProvider, {
+            debug: (string, extra) => {
+                console.log(string, extra);
+            },
+        })
+    );
+    route(
+        GET,
+        "/api/notes/:noteId/download",
+        [auth.checkApiAuthOrElectron],
+        filesRoute.downloadFile
+    );
+    // this "hacky" path is used for easier referencing of CSS resources
+    route(
+        GET,
+        "/api/notes/download/:noteId",
+        [auth.checkApiAuthOrElectron],
+        filesRoute.downloadFile
+    );
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/save-to-tmp-dir",
+        filesRoute.saveNoteToTmpDir
+    );
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/upload-modified-file",
+        filesRoute.uploadModifiedFileToNote
+    );
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/convert-to-attachment",
+        notesApiRoute.convertNoteToAttachment
+    );
+
+    apiRoute(
+        PUT,
+        "/api/branches/:branchId/move-to/:parentBranchId",
+        branchesApiRoute.moveBranchToParent
+    );
+    apiRoute(
+        PUT,
+        "/api/branches/:branchId/move-before/:beforeBranchId",
+        branchesApiRoute.moveBranchBeforeNote
+    );
+    apiRoute(
+        PUT,
+        "/api/branches/:branchId/move-after/:afterBranchId",
+        branchesApiRoute.moveBranchAfterNote
+    );
+    apiRoute(
+        PUT,
+        "/api/branches/:branchId/expanded/:expanded",
+        branchesApiRoute.setExpanded
+    );
+    apiRoute(
+        PUT,
+        "/api/branches/:branchId/expanded-subtree/:expanded",
+        branchesApiRoute.setExpandedForSubtree
+    );
+    apiRoute(DEL, "/api/branches/:branchId", branchesApiRoute.deleteBranch);
+    apiRoute(
+        PUT,
+        "/api/branches/:branchId/set-prefix",
+        branchesApiRoute.setPrefix
+    );
+
+    apiRoute(
+        GET,
+        "/api/notes/:noteId/attachments",
+        attachmentsApiRoute.getAttachments
+    );
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/attachments",
+        attachmentsApiRoute.saveAttachment
+    );
+    route(
+        PST,
+        "/api/notes/:noteId/attachments/upload",
+        [
+            auth.checkApiAuthOrElectron,
+            uploadMiddlewareWithErrorHandling,
+            csrfMiddleware,
+        ],
+        attachmentsApiRoute.uploadAttachment,
+        apiResultHandler
+    );
+    apiRoute(
+        GET,
+        "/api/attachments/:attachmentId",
+        attachmentsApiRoute.getAttachment
+    );
+    apiRoute(
+        GET,
+        "/api/attachments/:attachmentId/all",
+        attachmentsApiRoute.getAllAttachments
+    );
+    apiRoute(
+        PST,
+        "/api/attachments/:attachmentId/convert-to-note",
+        attachmentsApiRoute.convertAttachmentToNote
+    );
+    apiRoute(
+        DEL,
+        "/api/attachments/:attachmentId",
+        attachmentsApiRoute.deleteAttachment
+    );
+    apiRoute(
+        PUT,
+        "/api/attachments/:attachmentId/rename",
+        attachmentsApiRoute.renameAttachment
+    );
+    apiRoute(
+        GET,
+        "/api/attachments/:attachmentId/blob",
+        attachmentsApiRoute.getAttachmentBlob
+    );
+    route(
+        GET,
+        "/api/attachments/:attachmentId/image/:filename",
+        [auth.checkApiAuthOrElectron],
+        imageRoute.returnAttachedImage
+    );
+    route(
+        GET,
+        "/api/attachments/:attachmentId/open",
+        [auth.checkApiAuthOrElectron],
+        filesRoute.openAttachment
+    );
+    route(
+        GET,
+        "/api/attachments/:attachmentId/open-partial",
+        [auth.checkApiAuthOrElectron],
+        createPartialContentHandler(filesRoute.attachmentContentProvider, {
+            debug: (string, extra) => {
+                console.log(string, extra);
+            },
+        })
+    );
+    route(
+        GET,
+        "/api/attachments/:attachmentId/download",
+        [auth.checkApiAuthOrElectron],
+        filesRoute.downloadAttachment
+    );
+    // this "hacky" path is used for easier referencing of CSS resources
+    route(
+        GET,
+        "/api/attachments/download/:attachmentId",
+        [auth.checkApiAuthOrElectron],
+        filesRoute.downloadAttachment
+    );
+    apiRoute(
+        PST,
+        "/api/attachments/:attachmentId/save-to-tmp-dir",
+        filesRoute.saveAttachmentToTmpDir
+    );
+    apiRoute(
+        PST,
+        "/api/attachments/:attachmentId/upload-modified-file",
+        filesRoute.uploadModifiedFileToAttachment
+    );
+    route(
+        PUT,
+        "/api/attachments/:attachmentId/file",
+        [
+            auth.checkApiAuthOrElectron,
+            uploadMiddlewareWithErrorHandling,
+            csrfMiddleware,
+        ],
+        filesRoute.updateAttachment,
+        apiResultHandler
+    );
+
+    apiRoute(
+        GET,
+        "/api/notes/:noteId/revisions",
+        revisionsApiRoute.getRevisions
+    );
+    apiRoute(
+        DEL,
+        "/api/notes/:noteId/revisions",
+        revisionsApiRoute.eraseAllRevisions
+    );
+    apiRoute(GET, "/api/revisions/:revisionId", revisionsApiRoute.getRevision);
+    apiRoute(
+        GET,
+        "/api/revisions/:revisionId/blob",
+        revisionsApiRoute.getRevisionBlob
+    );
+    apiRoute(
+        DEL,
+        "/api/revisions/:revisionId",
+        revisionsApiRoute.eraseRevision
+    );
+    apiRoute(
+        PST,
+        "/api/revisions/:revisionId/restore",
+        revisionsApiRoute.restoreRevision
+    );
+    route(
+        GET,
+        "/api/revisions/:revisionId/image/:filename",
+        [auth.checkApiAuthOrElectron],
+        imageRoute.returnImageFromRevision
+    );
+
+    route(
+        GET,
+        "/api/revisions/:revisionId/download",
+        [auth.checkApiAuthOrElectron],
+        revisionsApiRoute.downloadRevision
+    );
+
+    route(
+        GET,
+        "/api/branches/:branchId/export/:type/:format/:version/:taskId",
+        [auth.checkApiAuthOrElectron],
+        exportRoute.exportBranch
+    );
+    route(
+        PST,
+        "/api/notes/:parentNoteId/notes-import",
+        [
+            auth.checkApiAuthOrElectron,
+            uploadMiddlewareWithErrorHandling,
+            csrfMiddleware,
+        ],
+        importRoute.importNotesToBranch,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/notes/:parentNoteId/attachments-import",
+        [
+            auth.checkApiAuthOrElectron,
+            uploadMiddlewareWithErrorHandling,
+            csrfMiddleware,
+        ],
+        importRoute.importAttachmentsToNote,
+        apiResultHandler
+    );
+
+    apiRoute(
+        GET,
+        "/api/notes/:noteId/attributes",
+        attributesRoute.getEffectiveNoteAttributes
+    );
+    apiRoute(
+        PST,
+        "/api/notes/:noteId/attributes",
+        attributesRoute.addNoteAttribute
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/attributes",
+        attributesRoute.updateNoteAttributes
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/attribute",
+        attributesRoute.updateNoteAttribute
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/set-attribute",
+        attributesRoute.setNoteAttribute
+    );
+    apiRoute(
+        PUT,
+        "/api/notes/:noteId/relations/:name/to/:targetNoteId",
+        attributesRoute.createRelation
+    );
+    apiRoute(
+        DEL,
+        "/api/notes/:noteId/relations/:name/to/:targetNoteId",
+        attributesRoute.deleteRelation
+    );
+    apiRoute(
+        DEL,
+        "/api/notes/:noteId/attributes/:attributeId",
+        attributesRoute.deleteNoteAttribute
+    );
+    apiRoute(GET, "/api/attribute-names", attributesRoute.getAttributeNames);
+    apiRoute(
+        GET,
+        "/api/attribute-values/:attributeName",
+        attributesRoute.getValuesForAttribute
+    );
+
+    // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
+    route(
+        GET,
+        "/api/images/:noteId/:filename",
+        [auth.checkApiAuthOrElectron],
+        imageRoute.returnImageFromNote
+    );
+    route(
+        PUT,
+        "/api/images/:noteId",
+        [
+            auth.checkApiAuthOrElectron,
+            uploadMiddlewareWithErrorHandling,
+            csrfMiddleware,
+        ],
+        imageRoute.updateImage,
+        apiResultHandler
+    );
+
+    apiRoute(GET, "/api/options", optionsApiRoute.getOptions);
+    // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
+    apiRoute(PUT, "/api/options/:name/:value*", optionsApiRoute.updateOption);
+    apiRoute(PUT, "/api/options", optionsApiRoute.updateOptions);
+    apiRoute(GET, "/api/options/user-themes", optionsApiRoute.getUserThemes);
+
+    apiRoute(PST, "/api/password/change", passwordApiRoute.changePassword);
+    apiRoute(PST, "/api/password/reset", passwordApiRoute.resetPassword);
+
+    apiRoute(PST, "/api/sync/test", syncApiRoute.testSync);
+    apiRoute(PST, "/api/sync/now", syncApiRoute.syncNow);
+    apiRoute(
+        PST,
+        "/api/sync/fill-entity-changes",
+        syncApiRoute.fillEntityChanges
+    );
+    apiRoute(PST, "/api/sync/force-full-sync", syncApiRoute.forceFullSync);
+    route(
+        GET,
+        "/api/sync/check",
+        [auth.checkApiAuth],
+        syncApiRoute.checkSync,
+        apiResultHandler
+    );
+    route(
+        GET,
+        "/api/sync/changed",
+        [auth.checkApiAuth],
+        syncApiRoute.getChanged,
+        apiResultHandler
+    );
+    route(
+        PUT,
+        "/api/sync/update",
+        [auth.checkApiAuth],
+        syncApiRoute.update,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/sync/finished",
+        [auth.checkApiAuth],
+        syncApiRoute.syncFinished,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/sync/check-entity-changes",
+        [auth.checkApiAuth],
+        syncApiRoute.checkEntityChanges,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/sync/queue-sector/:entityName/:sector",
+        [auth.checkApiAuth],
+        syncApiRoute.queueSector,
+        apiResultHandler
+    );
+    route(GET, "/api/sync/stats", [], syncApiRoute.getStats, apiResultHandler);
+
+    apiRoute(PST, "/api/recent-notes", recentNotesRoute.addRecentNote);
+    apiRoute(GET, "/api/app-info", appInfoRoute.getAppInfo);
+
+    // docker health check
+    route(
+        GET,
+        "/api/health-check",
+        [],
+        () => ({ status: "ok" }),
+        apiResultHandler
+    );
+
+    // group of the services below are meant to be executed from the outside
+    route(
+        GET,
+        "/api/setup/status",
+        [],
+        setupApiRoute.getStatus,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/setup/new-document",
+        [auth.checkAppNotInitialized],
+        setupApiRoute.setupNewDocument,
+        apiResultHandler,
+        false
+    );
+    route(
+        PST,
+        "/api/setup/sync-from-server",
+        [auth.checkAppNotInitialized],
+        setupApiRoute.setupSyncFromServer,
+        apiResultHandler,
+        false
+    );
+    route(
+        GET,
+        "/api/setup/sync-seed",
+        [auth.checkCredentials],
+        setupApiRoute.getSyncSeed,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/setup/sync-seed",
+        [auth.checkAppNotInitialized],
+        setupApiRoute.saveSyncSeed,
+        apiResultHandler,
+        false
+    );
+
+    apiRoute(GET, "/api/autocomplete", autocompleteApiRoute.getAutocomplete);
+    apiRoute(GET, "/api/quick-search/:searchString", searchRoute.quickSearch);
+    apiRoute(GET, "/api/search-note/:noteId", searchRoute.searchFromNote);
+    apiRoute(
+        PST,
+        "/api/search-and-execute-note/:noteId",
+        searchRoute.searchAndExecute
+    );
+    apiRoute(PST, "/api/search-related", searchRoute.getRelatedNotes);
+    apiRoute(GET, "/api/search/:searchString", searchRoute.search);
+    apiRoute(GET, "/api/search-templates", searchRoute.searchTemplates);
+
+    apiRoute(PST, "/api/bulk-action/execute", bulkActionRoute.execute);
+    apiRoute(
+        PST,
+        "/api/bulk-action/affected-notes",
+        bulkActionRoute.getAffectedNoteCount
+    );
+
+    route(
+        PST,
+        "/api/login/sync",
+        [],
+        loginApiRoute.loginSync,
+        apiResultHandler
+    );
+    // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
+    apiRoute(
+        PST,
+        "/api/login/protected",
+        loginApiRoute.loginToProtectedSession
+    );
+    apiRoute(
+        PST,
+        "/api/login/protected/touch",
+        loginApiRoute.touchProtectedSession
+    );
+    apiRoute(
+        PST,
+        "/api/logout/protected",
+        loginApiRoute.logoutFromProtectedSession
+    );
+
+    route(
+        PST,
+        "/api/login/token",
+        [loginRateLimiter],
+        loginApiRoute.token,
+        apiResultHandler
+    );
+
+    apiRoute(GET, "/api/etapi-tokens", etapiTokensApiRoutes.getTokens);
+    apiRoute(PST, "/api/etapi-tokens", etapiTokensApiRoutes.createToken);
+    apiRoute(
+        PATCH,
+        "/api/etapi-tokens/:etapiTokenId",
+        etapiTokensApiRoutes.patchToken
+    );
+    apiRoute(
+        DEL,
+        "/api/etapi-tokens/:etapiTokenId",
+        etapiTokensApiRoutes.deleteToken
+    );
+
+    // in case of local electron, local calls are allowed unauthenticated, for server they need auth
+    const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
+
+    route(
+        GET,
+        "/api/clipper/handshake",
+        clipperMiddleware,
+        clipperRoute.handshake,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/clipper/clippings",
+        clipperMiddleware,
+        clipperRoute.addClipping,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/clipper/notes",
+        clipperMiddleware,
+        clipperRoute.createNote,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/clipper/open/:noteId",
+        clipperMiddleware,
+        clipperRoute.openNote,
+        apiResultHandler
+    );
+    route(
+        GET,
+        "/api/clipper/notes-by-url/:noteUrl",
+        clipperMiddleware,
+        clipperRoute.findNotesByUrl,
+        apiResultHandler
+    );
+
+    apiRoute(
+        GET,
+        "/api/special-notes/inbox/:date",
+        specialNotesRoute.getInboxNote
+    );
+    apiRoute(
+        GET,
+        "/api/special-notes/days/:date",
+        specialNotesRoute.getDayNote
+    );
+    apiRoute(
+        GET,
+        "/api/special-notes/weeks/:date",
+        specialNotesRoute.getWeekNote
+    );
+    apiRoute(
+        GET,
+        "/api/special-notes/months/:month",
+        specialNotesRoute.getMonthNote
+    );
+    apiRoute(
+        GET,
+        "/api/special-notes/years/:year",
+        specialNotesRoute.getYearNote
+    );
+    apiRoute(
+        GET,
+        "/api/special-notes/notes-for-month/:month",
+        specialNotesRoute.getDayNotesForMonth
+    );
+    apiRoute(
+        PST,
+        "/api/special-notes/sql-console",
+        specialNotesRoute.createSqlConsole
+    );
+    apiRoute(
+        PST,
+        "/api/special-notes/save-sql-console",
+        specialNotesRoute.saveSqlConsole
+    );
+    apiRoute(
+        PST,
+        "/api/special-notes/search-note",
+        specialNotesRoute.createSearchNote
+    );
+    apiRoute(
+        PST,
+        "/api/special-notes/save-search-note",
+        specialNotesRoute.saveSearchNote
+    );
+    apiRoute(
+        PST,
+        "/api/special-notes/launchers/:noteId/reset",
+        specialNotesRoute.resetLauncher
+    );
+    apiRoute(
+        PST,
+        "/api/special-notes/launchers/:parentNoteId/:launcherType",
+        specialNotesRoute.createLauncher
+    );
+    apiRoute(
+        PUT,
+        "/api/special-notes/api-script-launcher",
+        specialNotesRoute.createOrUpdateScriptLauncherFromApi
+    );
+
+    apiRoute(GET, "/api/sql/schema", sqlRoute.getSchema);
+    apiRoute(PST, "/api/sql/execute/:noteId", sqlRoute.execute);
+    route(
+        PST,
+        "/api/database/anonymize/:type",
+        [auth.checkApiAuthOrElectron, csrfMiddleware],
+        databaseRoute.anonymize,
+        apiResultHandler,
+        false
+    );
+    apiRoute(
+        GET,
+        "/api/database/anonymized-databases",
+        databaseRoute.getExistingAnonymizedDatabases
+    );
+
+    // backup requires execution outside of transaction
+    route(
+        PST,
+        "/api/database/backup-database",
+        [auth.checkApiAuthOrElectron, csrfMiddleware],
+        databaseRoute.backupDatabase,
+        apiResultHandler,
+        false
+    );
+    apiRoute(GET, "/api/database/backups", databaseRoute.getExistingBackups);
+
+    // VACUUM requires execution outside of transaction
+    route(
+        PST,
+        "/api/database/vacuum-database",
+        [auth.checkApiAuthOrElectron, csrfMiddleware],
+        databaseRoute.vacuumDatabase,
+        apiResultHandler,
+        false
+    );
+
+    route(
+        PST,
+        "/api/database/find-and-fix-consistency-issues",
+        [auth.checkApiAuthOrElectron, csrfMiddleware],
+        databaseRoute.findAndFixConsistencyIssues,
+        apiResultHandler,
+        false
+    );
+
+    apiRoute(
+        GET,
+        "/api/database/check-integrity",
+        databaseRoute.checkIntegrity
+    );
+
+    route(
+        PST,
+        "/api/script/exec",
+        [auth.checkApiAuth, csrfMiddleware],
+        scriptRoute.exec,
+        apiResultHandler,
+        false
+    );
+
+    apiRoute(PST, "/api/script/run/:noteId", scriptRoute.run);
+    apiRoute(GET, "/api/script/startup", scriptRoute.getStartupBundles);
+    apiRoute(GET, "/api/script/widgets", scriptRoute.getWidgetBundles);
+    apiRoute(PST, "/api/script/bundle/:noteId", scriptRoute.getBundle);
+    apiRoute(
+        GET,
+        "/api/script/relation/:noteId/:relationName",
+        scriptRoute.getRelationBundles
+    );
+
+    // no CSRF since this is called from android app
+    route(
+        PST,
+        "/api/sender/login",
+        [loginRateLimiter],
+        loginApiRoute.token,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/sender/image",
+        [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
+        senderRoute.uploadImage,
+        apiResultHandler
+    );
+    route(
+        PST,
+        "/api/sender/note",
+        [auth.checkEtapiToken],
+        senderRoute.saveNote,
+        apiResultHandler
+    );
+
+    apiRoute(GET, "/api/keyboard-actions", keysRoute.getKeyboardActions);
+    apiRoute(
+        GET,
+        "/api/keyboard-shortcuts-for-notes",
+        keysRoute.getShortcutsForNotes
+    );
+
+    apiRoute(PST, "/api/relation-map", relationMapApiRoute.getRelationMap);
+    apiRoute(
+        PST,
+        "/api/notes/erase-deleted-notes-now",
+        notesApiRoute.eraseDeletedNotesNow
+    );
+    apiRoute(
+        PST,
+        "/api/notes/erase-unused-attachments-now",
+        notesApiRoute.eraseUnusedAttachmentsNow
+    );
+    apiRoute(
+        GET,
+        "/api/similar-notes/:noteId",
+        similarNotesRoute.getSimilarNotes
+    );
+    apiRoute(GET, "/api/backend-log", backendLogRoute.getBackendLog);
+    apiRoute(GET, "/api/stats/note-size/:noteId", statsRoute.getNoteSize);
+    apiRoute(GET, "/api/stats/subtree-size/:noteId", statsRoute.getSubtreeSize);
+    apiRoute(
+        PST,
+        "/api/delete-notes-preview",
+        notesApiRoute.getDeleteNotesPreview
+    );
+    route(
+        GET,
+        "/api/fonts",
+        [auth.checkApiAuthOrElectron],
+        fontsRoute.getFontCss
+    );
+    apiRoute(GET, "/api/other/icon-usage", otherRoute.getIconUsage);
+    apiRoute(PST, "/api/other/render-markdown", otherRoute.renderMarkdown);
+    apiRoute(
+        GET,
+        "/api/recent-changes/:ancestorNoteId",
+        recentChangesApiRoute.getRecentChanges
+    );
+    apiRoute(
+        GET,
+        "/api/edited-notes/:date",
+        revisionsApiRoute.getEditedNotesOnDate
+    );
+
+    apiRoute(PST, "/api/note-map/:noteId/tree", noteMapRoute.getTreeMap);
+    apiRoute(PST, "/api/note-map/:noteId/link", noteMapRoute.getLinkMap);
+    apiRoute(
+        GET,
+        "/api/note-map/:noteId/backlink-count",
+        noteMapRoute.getBacklinkCount
+    );
+    apiRoute(GET, "/api/note-map/:noteId/backlinks", noteMapRoute.getBacklinks);
+
+    shareRoutes.register(router);
+
+    etapiAuthRoutes.register(router, [loginRateLimiter]);
+    etapiAppInfoRoutes.register(router);
+    etapiAttachmentRoutes.register(router);
+    etapiAttributeRoutes.register(router);
+    etapiBranchRoutes.register(router);
+    etapiNoteRoutes.register(router);
+    etapiSpecialNoteRoutes.register(router);
+    etapiSpecRoute.register(router);
+    etapiBackupRoute.register(router);
+
+    app.use("", router);
 }
 
 /** Handling common patterns. If entity is not caught, serialization to JSON will fail */
 function convertEntitiesToPojo(result: unknown) {
-  if (result instanceof AbstractBeccaEntity) {
-    result = result.getPojo();
-  } else if (Array.isArray(result)) {
-    for (const idx in result) {
-      if (result[idx] instanceof AbstractBeccaEntity) {
-        result[idx] = result[idx].getPojo();
-      }
-    }
-  } else if (result && typeof result === "object") {
-    if ("note" in result && result.note instanceof AbstractBeccaEntity) {
-      result.note = result.note.getPojo();
-    }
+    if (result instanceof AbstractBeccaEntity) {
+        result = result.getPojo();
+    } else if (Array.isArray(result)) {
+        for (const idx in result) {
+            if (result[idx] instanceof AbstractBeccaEntity) {
+                result[idx] = result[idx].getPojo();
+            }
+        }
+    } else if (result && typeof result === "object") {
+        if ("note" in result && result.note instanceof AbstractBeccaEntity) {
+            result.note = result.note.getPojo();
+        }
 
-    if ("branch" in result && result.branch instanceof AbstractBeccaEntity) {
-      result.branch = result.branch.getPojo();
+        if (
+            "branch" in result &&
+            result.branch instanceof AbstractBeccaEntity
+        ) {
+            result.branch = result.branch.getPojo();
+        }
     }
-  }
 
-  if (result && typeof result === "object" && "executionResult" in result) {
-    // from runOnBackend()
-    result.executionResult = convertEntitiesToPojo(result.executionResult);
-  }
+    if (result && typeof result === "object" && "executionResult" in result) {
+        // from runOnBackend()
+        result.executionResult = convertEntitiesToPojo(result.executionResult);
+    }
 
-  return result;
+    return result;
 }
 
 function apiResultHandler(
-  req: express.Request,
-  res: express.Response,
-  result: unknown
+    req: express.Request,
+    res: express.Response,
+    result: unknown
 ) {
-  res.setHeader(
-    "trilium-max-entity-change-id",
-    entityChangesService.getMaxEntityChangeId()
-  );
-
-  result = convertEntitiesToPojo(result);
-
-  // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
-  if (
-    Array.isArray(result) &&
-    result.length > 0 &&
-    Number.isInteger(result[0])
-  ) {
-    const [statusCode, response] = result;
-
-    if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
-      log.info(
-        `${req.method} ${
-          req.originalUrl
-        } returned ${statusCode} with response ${JSON.stringify(response)}`
-      );
-    }
+    res.setHeader(
+        "trilium-max-entity-change-id",
+        entityChangesService.getMaxEntityChangeId()
+    );
+
+    result = convertEntitiesToPojo(result);
+
+    // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
+    if (
+        Array.isArray(result) &&
+        result.length > 0 &&
+        Number.isInteger(result[0])
+    ) {
+        const [statusCode, response] = result;
+
+        if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
+            log.info(
+                `${req.method} ${
+                    req.originalUrl
+                } returned ${statusCode} with response ${JSON.stringify(
+                    response
+                )}`
+            );
+        }
 
-    return send(res, statusCode, response);
-  } else if (result === undefined) {
-    return send(res, 204, "");
-  } else {
-    return send(res, 200, result);
-  }
+        return send(res, statusCode, response);
+    } else if (result === undefined) {
+        return send(res, 204, "");
+    } else {
+        return send(res, 200, result);
+    }
 }
 
 function send(res: express.Response, statusCode: number, response: unknown) {
-  if (typeof response === "string") {
-    if (statusCode >= 400) {
-      res.setHeader("Content-Type", "text/plain");
-    }
+    if (typeof response === "string") {
+        if (statusCode >= 400) {
+            res.setHeader("Content-Type", "text/plain");
+        }
 
-    res.status(statusCode).send(response);
+        res.status(statusCode).send(response);
 
-    return response.length;
-  } else {
-    const json = JSON.stringify(response);
+        return response.length;
+    } else {
+        const json = JSON.stringify(response);
 
-    res.setHeader("Content-Type", "application/json");
-    res.status(statusCode).send(json);
+        res.setHeader("Content-Type", "application/json");
+        res.status(statusCode).send(json);
 
-    return json.length;
-  }
+        return json.length;
+    }
 }
 
 function apiRoute(
-  method: HttpMethod,
-  path: string,
-  routeHandler: express.Handler
+    method: HttpMethod,
+    path: string,
+    routeHandler: express.Handler
 ) {
-  route(
-    method,
-    path,
-    [auth.checkApiAuth, csrfMiddleware],
-    routeHandler,
-    apiResultHandler
-  );
+    route(
+        method,
+        path,
+        [auth.checkApiAuth, csrfMiddleware],
+        routeHandler,
+        apiResultHandler
+    );
 }
 
 function route(
-  method: HttpMethod,
-  path: string,
-  middleware: (express.Handler | AppRequestHandler)[],
-  routeHandler: AppRequestHandler,
-  resultHandler: ApiResultHandler | null = null,
-  transactional = true
+    method: HttpMethod,
+    path: string,
+    middleware: (express.Handler | AppRequestHandler)[],
+    routeHandler: AppRequestHandler,
+    resultHandler: ApiResultHandler | null = null,
+    transactional = true
 ) {
-  router[method](
-    path,
-    ...(middleware as express.Handler[]),
-    (
-      req: express.Request,
-      res: express.Response,
-      next: express.NextFunction
-    ) => {
-      const start = Date.now();
-
-      try {
-        cls.namespace.bindEmitter(req);
-        cls.namespace.bindEmitter(res);
-
-        const result = cls.init(() => {
-          cls.set("componentId", req.headers["trilium-component-id"]);
-          cls.set(
-            "localNowDateTime",
-            req.headers["trilium-local-now-datetime"]
-          );
-          cls.set(
-            "hoistedNoteId",
-            req.headers["trilium-hoisted-note-id"] || "root"
-          );
-
-          const cb = () => routeHandler(req as AppRequest, res, next);
-
-          return transactional ? sql.transactional(cb) : cb();
-        });
-
-        if (!resultHandler) {
-          return;
-        }
-
-        if (result?.then) {
-          // promise
-          result
-            .then((promiseResult: unknown) =>
-              handleResponse(resultHandler, req, res, promiseResult, start)
-            )
-            .catch((e: any) => handleException(e, method, path, res));
-        } else {
-          handleResponse(resultHandler, req, res, result, start);
+    router[method](
+        path,
+        ...(middleware as express.Handler[]),
+        (
+            req: express.Request,
+            res: express.Response,
+            next: express.NextFunction
+        ) => {
+            const start = Date.now();
+
+            try {
+                cls.namespace.bindEmitter(req);
+                cls.namespace.bindEmitter(res);
+
+                const result = cls.init(() => {
+                    cls.set("componentId", req.headers["trilium-component-id"]);
+                    cls.set(
+                        "localNowDateTime",
+                        req.headers["trilium-local-now-datetime"]
+                    );
+                    cls.set(
+                        "hoistedNoteId",
+                        req.headers["trilium-hoisted-note-id"] || "root"
+                    );
+
+                    const cb = () => routeHandler(req as AppRequest, res, next);
+
+                    return transactional ? sql.transactional(cb) : cb();
+                });
+
+                if (!resultHandler) {
+                    return;
+                }
+
+                if (result?.then) {
+                    // promise
+                    result
+                        .then((promiseResult: unknown) =>
+                            handleResponse(
+                                resultHandler,
+                                req,
+                                res,
+                                promiseResult,
+                                start
+                            )
+                        )
+                        .catch((e: any) =>
+                            handleException(e, method, path, res)
+                        );
+                } else {
+                    handleResponse(resultHandler, req, res, result, start);
+                }
+            } catch (e) {
+                handleException(e, method, path, res);
+            }
         }
-      } catch (e) {
-        handleException(e, method, path, res);
-      }
-    }
-  );
+    );
 }
 
 function handleResponse(
-  resultHandler: ApiResultHandler,
-  req: express.Request,
-  res: express.Response,
-  result: unknown,
-  start: number
+    resultHandler: ApiResultHandler,
+    req: express.Request,
+    res: express.Response,
+    result: unknown,
+    start: number
 ) {
-  const responseLength = resultHandler(req, res, result);
+    const responseLength = resultHandler(req, res, result);
 
-  log.request(req, res, Date.now() - start, responseLength);
+    log.request(req, res, Date.now() - start, responseLength);
 }
 
 function handleException(
-  e: any,
-  method: HttpMethod,
-  path: string,
-  res: express.Response
+    e: any,
+    method: HttpMethod,
+    path: string,
+    res: express.Response
 ) {
-  log.error(
-    `${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`
-  );
+    log.error(
+        `${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`
+    );
 
-  if (e instanceof ValidationError) {
-    res.status(400).json({
-      message: e.message,
-    });
-  } else if (e instanceof NotFoundError) {
-    res.status(404).json({
-      message: e.message,
-    });
-  } else {
-    res.status(500).json({
-      message: e.message,
-    });
-  }
+    if (e instanceof ValidationError) {
+        res.status(400).json({
+            message: e.message,
+        });
+    } else if (e instanceof NotFoundError) {
+        res.status(404).json({
+            message: e.message,
+        });
+    } else {
+        res.status(500).json({
+            message: e.message,
+        });
+    }
 }
 
 function createUploadMiddleware() {
-  const multerOptions: multer.Options = {
-    fileFilter: (req: express.Request, file, cb) => {
-      // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
-      // See https://github.com/expressjs/multer/pull/1102.
-      file.originalname = Buffer.from(file.originalname, "latin1").toString(
-        "utf-8"
-      );
-      cb(null, true);
-    },
-  };
-
-  if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
-    multerOptions.limits = {
-      fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024,
+    const multerOptions: multer.Options = {
+        fileFilter: (req: express.Request, file, cb) => {
+            // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
+            // See https://github.com/expressjs/multer/pull/1102.
+            file.originalname = Buffer.from(
+                file.originalname,
+                "latin1"
+            ).toString("utf-8");
+            cb(null, true);
+        },
     };
-  }
 
-  return multer(multerOptions).single("upload");
+    if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
+        multerOptions.limits = {
+            fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024,
+        };
+    }
+
+    return multer(multerOptions).single("upload");
 }
 
 export = {
-  register,
+    register,
 };
diff --git a/src/services/encryption/recovery_codes.ts b/src/services/encryption/recovery_codes.ts
index 9718285336..c5b269b21a 100644
--- a/src/services/encryption/recovery_codes.ts
+++ b/src/services/encryption/recovery_codes.ts
@@ -5,82 +5,90 @@ import optionService = require("../options");
 import crypto = require("crypto");
 
 function isRecoveryCodeSet() {
-  return optionService.getOptionBool("encryptedRecoveryCodes");
+    return optionService.getOptionBool("encryptedRecoveryCodes");
 }
 
 function setRecoveryCodes(recoveryCodes: string) {
-  const iv = crypto.randomBytes(16);
-  const securityKey = crypto.randomBytes(32);
-  const cipher = crypto.createCipheriv("aes-256-cbc", securityKey, iv);
-  let encryptedRecoveryCodes = cipher.update(recoveryCodes, "utf-8", "hex");
+    const iv = crypto.randomBytes(16);
+    const securityKey = crypto.randomBytes(32);
+    const cipher = crypto.createCipheriv("aes-256-cbc", securityKey, iv);
+    let encryptedRecoveryCodes = cipher.update(recoveryCodes, "utf-8", "hex");
 
-  sql.transactional(() => {
-    optionService.createOption(
-      "recoveryCodeInitialVector",
-      iv.toString("hex"),
-      true
-    );
-    optionService.createOption(
-      "recoveryCodeSecurityKey",
-      securityKey.toString("hex"),
-      true
-    );
-    optionService.createOption(
-      "recoveryCodesEncrypted",
-      encryptedRecoveryCodes + cipher.final("hex"),
-      true
-    );
-    optionService.createOption("encryptedRecoveryCodes", "true", true);
-    return true;
-  });
-  return false;
+    sql.transactional(() => {
+        optionService.createOption(
+            "recoveryCodeInitialVector",
+            iv.toString("hex"),
+            true
+        );
+        optionService.createOption(
+            "recoveryCodeSecurityKey",
+            securityKey.toString("hex"),
+            true
+        );
+        optionService.createOption(
+            "recoveryCodesEncrypted",
+            encryptedRecoveryCodes + cipher.final("hex"),
+            true
+        );
+        optionService.createOption("encryptedRecoveryCodes", "true", true);
+        return true;
+    });
+    return false;
 }
 
 function verifyRecoveryCode(recoveryCodeGuess: string) {
-  if (!isRecoveryCodeSet()) {
-    throw new Error(
-      "Recovery codes have not been set yet, so it cannot be changed. Use 'setRecoveryCodes' instead."
-    );
-  }
+    if (!isRecoveryCodeSet()) {
+        throw new Error(
+            "Recovery codes have not been set yet, so it cannot be changed. Use 'setRecoveryCodes' instead."
+        );
+    }
 
-  sql.transactional(() => {
-    const iv = Buffer.from(
-      optionService.getOption("recoveryCodeInitialVector"),
-      "hex"
-    );
-    const securityKey = Buffer.from(
-      optionService.getOption("recoveryCodeSecurityKey"),
-      "hex"
-    );
-    const encryptedRecoveryCodes = optionService.getOption(
-      "recoveryCodesEncrypted"
-    );
+    sql.transactional(() => {
+        const iv = Buffer.from(
+            optionService.getOption("recoveryCodeInitialVector"),
+            "hex"
+        );
+        const securityKey = Buffer.from(
+            optionService.getOption("recoveryCodeSecurityKey"),
+            "hex"
+        );
+        const encryptedRecoveryCodes = optionService.getOption(
+            "recoveryCodesEncrypted"
+        );
 
-    const decipher = crypto.createDecipheriv("aes-256-cbc", securityKey, iv);
-    const decryptedData = decipher.update(
-      encryptedRecoveryCodes,
-      "hex",
-      "utf-8"
-    );
-    const finalOutput = JSON.parse(decryptedData + decipher.final("utf-8"));
+        const decipher = crypto.createDecipheriv(
+            "aes-256-cbc",
+            securityKey,
+            iv
+        );
+        const decryptedData = decipher.update(
+            encryptedRecoveryCodes,
+            "hex",
+            "utf-8"
+        );
+        const finalOutput = JSON.parse(decryptedData + decipher.final("utf-8"));
 
-    console.log(
-      "Verifying [" + recoveryCodeGuess + "] {" + typeof recoveryCodeGuess + "}"
-    );
-    console.log("against " + JSON.stringify(finalOutput));
+        console.log(
+            "Verifying [" +
+                recoveryCodeGuess +
+                "] {" +
+                typeof recoveryCodeGuess +
+                "}"
+        );
+        console.log("against " + JSON.stringify(finalOutput));
 
-    for (var a in finalOutput) {
-      console.log(finalOutput[a] + ": " + typeof finalOutput[a]);
-      if (recoveryCodeGuess === finalOutput[a]) {
-        return true;
-      }
-    }
-  });
-  return false;
+        for (var a in finalOutput) {
+            console.log(finalOutput[a] + ": " + typeof finalOutput[a]);
+            if (recoveryCodeGuess === finalOutput[a]) {
+                return true;
+            }
+        }
+    });
+    return false;
 }
 
 function updateRecoveryCodes() {
-  // TODO: Remove used recovery code and reset
+    // TODO: Remove used recovery code and reset
 }
 
 export = { setRecoveryCodes, verifyRecoveryCode };

From 41764e341874f3e7bbaeb0afa183e69451e19a19 Mon Sep 17 00:00:00 2001
From: Chesspro13 <brandon@mauldin314.com>
Date: Fri, 10 May 2024 15:09:09 -0700
Subject: [PATCH 12/63] Added random codes

---
 .../options/multi_factor_authentication.js     | 18 +++++++++++++++++-
 src/routes/api/recovery_codes.ts               | 15 ++++++++++-----
 2 files changed, 27 insertions(+), 6 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index c5c1cc86a8..4f426a9dd2 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -73,7 +73,7 @@ const TPL = `
         </tbody>
     </table>
     <br>
-      <button class="regenerate-totp" disabled="true"> Generate Recovery Keys </button>
+      <button class="generate-recovery-code" disabled="true"> Generate Recovery Keys </button>
   </div>
 </div>`;
 
@@ -88,6 +88,9 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
         this.$totpSecretInput = this.$widget.find(".totp-secret-input");
         this.$saveTotpButton = this.$widget.find(".save-totp");
         this.$password = this.$widget.find(".password");
+        this.$generateRecoveryCodeButton = this.$widget.find(
+            ".generate-recovery-code"
+        );
         this.$recoveryKeys = [];
 
         for (let i = 0; i < 8; i++)
@@ -101,6 +104,10 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
             this.updateSecret();
         });
 
+        this.$generateRecoveryCodeButton.on("click", async () => {
+            this.setRecoveryKeys();
+        });
+
         this.$regenerateTotpButton.on("click", async () => {
             this.generateKey();
         });
@@ -135,6 +142,9 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
 
             if (!result.keysExist) {
                 this.keyFiller(Array(8).fill("No key set"));
+                this.$generateRecoveryCodeButton.text(
+                    "Generate Recovery Codes"
+                );
                 return;
             }
 
@@ -147,6 +157,8 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
                 return;
             }
 
+            this.keyFiller(JSON.parse(result.recoveryCodes));
+            // Continue here
             server.post("totp_recovery/set", {
                 recoveryCodes: JSON.stringify(result.recoveryCodes),
             });
@@ -204,6 +216,10 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
                 this.$totpSecret.prop("disapbled", !result.message);
                 this.$regenerateTotpButton.prop("disabled", !result.message);
                 this.$password.prop("disabled", !result.message);
+                this.$generateRecoveryCodeButton.prop(
+                    "disabled",
+                    !result.message
+                );
             } else {
                 toastService.showError(result.message);
             }
diff --git a/src/routes/api/recovery_codes.ts b/src/routes/api/recovery_codes.ts
index c2f7b9babe..fdb7a14e4a 100644
--- a/src/routes/api/recovery_codes.ts
+++ b/src/routes/api/recovery_codes.ts
@@ -23,11 +23,16 @@ function checkForRecoveryKeys() {
 }
 
 function generateRecoveryCodes() {
-    const recoveryCodes = {
-        code1: randomBytes(16).toString("base64"),
-        code2: randomBytes(16).toString("base64"),
-        code3: randomBytes(16).toString("base64"),
-    };
+    const recoveryCodes = [
+        randomBytes(16).toString("base64"),
+        randomBytes(16).toString("base64"),
+        randomBytes(16).toString("base64"),
+        randomBytes(16).toString("base64"),
+        randomBytes(16).toString("base64"),
+        randomBytes(16).toString("base64"),
+        randomBytes(16).toString("base64"),
+        randomBytes(16).toString("base64"),
+    ];
 
     return { success: true, recoveryCodes: JSON.stringify(recoveryCodes) };
 }

From e88f1e575c0eedc6e1905d0e389ed00a4bd4ad40 Mon Sep 17 00:00:00 2001
From: Brandon <brandon@mauldin314.com>
Date: Sat, 11 May 2024 12:11:34 -0700
Subject: [PATCH 13/63] Recovery key can take place of TOTP.

---
 .../options/multi_factor_authentication.js    | 460 +++++++++---------
 src/routes/api/recovery_codes.ts              |  57 ++-
 src/routes/login.ts                           | 184 +++----
 src/services/encryption/recovery_codes.ts     | 134 +++--
 src/views/login.ejs                           |   3 +-
 5 files changed, 404 insertions(+), 434 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 4f426a9dd2..1731ad15b3 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -5,260 +5,234 @@ import OptionsWidget from "./options_widget.js";
 
 const TPL = `
 <div class="options-section">
-    <h4 class="mfa-heading"></h4>
-    
-    <div class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">
-      Use TOTP to add an additional layer of security to safeguard your data. Copy the generatred secret into your favorite authenticator.
-    </div>
-    
-  <br>
-  <h4>TOTP Settings</h4>
-    <div>
-      <label>
-          Enable TOTP
-      </label>
-      <input type="checkbox" class="totp-enabled" />
+    <h4 class="">What is TOTP?</h4>
+
+    <div class="">
+        TOTP stands for Time-Based One-Time Password. It's a security protocol used to generate temporary passwords that are valid for a short period, 
+        typically 30 or 60 seconds. These passwords are generated by combining a secret key (known only to the user and the service) with the current 
+        time. An authenticator app is a software tool that implements the TOTP algorithm, generating these time-based passwords. Users typically use 
+        authenticator apps like Google Authenticator or Authy to add an extra layer of security.
     </div>
 
-<br>
-  <div>
-      <div class="form-group">
-        <label>Password confirmation</label>
-        <input class="password form-control" type="password">
-      </div>
-      <div class="options-section">
+    <br>
+    <h4>TOTP Settings</h4>
+    <div>
         <label>
-        TOTP Secret
+           Enable TOTP
         </label>
-        <input class="totp-secret-input form-control" disabled="true" type="text">
-        <button class="save-totp" disabled="true"> Save TOTP Secret </button>
-      </div>
-  </div>
-  <br>
-  <h4> Generate TOTP Secret </h4>
-  <div>
-      <span class="totp-secret" >  </span>
-      <br>
-      <button class="regenerate-totp" disabled="true"> Regenerate TOTP Secret </button>
-  </div>
-  <br>
-  <h4> Recovery Keys </h4>
-  <div>
-    <span >Recovery keys are used to login in the event you cannot access your Authenticator codes. Keep them somewhere safe and secure. </span>
-    <br><br>
-    <span class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">After a recovery key is used it cannot be used again.</span>
-    <br><br>
-      <table style="border: 0px solid white">
+        <input type="checkbox" class="totp-enabled" />
+    </div>
+
+    <br>
+    <div>
+        <div class="form-group">
+            <label>Password confirmation</label>
+            <input class="password form-control" type="password">
+        </div>
+        <div class="options-section">
+            <label>
+            TOTP Secret
+            </label>
+            <input class="totp-secret-input form-control" disabled="true" type="text">
+            <button class="save-totp" disabled="true"> Save TOTP Secret </button>
+        </div>
+    </div>
+    <br>
+    <h4> Generate TOTP Secret </h4>
+    <div>
+        <span class="totp-secret" > TOTP Secret Key </span>
+        <br>
+        <button class="regenerate-totp" disabled="true"> Regenerate TOTP Secret </button>
+    </div>
+    <br>
+    <h4> Recovery Keys </h4>
+        <div>
+        <span >Recovery keys are used to login in the event you cannot access your Authenticator codes. Keep them somewhere safe and secure. </span>
+        <br><br>
+        <span class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">After a recovery key is used it cannot be used again.</span>
+        <br><br>
+        <table style="border: 0px solid white">
         <tbody>
-        <tr>
-        <td class="key_0">Recover Key 1</td>
-        <td style="width: 20px" />
-        <td class="key_1">Recover Key 2</td>
-        </tr>
-        <tr>
-        <td class="key_2">Recover Key 3</td>
-        <td />
-        <td class="key_3">Recover Key 4</td>
-        </tr>
-        <tr>
-        <td class="key_4">Recover Key 5</td>
-        <td />
-        <td class="key_5">Recover Key 6</td>
-        </tr>
-        <tr>
-        <td class="key_6">Recover Key 7</td>
-        <td />
-        <td class="key_7">Recover Key 8</td>
-        </tr>
+            <tr>
+                <td class="key_0">Recover Key 1</td>
+                <td style="width: 20px" />
+                <td class="key_1">Recover Key 2</td>
+            </tr>
+            <tr>
+                <td class="key_2">Recover Key 3</td>
+                <td />
+                <td class="key_3">Recover Key 4</td>
+            </tr>
+            <tr>
+                <td class="key_4">Recover Key 5</td>
+                <td />
+                <td class="key_5">Recover Key 6</td>
+            </tr>
+            <tr>
+                <td class="key_6">Recover Key 7</td>
+                <td />
+                <td class="key_7">Recover Key 8</td>
+            </tr>
         </tbody>
-    </table>
-    <br>
-      <button class="generate-recovery-code" disabled="true"> Generate Recovery Keys </button>
-  </div>
+        </table>
+        <br>
+        <button class="generate-recovery-code" disabled="true"> Generate Recovery Keys </button>
+    </div>
 </div>`;
 
 export default class MultiFactorAuthenticationOptions extends OptionsWidget {
-    doRender() {
-        this.$widget = $(TPL);
-
-        this.$mfaHeadding = this.$widget.find(".mfa-heading");
-        this.$regenerateTotpButton = this.$widget.find(".regenerate-totp");
-        this.$totpEnabled = this.$widget.find(".totp-enabled");
-        this.$totpSecret = this.$widget.find(".totp-secret");
-        this.$totpSecretInput = this.$widget.find(".totp-secret-input");
-        this.$saveTotpButton = this.$widget.find(".save-totp");
-        this.$password = this.$widget.find(".password");
-        this.$generateRecoveryCodeButton = this.$widget.find(
-            ".generate-recovery-code"
-        );
-        this.$recoveryKeys = [];
-
-        for (let i = 0; i < 8; i++)
-            this.$recoveryKeys.push(this.$widget.find(".key_" + i));
-        this.setRecoveryKeys();
-
-        this.$mfaHeadding.text("Time-Based One Time Password (TOTP)");
-        this.generateKey();
-
-        this.$totpEnabled.on("change", async () => {
-            this.updateSecret();
-        });
-
-        this.$generateRecoveryCodeButton.on("click", async () => {
-            this.setRecoveryKeys();
-        });
-
-        this.$regenerateTotpButton.on("click", async () => {
-            this.generateKey();
-        });
-
-        this.$saveTotpButton.on("click", async () => {
-            this.saveTotpSecret();
-        });
-
-        this.$protectedSessionTimeout = this.$widget.find(
-            ".protected-session-timeout-in-seconds"
-        );
-        this.$protectedSessionTimeout.on("change", () =>
-            this.updateOption(
-                "protectedSessionTimeout",
-                this.$protectedSessionTimeout.val()
-            )
-        );
+  doRender() {
+    this.$widget = $(TPL);
+
+    this.$mfaHeadding = this.$widget.find(".mfa-heading");
+    this.$regenerateTotpButton = this.$widget.find(".regenerate-totp");
+    this.$totpEnabled = this.$widget.find(".totp-enabled");
+    this.$totpSecret = this.$widget.find(".totp-secret");
+    this.$totpSecretInput = this.$widget.find(".totp-secret-input");
+    this.$saveTotpButton = this.$widget.find(".save-totp");
+    this.$password = this.$widget.find(".password");
+    this.$generateRecoveryCodeButton = this.$widget.find(
+      ".generate-recovery-code"
+    );
+    this.$recoveryKeys = [];
+
+    for (let i = 0; i < 8; i++)
+      this.$recoveryKeys.push(this.$widget.find(".key_" + i));
+
+    this.$mfaHeadding.text("Time-Based One Time Password (TOTP)");
+
+    this.$totpEnabled.on("change", async () => {
+      this.updateSecret();
+    });
+
+    this.$generateRecoveryCodeButton.on("click", async () => {
+      this.setRecoveryKeys();
+    });
+
+    this.$regenerateTotpButton.on("click", async () => {
+      this.generateKey();
+    });
+
+    this.$saveTotpButton.on("click", async () => {
+      this.saveTotpSecret();
+    });
+
+    this.$protectedSessionTimeout = this.$widget.find(
+      ".protected-session-timeout-in-seconds"
+    );
+    this.$protectedSessionTimeout.on("change", () =>
+      this.updateOption(
+        "protectedSessionTimeout",
+        this.$protectedSessionTimeout.val()
+      )
+    );
+
+    this.displayRecoveryKeys();
+  }
+
+  async updateSecret() {
+    if (this.$totpEnabled.prop("checked")) server.post("totp/enable");
+    else server.post("totp/disable");
+  }
+
+  async setRecoveryKeys() {
+    server.get("totp_recovery/generate").then((result) => {
+      if (!result.success) {
+        toastService.showError("Error in revevery code generation!");
+        return;
+      }
+
+      this.keyFiller(JSON.parse(result.recoveryCodes));
+      // Continue here
+      server.post("totp_recovery/set", {
+        recoveryCodes: JSON.stringify(result.recoveryCodes),
+      });
+    });
+  }
+
+  async keyFiller(values) {
+    console.log(values);
+    for (let i = 0; i < 8; i++) this.$recoveryKeys[i].text(values[i]);
+  }
+
+  async generateKey() {
+    server.get("totp/generate").then((result) => {
+      if (result.success) {
+        this.$totpSecret.text(result.message);
+      } else {
+        toastService.showError(result.message);
+      }
+    });
+  }
+
+  optionsLoaded(options) {
+    server.get("totp/enabled").then((result) => {
+      if (result.success) {
+        this.$totpEnabled.prop("checked", result.message);
+        this.$totpSecretInput.prop("disabled", !result.message);
+        this.$saveTotpButton.prop("disabled", !result.message);
+        this.$totpSecret.prop("disapbled", !result.message);
+        this.$regenerateTotpButton.prop("disabled", !result.message);
+        this.$password.prop("disabled", !result.message);
+        this.$generateRecoveryCodeButton.prop("disabled", !result.message);
+      } else {
+        toastService.showError(result.message);
+      }
+    });
+
+    this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
+  }
+
+  saveTotpSecret() {
+    const key = this.$totpSecretInput.val().trim();
+    const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
+
+    if (key.length != 52) {
+      toastService.showError("Invalid Secret", 2000);
+      return;
     }
-
-    async updateSecret() {
-        if (this.$totpEnabled.prop("checked")) server.post("totp/enable");
-        else server.post("totp/disable");
-    }
-
-    async setRecoveryKeys() {
-        server.get("totp_recovery/enabled").then((result) => {
-            console.log(result);
-            if (!result.success) {
-                this.keyFiller(Array(8).fill("Error fetching recovery key!"));
-                return;
-            }
-
-            if (!result.keysExist) {
-                this.keyFiller(Array(8).fill("No key set"));
-                this.$generateRecoveryCodeButton.text(
-                    "Generate Recovery Codes"
-                );
-                return;
-            }
-
-            this.keyFiller(Array(8).fill("Key set. Cannot view."));
-        });
-
-        server.get("totp_recovery/generate").then((result) => {
-            if (!result.success) {
-                toastService.showError("Error in revevery code generation!");
-                return;
-            }
-
-            this.keyFiller(JSON.parse(result.recoveryCodes));
-            // Continue here
-            server.post("totp_recovery/set", {
-                recoveryCodes: JSON.stringify(result.recoveryCodes),
-            });
-        });
-    }
-
-    async keyFiller(values) {
-        console.log(values);
-        for (let i = 0; i < 8; i++) this.$recoveryKeys[i].text(values[i]);
+    if (regex.test(key)) {
+      toastService.showError("Invalid Secret", 2000);
+      return;
     }
 
-    async generateKey() {
-        // // DEBUG ONLY
-        // const recoveryCodes = server
-        //     .get("totp_recovery/generate")
-        //     .then((result) => {
-        //         if (!result.success) {
-        //             toastService.showError(
-        //                 "Error in revevery code generation!"
-        //             );
-        //             return;
-        //         }
-
-        //         server.post("totp_recovery/set", {
-        //             recoveryCodes: JSON.stringify(result.recoveryCodes),
-        //         });
-        //     });
-
-        // // DEBUG ONLY
-        // server
-        //     .post("totp_recovery/verify", { recovery_code_guess: "testCode2" })
-        //     .then((result) => {
-        //         if (result.success) {
-        //             toastService.showError("VALID");
-        //         } else {
-        //             toastService.showError("INVALID");
-        //         }
-        //     });
-
-        server.get("totp/generate").then((result) => {
-            if (result.success) {
-                this.$totpSecret.text(result.message);
-            } else {
-                toastService.showError(result.message);
-            }
-        });
-    }
-
-    optionsLoaded(options) {
-        server.get("totp/enabled").then((result) => {
-            if (result.success) {
-                this.$totpEnabled.prop("checked", result.message);
-                this.$totpSecretInput.prop("disabled", !result.message);
-                this.$saveTotpButton.prop("disabled", !result.message);
-                this.$totpSecret.prop("disapbled", !result.message);
-                this.$regenerateTotpButton.prop("disabled", !result.message);
-                this.$password.prop("disabled", !result.message);
-                this.$generateRecoveryCodeButton.prop(
-                    "disabled",
-                    !result.message
-                );
-            } else {
-                toastService.showError(result.message);
-            }
-        });
-
-        this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
-    }
-
-    saveTotpSecret() {
-        const key = this.$totpSecretInput.val();
-        const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
-
-        if (key.length != 52) {
-            toastService.showError("Invalid Secret", 2000);
-            return;
+    server
+      .post("totp/set", {
+        secret: this.$totpSecretInput.val(),
+        password: this.$password.val(),
+      })
+      .then((result) => {
+        if (result.success) {
+          toastService.showError(
+            "Password has been changed. Trilium will be reloaded after you press OK."
+          );
+
+          // password changed so current protected session is invalid and needs to be cleared
+          protectedSessionHolder.resetProtectedSession();
+        } else {
+          toastService.showError(result.message);
         }
-        if (regex.test(key)) {
-            toastService.showError("Invalid Secret", 2000);
-            return;
-        }
-
-        server
-            .post("totp/set", {
-                secret: this.$totpSecretInput.val(),
-                password: this.$password.val(),
-            })
-            .then((result) => {
-                if (result.success) {
-                    toastService.showError(
-                        "Password has been changed. Trilium will be reloaded after you press OK."
-                    );
-
-                    // password changed so current protected session is invalid and needs to be cleared
-                    protectedSessionHolder.resetProtectedSession();
-                } else {
-                    toastService.showError(result.message);
-                }
-            });
-
-        return false;
-    }
+      });
+
+    return false;
+  }
+
+  displayRecoveryKeys() {
+    server.get("totp_recovery/enabled").then((result) => {
+      console.log(result);
+      if (!result.success) {
+        this.keyFiller(Array(8).fill("Error generating recovery keys!"));
+        return;
+      }
+
+      if (!result.keysExist) {
+        this.keyFiller(Array(8).fill("No key set"));
+        this.$generateRecoveryCodeButton.text("Generate Recovery Codes");
+        return;
+      }
+
+      this.keyFiller(Array(8).fill("Key set. Cannot view."));
+      return;
+    });
+  }
 }
diff --git a/src/routes/api/recovery_codes.ts b/src/routes/api/recovery_codes.ts
index fdb7a14e4a..f480e69415 100644
--- a/src/routes/api/recovery_codes.ts
+++ b/src/routes/api/recovery_codes.ts
@@ -2,44 +2,47 @@ import recovery_codes = require("../../services/encryption/recovery_codes");
 import { Request } from "express";
 import { randomBytes } from "crypto";
 
+// Functionality moved straight to the generateRecoveryCodes function to save API calls
 function setRecoveryCodes(req: Request) {
-    const success = recovery_codes.setRecoveryCodes(req.body.recoveryCodes);
-    return { success: success, message: "Recovery codes set!" };
+  const success = recovery_codes.setRecoveryCodes(req.body.recoveryCodes);
+  return { success: success, message: "Recovery codes set!" };
 }
 
 function veryifyRecoveryCode(req: Request) {
-    const success = recovery_codes.verifyRecoveryCode(
-        req.body.recovery_code_guess
-    );
-
-    if (success) {
-        // Reset password?
-        return { success: "true" };
-    }
+  const success = recovery_codes.verifyRecoveryCode(
+    req.body.recovery_code_guess
+  );
+
+  if (success) {
+    // Reset password?
+    return { success: "true" };
+  }
 }
 
 function checkForRecoveryKeys() {
-    return { success: true, keysExist: false };
+  return { success: true, keysExist: false };
 }
 
 function generateRecoveryCodes() {
-    const recoveryCodes = [
-        randomBytes(16).toString("base64"),
-        randomBytes(16).toString("base64"),
-        randomBytes(16).toString("base64"),
-        randomBytes(16).toString("base64"),
-        randomBytes(16).toString("base64"),
-        randomBytes(16).toString("base64"),
-        randomBytes(16).toString("base64"),
-        randomBytes(16).toString("base64"),
-    ];
-
-    return { success: true, recoveryCodes: JSON.stringify(recoveryCodes) };
+  const recoveryCodes = {
+    code0: randomBytes(16).toString("base64"),
+    code1: randomBytes(16).toString("base64"),
+    code2: randomBytes(16).toString("base64"),
+    code3: randomBytes(16).toString("base64"),
+    code4: randomBytes(16).toString("base64"),
+    code5: randomBytes(16).toString("base64"),
+    code6: randomBytes(16).toString("base64"),
+    code7: randomBytes(16).toString("base64"),
+  };
+
+  recovery_codes.setRecoveryCodes(JSON.stringify(recoveryCodes));
+
+  return { success: true, recoveryCodes: JSON.stringify(recoveryCodes) };
 }
 
 export = {
-    setRecoveryCodes,
-    generateRecoveryCodes,
-    veryifyRecoveryCode,
-    checkForRecoveryKeys,
+  setRecoveryCodes,
+  generateRecoveryCodes,
+  veryifyRecoveryCode,
+  checkForRecoveryKeys,
 };
diff --git a/src/routes/login.ts b/src/routes/login.ts
index 5e7817ced5..edf967b4de 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -11,137 +11,137 @@ import ValidationError = require("../errors/validation_error");
 import totp_secret = require("../services/totp_secret");
 import { Request, Response } from "express";
 import { AppRequest } from "./route-interface";
+import recoveryCodeService = require("../services/encryption/recovery_codes");
 
 const speakeasy = require("speakeasy");
 
 function loginPage(req: Request, res: Response) {
-    res.render("login", {
-        failedAuth: false,
-        // totpEnabled: optionService.getOption("hasOTPEnabled"),
-        totpEnabled:
-            optionService.getOption("totpEnabled") &&
-            totp_secret.checkForTotSecret(),
-        assetPath: assetPath,
-        appPath: appPath,
-    });
+  res.render("login", {
+    failedAuth: false,
+    totpEnabled:
+      optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret(),
+    assetPath: assetPath,
+    appPath: appPath,
+  });
 }
 
 function setPasswordPage(req: Request, res: Response) {
-    res.render("set_password", {
-        error: false,
-        assetPath: assetPath,
-        appPath: appPath,
-    });
+  res.render("set_password", {
+    error: false,
+    assetPath: assetPath,
+    appPath: appPath,
+  });
 }
 
 function setPassword(req: Request, res: Response) {
-    if (passwordService.isPasswordSet()) {
-        throw new ValidationError("Password has been already set");
-    }
+  if (passwordService.isPasswordSet()) {
+    throw new ValidationError("Password has been already set");
+  }
 
-    let { password1, password2 } = req.body;
-    password1 = password1.trim();
-    password2 = password2.trim();
+  let { password1, password2 } = req.body;
+  password1 = password1.trim();
+  password2 = password2.trim();
 
-    let error;
+  let error;
 
-    if (password1 !== password2) {
-        error = "Entered passwords don't match.";
-    } else if (password1.length < 4) {
-        error = "Password must be at least 4 characters long.";
-    }
+  if (password1 !== password2) {
+    error = "Entered passwords don't match.";
+  } else if (password1.length < 4) {
+    error = "Password must be at least 4 characters long.";
+  }
 
-    if (error) {
-        res.render("set_password", {
-            error,
-            assetPath: assetPath,
-        });
-        return;
-    }
+  if (error) {
+    res.render("set_password", {
+      error,
+      assetPath: assetPath,
+    });
+    return;
+  }
 
-    passwordService.setPassword(password1);
+  passwordService.setPassword(password1);
 
-    res.redirect("login");
+  res.redirect("login");
 }
 
 function login(req: AppRequest, res: Response) {
-    const guessedPassword = req.body.password;
-    const guessedTotp = req.body.token;
+  const guessedPassword = req.body.password;
+  const guessedTotp = req.body.token;
+
+  if (!verifyPassword(guessedPassword)) {
+    sendLoginError(req, res);
+    return;
+  }
+
+  if (optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret())
+    if (!verifyTOTP(guessedTotp)) {
+      sendLoginError(req, res);
+      return;
+    }
+
+  const rememberMe = req.body.rememberMe;
 
-    if (!verifyPassword(guessedPassword)) {
-        sendLoginError(req, res);
-        return;
+  req.session.regenerate(() => {
+    if (rememberMe) {
+      req.session.cookie.maxAge = 21 * 24 * 3600000; // 3 weeks
+    } else {
+      req.session.cookie.expires = null;
     }
 
-    if (
-        optionService.getOption("totpEnabled") &&
-        totp_secret.checkForTotSecret()
-    )
-        if (!verifyTOTP(guessedTotp)) {
-            sendLoginError(req, res);
-            return;
-        }
-
-    const rememberMe = req.body.rememberMe;
-
-    req.session.regenerate(() => {
-        if (rememberMe) {
-            req.session.cookie.maxAge = 21 * 24 * 3600000; // 3 weeks
-        } else {
-            req.session.cookie.expires = null;
-        }
-
-        req.session.loggedIn = true;
-        res.redirect(".");
-    });
+    req.session.loggedIn = true;
+    res.redirect(".");
+  });
 }
 
 function sendLoginError(req: AppRequest, res: Response) {
-    // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
-    log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
-
-    res.status(401).render("login", {
-        failedAuth: true,
-        totpEnabled:
-            optionService.getOption("totpEnabled") &&
-            totp_secret.checkForTotSecret(),
-        assetPath: assetPath,
-    });
+  // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
+  log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
+
+  res.status(401).render("login", {
+    failedAuth: true,
+    totpEnabled:
+      optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret(),
+    assetPath: assetPath,
+  });
 }
 
 function verifyTOTP(guessedToken: string) {
-    const tokenValidates = speakeasy.totp.verify({
-        secret: totp_secret.getTotpSecret(),
-        encoding: "base32",
-        token: guessedToken,
-        window: 1,
-    });
+  const tokenValidates = speakeasy.totp.verify({
+    secret: totp_secret.getTotpSecret(),
+    encoding: "base32",
+    token: guessedToken,
+    window: 1,
+  });
 
-    return tokenValidates;
+  if (tokenValidates) return true;
+
+  const recoveryCodeValidates =
+    recoveryCodeService.verifyRecoveryCode(guessedToken);
+
+  return recoveryCodeValidates;
 }
 
 function verifyPassword(guessedPassword: string) {
-    const hashed_password = utils.fromBase64(
-        optionService.getOption("passwordVerificationHash")
-    );
+  const hashed_password = utils.fromBase64(
+    optionService.getOption("passwordVerificationHash")
+  );
 
-    const guess_hashed = myScryptService.getVerificationHash(guessedPassword);
+  const guess_hashed = myScryptService.getVerificationHash(guessedPassword);
 
-    return guess_hashed.equals(hashed_password);
+  return guess_hashed.equals(hashed_password);
 }
 
 function logout(req: AppRequest, res: Response) {
-    req.session.regenerate(() => {
-        req.session.loggedIn = false;
+  req.session.regenerate(() => {
+    req.session.loggedIn = false;
 
-        res.redirect("login");
-    });
+    res.redirect("login");
+  });
 }
 
 export = {
-    loginPage,
-    setPasswordPage,
-    setPassword,
-    login,
-    logout,
+  loginPage,
+  setPasswordPage,
+  setPassword,
+  login,
+  logout,
 };
diff --git a/src/services/encryption/recovery_codes.ts b/src/services/encryption/recovery_codes.ts
index c5b269b21a..53997e64a1 100644
--- a/src/services/encryption/recovery_codes.ts
+++ b/src/services/encryption/recovery_codes.ts
@@ -5,90 +5,84 @@ import optionService = require("../options");
 import crypto = require("crypto");
 
 function isRecoveryCodeSet() {
-    return optionService.getOptionBool("encryptedRecoveryCodes");
+  return optionService.getOptionBool("encryptedRecoveryCodes");
 }
 
 function setRecoveryCodes(recoveryCodes: string) {
-    const iv = crypto.randomBytes(16);
-    const securityKey = crypto.randomBytes(32);
-    const cipher = crypto.createCipheriv("aes-256-cbc", securityKey, iv);
-    let encryptedRecoveryCodes = cipher.update(recoveryCodes, "utf-8", "hex");
+  const iv = crypto.randomBytes(16);
+  const securityKey = crypto.randomBytes(32);
+  const cipher = crypto.createCipheriv("aes-256-cbc", securityKey, iv);
+  let encryptedRecoveryCodes = cipher.update(recoveryCodes, "utf-8", "hex");
 
-    sql.transactional(() => {
-        optionService.createOption(
-            "recoveryCodeInitialVector",
-            iv.toString("hex"),
-            true
-        );
-        optionService.createOption(
-            "recoveryCodeSecurityKey",
-            securityKey.toString("hex"),
-            true
-        );
-        optionService.createOption(
-            "recoveryCodesEncrypted",
-            encryptedRecoveryCodes + cipher.final("hex"),
-            true
-        );
-        optionService.createOption("encryptedRecoveryCodes", "true", true);
-        return true;
-    });
-    return false;
+  sql.transactional(() => {
+    optionService.createOption(
+      "recoveryCodeInitialVector",
+      iv.toString("hex"),
+      true
+    );
+    optionService.createOption(
+      "recoveryCodeSecurityKey",
+      securityKey.toString("hex"),
+      true
+    );
+    optionService.createOption(
+      "recoveryCodesEncrypted",
+      encryptedRecoveryCodes + cipher.final("hex"),
+      true
+    );
+    optionService.createOption("encryptedRecoveryCodes", "true", true);
+    return true;
+  });
+  return false;
 }
 
 function verifyRecoveryCode(recoveryCodeGuess: string) {
-    if (!isRecoveryCodeSet()) {
-        throw new Error(
-            "Recovery codes have not been set yet, so it cannot be changed. Use 'setRecoveryCodes' instead."
-        );
-    }
+  if (!isRecoveryCodeSet()) {
+    throw new Error(
+      "Recovery codes have not been set yet, so it cannot be changed. Use 'setRecoveryCodes' instead."
+    );
+  }
 
-    sql.transactional(() => {
-        const iv = Buffer.from(
-            optionService.getOption("recoveryCodeInitialVector"),
-            "hex"
-        );
-        const securityKey = Buffer.from(
-            optionService.getOption("recoveryCodeSecurityKey"),
-            "hex"
-        );
-        const encryptedRecoveryCodes = optionService.getOption(
-            "recoveryCodesEncrypted"
-        );
+  const recoveryCodeVerification = sql.transactional(() => {
+    const iv = Buffer.from(
+      optionService.getOption("recoveryCodeInitialVector"),
+      "hex"
+    );
+    const securityKey = Buffer.from(
+      optionService.getOption("recoveryCodeSecurityKey"),
+      "hex"
+    );
+    const encryptedRecoveryCodes = optionService.getOption(
+      "recoveryCodesEncrypted"
+    );
 
-        const decipher = crypto.createDecipheriv(
-            "aes-256-cbc",
-            securityKey,
-            iv
-        );
-        const decryptedData = decipher.update(
-            encryptedRecoveryCodes,
-            "hex",
-            "utf-8"
-        );
-        const finalOutput = JSON.parse(decryptedData + decipher.final("utf-8"));
+    const decipher = crypto.createDecipheriv("aes-256-cbc", securityKey, iv);
+    const decryptedData = decipher.update(
+      encryptedRecoveryCodes,
+      "hex",
+      "utf-8"
+    );
 
-        console.log(
-            "Verifying [" +
-                recoveryCodeGuess +
-                "] {" +
-                typeof recoveryCodeGuess +
-                "}"
-        );
-        console.log("against " + JSON.stringify(finalOutput));
+    const decryptedString = decryptedData + decipher.final("utf-8");
+    const editedString = decryptedString.replaceAll("\\", "");
+    const finalString = editedString.substring(1, editedString.length - 1);
+    const finalParse = JSON.parse(finalString);
+
+    for (const recoveryCode in finalParse) {
+      if (finalParse[recoveryCode] === recoveryCodeGuess) {
+        updateRecoveryCodes(finalParse[recoveryCode]);
+        return true;
+      }
+    }
 
-        for (var a in finalOutput) {
-            console.log(finalOutput[a] + ": " + typeof finalOutput[a]);
-            if (recoveryCodeGuess === finalOutput[a]) {
-                return true;
-            }
-        }
-    });
     return false;
+  });
+
+  return recoveryCodeVerification;
 }
 
-function updateRecoveryCodes() {
-    // TODO: Remove used recovery code and reset
+function updateRecoveryCodes(codeToRemove: string) {
+  // TODO: Remove used recovery code and reset
 }
 
 export = { setRecoveryCodes, verifyRecoveryCode };
diff --git a/src/views/login.ejs b/src/views/login.ejs
index 4510fef076..adcdfbcf6e 100644
--- a/src/views/login.ejs
+++ b/src/views/login.ejs
@@ -50,8 +50,7 @@
                     name="token"
                     placeholder=""
                     class="form-control"
-                    type="number"
-                    maxlength="6"
+                    type="text"
                     required
                 />
             </div>

From 187958891ff47c7a30217e1c2783817c17f34d74 Mon Sep 17 00:00:00 2001
From: Brandon <brandon@mauldin314.com>
Date: Sun, 12 May 2024 12:12:42 -0700
Subject: [PATCH 14/63] Recovery Code Functionality complete

---
 .../options/multi_factor_authentication.js    |   44 +-
 src/routes/api/recovery_codes.ts              |   48 +-
 src/routes/routes.ts                          | 1655 ++++++-----------
 src/services/encryption/recovery_codes.ts     |   97 +-
 4 files changed, 628 insertions(+), 1216 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 1731ad15b3..4929d37ed4 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -45,9 +45,9 @@ const TPL = `
         <button class="regenerate-totp" disabled="true"> Regenerate TOTP Secret </button>
     </div>
     <br>
-    <h4> Recovery Keys </h4>
+    <h4> Single Sign-on Recovery Keys </h4>
         <div>
-        <span >Recovery keys are used to login in the event you cannot access your Authenticator codes. Keep them somewhere safe and secure. </span>
+        <span >Single sign-on recovery keys are used to login in the event you cannot access your Authenticator codes. Keep them somewhere safe and secure. </span>
         <br><br>
         <span class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">After a recovery key is used it cannot be used again.</span>
         <br><br>
@@ -91,13 +91,10 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     this.$totpSecretInput = this.$widget.find(".totp-secret-input");
     this.$saveTotpButton = this.$widget.find(".save-totp");
     this.$password = this.$widget.find(".password");
-    this.$generateRecoveryCodeButton = this.$widget.find(
-      ".generate-recovery-code"
-    );
+    this.$generateRecoveryCodeButton = this.$widget.find(".generate-recovery-code");
     this.$recoveryKeys = [];
 
-    for (let i = 0; i < 8; i++)
-      this.$recoveryKeys.push(this.$widget.find(".key_" + i));
+    for (let i = 0; i < 8; i++) this.$recoveryKeys.push(this.$widget.find(".key_" + i));
 
     this.$mfaHeadding.text("Time-Based One Time Password (TOTP)");
 
@@ -117,14 +114,9 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
       this.saveTotpSecret();
     });
 
-    this.$protectedSessionTimeout = this.$widget.find(
-      ".protected-session-timeout-in-seconds"
-    );
+    this.$protectedSessionTimeout = this.$widget.find(".protected-session-timeout-in-seconds");
     this.$protectedSessionTimeout.on("change", () =>
-      this.updateOption(
-        "protectedSessionTimeout",
-        this.$protectedSessionTimeout.val()
-      )
+      this.updateOption("protectedSessionTimeout", this.$protectedSessionTimeout.val())
     );
 
     this.displayRecoveryKeys();
@@ -141,18 +133,18 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
         toastService.showError("Error in revevery code generation!");
         return;
       }
-
-      this.keyFiller(JSON.parse(result.recoveryCodes));
-      // Continue here
+      this.keyFiller(result.recoveryCodes);
       server.post("totp_recovery/set", {
-        recoveryCodes: JSON.stringify(result.recoveryCodes),
+        recoveryCodes: result.recoveryCodes,
       });
     });
   }
 
   async keyFiller(values) {
-    console.log(values);
-    for (let i = 0; i < 8; i++) this.$recoveryKeys[i].text(values[i]);
+    // Forces values to be a string so it doesn't error out when I split.
+    // Will be a non-issue when I update everything to typescript.
+    const keys = (values + "").split(",");
+    for (let i = 0; i < keys.length; i++) this.$recoveryKeys[i].text(keys[i]);
   }
 
   async generateKey() {
@@ -203,9 +195,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
       })
       .then((result) => {
         if (result.success) {
-          toastService.showError(
-            "Password has been changed. Trilium will be reloaded after you press OK."
-          );
+          toastService.showError("Password has been changed. Trilium will be reloaded after you press OK.");
 
           // password changed so current protected session is invalid and needs to be cleared
           protectedSessionHolder.resetProtectedSession();
@@ -219,7 +209,6 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
 
   displayRecoveryKeys() {
     server.get("totp_recovery/enabled").then((result) => {
-      console.log(result);
       if (!result.success) {
         this.keyFiller(Array(8).fill("Error generating recovery keys!"));
         return;
@@ -230,9 +219,10 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
         this.$generateRecoveryCodeButton.text("Generate Recovery Codes");
         return;
       }
-
-      this.keyFiller(Array(8).fill("Key set. Cannot view."));
-      return;
+    });
+    server.get("totp_recovery/used").then((result) => {
+      this.keyFiller((result.usedRecoveryCodes + "").split(","));
+      this.$generateRecoveryCodeButton.text("Regenerate Recovery Codes");
     });
   }
 }
diff --git a/src/routes/api/recovery_codes.ts b/src/routes/api/recovery_codes.ts
index f480e69415..bb4e9002fc 100644
--- a/src/routes/api/recovery_codes.ts
+++ b/src/routes/api/recovery_codes.ts
@@ -2,42 +2,43 @@ import recovery_codes = require("../../services/encryption/recovery_codes");
 import { Request } from "express";
 import { randomBytes } from "crypto";
 
-// Functionality moved straight to the generateRecoveryCodes function to save API calls
 function setRecoveryCodes(req: Request) {
   const success = recovery_codes.setRecoveryCodes(req.body.recoveryCodes);
   return { success: success, message: "Recovery codes set!" };
 }
 
 function veryifyRecoveryCode(req: Request) {
-  const success = recovery_codes.verifyRecoveryCode(
-    req.body.recovery_code_guess
-  );
-
-  if (success) {
-    // Reset password?
-    return { success: "true" };
-  }
+  const success = recovery_codes.verifyRecoveryCode(req.body.recovery_code_guess);
+
+  return { success: success };
 }
 
 function checkForRecoveryKeys() {
-  return { success: true, keysExist: false };
+  return { success: true, keysExist: recovery_codes.isRecoveryCodeSet() };
 }
 
 function generateRecoveryCodes() {
-  const recoveryCodes = {
-    code0: randomBytes(16).toString("base64"),
-    code1: randomBytes(16).toString("base64"),
-    code2: randomBytes(16).toString("base64"),
-    code3: randomBytes(16).toString("base64"),
-    code4: randomBytes(16).toString("base64"),
-    code5: randomBytes(16).toString("base64"),
-    code6: randomBytes(16).toString("base64"),
-    code7: randomBytes(16).toString("base64"),
-  };
-
-  recovery_codes.setRecoveryCodes(JSON.stringify(recoveryCodes));
+  const recoveryKeys = [
+    randomBytes(16).toString("base64"),
+    randomBytes(16).toString("base64"),
+    randomBytes(16).toString("base64"),
+    randomBytes(16).toString("base64"),
+    randomBytes(16).toString("base64"),
+    randomBytes(16).toString("base64"),
+    randomBytes(16).toString("base64"),
+    randomBytes(16).toString("base64"),
+  ];
+
+  recovery_codes.setRecoveryCodes(recoveryKeys.toString());
+
+  return { success: true, recoveryCodes: recoveryKeys.toString() };
+}
 
-  return { success: true, recoveryCodes: JSON.stringify(recoveryCodes) };
+function getUsedRecoveryCodes() {
+  return {
+    success: true,
+    usedRecoveryCodes: recovery_codes.getUsedRecoveryCodes().toString(),
+  };
 }
 
 export = {
@@ -45,4 +46,5 @@ export = {
   generateRecoveryCodes,
   veryifyRecoveryCode,
   checkForRecoveryKeys,
+  getUsedRecoveryCodes,
 };
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 7cda890b57..a76f3a8a8e 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -75,1175 +75,602 @@ import etapiBackupRoute = require("../etapi/backup");
 import { AppRequest, AppRequestHandler } from "./route-interface";
 
 const csrfMiddleware = csurf({
-    cookie: {
-        path: "", // empty, so cookie is valid only for the current path
-    },
+  cookie: {
+    path: "", // empty, so cookie is valid only for the current path
+  },
 });
 
 const MAX_ALLOWED_FILE_SIZE_MB = 250;
 const GET = "get",
-    PST = "post",
-    PUT = "put",
-    PATCH = "patch",
-    DEL = "delete";
+  PST = "post",
+  PUT = "put",
+  PATCH = "patch",
+  DEL = "delete";
 
-type ApiResultHandler = (
-    req: express.Request,
-    res: express.Response,
-    result: unknown
-) => number;
+type ApiResultHandler = (req: express.Request, res: express.Response, result: unknown) => number;
 
 // TODO: Deduplicate with etapi_utils.ts afterwards.
-type HttpMethod =
-    | "all"
-    | "get"
-    | "post"
-    | "put"
-    | "delete"
-    | "patch"
-    | "options"
-    | "head";
+type HttpMethod = "all" | "get" | "post" | "put" | "delete" | "patch" | "options" | "head";
 
 const uploadMiddleware = createUploadMiddleware();
 
 const uploadMiddlewareWithErrorHandling = function (
-    req: express.Request,
-    res: express.Response,
-    next: express.NextFunction
+  req: express.Request,
+  res: express.Response,
+  next: express.NextFunction
 ) {
-    uploadMiddleware(req, res, function (err) {
-        if (err?.code === "LIMIT_FILE_SIZE") {
-            res.setHeader("Content-Type", "text/plain")
-                .status(400)
-                .send(
-                    `Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`
-                );
-        } else {
-            next();
-        }
-    });
+  uploadMiddleware(req, res, function (err) {
+    if (err?.code === "LIMIT_FILE_SIZE") {
+      res
+        .setHeader("Content-Type", "text/plain")
+        .status(400)
+        .send(`Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`);
+    } else {
+      next();
+    }
+  });
 };
 
 function register(app: express.Application) {
-    route(GET, "/", [auth.checkAuth, csrfMiddleware], indexRoute.index);
-    route(
-        GET,
-        "/login",
-        [auth.checkAppInitialized, auth.checkPasswordSet],
-        loginRoute.loginPage
-    );
-    route(
-        GET,
-        "/set-password",
-        [auth.checkAppInitialized, auth.checkPasswordNotSet],
-        loginRoute.setPasswordPage
-    );
-
-    const loginRateLimiter = rateLimit.rateLimit({
-        windowMs: 15 * 60 * 1000, // 15 minutes
-        max: 10, // limit each IP to 10 requests per windowMs
-        skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
-    });
-
-    route(PST, "/login", [loginRateLimiter], loginRoute.login);
-    route(PST, "/logout", [csrfMiddleware, auth.checkAuth], loginRoute.logout);
-    route(
-        PST,
-        "/set-password",
-        [auth.checkAppInitialized, auth.checkPasswordNotSet],
-        loginRoute.setPassword
-    );
-    route(GET, "/setup", [], setupRoute.setupPage);
-
-    apiRoute(GET, "/api/totp/generate", totp.generateSecret);
-    apiRoute(GET, "/api/totp/enabled", totp.checkForTOTP);
-    apiRoute(PST, "/api/totp/enable", totp.enableTOTP);
-    apiRoute(PST, "/api/totp/disable", totp.disableTOTP);
-    apiRoute(PST, "/api/totp/set", totp.setTotpSecret);
-    apiRoute(GET, "/api/totp/get", totp.getSecret);
-
-    apiRoute(PST, "/api/totp_recovery/set", recoveryCodes.setRecoveryCodes);
-    apiRoute(
-        PST,
-        "/api/totp_recovery/verify",
-        recoveryCodes.veryifyRecoveryCode
-    );
-    apiRoute(
-        GET,
-        "/api/totp_recovery/generate",
-        recoveryCodes.generateRecoveryCodes
-    );
-    apiRoute(
-        GET,
-        "/api/totp_recovery/enabled",
-        recoveryCodes.checkForRecoveryKeys
-    );
-
-    apiRoute(GET, "/api/tree", treeApiRoute.getTree);
-    apiRoute(PST, "/api/tree/load", treeApiRoute.load);
-
-    apiRoute(GET, "/api/notes/:noteId", notesApiRoute.getNote);
-    apiRoute(GET, "/api/notes/:noteId/blob", notesApiRoute.getNoteBlob);
-    apiRoute(GET, "/api/notes/:noteId/metadata", notesApiRoute.getNoteMetadata);
-    apiRoute(PUT, "/api/notes/:noteId/data", notesApiRoute.updateNoteData);
-    apiRoute(DEL, "/api/notes/:noteId", notesApiRoute.deleteNote);
-    apiRoute(PUT, "/api/notes/:noteId/undelete", notesApiRoute.undeleteNote);
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/revision",
-        notesApiRoute.forceSaveRevision
-    );
-    apiRoute(
-        PST,
-        "/api/notes/:parentNoteId/children",
-        notesApiRoute.createNote
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/sort-children",
-        notesApiRoute.sortChildNotes
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/protect/:isProtected",
-        notesApiRoute.protectNote
-    );
-    apiRoute(PUT, "/api/notes/:noteId/type", notesApiRoute.setNoteTypeMime);
-    apiRoute(PUT, "/api/notes/:noteId/title", notesApiRoute.changeTitle);
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/duplicPOSTate/:parentNoteId",
-        notesApiRoute.duplicateSubtree
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/clone-to-branch/:parentBranchId",
-        cloningApiRoute.cloneNoteToBranch
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present",
-        cloningApiRoute.toggleNoteInParent
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/clone-to-note/:parentNoteId",
-        cloningApiRoute.cloneNoteToParentNote
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/clone-after/:afterBranchId",
-        cloningApiRoute.cloneNoteAfter
-    );
-    route(
-        PUT,
-        "/api/notes/:noteId/file",
-        [
-            auth.checkApiAuthOrElectron,
-            uploadMiddlewareWithErrorHandling,
-            csrfMiddleware,
-        ],
-        filesRoute.updateFile,
-        apiResultHandler
-    );
-    route(
-        GET,
-        "/api/notes/:noteId/open",
-        [auth.checkApiAuthOrElectron],
-        filesRoute.openFile
-    );
-    route(
-        GET,
-        "/api/notes/:noteId/open-partial",
-        [auth.checkApiAuthOrElectron],
-        createPartialContentHandler(filesRoute.fileContentProvider, {
-            debug: (string, extra) => {
-                console.log(string, extra);
-            },
-        })
-    );
-    route(
-        GET,
-        "/api/notes/:noteId/download",
-        [auth.checkApiAuthOrElectron],
-        filesRoute.downloadFile
-    );
-    // this "hacky" path is used for easier referencing of CSS resources
-    route(
-        GET,
-        "/api/notes/download/:noteId",
-        [auth.checkApiAuthOrElectron],
-        filesRoute.downloadFile
-    );
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/save-to-tmp-dir",
-        filesRoute.saveNoteToTmpDir
-    );
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/upload-modified-file",
-        filesRoute.uploadModifiedFileToNote
-    );
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/convert-to-attachment",
-        notesApiRoute.convertNoteToAttachment
-    );
-
-    apiRoute(
-        PUT,
-        "/api/branches/:branchId/move-to/:parentBranchId",
-        branchesApiRoute.moveBranchToParent
-    );
-    apiRoute(
-        PUT,
-        "/api/branches/:branchId/move-before/:beforeBranchId",
-        branchesApiRoute.moveBranchBeforeNote
-    );
-    apiRoute(
-        PUT,
-        "/api/branches/:branchId/move-after/:afterBranchId",
-        branchesApiRoute.moveBranchAfterNote
-    );
-    apiRoute(
-        PUT,
-        "/api/branches/:branchId/expanded/:expanded",
-        branchesApiRoute.setExpanded
-    );
-    apiRoute(
-        PUT,
-        "/api/branches/:branchId/expanded-subtree/:expanded",
-        branchesApiRoute.setExpandedForSubtree
-    );
-    apiRoute(DEL, "/api/branches/:branchId", branchesApiRoute.deleteBranch);
-    apiRoute(
-        PUT,
-        "/api/branches/:branchId/set-prefix",
-        branchesApiRoute.setPrefix
-    );
-
-    apiRoute(
-        GET,
-        "/api/notes/:noteId/attachments",
-        attachmentsApiRoute.getAttachments
-    );
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/attachments",
-        attachmentsApiRoute.saveAttachment
-    );
-    route(
-        PST,
-        "/api/notes/:noteId/attachments/upload",
-        [
-            auth.checkApiAuthOrElectron,
-            uploadMiddlewareWithErrorHandling,
-            csrfMiddleware,
-        ],
-        attachmentsApiRoute.uploadAttachment,
-        apiResultHandler
-    );
-    apiRoute(
-        GET,
-        "/api/attachments/:attachmentId",
-        attachmentsApiRoute.getAttachment
-    );
-    apiRoute(
-        GET,
-        "/api/attachments/:attachmentId/all",
-        attachmentsApiRoute.getAllAttachments
-    );
-    apiRoute(
-        PST,
-        "/api/attachments/:attachmentId/convert-to-note",
-        attachmentsApiRoute.convertAttachmentToNote
-    );
-    apiRoute(
-        DEL,
-        "/api/attachments/:attachmentId",
-        attachmentsApiRoute.deleteAttachment
-    );
-    apiRoute(
-        PUT,
-        "/api/attachments/:attachmentId/rename",
-        attachmentsApiRoute.renameAttachment
-    );
-    apiRoute(
-        GET,
-        "/api/attachments/:attachmentId/blob",
-        attachmentsApiRoute.getAttachmentBlob
-    );
-    route(
-        GET,
-        "/api/attachments/:attachmentId/image/:filename",
-        [auth.checkApiAuthOrElectron],
-        imageRoute.returnAttachedImage
-    );
-    route(
-        GET,
-        "/api/attachments/:attachmentId/open",
-        [auth.checkApiAuthOrElectron],
-        filesRoute.openAttachment
-    );
-    route(
-        GET,
-        "/api/attachments/:attachmentId/open-partial",
-        [auth.checkApiAuthOrElectron],
-        createPartialContentHandler(filesRoute.attachmentContentProvider, {
-            debug: (string, extra) => {
-                console.log(string, extra);
-            },
-        })
-    );
-    route(
-        GET,
-        "/api/attachments/:attachmentId/download",
-        [auth.checkApiAuthOrElectron],
-        filesRoute.downloadAttachment
-    );
-    // this "hacky" path is used for easier referencing of CSS resources
-    route(
-        GET,
-        "/api/attachments/download/:attachmentId",
-        [auth.checkApiAuthOrElectron],
-        filesRoute.downloadAttachment
-    );
-    apiRoute(
-        PST,
-        "/api/attachments/:attachmentId/save-to-tmp-dir",
-        filesRoute.saveAttachmentToTmpDir
-    );
-    apiRoute(
-        PST,
-        "/api/attachments/:attachmentId/upload-modified-file",
-        filesRoute.uploadModifiedFileToAttachment
-    );
-    route(
-        PUT,
-        "/api/attachments/:attachmentId/file",
-        [
-            auth.checkApiAuthOrElectron,
-            uploadMiddlewareWithErrorHandling,
-            csrfMiddleware,
-        ],
-        filesRoute.updateAttachment,
-        apiResultHandler
-    );
-
-    apiRoute(
-        GET,
-        "/api/notes/:noteId/revisions",
-        revisionsApiRoute.getRevisions
-    );
-    apiRoute(
-        DEL,
-        "/api/notes/:noteId/revisions",
-        revisionsApiRoute.eraseAllRevisions
-    );
-    apiRoute(GET, "/api/revisions/:revisionId", revisionsApiRoute.getRevision);
-    apiRoute(
-        GET,
-        "/api/revisions/:revisionId/blob",
-        revisionsApiRoute.getRevisionBlob
-    );
-    apiRoute(
-        DEL,
-        "/api/revisions/:revisionId",
-        revisionsApiRoute.eraseRevision
-    );
-    apiRoute(
-        PST,
-        "/api/revisions/:revisionId/restore",
-        revisionsApiRoute.restoreRevision
-    );
-    route(
-        GET,
-        "/api/revisions/:revisionId/image/:filename",
-        [auth.checkApiAuthOrElectron],
-        imageRoute.returnImageFromRevision
-    );
-
-    route(
-        GET,
-        "/api/revisions/:revisionId/download",
-        [auth.checkApiAuthOrElectron],
-        revisionsApiRoute.downloadRevision
-    );
-
-    route(
-        GET,
-        "/api/branches/:branchId/export/:type/:format/:version/:taskId",
-        [auth.checkApiAuthOrElectron],
-        exportRoute.exportBranch
-    );
-    route(
-        PST,
-        "/api/notes/:parentNoteId/notes-import",
-        [
-            auth.checkApiAuthOrElectron,
-            uploadMiddlewareWithErrorHandling,
-            csrfMiddleware,
-        ],
-        importRoute.importNotesToBranch,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/notes/:parentNoteId/attachments-import",
-        [
-            auth.checkApiAuthOrElectron,
-            uploadMiddlewareWithErrorHandling,
-            csrfMiddleware,
-        ],
-        importRoute.importAttachmentsToNote,
-        apiResultHandler
-    );
-
-    apiRoute(
-        GET,
-        "/api/notes/:noteId/attributes",
-        attributesRoute.getEffectiveNoteAttributes
-    );
-    apiRoute(
-        PST,
-        "/api/notes/:noteId/attributes",
-        attributesRoute.addNoteAttribute
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/attributes",
-        attributesRoute.updateNoteAttributes
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/attribute",
-        attributesRoute.updateNoteAttribute
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/set-attribute",
-        attributesRoute.setNoteAttribute
-    );
-    apiRoute(
-        PUT,
-        "/api/notes/:noteId/relations/:name/to/:targetNoteId",
-        attributesRoute.createRelation
-    );
-    apiRoute(
-        DEL,
-        "/api/notes/:noteId/relations/:name/to/:targetNoteId",
-        attributesRoute.deleteRelation
-    );
-    apiRoute(
-        DEL,
-        "/api/notes/:noteId/attributes/:attributeId",
-        attributesRoute.deleteNoteAttribute
-    );
-    apiRoute(GET, "/api/attribute-names", attributesRoute.getAttributeNames);
-    apiRoute(
-        GET,
-        "/api/attribute-values/:attributeName",
-        attributesRoute.getValuesForAttribute
-    );
-
-    // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
-    route(
-        GET,
-        "/api/images/:noteId/:filename",
-        [auth.checkApiAuthOrElectron],
-        imageRoute.returnImageFromNote
-    );
-    route(
-        PUT,
-        "/api/images/:noteId",
-        [
-            auth.checkApiAuthOrElectron,
-            uploadMiddlewareWithErrorHandling,
-            csrfMiddleware,
-        ],
-        imageRoute.updateImage,
-        apiResultHandler
-    );
-
-    apiRoute(GET, "/api/options", optionsApiRoute.getOptions);
-    // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
-    apiRoute(PUT, "/api/options/:name/:value*", optionsApiRoute.updateOption);
-    apiRoute(PUT, "/api/options", optionsApiRoute.updateOptions);
-    apiRoute(GET, "/api/options/user-themes", optionsApiRoute.getUserThemes);
-
-    apiRoute(PST, "/api/password/change", passwordApiRoute.changePassword);
-    apiRoute(PST, "/api/password/reset", passwordApiRoute.resetPassword);
-
-    apiRoute(PST, "/api/sync/test", syncApiRoute.testSync);
-    apiRoute(PST, "/api/sync/now", syncApiRoute.syncNow);
-    apiRoute(
-        PST,
-        "/api/sync/fill-entity-changes",
-        syncApiRoute.fillEntityChanges
-    );
-    apiRoute(PST, "/api/sync/force-full-sync", syncApiRoute.forceFullSync);
-    route(
-        GET,
-        "/api/sync/check",
-        [auth.checkApiAuth],
-        syncApiRoute.checkSync,
-        apiResultHandler
-    );
-    route(
-        GET,
-        "/api/sync/changed",
-        [auth.checkApiAuth],
-        syncApiRoute.getChanged,
-        apiResultHandler
-    );
-    route(
-        PUT,
-        "/api/sync/update",
-        [auth.checkApiAuth],
-        syncApiRoute.update,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/sync/finished",
-        [auth.checkApiAuth],
-        syncApiRoute.syncFinished,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/sync/check-entity-changes",
-        [auth.checkApiAuth],
-        syncApiRoute.checkEntityChanges,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/sync/queue-sector/:entityName/:sector",
-        [auth.checkApiAuth],
-        syncApiRoute.queueSector,
-        apiResultHandler
-    );
-    route(GET, "/api/sync/stats", [], syncApiRoute.getStats, apiResultHandler);
-
-    apiRoute(PST, "/api/recent-notes", recentNotesRoute.addRecentNote);
-    apiRoute(GET, "/api/app-info", appInfoRoute.getAppInfo);
-
-    // docker health check
-    route(
-        GET,
-        "/api/health-check",
-        [],
-        () => ({ status: "ok" }),
-        apiResultHandler
-    );
-
-    // group of the services below are meant to be executed from the outside
-    route(
-        GET,
-        "/api/setup/status",
-        [],
-        setupApiRoute.getStatus,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/setup/new-document",
-        [auth.checkAppNotInitialized],
-        setupApiRoute.setupNewDocument,
-        apiResultHandler,
-        false
-    );
-    route(
-        PST,
-        "/api/setup/sync-from-server",
-        [auth.checkAppNotInitialized],
-        setupApiRoute.setupSyncFromServer,
-        apiResultHandler,
-        false
-    );
-    route(
-        GET,
-        "/api/setup/sync-seed",
-        [auth.checkCredentials],
-        setupApiRoute.getSyncSeed,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/setup/sync-seed",
-        [auth.checkAppNotInitialized],
-        setupApiRoute.saveSyncSeed,
-        apiResultHandler,
-        false
-    );
-
-    apiRoute(GET, "/api/autocomplete", autocompleteApiRoute.getAutocomplete);
-    apiRoute(GET, "/api/quick-search/:searchString", searchRoute.quickSearch);
-    apiRoute(GET, "/api/search-note/:noteId", searchRoute.searchFromNote);
-    apiRoute(
-        PST,
-        "/api/search-and-execute-note/:noteId",
-        searchRoute.searchAndExecute
-    );
-    apiRoute(PST, "/api/search-related", searchRoute.getRelatedNotes);
-    apiRoute(GET, "/api/search/:searchString", searchRoute.search);
-    apiRoute(GET, "/api/search-templates", searchRoute.searchTemplates);
-
-    apiRoute(PST, "/api/bulk-action/execute", bulkActionRoute.execute);
-    apiRoute(
-        PST,
-        "/api/bulk-action/affected-notes",
-        bulkActionRoute.getAffectedNoteCount
-    );
-
-    route(
-        PST,
-        "/api/login/sync",
-        [],
-        loginApiRoute.loginSync,
-        apiResultHandler
-    );
-    // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
-    apiRoute(
-        PST,
-        "/api/login/protected",
-        loginApiRoute.loginToProtectedSession
-    );
-    apiRoute(
-        PST,
-        "/api/login/protected/touch",
-        loginApiRoute.touchProtectedSession
-    );
-    apiRoute(
-        PST,
-        "/api/logout/protected",
-        loginApiRoute.logoutFromProtectedSession
-    );
-
-    route(
-        PST,
-        "/api/login/token",
-        [loginRateLimiter],
-        loginApiRoute.token,
-        apiResultHandler
-    );
-
-    apiRoute(GET, "/api/etapi-tokens", etapiTokensApiRoutes.getTokens);
-    apiRoute(PST, "/api/etapi-tokens", etapiTokensApiRoutes.createToken);
-    apiRoute(
-        PATCH,
-        "/api/etapi-tokens/:etapiTokenId",
-        etapiTokensApiRoutes.patchToken
-    );
-    apiRoute(
-        DEL,
-        "/api/etapi-tokens/:etapiTokenId",
-        etapiTokensApiRoutes.deleteToken
-    );
-
-    // in case of local electron, local calls are allowed unauthenticated, for server they need auth
-    const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
-
-    route(
-        GET,
-        "/api/clipper/handshake",
-        clipperMiddleware,
-        clipperRoute.handshake,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/clipper/clippings",
-        clipperMiddleware,
-        clipperRoute.addClipping,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/clipper/notes",
-        clipperMiddleware,
-        clipperRoute.createNote,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/clipper/open/:noteId",
-        clipperMiddleware,
-        clipperRoute.openNote,
-        apiResultHandler
-    );
-    route(
-        GET,
-        "/api/clipper/notes-by-url/:noteUrl",
-        clipperMiddleware,
-        clipperRoute.findNotesByUrl,
-        apiResultHandler
-    );
-
-    apiRoute(
-        GET,
-        "/api/special-notes/inbox/:date",
-        specialNotesRoute.getInboxNote
-    );
-    apiRoute(
-        GET,
-        "/api/special-notes/days/:date",
-        specialNotesRoute.getDayNote
-    );
-    apiRoute(
-        GET,
-        "/api/special-notes/weeks/:date",
-        specialNotesRoute.getWeekNote
-    );
-    apiRoute(
-        GET,
-        "/api/special-notes/months/:month",
-        specialNotesRoute.getMonthNote
-    );
-    apiRoute(
-        GET,
-        "/api/special-notes/years/:year",
-        specialNotesRoute.getYearNote
-    );
-    apiRoute(
-        GET,
-        "/api/special-notes/notes-for-month/:month",
-        specialNotesRoute.getDayNotesForMonth
-    );
-    apiRoute(
-        PST,
-        "/api/special-notes/sql-console",
-        specialNotesRoute.createSqlConsole
-    );
-    apiRoute(
-        PST,
-        "/api/special-notes/save-sql-console",
-        specialNotesRoute.saveSqlConsole
-    );
-    apiRoute(
-        PST,
-        "/api/special-notes/search-note",
-        specialNotesRoute.createSearchNote
-    );
-    apiRoute(
-        PST,
-        "/api/special-notes/save-search-note",
-        specialNotesRoute.saveSearchNote
-    );
-    apiRoute(
-        PST,
-        "/api/special-notes/launchers/:noteId/reset",
-        specialNotesRoute.resetLauncher
-    );
-    apiRoute(
-        PST,
-        "/api/special-notes/launchers/:parentNoteId/:launcherType",
-        specialNotesRoute.createLauncher
-    );
-    apiRoute(
-        PUT,
-        "/api/special-notes/api-script-launcher",
-        specialNotesRoute.createOrUpdateScriptLauncherFromApi
-    );
-
-    apiRoute(GET, "/api/sql/schema", sqlRoute.getSchema);
-    apiRoute(PST, "/api/sql/execute/:noteId", sqlRoute.execute);
-    route(
-        PST,
-        "/api/database/anonymize/:type",
-        [auth.checkApiAuthOrElectron, csrfMiddleware],
-        databaseRoute.anonymize,
-        apiResultHandler,
-        false
-    );
-    apiRoute(
-        GET,
-        "/api/database/anonymized-databases",
-        databaseRoute.getExistingAnonymizedDatabases
-    );
-
-    // backup requires execution outside of transaction
-    route(
-        PST,
-        "/api/database/backup-database",
-        [auth.checkApiAuthOrElectron, csrfMiddleware],
-        databaseRoute.backupDatabase,
-        apiResultHandler,
-        false
-    );
-    apiRoute(GET, "/api/database/backups", databaseRoute.getExistingBackups);
-
-    // VACUUM requires execution outside of transaction
-    route(
-        PST,
-        "/api/database/vacuum-database",
-        [auth.checkApiAuthOrElectron, csrfMiddleware],
-        databaseRoute.vacuumDatabase,
-        apiResultHandler,
-        false
-    );
-
-    route(
-        PST,
-        "/api/database/find-and-fix-consistency-issues",
-        [auth.checkApiAuthOrElectron, csrfMiddleware],
-        databaseRoute.findAndFixConsistencyIssues,
-        apiResultHandler,
-        false
-    );
-
-    apiRoute(
-        GET,
-        "/api/database/check-integrity",
-        databaseRoute.checkIntegrity
-    );
-
-    route(
-        PST,
-        "/api/script/exec",
-        [auth.checkApiAuth, csrfMiddleware],
-        scriptRoute.exec,
-        apiResultHandler,
-        false
-    );
-
-    apiRoute(PST, "/api/script/run/:noteId", scriptRoute.run);
-    apiRoute(GET, "/api/script/startup", scriptRoute.getStartupBundles);
-    apiRoute(GET, "/api/script/widgets", scriptRoute.getWidgetBundles);
-    apiRoute(PST, "/api/script/bundle/:noteId", scriptRoute.getBundle);
-    apiRoute(
-        GET,
-        "/api/script/relation/:noteId/:relationName",
-        scriptRoute.getRelationBundles
-    );
-
-    // no CSRF since this is called from android app
-    route(
-        PST,
-        "/api/sender/login",
-        [loginRateLimiter],
-        loginApiRoute.token,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/sender/image",
-        [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
-        senderRoute.uploadImage,
-        apiResultHandler
-    );
-    route(
-        PST,
-        "/api/sender/note",
-        [auth.checkEtapiToken],
-        senderRoute.saveNote,
-        apiResultHandler
-    );
-
-    apiRoute(GET, "/api/keyboard-actions", keysRoute.getKeyboardActions);
-    apiRoute(
-        GET,
-        "/api/keyboard-shortcuts-for-notes",
-        keysRoute.getShortcutsForNotes
-    );
-
-    apiRoute(PST, "/api/relation-map", relationMapApiRoute.getRelationMap);
-    apiRoute(
-        PST,
-        "/api/notes/erase-deleted-notes-now",
-        notesApiRoute.eraseDeletedNotesNow
-    );
-    apiRoute(
-        PST,
-        "/api/notes/erase-unused-attachments-now",
-        notesApiRoute.eraseUnusedAttachmentsNow
-    );
-    apiRoute(
-        GET,
-        "/api/similar-notes/:noteId",
-        similarNotesRoute.getSimilarNotes
-    );
-    apiRoute(GET, "/api/backend-log", backendLogRoute.getBackendLog);
-    apiRoute(GET, "/api/stats/note-size/:noteId", statsRoute.getNoteSize);
-    apiRoute(GET, "/api/stats/subtree-size/:noteId", statsRoute.getSubtreeSize);
-    apiRoute(
-        PST,
-        "/api/delete-notes-preview",
-        notesApiRoute.getDeleteNotesPreview
-    );
-    route(
-        GET,
-        "/api/fonts",
-        [auth.checkApiAuthOrElectron],
-        fontsRoute.getFontCss
-    );
-    apiRoute(GET, "/api/other/icon-usage", otherRoute.getIconUsage);
-    apiRoute(PST, "/api/other/render-markdown", otherRoute.renderMarkdown);
-    apiRoute(
-        GET,
-        "/api/recent-changes/:ancestorNoteId",
-        recentChangesApiRoute.getRecentChanges
-    );
-    apiRoute(
-        GET,
-        "/api/edited-notes/:date",
-        revisionsApiRoute.getEditedNotesOnDate
-    );
-
-    apiRoute(PST, "/api/note-map/:noteId/tree", noteMapRoute.getTreeMap);
-    apiRoute(PST, "/api/note-map/:noteId/link", noteMapRoute.getLinkMap);
-    apiRoute(
-        GET,
-        "/api/note-map/:noteId/backlink-count",
-        noteMapRoute.getBacklinkCount
-    );
-    apiRoute(GET, "/api/note-map/:noteId/backlinks", noteMapRoute.getBacklinks);
-
-    shareRoutes.register(router);
-
-    etapiAuthRoutes.register(router, [loginRateLimiter]);
-    etapiAppInfoRoutes.register(router);
-    etapiAttachmentRoutes.register(router);
-    etapiAttributeRoutes.register(router);
-    etapiBranchRoutes.register(router);
-    etapiNoteRoutes.register(router);
-    etapiSpecialNoteRoutes.register(router);
-    etapiSpecRoute.register(router);
-    etapiBackupRoute.register(router);
-
-    app.use("", router);
+  route(GET, "/", [auth.checkAuth, csrfMiddleware], indexRoute.index);
+  route(GET, "/login", [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage);
+  route(GET, "/set-password", [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage);
+
+  const loginRateLimiter = rateLimit.rateLimit({
+    windowMs: 15 * 60 * 1000, // 15 minutes
+    max: 10, // limit each IP to 10 requests per windowMs
+    skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
+  });
+
+  route(PST, "/login", [loginRateLimiter], loginRoute.login);
+  route(PST, "/logout", [csrfMiddleware, auth.checkAuth], loginRoute.logout);
+  route(PST, "/set-password", [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPassword);
+  route(GET, "/setup", [], setupRoute.setupPage);
+
+  apiRoute(GET, "/api/totp/generate", totp.generateSecret);
+  apiRoute(GET, "/api/totp/enabled", totp.checkForTOTP);
+  apiRoute(PST, "/api/totp/enable", totp.enableTOTP);
+  apiRoute(PST, "/api/totp/disable", totp.disableTOTP);
+  apiRoute(PST, "/api/totp/set", totp.setTotpSecret);
+  apiRoute(GET, "/api/totp/get", totp.getSecret);
+
+  apiRoute(PST, "/api/totp_recovery/set", recoveryCodes.setRecoveryCodes);
+  apiRoute(PST, "/api/totp_recovery/verify", recoveryCodes.veryifyRecoveryCode);
+  apiRoute(GET, "/api/totp_recovery/generate", recoveryCodes.generateRecoveryCodes);
+  apiRoute(GET, "/api/totp_recovery/enabled", recoveryCodes.checkForRecoveryKeys);
+  apiRoute(GET, "/api/totp_recovery/used", recoveryCodes.getUsedRecoveryCodes);
+
+  apiRoute(GET, "/api/tree", treeApiRoute.getTree);
+  apiRoute(PST, "/api/tree/load", treeApiRoute.load);
+
+  apiRoute(GET, "/api/notes/:noteId", notesApiRoute.getNote);
+  apiRoute(GET, "/api/notes/:noteId/blob", notesApiRoute.getNoteBlob);
+  apiRoute(GET, "/api/notes/:noteId/metadata", notesApiRoute.getNoteMetadata);
+  apiRoute(PUT, "/api/notes/:noteId/data", notesApiRoute.updateNoteData);
+  apiRoute(DEL, "/api/notes/:noteId", notesApiRoute.deleteNote);
+  apiRoute(PUT, "/api/notes/:noteId/undelete", notesApiRoute.undeleteNote);
+  apiRoute(PST, "/api/notes/:noteId/revision", notesApiRoute.forceSaveRevision);
+  apiRoute(PST, "/api/notes/:parentNoteId/children", notesApiRoute.createNote);
+  apiRoute(PUT, "/api/notes/:noteId/sort-children", notesApiRoute.sortChildNotes);
+  apiRoute(PUT, "/api/notes/:noteId/protect/:isProtected", notesApiRoute.protectNote);
+  apiRoute(PUT, "/api/notes/:noteId/type", notesApiRoute.setNoteTypeMime);
+  apiRoute(PUT, "/api/notes/:noteId/title", notesApiRoute.changeTitle);
+  apiRoute(PST, "/api/notes/:noteId/duplicPOSTate/:parentNoteId", notesApiRoute.duplicateSubtree);
+  apiRoute(PUT, "/api/notes/:noteId/clone-to-branch/:parentBranchId", cloningApiRoute.cloneNoteToBranch);
+  apiRoute(PUT, "/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present", cloningApiRoute.toggleNoteInParent);
+  apiRoute(PUT, "/api/notes/:noteId/clone-to-note/:parentNoteId", cloningApiRoute.cloneNoteToParentNote);
+  apiRoute(PUT, "/api/notes/:noteId/clone-after/:afterBranchId", cloningApiRoute.cloneNoteAfter);
+  route(
+    PUT,
+    "/api/notes/:noteId/file",
+    [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+    filesRoute.updateFile,
+    apiResultHandler
+  );
+  route(GET, "/api/notes/:noteId/open", [auth.checkApiAuthOrElectron], filesRoute.openFile);
+  route(
+    GET,
+    "/api/notes/:noteId/open-partial",
+    [auth.checkApiAuthOrElectron],
+    createPartialContentHandler(filesRoute.fileContentProvider, {
+      debug: (string, extra) => {
+        console.log(string, extra);
+      },
+    })
+  );
+  route(GET, "/api/notes/:noteId/download", [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
+  // this "hacky" path is used for easier referencing of CSS resources
+  route(GET, "/api/notes/download/:noteId", [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
+  apiRoute(PST, "/api/notes/:noteId/save-to-tmp-dir", filesRoute.saveNoteToTmpDir);
+  apiRoute(PST, "/api/notes/:noteId/upload-modified-file", filesRoute.uploadModifiedFileToNote);
+  apiRoute(PST, "/api/notes/:noteId/convert-to-attachment", notesApiRoute.convertNoteToAttachment);
+
+  apiRoute(PUT, "/api/branches/:branchId/move-to/:parentBranchId", branchesApiRoute.moveBranchToParent);
+  apiRoute(PUT, "/api/branches/:branchId/move-before/:beforeBranchId", branchesApiRoute.moveBranchBeforeNote);
+  apiRoute(PUT, "/api/branches/:branchId/move-after/:afterBranchId", branchesApiRoute.moveBranchAfterNote);
+  apiRoute(PUT, "/api/branches/:branchId/expanded/:expanded", branchesApiRoute.setExpanded);
+  apiRoute(PUT, "/api/branches/:branchId/expanded-subtree/:expanded", branchesApiRoute.setExpandedForSubtree);
+  apiRoute(DEL, "/api/branches/:branchId", branchesApiRoute.deleteBranch);
+  apiRoute(PUT, "/api/branches/:branchId/set-prefix", branchesApiRoute.setPrefix);
+
+  apiRoute(GET, "/api/notes/:noteId/attachments", attachmentsApiRoute.getAttachments);
+  apiRoute(PST, "/api/notes/:noteId/attachments", attachmentsApiRoute.saveAttachment);
+  route(
+    PST,
+    "/api/notes/:noteId/attachments/upload",
+    [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+    attachmentsApiRoute.uploadAttachment,
+    apiResultHandler
+  );
+  apiRoute(GET, "/api/attachments/:attachmentId", attachmentsApiRoute.getAttachment);
+  apiRoute(GET, "/api/attachments/:attachmentId/all", attachmentsApiRoute.getAllAttachments);
+  apiRoute(PST, "/api/attachments/:attachmentId/convert-to-note", attachmentsApiRoute.convertAttachmentToNote);
+  apiRoute(DEL, "/api/attachments/:attachmentId", attachmentsApiRoute.deleteAttachment);
+  apiRoute(PUT, "/api/attachments/:attachmentId/rename", attachmentsApiRoute.renameAttachment);
+  apiRoute(GET, "/api/attachments/:attachmentId/blob", attachmentsApiRoute.getAttachmentBlob);
+  route(
+    GET,
+    "/api/attachments/:attachmentId/image/:filename",
+    [auth.checkApiAuthOrElectron],
+    imageRoute.returnAttachedImage
+  );
+  route(GET, "/api/attachments/:attachmentId/open", [auth.checkApiAuthOrElectron], filesRoute.openAttachment);
+  route(
+    GET,
+    "/api/attachments/:attachmentId/open-partial",
+    [auth.checkApiAuthOrElectron],
+    createPartialContentHandler(filesRoute.attachmentContentProvider, {
+      debug: (string, extra) => {
+        console.log(string, extra);
+      },
+    })
+  );
+  route(GET, "/api/attachments/:attachmentId/download", [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
+  // this "hacky" path is used for easier referencing of CSS resources
+  route(GET, "/api/attachments/download/:attachmentId", [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
+  apiRoute(PST, "/api/attachments/:attachmentId/save-to-tmp-dir", filesRoute.saveAttachmentToTmpDir);
+  apiRoute(PST, "/api/attachments/:attachmentId/upload-modified-file", filesRoute.uploadModifiedFileToAttachment);
+  route(
+    PUT,
+    "/api/attachments/:attachmentId/file",
+    [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+    filesRoute.updateAttachment,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/notes/:noteId/revisions", revisionsApiRoute.getRevisions);
+  apiRoute(DEL, "/api/notes/:noteId/revisions", revisionsApiRoute.eraseAllRevisions);
+  apiRoute(GET, "/api/revisions/:revisionId", revisionsApiRoute.getRevision);
+  apiRoute(GET, "/api/revisions/:revisionId/blob", revisionsApiRoute.getRevisionBlob);
+  apiRoute(DEL, "/api/revisions/:revisionId", revisionsApiRoute.eraseRevision);
+  apiRoute(PST, "/api/revisions/:revisionId/restore", revisionsApiRoute.restoreRevision);
+  route(
+    GET,
+    "/api/revisions/:revisionId/image/:filename",
+    [auth.checkApiAuthOrElectron],
+    imageRoute.returnImageFromRevision
+  );
+
+  route(GET, "/api/revisions/:revisionId/download", [auth.checkApiAuthOrElectron], revisionsApiRoute.downloadRevision);
+
+  route(
+    GET,
+    "/api/branches/:branchId/export/:type/:format/:version/:taskId",
+    [auth.checkApiAuthOrElectron],
+    exportRoute.exportBranch
+  );
+  route(
+    PST,
+    "/api/notes/:parentNoteId/notes-import",
+    [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+    importRoute.importNotesToBranch,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/notes/:parentNoteId/attachments-import",
+    [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+    importRoute.importAttachmentsToNote,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/notes/:noteId/attributes", attributesRoute.getEffectiveNoteAttributes);
+  apiRoute(PST, "/api/notes/:noteId/attributes", attributesRoute.addNoteAttribute);
+  apiRoute(PUT, "/api/notes/:noteId/attributes", attributesRoute.updateNoteAttributes);
+  apiRoute(PUT, "/api/notes/:noteId/attribute", attributesRoute.updateNoteAttribute);
+  apiRoute(PUT, "/api/notes/:noteId/set-attribute", attributesRoute.setNoteAttribute);
+  apiRoute(PUT, "/api/notes/:noteId/relations/:name/to/:targetNoteId", attributesRoute.createRelation);
+  apiRoute(DEL, "/api/notes/:noteId/relations/:name/to/:targetNoteId", attributesRoute.deleteRelation);
+  apiRoute(DEL, "/api/notes/:noteId/attributes/:attributeId", attributesRoute.deleteNoteAttribute);
+  apiRoute(GET, "/api/attribute-names", attributesRoute.getAttributeNames);
+  apiRoute(GET, "/api/attribute-values/:attributeName", attributesRoute.getValuesForAttribute);
+
+  // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
+  route(GET, "/api/images/:noteId/:filename", [auth.checkApiAuthOrElectron], imageRoute.returnImageFromNote);
+  route(
+    PUT,
+    "/api/images/:noteId",
+    [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+    imageRoute.updateImage,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/options", optionsApiRoute.getOptions);
+  // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
+  apiRoute(PUT, "/api/options/:name/:value*", optionsApiRoute.updateOption);
+  apiRoute(PUT, "/api/options", optionsApiRoute.updateOptions);
+  apiRoute(GET, "/api/options/user-themes", optionsApiRoute.getUserThemes);
+
+  apiRoute(PST, "/api/password/change", passwordApiRoute.changePassword);
+  apiRoute(PST, "/api/password/reset", passwordApiRoute.resetPassword);
+
+  apiRoute(PST, "/api/sync/test", syncApiRoute.testSync);
+  apiRoute(PST, "/api/sync/now", syncApiRoute.syncNow);
+  apiRoute(PST, "/api/sync/fill-entity-changes", syncApiRoute.fillEntityChanges);
+  apiRoute(PST, "/api/sync/force-full-sync", syncApiRoute.forceFullSync);
+  route(GET, "/api/sync/check", [auth.checkApiAuth], syncApiRoute.checkSync, apiResultHandler);
+  route(GET, "/api/sync/changed", [auth.checkApiAuth], syncApiRoute.getChanged, apiResultHandler);
+  route(PUT, "/api/sync/update", [auth.checkApiAuth], syncApiRoute.update, apiResultHandler);
+  route(PST, "/api/sync/finished", [auth.checkApiAuth], syncApiRoute.syncFinished, apiResultHandler);
+  route(PST, "/api/sync/check-entity-changes", [auth.checkApiAuth], syncApiRoute.checkEntityChanges, apiResultHandler);
+  route(
+    PST,
+    "/api/sync/queue-sector/:entityName/:sector",
+    [auth.checkApiAuth],
+    syncApiRoute.queueSector,
+    apiResultHandler
+  );
+  route(GET, "/api/sync/stats", [], syncApiRoute.getStats, apiResultHandler);
+
+  apiRoute(PST, "/api/recent-notes", recentNotesRoute.addRecentNote);
+  apiRoute(GET, "/api/app-info", appInfoRoute.getAppInfo);
+
+  // docker health check
+  route(GET, "/api/health-check", [], () => ({ status: "ok" }), apiResultHandler);
+
+  // group of the services below are meant to be executed from the outside
+  route(GET, "/api/setup/status", [], setupApiRoute.getStatus, apiResultHandler);
+  route(
+    PST,
+    "/api/setup/new-document",
+    [auth.checkAppNotInitialized],
+    setupApiRoute.setupNewDocument,
+    apiResultHandler,
+    false
+  );
+  route(
+    PST,
+    "/api/setup/sync-from-server",
+    [auth.checkAppNotInitialized],
+    setupApiRoute.setupSyncFromServer,
+    apiResultHandler,
+    false
+  );
+  route(GET, "/api/setup/sync-seed", [auth.checkCredentials], setupApiRoute.getSyncSeed, apiResultHandler);
+  route(
+    PST,
+    "/api/setup/sync-seed",
+    [auth.checkAppNotInitialized],
+    setupApiRoute.saveSyncSeed,
+    apiResultHandler,
+    false
+  );
+
+  apiRoute(GET, "/api/autocomplete", autocompleteApiRoute.getAutocomplete);
+  apiRoute(GET, "/api/quick-search/:searchString", searchRoute.quickSearch);
+  apiRoute(GET, "/api/search-note/:noteId", searchRoute.searchFromNote);
+  apiRoute(PST, "/api/search-and-execute-note/:noteId", searchRoute.searchAndExecute);
+  apiRoute(PST, "/api/search-related", searchRoute.getRelatedNotes);
+  apiRoute(GET, "/api/search/:searchString", searchRoute.search);
+  apiRoute(GET, "/api/search-templates", searchRoute.searchTemplates);
+
+  apiRoute(PST, "/api/bulk-action/execute", bulkActionRoute.execute);
+  apiRoute(PST, "/api/bulk-action/affected-notes", bulkActionRoute.getAffectedNoteCount);
+
+  route(PST, "/api/login/sync", [], loginApiRoute.loginSync, apiResultHandler);
+  // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
+  apiRoute(PST, "/api/login/protected", loginApiRoute.loginToProtectedSession);
+  apiRoute(PST, "/api/login/protected/touch", loginApiRoute.touchProtectedSession);
+  apiRoute(PST, "/api/logout/protected", loginApiRoute.logoutFromProtectedSession);
+
+  route(PST, "/api/login/token", [loginRateLimiter], loginApiRoute.token, apiResultHandler);
+
+  apiRoute(GET, "/api/etapi-tokens", etapiTokensApiRoutes.getTokens);
+  apiRoute(PST, "/api/etapi-tokens", etapiTokensApiRoutes.createToken);
+  apiRoute(PATCH, "/api/etapi-tokens/:etapiTokenId", etapiTokensApiRoutes.patchToken);
+  apiRoute(DEL, "/api/etapi-tokens/:etapiTokenId", etapiTokensApiRoutes.deleteToken);
+
+  // in case of local electron, local calls are allowed unauthenticated, for server they need auth
+  const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
+
+  route(GET, "/api/clipper/handshake", clipperMiddleware, clipperRoute.handshake, apiResultHandler);
+  route(PST, "/api/clipper/clippings", clipperMiddleware, clipperRoute.addClipping, apiResultHandler);
+  route(PST, "/api/clipper/notes", clipperMiddleware, clipperRoute.createNote, apiResultHandler);
+  route(PST, "/api/clipper/open/:noteId", clipperMiddleware, clipperRoute.openNote, apiResultHandler);
+  route(GET, "/api/clipper/notes-by-url/:noteUrl", clipperMiddleware, clipperRoute.findNotesByUrl, apiResultHandler);
+
+  apiRoute(GET, "/api/special-notes/inbox/:date", specialNotesRoute.getInboxNote);
+  apiRoute(GET, "/api/special-notes/days/:date", specialNotesRoute.getDayNote);
+  apiRoute(GET, "/api/special-notes/weeks/:date", specialNotesRoute.getWeekNote);
+  apiRoute(GET, "/api/special-notes/months/:month", specialNotesRoute.getMonthNote);
+  apiRoute(GET, "/api/special-notes/years/:year", specialNotesRoute.getYearNote);
+  apiRoute(GET, "/api/special-notes/notes-for-month/:month", specialNotesRoute.getDayNotesForMonth);
+  apiRoute(PST, "/api/special-notes/sql-console", specialNotesRoute.createSqlConsole);
+  apiRoute(PST, "/api/special-notes/save-sql-console", specialNotesRoute.saveSqlConsole);
+  apiRoute(PST, "/api/special-notes/search-note", specialNotesRoute.createSearchNote);
+  apiRoute(PST, "/api/special-notes/save-search-note", specialNotesRoute.saveSearchNote);
+  apiRoute(PST, "/api/special-notes/launchers/:noteId/reset", specialNotesRoute.resetLauncher);
+  apiRoute(PST, "/api/special-notes/launchers/:parentNoteId/:launcherType", specialNotesRoute.createLauncher);
+  apiRoute(PUT, "/api/special-notes/api-script-launcher", specialNotesRoute.createOrUpdateScriptLauncherFromApi);
+
+  apiRoute(GET, "/api/sql/schema", sqlRoute.getSchema);
+  apiRoute(PST, "/api/sql/execute/:noteId", sqlRoute.execute);
+  route(
+    PST,
+    "/api/database/anonymize/:type",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.anonymize,
+    apiResultHandler,
+    false
+  );
+  apiRoute(GET, "/api/database/anonymized-databases", databaseRoute.getExistingAnonymizedDatabases);
+
+  // backup requires execution outside of transaction
+  route(
+    PST,
+    "/api/database/backup-database",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.backupDatabase,
+    apiResultHandler,
+    false
+  );
+  apiRoute(GET, "/api/database/backups", databaseRoute.getExistingBackups);
+
+  // VACUUM requires execution outside of transaction
+  route(
+    PST,
+    "/api/database/vacuum-database",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.vacuumDatabase,
+    apiResultHandler,
+    false
+  );
+
+  route(
+    PST,
+    "/api/database/find-and-fix-consistency-issues",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.findAndFixConsistencyIssues,
+    apiResultHandler,
+    false
+  );
+
+  apiRoute(GET, "/api/database/check-integrity", databaseRoute.checkIntegrity);
+
+  route(PST, "/api/script/exec", [auth.checkApiAuth, csrfMiddleware], scriptRoute.exec, apiResultHandler, false);
+
+  apiRoute(PST, "/api/script/run/:noteId", scriptRoute.run);
+  apiRoute(GET, "/api/script/startup", scriptRoute.getStartupBundles);
+  apiRoute(GET, "/api/script/widgets", scriptRoute.getWidgetBundles);
+  apiRoute(PST, "/api/script/bundle/:noteId", scriptRoute.getBundle);
+  apiRoute(GET, "/api/script/relation/:noteId/:relationName", scriptRoute.getRelationBundles);
+
+  // no CSRF since this is called from android app
+  route(PST, "/api/sender/login", [loginRateLimiter], loginApiRoute.token, apiResultHandler);
+  route(
+    PST,
+    "/api/sender/image",
+    [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
+    senderRoute.uploadImage,
+    apiResultHandler
+  );
+  route(PST, "/api/sender/note", [auth.checkEtapiToken], senderRoute.saveNote, apiResultHandler);
+
+  apiRoute(GET, "/api/keyboard-actions", keysRoute.getKeyboardActions);
+  apiRoute(GET, "/api/keyboard-shortcuts-for-notes", keysRoute.getShortcutsForNotes);
+
+  apiRoute(PST, "/api/relation-map", relationMapApiRoute.getRelationMap);
+  apiRoute(PST, "/api/notes/erase-deleted-notes-now", notesApiRoute.eraseDeletedNotesNow);
+  apiRoute(PST, "/api/notes/erase-unused-attachments-now", notesApiRoute.eraseUnusedAttachmentsNow);
+  apiRoute(GET, "/api/similar-notes/:noteId", similarNotesRoute.getSimilarNotes);
+  apiRoute(GET, "/api/backend-log", backendLogRoute.getBackendLog);
+  apiRoute(GET, "/api/stats/note-size/:noteId", statsRoute.getNoteSize);
+  apiRoute(GET, "/api/stats/subtree-size/:noteId", statsRoute.getSubtreeSize);
+  apiRoute(PST, "/api/delete-notes-preview", notesApiRoute.getDeleteNotesPreview);
+  route(GET, "/api/fonts", [auth.checkApiAuthOrElectron], fontsRoute.getFontCss);
+  apiRoute(GET, "/api/other/icon-usage", otherRoute.getIconUsage);
+  apiRoute(PST, "/api/other/render-markdown", otherRoute.renderMarkdown);
+  apiRoute(GET, "/api/recent-changes/:ancestorNoteId", recentChangesApiRoute.getRecentChanges);
+  apiRoute(GET, "/api/edited-notes/:date", revisionsApiRoute.getEditedNotesOnDate);
+
+  apiRoute(PST, "/api/note-map/:noteId/tree", noteMapRoute.getTreeMap);
+  apiRoute(PST, "/api/note-map/:noteId/link", noteMapRoute.getLinkMap);
+  apiRoute(GET, "/api/note-map/:noteId/backlink-count", noteMapRoute.getBacklinkCount);
+  apiRoute(GET, "/api/note-map/:noteId/backlinks", noteMapRoute.getBacklinks);
+
+  shareRoutes.register(router);
+
+  etapiAuthRoutes.register(router, [loginRateLimiter]);
+  etapiAppInfoRoutes.register(router);
+  etapiAttachmentRoutes.register(router);
+  etapiAttributeRoutes.register(router);
+  etapiBranchRoutes.register(router);
+  etapiNoteRoutes.register(router);
+  etapiSpecialNoteRoutes.register(router);
+  etapiSpecRoute.register(router);
+  etapiBackupRoute.register(router);
+
+  app.use("", router);
 }
 
 /** Handling common patterns. If entity is not caught, serialization to JSON will fail */
 function convertEntitiesToPojo(result: unknown) {
-    if (result instanceof AbstractBeccaEntity) {
-        result = result.getPojo();
-    } else if (Array.isArray(result)) {
-        for (const idx in result) {
-            if (result[idx] instanceof AbstractBeccaEntity) {
-                result[idx] = result[idx].getPojo();
-            }
-        }
-    } else if (result && typeof result === "object") {
-        if ("note" in result && result.note instanceof AbstractBeccaEntity) {
-            result.note = result.note.getPojo();
-        }
-
-        if (
-            "branch" in result &&
-            result.branch instanceof AbstractBeccaEntity
-        ) {
-            result.branch = result.branch.getPojo();
-        }
+  if (result instanceof AbstractBeccaEntity) {
+    result = result.getPojo();
+  } else if (Array.isArray(result)) {
+    for (const idx in result) {
+      if (result[idx] instanceof AbstractBeccaEntity) {
+        result[idx] = result[idx].getPojo();
+      }
+    }
+  } else if (result && typeof result === "object") {
+    if ("note" in result && result.note instanceof AbstractBeccaEntity) {
+      result.note = result.note.getPojo();
     }
 
-    if (result && typeof result === "object" && "executionResult" in result) {
-        // from runOnBackend()
-        result.executionResult = convertEntitiesToPojo(result.executionResult);
+    if ("branch" in result && result.branch instanceof AbstractBeccaEntity) {
+      result.branch = result.branch.getPojo();
     }
+  }
+
+  if (result && typeof result === "object" && "executionResult" in result) {
+    // from runOnBackend()
+    result.executionResult = convertEntitiesToPojo(result.executionResult);
+  }
 
-    return result;
+  return result;
 }
 
-function apiResultHandler(
-    req: express.Request,
-    res: express.Response,
-    result: unknown
-) {
-    res.setHeader(
-        "trilium-max-entity-change-id",
-        entityChangesService.getMaxEntityChangeId()
-    );
-
-    result = convertEntitiesToPojo(result);
-
-    // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
-    if (
-        Array.isArray(result) &&
-        result.length > 0 &&
-        Number.isInteger(result[0])
-    ) {
-        const [statusCode, response] = result;
-
-        if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
-            log.info(
-                `${req.method} ${
-                    req.originalUrl
-                } returned ${statusCode} with response ${JSON.stringify(
-                    response
-                )}`
-            );
-        }
+function apiResultHandler(req: express.Request, res: express.Response, result: unknown) {
+  res.setHeader("trilium-max-entity-change-id", entityChangesService.getMaxEntityChangeId());
 
-        return send(res, statusCode, response);
-    } else if (result === undefined) {
-        return send(res, 204, "");
-    } else {
-        return send(res, 200, result);
+  result = convertEntitiesToPojo(result);
+
+  // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
+  if (Array.isArray(result) && result.length > 0 && Number.isInteger(result[0])) {
+    const [statusCode, response] = result;
+
+    if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
+      log.info(`${req.method} ${req.originalUrl} returned ${statusCode} with response ${JSON.stringify(response)}`);
     }
+
+    return send(res, statusCode, response);
+  } else if (result === undefined) {
+    return send(res, 204, "");
+  } else {
+    return send(res, 200, result);
+  }
 }
 
 function send(res: express.Response, statusCode: number, response: unknown) {
-    if (typeof response === "string") {
-        if (statusCode >= 400) {
-            res.setHeader("Content-Type", "text/plain");
-        }
+  if (typeof response === "string") {
+    if (statusCode >= 400) {
+      res.setHeader("Content-Type", "text/plain");
+    }
 
-        res.status(statusCode).send(response);
+    res.status(statusCode).send(response);
 
-        return response.length;
-    } else {
-        const json = JSON.stringify(response);
+    return response.length;
+  } else {
+    const json = JSON.stringify(response);
 
-        res.setHeader("Content-Type", "application/json");
-        res.status(statusCode).send(json);
+    res.setHeader("Content-Type", "application/json");
+    res.status(statusCode).send(json);
 
-        return json.length;
-    }
+    return json.length;
+  }
 }
 
-function apiRoute(
-    method: HttpMethod,
-    path: string,
-    routeHandler: express.Handler
-) {
-    route(
-        method,
-        path,
-        [auth.checkApiAuth, csrfMiddleware],
-        routeHandler,
-        apiResultHandler
-    );
+function apiRoute(method: HttpMethod, path: string, routeHandler: express.Handler) {
+  route(method, path, [auth.checkApiAuth, csrfMiddleware], routeHandler, apiResultHandler);
 }
 
 function route(
-    method: HttpMethod,
-    path: string,
-    middleware: (express.Handler | AppRequestHandler)[],
-    routeHandler: AppRequestHandler,
-    resultHandler: ApiResultHandler | null = null,
-    transactional = true
+  method: HttpMethod,
+  path: string,
+  middleware: (express.Handler | AppRequestHandler)[],
+  routeHandler: AppRequestHandler,
+  resultHandler: ApiResultHandler | null = null,
+  transactional = true
 ) {
-    router[method](
-        path,
-        ...(middleware as express.Handler[]),
-        (
-            req: express.Request,
-            res: express.Response,
-            next: express.NextFunction
-        ) => {
-            const start = Date.now();
-
-            try {
-                cls.namespace.bindEmitter(req);
-                cls.namespace.bindEmitter(res);
-
-                const result = cls.init(() => {
-                    cls.set("componentId", req.headers["trilium-component-id"]);
-                    cls.set(
-                        "localNowDateTime",
-                        req.headers["trilium-local-now-datetime"]
-                    );
-                    cls.set(
-                        "hoistedNoteId",
-                        req.headers["trilium-hoisted-note-id"] || "root"
-                    );
-
-                    const cb = () => routeHandler(req as AppRequest, res, next);
-
-                    return transactional ? sql.transactional(cb) : cb();
-                });
-
-                if (!resultHandler) {
-                    return;
-                }
-
-                if (result?.then) {
-                    // promise
-                    result
-                        .then((promiseResult: unknown) =>
-                            handleResponse(
-                                resultHandler,
-                                req,
-                                res,
-                                promiseResult,
-                                start
-                            )
-                        )
-                        .catch((e: any) =>
-                            handleException(e, method, path, res)
-                        );
-                } else {
-                    handleResponse(resultHandler, req, res, result, start);
-                }
-            } catch (e) {
-                handleException(e, method, path, res);
-            }
+  router[method](
+    path,
+    ...(middleware as express.Handler[]),
+    (req: express.Request, res: express.Response, next: express.NextFunction) => {
+      const start = Date.now();
+
+      try {
+        cls.namespace.bindEmitter(req);
+        cls.namespace.bindEmitter(res);
+
+        const result = cls.init(() => {
+          cls.set("componentId", req.headers["trilium-component-id"]);
+          cls.set("localNowDateTime", req.headers["trilium-local-now-datetime"]);
+          cls.set("hoistedNoteId", req.headers["trilium-hoisted-note-id"] || "root");
+
+          const cb = () => routeHandler(req as AppRequest, res, next);
+
+          return transactional ? sql.transactional(cb) : cb();
+        });
+
+        if (!resultHandler) {
+          return;
+        }
+
+        if (result?.then) {
+          // promise
+          result
+            .then((promiseResult: unknown) => handleResponse(resultHandler, req, res, promiseResult, start))
+            .catch((e: any) => handleException(e, method, path, res));
+        } else {
+          handleResponse(resultHandler, req, res, result, start);
         }
-    );
+      } catch (e) {
+        handleException(e, method, path, res);
+      }
+    }
+  );
 }
 
 function handleResponse(
-    resultHandler: ApiResultHandler,
-    req: express.Request,
-    res: express.Response,
-    result: unknown,
-    start: number
+  resultHandler: ApiResultHandler,
+  req: express.Request,
+  res: express.Response,
+  result: unknown,
+  start: number
 ) {
-    const responseLength = resultHandler(req, res, result);
+  const responseLength = resultHandler(req, res, result);
 
-    log.request(req, res, Date.now() - start, responseLength);
+  log.request(req, res, Date.now() - start, responseLength);
 }
 
-function handleException(
-    e: any,
-    method: HttpMethod,
-    path: string,
-    res: express.Response
-) {
-    log.error(
-        `${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`
-    );
+function handleException(e: any, method: HttpMethod, path: string, res: express.Response) {
+  log.error(`${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`);
 
-    if (e instanceof ValidationError) {
-        res.status(400).json({
-            message: e.message,
-        });
-    } else if (e instanceof NotFoundError) {
-        res.status(404).json({
-            message: e.message,
-        });
-    } else {
-        res.status(500).json({
-            message: e.message,
-        });
-    }
+  if (e instanceof ValidationError) {
+    res.status(400).json({
+      message: e.message,
+    });
+  } else if (e instanceof NotFoundError) {
+    res.status(404).json({
+      message: e.message,
+    });
+  } else {
+    res.status(500).json({
+      message: e.message,
+    });
+  }
 }
 
 function createUploadMiddleware() {
-    const multerOptions: multer.Options = {
-        fileFilter: (req: express.Request, file, cb) => {
-            // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
-            // See https://github.com/expressjs/multer/pull/1102.
-            file.originalname = Buffer.from(
-                file.originalname,
-                "latin1"
-            ).toString("utf-8");
-            cb(null, true);
-        },
-    };
+  const multerOptions: multer.Options = {
+    fileFilter: (req: express.Request, file, cb) => {
+      // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
+      // See https://github.com/expressjs/multer/pull/1102.
+      file.originalname = Buffer.from(file.originalname, "latin1").toString("utf-8");
+      cb(null, true);
+    },
+  };
 
-    if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
-        multerOptions.limits = {
-            fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024,
-        };
-    }
+  if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
+    multerOptions.limits = {
+      fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024,
+    };
+  }
 
-    return multer(multerOptions).single("upload");
+  return multer(multerOptions).single("upload");
 }
 
 export = {
-    register,
+  register,
 };
diff --git a/src/services/encryption/recovery_codes.ts b/src/services/encryption/recovery_codes.ts
index 53997e64a1..378ea385a5 100644
--- a/src/services/encryption/recovery_codes.ts
+++ b/src/services/encryption/recovery_codes.ts
@@ -15,74 +15,67 @@ function setRecoveryCodes(recoveryCodes: string) {
   let encryptedRecoveryCodes = cipher.update(recoveryCodes, "utf-8", "hex");
 
   sql.transactional(() => {
-    optionService.createOption(
-      "recoveryCodeInitialVector",
-      iv.toString("hex"),
-      true
-    );
-    optionService.createOption(
-      "recoveryCodeSecurityKey",
-      securityKey.toString("hex"),
-      true
-    );
-    optionService.createOption(
-      "recoveryCodesEncrypted",
-      encryptedRecoveryCodes + cipher.final("hex"),
-      true
-    );
-    optionService.createOption("encryptedRecoveryCodes", "true", true);
+    optionService.setOption("recoveryCodeInitialVector", iv.toString("hex"));
+    optionService.setOption("recoveryCodeSecurityKey", securityKey.toString("hex"));
+    optionService.setOption("recoveryCodesEncrypted", encryptedRecoveryCodes + cipher.final("hex"));
+    optionService.setOption("encryptedRecoveryCodes", "true");
     return true;
   });
   return false;
 }
-
-function verifyRecoveryCode(recoveryCodeGuess: string) {
+function getRecoveryCodes() {
   if (!isRecoveryCodeSet()) {
-    throw new Error(
-      "Recovery codes have not been set yet, so it cannot be changed. Use 'setRecoveryCodes' instead."
-    );
+    throw new Error("Recovery codes have not been set yet, so it cannot be changed. Use 'setRecoveryCodes' instead.");
   }
 
-  const recoveryCodeVerification = sql.transactional(() => {
-    const iv = Buffer.from(
-      optionService.getOption("recoveryCodeInitialVector"),
-      "hex"
-    );
-    const securityKey = Buffer.from(
-      optionService.getOption("recoveryCodeSecurityKey"),
-      "hex"
-    );
-    const encryptedRecoveryCodes = optionService.getOption(
-      "recoveryCodesEncrypted"
-    );
+  return sql.transactional(() => {
+    const iv = Buffer.from(optionService.getOption("recoveryCodeInitialVector"), "hex");
+    const securityKey = Buffer.from(optionService.getOption("recoveryCodeSecurityKey"), "hex");
+    const encryptedRecoveryCodes = optionService.getOption("recoveryCodesEncrypted");
 
     const decipher = crypto.createDecipheriv("aes-256-cbc", securityKey, iv);
-    const decryptedData = decipher.update(
-      encryptedRecoveryCodes,
-      "hex",
-      "utf-8"
-    );
+    const decryptedData = decipher.update(encryptedRecoveryCodes, "hex", "utf-8");
 
     const decryptedString = decryptedData + decipher.final("utf-8");
-    const editedString = decryptedString.replaceAll("\\", "");
-    const finalString = editedString.substring(1, editedString.length - 1);
-    const finalParse = JSON.parse(finalString);
+    return decryptedString.split(",");
+  });
+}
 
-    for (const recoveryCode in finalParse) {
-      if (finalParse[recoveryCode] === recoveryCodeGuess) {
-        updateRecoveryCodes(finalParse[recoveryCode]);
-        return true;
-      }
-    }
+function removeRecoveryCode(usedCode: string) {
+  const oldCodes: string[] = getRecoveryCodes();
+  const today = new Date();
+  oldCodes[oldCodes.indexOf(usedCode)] = today.toJSON().replace(/-/g, "/");
+  setRecoveryCodes(oldCodes.toString());
+}
 
+function verifyRecoveryCode(recoveryCodeGuess: string) {
+  const recoveryCodeRegex = RegExp(/^.{22}==$/gm);
+  if (!recoveryCodeRegex.test(recoveryCodeGuess)) {
     return false;
-  });
+  }
 
-  return recoveryCodeVerification;
+  const recoveryCodes = getRecoveryCodes();
+  var loginSuccess = false;
+  recoveryCodes.forEach((recoveryCode: string) => {
+    if (recoveryCodeGuess === recoveryCode) {
+      removeRecoveryCode(recoveryCode);
+      loginSuccess = true;
+      return;
+    }
+  });
+  return loginSuccess;
 }
 
-function updateRecoveryCodes(codeToRemove: string) {
-  // TODO: Remove used recovery code and reset
+function getUsedRecoveryCodes() {
+  const dateRegex = RegExp(/^\d{4}\/\d{2}\/\d{2}T\d{2}:\d{2}:\d{2}.\d{3}Z$/gm);
+  const recoveryCodes = getRecoveryCodes();
+  const usedStatus: string[] = [];
+
+  recoveryCodes.forEach((recoveryKey: string) => {
+    if (dateRegex.test(recoveryKey)) usedStatus.push("Used: " + recoveryKey);
+    else usedStatus.push("Recovery code " + recoveryCodes.indexOf(recoveryKey) + " is unused");
+  });
+  return usedStatus;
 }
 
-export = { setRecoveryCodes, verifyRecoveryCode };
+export = { setRecoveryCodes, verifyRecoveryCode, getUsedRecoveryCodes, isRecoveryCodeSet };

From 7f039a03aad0d76649652abf57eae5647e00186c Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 12 May 2024 12:59:47 -0700
Subject: [PATCH 15/63] Formatting

---
 .../options/multi_factor_authentication.js    |   94 +-
 .../type_widgets/options/options_widget.js    |   80 +-
 src/routes/api/options.ts                     |  228 ++-
 src/routes/login.ts                           |   60 +-
 src/routes/routes.ts                          |  592 ++++----
 src/services/encryption/my_scrypt.ts          |   42 +-
 src/services/encryption/recovery_codes.ts     |   42 +-
 src/services/encryption/totp_secret.ts        |  152 +-
 .../encryption/totp_secret_encryption.ts      |   54 +-
 src/services/hidden_subtree.ts                | 1274 ++++++++---------
 src/services/options.ts                       |  119 +-
 src/services/options_init.ts                  |  315 ++--
 src/services/totp_secret.ts                   |   32 +-
 13 files changed, 1479 insertions(+), 1605 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 4929d37ed4..403945f207 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -1,7 +1,7 @@
-import server from "../../../services/server.js";
-import protectedSessionHolder from "../../../services/protected_session_holder.js";
-import toastService from "../../../services/toast.js";
-import OptionsWidget from "./options_widget.js";
+import server from '../../../services/server.js';
+import protectedSessionHolder from '../../../services/protected_session_holder.js';
+import toastService from '../../../services/toast.js';
+import OptionsWidget from './options_widget.js';
 
 const TPL = `
 <div class="options-section">
@@ -84,57 +84,57 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
   doRender() {
     this.$widget = $(TPL);
 
-    this.$mfaHeadding = this.$widget.find(".mfa-heading");
-    this.$regenerateTotpButton = this.$widget.find(".regenerate-totp");
-    this.$totpEnabled = this.$widget.find(".totp-enabled");
-    this.$totpSecret = this.$widget.find(".totp-secret");
-    this.$totpSecretInput = this.$widget.find(".totp-secret-input");
-    this.$saveTotpButton = this.$widget.find(".save-totp");
-    this.$password = this.$widget.find(".password");
-    this.$generateRecoveryCodeButton = this.$widget.find(".generate-recovery-code");
+    this.$mfaHeadding = this.$widget.find('.mfa-heading');
+    this.$regenerateTotpButton = this.$widget.find('.regenerate-totp');
+    this.$totpEnabled = this.$widget.find('.totp-enabled');
+    this.$totpSecret = this.$widget.find('.totp-secret');
+    this.$totpSecretInput = this.$widget.find('.totp-secret-input');
+    this.$saveTotpButton = this.$widget.find('.save-totp');
+    this.$password = this.$widget.find('.password');
+    this.$generateRecoveryCodeButton = this.$widget.find('.generate-recovery-code');
     this.$recoveryKeys = [];
 
-    for (let i = 0; i < 8; i++) this.$recoveryKeys.push(this.$widget.find(".key_" + i));
+    for (let i = 0; i < 8; i++) this.$recoveryKeys.push(this.$widget.find('.key_' + i));
 
-    this.$mfaHeadding.text("Time-Based One Time Password (TOTP)");
+    this.$mfaHeadding.text('Time-Based One Time Password (TOTP)');
 
-    this.$totpEnabled.on("change", async () => {
+    this.$totpEnabled.on('change', async () => {
       this.updateSecret();
     });
 
-    this.$generateRecoveryCodeButton.on("click", async () => {
+    this.$generateRecoveryCodeButton.on('click', async () => {
       this.setRecoveryKeys();
     });
 
-    this.$regenerateTotpButton.on("click", async () => {
+    this.$regenerateTotpButton.on('click', async () => {
       this.generateKey();
     });
 
-    this.$saveTotpButton.on("click", async () => {
+    this.$saveTotpButton.on('click', async () => {
       this.saveTotpSecret();
     });
 
-    this.$protectedSessionTimeout = this.$widget.find(".protected-session-timeout-in-seconds");
-    this.$protectedSessionTimeout.on("change", () =>
-      this.updateOption("protectedSessionTimeout", this.$protectedSessionTimeout.val())
+    this.$protectedSessionTimeout = this.$widget.find('.protected-session-timeout-in-seconds');
+    this.$protectedSessionTimeout.on('change', () =>
+      this.updateOption('protectedSessionTimeout', this.$protectedSessionTimeout.val())
     );
 
     this.displayRecoveryKeys();
   }
 
   async updateSecret() {
-    if (this.$totpEnabled.prop("checked")) server.post("totp/enable");
-    else server.post("totp/disable");
+    if (this.$totpEnabled.prop('checked')) server.post('totp/enable');
+    else server.post('totp/disable');
   }
 
   async setRecoveryKeys() {
-    server.get("totp_recovery/generate").then((result) => {
+    server.get('totp_recovery/generate').then((result) => {
       if (!result.success) {
-        toastService.showError("Error in revevery code generation!");
+        toastService.showError('Error in revevery code generation!');
         return;
       }
       this.keyFiller(result.recoveryCodes);
-      server.post("totp_recovery/set", {
+      server.post('totp_recovery/set', {
         recoveryCodes: result.recoveryCodes,
       });
     });
@@ -143,12 +143,12 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
   async keyFiller(values) {
     // Forces values to be a string so it doesn't error out when I split.
     // Will be a non-issue when I update everything to typescript.
-    const keys = (values + "").split(",");
+    const keys = (values + '').split(',');
     for (let i = 0; i < keys.length; i++) this.$recoveryKeys[i].text(keys[i]);
   }
 
   async generateKey() {
-    server.get("totp/generate").then((result) => {
+    server.get('totp/generate').then((result) => {
       if (result.success) {
         this.$totpSecret.text(result.message);
       } else {
@@ -158,15 +158,15 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
   }
 
   optionsLoaded(options) {
-    server.get("totp/enabled").then((result) => {
+    server.get('totp/enabled').then((result) => {
       if (result.success) {
-        this.$totpEnabled.prop("checked", result.message);
-        this.$totpSecretInput.prop("disabled", !result.message);
-        this.$saveTotpButton.prop("disabled", !result.message);
-        this.$totpSecret.prop("disapbled", !result.message);
-        this.$regenerateTotpButton.prop("disabled", !result.message);
-        this.$password.prop("disabled", !result.message);
-        this.$generateRecoveryCodeButton.prop("disabled", !result.message);
+        this.$totpEnabled.prop('checked', result.message);
+        this.$totpSecretInput.prop('disabled', !result.message);
+        this.$saveTotpButton.prop('disabled', !result.message);
+        this.$totpSecret.prop('disapbled', !result.message);
+        this.$regenerateTotpButton.prop('disabled', !result.message);
+        this.$password.prop('disabled', !result.message);
+        this.$generateRecoveryCodeButton.prop('disabled', !result.message);
       } else {
         toastService.showError(result.message);
       }
@@ -180,22 +180,22 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
 
     if (key.length != 52) {
-      toastService.showError("Invalid Secret", 2000);
+      toastService.showError('Invalid Secret', 2000);
       return;
     }
     if (regex.test(key)) {
-      toastService.showError("Invalid Secret", 2000);
+      toastService.showError('Invalid Secret', 2000);
       return;
     }
 
     server
-      .post("totp/set", {
+      .post('totp/set', {
         secret: this.$totpSecretInput.val(),
         password: this.$password.val(),
       })
       .then((result) => {
         if (result.success) {
-          toastService.showError("Password has been changed. Trilium will be reloaded after you press OK.");
+          toastService.showError('Password has been changed. Trilium will be reloaded after you press OK.');
 
           // password changed so current protected session is invalid and needs to be cleared
           protectedSessionHolder.resetProtectedSession();
@@ -208,21 +208,21 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
   }
 
   displayRecoveryKeys() {
-    server.get("totp_recovery/enabled").then((result) => {
+    server.get('totp_recovery/enabled').then((result) => {
       if (!result.success) {
-        this.keyFiller(Array(8).fill("Error generating recovery keys!"));
+        this.keyFiller(Array(8).fill('Error generating recovery keys!'));
         return;
       }
 
       if (!result.keysExist) {
-        this.keyFiller(Array(8).fill("No key set"));
-        this.$generateRecoveryCodeButton.text("Generate Recovery Codes");
+        this.keyFiller(Array(8).fill('No key set'));
+        this.$generateRecoveryCodeButton.text('Generate Recovery Codes');
         return;
       }
     });
-    server.get("totp_recovery/used").then((result) => {
-      this.keyFiller((result.usedRecoveryCodes + "").split(","));
-      this.$generateRecoveryCodeButton.text("Regenerate Recovery Codes");
+    server.get('totp_recovery/used').then((result) => {
+      this.keyFiller((result.usedRecoveryCodes + '').split(','));
+      this.$generateRecoveryCodeButton.text('Regenerate Recovery Codes');
     });
   }
 }
diff --git a/src/public/app/widgets/type_widgets/options/options_widget.js b/src/public/app/widgets/type_widgets/options/options_widget.js
index 302305703c..c227af8d39 100644
--- a/src/public/app/widgets/type_widgets/options/options_widget.js
+++ b/src/public/app/widgets/type_widgets/options/options_widget.js
@@ -1,57 +1,57 @@
-import server from "../../../services/server.js";
-import toastService from "../../../services/toast.js";
-import NoteContextAwareWidget from "../../note_context_aware_widget.js";
+import server from '../../../services/server.js';
+import toastService from '../../../services/toast.js';
+import NoteContextAwareWidget from '../../note_context_aware_widget.js';
 
 export default class OptionsWidget extends NoteContextAwareWidget {
-    constructor() {
-        super();
+  constructor() {
+    super();
 
-        this.contentSized();
-    }
+    this.contentSized();
+  }
 
-    async updateOption(name, value) {
-        const opts = { [name]: value };
+  async updateOption(name, value) {
+    const opts = { [name]: value };
 
-        await this.updateMultipleOptions(opts);
-    }
+    await this.updateMultipleOptions(opts);
+  }
 
-    async updateMultipleOptions(opts) {
-        await server.put("options", opts);
+  async updateMultipleOptions(opts) {
+    await server.put('options', opts);
 
-        this.showUpdateNotification();
-    }
+    this.showUpdateNotification();
+  }
 
-    showUpdateNotification() {
-        toastService.showPersistent({
-            id: "options-change-saved",
-            title: "Options status",
-            message: "Options change have been saved.",
-            icon: "slider",
-            closeAfter: 2000,
-        });
-    }
+  showUpdateNotification() {
+    toastService.showPersistent({
+      id: 'options-change-saved',
+      title: 'Options status',
+      message: 'Options change have been saved.',
+      icon: 'slider',
+      closeAfter: 2000,
+    });
+  }
 
-    async updateCheckboxOption(name, $checkbox) {
-        const isChecked = $checkbox.prop("checked");
+  async updateCheckboxOption(name, $checkbox) {
+    const isChecked = $checkbox.prop('checked');
 
-        return await this.updateOption(name, isChecked ? "true" : "false");
-    }
+    return await this.updateOption(name, isChecked ? 'true' : 'false');
+  }
 
-    setCheckboxState($checkbox, optionValue) {
-        $checkbox.prop("checked", optionValue === "true");
-    }
+  setCheckboxState($checkbox, optionValue) {
+    $checkbox.prop('checked', optionValue === 'true');
+  }
 
-    optionsLoaded(options) {}
+  optionsLoaded(options) {}
 
-    async refreshWithNote(note) {
-        const options = await server.get("options");
+  async refreshWithNote(note) {
+    const options = await server.get('options');
 
-        this.optionsLoaded(options);
-    }
+    this.optionsLoaded(options);
+  }
 
-    async entitiesReloadedEvent({ loadResults }) {
-        if (loadResults.getOptionNames().length > 0) {
-            this.refresh();
-        }
+  async entitiesReloadedEvent({ loadResults }) {
+    if (loadResults.getOptionNames().length > 0) {
+      this.refresh();
     }
+  }
 }
diff --git a/src/routes/api/options.ts b/src/routes/api/options.ts
index f1500135df..16abe5f889 100644
--- a/src/routes/api/options.ts
+++ b/src/routes/api/options.ts
@@ -1,154 +1,152 @@
-"use strict";
+'use strict';
 
-import optionService = require("../../services/options");
-import log = require("../../services/log");
-import searchService = require("../../services/search/services/search");
-import ValidationError = require("../../errors/validation_error");
-import { Request } from "express";
+import optionService = require('../../services/options');
+import log = require('../../services/log');
+import searchService = require('../../services/search/services/search');
+import ValidationError = require('../../errors/validation_error');
+import { Request } from 'express';
 
 // options allowed to be updated directly in the Options dialog
 const ALLOWED_OPTIONS = new Set([
-    "eraseEntitiesAfterTimeInSeconds",
-    "protectedSessionTimeout",
-    "revisionSnapshotTimeInterval",
-    "zoomFactor",
-    "theme",
-    "syncServerHost",
-    "syncServerTimeout",
-    "syncProxy",
-    "hoistedNoteId",
-    "mainFontSize",
-    "mainFontFamily",
-    "treeFontSize",
-    "treeFontFamily",
-    "detailFontSize",
-    "detailFontFamily",
-    "monospaceFontSize",
-    "monospaceFontFamily",
-    "openNoteContexts",
-    "vimKeymapEnabled",
-    "codeLineWrapEnabled",
-    "codeNotesMimeTypes",
-    "spellCheckEnabled",
-    "spellCheckLanguageCode",
-    "imageMaxWidthHeight",
-    "imageJpegQuality",
-    "leftPaneWidth",
-    "rightPaneWidth",
-    "leftPaneVisible",
-    "rightPaneVisible",
-    "nativeTitleBarVisible",
-    "headingStyle",
-    "autoCollapseNoteTree",
-    "autoReadonlySizeText",
-    "autoReadonlySizeCode",
-    "overrideThemeFonts",
-    "dailyBackupEnabled",
-    "weeklyBackupEnabled",
-    "monthlyBackupEnabled",
-    "maxContentWidth",
-    "compressImages",
-    "downloadImagesAutomatically",
-    "minTocHeadings",
-    "highlightsList",
-    "checkForUpdates",
-    "disableTray",
-    "eraseUnusedAttachmentsAfterSeconds",
-    "disableTray",
-    "customSearchEngineName",
-    "customSearchEngineUrl",
-    "promotedAttributesOpenInRibbon",
-    "editedNotesOpenInRibbon",
-    "totpEnabled",
+  'eraseEntitiesAfterTimeInSeconds',
+  'protectedSessionTimeout',
+  'revisionSnapshotTimeInterval',
+  'zoomFactor',
+  'theme',
+  'syncServerHost',
+  'syncServerTimeout',
+  'syncProxy',
+  'hoistedNoteId',
+  'mainFontSize',
+  'mainFontFamily',
+  'treeFontSize',
+  'treeFontFamily',
+  'detailFontSize',
+  'detailFontFamily',
+  'monospaceFontSize',
+  'monospaceFontFamily',
+  'openNoteContexts',
+  'vimKeymapEnabled',
+  'codeLineWrapEnabled',
+  'codeNotesMimeTypes',
+  'spellCheckEnabled',
+  'spellCheckLanguageCode',
+  'imageMaxWidthHeight',
+  'imageJpegQuality',
+  'leftPaneWidth',
+  'rightPaneWidth',
+  'leftPaneVisible',
+  'rightPaneVisible',
+  'nativeTitleBarVisible',
+  'headingStyle',
+  'autoCollapseNoteTree',
+  'autoReadonlySizeText',
+  'autoReadonlySizeCode',
+  'overrideThemeFonts',
+  'dailyBackupEnabled',
+  'weeklyBackupEnabled',
+  'monthlyBackupEnabled',
+  'maxContentWidth',
+  'compressImages',
+  'downloadImagesAutomatically',
+  'minTocHeadings',
+  'highlightsList',
+  'checkForUpdates',
+  'disableTray',
+  'eraseUnusedAttachmentsAfterSeconds',
+  'disableTray',
+  'customSearchEngineName',
+  'customSearchEngineUrl',
+  'promotedAttributesOpenInRibbon',
+  'editedNotesOpenInRibbon',
+  'totpEnabled',
 ]);
 
 function getOptions() {
-    const optionMap = optionService.getOptionMap();
-    const resultMap: Record<string, string> = {};
+  const optionMap = optionService.getOptionMap();
+  const resultMap: Record<string, string> = {};
 
-    for (const optionName in optionMap) {
-        if (isAllowed(optionName)) {
-            resultMap[optionName] = optionMap[optionName];
-        }
+  for (const optionName in optionMap) {
+    if (isAllowed(optionName)) {
+      resultMap[optionName] = optionMap[optionName];
     }
+  }
 
-    resultMap["isPasswordSet"] = optionMap["passwordVerificationHash"]
-        ? "true"
-        : "false";
+  resultMap['isPasswordSet'] = optionMap['passwordVerificationHash']
+    ? 'true'
+    : 'false';
 
-    return resultMap;
+  return resultMap;
 }
 
 function updateOption(req: Request) {
-    const { name, value } = req.params;
+  const { name, value } = req.params;
 
-    if (!update(name, value)) {
-        throw new ValidationError("not allowed option to change");
-    }
+  if (!update(name, value)) {
+    throw new ValidationError('not allowed option to change');
+  }
 }
 
 function updateOptions(req: Request) {
-    for (const optionName in req.body) {
-        console.log(optionName);
-        if (!update(optionName, req.body[optionName])) {
-            // this should be improved
-            // it should return 400 instead of current 500, but at least it now rollbacks transaction
-            throw new Error(
-                `Option '${optionName}' is not allowed to be changed`
-            );
-        }
+  for (const optionName in req.body) {
+    console.log(optionName);
+    if (!update(optionName, req.body[optionName])) {
+      // this should be improved
+      // it should return 400 instead of current 500, but at least it now rollbacks transaction
+      throw new Error(`Option '${optionName}' is not allowed to be changed`);
     }
+  }
 }
 
 function update(name: string, value: string) {
-    if (!isAllowed(name)) {
-        return false;
-    }
+  if (!isAllowed(name)) {
+    return false;
+  }
 
-    if (name !== "openNoteContexts") {
-        log.info(`Updating option '${name}' to '${value}'`);
-    }
+  if (name !== 'openNoteContexts') {
+    log.info(`Updating option '${name}' to '${value}'`);
+  }
 
-    optionService.setOption(name, value);
+  optionService.setOption(name, value);
 
-    return true;
+  return true;
 }
 
 function getUserThemes() {
-    const notes = searchService.searchNotes("#appTheme", {
-        ignoreHoistedNote: true,
-    });
-    const ret = [];
+  const notes = searchService.searchNotes('#appTheme', {
+    ignoreHoistedNote: true,
+  });
+  const ret = [];
 
-    for (const note of notes) {
-        let value = note.getOwnedLabelValue("appTheme");
+  for (const note of notes) {
+    let value = note.getOwnedLabelValue('appTheme');
 
-        if (!value) {
-            value = note.title.toLowerCase().replace(/[^a-z0-9]/gi, "-");
-        }
-
-        ret.push({
-            val: value,
-            title: note.title,
-            noteId: note.noteId,
-        });
+    if (!value) {
+      value = note.title.toLowerCase().replace(/[^a-z0-9]/gi, '-');
     }
 
-    return ret;
+    ret.push({
+      val: value,
+      title: note.title,
+      noteId: note.noteId,
+    });
+  }
+
+  return ret;
 }
 
 function isAllowed(name: string) {
-    return (
-        ALLOWED_OPTIONS.has(name) ||
-        name.startsWith("keyboardShortcuts") ||
-        name.endsWith("Collapsed") ||
-        name.startsWith("hideArchivedNotes")
-    );
+  return (
+    ALLOWED_OPTIONS.has(name) ||
+    name.startsWith('keyboardShortcuts') ||
+    name.endsWith('Collapsed') ||
+    name.startsWith('hideArchivedNotes')
+  );
 }
 
 export = {
-    getOptions,
-    updateOption,
-    updateOptions,
-    getUserThemes,
+  getOptions,
+  updateOption,
+  updateOptions,
+  getUserThemes,
 };
diff --git a/src/routes/login.ts b/src/routes/login.ts
index edf967b4de..2bb63df704 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -1,32 +1,32 @@
-"use strict";
-
-import utils = require("../services/utils");
-import optionService = require("../services/options");
-import myScryptService = require("../services/encryption/my_scrypt");
-import log = require("../services/log");
-import passwordService = require("../services/encryption/password");
-import assetPath = require("../services/asset_path");
-import appPath = require("../services/app_path");
-import ValidationError = require("../errors/validation_error");
-import totp_secret = require("../services/totp_secret");
-import { Request, Response } from "express";
-import { AppRequest } from "./route-interface";
-import recoveryCodeService = require("../services/encryption/recovery_codes");
-
-const speakeasy = require("speakeasy");
+'use strict';
+
+import utils = require('../services/utils');
+import optionService = require('../services/options');
+import myScryptService = require('../services/encryption/my_scrypt');
+import log = require('../services/log');
+import passwordService = require('../services/encryption/password');
+import assetPath = require('../services/asset_path');
+import appPath = require('../services/app_path');
+import ValidationError = require('../errors/validation_error');
+import totp_secret = require('../services/totp_secret');
+import { Request, Response } from 'express';
+import { AppRequest } from './route-interface';
+import recoveryCodeService = require('../services/encryption/recovery_codes');
+
+const speakeasy = require('speakeasy');
 
 function loginPage(req: Request, res: Response) {
-  res.render("login", {
+  res.render('login', {
     failedAuth: false,
     totpEnabled:
-      optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret(),
+      optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
     assetPath: assetPath,
     appPath: appPath,
   });
 }
 
 function setPasswordPage(req: Request, res: Response) {
-  res.render("set_password", {
+  res.render('set_password', {
     error: false,
     assetPath: assetPath,
     appPath: appPath,
@@ -35,7 +35,7 @@ function setPasswordPage(req: Request, res: Response) {
 
 function setPassword(req: Request, res: Response) {
   if (passwordService.isPasswordSet()) {
-    throw new ValidationError("Password has been already set");
+    throw new ValidationError('Password has been already set');
   }
 
   let { password1, password2 } = req.body;
@@ -47,11 +47,11 @@ function setPassword(req: Request, res: Response) {
   if (password1 !== password2) {
     error = "Entered passwords don't match.";
   } else if (password1.length < 4) {
-    error = "Password must be at least 4 characters long.";
+    error = 'Password must be at least 4 characters long.';
   }
 
   if (error) {
-    res.render("set_password", {
+    res.render('set_password', {
       error,
       assetPath: assetPath,
     });
@@ -60,7 +60,7 @@ function setPassword(req: Request, res: Response) {
 
   passwordService.setPassword(password1);
 
-  res.redirect("login");
+  res.redirect('login');
 }
 
 function login(req: AppRequest, res: Response) {
@@ -72,7 +72,7 @@ function login(req: AppRequest, res: Response) {
     return;
   }
 
-  if (optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret())
+  if (optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret())
     if (!verifyTOTP(guessedTotp)) {
       sendLoginError(req, res);
       return;
@@ -88,7 +88,7 @@ function login(req: AppRequest, res: Response) {
     }
 
     req.session.loggedIn = true;
-    res.redirect(".");
+    res.redirect('.');
   });
 }
 
@@ -96,10 +96,10 @@ function sendLoginError(req: AppRequest, res: Response) {
   // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
   log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
 
-  res.status(401).render("login", {
+  res.status(401).render('login', {
     failedAuth: true,
     totpEnabled:
-      optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret(),
+      optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
     assetPath: assetPath,
   });
 }
@@ -107,7 +107,7 @@ function sendLoginError(req: AppRequest, res: Response) {
 function verifyTOTP(guessedToken: string) {
   const tokenValidates = speakeasy.totp.verify({
     secret: totp_secret.getTotpSecret(),
-    encoding: "base32",
+    encoding: 'base32',
     token: guessedToken,
     window: 1,
   });
@@ -122,7 +122,7 @@ function verifyTOTP(guessedToken: string) {
 
 function verifyPassword(guessedPassword: string) {
   const hashed_password = utils.fromBase64(
-    optionService.getOption("passwordVerificationHash")
+    optionService.getOption('passwordVerificationHash')
   );
 
   const guess_hashed = myScryptService.getVerificationHash(guessedPassword);
@@ -134,7 +134,7 @@ function logout(req: AppRequest, res: Response) {
   req.session.regenerate(() => {
     req.session.loggedIn = false;
 
-    res.redirect("login");
+    res.redirect('login');
   });
 }
 
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index a76f3a8a8e..a479a34c51 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -1,96 +1,96 @@
-"use strict";
+'use strict';
 
-import utils = require("../services/utils");
-import multer = require("multer");
-import log = require("../services/log");
-import express = require("express");
+import utils = require('../services/utils');
+import multer = require('multer');
+import log = require('../services/log');
+import express = require('express');
 const router = express.Router();
-import auth = require("../services/auth");
-import cls = require("../services/cls");
-import sql = require("../services/sql");
-import entityChangesService = require("../services/entity_changes");
-import csurf = require("csurf");
-import { createPartialContentHandler } from "express-partial-content";
-import rateLimit = require("express-rate-limit");
-import AbstractBeccaEntity = require("../becca/entities/abstract_becca_entity");
-import NotFoundError = require("../errors/not_found_error");
-import ValidationError = require("../errors/validation_error");
+import auth = require('../services/auth');
+import cls = require('../services/cls');
+import sql = require('../services/sql');
+import entityChangesService = require('../services/entity_changes');
+import csurf = require('csurf');
+import { createPartialContentHandler } from 'express-partial-content';
+import rateLimit = require('express-rate-limit');
+import AbstractBeccaEntity = require('../becca/entities/abstract_becca_entity');
+import NotFoundError = require('../errors/not_found_error');
+import ValidationError = require('../errors/validation_error');
 
 // page routes
-import setupRoute = require("./setup");
-import loginRoute = require("./login");
-import indexRoute = require("./index");
+import setupRoute = require('./setup');
+import loginRoute = require('./login');
+import indexRoute = require('./index');
 
 // API routes
-import treeApiRoute = require("./api/tree");
-import notesApiRoute = require("./api/notes");
-import branchesApiRoute = require("./api/branches");
-import attachmentsApiRoute = require("./api/attachments");
-import autocompleteApiRoute = require("./api/autocomplete");
-import cloningApiRoute = require("./api/cloning");
-import revisionsApiRoute = require("./api/revisions");
-import recentChangesApiRoute = require("./api/recent_changes");
-import optionsApiRoute = require("./api/options");
-import passwordApiRoute = require("./api/password");
-import syncApiRoute = require("./api/sync");
-import loginApiRoute = require("./api/login");
-import recentNotesRoute = require("./api/recent_notes");
-import appInfoRoute = require("./api/app_info");
-import exportRoute = require("./api/export");
-import importRoute = require("./api/import");
-import setupApiRoute = require("./api/setup");
-import sqlRoute = require("./api/sql");
-import databaseRoute = require("./api/database");
-import imageRoute = require("./api/image");
-import attributesRoute = require("./api/attributes");
-import scriptRoute = require("./api/script");
-import senderRoute = require("./api/sender");
-import filesRoute = require("./api/files");
-import searchRoute = require("./api/search");
-import bulkActionRoute = require("./api/bulk_action");
-import specialNotesRoute = require("./api/special_notes");
-import noteMapRoute = require("./api/note_map");
-import clipperRoute = require("./api/clipper");
-import similarNotesRoute = require("./api/similar_notes");
-import keysRoute = require("./api/keys");
-import backendLogRoute = require("./api/backend_log");
-import statsRoute = require("./api/stats");
-import fontsRoute = require("./api/fonts");
-import etapiTokensApiRoutes = require("./api/etapi_tokens");
-import relationMapApiRoute = require("./api/relation-map");
-import otherRoute = require("./api/other");
-import shareRoutes = require("../share/routes");
-import totp = require("./api/totp");
-import recoveryCodes = require("./api/recovery_codes");
-
-import etapiAuthRoutes = require("../etapi/auth");
-import etapiAppInfoRoutes = require("../etapi/app_info");
-import etapiAttachmentRoutes = require("../etapi/attachments");
-import etapiAttributeRoutes = require("../etapi/attributes");
-import etapiBranchRoutes = require("../etapi/branches");
-import etapiNoteRoutes = require("../etapi/notes");
-import etapiSpecialNoteRoutes = require("../etapi/special_notes");
-import etapiSpecRoute = require("../etapi/spec");
-import etapiBackupRoute = require("../etapi/backup");
-import { AppRequest, AppRequestHandler } from "./route-interface";
+import treeApiRoute = require('./api/tree');
+import notesApiRoute = require('./api/notes');
+import branchesApiRoute = require('./api/branches');
+import attachmentsApiRoute = require('./api/attachments');
+import autocompleteApiRoute = require('./api/autocomplete');
+import cloningApiRoute = require('./api/cloning');
+import revisionsApiRoute = require('./api/revisions');
+import recentChangesApiRoute = require('./api/recent_changes');
+import optionsApiRoute = require('./api/options');
+import passwordApiRoute = require('./api/password');
+import syncApiRoute = require('./api/sync');
+import loginApiRoute = require('./api/login');
+import recentNotesRoute = require('./api/recent_notes');
+import appInfoRoute = require('./api/app_info');
+import exportRoute = require('./api/export');
+import importRoute = require('./api/import');
+import setupApiRoute = require('./api/setup');
+import sqlRoute = require('./api/sql');
+import databaseRoute = require('./api/database');
+import imageRoute = require('./api/image');
+import attributesRoute = require('./api/attributes');
+import scriptRoute = require('./api/script');
+import senderRoute = require('./api/sender');
+import filesRoute = require('./api/files');
+import searchRoute = require('./api/search');
+import bulkActionRoute = require('./api/bulk_action');
+import specialNotesRoute = require('./api/special_notes');
+import noteMapRoute = require('./api/note_map');
+import clipperRoute = require('./api/clipper');
+import similarNotesRoute = require('./api/similar_notes');
+import keysRoute = require('./api/keys');
+import backendLogRoute = require('./api/backend_log');
+import statsRoute = require('./api/stats');
+import fontsRoute = require('./api/fonts');
+import etapiTokensApiRoutes = require('./api/etapi_tokens');
+import relationMapApiRoute = require('./api/relation-map');
+import otherRoute = require('./api/other');
+import shareRoutes = require('../share/routes');
+import totp = require('./api/totp');
+import recoveryCodes = require('./api/recovery_codes');
+
+import etapiAuthRoutes = require('../etapi/auth');
+import etapiAppInfoRoutes = require('../etapi/app_info');
+import etapiAttachmentRoutes = require('../etapi/attachments');
+import etapiAttributeRoutes = require('../etapi/attributes');
+import etapiBranchRoutes = require('../etapi/branches');
+import etapiNoteRoutes = require('../etapi/notes');
+import etapiSpecialNoteRoutes = require('../etapi/special_notes');
+import etapiSpecRoute = require('../etapi/spec');
+import etapiBackupRoute = require('../etapi/backup');
+import { AppRequest, AppRequestHandler } from './route-interface';
 
 const csrfMiddleware = csurf({
   cookie: {
-    path: "", // empty, so cookie is valid only for the current path
+    path: '', // empty, so cookie is valid only for the current path
   },
 });
 
 const MAX_ALLOWED_FILE_SIZE_MB = 250;
-const GET = "get",
-  PST = "post",
-  PUT = "put",
-  PATCH = "patch",
-  DEL = "delete";
+const GET = 'get',
+  PST = 'post',
+  PUT = 'put',
+  PATCH = 'patch',
+  DEL = 'delete';
 
 type ApiResultHandler = (req: express.Request, res: express.Response, result: unknown) => number;
 
 // TODO: Deduplicate with etapi_utils.ts afterwards.
-type HttpMethod = "all" | "get" | "post" | "put" | "delete" | "patch" | "options" | "head";
+type HttpMethod = 'all' | 'get' | 'post' | 'put' | 'delete' | 'patch' | 'options' | 'head';
 
 const uploadMiddleware = createUploadMiddleware();
 
@@ -100,9 +100,9 @@ const uploadMiddlewareWithErrorHandling = function (
   next: express.NextFunction
 ) {
   uploadMiddleware(req, res, function (err) {
-    if (err?.code === "LIMIT_FILE_SIZE") {
+    if (err?.code === 'LIMIT_FILE_SIZE') {
       res
-        .setHeader("Content-Type", "text/plain")
+        .setHeader('Content-Type', 'text/plain')
         .status(400)
         .send(`Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`);
     } else {
@@ -112,9 +112,9 @@ const uploadMiddlewareWithErrorHandling = function (
 };
 
 function register(app: express.Application) {
-  route(GET, "/", [auth.checkAuth, csrfMiddleware], indexRoute.index);
-  route(GET, "/login", [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage);
-  route(GET, "/set-password", [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage);
+  route(GET, '/', [auth.checkAuth, csrfMiddleware], indexRoute.index);
+  route(GET, '/login', [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage);
+  route(GET, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage);
 
   const loginRateLimiter = rateLimit.rateLimit({
     windowMs: 15 * 60 * 1000, // 15 minutes
@@ -122,55 +122,55 @@ function register(app: express.Application) {
     skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
   });
 
-  route(PST, "/login", [loginRateLimiter], loginRoute.login);
-  route(PST, "/logout", [csrfMiddleware, auth.checkAuth], loginRoute.logout);
-  route(PST, "/set-password", [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPassword);
-  route(GET, "/setup", [], setupRoute.setupPage);
-
-  apiRoute(GET, "/api/totp/generate", totp.generateSecret);
-  apiRoute(GET, "/api/totp/enabled", totp.checkForTOTP);
-  apiRoute(PST, "/api/totp/enable", totp.enableTOTP);
-  apiRoute(PST, "/api/totp/disable", totp.disableTOTP);
-  apiRoute(PST, "/api/totp/set", totp.setTotpSecret);
-  apiRoute(GET, "/api/totp/get", totp.getSecret);
-
-  apiRoute(PST, "/api/totp_recovery/set", recoveryCodes.setRecoveryCodes);
-  apiRoute(PST, "/api/totp_recovery/verify", recoveryCodes.veryifyRecoveryCode);
-  apiRoute(GET, "/api/totp_recovery/generate", recoveryCodes.generateRecoveryCodes);
-  apiRoute(GET, "/api/totp_recovery/enabled", recoveryCodes.checkForRecoveryKeys);
-  apiRoute(GET, "/api/totp_recovery/used", recoveryCodes.getUsedRecoveryCodes);
-
-  apiRoute(GET, "/api/tree", treeApiRoute.getTree);
-  apiRoute(PST, "/api/tree/load", treeApiRoute.load);
-
-  apiRoute(GET, "/api/notes/:noteId", notesApiRoute.getNote);
-  apiRoute(GET, "/api/notes/:noteId/blob", notesApiRoute.getNoteBlob);
-  apiRoute(GET, "/api/notes/:noteId/metadata", notesApiRoute.getNoteMetadata);
-  apiRoute(PUT, "/api/notes/:noteId/data", notesApiRoute.updateNoteData);
-  apiRoute(DEL, "/api/notes/:noteId", notesApiRoute.deleteNote);
-  apiRoute(PUT, "/api/notes/:noteId/undelete", notesApiRoute.undeleteNote);
-  apiRoute(PST, "/api/notes/:noteId/revision", notesApiRoute.forceSaveRevision);
-  apiRoute(PST, "/api/notes/:parentNoteId/children", notesApiRoute.createNote);
-  apiRoute(PUT, "/api/notes/:noteId/sort-children", notesApiRoute.sortChildNotes);
-  apiRoute(PUT, "/api/notes/:noteId/protect/:isProtected", notesApiRoute.protectNote);
-  apiRoute(PUT, "/api/notes/:noteId/type", notesApiRoute.setNoteTypeMime);
-  apiRoute(PUT, "/api/notes/:noteId/title", notesApiRoute.changeTitle);
-  apiRoute(PST, "/api/notes/:noteId/duplicPOSTate/:parentNoteId", notesApiRoute.duplicateSubtree);
-  apiRoute(PUT, "/api/notes/:noteId/clone-to-branch/:parentBranchId", cloningApiRoute.cloneNoteToBranch);
-  apiRoute(PUT, "/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present", cloningApiRoute.toggleNoteInParent);
-  apiRoute(PUT, "/api/notes/:noteId/clone-to-note/:parentNoteId", cloningApiRoute.cloneNoteToParentNote);
-  apiRoute(PUT, "/api/notes/:noteId/clone-after/:afterBranchId", cloningApiRoute.cloneNoteAfter);
+  route(PST, '/login', [loginRateLimiter], loginRoute.login);
+  route(PST, '/logout', [csrfMiddleware, auth.checkAuth], loginRoute.logout);
+  route(PST, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPassword);
+  route(GET, '/setup', [], setupRoute.setupPage);
+
+  apiRoute(GET, '/api/totp/generate', totp.generateSecret);
+  apiRoute(GET, '/api/totp/enabled', totp.checkForTOTP);
+  apiRoute(PST, '/api/totp/enable', totp.enableTOTP);
+  apiRoute(PST, '/api/totp/disable', totp.disableTOTP);
+  apiRoute(PST, '/api/totp/set', totp.setTotpSecret);
+  apiRoute(GET, '/api/totp/get', totp.getSecret);
+
+  apiRoute(PST, '/api/totp_recovery/set', recoveryCodes.setRecoveryCodes);
+  apiRoute(PST, '/api/totp_recovery/verify', recoveryCodes.veryifyRecoveryCode);
+  apiRoute(GET, '/api/totp_recovery/generate', recoveryCodes.generateRecoveryCodes);
+  apiRoute(GET, '/api/totp_recovery/enabled', recoveryCodes.checkForRecoveryKeys);
+  apiRoute(GET, '/api/totp_recovery/used', recoveryCodes.getUsedRecoveryCodes);
+
+  apiRoute(GET, '/api/tree', treeApiRoute.getTree);
+  apiRoute(PST, '/api/tree/load', treeApiRoute.load);
+
+  apiRoute(GET, '/api/notes/:noteId', notesApiRoute.getNote);
+  apiRoute(GET, '/api/notes/:noteId/blob', notesApiRoute.getNoteBlob);
+  apiRoute(GET, '/api/notes/:noteId/metadata', notesApiRoute.getNoteMetadata);
+  apiRoute(PUT, '/api/notes/:noteId/data', notesApiRoute.updateNoteData);
+  apiRoute(DEL, '/api/notes/:noteId', notesApiRoute.deleteNote);
+  apiRoute(PUT, '/api/notes/:noteId/undelete', notesApiRoute.undeleteNote);
+  apiRoute(PST, '/api/notes/:noteId/revision', notesApiRoute.forceSaveRevision);
+  apiRoute(PST, '/api/notes/:parentNoteId/children', notesApiRoute.createNote);
+  apiRoute(PUT, '/api/notes/:noteId/sort-children', notesApiRoute.sortChildNotes);
+  apiRoute(PUT, '/api/notes/:noteId/protect/:isProtected', notesApiRoute.protectNote);
+  apiRoute(PUT, '/api/notes/:noteId/type', notesApiRoute.setNoteTypeMime);
+  apiRoute(PUT, '/api/notes/:noteId/title', notesApiRoute.changeTitle);
+  apiRoute(PST, '/api/notes/:noteId/duplicPOSTate/:parentNoteId', notesApiRoute.duplicateSubtree);
+  apiRoute(PUT, '/api/notes/:noteId/clone-to-branch/:parentBranchId', cloningApiRoute.cloneNoteToBranch);
+  apiRoute(PUT, '/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present', cloningApiRoute.toggleNoteInParent);
+  apiRoute(PUT, '/api/notes/:noteId/clone-to-note/:parentNoteId', cloningApiRoute.cloneNoteToParentNote);
+  apiRoute(PUT, '/api/notes/:noteId/clone-after/:afterBranchId', cloningApiRoute.cloneNoteAfter);
   route(
     PUT,
-    "/api/notes/:noteId/file",
+    '/api/notes/:noteId/file',
     [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
     filesRoute.updateFile,
     apiResultHandler
   );
-  route(GET, "/api/notes/:noteId/open", [auth.checkApiAuthOrElectron], filesRoute.openFile);
+  route(GET, '/api/notes/:noteId/open', [auth.checkApiAuthOrElectron], filesRoute.openFile);
   route(
     GET,
-    "/api/notes/:noteId/open-partial",
+    '/api/notes/:noteId/open-partial',
     [auth.checkApiAuthOrElectron],
     createPartialContentHandler(filesRoute.fileContentProvider, {
       debug: (string, extra) => {
@@ -178,46 +178,46 @@ function register(app: express.Application) {
       },
     })
   );
-  route(GET, "/api/notes/:noteId/download", [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
+  route(GET, '/api/notes/:noteId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
   // this "hacky" path is used for easier referencing of CSS resources
-  route(GET, "/api/notes/download/:noteId", [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
-  apiRoute(PST, "/api/notes/:noteId/save-to-tmp-dir", filesRoute.saveNoteToTmpDir);
-  apiRoute(PST, "/api/notes/:noteId/upload-modified-file", filesRoute.uploadModifiedFileToNote);
-  apiRoute(PST, "/api/notes/:noteId/convert-to-attachment", notesApiRoute.convertNoteToAttachment);
-
-  apiRoute(PUT, "/api/branches/:branchId/move-to/:parentBranchId", branchesApiRoute.moveBranchToParent);
-  apiRoute(PUT, "/api/branches/:branchId/move-before/:beforeBranchId", branchesApiRoute.moveBranchBeforeNote);
-  apiRoute(PUT, "/api/branches/:branchId/move-after/:afterBranchId", branchesApiRoute.moveBranchAfterNote);
-  apiRoute(PUT, "/api/branches/:branchId/expanded/:expanded", branchesApiRoute.setExpanded);
-  apiRoute(PUT, "/api/branches/:branchId/expanded-subtree/:expanded", branchesApiRoute.setExpandedForSubtree);
-  apiRoute(DEL, "/api/branches/:branchId", branchesApiRoute.deleteBranch);
-  apiRoute(PUT, "/api/branches/:branchId/set-prefix", branchesApiRoute.setPrefix);
-
-  apiRoute(GET, "/api/notes/:noteId/attachments", attachmentsApiRoute.getAttachments);
-  apiRoute(PST, "/api/notes/:noteId/attachments", attachmentsApiRoute.saveAttachment);
+  route(GET, '/api/notes/download/:noteId', [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
+  apiRoute(PST, '/api/notes/:noteId/save-to-tmp-dir', filesRoute.saveNoteToTmpDir);
+  apiRoute(PST, '/api/notes/:noteId/upload-modified-file', filesRoute.uploadModifiedFileToNote);
+  apiRoute(PST, '/api/notes/:noteId/convert-to-attachment', notesApiRoute.convertNoteToAttachment);
+
+  apiRoute(PUT, '/api/branches/:branchId/move-to/:parentBranchId', branchesApiRoute.moveBranchToParent);
+  apiRoute(PUT, '/api/branches/:branchId/move-before/:beforeBranchId', branchesApiRoute.moveBranchBeforeNote);
+  apiRoute(PUT, '/api/branches/:branchId/move-after/:afterBranchId', branchesApiRoute.moveBranchAfterNote);
+  apiRoute(PUT, '/api/branches/:branchId/expanded/:expanded', branchesApiRoute.setExpanded);
+  apiRoute(PUT, '/api/branches/:branchId/expanded-subtree/:expanded', branchesApiRoute.setExpandedForSubtree);
+  apiRoute(DEL, '/api/branches/:branchId', branchesApiRoute.deleteBranch);
+  apiRoute(PUT, '/api/branches/:branchId/set-prefix', branchesApiRoute.setPrefix);
+
+  apiRoute(GET, '/api/notes/:noteId/attachments', attachmentsApiRoute.getAttachments);
+  apiRoute(PST, '/api/notes/:noteId/attachments', attachmentsApiRoute.saveAttachment);
   route(
     PST,
-    "/api/notes/:noteId/attachments/upload",
+    '/api/notes/:noteId/attachments/upload',
     [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
     attachmentsApiRoute.uploadAttachment,
     apiResultHandler
   );
-  apiRoute(GET, "/api/attachments/:attachmentId", attachmentsApiRoute.getAttachment);
-  apiRoute(GET, "/api/attachments/:attachmentId/all", attachmentsApiRoute.getAllAttachments);
-  apiRoute(PST, "/api/attachments/:attachmentId/convert-to-note", attachmentsApiRoute.convertAttachmentToNote);
-  apiRoute(DEL, "/api/attachments/:attachmentId", attachmentsApiRoute.deleteAttachment);
-  apiRoute(PUT, "/api/attachments/:attachmentId/rename", attachmentsApiRoute.renameAttachment);
-  apiRoute(GET, "/api/attachments/:attachmentId/blob", attachmentsApiRoute.getAttachmentBlob);
+  apiRoute(GET, '/api/attachments/:attachmentId', attachmentsApiRoute.getAttachment);
+  apiRoute(GET, '/api/attachments/:attachmentId/all', attachmentsApiRoute.getAllAttachments);
+  apiRoute(PST, '/api/attachments/:attachmentId/convert-to-note', attachmentsApiRoute.convertAttachmentToNote);
+  apiRoute(DEL, '/api/attachments/:attachmentId', attachmentsApiRoute.deleteAttachment);
+  apiRoute(PUT, '/api/attachments/:attachmentId/rename', attachmentsApiRoute.renameAttachment);
+  apiRoute(GET, '/api/attachments/:attachmentId/blob', attachmentsApiRoute.getAttachmentBlob);
   route(
     GET,
-    "/api/attachments/:attachmentId/image/:filename",
+    '/api/attachments/:attachmentId/image/:filename',
     [auth.checkApiAuthOrElectron],
     imageRoute.returnAttachedImage
   );
-  route(GET, "/api/attachments/:attachmentId/open", [auth.checkApiAuthOrElectron], filesRoute.openAttachment);
+  route(GET, '/api/attachments/:attachmentId/open', [auth.checkApiAuthOrElectron], filesRoute.openAttachment);
   route(
     GET,
-    "/api/attachments/:attachmentId/open-partial",
+    '/api/attachments/:attachmentId/open-partial',
     [auth.checkApiAuthOrElectron],
     createPartialContentHandler(filesRoute.attachmentContentProvider, {
       debug: (string, extra) => {
@@ -225,114 +225,114 @@ function register(app: express.Application) {
       },
     })
   );
-  route(GET, "/api/attachments/:attachmentId/download", [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
+  route(GET, '/api/attachments/:attachmentId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
   // this "hacky" path is used for easier referencing of CSS resources
-  route(GET, "/api/attachments/download/:attachmentId", [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
-  apiRoute(PST, "/api/attachments/:attachmentId/save-to-tmp-dir", filesRoute.saveAttachmentToTmpDir);
-  apiRoute(PST, "/api/attachments/:attachmentId/upload-modified-file", filesRoute.uploadModifiedFileToAttachment);
+  route(GET, '/api/attachments/download/:attachmentId', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
+  apiRoute(PST, '/api/attachments/:attachmentId/save-to-tmp-dir', filesRoute.saveAttachmentToTmpDir);
+  apiRoute(PST, '/api/attachments/:attachmentId/upload-modified-file', filesRoute.uploadModifiedFileToAttachment);
   route(
     PUT,
-    "/api/attachments/:attachmentId/file",
+    '/api/attachments/:attachmentId/file',
     [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
     filesRoute.updateAttachment,
     apiResultHandler
   );
 
-  apiRoute(GET, "/api/notes/:noteId/revisions", revisionsApiRoute.getRevisions);
-  apiRoute(DEL, "/api/notes/:noteId/revisions", revisionsApiRoute.eraseAllRevisions);
-  apiRoute(GET, "/api/revisions/:revisionId", revisionsApiRoute.getRevision);
-  apiRoute(GET, "/api/revisions/:revisionId/blob", revisionsApiRoute.getRevisionBlob);
-  apiRoute(DEL, "/api/revisions/:revisionId", revisionsApiRoute.eraseRevision);
-  apiRoute(PST, "/api/revisions/:revisionId/restore", revisionsApiRoute.restoreRevision);
+  apiRoute(GET, '/api/notes/:noteId/revisions', revisionsApiRoute.getRevisions);
+  apiRoute(DEL, '/api/notes/:noteId/revisions', revisionsApiRoute.eraseAllRevisions);
+  apiRoute(GET, '/api/revisions/:revisionId', revisionsApiRoute.getRevision);
+  apiRoute(GET, '/api/revisions/:revisionId/blob', revisionsApiRoute.getRevisionBlob);
+  apiRoute(DEL, '/api/revisions/:revisionId', revisionsApiRoute.eraseRevision);
+  apiRoute(PST, '/api/revisions/:revisionId/restore', revisionsApiRoute.restoreRevision);
   route(
     GET,
-    "/api/revisions/:revisionId/image/:filename",
+    '/api/revisions/:revisionId/image/:filename',
     [auth.checkApiAuthOrElectron],
     imageRoute.returnImageFromRevision
   );
 
-  route(GET, "/api/revisions/:revisionId/download", [auth.checkApiAuthOrElectron], revisionsApiRoute.downloadRevision);
+  route(GET, '/api/revisions/:revisionId/download', [auth.checkApiAuthOrElectron], revisionsApiRoute.downloadRevision);
 
   route(
     GET,
-    "/api/branches/:branchId/export/:type/:format/:version/:taskId",
+    '/api/branches/:branchId/export/:type/:format/:version/:taskId',
     [auth.checkApiAuthOrElectron],
     exportRoute.exportBranch
   );
   route(
     PST,
-    "/api/notes/:parentNoteId/notes-import",
+    '/api/notes/:parentNoteId/notes-import',
     [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
     importRoute.importNotesToBranch,
     apiResultHandler
   );
   route(
     PST,
-    "/api/notes/:parentNoteId/attachments-import",
+    '/api/notes/:parentNoteId/attachments-import',
     [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
     importRoute.importAttachmentsToNote,
     apiResultHandler
   );
 
-  apiRoute(GET, "/api/notes/:noteId/attributes", attributesRoute.getEffectiveNoteAttributes);
-  apiRoute(PST, "/api/notes/:noteId/attributes", attributesRoute.addNoteAttribute);
-  apiRoute(PUT, "/api/notes/:noteId/attributes", attributesRoute.updateNoteAttributes);
-  apiRoute(PUT, "/api/notes/:noteId/attribute", attributesRoute.updateNoteAttribute);
-  apiRoute(PUT, "/api/notes/:noteId/set-attribute", attributesRoute.setNoteAttribute);
-  apiRoute(PUT, "/api/notes/:noteId/relations/:name/to/:targetNoteId", attributesRoute.createRelation);
-  apiRoute(DEL, "/api/notes/:noteId/relations/:name/to/:targetNoteId", attributesRoute.deleteRelation);
-  apiRoute(DEL, "/api/notes/:noteId/attributes/:attributeId", attributesRoute.deleteNoteAttribute);
-  apiRoute(GET, "/api/attribute-names", attributesRoute.getAttributeNames);
-  apiRoute(GET, "/api/attribute-values/:attributeName", attributesRoute.getValuesForAttribute);
+  apiRoute(GET, '/api/notes/:noteId/attributes', attributesRoute.getEffectiveNoteAttributes);
+  apiRoute(PST, '/api/notes/:noteId/attributes', attributesRoute.addNoteAttribute);
+  apiRoute(PUT, '/api/notes/:noteId/attributes', attributesRoute.updateNoteAttributes);
+  apiRoute(PUT, '/api/notes/:noteId/attribute', attributesRoute.updateNoteAttribute);
+  apiRoute(PUT, '/api/notes/:noteId/set-attribute', attributesRoute.setNoteAttribute);
+  apiRoute(PUT, '/api/notes/:noteId/relations/:name/to/:targetNoteId', attributesRoute.createRelation);
+  apiRoute(DEL, '/api/notes/:noteId/relations/:name/to/:targetNoteId', attributesRoute.deleteRelation);
+  apiRoute(DEL, '/api/notes/:noteId/attributes/:attributeId', attributesRoute.deleteNoteAttribute);
+  apiRoute(GET, '/api/attribute-names', attributesRoute.getAttributeNames);
+  apiRoute(GET, '/api/attribute-values/:attributeName', attributesRoute.getValuesForAttribute);
 
   // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
-  route(GET, "/api/images/:noteId/:filename", [auth.checkApiAuthOrElectron], imageRoute.returnImageFromNote);
+  route(GET, '/api/images/:noteId/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromNote);
   route(
     PUT,
-    "/api/images/:noteId",
+    '/api/images/:noteId',
     [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
     imageRoute.updateImage,
     apiResultHandler
   );
 
-  apiRoute(GET, "/api/options", optionsApiRoute.getOptions);
+  apiRoute(GET, '/api/options', optionsApiRoute.getOptions);
   // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
-  apiRoute(PUT, "/api/options/:name/:value*", optionsApiRoute.updateOption);
-  apiRoute(PUT, "/api/options", optionsApiRoute.updateOptions);
-  apiRoute(GET, "/api/options/user-themes", optionsApiRoute.getUserThemes);
-
-  apiRoute(PST, "/api/password/change", passwordApiRoute.changePassword);
-  apiRoute(PST, "/api/password/reset", passwordApiRoute.resetPassword);
-
-  apiRoute(PST, "/api/sync/test", syncApiRoute.testSync);
-  apiRoute(PST, "/api/sync/now", syncApiRoute.syncNow);
-  apiRoute(PST, "/api/sync/fill-entity-changes", syncApiRoute.fillEntityChanges);
-  apiRoute(PST, "/api/sync/force-full-sync", syncApiRoute.forceFullSync);
-  route(GET, "/api/sync/check", [auth.checkApiAuth], syncApiRoute.checkSync, apiResultHandler);
-  route(GET, "/api/sync/changed", [auth.checkApiAuth], syncApiRoute.getChanged, apiResultHandler);
-  route(PUT, "/api/sync/update", [auth.checkApiAuth], syncApiRoute.update, apiResultHandler);
-  route(PST, "/api/sync/finished", [auth.checkApiAuth], syncApiRoute.syncFinished, apiResultHandler);
-  route(PST, "/api/sync/check-entity-changes", [auth.checkApiAuth], syncApiRoute.checkEntityChanges, apiResultHandler);
+  apiRoute(PUT, '/api/options/:name/:value*', optionsApiRoute.updateOption);
+  apiRoute(PUT, '/api/options', optionsApiRoute.updateOptions);
+  apiRoute(GET, '/api/options/user-themes', optionsApiRoute.getUserThemes);
+
+  apiRoute(PST, '/api/password/change', passwordApiRoute.changePassword);
+  apiRoute(PST, '/api/password/reset', passwordApiRoute.resetPassword);
+
+  apiRoute(PST, '/api/sync/test', syncApiRoute.testSync);
+  apiRoute(PST, '/api/sync/now', syncApiRoute.syncNow);
+  apiRoute(PST, '/api/sync/fill-entity-changes', syncApiRoute.fillEntityChanges);
+  apiRoute(PST, '/api/sync/force-full-sync', syncApiRoute.forceFullSync);
+  route(GET, '/api/sync/check', [auth.checkApiAuth], syncApiRoute.checkSync, apiResultHandler);
+  route(GET, '/api/sync/changed', [auth.checkApiAuth], syncApiRoute.getChanged, apiResultHandler);
+  route(PUT, '/api/sync/update', [auth.checkApiAuth], syncApiRoute.update, apiResultHandler);
+  route(PST, '/api/sync/finished', [auth.checkApiAuth], syncApiRoute.syncFinished, apiResultHandler);
+  route(PST, '/api/sync/check-entity-changes', [auth.checkApiAuth], syncApiRoute.checkEntityChanges, apiResultHandler);
   route(
     PST,
-    "/api/sync/queue-sector/:entityName/:sector",
+    '/api/sync/queue-sector/:entityName/:sector',
     [auth.checkApiAuth],
     syncApiRoute.queueSector,
     apiResultHandler
   );
-  route(GET, "/api/sync/stats", [], syncApiRoute.getStats, apiResultHandler);
+  route(GET, '/api/sync/stats', [], syncApiRoute.getStats, apiResultHandler);
 
-  apiRoute(PST, "/api/recent-notes", recentNotesRoute.addRecentNote);
-  apiRoute(GET, "/api/app-info", appInfoRoute.getAppInfo);
+  apiRoute(PST, '/api/recent-notes', recentNotesRoute.addRecentNote);
+  apiRoute(GET, '/api/app-info', appInfoRoute.getAppInfo);
 
   // docker health check
-  route(GET, "/api/health-check", [], () => ({ status: "ok" }), apiResultHandler);
+  route(GET, '/api/health-check', [], () => ({ status: 'ok' }), apiResultHandler);
 
   // group of the services below are meant to be executed from the outside
-  route(GET, "/api/setup/status", [], setupApiRoute.getStatus, apiResultHandler);
+  route(GET, '/api/setup/status', [], setupApiRoute.getStatus, apiResultHandler);
   route(
     PST,
-    "/api/setup/new-document",
+    '/api/setup/new-document',
     [auth.checkAppNotInitialized],
     setupApiRoute.setupNewDocument,
     apiResultHandler,
@@ -340,96 +340,96 @@ function register(app: express.Application) {
   );
   route(
     PST,
-    "/api/setup/sync-from-server",
+    '/api/setup/sync-from-server',
     [auth.checkAppNotInitialized],
     setupApiRoute.setupSyncFromServer,
     apiResultHandler,
     false
   );
-  route(GET, "/api/setup/sync-seed", [auth.checkCredentials], setupApiRoute.getSyncSeed, apiResultHandler);
+  route(GET, '/api/setup/sync-seed', [auth.checkCredentials], setupApiRoute.getSyncSeed, apiResultHandler);
   route(
     PST,
-    "/api/setup/sync-seed",
+    '/api/setup/sync-seed',
     [auth.checkAppNotInitialized],
     setupApiRoute.saveSyncSeed,
     apiResultHandler,
     false
   );
 
-  apiRoute(GET, "/api/autocomplete", autocompleteApiRoute.getAutocomplete);
-  apiRoute(GET, "/api/quick-search/:searchString", searchRoute.quickSearch);
-  apiRoute(GET, "/api/search-note/:noteId", searchRoute.searchFromNote);
-  apiRoute(PST, "/api/search-and-execute-note/:noteId", searchRoute.searchAndExecute);
-  apiRoute(PST, "/api/search-related", searchRoute.getRelatedNotes);
-  apiRoute(GET, "/api/search/:searchString", searchRoute.search);
-  apiRoute(GET, "/api/search-templates", searchRoute.searchTemplates);
+  apiRoute(GET, '/api/autocomplete', autocompleteApiRoute.getAutocomplete);
+  apiRoute(GET, '/api/quick-search/:searchString', searchRoute.quickSearch);
+  apiRoute(GET, '/api/search-note/:noteId', searchRoute.searchFromNote);
+  apiRoute(PST, '/api/search-and-execute-note/:noteId', searchRoute.searchAndExecute);
+  apiRoute(PST, '/api/search-related', searchRoute.getRelatedNotes);
+  apiRoute(GET, '/api/search/:searchString', searchRoute.search);
+  apiRoute(GET, '/api/search-templates', searchRoute.searchTemplates);
 
-  apiRoute(PST, "/api/bulk-action/execute", bulkActionRoute.execute);
-  apiRoute(PST, "/api/bulk-action/affected-notes", bulkActionRoute.getAffectedNoteCount);
+  apiRoute(PST, '/api/bulk-action/execute', bulkActionRoute.execute);
+  apiRoute(PST, '/api/bulk-action/affected-notes', bulkActionRoute.getAffectedNoteCount);
 
-  route(PST, "/api/login/sync", [], loginApiRoute.loginSync, apiResultHandler);
+  route(PST, '/api/login/sync', [], loginApiRoute.loginSync, apiResultHandler);
   // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
-  apiRoute(PST, "/api/login/protected", loginApiRoute.loginToProtectedSession);
-  apiRoute(PST, "/api/login/protected/touch", loginApiRoute.touchProtectedSession);
-  apiRoute(PST, "/api/logout/protected", loginApiRoute.logoutFromProtectedSession);
+  apiRoute(PST, '/api/login/protected', loginApiRoute.loginToProtectedSession);
+  apiRoute(PST, '/api/login/protected/touch', loginApiRoute.touchProtectedSession);
+  apiRoute(PST, '/api/logout/protected', loginApiRoute.logoutFromProtectedSession);
 
-  route(PST, "/api/login/token", [loginRateLimiter], loginApiRoute.token, apiResultHandler);
+  route(PST, '/api/login/token', [loginRateLimiter], loginApiRoute.token, apiResultHandler);
 
-  apiRoute(GET, "/api/etapi-tokens", etapiTokensApiRoutes.getTokens);
-  apiRoute(PST, "/api/etapi-tokens", etapiTokensApiRoutes.createToken);
-  apiRoute(PATCH, "/api/etapi-tokens/:etapiTokenId", etapiTokensApiRoutes.patchToken);
-  apiRoute(DEL, "/api/etapi-tokens/:etapiTokenId", etapiTokensApiRoutes.deleteToken);
+  apiRoute(GET, '/api/etapi-tokens', etapiTokensApiRoutes.getTokens);
+  apiRoute(PST, '/api/etapi-tokens', etapiTokensApiRoutes.createToken);
+  apiRoute(PATCH, '/api/etapi-tokens/:etapiTokenId', etapiTokensApiRoutes.patchToken);
+  apiRoute(DEL, '/api/etapi-tokens/:etapiTokenId', etapiTokensApiRoutes.deleteToken);
 
   // in case of local electron, local calls are allowed unauthenticated, for server they need auth
   const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
 
-  route(GET, "/api/clipper/handshake", clipperMiddleware, clipperRoute.handshake, apiResultHandler);
-  route(PST, "/api/clipper/clippings", clipperMiddleware, clipperRoute.addClipping, apiResultHandler);
-  route(PST, "/api/clipper/notes", clipperMiddleware, clipperRoute.createNote, apiResultHandler);
-  route(PST, "/api/clipper/open/:noteId", clipperMiddleware, clipperRoute.openNote, apiResultHandler);
-  route(GET, "/api/clipper/notes-by-url/:noteUrl", clipperMiddleware, clipperRoute.findNotesByUrl, apiResultHandler);
-
-  apiRoute(GET, "/api/special-notes/inbox/:date", specialNotesRoute.getInboxNote);
-  apiRoute(GET, "/api/special-notes/days/:date", specialNotesRoute.getDayNote);
-  apiRoute(GET, "/api/special-notes/weeks/:date", specialNotesRoute.getWeekNote);
-  apiRoute(GET, "/api/special-notes/months/:month", specialNotesRoute.getMonthNote);
-  apiRoute(GET, "/api/special-notes/years/:year", specialNotesRoute.getYearNote);
-  apiRoute(GET, "/api/special-notes/notes-for-month/:month", specialNotesRoute.getDayNotesForMonth);
-  apiRoute(PST, "/api/special-notes/sql-console", specialNotesRoute.createSqlConsole);
-  apiRoute(PST, "/api/special-notes/save-sql-console", specialNotesRoute.saveSqlConsole);
-  apiRoute(PST, "/api/special-notes/search-note", specialNotesRoute.createSearchNote);
-  apiRoute(PST, "/api/special-notes/save-search-note", specialNotesRoute.saveSearchNote);
-  apiRoute(PST, "/api/special-notes/launchers/:noteId/reset", specialNotesRoute.resetLauncher);
-  apiRoute(PST, "/api/special-notes/launchers/:parentNoteId/:launcherType", specialNotesRoute.createLauncher);
-  apiRoute(PUT, "/api/special-notes/api-script-launcher", specialNotesRoute.createOrUpdateScriptLauncherFromApi);
-
-  apiRoute(GET, "/api/sql/schema", sqlRoute.getSchema);
-  apiRoute(PST, "/api/sql/execute/:noteId", sqlRoute.execute);
+  route(GET, '/api/clipper/handshake', clipperMiddleware, clipperRoute.handshake, apiResultHandler);
+  route(PST, '/api/clipper/clippings', clipperMiddleware, clipperRoute.addClipping, apiResultHandler);
+  route(PST, '/api/clipper/notes', clipperMiddleware, clipperRoute.createNote, apiResultHandler);
+  route(PST, '/api/clipper/open/:noteId', clipperMiddleware, clipperRoute.openNote, apiResultHandler);
+  route(GET, '/api/clipper/notes-by-url/:noteUrl', clipperMiddleware, clipperRoute.findNotesByUrl, apiResultHandler);
+
+  apiRoute(GET, '/api/special-notes/inbox/:date', specialNotesRoute.getInboxNote);
+  apiRoute(GET, '/api/special-notes/days/:date', specialNotesRoute.getDayNote);
+  apiRoute(GET, '/api/special-notes/weeks/:date', specialNotesRoute.getWeekNote);
+  apiRoute(GET, '/api/special-notes/months/:month', specialNotesRoute.getMonthNote);
+  apiRoute(GET, '/api/special-notes/years/:year', specialNotesRoute.getYearNote);
+  apiRoute(GET, '/api/special-notes/notes-for-month/:month', specialNotesRoute.getDayNotesForMonth);
+  apiRoute(PST, '/api/special-notes/sql-console', specialNotesRoute.createSqlConsole);
+  apiRoute(PST, '/api/special-notes/save-sql-console', specialNotesRoute.saveSqlConsole);
+  apiRoute(PST, '/api/special-notes/search-note', specialNotesRoute.createSearchNote);
+  apiRoute(PST, '/api/special-notes/save-search-note', specialNotesRoute.saveSearchNote);
+  apiRoute(PST, '/api/special-notes/launchers/:noteId/reset', specialNotesRoute.resetLauncher);
+  apiRoute(PST, '/api/special-notes/launchers/:parentNoteId/:launcherType', specialNotesRoute.createLauncher);
+  apiRoute(PUT, '/api/special-notes/api-script-launcher', specialNotesRoute.createOrUpdateScriptLauncherFromApi);
+
+  apiRoute(GET, '/api/sql/schema', sqlRoute.getSchema);
+  apiRoute(PST, '/api/sql/execute/:noteId', sqlRoute.execute);
   route(
     PST,
-    "/api/database/anonymize/:type",
+    '/api/database/anonymize/:type',
     [auth.checkApiAuthOrElectron, csrfMiddleware],
     databaseRoute.anonymize,
     apiResultHandler,
     false
   );
-  apiRoute(GET, "/api/database/anonymized-databases", databaseRoute.getExistingAnonymizedDatabases);
+  apiRoute(GET, '/api/database/anonymized-databases', databaseRoute.getExistingAnonymizedDatabases);
 
   // backup requires execution outside of transaction
   route(
     PST,
-    "/api/database/backup-database",
+    '/api/database/backup-database',
     [auth.checkApiAuthOrElectron, csrfMiddleware],
     databaseRoute.backupDatabase,
     apiResultHandler,
     false
   );
-  apiRoute(GET, "/api/database/backups", databaseRoute.getExistingBackups);
+  apiRoute(GET, '/api/database/backups', databaseRoute.getExistingBackups);
 
   // VACUUM requires execution outside of transaction
   route(
     PST,
-    "/api/database/vacuum-database",
+    '/api/database/vacuum-database',
     [auth.checkApiAuthOrElectron, csrfMiddleware],
     databaseRoute.vacuumDatabase,
     apiResultHandler,
@@ -438,55 +438,55 @@ function register(app: express.Application) {
 
   route(
     PST,
-    "/api/database/find-and-fix-consistency-issues",
+    '/api/database/find-and-fix-consistency-issues',
     [auth.checkApiAuthOrElectron, csrfMiddleware],
     databaseRoute.findAndFixConsistencyIssues,
     apiResultHandler,
     false
   );
 
-  apiRoute(GET, "/api/database/check-integrity", databaseRoute.checkIntegrity);
+  apiRoute(GET, '/api/database/check-integrity', databaseRoute.checkIntegrity);
 
-  route(PST, "/api/script/exec", [auth.checkApiAuth, csrfMiddleware], scriptRoute.exec, apiResultHandler, false);
+  route(PST, '/api/script/exec', [auth.checkApiAuth, csrfMiddleware], scriptRoute.exec, apiResultHandler, false);
 
-  apiRoute(PST, "/api/script/run/:noteId", scriptRoute.run);
-  apiRoute(GET, "/api/script/startup", scriptRoute.getStartupBundles);
-  apiRoute(GET, "/api/script/widgets", scriptRoute.getWidgetBundles);
-  apiRoute(PST, "/api/script/bundle/:noteId", scriptRoute.getBundle);
-  apiRoute(GET, "/api/script/relation/:noteId/:relationName", scriptRoute.getRelationBundles);
+  apiRoute(PST, '/api/script/run/:noteId', scriptRoute.run);
+  apiRoute(GET, '/api/script/startup', scriptRoute.getStartupBundles);
+  apiRoute(GET, '/api/script/widgets', scriptRoute.getWidgetBundles);
+  apiRoute(PST, '/api/script/bundle/:noteId', scriptRoute.getBundle);
+  apiRoute(GET, '/api/script/relation/:noteId/:relationName', scriptRoute.getRelationBundles);
 
   // no CSRF since this is called from android app
-  route(PST, "/api/sender/login", [loginRateLimiter], loginApiRoute.token, apiResultHandler);
+  route(PST, '/api/sender/login', [loginRateLimiter], loginApiRoute.token, apiResultHandler);
   route(
     PST,
-    "/api/sender/image",
+    '/api/sender/image',
     [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
     senderRoute.uploadImage,
     apiResultHandler
   );
-  route(PST, "/api/sender/note", [auth.checkEtapiToken], senderRoute.saveNote, apiResultHandler);
-
-  apiRoute(GET, "/api/keyboard-actions", keysRoute.getKeyboardActions);
-  apiRoute(GET, "/api/keyboard-shortcuts-for-notes", keysRoute.getShortcutsForNotes);
-
-  apiRoute(PST, "/api/relation-map", relationMapApiRoute.getRelationMap);
-  apiRoute(PST, "/api/notes/erase-deleted-notes-now", notesApiRoute.eraseDeletedNotesNow);
-  apiRoute(PST, "/api/notes/erase-unused-attachments-now", notesApiRoute.eraseUnusedAttachmentsNow);
-  apiRoute(GET, "/api/similar-notes/:noteId", similarNotesRoute.getSimilarNotes);
-  apiRoute(GET, "/api/backend-log", backendLogRoute.getBackendLog);
-  apiRoute(GET, "/api/stats/note-size/:noteId", statsRoute.getNoteSize);
-  apiRoute(GET, "/api/stats/subtree-size/:noteId", statsRoute.getSubtreeSize);
-  apiRoute(PST, "/api/delete-notes-preview", notesApiRoute.getDeleteNotesPreview);
-  route(GET, "/api/fonts", [auth.checkApiAuthOrElectron], fontsRoute.getFontCss);
-  apiRoute(GET, "/api/other/icon-usage", otherRoute.getIconUsage);
-  apiRoute(PST, "/api/other/render-markdown", otherRoute.renderMarkdown);
-  apiRoute(GET, "/api/recent-changes/:ancestorNoteId", recentChangesApiRoute.getRecentChanges);
-  apiRoute(GET, "/api/edited-notes/:date", revisionsApiRoute.getEditedNotesOnDate);
-
-  apiRoute(PST, "/api/note-map/:noteId/tree", noteMapRoute.getTreeMap);
-  apiRoute(PST, "/api/note-map/:noteId/link", noteMapRoute.getLinkMap);
-  apiRoute(GET, "/api/note-map/:noteId/backlink-count", noteMapRoute.getBacklinkCount);
-  apiRoute(GET, "/api/note-map/:noteId/backlinks", noteMapRoute.getBacklinks);
+  route(PST, '/api/sender/note', [auth.checkEtapiToken], senderRoute.saveNote, apiResultHandler);
+
+  apiRoute(GET, '/api/keyboard-actions', keysRoute.getKeyboardActions);
+  apiRoute(GET, '/api/keyboard-shortcuts-for-notes', keysRoute.getShortcutsForNotes);
+
+  apiRoute(PST, '/api/relation-map', relationMapApiRoute.getRelationMap);
+  apiRoute(PST, '/api/notes/erase-deleted-notes-now', notesApiRoute.eraseDeletedNotesNow);
+  apiRoute(PST, '/api/notes/erase-unused-attachments-now', notesApiRoute.eraseUnusedAttachmentsNow);
+  apiRoute(GET, '/api/similar-notes/:noteId', similarNotesRoute.getSimilarNotes);
+  apiRoute(GET, '/api/backend-log', backendLogRoute.getBackendLog);
+  apiRoute(GET, '/api/stats/note-size/:noteId', statsRoute.getNoteSize);
+  apiRoute(GET, '/api/stats/subtree-size/:noteId', statsRoute.getSubtreeSize);
+  apiRoute(PST, '/api/delete-notes-preview', notesApiRoute.getDeleteNotesPreview);
+  route(GET, '/api/fonts', [auth.checkApiAuthOrElectron], fontsRoute.getFontCss);
+  apiRoute(GET, '/api/other/icon-usage', otherRoute.getIconUsage);
+  apiRoute(PST, '/api/other/render-markdown', otherRoute.renderMarkdown);
+  apiRoute(GET, '/api/recent-changes/:ancestorNoteId', recentChangesApiRoute.getRecentChanges);
+  apiRoute(GET, '/api/edited-notes/:date', revisionsApiRoute.getEditedNotesOnDate);
+
+  apiRoute(PST, '/api/note-map/:noteId/tree', noteMapRoute.getTreeMap);
+  apiRoute(PST, '/api/note-map/:noteId/link', noteMapRoute.getLinkMap);
+  apiRoute(GET, '/api/note-map/:noteId/backlink-count', noteMapRoute.getBacklinkCount);
+  apiRoute(GET, '/api/note-map/:noteId/backlinks', noteMapRoute.getBacklinks);
 
   shareRoutes.register(router);
 
@@ -500,7 +500,7 @@ function register(app: express.Application) {
   etapiSpecRoute.register(router);
   etapiBackupRoute.register(router);
 
-  app.use("", router);
+  app.use('', router);
 }
 
 /** Handling common patterns. If entity is not caught, serialization to JSON will fail */
@@ -513,17 +513,17 @@ function convertEntitiesToPojo(result: unknown) {
         result[idx] = result[idx].getPojo();
       }
     }
-  } else if (result && typeof result === "object") {
-    if ("note" in result && result.note instanceof AbstractBeccaEntity) {
+  } else if (result && typeof result === 'object') {
+    if ('note' in result && result.note instanceof AbstractBeccaEntity) {
       result.note = result.note.getPojo();
     }
 
-    if ("branch" in result && result.branch instanceof AbstractBeccaEntity) {
+    if ('branch' in result && result.branch instanceof AbstractBeccaEntity) {
       result.branch = result.branch.getPojo();
     }
   }
 
-  if (result && typeof result === "object" && "executionResult" in result) {
+  if (result && typeof result === 'object' && 'executionResult' in result) {
     // from runOnBackend()
     result.executionResult = convertEntitiesToPojo(result.executionResult);
   }
@@ -532,7 +532,7 @@ function convertEntitiesToPojo(result: unknown) {
 }
 
 function apiResultHandler(req: express.Request, res: express.Response, result: unknown) {
-  res.setHeader("trilium-max-entity-change-id", entityChangesService.getMaxEntityChangeId());
+  res.setHeader('trilium-max-entity-change-id', entityChangesService.getMaxEntityChangeId());
 
   result = convertEntitiesToPojo(result);
 
@@ -546,16 +546,16 @@ function apiResultHandler(req: express.Request, res: express.Response, result: u
 
     return send(res, statusCode, response);
   } else if (result === undefined) {
-    return send(res, 204, "");
+    return send(res, 204, '');
   } else {
     return send(res, 200, result);
   }
 }
 
 function send(res: express.Response, statusCode: number, response: unknown) {
-  if (typeof response === "string") {
+  if (typeof response === 'string') {
     if (statusCode >= 400) {
-      res.setHeader("Content-Type", "text/plain");
+      res.setHeader('Content-Type', 'text/plain');
     }
 
     res.status(statusCode).send(response);
@@ -564,7 +564,7 @@ function send(res: express.Response, statusCode: number, response: unknown) {
   } else {
     const json = JSON.stringify(response);
 
-    res.setHeader("Content-Type", "application/json");
+    res.setHeader('Content-Type', 'application/json');
     res.status(statusCode).send(json);
 
     return json.length;
@@ -594,9 +594,9 @@ function route(
         cls.namespace.bindEmitter(res);
 
         const result = cls.init(() => {
-          cls.set("componentId", req.headers["trilium-component-id"]);
-          cls.set("localNowDateTime", req.headers["trilium-local-now-datetime"]);
-          cls.set("hoistedNoteId", req.headers["trilium-hoisted-note-id"] || "root");
+          cls.set('componentId', req.headers['trilium-component-id']);
+          cls.set('localNowDateTime', req.headers['trilium-local-now-datetime']);
+          cls.set('hoistedNoteId', req.headers['trilium-hoisted-note-id'] || 'root');
 
           const cb = () => routeHandler(req as AppRequest, res, next);
 
@@ -657,7 +657,7 @@ function createUploadMiddleware() {
     fileFilter: (req: express.Request, file, cb) => {
       // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
       // See https://github.com/expressjs/multer/pull/1102.
-      file.originalname = Buffer.from(file.originalname, "latin1").toString("utf-8");
+      file.originalname = Buffer.from(file.originalname, 'latin1').toString('utf-8');
       cb(null, true);
     },
   };
@@ -668,7 +668,7 @@ function createUploadMiddleware() {
     };
   }
 
-  return multer(multerOptions).single("upload");
+  return multer(multerOptions).single('upload');
 }
 
 export = {
diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index b162293078..c6613e3752 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -1,45 +1,45 @@
-"use strict";
+'use strict';
 
-import optionService = require("../options");
-import crypto = require("crypto");
+import optionService = require('../options');
+import crypto = require('crypto');
 
 function getVerificationHash(password: crypto.BinaryLike) {
-    const salt = optionService.getOption("passwordVerificationSalt");
+  const salt = optionService.getOption('passwordVerificationSalt');
 
-    return getScryptHash(password, salt);
+  return getScryptHash(password, salt);
 }
 
 function getPasswordDerivedKey(password: crypto.BinaryLike) {
-    const salt = optionService.getOption("passwordDerivedKeySalt");
+  const salt = optionService.getOption('passwordDerivedKeySalt');
 
-    return getScryptHash(password, salt);
+  return getScryptHash(password, salt);
 }
 
 function getScryptHash(password: crypto.BinaryLike, salt: crypto.BinaryLike) {
-    const hashed = crypto.scryptSync(password, salt, 32, {
-        N: 16384,
-        r: 8,
-        p: 1,
-    });
+  const hashed = crypto.scryptSync(password, salt, 32, {
+    N: 16384,
+    r: 8,
+    p: 1,
+  });
 
-    return hashed;
+  return hashed;
 }
 
 function getTotpSecretVerificationHash(secret: crypto.BinaryLike) {
-    const salt = optionService.getOption("totpSecretVerificationSalt");
+  const salt = optionService.getOption('totpSecretVerificationSalt');
 
-    return getScryptHash(secret, salt);
+  return getScryptHash(secret, salt);
 }
 
 function getTotpSecretDerivedKey(secret: crypto.BinaryLike) {
-    const salt = optionService.getOption("totpSecretDerivedKeySalt");
+  const salt = optionService.getOption('totpSecretDerivedKeySalt');
 
-    return getScryptHash(secret, salt);
+  return getScryptHash(secret, salt);
 }
 
 export = {
-    getVerificationHash,
-    getPasswordDerivedKey,
-    getTotpSecretVerificationHash,
-    getTotpSecretDerivedKey,
+  getVerificationHash,
+  getPasswordDerivedKey,
+  getTotpSecretVerificationHash,
+  getTotpSecretDerivedKey,
 };
diff --git a/src/services/encryption/recovery_codes.ts b/src/services/encryption/recovery_codes.ts
index 378ea385a5..ad529c9c84 100644
--- a/src/services/encryption/recovery_codes.ts
+++ b/src/services/encryption/recovery_codes.ts
@@ -1,24 +1,24 @@
-"use strict";
+'use strict';
 
-import sql = require("../sql");
-import optionService = require("../options");
-import crypto = require("crypto");
+import sql = require('../sql');
+import optionService = require('../options');
+import crypto = require('crypto');
 
 function isRecoveryCodeSet() {
-  return optionService.getOptionBool("encryptedRecoveryCodes");
+  return optionService.getOptionBool('encryptedRecoveryCodes');
 }
 
 function setRecoveryCodes(recoveryCodes: string) {
   const iv = crypto.randomBytes(16);
   const securityKey = crypto.randomBytes(32);
-  const cipher = crypto.createCipheriv("aes-256-cbc", securityKey, iv);
-  let encryptedRecoveryCodes = cipher.update(recoveryCodes, "utf-8", "hex");
+  const cipher = crypto.createCipheriv('aes-256-cbc', securityKey, iv);
+  let encryptedRecoveryCodes = cipher.update(recoveryCodes, 'utf-8', 'hex');
 
   sql.transactional(() => {
-    optionService.setOption("recoveryCodeInitialVector", iv.toString("hex"));
-    optionService.setOption("recoveryCodeSecurityKey", securityKey.toString("hex"));
-    optionService.setOption("recoveryCodesEncrypted", encryptedRecoveryCodes + cipher.final("hex"));
-    optionService.setOption("encryptedRecoveryCodes", "true");
+    optionService.setOption('recoveryCodeInitialVector', iv.toString('hex'));
+    optionService.setOption('recoveryCodeSecurityKey', securityKey.toString('hex'));
+    optionService.setOption('recoveryCodesEncrypted', encryptedRecoveryCodes + cipher.final('hex'));
+    optionService.setOption('encryptedRecoveryCodes', 'true');
     return true;
   });
   return false;
@@ -29,22 +29,22 @@ function getRecoveryCodes() {
   }
 
   return sql.transactional(() => {
-    const iv = Buffer.from(optionService.getOption("recoveryCodeInitialVector"), "hex");
-    const securityKey = Buffer.from(optionService.getOption("recoveryCodeSecurityKey"), "hex");
-    const encryptedRecoveryCodes = optionService.getOption("recoveryCodesEncrypted");
+    const iv = Buffer.from(optionService.getOption('recoveryCodeInitialVector'), 'hex');
+    const securityKey = Buffer.from(optionService.getOption('recoveryCodeSecurityKey'), 'hex');
+    const encryptedRecoveryCodes = optionService.getOption('recoveryCodesEncrypted');
 
-    const decipher = crypto.createDecipheriv("aes-256-cbc", securityKey, iv);
-    const decryptedData = decipher.update(encryptedRecoveryCodes, "hex", "utf-8");
+    const decipher = crypto.createDecipheriv('aes-256-cbc', securityKey, iv);
+    const decryptedData = decipher.update(encryptedRecoveryCodes, 'hex', 'utf-8');
 
-    const decryptedString = decryptedData + decipher.final("utf-8");
-    return decryptedString.split(",");
+    const decryptedString = decryptedData + decipher.final('utf-8');
+    return decryptedString.split(',');
   });
 }
 
 function removeRecoveryCode(usedCode: string) {
   const oldCodes: string[] = getRecoveryCodes();
   const today = new Date();
-  oldCodes[oldCodes.indexOf(usedCode)] = today.toJSON().replace(/-/g, "/");
+  oldCodes[oldCodes.indexOf(usedCode)] = today.toJSON().replace(/-/g, '/');
   setRecoveryCodes(oldCodes.toString());
 }
 
@@ -72,8 +72,8 @@ function getUsedRecoveryCodes() {
   const usedStatus: string[] = [];
 
   recoveryCodes.forEach((recoveryKey: string) => {
-    if (dateRegex.test(recoveryKey)) usedStatus.push("Used: " + recoveryKey);
-    else usedStatus.push("Recovery code " + recoveryCodes.indexOf(recoveryKey) + " is unused");
+    if (dateRegex.test(recoveryKey)) usedStatus.push('Used: ' + recoveryKey);
+    else usedStatus.push('Recovery code ' + recoveryCodes.indexOf(recoveryKey) + ' is unused');
   });
   return usedStatus;
 }
diff --git a/src/services/encryption/totp_secret.ts b/src/services/encryption/totp_secret.ts
index cb38b495c1..81884f4be9 100644
--- a/src/services/encryption/totp_secret.ts
+++ b/src/services/encryption/totp_secret.ts
@@ -1,111 +1,79 @@
-"use strict";
+'use strict';
 
-import sql = require("../sql");
-import optionService = require("../options");
-import myScryptService = require("./my_scrypt");
-import utils = require("../utils");
-import totpEncryptionService = require("./totp_secret_encryption");
+import sql = require('../sql');
+import optionService = require('../options');
+import myScryptService = require('./my_scrypt');
+import utils = require('../utils');
+import totpEncryptionService = require('./totp_secret_encryption');
 
 function isTotpSecretSet() {
-    return !!sql.getValue(
-        "SELECT value FROM options WHERE name = 'passwordVerificationHash'"
-    );
+  return !!sql.getValue("SELECT value FROM options WHERE name = 'passwordVerificationHash'");
 }
 
 function changePassword(currentSecret: string, newSecret: string) {
-    if (!isTotpSecretSet()) {
-        throw new Error(
-            "TOTP Secret has not been set yet, so it cannot be changed. Use 'setTotpSecret' instead."
-        );
+  if (!isTotpSecretSet()) {
+    throw new Error("TOTP Secret has not been set yet, so it cannot be changed. Use 'setTotpSecret' instead.");
+  }
+
+  sql.transactional(() => {
+    const decryptedDataKey = totpEncryptionService.getDataKey(currentSecret);
+
+    optionService.setOption('totpSecretVerificationSalt', utils.randomSecureToken(32));
+    optionService.setOption('totpSecretDerivedKeySalt', utils.randomSecureToken(32));
+
+    const newTotpSecretVerificationKey = utils.toBase64(myScryptService.getTotpSecretVerificationHash(newSecret));
+
+    if (decryptedDataKey) {
+      // TODO: what should happen if the decrypted data key is null?
+      totpEncryptionService.setDataKey(newSecret, decryptedDataKey);
     }
 
-    sql.transactional(() => {
-        const decryptedDataKey =
-            totpEncryptionService.getDataKey(currentSecret);
-
-        optionService.setOption(
-            "totpSecretVerificationSalt",
-            utils.randomSecureToken(32)
-        );
-        optionService.setOption(
-            "totpSecretDerivedKeySalt",
-            utils.randomSecureToken(32)
-        );
-
-        const newTotpSecretVerificationKey = utils.toBase64(
-            myScryptService.getTotpSecretVerificationHash(newSecret)
-        );
-
-        if (decryptedDataKey) {
-            // TODO: what should happen if the decrypted data key is null?
-            totpEncryptionService.setDataKey(newSecret, decryptedDataKey);
-        }
-
-        optionService.setOption(
-            "totpSecretVerificationHash",
-            newTotpSecretVerificationKey
-        );
-    });
-
-    return {
-        success: true,
-    };
+    optionService.setOption('totpSecretVerificationHash', newTotpSecretVerificationKey);
+  });
+
+  return {
+    success: true,
+  };
 }
 
 function setTotpSecret(secret: string) {
-    if (isTotpSecretSet()) {
-        throw new Error(
-            "TOTP Secret is set already. Either change it or perform 'reset TOTP' first."
-        );
-    }
+  if (isTotpSecretSet()) {
+    throw new Error("TOTP Secret is set already. Either change it or perform 'reset TOTP' first.");
+  }
+
+  optionService.createOption('totpSecretVerificationSalt', utils.randomSecureToken(32), true);
+  optionService.createOption('totpSecretDerivedKeySalt', utils.randomSecureToken(32), true);
+
+  const totpSecretVerificationKey = utils.toBase64(myScryptService.getTotpSecretVerificationHash(secret));
+  optionService.createOption('totpSecretVerificationHash', totpSecretVerificationKey, true);
+
+  // totpEncryptionService expects these options to already exist
+  optionService.createOption('encryptedTotpSecretDataKey', '', true);
+
+  totpEncryptionService.setDataKey(secret, utils.randomSecureToken(16));
 
-    optionService.createOption(
-        "totpSecretVerificationSalt",
-        utils.randomSecureToken(32),
-        true
-    );
-    optionService.createOption(
-        "totpSecretDerivedKeySalt",
-        utils.randomSecureToken(32),
-        true
-    );
-
-    const totpSecretVerificationKey = utils.toBase64(
-        myScryptService.getTotpSecretVerificationHash(secret)
-    );
-    optionService.createOption(
-        "totpSecretVerificationHash",
-        totpSecretVerificationKey,
-        true
-    );
-
-    // totpEncryptionService expects these options to already exist
-    optionService.createOption("encryptedTotpSecretDataKey", "", true);
-
-    totpEncryptionService.setDataKey(secret, utils.randomSecureToken(16));
-
-    return {
-        success: true,
-    };
+  return {
+    success: true,
+  };
 }
 
 function resetPassword() {
-    // user forgot the password,
-    sql.transactional(() => {
-        optionService.setOption("passwordVerificationSalt", "");
-        optionService.setOption("passwordDerivedKeySalt", "");
-        optionService.setOption("encryptedDataKey", "");
-        optionService.setOption("passwordVerificationHash", "");
-    });
-
-    return {
-        success: true,
-    };
+  // user forgot the password,
+  sql.transactional(() => {
+    optionService.setOption('passwordVerificationSalt', '');
+    optionService.setOption('passwordDerivedKeySalt', '');
+    optionService.setOption('encryptedDataKey', '');
+    optionService.setOption('passwordVerificationHash', '');
+  });
+
+  return {
+    success: true,
+  };
 }
 
 export = {
-    isTotpSecretSet,
-    changePassword,
-    setTotpSecret,
-    resetPassword,
+  isTotpSecretSet,
+  changePassword,
+  setTotpSecret,
+  resetPassword,
 };
diff --git a/src/services/encryption/totp_secret_encryption.ts b/src/services/encryption/totp_secret_encryption.ts
index a0baa13730..d45ad76452 100644
--- a/src/services/encryption/totp_secret_encryption.ts
+++ b/src/services/encryption/totp_secret_encryption.ts
@@ -1,54 +1,28 @@
-import optionService = require("../options");
-import myScryptService = require("./my_scrypt");
-import utils = require("../utils");
-import dataEncryptionService = require("./data_encryption");
-
-// function verifyPassword(password: string) {
-//   const givenPasswordHash = utils.toBase64(
-//     myScryptService.getVerificationHash(password)
-//   );
-
-//   const dbPasswordHash = optionService.getOptionOrNull(
-//     "passwordVerificationHash"
-//   );
-
-//   if (!dbPasswordHash) {
-//     return false;
-//   }
-
-//   return givenPasswordHash === dbPasswordHash;
-// }
+import optionService = require('../options');
+import myScryptService = require('./my_scrypt');
+import utils = require('../utils');
+import dataEncryptionService = require('./data_encryption');
 
 function setDataKey(secret: string, plainTextDataKey: string | Buffer) {
-    const totpSecretDerivedKey =
-        myScryptService.getTotpSecretDerivedKey(secret);
+  const totpSecretDerivedKey = myScryptService.getTotpSecretDerivedKey(secret);
 
-    const newEncryptedDataKey = dataEncryptionService.encrypt(
-        totpSecretDerivedKey,
-        plainTextDataKey
-    );
+  const newEncryptedDataKey = dataEncryptionService.encrypt(totpSecretDerivedKey, plainTextDataKey);
 
-    optionService.setOption("encryptedTotpSecretDataKey", newEncryptedDataKey);
+  optionService.setOption('encryptedTotpSecretDataKey', newEncryptedDataKey);
 }
 
 function getDataKey(secret: string) {
-    const totpSecretDerivedKey =
-        myScryptService.getTotpSecretDerivedKey(secret);
+  const totpSecretDerivedKey = myScryptService.getTotpSecretDerivedKey(secret);
 
-    const encryptedDataKey = optionService.getOption(
-        "encryptedTotpSecretDataKey"
-    );
+  const encryptedDataKey = optionService.getOption('encryptedTotpSecretDataKey');
 
-    const decryptedDataKey = dataEncryptionService.decrypt(
-        totpSecretDerivedKey,
-        encryptedDataKey
-    );
+  const decryptedDataKey = dataEncryptionService.decrypt(totpSecretDerivedKey, encryptedDataKey);
 
-    return decryptedDataKey;
+  return decryptedDataKey;
 }
 
 export = {
-    //   verifyPassword,
-    getDataKey,
-    setDataKey,
+  //   verifyPassword,
+  getDataKey,
+  setDataKey,
 };
diff --git a/src/services/hidden_subtree.ts b/src/services/hidden_subtree.ts
index 9be6fd83ae..01091caad6 100644
--- a/src/services/hidden_subtree.ts
+++ b/src/services/hidden_subtree.ts
@@ -1,53 +1,49 @@
-import BAttribute = require("../becca/entities/battribute");
-import { AttributeType, NoteType } from "../becca/entities/rows";
+import BAttribute = require('../becca/entities/battribute');
+import { AttributeType, NoteType } from '../becca/entities/rows';
 
-import becca = require("../becca/becca");
-import noteService = require("./notes");
-import log = require("./log");
-import migrationService = require("./migration");
+import becca = require('../becca/becca');
+import noteService = require('./notes');
+import log = require('./log');
+import migrationService = require('./migration');
 
-const LBTPL_ROOT = "_lbTplRoot";
-const LBTPL_BASE = "_lbTplBase";
-const LBTPL_COMMAND = "_lbTplCommandLauncher";
-const LBTPL_NOTE_LAUNCHER = "_lbTplNoteLauncher";
-const LBTPL_SCRIPT = "_lbTplScriptLauncher";
-const LBTPL_BUILTIN_WIDGET = "_lbTplBuiltinWidget";
-const LBTPL_SPACER = "_lbTplSpacer";
-const LBTPL_CUSTOM_WIDGET = "_lbTplCustomWidget";
+const LBTPL_ROOT = '_lbTplRoot';
+const LBTPL_BASE = '_lbTplBase';
+const LBTPL_COMMAND = '_lbTplCommandLauncher';
+const LBTPL_NOTE_LAUNCHER = '_lbTplNoteLauncher';
+const LBTPL_SCRIPT = '_lbTplScriptLauncher';
+const LBTPL_BUILTIN_WIDGET = '_lbTplBuiltinWidget';
+const LBTPL_SPACER = '_lbTplSpacer';
+const LBTPL_CUSTOM_WIDGET = '_lbTplCustomWidget';
 
 interface Attribute {
-    type: AttributeType;
-    name: string;
-    isInheritable?: boolean;
-    value?: string;
+  type: AttributeType;
+  name: string;
+  isInheritable?: boolean;
+  value?: string;
 }
 
 interface Item {
-    notePosition?: number;
-    id: string;
-    title: string;
-    type: NoteType;
-    icon?: string;
-    attributes?: Attribute[];
-    children?: Item[];
-    isExpanded?: boolean;
-    baseSize?: string;
-    growthFactor?: string;
-    targetNoteId?: "_backendLog" | "_globalNoteMap";
-    builtinWidget?:
-        | "bookmarks"
-        | "spacer"
-        | "backInHistoryButton"
-        | "forwardInHistoryButton"
-        | "syncStatus"
-        | "protectedSession"
-        | "todayInJournal"
-        | "calendar";
-    command?:
-        | "jumpToNote"
-        | "searchNotes"
-        | "createNoteIntoInbox"
-        | "showRecentChanges";
+  notePosition?: number;
+  id: string;
+  title: string;
+  type: NoteType;
+  icon?: string;
+  attributes?: Attribute[];
+  children?: Item[];
+  isExpanded?: boolean;
+  baseSize?: string;
+  growthFactor?: string;
+  targetNoteId?: '_backendLog' | '_globalNoteMap';
+  builtinWidget?:
+    | 'bookmarks'
+    | 'spacer'
+    | 'backInHistoryButton'
+    | 'forwardInHistoryButton'
+    | 'syncStatus'
+    | 'protectedSession'
+    | 'todayInJournal'
+    | 'calendar';
+  command?: 'jumpToNote' | 'searchNotes' | 'createNoteIntoInbox' | 'showRecentChanges';
 }
 
 /*
@@ -57,663 +53,639 @@ interface Item {
  */
 
 const HIDDEN_SUBTREE_DEFINITION: Item = {
-    id: "_hidden",
-    title: "Hidden Notes",
-    type: "doc",
-    icon: "bx bx-chip",
-    // we want to keep the hidden subtree always last, otherwise there will be problems with e.g., keyboard navigation
-    // over tree when it's in the middle
-    notePosition: 999_999_999,
-    attributes: [
-        { type: "label", name: "excludeFromNoteMap", isInheritable: true },
-        { type: "label", name: "docName", value: "hidden" },
-    ],
-    children: [
+  id: '_hidden',
+  title: 'Hidden Notes',
+  type: 'doc',
+  icon: 'bx bx-chip',
+  // we want to keep the hidden subtree always last, otherwise there will be problems with e.g., keyboard navigation
+  // over tree when it's in the middle
+  notePosition: 999_999_999,
+  attributes: [
+    { type: 'label', name: 'excludeFromNoteMap', isInheritable: true },
+    { type: 'label', name: 'docName', value: 'hidden' },
+  ],
+  children: [
+    {
+      id: '_search',
+      title: 'Search History',
+      type: 'doc',
+    },
+    {
+      id: '_globalNoteMap',
+      title: 'Note Map',
+      type: 'noteMap',
+      attributes: [
+        { type: 'label', name: 'mapRootNoteId', value: 'hoisted' },
+        { type: 'label', name: 'keepCurrentHoisting' },
+      ],
+    },
+    {
+      id: '_sqlConsole',
+      title: 'SQL Console History',
+      type: 'doc',
+      icon: 'bx-data',
+    },
+    {
+      id: '_share',
+      title: 'Shared Notes',
+      type: 'doc',
+      attributes: [{ type: 'label', name: 'docName', value: 'share' }],
+    },
+    {
+      id: '_bulkAction',
+      title: 'Bulk Action',
+      type: 'doc',
+    },
+    {
+      id: '_backendLog',
+      title: 'Backend Log',
+      type: 'contentWidget',
+      icon: 'bx-terminal',
+      attributes: [{ type: 'label', name: 'keepCurrentHoisting' }],
+    },
+    {
+      // place for user scripts hidden stuff (scripts should not create notes directly under hidden root)
+      id: '_userHidden',
+      title: 'User Hidden',
+      type: 'doc',
+      attributes: [{ type: 'label', name: 'docName', value: 'user_hidden' }],
+    },
+    {
+      id: LBTPL_ROOT,
+      title: 'Launch Bar Templates',
+      type: 'doc',
+      children: [
         {
-            id: "_search",
-            title: "Search History",
-            type: "doc",
+          id: LBTPL_BASE,
+          title: 'Base Abstract Launcher',
+          type: 'doc',
         },
         {
-            id: "_globalNoteMap",
-            title: "Note Map",
-            type: "noteMap",
-            attributes: [
-                { type: "label", name: "mapRootNoteId", value: "hoisted" },
-                { type: "label", name: "keepCurrentHoisting" },
-            ],
+          id: LBTPL_COMMAND,
+          title: 'Command Launcher',
+          type: 'doc',
+          attributes: [
+            {
+              type: 'relation',
+              name: 'template',
+              value: LBTPL_BASE,
+            },
+            {
+              type: 'label',
+              name: 'launcherType',
+              value: 'command',
+            },
+            {
+              type: 'label',
+              name: 'docName',
+              value: 'launchbar_command_launcher',
+            },
+          ],
         },
         {
-            id: "_sqlConsole",
-            title: "SQL Console History",
-            type: "doc",
-            icon: "bx-data",
+          id: LBTPL_NOTE_LAUNCHER,
+          title: 'Note Launcher',
+          type: 'doc',
+          attributes: [
+            {
+              type: 'relation',
+              name: 'template',
+              value: LBTPL_BASE,
+            },
+            { type: 'label', name: 'launcherType', value: 'note' },
+            {
+              type: 'label',
+              name: 'relation:target',
+              value: 'promoted',
+            },
+            {
+              type: 'label',
+              name: 'relation:hoistedNote',
+              value: 'promoted',
+            },
+            {
+              type: 'label',
+              name: 'label:keyboardShortcut',
+              value: 'promoted,text',
+            },
+            {
+              type: 'label',
+              name: 'docName',
+              value: 'launchbar_note_launcher',
+            },
+          ],
         },
         {
-            id: "_share",
-            title: "Shared Notes",
-            type: "doc",
-            attributes: [{ type: "label", name: "docName", value: "share" }],
+          id: LBTPL_SCRIPT,
+          title: 'Script Launcher',
+          type: 'doc',
+          attributes: [
+            {
+              type: 'relation',
+              name: 'template',
+              value: LBTPL_BASE,
+            },
+            {
+              type: 'label',
+              name: 'launcherType',
+              value: 'script',
+            },
+            {
+              type: 'label',
+              name: 'relation:script',
+              value: 'promoted',
+            },
+            {
+              type: 'label',
+              name: 'label:keyboardShortcut',
+              value: 'promoted,text',
+            },
+            {
+              type: 'label',
+              name: 'docName',
+              value: 'launchbar_script_launcher',
+            },
+          ],
         },
         {
-            id: "_bulkAction",
-            title: "Bulk Action",
-            type: "doc",
+          id: LBTPL_BUILTIN_WIDGET,
+          title: 'Built-in Widget',
+          type: 'doc',
+          attributes: [
+            {
+              type: 'relation',
+              name: 'template',
+              value: LBTPL_BASE,
+            },
+            {
+              type: 'label',
+              name: 'launcherType',
+              value: 'builtinWidget',
+            },
+          ],
         },
         {
-            id: "_backendLog",
-            title: "Backend Log",
-            type: "contentWidget",
-            icon: "bx-terminal",
-            attributes: [{ type: "label", name: "keepCurrentHoisting" }],
+          id: LBTPL_SPACER,
+          title: 'Spacer',
+          type: 'doc',
+          icon: 'bx-move-vertical',
+          attributes: [
+            {
+              type: 'relation',
+              name: 'template',
+              value: LBTPL_BUILTIN_WIDGET,
+            },
+            {
+              type: 'label',
+              name: 'builtinWidget',
+              value: 'spacer',
+            },
+            {
+              type: 'label',
+              name: 'label:baseSize',
+              value: 'promoted,number',
+            },
+            {
+              type: 'label',
+              name: 'label:growthFactor',
+              value: 'promoted,number',
+            },
+            {
+              type: 'label',
+              name: 'docName',
+              value: 'launchbar_spacer',
+            },
+          ],
         },
         {
-            // place for user scripts hidden stuff (scripts should not create notes directly under hidden root)
-            id: "_userHidden",
-            title: "User Hidden",
-            type: "doc",
-            attributes: [
-                { type: "label", name: "docName", value: "user_hidden" },
-            ],
+          id: LBTPL_CUSTOM_WIDGET,
+          title: 'Custom Widget',
+          type: 'doc',
+          attributes: [
+            {
+              type: 'relation',
+              name: 'template',
+              value: LBTPL_BASE,
+            },
+            {
+              type: 'label',
+              name: 'launcherType',
+              value: 'customWidget',
+            },
+            {
+              type: 'label',
+              name: 'relation:widget',
+              value: 'promoted',
+            },
+            {
+              type: 'label',
+              name: 'docName',
+              value: 'launchbar_widget_launcher',
+            },
+          ],
         },
+      ],
+    },
+    {
+      id: '_lbRoot',
+      title: 'Launch Bar',
+      type: 'doc',
+      icon: 'bx-sidebar',
+      isExpanded: true,
+      attributes: [{ type: 'label', name: 'docName', value: 'launchbar_intro' }],
+      children: [
         {
-            id: LBTPL_ROOT,
-            title: "Launch Bar Templates",
-            type: "doc",
-            children: [
+          id: '_lbAvailableLaunchers',
+          title: 'Available Launchers',
+          type: 'doc',
+          icon: 'bx-hide',
+          isExpanded: true,
+          attributes: [
+            {
+              type: 'label',
+              name: 'docName',
+              value: 'launchbar_intro',
+            },
+          ],
+          children: [
+            {
+              id: '_lbBackInHistory',
+              title: 'Go to Previous Note',
+              type: 'launcher',
+              builtinWidget: 'backInHistoryButton',
+              icon: 'bx bxs-left-arrow-square',
+              attributes: [
                 {
-                    id: LBTPL_BASE,
-                    title: "Base Abstract Launcher",
-                    type: "doc",
+                  type: 'label',
+                  name: 'docName',
+                  value: 'launchbar_history_navigation',
                 },
+              ],
+            },
+            {
+              id: '_lbForwardInHistory',
+              title: 'Go to Next Note',
+              type: 'launcher',
+              builtinWidget: 'forwardInHistoryButton',
+              icon: 'bx bxs-right-arrow-square',
+              attributes: [
                 {
-                    id: LBTPL_COMMAND,
-                    title: "Command Launcher",
-                    type: "doc",
-                    attributes: [
-                        {
-                            type: "relation",
-                            name: "template",
-                            value: LBTPL_BASE,
-                        },
-                        {
-                            type: "label",
-                            name: "launcherType",
-                            value: "command",
-                        },
-                        {
-                            type: "label",
-                            name: "docName",
-                            value: "launchbar_command_launcher",
-                        },
-                    ],
+                  type: 'label',
+                  name: 'docName',
+                  value: 'launchbar_history_navigation',
                 },
-                {
-                    id: LBTPL_NOTE_LAUNCHER,
-                    title: "Note Launcher",
-                    type: "doc",
-                    attributes: [
-                        {
-                            type: "relation",
-                            name: "template",
-                            value: LBTPL_BASE,
-                        },
-                        { type: "label", name: "launcherType", value: "note" },
-                        {
-                            type: "label",
-                            name: "relation:target",
-                            value: "promoted",
-                        },
-                        {
-                            type: "label",
-                            name: "relation:hoistedNote",
-                            value: "promoted",
-                        },
-                        {
-                            type: "label",
-                            name: "label:keyboardShortcut",
-                            value: "promoted,text",
-                        },
-                        {
-                            type: "label",
-                            name: "docName",
-                            value: "launchbar_note_launcher",
-                        },
-                    ],
-                },
-                {
-                    id: LBTPL_SCRIPT,
-                    title: "Script Launcher",
-                    type: "doc",
-                    attributes: [
-                        {
-                            type: "relation",
-                            name: "template",
-                            value: LBTPL_BASE,
-                        },
-                        {
-                            type: "label",
-                            name: "launcherType",
-                            value: "script",
-                        },
-                        {
-                            type: "label",
-                            name: "relation:script",
-                            value: "promoted",
-                        },
-                        {
-                            type: "label",
-                            name: "label:keyboardShortcut",
-                            value: "promoted,text",
-                        },
-                        {
-                            type: "label",
-                            name: "docName",
-                            value: "launchbar_script_launcher",
-                        },
-                    ],
-                },
-                {
-                    id: LBTPL_BUILTIN_WIDGET,
-                    title: "Built-in Widget",
-                    type: "doc",
-                    attributes: [
-                        {
-                            type: "relation",
-                            name: "template",
-                            value: LBTPL_BASE,
-                        },
-                        {
-                            type: "label",
-                            name: "launcherType",
-                            value: "builtinWidget",
-                        },
-                    ],
-                },
-                {
-                    id: LBTPL_SPACER,
-                    title: "Spacer",
-                    type: "doc",
-                    icon: "bx-move-vertical",
-                    attributes: [
-                        {
-                            type: "relation",
-                            name: "template",
-                            value: LBTPL_BUILTIN_WIDGET,
-                        },
-                        {
-                            type: "label",
-                            name: "builtinWidget",
-                            value: "spacer",
-                        },
-                        {
-                            type: "label",
-                            name: "label:baseSize",
-                            value: "promoted,number",
-                        },
-                        {
-                            type: "label",
-                            name: "label:growthFactor",
-                            value: "promoted,number",
-                        },
-                        {
-                            type: "label",
-                            name: "docName",
-                            value: "launchbar_spacer",
-                        },
-                    ],
-                },
-                {
-                    id: LBTPL_CUSTOM_WIDGET,
-                    title: "Custom Widget",
-                    type: "doc",
-                    attributes: [
-                        {
-                            type: "relation",
-                            name: "template",
-                            value: LBTPL_BASE,
-                        },
-                        {
-                            type: "label",
-                            name: "launcherType",
-                            value: "customWidget",
-                        },
-                        {
-                            type: "label",
-                            name: "relation:widget",
-                            value: "promoted",
-                        },
-                        {
-                            type: "label",
-                            name: "docName",
-                            value: "launchbar_widget_launcher",
-                        },
-                    ],
-                },
-            ],
+              ],
+            },
+            {
+              id: '_lbBackendLog',
+              title: 'Backend Log',
+              type: 'launcher',
+              targetNoteId: '_backendLog',
+              icon: 'bx bx-terminal',
+            },
+          ],
         },
         {
-            id: "_lbRoot",
-            title: "Launch Bar",
-            type: "doc",
-            icon: "bx-sidebar",
-            isExpanded: true,
-            attributes: [
-                { type: "label", name: "docName", value: "launchbar_intro" },
-            ],
-            children: [
-                {
-                    id: "_lbAvailableLaunchers",
-                    title: "Available Launchers",
-                    type: "doc",
-                    icon: "bx-hide",
-                    isExpanded: true,
-                    attributes: [
-                        {
-                            type: "label",
-                            name: "docName",
-                            value: "launchbar_intro",
-                        },
-                    ],
-                    children: [
-                        {
-                            id: "_lbBackInHistory",
-                            title: "Go to Previous Note",
-                            type: "launcher",
-                            builtinWidget: "backInHistoryButton",
-                            icon: "bx bxs-left-arrow-square",
-                            attributes: [
-                                {
-                                    type: "label",
-                                    name: "docName",
-                                    value: "launchbar_history_navigation",
-                                },
-                            ],
-                        },
-                        {
-                            id: "_lbForwardInHistory",
-                            title: "Go to Next Note",
-                            type: "launcher",
-                            builtinWidget: "forwardInHistoryButton",
-                            icon: "bx bxs-right-arrow-square",
-                            attributes: [
-                                {
-                                    type: "label",
-                                    name: "docName",
-                                    value: "launchbar_history_navigation",
-                                },
-                            ],
-                        },
-                        {
-                            id: "_lbBackendLog",
-                            title: "Backend Log",
-                            type: "launcher",
-                            targetNoteId: "_backendLog",
-                            icon: "bx bx-terminal",
-                        },
-                    ],
-                },
-                {
-                    id: "_lbVisibleLaunchers",
-                    title: "Visible Launchers",
-                    type: "doc",
-                    icon: "bx-show",
-                    isExpanded: true,
-                    attributes: [
-                        {
-                            type: "label",
-                            name: "docName",
-                            value: "launchbar_intro",
-                        },
-                    ],
-                    children: [
-                        {
-                            id: "_lbNewNote",
-                            title: "New Note",
-                            type: "launcher",
-                            command: "createNoteIntoInbox",
-                            icon: "bx bx-file-blank",
-                        },
-                        {
-                            id: "_lbSearch",
-                            title: "Search Notes",
-                            type: "launcher",
-                            command: "searchNotes",
-                            icon: "bx bx-search",
-                            attributes: [
-                                { type: "label", name: "desktopOnly" },
-                            ],
-                        },
-                        {
-                            id: "_lbJumpTo",
-                            title: "Jump to Note",
-                            type: "launcher",
-                            command: "jumpToNote",
-                            icon: "bx bx-send",
-                            attributes: [
-                                { type: "label", name: "desktopOnly" },
-                            ],
-                        },
-                        {
-                            id: "_lbNoteMap",
-                            title: "Note Map",
-                            type: "launcher",
-                            targetNoteId: "_globalNoteMap",
-                            icon: "bx bx-map-alt",
-                        },
-                        {
-                            id: "_lbCalendar",
-                            title: "Calendar",
-                            type: "launcher",
-                            builtinWidget: "calendar",
-                            icon: "bx bx-calendar",
-                        },
-                        {
-                            id: "_lbRecentChanges",
-                            title: "Recent Changes",
-                            type: "launcher",
-                            command: "showRecentChanges",
-                            icon: "bx bx-history",
-                            attributes: [
-                                { type: "label", name: "desktopOnly" },
-                            ],
-                        },
-                        {
-                            id: "_lbSpacer1",
-                            title: "Spacer",
-                            type: "launcher",
-                            builtinWidget: "spacer",
-                            baseSize: "50",
-                            growthFactor: "0",
-                        },
-                        {
-                            id: "_lbBookmarks",
-                            title: "Bookmarks",
-                            type: "launcher",
-                            builtinWidget: "bookmarks",
-                            icon: "bx bx-bookmark",
-                        },
-                        {
-                            id: "_lbToday",
-                            title: "Open Today's Journal Note",
-                            type: "launcher",
-                            builtinWidget: "todayInJournal",
-                            icon: "bx bx-calendar-star",
-                        },
-                        {
-                            id: "_lbSpacer2",
-                            title: "Spacer",
-                            type: "launcher",
-                            builtinWidget: "spacer",
-                            baseSize: "0",
-                            growthFactor: "1",
-                        },
-                        {
-                            id: "_lbProtectedSession",
-                            title: "Protected Session",
-                            type: "launcher",
-                            builtinWidget: "protectedSession",
-                            icon: "bx bx bx-shield-quarter",
-                        },
-                        {
-                            id: "_lbSyncStatus",
-                            title: "Sync Status",
-                            type: "launcher",
-                            builtinWidget: "syncStatus",
-                            icon: "bx bx-wifi",
-                        },
-                    ],
-                },
-            ],
+          id: '_lbVisibleLaunchers',
+          title: 'Visible Launchers',
+          type: 'doc',
+          icon: 'bx-show',
+          isExpanded: true,
+          attributes: [
+            {
+              type: 'label',
+              name: 'docName',
+              value: 'launchbar_intro',
+            },
+          ],
+          children: [
+            {
+              id: '_lbNewNote',
+              title: 'New Note',
+              type: 'launcher',
+              command: 'createNoteIntoInbox',
+              icon: 'bx bx-file-blank',
+            },
+            {
+              id: '_lbSearch',
+              title: 'Search Notes',
+              type: 'launcher',
+              command: 'searchNotes',
+              icon: 'bx bx-search',
+              attributes: [{ type: 'label', name: 'desktopOnly' }],
+            },
+            {
+              id: '_lbJumpTo',
+              title: 'Jump to Note',
+              type: 'launcher',
+              command: 'jumpToNote',
+              icon: 'bx bx-send',
+              attributes: [{ type: 'label', name: 'desktopOnly' }],
+            },
+            {
+              id: '_lbNoteMap',
+              title: 'Note Map',
+              type: 'launcher',
+              targetNoteId: '_globalNoteMap',
+              icon: 'bx bx-map-alt',
+            },
+            {
+              id: '_lbCalendar',
+              title: 'Calendar',
+              type: 'launcher',
+              builtinWidget: 'calendar',
+              icon: 'bx bx-calendar',
+            },
+            {
+              id: '_lbRecentChanges',
+              title: 'Recent Changes',
+              type: 'launcher',
+              command: 'showRecentChanges',
+              icon: 'bx bx-history',
+              attributes: [{ type: 'label', name: 'desktopOnly' }],
+            },
+            {
+              id: '_lbSpacer1',
+              title: 'Spacer',
+              type: 'launcher',
+              builtinWidget: 'spacer',
+              baseSize: '50',
+              growthFactor: '0',
+            },
+            {
+              id: '_lbBookmarks',
+              title: 'Bookmarks',
+              type: 'launcher',
+              builtinWidget: 'bookmarks',
+              icon: 'bx bx-bookmark',
+            },
+            {
+              id: '_lbToday',
+              title: "Open Today's Journal Note",
+              type: 'launcher',
+              builtinWidget: 'todayInJournal',
+              icon: 'bx bx-calendar-star',
+            },
+            {
+              id: '_lbSpacer2',
+              title: 'Spacer',
+              type: 'launcher',
+              builtinWidget: 'spacer',
+              baseSize: '0',
+              growthFactor: '1',
+            },
+            {
+              id: '_lbProtectedSession',
+              title: 'Protected Session',
+              type: 'launcher',
+              builtinWidget: 'protectedSession',
+              icon: 'bx bx bx-shield-quarter',
+            },
+            {
+              id: '_lbSyncStatus',
+              title: 'Sync Status',
+              type: 'launcher',
+              builtinWidget: 'syncStatus',
+              icon: 'bx bx-wifi',
+            },
+          ],
         },
+      ],
+    },
+    {
+      id: '_options',
+      title: 'Options',
+      type: 'book',
+      children: [
         {
-            id: "_options",
-            title: "Options",
-            type: "book",
-            children: [
-                {
-                    id: "_optionsAppearance",
-                    title: "Appearance",
-                    type: "contentWidget",
-                    icon: "bx-layout",
-                },
-                {
-                    id: "_optionsShortcuts",
-                    title: "Shortcuts",
-                    type: "contentWidget",
-                    icon: "bxs-keyboard",
-                },
-                {
-                    id: "_optionsTextNotes",
-                    title: "Text Notes",
-                    type: "contentWidget",
-                    icon: "bx-text",
-                },
-                {
-                    id: "_optionsMFA",
-                    title: "MFA",
-                    type: "contentWidget",
-                    icon: "bx-lock",
-                },
-                {
-                    id: "_optionsCodeNotes",
-                    title: "Code Notes",
-                    type: "contentWidget",
-                    icon: "bx-code",
-                },
-                {
-                    id: "_optionsImages",
-                    title: "Images",
-                    type: "contentWidget",
-                    icon: "bx-image",
-                },
-                {
-                    id: "_optionsSpellcheck",
-                    title: "Spellcheck",
-                    type: "contentWidget",
-                    icon: "bx-check-double",
-                },
-                {
-                    id: "_optionsPassword",
-                    title: "Password",
-                    type: "contentWidget",
-                    icon: "bx-lock",
-                },
-                {
-                    id: "_optionsEtapi",
-                    title: "ETAPI",
-                    type: "contentWidget",
-                    icon: "bx-extension",
-                },
-                {
-                    id: "_optionsBackup",
-                    title: "Backup",
-                    type: "contentWidget",
-                    icon: "bx-data",
-                },
-                {
-                    id: "_optionsSync",
-                    title: "Sync",
-                    type: "contentWidget",
-                    icon: "bx-wifi",
-                },
-                {
-                    id: "_optionsOther",
-                    title: "Other",
-                    type: "contentWidget",
-                    icon: "bx-dots-horizontal",
-                },
-                {
-                    id: "_optionsAdvanced",
-                    title: "Advanced",
-                    type: "contentWidget",
-                },
-            ],
+          id: '_optionsAppearance',
+          title: 'Appearance',
+          type: 'contentWidget',
+          icon: 'bx-layout',
+        },
+        {
+          id: '_optionsShortcuts',
+          title: 'Shortcuts',
+          type: 'contentWidget',
+          icon: 'bxs-keyboard',
+        },
+        {
+          id: '_optionsTextNotes',
+          title: 'Text Notes',
+          type: 'contentWidget',
+          icon: 'bx-text',
+        },
+        {
+          id: '_optionsMFA',
+          title: 'MFA',
+          type: 'contentWidget',
+          icon: 'bx-lock',
+        },
+        {
+          id: '_optionsCodeNotes',
+          title: 'Code Notes',
+          type: 'contentWidget',
+          icon: 'bx-code',
+        },
+        {
+          id: '_optionsImages',
+          title: 'Images',
+          type: 'contentWidget',
+          icon: 'bx-image',
+        },
+        {
+          id: '_optionsSpellcheck',
+          title: 'Spellcheck',
+          type: 'contentWidget',
+          icon: 'bx-check-double',
+        },
+        {
+          id: '_optionsPassword',
+          title: 'Password',
+          type: 'contentWidget',
+          icon: 'bx-lock',
+        },
+        {
+          id: '_optionsEtapi',
+          title: 'ETAPI',
+          type: 'contentWidget',
+          icon: 'bx-extension',
+        },
+        {
+          id: '_optionsBackup',
+          title: 'Backup',
+          type: 'contentWidget',
+          icon: 'bx-data',
+        },
+        {
+          id: '_optionsSync',
+          title: 'Sync',
+          type: 'contentWidget',
+          icon: 'bx-wifi',
+        },
+        {
+          id: '_optionsOther',
+          title: 'Other',
+          type: 'contentWidget',
+          icon: 'bx-dots-horizontal',
         },
-    ],
+        {
+          id: '_optionsAdvanced',
+          title: 'Advanced',
+          type: 'contentWidget',
+        },
+      ],
+    },
+  ],
 };
 
 function checkHiddenSubtree(force = false) {
-    if (!force && !migrationService.isDbUpToDate()) {
-        // on-delete hook might get triggered during some future migration and cause havoc
-        log.info("Will not check hidden subtree until migration is finished.");
-        return;
-    }
+  if (!force && !migrationService.isDbUpToDate()) {
+    // on-delete hook might get triggered during some future migration and cause havoc
+    log.info('Will not check hidden subtree until migration is finished.');
+    return;
+  }
 
-    checkHiddenSubtreeRecursively("root", HIDDEN_SUBTREE_DEFINITION);
+  checkHiddenSubtreeRecursively('root', HIDDEN_SUBTREE_DEFINITION);
 }
 
 function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
-    if (!item.id || !item.type || !item.title) {
-        throw new Error(
-            `Item does not contain mandatory properties: ${JSON.stringify(
-                item
-            )}`
-        );
-    }
+  if (!item.id || !item.type || !item.title) {
+    throw new Error(`Item does not contain mandatory properties: ${JSON.stringify(item)}`);
+  }
 
-    if (item.id.charAt(0) !== "_") {
-        throw new Error(`ID has to start with underscore, given '${item.id}'`);
-    }
+  if (item.id.charAt(0) !== '_') {
+    throw new Error(`ID has to start with underscore, given '${item.id}'`);
+  }
 
-    let note = becca.notes[item.id];
-    let branch;
+  let note = becca.notes[item.id];
+  let branch;
 
-    if (!note) {
-        ({ note, branch } = noteService.createNewNote({
-            noteId: item.id,
-            title: item.title,
-            type: item.type,
-            parentNoteId: parentNoteId,
-            content: "",
-            ignoreForbiddenParents: true,
-        }));
-    } else {
-        branch = note
-            .getParentBranches()
-            .find((branch) => branch.parentNoteId === parentNoteId);
-    }
+  if (!note) {
+    ({ note, branch } = noteService.createNewNote({
+      noteId: item.id,
+      title: item.title,
+      type: item.type,
+      parentNoteId: parentNoteId,
+      content: '',
+      ignoreForbiddenParents: true,
+    }));
+  } else {
+    branch = note.getParentBranches().find((branch) => branch.parentNoteId === parentNoteId);
+  }
+
+  const attrs = [...(item.attributes || [])];
 
-    const attrs = [...(item.attributes || [])];
+  if (item.icon) {
+    attrs.push({
+      type: 'label',
+      name: 'iconClass',
+      value: `bx ${item.icon}`,
+    });
+  }
 
-    if (item.icon) {
+  if (item.type === 'launcher') {
+    if (item.command) {
+      attrs.push({
+        type: 'relation',
+        name: 'template',
+        value: LBTPL_COMMAND,
+      });
+      attrs.push({ type: 'label', name: 'command', value: item.command });
+    } else if (item.builtinWidget) {
+      if (item.builtinWidget === 'spacer') {
         attrs.push({
-            type: "label",
-            name: "iconClass",
-            value: `bx ${item.icon}`,
+          type: 'relation',
+          name: 'template',
+          value: LBTPL_SPACER,
         });
-    }
-
-    if (item.type === "launcher") {
-        if (item.command) {
-            attrs.push({
-                type: "relation",
-                name: "template",
-                value: LBTPL_COMMAND,
-            });
-            attrs.push({ type: "label", name: "command", value: item.command });
-        } else if (item.builtinWidget) {
-            if (item.builtinWidget === "spacer") {
-                attrs.push({
-                    type: "relation",
-                    name: "template",
-                    value: LBTPL_SPACER,
-                });
-                attrs.push({
-                    type: "label",
-                    name: "baseSize",
-                    value: item.baseSize,
-                });
-                attrs.push({
-                    type: "label",
-                    name: "growthFactor",
-                    value: item.growthFactor,
-                });
-            } else {
-                attrs.push({
-                    type: "relation",
-                    name: "template",
-                    value: LBTPL_BUILTIN_WIDGET,
-                });
-            }
+        attrs.push({
+          type: 'label',
+          name: 'baseSize',
+          value: item.baseSize,
+        });
+        attrs.push({
+          type: 'label',
+          name: 'growthFactor',
+          value: item.growthFactor,
+        });
+      } else {
+        attrs.push({
+          type: 'relation',
+          name: 'template',
+          value: LBTPL_BUILTIN_WIDGET,
+        });
+      }
 
-            attrs.push({
-                type: "label",
-                name: "builtinWidget",
-                value: item.builtinWidget,
-            });
-        } else if (item.targetNoteId) {
-            attrs.push({
-                type: "relation",
-                name: "template",
-                value: LBTPL_NOTE_LAUNCHER,
-            });
-            attrs.push({
-                type: "relation",
-                name: "target",
-                value: item.targetNoteId,
-            });
-        } else {
-            throw new Error(
-                `No action defined for launcher ${JSON.stringify(item)}`
-            );
-        }
+      attrs.push({
+        type: 'label',
+        name: 'builtinWidget',
+        value: item.builtinWidget,
+      });
+    } else if (item.targetNoteId) {
+      attrs.push({
+        type: 'relation',
+        name: 'template',
+        value: LBTPL_NOTE_LAUNCHER,
+      });
+      attrs.push({
+        type: 'relation',
+        name: 'target',
+        value: item.targetNoteId,
+      });
+    } else {
+      throw new Error(`No action defined for launcher ${JSON.stringify(item)}`);
     }
+  }
 
-    if (note.type !== item.type) {
-        // enforce a correct note type
-        note.type = item.type;
-        note.save();
-    }
+  if (note.type !== item.type) {
+    // enforce a correct note type
+    note.type = item.type;
+    note.save();
+  }
 
-    if (branch) {
-        // in case of launchers the branch ID is not preserved and should not be relied upon - launchers which move between
-        // visible and available will change branch since the branch's parent-child relationship is immutable
-        if (
-            item.notePosition !== undefined &&
-            branch.notePosition !== item.notePosition
-        ) {
-            branch.notePosition = item.notePosition;
-            branch.save();
-        }
+  if (branch) {
+    // in case of launchers the branch ID is not preserved and should not be relied upon - launchers which move between
+    // visible and available will change branch since the branch's parent-child relationship is immutable
+    if (item.notePosition !== undefined && branch.notePosition !== item.notePosition) {
+      branch.notePosition = item.notePosition;
+      branch.save();
+    }
 
-        if (
-            item.isExpanded !== undefined &&
-            branch.isExpanded !== item.isExpanded
-        ) {
-            branch.isExpanded = item.isExpanded;
-            branch.save();
-        }
+    if (item.isExpanded !== undefined && branch.isExpanded !== item.isExpanded) {
+      branch.isExpanded = item.isExpanded;
+      branch.save();
     }
+  }
 
-    for (const attr of attrs) {
-        const attrId = note.noteId + "_" + attr.type.charAt(0) + attr.name;
+  for (const attr of attrs) {
+    const attrId = note.noteId + '_' + attr.type.charAt(0) + attr.name;
 
-        if (!note.getAttributes().find((attr) => attr.attributeId === attrId)) {
-            new BAttribute({
-                attributeId: attrId,
-                noteId: note.noteId,
-                type: attr.type,
-                name: attr.name,
-                value: attr.value,
-                isInheritable: false,
-            }).save();
-        }
+    if (!note.getAttributes().find((attr) => attr.attributeId === attrId)) {
+      new BAttribute({
+        attributeId: attrId,
+        noteId: note.noteId,
+        type: attr.type,
+        name: attr.name,
+        value: attr.value,
+        isInheritable: false,
+      }).save();
     }
+  }
 
-    for (const child of item.children || []) {
-        checkHiddenSubtreeRecursively(item.id, child);
-    }
+  for (const child of item.children || []) {
+    checkHiddenSubtreeRecursively(item.id, child);
+  }
 }
 
 export = {
-    checkHiddenSubtree,
-    LBTPL_ROOT,
-    LBTPL_BASE,
-    LBTPL_COMMAND,
-    LBTPL_NOTE_LAUNCHER,
-    LBTPL_SCRIPT,
-    LBTPL_BUILTIN_WIDGET,
-    LBTPL_SPACER,
-    LBTPL_CUSTOM_WIDGET,
+  checkHiddenSubtree,
+  LBTPL_ROOT,
+  LBTPL_BASE,
+  LBTPL_COMMAND,
+  LBTPL_NOTE_LAUNCHER,
+  LBTPL_SCRIPT,
+  LBTPL_BUILTIN_WIDGET,
+  LBTPL_SPACER,
+  LBTPL_CUSTOM_WIDGET,
 };
diff --git a/src/services/options.ts b/src/services/options.ts
index b658e4ff71..c571f0c938 100644
--- a/src/services/options.ts
+++ b/src/services/options.ts
@@ -3,103 +3,102 @@ import { OptionRow } from '../becca/entities/rows';
 import sql = require('./sql');
 
 function getOptionOrNull(name: string): string | null {
-    let option;
+  let option;
 
-    if (becca.loaded) {
-        option = becca.getOption(name);
-    } else {
-        // e.g. in initial sync becca is not loaded because DB is not initialized
-        option = sql.getRow<OptionRow>("SELECT * FROM options WHERE name = ?", [name]);
-    }
+  if (becca.loaded) {
+    option = becca.getOption(name);
+  } else {
+    // e.g. in initial sync becca is not loaded because DB is not initialized
+    option = sql.getRow<OptionRow>('SELECT * FROM options WHERE name = ?', [name]);
+  }
 
-    return option ? option.value : null;
+  return option ? option.value : null;
 }
 
 function getOption(name: string) {
-    const val = getOptionOrNull(name);
+  const val = getOptionOrNull(name);
 
-    if (val === null) {
-        throw new Error(`Option '${name}' doesn't exist`);
-    }
+  if (val === null) {
+    throw new Error(`Option '${name}' doesn't exist`);
+  }
 
-    return val;
+  return val;
 }
 
 function getOptionInt(name: string, defaultValue?: number): number {
-    const val = getOption(name);
+  const val = getOption(name);
 
-    const intVal = parseInt(val);
+  const intVal = parseInt(val);
 
-    if (isNaN(intVal)) {
-        if (defaultValue === undefined) {
-            throw new Error(`Could not parse '${val}' into integer for option '${name}'`);
-        } else {
-            return defaultValue;
-        }
+  if (isNaN(intVal)) {
+    if (defaultValue === undefined) {
+      throw new Error(`Could not parse '${val}' into integer for option '${name}'`);
+    } else {
+      return defaultValue;
     }
+  }
 
-    return intVal;
+  return intVal;
 }
 
 function getOptionBool(name: string): boolean {
-    const val = getOption(name);
+  const val = getOption(name);
 
-    if (typeof val !== "string" || !['true', 'false'].includes(val)) {
-        throw new Error(`Could not parse '${val}' into boolean for option '${name}'`);
-    }
+  if (typeof val !== 'string' || !['true', 'false'].includes(val)) {
+    throw new Error(`Could not parse '${val}' into boolean for option '${name}'`);
+  }
 
-    return val === 'true';
+  return val === 'true';
 }
 
 function setOption(name: string, value: string | number | boolean) {
-    if (value === true || value === false || typeof value === "number") {
-        value = value.toString();
-    }
+  if (value === true || value === false || typeof value === 'number') {
+    value = value.toString();
+  }
 
-    const option = becca.getOption(name);
+  const option = becca.getOption(name);
 
-    if (option) {
-        option.value = value;
+  if (option) {
+    option.value = value;
 
-        option.save();
-    }
-    else {
-        createOption(name, value, false);
-    }
+    option.save();
+  } else {
+    createOption(name, value, false);
+  }
 }
 
 function createOption(name: string, value: string | number, isSynced: boolean) {
-    // to avoid circular dependency, need to find a better solution
-    const BOption = require('../becca/entities/boption');
-
-    new BOption({
-        name: name,
-        value: value,
-        isSynced: isSynced
-    }).save();
+  // to avoid circular dependency, need to find a better solution
+  const BOption = require('../becca/entities/boption');
+
+  new BOption({
+    name: name,
+    value: value,
+    isSynced: isSynced,
+  }).save();
 }
 
 function getOptions() {
-    return Object.values(becca.options);
+  return Object.values(becca.options);
 }
 
 function getOptionMap() {
-    const map: Record<string | number, string> = {};
+  const map: Record<string | number, string> = {};
 
-    for (const option of Object.values(becca.options)) {
-        map[option.name] = option.value;
-    }
+  for (const option of Object.values(becca.options)) {
+    map[option.name] = option.value;
+  }
 
-    return map;
+  return map;
 }
 
 export = {
-    getOption,
-    getOptionInt,
-    getOptionBool,
-    setOption,
-    createOption,
-    getOptions,
-    getOptionMap,
-    getOptionOrNull
+  getOption,
+  getOptionInt,
+  getOptionBool,
+  setOption,
+  createOption,
+  getOptions,
+  getOptionMap,
+  getOptionOrNull,
 };
diff --git a/src/services/options_init.ts b/src/services/options_init.ts
index c5e3bd2204..969dcddedc 100644
--- a/src/services/options_init.ts
+++ b/src/services/options_init.ts
@@ -1,209 +1,172 @@
-import optionService = require("./options");
-import appInfo = require("./app_info");
-import utils = require("./utils");
-import log = require("./log");
-import dateUtils = require("./date_utils");
-import keyboardActions = require("./keyboard_actions");
-import { KeyboardShortcutWithRequiredActionName } from "./keyboard_actions_interface";
+import optionService = require('./options');
+import appInfo = require('./app_info');
+import utils = require('./utils');
+import log = require('./log');
+import dateUtils = require('./date_utils');
+import keyboardActions = require('./keyboard_actions');
+import { KeyboardShortcutWithRequiredActionName } from './keyboard_actions_interface';
 
 function initDocumentOptions() {
-    optionService.createOption(
-        "documentId",
-        utils.randomSecureToken(16),
-        false
-    );
-    optionService.createOption(
-        "documentSecret",
-        utils.randomSecureToken(16),
-        false
-    );
+  optionService.createOption('documentId', utils.randomSecureToken(16), false);
+  optionService.createOption('documentSecret', utils.randomSecureToken(16), false);
 }
 
 interface NotSyncedOpts {
-    syncServerHost?: string;
-    syncProxy?: string;
+  syncServerHost?: string;
+  syncProxy?: string;
 }
 
 function initNotSyncedOptions(initialized: boolean, opts: NotSyncedOpts = {}) {
-    optionService.createOption(
-        "openNoteContexts",
-        JSON.stringify([
-            {
-                notePath: "root",
-                active: true,
-            },
-        ]),
-        false
-    );
+  optionService.createOption(
+    'openNoteContexts',
+    JSON.stringify([
+      {
+        notePath: 'root',
+        active: true,
+      },
+    ]),
+    false
+  );
 
-    optionService.createOption(
-        "lastDailyBackupDate",
-        dateUtils.utcNowDateTime(),
-        false
-    );
-    optionService.createOption(
-        "lastWeeklyBackupDate",
-        dateUtils.utcNowDateTime(),
-        false
-    );
-    optionService.createOption(
-        "lastMonthlyBackupDate",
-        dateUtils.utcNowDateTime(),
-        false
-    );
-    optionService.createOption(
-        "dbVersion",
-        appInfo.dbVersion.toString(),
-        false
-    );
+  optionService.createOption('lastDailyBackupDate', dateUtils.utcNowDateTime(), false);
+  optionService.createOption('lastWeeklyBackupDate', dateUtils.utcNowDateTime(), false);
+  optionService.createOption('lastMonthlyBackupDate', dateUtils.utcNowDateTime(), false);
+  optionService.createOption('dbVersion', appInfo.dbVersion.toString(), false);
 
-    optionService.createOption(
-        "initialized",
-        initialized ? "true" : "false",
-        false
-    );
+  optionService.createOption('initialized', initialized ? 'true' : 'false', false);
 
-    optionService.createOption("lastSyncedPull", "0", false);
-    optionService.createOption("lastSyncedPush", "0", false);
+  optionService.createOption('lastSyncedPull', '0', false);
+  optionService.createOption('lastSyncedPush', '0', false);
 
-    let theme = "dark"; // default based on the poll in https://github.com/zadam/trilium/issues/2516
+  let theme = 'dark'; // default based on the poll in https://github.com/zadam/trilium/issues/2516
 
-    if (utils.isElectron()) {
-        const { nativeTheme } = require("electron");
+  if (utils.isElectron()) {
+    const { nativeTheme } = require('electron');
 
-        theme = nativeTheme.shouldUseDarkColors ? "dark" : "light";
-    }
+    theme = nativeTheme.shouldUseDarkColors ? 'dark' : 'light';
+  }
 
-    optionService.createOption("theme", theme, false);
+  optionService.createOption('theme', theme, false);
 
-    optionService.createOption(
-        "syncServerHost",
-        opts.syncServerHost || "",
-        false
-    );
-    optionService.createOption("syncServerTimeout", "120000", false);
-    optionService.createOption("syncProxy", opts.syncProxy || "", false);
+  optionService.createOption('syncServerHost', opts.syncServerHost || '', false);
+  optionService.createOption('syncServerTimeout', '120000', false);
+  optionService.createOption('syncProxy', opts.syncProxy || '', false);
 }
 
 const defaultOptions = [
-    { name: "revisionSnapshotTimeInterval", value: "600", isSynced: true },
-    { name: "protectedSessionTimeout", value: "600", isSynced: true },
-    {
-        name: "zoomFactor",
-        value: process.platform === "win32" ? "0.9" : "1.0",
-        isSynced: false,
-    },
-    { name: "overrideThemeFonts", value: "false", isSynced: false },
-    { name: "mainFontFamily", value: "theme", isSynced: false },
-    { name: "mainFontSize", value: "100", isSynced: false },
-    { name: "treeFontFamily", value: "theme", isSynced: false },
-    { name: "treeFontSize", value: "100", isSynced: false },
-    { name: "detailFontFamily", value: "theme", isSynced: false },
-    { name: "detailFontSize", value: "110", isSynced: false },
-    { name: "monospaceFontFamily", value: "theme", isSynced: false },
-    { name: "monospaceFontSize", value: "110", isSynced: false },
-    { name: "spellCheckEnabled", value: "true", isSynced: false },
-    { name: "spellCheckLanguageCode", value: "en-US", isSynced: false },
-    { name: "imageMaxWidthHeight", value: "2000", isSynced: true },
-    { name: "imageJpegQuality", value: "75", isSynced: true },
-    { name: "autoFixConsistencyIssues", value: "true", isSynced: false },
-    { name: "vimKeymapEnabled", value: "false", isSynced: false },
-    { name: "codeLineWrapEnabled", value: "true", isSynced: false },
-    {
-        name: "codeNotesMimeTypes",
-        value: '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]',
-        isSynced: true,
-    },
-    { name: "leftPaneWidth", value: "25", isSynced: false },
-    { name: "leftPaneVisible", value: "true", isSynced: false },
-    { name: "rightPaneWidth", value: "25", isSynced: false },
-    { name: "rightPaneVisible", value: "true", isSynced: false },
-    { name: "nativeTitleBarVisible", value: "false", isSynced: false },
-    {
-        name: "eraseEntitiesAfterTimeInSeconds",
-        value: "604800",
-        isSynced: true,
-    }, // default is 7 days
-    { name: "hideArchivedNotes_main", value: "false", isSynced: false },
-    { name: "debugModeEnabled", value: "false", isSynced: false },
-    { name: "headingStyle", value: "underline", isSynced: true },
-    { name: "autoCollapseNoteTree", value: "true", isSynced: true },
-    { name: "autoReadonlySizeText", value: "10000", isSynced: false },
-    { name: "autoReadonlySizeCode", value: "30000", isSynced: false },
-    { name: "dailyBackupEnabled", value: "true", isSynced: false },
-    { name: "weeklyBackupEnabled", value: "true", isSynced: false },
-    { name: "monthlyBackupEnabled", value: "true", isSynced: false },
-    { name: "maxContentWidth", value: "1200", isSynced: false },
-    { name: "compressImages", value: "true", isSynced: true },
-    { name: "downloadImagesAutomatically", value: "true", isSynced: true },
-    { name: "minTocHeadings", value: "5", isSynced: true },
-    {
-        name: "highlightsList",
-        value: '["bold","italic","underline","color","bgColor"]',
-        isSynced: true,
-    },
-    { name: "checkForUpdates", value: "true", isSynced: true },
-    { name: "disableTray", value: "false", isSynced: false },
-    {
-        name: "eraseUnusedAttachmentsAfterSeconds",
-        value: "2592000",
-        isSynced: true,
-    },
-    { name: "customSearchEngineName", value: "DuckDuckGo", isSynced: true },
-    {
-        name: "customSearchEngineUrl",
-        value: "https://duckduckgo.com/?q={keyword}",
-        isSynced: true,
-    },
-    { name: "promotedAttributesOpenInRibbon", value: "true", isSynced: true },
-    { name: "editedNotesOpenInRibbon", value: "true", isSynced: true },
-    { name: "totpEnabled", value: "false", isSynced: true },
+  { name: 'revisionSnapshotTimeInterval', value: '600', isSynced: true },
+  { name: 'protectedSessionTimeout', value: '600', isSynced: true },
+  {
+    name: 'zoomFactor',
+    value: process.platform === 'win32' ? '0.9' : '1.0',
+    isSynced: false,
+  },
+  { name: 'overrideThemeFonts', value: 'false', isSynced: false },
+  { name: 'mainFontFamily', value: 'theme', isSynced: false },
+  { name: 'mainFontSize', value: '100', isSynced: false },
+  { name: 'treeFontFamily', value: 'theme', isSynced: false },
+  { name: 'treeFontSize', value: '100', isSynced: false },
+  { name: 'detailFontFamily', value: 'theme', isSynced: false },
+  { name: 'detailFontSize', value: '110', isSynced: false },
+  { name: 'monospaceFontFamily', value: 'theme', isSynced: false },
+  { name: 'monospaceFontSize', value: '110', isSynced: false },
+  { name: 'spellCheckEnabled', value: 'true', isSynced: false },
+  { name: 'spellCheckLanguageCode', value: 'en-US', isSynced: false },
+  { name: 'imageMaxWidthHeight', value: '2000', isSynced: true },
+  { name: 'imageJpegQuality', value: '75', isSynced: true },
+  { name: 'autoFixConsistencyIssues', value: 'true', isSynced: false },
+  { name: 'vimKeymapEnabled', value: 'false', isSynced: false },
+  { name: 'codeLineWrapEnabled', value: 'true', isSynced: false },
+  {
+    name: 'codeNotesMimeTypes',
+    value:
+      '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]',
+    isSynced: true,
+  },
+  { name: 'leftPaneWidth', value: '25', isSynced: false },
+  { name: 'leftPaneVisible', value: 'true', isSynced: false },
+  { name: 'rightPaneWidth', value: '25', isSynced: false },
+  { name: 'rightPaneVisible', value: 'true', isSynced: false },
+  { name: 'nativeTitleBarVisible', value: 'false', isSynced: false },
+  {
+    name: 'eraseEntitiesAfterTimeInSeconds',
+    value: '604800',
+    isSynced: true,
+  }, // default is 7 days
+  { name: 'hideArchivedNotes_main', value: 'false', isSynced: false },
+  { name: 'debugModeEnabled', value: 'false', isSynced: false },
+  { name: 'headingStyle', value: 'underline', isSynced: true },
+  { name: 'autoCollapseNoteTree', value: 'true', isSynced: true },
+  { name: 'autoReadonlySizeText', value: '10000', isSynced: false },
+  { name: 'autoReadonlySizeCode', value: '30000', isSynced: false },
+  { name: 'dailyBackupEnabled', value: 'true', isSynced: false },
+  { name: 'weeklyBackupEnabled', value: 'true', isSynced: false },
+  { name: 'monthlyBackupEnabled', value: 'true', isSynced: false },
+  { name: 'maxContentWidth', value: '1200', isSynced: false },
+  { name: 'compressImages', value: 'true', isSynced: true },
+  { name: 'downloadImagesAutomatically', value: 'true', isSynced: true },
+  { name: 'minTocHeadings', value: '5', isSynced: true },
+  {
+    name: 'highlightsList',
+    value: '["bold","italic","underline","color","bgColor"]',
+    isSynced: true,
+  },
+  { name: 'checkForUpdates', value: 'true', isSynced: true },
+  { name: 'disableTray', value: 'false', isSynced: false },
+  {
+    name: 'eraseUnusedAttachmentsAfterSeconds',
+    value: '2592000',
+    isSynced: true,
+  },
+  { name: 'customSearchEngineName', value: 'DuckDuckGo', isSynced: true },
+  {
+    name: 'customSearchEngineUrl',
+    value: 'https://duckduckgo.com/?q={keyword}',
+    isSynced: true,
+  },
+  { name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true },
+  { name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true },
+  { name: 'totpEnabled', value: 'false', isSynced: true },
 ];
 
 function initStartupOptions() {
-    const optionsMap = optionService.getOptionMap();
+  const optionsMap = optionService.getOptionMap();
 
-    const allDefaultOptions = defaultOptions.concat(
-        getKeyboardDefaultOptions()
-    );
+  const allDefaultOptions = defaultOptions.concat(getKeyboardDefaultOptions());
 
-    for (const { name, value, isSynced } of allDefaultOptions) {
-        if (!(name in optionsMap)) {
-            optionService.createOption(name, value, isSynced);
+  for (const { name, value, isSynced } of allDefaultOptions) {
+    if (!(name in optionsMap)) {
+      optionService.createOption(name, value, isSynced);
 
-            log.info(`Created option "${name}" with default value "${value}"`);
-        }
-    }
-
-    if (process.env.TRILIUM_START_NOTE_ID || process.env.TRILIUM_SAFE_MODE) {
-        optionService.setOption(
-            "openNoteContexts",
-            JSON.stringify([
-                {
-                    notePath: process.env.TRILIUM_START_NOTE_ID || "root",
-                    active: true,
-                },
-            ])
-        );
+      log.info(`Created option "${name}" with default value "${value}"`);
     }
+  }
+
+  if (process.env.TRILIUM_START_NOTE_ID || process.env.TRILIUM_SAFE_MODE) {
+    optionService.setOption(
+      'openNoteContexts',
+      JSON.stringify([
+        {
+          notePath: process.env.TRILIUM_START_NOTE_ID || 'root',
+          active: true,
+        },
+      ])
+    );
+  }
 }
 
 function getKeyboardDefaultOptions() {
-    return (
-        keyboardActions.DEFAULT_KEYBOARD_ACTIONS.filter(
-            (ka) => !!ka.actionName
-        ) as KeyboardShortcutWithRequiredActionName[]
-    ).map((ka) => ({
-        name: `keyboardShortcuts${ka.actionName
-            .charAt(0)
-            .toUpperCase()}${ka.actionName.slice(1)}`,
-        value: JSON.stringify(ka.defaultShortcuts),
-        isSynced: false,
-    }));
+  return (
+    keyboardActions.DEFAULT_KEYBOARD_ACTIONS.filter((ka) => !!ka.actionName) as KeyboardShortcutWithRequiredActionName[]
+  ).map((ka) => ({
+    name: `keyboardShortcuts${ka.actionName.charAt(0).toUpperCase()}${ka.actionName.slice(1)}`,
+    value: JSON.stringify(ka.defaultShortcuts),
+    isSynced: false,
+  }));
 }
 
 export = {
-    initDocumentOptions,
-    initNotSyncedOptions,
-    initStartupOptions,
+  initDocumentOptions,
+  initNotSyncedOptions,
+  initStartupOptions,
 };
diff --git a/src/services/totp_secret.ts b/src/services/totp_secret.ts
index 86be25bdbf..ff4ab0d533 100644
--- a/src/services/totp_secret.ts
+++ b/src/services/totp_secret.ts
@@ -1,34 +1,34 @@
-"use strict";
+'use strict';
 
-import fs = require("fs");
-import crypto = require("crypto");
-import dataDir = require("./data_dir");
-import log = require("./log");
+import fs = require('fs');
+import crypto = require('crypto');
+import dataDir = require('./data_dir');
+import log = require('./log');
 
 const totpSecretPath = `${dataDir.TRILIUM_DATA_DIR}/totp_secret.txt`;
 
 function saveTotpSecret(secret: string) {
-    if (!fs.existsSync(totpSecretPath)) log.info("Generated totp secret file");
+  if (!fs.existsSync(totpSecretPath)) log.info('Generated totp secret file');
 
-    fs.writeFileSync(totpSecretPath, secret, "utf8");
+  fs.writeFileSync(totpSecretPath, secret, 'utf8');
 }
 
 function getTotpSecret() {
-    return fs.readFileSync(totpSecretPath, "utf8");
+  return fs.readFileSync(totpSecretPath, 'utf8');
 }
 
 function checkForTotSecret() {
-    return fs.existsSync(totpSecretPath);
+  return fs.existsSync(totpSecretPath);
 }
 
 function removeTotpSecret() {
-    console.log("Attempting to remove secret");
-    fs.unlink(totpSecretPath, (a) => {
-        console.log("Unable to remove totp secret");
-        console.log(a);
-        return false;
-    });
-    return true;
+  console.log('Attempting to remove secret');
+  fs.unlink(totpSecretPath, (a) => {
+    console.log('Unable to remove totp secret');
+    console.log(a);
+    return false;
+  });
+  return true;
 }
 
 export = { saveTotpSecret, getTotpSecret, checkForTotSecret, removeTotpSecret };

From 7020ae002ba83c0ba3f4a05ade2e991a4d4e657a Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 12 May 2024 13:09:30 -0700
Subject: [PATCH 16/63] Formatting

---
 .../widgets/type_widgets/content_widget.js    |  97 +++----
 .../type_widgets/options/options_widget.js    |  74 ++---
 src/routes/api/options.ts                     | 212 +++++++-------
 src/routes/api/recovery_codes.ts              |  62 ++--
 src/routes/api/totp.ts                        |  34 +--
 src/routes/login.ts                           | 171 ++++++-----
 src/services/encryption/my_scrypt.ts          |  36 +--
 src/services/encryption/recovery_codes.ts     | 104 +++----
 src/services/encryption/totp_secret.ts        |  92 +++---
 .../encryption/totp_secret_encryption.ts      |  20 +-
 src/services/options.ts                       | 118 ++++----
 src/services/options_init.ts                  | 265 +++++++++---------
 12 files changed, 637 insertions(+), 648 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/content_widget.js b/src/public/app/widgets/type_widgets/content_widget.js
index a6705d3741..24eabc1be5 100644
--- a/src/public/app/widgets/type_widgets/content_widget.js
+++ b/src/public/app/widgets/type_widgets/content_widget.js
@@ -1,38 +1,38 @@
-import TypeWidget from "./type_widget.js";
-import ZoomFactorOptions from "./options/appearance/zoom_factor.js";
-import NativeTitleBarOptions from "./options/appearance/native_title_bar.js";
-import ThemeOptions from "./options/appearance/theme.js";
-import FontsOptions from "./options/appearance/fonts.js";
-import MaxContentWidthOptions from "./options/appearance/max_content_width.js";
-import KeyboardShortcutsOptions from "./options/shortcuts.js";
-import HeadingStyleOptions from "./options/text_notes/heading_style.js";
-import TableOfContentsOptions from "./options/text_notes/table_of_contents.js";
-import HighlightsListOptions from "./options/text_notes/highlights_list.js";
-import TextAutoReadOnlySizeOptions from "./options/text_notes/text_auto_read_only_size.js";
-import VimKeyBindingsOptions from "./options/code_notes/vim_key_bindings.js";
-import WrapLinesOptions from "./options/code_notes/wrap_lines.js";
-import CodeAutoReadOnlySizeOptions from "./options/code_notes/code_auto_read_only_size.js";
-import CodeMimeTypesOptions from "./options/code_notes/code_mime_types.js";
-import ImageOptions from "./options/images/images.js";
-import SpellcheckOptions from "./options/spellcheck.js";
-import PasswordOptions from "./options/password.js";
-import EtapiOptions from "./options/etapi.js";
-import BackupOptions from "./options/backup.js";
-import SyncOptions from "./options/sync.js";
-import SearchEngineOptions from "./options/other/search_engine.js";
-import TrayOptions from "./options/other/tray.js";
-import NoteErasureTimeoutOptions from "./options/other/note_erasure_timeout.js";
-import RevisionsSnapshotIntervalOptions from "./options/other/revisions_snapshot_interval.js";
-import NetworkConnectionsOptions from "./options/other/network_connections.js";
-import AdvancedSyncOptions from "./options/advanced/sync.js";
-import DatabaseIntegrityCheckOptions from "./options/advanced/database_integrity_check.js";
-import ConsistencyChecksOptions from "./options/advanced/consistency_checks.js";
-import VacuumDatabaseOptions from "./options/advanced/vacuum_database.js";
-import DatabaseAnonymizationOptions from "./options/advanced/database_anonymization.js";
-import BackendLogWidget from "./content/backend_log.js";
-import AttachmentErasureTimeoutOptions from "./options/other/attachment_erasure_timeout.js";
-import RibbonOptions from "./options/appearance/ribbon.js";
-import MultiFactorAuthenticationOptions from "./options/multi_factor_authentication.js";
+import TypeWidget from './type_widget.js';
+import ZoomFactorOptions from './options/appearance/zoom_factor.js';
+import NativeTitleBarOptions from './options/appearance/native_title_bar.js';
+import ThemeOptions from './options/appearance/theme.js';
+import FontsOptions from './options/appearance/fonts.js';
+import MaxContentWidthOptions from './options/appearance/max_content_width.js';
+import KeyboardShortcutsOptions from './options/shortcuts.js';
+import HeadingStyleOptions from './options/text_notes/heading_style.js';
+import TableOfContentsOptions from './options/text_notes/table_of_contents.js';
+import HighlightsListOptions from './options/text_notes/highlights_list.js';
+import TextAutoReadOnlySizeOptions from './options/text_notes/text_auto_read_only_size.js';
+import VimKeyBindingsOptions from './options/code_notes/vim_key_bindings.js';
+import WrapLinesOptions from './options/code_notes/wrap_lines.js';
+import CodeAutoReadOnlySizeOptions from './options/code_notes/code_auto_read_only_size.js';
+import CodeMimeTypesOptions from './options/code_notes/code_mime_types.js';
+import ImageOptions from './options/images/images.js';
+import SpellcheckOptions from './options/spellcheck.js';
+import PasswordOptions from './options/password.js';
+import EtapiOptions from './options/etapi.js';
+import BackupOptions from './options/backup.js';
+import SyncOptions from './options/sync.js';
+import SearchEngineOptions from './options/other/search_engine.js';
+import TrayOptions from './options/other/tray.js';
+import NoteErasureTimeoutOptions from './options/other/note_erasure_timeout.js';
+import RevisionsSnapshotIntervalOptions from './options/other/revisions_snapshot_interval.js';
+import NetworkConnectionsOptions from './options/other/network_connections.js';
+import AdvancedSyncOptions from './options/advanced/sync.js';
+import DatabaseIntegrityCheckOptions from './options/advanced/database_integrity_check.js';
+import ConsistencyChecksOptions from './options/advanced/consistency_checks.js';
+import VacuumDatabaseOptions from './options/advanced/vacuum_database.js';
+import DatabaseAnonymizationOptions from './options/advanced/database_anonymization.js';
+import BackendLogWidget from './content/backend_log.js';
+import AttachmentErasureTimeoutOptions from './options/other/attachment_erasure_timeout.js';
+import RibbonOptions from './options/appearance/ribbon.js';
+import MultiFactorAuthenticationOptions from './options/multi_factor_authentication.js';
 
 const TPL = `<div class="note-detail-content-widget note-detail-printable">
     <style>
@@ -60,21 +60,16 @@ const CONTENT_WIDGETS = {
         ZoomFactorOptions,
         NativeTitleBarOptions,
         MaxContentWidthOptions,
-        RibbonOptions,
+        RibbonOptions
     ],
     _optionsShortcuts: [KeyboardShortcutsOptions],
     _optionsTextNotes: [
         HeadingStyleOptions,
         TableOfContentsOptions,
         HighlightsListOptions,
-        TextAutoReadOnlySizeOptions,
-    ],
-    _optionsCodeNotes: [
-        VimKeyBindingsOptions,
-        WrapLinesOptions,
-        CodeAutoReadOnlySizeOptions,
-        CodeMimeTypesOptions,
+        TextAutoReadOnlySizeOptions
     ],
+    _optionsCodeNotes: [VimKeyBindingsOptions, WrapLinesOptions, CodeAutoReadOnlySizeOptions, CodeMimeTypesOptions],
     _optionsMFA: [MultiFactorAuthenticationOptions],
     _optionsImages: [ImageOptions],
     _optionsSpellcheck: [SpellcheckOptions],
@@ -88,28 +83,26 @@ const CONTENT_WIDGETS = {
         NoteErasureTimeoutOptions,
         AttachmentErasureTimeoutOptions,
         RevisionsSnapshotIntervalOptions,
-        NetworkConnectionsOptions,
+        NetworkConnectionsOptions
     ],
     _optionsAdvanced: [
         DatabaseIntegrityCheckOptions,
         ConsistencyChecksOptions,
         DatabaseAnonymizationOptions,
         AdvancedSyncOptions,
-        VacuumDatabaseOptions,
+        VacuumDatabaseOptions
     ],
-    _backendLog: [BackendLogWidget],
+    _backendLog: [BackendLogWidget]
 };
 
 export default class ContentWidgetTypeWidget extends TypeWidget {
     static getType() {
-        return "contentWidget";
+        return 'contentWidget';
     }
     2;
     doRender() {
         this.$widget = $(TPL);
-        this.$content = this.$widget.find(
-            ".note-detail-content-widget-content"
-        );
+        this.$content = this.$widget.find('.note-detail-content-widget-content');
 
         super.doRender();
     }
@@ -124,8 +117,8 @@ export default class ContentWidgetTypeWidget extends TypeWidget {
             for (const clazz of contentWidgets) {
                 const widget = new clazz();
 
-                await widget.handleEvent("setNoteContext", {
-                    noteContext: this.noteContext,
+                await widget.handleEvent('setNoteContext', {
+                    noteContext: this.noteContext
                 });
                 this.child(widget);
 
diff --git a/src/public/app/widgets/type_widgets/options/options_widget.js b/src/public/app/widgets/type_widgets/options/options_widget.js
index c227af8d39..86afe7ba32 100644
--- a/src/public/app/widgets/type_widgets/options/options_widget.js
+++ b/src/public/app/widgets/type_widgets/options/options_widget.js
@@ -3,55 +3,55 @@ import toastService from '../../../services/toast.js';
 import NoteContextAwareWidget from '../../note_context_aware_widget.js';
 
 export default class OptionsWidget extends NoteContextAwareWidget {
-  constructor() {
-    super();
+    constructor() {
+        super();
 
-    this.contentSized();
-  }
+        this.contentSized();
+    }
 
-  async updateOption(name, value) {
-    const opts = { [name]: value };
+    async updateOption(name, value) {
+        const opts = { [name]: value };
 
-    await this.updateMultipleOptions(opts);
-  }
+        await this.updateMultipleOptions(opts);
+    }
 
-  async updateMultipleOptions(opts) {
-    await server.put('options', opts);
+    async updateMultipleOptions(opts) {
+        await server.put('options', opts);
 
-    this.showUpdateNotification();
-  }
+        this.showUpdateNotification();
+    }
 
-  showUpdateNotification() {
-    toastService.showPersistent({
-      id: 'options-change-saved',
-      title: 'Options status',
-      message: 'Options change have been saved.',
-      icon: 'slider',
-      closeAfter: 2000,
-    });
-  }
+    showUpdateNotification() {
+        toastService.showPersistent({
+            id: 'options-change-saved',
+            title: 'Options status',
+            message: 'Options change have been saved.',
+            icon: 'slider',
+            closeAfter: 2000
+        });
+    }
 
-  async updateCheckboxOption(name, $checkbox) {
-    const isChecked = $checkbox.prop('checked');
+    async updateCheckboxOption(name, $checkbox) {
+        const isChecked = $checkbox.prop('checked');
 
-    return await this.updateOption(name, isChecked ? 'true' : 'false');
-  }
+        return await this.updateOption(name, isChecked ? 'true' : 'false');
+    }
 
-  setCheckboxState($checkbox, optionValue) {
-    $checkbox.prop('checked', optionValue === 'true');
-  }
+    setCheckboxState($checkbox, optionValue) {
+        $checkbox.prop('checked', optionValue === 'true');
+    }
 
-  optionsLoaded(options) {}
+    optionsLoaded(options) {}
 
-  async refreshWithNote(note) {
-    const options = await server.get('options');
+    async refreshWithNote(note) {
+        const options = await server.get('options');
 
-    this.optionsLoaded(options);
-  }
+        this.optionsLoaded(options);
+    }
 
-  async entitiesReloadedEvent({ loadResults }) {
-    if (loadResults.getOptionNames().length > 0) {
-      this.refresh();
+    async entitiesReloadedEvent({ loadResults }) {
+        if (loadResults.getOptionNames().length > 0) {
+            this.refresh();
+        }
     }
-  }
 }
diff --git a/src/routes/api/options.ts b/src/routes/api/options.ts
index 16abe5f889..3e7d126352 100644
--- a/src/routes/api/options.ts
+++ b/src/routes/api/options.ts
@@ -8,145 +8,143 @@ import { Request } from 'express';
 
 // options allowed to be updated directly in the Options dialog
 const ALLOWED_OPTIONS = new Set([
-  'eraseEntitiesAfterTimeInSeconds',
-  'protectedSessionTimeout',
-  'revisionSnapshotTimeInterval',
-  'zoomFactor',
-  'theme',
-  'syncServerHost',
-  'syncServerTimeout',
-  'syncProxy',
-  'hoistedNoteId',
-  'mainFontSize',
-  'mainFontFamily',
-  'treeFontSize',
-  'treeFontFamily',
-  'detailFontSize',
-  'detailFontFamily',
-  'monospaceFontSize',
-  'monospaceFontFamily',
-  'openNoteContexts',
-  'vimKeymapEnabled',
-  'codeLineWrapEnabled',
-  'codeNotesMimeTypes',
-  'spellCheckEnabled',
-  'spellCheckLanguageCode',
-  'imageMaxWidthHeight',
-  'imageJpegQuality',
-  'leftPaneWidth',
-  'rightPaneWidth',
-  'leftPaneVisible',
-  'rightPaneVisible',
-  'nativeTitleBarVisible',
-  'headingStyle',
-  'autoCollapseNoteTree',
-  'autoReadonlySizeText',
-  'autoReadonlySizeCode',
-  'overrideThemeFonts',
-  'dailyBackupEnabled',
-  'weeklyBackupEnabled',
-  'monthlyBackupEnabled',
-  'maxContentWidth',
-  'compressImages',
-  'downloadImagesAutomatically',
-  'minTocHeadings',
-  'highlightsList',
-  'checkForUpdates',
-  'disableTray',
-  'eraseUnusedAttachmentsAfterSeconds',
-  'disableTray',
-  'customSearchEngineName',
-  'customSearchEngineUrl',
-  'promotedAttributesOpenInRibbon',
-  'editedNotesOpenInRibbon',
-  'totpEnabled',
+    'eraseEntitiesAfterTimeInSeconds',
+    'protectedSessionTimeout',
+    'revisionSnapshotTimeInterval',
+    'zoomFactor',
+    'theme',
+    'syncServerHost',
+    'syncServerTimeout',
+    'syncProxy',
+    'hoistedNoteId',
+    'mainFontSize',
+    'mainFontFamily',
+    'treeFontSize',
+    'treeFontFamily',
+    'detailFontSize',
+    'detailFontFamily',
+    'monospaceFontSize',
+    'monospaceFontFamily',
+    'openNoteContexts',
+    'vimKeymapEnabled',
+    'codeLineWrapEnabled',
+    'codeNotesMimeTypes',
+    'spellCheckEnabled',
+    'spellCheckLanguageCode',
+    'imageMaxWidthHeight',
+    'imageJpegQuality',
+    'leftPaneWidth',
+    'rightPaneWidth',
+    'leftPaneVisible',
+    'rightPaneVisible',
+    'nativeTitleBarVisible',
+    'headingStyle',
+    'autoCollapseNoteTree',
+    'autoReadonlySizeText',
+    'autoReadonlySizeCode',
+    'overrideThemeFonts',
+    'dailyBackupEnabled',
+    'weeklyBackupEnabled',
+    'monthlyBackupEnabled',
+    'maxContentWidth',
+    'compressImages',
+    'downloadImagesAutomatically',
+    'minTocHeadings',
+    'highlightsList',
+    'checkForUpdates',
+    'disableTray',
+    'eraseUnusedAttachmentsAfterSeconds',
+    'disableTray',
+    'customSearchEngineName',
+    'customSearchEngineUrl',
+    'promotedAttributesOpenInRibbon',
+    'editedNotesOpenInRibbon',
+    'totpEnabled'
 ]);
 
 function getOptions() {
-  const optionMap = optionService.getOptionMap();
-  const resultMap: Record<string, string> = {};
+    const optionMap = optionService.getOptionMap();
+    const resultMap: Record<string, string> = {};
 
-  for (const optionName in optionMap) {
-    if (isAllowed(optionName)) {
-      resultMap[optionName] = optionMap[optionName];
+    for (const optionName in optionMap) {
+        if (isAllowed(optionName)) {
+            resultMap[optionName] = optionMap[optionName];
+        }
     }
-  }
 
-  resultMap['isPasswordSet'] = optionMap['passwordVerificationHash']
-    ? 'true'
-    : 'false';
+    resultMap['isPasswordSet'] = optionMap['passwordVerificationHash'] ? 'true' : 'false';
 
-  return resultMap;
+    return resultMap;
 }
 
 function updateOption(req: Request) {
-  const { name, value } = req.params;
+    const { name, value } = req.params;
 
-  if (!update(name, value)) {
-    throw new ValidationError('not allowed option to change');
-  }
+    if (!update(name, value)) {
+        throw new ValidationError('not allowed option to change');
+    }
 }
 
 function updateOptions(req: Request) {
-  for (const optionName in req.body) {
-    console.log(optionName);
-    if (!update(optionName, req.body[optionName])) {
-      // this should be improved
-      // it should return 400 instead of current 500, but at least it now rollbacks transaction
-      throw new Error(`Option '${optionName}' is not allowed to be changed`);
+    for (const optionName in req.body) {
+        console.log(optionName);
+        if (!update(optionName, req.body[optionName])) {
+            // this should be improved
+            // it should return 400 instead of current 500, but at least it now rollbacks transaction
+            throw new Error(`Option '${optionName}' is not allowed to be changed`);
+        }
     }
-  }
 }
 
 function update(name: string, value: string) {
-  if (!isAllowed(name)) {
-    return false;
-  }
+    if (!isAllowed(name)) {
+        return false;
+    }
 
-  if (name !== 'openNoteContexts') {
-    log.info(`Updating option '${name}' to '${value}'`);
-  }
+    if (name !== 'openNoteContexts') {
+        log.info(`Updating option '${name}' to '${value}'`);
+    }
 
-  optionService.setOption(name, value);
+    optionService.setOption(name, value);
 
-  return true;
+    return true;
 }
 
 function getUserThemes() {
-  const notes = searchService.searchNotes('#appTheme', {
-    ignoreHoistedNote: true,
-  });
-  const ret = [];
+    const notes = searchService.searchNotes('#appTheme', {
+        ignoreHoistedNote: true
+    });
+    const ret = [];
 
-  for (const note of notes) {
-    let value = note.getOwnedLabelValue('appTheme');
+    for (const note of notes) {
+        let value = note.getOwnedLabelValue('appTheme');
 
-    if (!value) {
-      value = note.title.toLowerCase().replace(/[^a-z0-9]/gi, '-');
-    }
+        if (!value) {
+            value = note.title.toLowerCase().replace(/[^a-z0-9]/gi, '-');
+        }
 
-    ret.push({
-      val: value,
-      title: note.title,
-      noteId: note.noteId,
-    });
-  }
+        ret.push({
+            val: value,
+            title: note.title,
+            noteId: note.noteId
+        });
+    }
 
-  return ret;
+    return ret;
 }
 
 function isAllowed(name: string) {
-  return (
-    ALLOWED_OPTIONS.has(name) ||
-    name.startsWith('keyboardShortcuts') ||
-    name.endsWith('Collapsed') ||
-    name.startsWith('hideArchivedNotes')
-  );
+    return (
+        ALLOWED_OPTIONS.has(name) ||
+        name.startsWith('keyboardShortcuts') ||
+        name.endsWith('Collapsed') ||
+        name.startsWith('hideArchivedNotes')
+    );
 }
 
 export = {
-  getOptions,
-  updateOption,
-  updateOptions,
-  getUserThemes,
+    getOptions,
+    updateOption,
+    updateOptions,
+    getUserThemes
 };
diff --git a/src/routes/api/recovery_codes.ts b/src/routes/api/recovery_codes.ts
index bb4e9002fc..ccda136d77 100644
--- a/src/routes/api/recovery_codes.ts
+++ b/src/routes/api/recovery_codes.ts
@@ -1,50 +1,50 @@
-import recovery_codes = require("../../services/encryption/recovery_codes");
-import { Request } from "express";
-import { randomBytes } from "crypto";
+import recovery_codes = require('../../services/encryption/recovery_codes');
+import { Request } from 'express';
+import { randomBytes } from 'crypto';
 
 function setRecoveryCodes(req: Request) {
-  const success = recovery_codes.setRecoveryCodes(req.body.recoveryCodes);
-  return { success: success, message: "Recovery codes set!" };
+    const success = recovery_codes.setRecoveryCodes(req.body.recoveryCodes);
+    return { success: success, message: 'Recovery codes set!' };
 }
 
 function veryifyRecoveryCode(req: Request) {
-  const success = recovery_codes.verifyRecoveryCode(req.body.recovery_code_guess);
+    const success = recovery_codes.verifyRecoveryCode(req.body.recovery_code_guess);
 
-  return { success: success };
+    return { success: success };
 }
 
 function checkForRecoveryKeys() {
-  return { success: true, keysExist: recovery_codes.isRecoveryCodeSet() };
+    return { success: true, keysExist: recovery_codes.isRecoveryCodeSet() };
 }
 
 function generateRecoveryCodes() {
-  const recoveryKeys = [
-    randomBytes(16).toString("base64"),
-    randomBytes(16).toString("base64"),
-    randomBytes(16).toString("base64"),
-    randomBytes(16).toString("base64"),
-    randomBytes(16).toString("base64"),
-    randomBytes(16).toString("base64"),
-    randomBytes(16).toString("base64"),
-    randomBytes(16).toString("base64"),
-  ];
-
-  recovery_codes.setRecoveryCodes(recoveryKeys.toString());
-
-  return { success: true, recoveryCodes: recoveryKeys.toString() };
+    const recoveryKeys = [
+        randomBytes(16).toString('base64'),
+        randomBytes(16).toString('base64'),
+        randomBytes(16).toString('base64'),
+        randomBytes(16).toString('base64'),
+        randomBytes(16).toString('base64'),
+        randomBytes(16).toString('base64'),
+        randomBytes(16).toString('base64'),
+        randomBytes(16).toString('base64')
+    ];
+
+    recovery_codes.setRecoveryCodes(recoveryKeys.toString());
+
+    return { success: true, recoveryCodes: recoveryKeys.toString() };
 }
 
 function getUsedRecoveryCodes() {
-  return {
-    success: true,
-    usedRecoveryCodes: recovery_codes.getUsedRecoveryCodes().toString(),
-  };
+    return {
+        success: true,
+        usedRecoveryCodes: recovery_codes.getUsedRecoveryCodes().toString()
+    };
 }
 
 export = {
-  setRecoveryCodes,
-  generateRecoveryCodes,
-  veryifyRecoveryCode,
-  checkForRecoveryKeys,
-  getUsedRecoveryCodes,
+    setRecoveryCodes,
+    generateRecoveryCodes,
+    veryifyRecoveryCode,
+    checkForRecoveryKeys,
+    getUsedRecoveryCodes
 };
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index cb83449f00..581a7b7978 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -1,45 +1,45 @@
-import options = require("../../services/options");
-import totp_secret = require("../../services/encryption/totp_secret");
-import passwordEncryptionService = require("../../services/encryption/password_encryption");
-import { Request } from "express";
-import totp_fs = require("../../services/totp_secret");
-import ValidationError = require("../../errors/validation_error");
-const speakeasy = require("speakeasy");
+import options = require('../../services/options');
+import totp_secret = require('../../services/encryption/totp_secret');
+import passwordEncryptionService = require('../../services/encryption/password_encryption');
+import { Request } from 'express';
+import totp_fs = require('../../services/totp_secret');
+import ValidationError = require('../../errors/validation_error');
+const speakeasy = require('speakeasy');
 
 function verifyOTPToken(guessedToken: any) {
     const tokenValidates = speakeasy.totp.verify({
         secret: process.env.MFA_SECRET,
-        encoding: "base32",
+        encoding: 'base32',
         token: guessedToken,
-        window: 1,
+        window: 1
     });
 
     return tokenValidates;
 }
 
 function generateSecret() {
-    return { success: "true", message: speakeasy.generateSecret().base32 };
+    return { success: 'true', message: speakeasy.generateSecret().base32 };
 }
 
 function checkForTOTP() {
-    const totpEnabled = options.getOptionBool("totpEnabled");
-    return { success: "true", message: totpEnabled };
+    const totpEnabled = options.getOptionBool('totpEnabled');
+    return { success: 'true', message: totpEnabled };
 }
 
 function enableTOTP() {
-    options.setOption("totpEnabled", true);
-    return { success: "true" };
+    options.setOption('totpEnabled', true);
+    return { success: 'true' };
 }
 
 function disableTOTP() {
-    options.setOption("totpEnabled", false);
+    options.setOption('totpEnabled', false);
 
     return { success: totp_fs.removeTotpSecret() };
 }
 
 function setTotpSecret(req: Request) {
     if (!passwordEncryptionService.verifyPassword(req.body.password))
-        throw new ValidationError("Incorrect password reset confirmation");
+        throw new ValidationError('Incorrect password reset confirmation');
 
     const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
     if (req.body.secret.length != 52) return;
@@ -59,5 +59,5 @@ export = {
     enableTOTP,
     disableTOTP,
     setTotpSecret,
-    getSecret,
+    getSecret
 };
diff --git a/src/routes/login.ts b/src/routes/login.ts
index 2bb63df704..c72e86fbbb 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -16,132 +16,127 @@ import recoveryCodeService = require('../services/encryption/recovery_codes');
 const speakeasy = require('speakeasy');
 
 function loginPage(req: Request, res: Response) {
-  res.render('login', {
-    failedAuth: false,
-    totpEnabled:
-      optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
-    assetPath: assetPath,
-    appPath: appPath,
-  });
+    res.render('login', {
+        failedAuth: false,
+        totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
+        assetPath: assetPath,
+        appPath: appPath
+    });
 }
 
 function setPasswordPage(req: Request, res: Response) {
-  res.render('set_password', {
-    error: false,
-    assetPath: assetPath,
-    appPath: appPath,
-  });
+    res.render('set_password', {
+        error: false,
+        assetPath: assetPath,
+        appPath: appPath
+    });
 }
 
 function setPassword(req: Request, res: Response) {
-  if (passwordService.isPasswordSet()) {
-    throw new ValidationError('Password has been already set');
-  }
+    if (passwordService.isPasswordSet()) {
+        throw new ValidationError('Password has been already set');
+    }
 
-  let { password1, password2 } = req.body;
-  password1 = password1.trim();
-  password2 = password2.trim();
+    let { password1, password2 } = req.body;
+    password1 = password1.trim();
+    password2 = password2.trim();
 
-  let error;
+    let error;
 
-  if (password1 !== password2) {
-    error = "Entered passwords don't match.";
-  } else if (password1.length < 4) {
-    error = 'Password must be at least 4 characters long.';
-  }
+    if (password1 !== password2) {
+        error = "Entered passwords don't match.";
+    } else if (password1.length < 4) {
+        error = 'Password must be at least 4 characters long.';
+    }
 
-  if (error) {
-    res.render('set_password', {
-      error,
-      assetPath: assetPath,
-    });
-    return;
-  }
+    if (error) {
+        res.render('set_password', {
+            error,
+            assetPath: assetPath
+        });
+        return;
+    }
 
-  passwordService.setPassword(password1);
+    passwordService.setPassword(password1);
 
-  res.redirect('login');
+    res.redirect('login');
 }
 
 function login(req: AppRequest, res: Response) {
-  const guessedPassword = req.body.password;
-  const guessedTotp = req.body.token;
-
-  if (!verifyPassword(guessedPassword)) {
-    sendLoginError(req, res);
-    return;
-  }
-
-  if (optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret())
-    if (!verifyTOTP(guessedTotp)) {
-      sendLoginError(req, res);
-      return;
+    const guessedPassword = req.body.password;
+    const guessedTotp = req.body.token;
+
+    if (!verifyPassword(guessedPassword)) {
+        sendLoginError(req, res);
+        return;
     }
 
-  const rememberMe = req.body.rememberMe;
+    if (optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret())
+        if (!verifyTOTP(guessedTotp)) {
+            sendLoginError(req, res);
+            return;
+        }
 
-  req.session.regenerate(() => {
-    if (rememberMe) {
-      req.session.cookie.maxAge = 21 * 24 * 3600000; // 3 weeks
-    } else {
-      req.session.cookie.expires = null;
-    }
+    const rememberMe = req.body.rememberMe;
+
+    req.session.regenerate(() => {
+        if (rememberMe) {
+            req.session.cookie.maxAge = 21 * 24 * 3600000; // 3 weeks
+        } else {
+            req.session.cookie.expires = null;
+        }
 
-    req.session.loggedIn = true;
-    res.redirect('.');
-  });
+        req.session.loggedIn = true;
+        res.redirect('.');
+    });
 }
 
 function sendLoginError(req: AppRequest, res: Response) {
-  // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
-  log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
-
-  res.status(401).render('login', {
-    failedAuth: true,
-    totpEnabled:
-      optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
-    assetPath: assetPath,
-  });
+    // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
+    log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
+
+    res.status(401).render('login', {
+        failedAuth: true,
+        totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
+        assetPath: assetPath
+    });
 }
 
 function verifyTOTP(guessedToken: string) {
-  const tokenValidates = speakeasy.totp.verify({
-    secret: totp_secret.getTotpSecret(),
-    encoding: 'base32',
-    token: guessedToken,
-    window: 1,
-  });
+    const tokenValidates = speakeasy.totp.verify({
+        secret: totp_secret.getTotpSecret(),
+        encoding: 'base32',
+        token: guessedToken,
+        window: 1
+    });
 
-  if (tokenValidates) return true;
+    if (tokenValidates) return true;
 
-  const recoveryCodeValidates =
-    recoveryCodeService.verifyRecoveryCode(guessedToken);
+    const recoveryCodeValidates = recoveryCodeService.verifyRecoveryCode(guessedToken);
 
-  return recoveryCodeValidates;
+    return recoveryCodeValidates;
 }
 
 function verifyPassword(guessedPassword: string) {
-  const hashed_password = utils.fromBase64(
-    optionService.getOption('passwordVerificationHash')
-  );
+    const hashed_password = utils.fromBase64(optionService.getOption('passwordVerificationHash'));
 
-  const guess_hashed = myScryptService.getVerificationHash(guessedPassword);
+    const guess_hashed = myScryptService.getVerificationHash(guessedPassword);
 
-  return guess_hashed.equals(hashed_password);
+    return guess_hashed.equals(hashed_password);
 }
 
 function logout(req: AppRequest, res: Response) {
-  req.session.regenerate(() => {
-    req.session.loggedIn = false;
+    req.session.regenerate(() => {
+        req.session.loggedIn = false;
 
-    res.redirect('login');
-  });
+        res.redirect('login');
+    });
 }
 
 export = {
-  loginPage,
-  setPasswordPage,
-  setPassword,
-  login,
-  logout,
+    loginPage,
+    setPasswordPage,
+    setPassword,
+    login,
+    logout
 };
diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index c6613e3752..6c226e0366 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -4,42 +4,42 @@ import optionService = require('../options');
 import crypto = require('crypto');
 
 function getVerificationHash(password: crypto.BinaryLike) {
-  const salt = optionService.getOption('passwordVerificationSalt');
+    const salt = optionService.getOption('passwordVerificationSalt');
 
-  return getScryptHash(password, salt);
+    return getScryptHash(password, salt);
 }
 
 function getPasswordDerivedKey(password: crypto.BinaryLike) {
-  const salt = optionService.getOption('passwordDerivedKeySalt');
+    const salt = optionService.getOption('passwordDerivedKeySalt');
 
-  return getScryptHash(password, salt);
+    return getScryptHash(password, salt);
 }
 
 function getScryptHash(password: crypto.BinaryLike, salt: crypto.BinaryLike) {
-  const hashed = crypto.scryptSync(password, salt, 32, {
-    N: 16384,
-    r: 8,
-    p: 1,
-  });
+    const hashed = crypto.scryptSync(password, salt, 32, {
+        N: 16384,
+        r: 8,
+        p: 1
+    });
 
-  return hashed;
+    return hashed;
 }
 
 function getTotpSecretVerificationHash(secret: crypto.BinaryLike) {
-  const salt = optionService.getOption('totpSecretVerificationSalt');
+    const salt = optionService.getOption('totpSecretVerificationSalt');
 
-  return getScryptHash(secret, salt);
+    return getScryptHash(secret, salt);
 }
 
 function getTotpSecretDerivedKey(secret: crypto.BinaryLike) {
-  const salt = optionService.getOption('totpSecretDerivedKeySalt');
+    const salt = optionService.getOption('totpSecretDerivedKeySalt');
 
-  return getScryptHash(secret, salt);
+    return getScryptHash(secret, salt);
 }
 
 export = {
-  getVerificationHash,
-  getPasswordDerivedKey,
-  getTotpSecretVerificationHash,
-  getTotpSecretDerivedKey,
+    getVerificationHash,
+    getPasswordDerivedKey,
+    getTotpSecretVerificationHash,
+    getTotpSecretDerivedKey
 };
diff --git a/src/services/encryption/recovery_codes.ts b/src/services/encryption/recovery_codes.ts
index ad529c9c84..1e0d0db4ef 100644
--- a/src/services/encryption/recovery_codes.ts
+++ b/src/services/encryption/recovery_codes.ts
@@ -5,77 +5,79 @@ import optionService = require('../options');
 import crypto = require('crypto');
 
 function isRecoveryCodeSet() {
-  return optionService.getOptionBool('encryptedRecoveryCodes');
+    return optionService.getOptionBool('encryptedRecoveryCodes');
 }
 
 function setRecoveryCodes(recoveryCodes: string) {
-  const iv = crypto.randomBytes(16);
-  const securityKey = crypto.randomBytes(32);
-  const cipher = crypto.createCipheriv('aes-256-cbc', securityKey, iv);
-  let encryptedRecoveryCodes = cipher.update(recoveryCodes, 'utf-8', 'hex');
+    const iv = crypto.randomBytes(16);
+    const securityKey = crypto.randomBytes(32);
+    const cipher = crypto.createCipheriv('aes-256-cbc', securityKey, iv);
+    let encryptedRecoveryCodes = cipher.update(recoveryCodes, 'utf-8', 'hex');
 
-  sql.transactional(() => {
-    optionService.setOption('recoveryCodeInitialVector', iv.toString('hex'));
-    optionService.setOption('recoveryCodeSecurityKey', securityKey.toString('hex'));
-    optionService.setOption('recoveryCodesEncrypted', encryptedRecoveryCodes + cipher.final('hex'));
-    optionService.setOption('encryptedRecoveryCodes', 'true');
-    return true;
-  });
-  return false;
+    sql.transactional(() => {
+        optionService.setOption('recoveryCodeInitialVector', iv.toString('hex'));
+        optionService.setOption('recoveryCodeSecurityKey', securityKey.toString('hex'));
+        optionService.setOption('recoveryCodesEncrypted', encryptedRecoveryCodes + cipher.final('hex'));
+        optionService.setOption('encryptedRecoveryCodes', 'true');
+        return true;
+    });
+    return false;
 }
 function getRecoveryCodes() {
-  if (!isRecoveryCodeSet()) {
-    throw new Error("Recovery codes have not been set yet, so it cannot be changed. Use 'setRecoveryCodes' instead.");
-  }
+    if (!isRecoveryCodeSet()) {
+        throw new Error(
+            "Recovery codes have not been set yet, so it cannot be changed. Use 'setRecoveryCodes' instead."
+        );
+    }
 
-  return sql.transactional(() => {
-    const iv = Buffer.from(optionService.getOption('recoveryCodeInitialVector'), 'hex');
-    const securityKey = Buffer.from(optionService.getOption('recoveryCodeSecurityKey'), 'hex');
-    const encryptedRecoveryCodes = optionService.getOption('recoveryCodesEncrypted');
+    return sql.transactional(() => {
+        const iv = Buffer.from(optionService.getOption('recoveryCodeInitialVector'), 'hex');
+        const securityKey = Buffer.from(optionService.getOption('recoveryCodeSecurityKey'), 'hex');
+        const encryptedRecoveryCodes = optionService.getOption('recoveryCodesEncrypted');
 
-    const decipher = crypto.createDecipheriv('aes-256-cbc', securityKey, iv);
-    const decryptedData = decipher.update(encryptedRecoveryCodes, 'hex', 'utf-8');
+        const decipher = crypto.createDecipheriv('aes-256-cbc', securityKey, iv);
+        const decryptedData = decipher.update(encryptedRecoveryCodes, 'hex', 'utf-8');
 
-    const decryptedString = decryptedData + decipher.final('utf-8');
-    return decryptedString.split(',');
-  });
+        const decryptedString = decryptedData + decipher.final('utf-8');
+        return decryptedString.split(',');
+    });
 }
 
 function removeRecoveryCode(usedCode: string) {
-  const oldCodes: string[] = getRecoveryCodes();
-  const today = new Date();
-  oldCodes[oldCodes.indexOf(usedCode)] = today.toJSON().replace(/-/g, '/');
-  setRecoveryCodes(oldCodes.toString());
+    const oldCodes: string[] = getRecoveryCodes();
+    const today = new Date();
+    oldCodes[oldCodes.indexOf(usedCode)] = today.toJSON().replace(/-/g, '/');
+    setRecoveryCodes(oldCodes.toString());
 }
 
 function verifyRecoveryCode(recoveryCodeGuess: string) {
-  const recoveryCodeRegex = RegExp(/^.{22}==$/gm);
-  if (!recoveryCodeRegex.test(recoveryCodeGuess)) {
-    return false;
-  }
-
-  const recoveryCodes = getRecoveryCodes();
-  var loginSuccess = false;
-  recoveryCodes.forEach((recoveryCode: string) => {
-    if (recoveryCodeGuess === recoveryCode) {
-      removeRecoveryCode(recoveryCode);
-      loginSuccess = true;
-      return;
+    const recoveryCodeRegex = RegExp(/^.{22}==$/gm);
+    if (!recoveryCodeRegex.test(recoveryCodeGuess)) {
+        return false;
     }
-  });
-  return loginSuccess;
+
+    const recoveryCodes = getRecoveryCodes();
+    var loginSuccess = false;
+    recoveryCodes.forEach((recoveryCode: string) => {
+        if (recoveryCodeGuess === recoveryCode) {
+            removeRecoveryCode(recoveryCode);
+            loginSuccess = true;
+            return;
+        }
+    });
+    return loginSuccess;
 }
 
 function getUsedRecoveryCodes() {
-  const dateRegex = RegExp(/^\d{4}\/\d{2}\/\d{2}T\d{2}:\d{2}:\d{2}.\d{3}Z$/gm);
-  const recoveryCodes = getRecoveryCodes();
-  const usedStatus: string[] = [];
+    const dateRegex = RegExp(/^\d{4}\/\d{2}\/\d{2}T\d{2}:\d{2}:\d{2}.\d{3}Z$/gm);
+    const recoveryCodes = getRecoveryCodes();
+    const usedStatus: string[] = [];
 
-  recoveryCodes.forEach((recoveryKey: string) => {
-    if (dateRegex.test(recoveryKey)) usedStatus.push('Used: ' + recoveryKey);
-    else usedStatus.push('Recovery code ' + recoveryCodes.indexOf(recoveryKey) + ' is unused');
-  });
-  return usedStatus;
+    recoveryCodes.forEach((recoveryKey: string) => {
+        if (dateRegex.test(recoveryKey)) usedStatus.push('Used: ' + recoveryKey);
+        else usedStatus.push('Recovery code ' + recoveryCodes.indexOf(recoveryKey) + ' is unused');
+    });
+    return usedStatus;
 }
 
 export = { setRecoveryCodes, verifyRecoveryCode, getUsedRecoveryCodes, isRecoveryCodeSet };
diff --git a/src/services/encryption/totp_secret.ts b/src/services/encryption/totp_secret.ts
index 81884f4be9..abcf8facf7 100644
--- a/src/services/encryption/totp_secret.ts
+++ b/src/services/encryption/totp_secret.ts
@@ -7,73 +7,73 @@ import utils = require('../utils');
 import totpEncryptionService = require('./totp_secret_encryption');
 
 function isTotpSecretSet() {
-  return !!sql.getValue("SELECT value FROM options WHERE name = 'passwordVerificationHash'");
+    return !!sql.getValue("SELECT value FROM options WHERE name = 'passwordVerificationHash'");
 }
 
 function changePassword(currentSecret: string, newSecret: string) {
-  if (!isTotpSecretSet()) {
-    throw new Error("TOTP Secret has not been set yet, so it cannot be changed. Use 'setTotpSecret' instead.");
-  }
+    if (!isTotpSecretSet()) {
+        throw new Error("TOTP Secret has not been set yet, so it cannot be changed. Use 'setTotpSecret' instead.");
+    }
 
-  sql.transactional(() => {
-    const decryptedDataKey = totpEncryptionService.getDataKey(currentSecret);
+    sql.transactional(() => {
+        const decryptedDataKey = totpEncryptionService.getDataKey(currentSecret);
 
-    optionService.setOption('totpSecretVerificationSalt', utils.randomSecureToken(32));
-    optionService.setOption('totpSecretDerivedKeySalt', utils.randomSecureToken(32));
+        optionService.setOption('totpSecretVerificationSalt', utils.randomSecureToken(32));
+        optionService.setOption('totpSecretDerivedKeySalt', utils.randomSecureToken(32));
 
-    const newTotpSecretVerificationKey = utils.toBase64(myScryptService.getTotpSecretVerificationHash(newSecret));
+        const newTotpSecretVerificationKey = utils.toBase64(myScryptService.getTotpSecretVerificationHash(newSecret));
 
-    if (decryptedDataKey) {
-      // TODO: what should happen if the decrypted data key is null?
-      totpEncryptionService.setDataKey(newSecret, decryptedDataKey);
-    }
+        if (decryptedDataKey) {
+            // TODO: what should happen if the decrypted data key is null?
+            totpEncryptionService.setDataKey(newSecret, decryptedDataKey);
+        }
 
-    optionService.setOption('totpSecretVerificationHash', newTotpSecretVerificationKey);
-  });
+        optionService.setOption('totpSecretVerificationHash', newTotpSecretVerificationKey);
+    });
 
-  return {
-    success: true,
-  };
+    return {
+        success: true
+    };
 }
 
 function setTotpSecret(secret: string) {
-  if (isTotpSecretSet()) {
-    throw new Error("TOTP Secret is set already. Either change it or perform 'reset TOTP' first.");
-  }
+    if (isTotpSecretSet()) {
+        throw new Error("TOTP Secret is set already. Either change it or perform 'reset TOTP' first.");
+    }
 
-  optionService.createOption('totpSecretVerificationSalt', utils.randomSecureToken(32), true);
-  optionService.createOption('totpSecretDerivedKeySalt', utils.randomSecureToken(32), true);
+    optionService.createOption('totpSecretVerificationSalt', utils.randomSecureToken(32), true);
+    optionService.createOption('totpSecretDerivedKeySalt', utils.randomSecureToken(32), true);
 
-  const totpSecretVerificationKey = utils.toBase64(myScryptService.getTotpSecretVerificationHash(secret));
-  optionService.createOption('totpSecretVerificationHash', totpSecretVerificationKey, true);
+    const totpSecretVerificationKey = utils.toBase64(myScryptService.getTotpSecretVerificationHash(secret));
+    optionService.createOption('totpSecretVerificationHash', totpSecretVerificationKey, true);
 
-  // totpEncryptionService expects these options to already exist
-  optionService.createOption('encryptedTotpSecretDataKey', '', true);
+    // totpEncryptionService expects these options to already exist
+    optionService.createOption('encryptedTotpSecretDataKey', '', true);
 
-  totpEncryptionService.setDataKey(secret, utils.randomSecureToken(16));
+    totpEncryptionService.setDataKey(secret, utils.randomSecureToken(16));
 
-  return {
-    success: true,
-  };
+    return {
+        success: true
+    };
 }
 
 function resetPassword() {
-  // user forgot the password,
-  sql.transactional(() => {
-    optionService.setOption('passwordVerificationSalt', '');
-    optionService.setOption('passwordDerivedKeySalt', '');
-    optionService.setOption('encryptedDataKey', '');
-    optionService.setOption('passwordVerificationHash', '');
-  });
-
-  return {
-    success: true,
-  };
+    // user forgot the password,
+    sql.transactional(() => {
+        optionService.setOption('passwordVerificationSalt', '');
+        optionService.setOption('passwordDerivedKeySalt', '');
+        optionService.setOption('encryptedDataKey', '');
+        optionService.setOption('passwordVerificationHash', '');
+    });
+
+    return {
+        success: true
+    };
 }
 
 export = {
-  isTotpSecretSet,
-  changePassword,
-  setTotpSecret,
-  resetPassword,
+    isTotpSecretSet,
+    changePassword,
+    setTotpSecret,
+    resetPassword
 };
diff --git a/src/services/encryption/totp_secret_encryption.ts b/src/services/encryption/totp_secret_encryption.ts
index d45ad76452..3da7329bbf 100644
--- a/src/services/encryption/totp_secret_encryption.ts
+++ b/src/services/encryption/totp_secret_encryption.ts
@@ -4,25 +4,25 @@ import utils = require('../utils');
 import dataEncryptionService = require('./data_encryption');
 
 function setDataKey(secret: string, plainTextDataKey: string | Buffer) {
-  const totpSecretDerivedKey = myScryptService.getTotpSecretDerivedKey(secret);
+    const totpSecretDerivedKey = myScryptService.getTotpSecretDerivedKey(secret);
 
-  const newEncryptedDataKey = dataEncryptionService.encrypt(totpSecretDerivedKey, plainTextDataKey);
+    const newEncryptedDataKey = dataEncryptionService.encrypt(totpSecretDerivedKey, plainTextDataKey);
 
-  optionService.setOption('encryptedTotpSecretDataKey', newEncryptedDataKey);
+    optionService.setOption('encryptedTotpSecretDataKey', newEncryptedDataKey);
 }
 
 function getDataKey(secret: string) {
-  const totpSecretDerivedKey = myScryptService.getTotpSecretDerivedKey(secret);
+    const totpSecretDerivedKey = myScryptService.getTotpSecretDerivedKey(secret);
 
-  const encryptedDataKey = optionService.getOption('encryptedTotpSecretDataKey');
+    const encryptedDataKey = optionService.getOption('encryptedTotpSecretDataKey');
 
-  const decryptedDataKey = dataEncryptionService.decrypt(totpSecretDerivedKey, encryptedDataKey);
+    const decryptedDataKey = dataEncryptionService.decrypt(totpSecretDerivedKey, encryptedDataKey);
 
-  return decryptedDataKey;
+    return decryptedDataKey;
 }
 
 export = {
-  //   verifyPassword,
-  getDataKey,
-  setDataKey,
+    //   verifyPassword,
+    getDataKey,
+    setDataKey
 };
diff --git a/src/services/options.ts b/src/services/options.ts
index c571f0c938..e0d01370c6 100644
--- a/src/services/options.ts
+++ b/src/services/options.ts
@@ -3,102 +3,102 @@ import { OptionRow } from '../becca/entities/rows';
 import sql = require('./sql');
 
 function getOptionOrNull(name: string): string | null {
-  let option;
+    let option;
 
-  if (becca.loaded) {
-    option = becca.getOption(name);
-  } else {
-    // e.g. in initial sync becca is not loaded because DB is not initialized
-    option = sql.getRow<OptionRow>('SELECT * FROM options WHERE name = ?', [name]);
-  }
+    if (becca.loaded) {
+        option = becca.getOption(name);
+    } else {
+        // e.g. in initial sync becca is not loaded because DB is not initialized
+        option = sql.getRow<OptionRow>('SELECT * FROM options WHERE name = ?', [name]);
+    }
 
-  return option ? option.value : null;
+    return option ? option.value : null;
 }
 
 function getOption(name: string) {
-  const val = getOptionOrNull(name);
+    const val = getOptionOrNull(name);
 
-  if (val === null) {
-    throw new Error(`Option '${name}' doesn't exist`);
-  }
+    if (val === null) {
+        throw new Error(`Option '${name}' doesn't exist`);
+    }
 
-  return val;
+    return val;
 }
 
 function getOptionInt(name: string, defaultValue?: number): number {
-  const val = getOption(name);
+    const val = getOption(name);
 
-  const intVal = parseInt(val);
+    const intVal = parseInt(val);
 
-  if (isNaN(intVal)) {
-    if (defaultValue === undefined) {
-      throw new Error(`Could not parse '${val}' into integer for option '${name}'`);
-    } else {
-      return defaultValue;
+    if (isNaN(intVal)) {
+        if (defaultValue === undefined) {
+            throw new Error(`Could not parse '${val}' into integer for option '${name}'`);
+        } else {
+            return defaultValue;
+        }
     }
-  }
 
-  return intVal;
+    return intVal;
 }
 
 function getOptionBool(name: string): boolean {
-  const val = getOption(name);
+    const val = getOption(name);
 
-  if (typeof val !== 'string' || !['true', 'false'].includes(val)) {
-    throw new Error(`Could not parse '${val}' into boolean for option '${name}'`);
-  }
+    if (typeof val !== 'string' || !['true', 'false'].includes(val)) {
+        throw new Error(`Could not parse '${val}' into boolean for option '${name}'`);
+    }
 
-  return val === 'true';
+    return val === 'true';
 }
 
 function setOption(name: string, value: string | number | boolean) {
-  if (value === true || value === false || typeof value === 'number') {
-    value = value.toString();
-  }
+    if (value === true || value === false || typeof value === 'number') {
+        value = value.toString();
+    }
 
-  const option = becca.getOption(name);
+    const option = becca.getOption(name);
 
-  if (option) {
-    option.value = value;
+    if (option) {
+        option.value = value;
 
-    option.save();
-  } else {
-    createOption(name, value, false);
-  }
+        option.save();
+    } else {
+        createOption(name, value, false);
+    }
 }
 
 function createOption(name: string, value: string | number, isSynced: boolean) {
-  // to avoid circular dependency, need to find a better solution
-  const BOption = require('../becca/entities/boption');
-
-  new BOption({
-    name: name,
-    value: value,
-    isSynced: isSynced,
-  }).save();
+    // to avoid circular dependency, need to find a better solution
+    const BOption = require('../becca/entities/boption');
+
+    new BOption({
+        name: name,
+        value: value,
+        isSynced: isSynced
+    }).save();
 }
 
 function getOptions() {
-  return Object.values(becca.options);
+    return Object.values(becca.options);
 }
 
 function getOptionMap() {
-  const map: Record<string | number, string> = {};
+    const map: Record<string | number, string> = {};
 
-  for (const option of Object.values(becca.options)) {
-    map[option.name] = option.value;
-  }
+    for (const option of Object.values(becca.options)) {
+        map[option.name] = option.value;
+    }
 
-  return map;
+    return map;
 }
 
 export = {
-  getOption,
-  getOptionInt,
-  getOptionBool,
-  setOption,
-  createOption,
-  getOptions,
-  getOptionMap,
-  getOptionOrNull,
+    getOption,
+    getOptionInt,
+    getOptionBool,
+    setOption,
+    createOption,
+    getOptions,
+    getOptionMap,
+    getOptionOrNull
 };
diff --git a/src/services/options_init.ts b/src/services/options_init.ts
index 969dcddedc..6be9814a01 100644
--- a/src/services/options_init.ts
+++ b/src/services/options_init.ts
@@ -7,166 +7,167 @@ import keyboardActions = require('./keyboard_actions');
 import { KeyboardShortcutWithRequiredActionName } from './keyboard_actions_interface';
 
 function initDocumentOptions() {
-  optionService.createOption('documentId', utils.randomSecureToken(16), false);
-  optionService.createOption('documentSecret', utils.randomSecureToken(16), false);
+    optionService.createOption('documentId', utils.randomSecureToken(16), false);
+    optionService.createOption('documentSecret', utils.randomSecureToken(16), false);
 }
 
 interface NotSyncedOpts {
-  syncServerHost?: string;
-  syncProxy?: string;
+    syncServerHost?: string;
+    syncProxy?: string;
 }
 
 function initNotSyncedOptions(initialized: boolean, opts: NotSyncedOpts = {}) {
-  optionService.createOption(
-    'openNoteContexts',
-    JSON.stringify([
-      {
-        notePath: 'root',
-        active: true,
-      },
-    ]),
-    false
-  );
+    optionService.createOption(
+        'openNoteContexts',
+        JSON.stringify([
+            {
+                notePath: 'root',
+                active: true
+            }
+        ]),
+        false
+    );
 
-  optionService.createOption('lastDailyBackupDate', dateUtils.utcNowDateTime(), false);
-  optionService.createOption('lastWeeklyBackupDate', dateUtils.utcNowDateTime(), false);
-  optionService.createOption('lastMonthlyBackupDate', dateUtils.utcNowDateTime(), false);
-  optionService.createOption('dbVersion', appInfo.dbVersion.toString(), false);
+    optionService.createOption('lastDailyBackupDate', dateUtils.utcNowDateTime(), false);
+    optionService.createOption('lastWeeklyBackupDate', dateUtils.utcNowDateTime(), false);
+    optionService.createOption('lastMonthlyBackupDate', dateUtils.utcNowDateTime(), false);
+    optionService.createOption('dbVersion', appInfo.dbVersion.toString(), false);
 
-  optionService.createOption('initialized', initialized ? 'true' : 'false', false);
+    optionService.createOption('initialized', initialized ? 'true' : 'false', false);
 
-  optionService.createOption('lastSyncedPull', '0', false);
-  optionService.createOption('lastSyncedPush', '0', false);
+    optionService.createOption('lastSyncedPull', '0', false);
+    optionService.createOption('lastSyncedPush', '0', false);
 
-  let theme = 'dark'; // default based on the poll in https://github.com/zadam/trilium/issues/2516
+    let theme = 'dark'; // default based on the poll in https://github.com/zadam/trilium/issues/2516
 
-  if (utils.isElectron()) {
-    const { nativeTheme } = require('electron');
+    if (utils.isElectron()) {
+        const { nativeTheme } = require('electron');
 
-    theme = nativeTheme.shouldUseDarkColors ? 'dark' : 'light';
-  }
+        theme = nativeTheme.shouldUseDarkColors ? 'dark' : 'light';
+    }
 
-  optionService.createOption('theme', theme, false);
+    optionService.createOption('theme', theme, false);
 
-  optionService.createOption('syncServerHost', opts.syncServerHost || '', false);
-  optionService.createOption('syncServerTimeout', '120000', false);
-  optionService.createOption('syncProxy', opts.syncProxy || '', false);
+    optionService.createOption('syncServerHost', opts.syncServerHost || '', false);
+    optionService.createOption('syncServerTimeout', '120000', false);
+    optionService.createOption('syncProxy', opts.syncProxy || '', false);
 }
 
 const defaultOptions = [
-  { name: 'revisionSnapshotTimeInterval', value: '600', isSynced: true },
-  { name: 'protectedSessionTimeout', value: '600', isSynced: true },
-  {
-    name: 'zoomFactor',
-    value: process.platform === 'win32' ? '0.9' : '1.0',
-    isSynced: false,
-  },
-  { name: 'overrideThemeFonts', value: 'false', isSynced: false },
-  { name: 'mainFontFamily', value: 'theme', isSynced: false },
-  { name: 'mainFontSize', value: '100', isSynced: false },
-  { name: 'treeFontFamily', value: 'theme', isSynced: false },
-  { name: 'treeFontSize', value: '100', isSynced: false },
-  { name: 'detailFontFamily', value: 'theme', isSynced: false },
-  { name: 'detailFontSize', value: '110', isSynced: false },
-  { name: 'monospaceFontFamily', value: 'theme', isSynced: false },
-  { name: 'monospaceFontSize', value: '110', isSynced: false },
-  { name: 'spellCheckEnabled', value: 'true', isSynced: false },
-  { name: 'spellCheckLanguageCode', value: 'en-US', isSynced: false },
-  { name: 'imageMaxWidthHeight', value: '2000', isSynced: true },
-  { name: 'imageJpegQuality', value: '75', isSynced: true },
-  { name: 'autoFixConsistencyIssues', value: 'true', isSynced: false },
-  { name: 'vimKeymapEnabled', value: 'false', isSynced: false },
-  { name: 'codeLineWrapEnabled', value: 'true', isSynced: false },
-  {
-    name: 'codeNotesMimeTypes',
-    value:
-      '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]',
-    isSynced: true,
-  },
-  { name: 'leftPaneWidth', value: '25', isSynced: false },
-  { name: 'leftPaneVisible', value: 'true', isSynced: false },
-  { name: 'rightPaneWidth', value: '25', isSynced: false },
-  { name: 'rightPaneVisible', value: 'true', isSynced: false },
-  { name: 'nativeTitleBarVisible', value: 'false', isSynced: false },
-  {
-    name: 'eraseEntitiesAfterTimeInSeconds',
-    value: '604800',
-    isSynced: true,
-  }, // default is 7 days
-  { name: 'hideArchivedNotes_main', value: 'false', isSynced: false },
-  { name: 'debugModeEnabled', value: 'false', isSynced: false },
-  { name: 'headingStyle', value: 'underline', isSynced: true },
-  { name: 'autoCollapseNoteTree', value: 'true', isSynced: true },
-  { name: 'autoReadonlySizeText', value: '10000', isSynced: false },
-  { name: 'autoReadonlySizeCode', value: '30000', isSynced: false },
-  { name: 'dailyBackupEnabled', value: 'true', isSynced: false },
-  { name: 'weeklyBackupEnabled', value: 'true', isSynced: false },
-  { name: 'monthlyBackupEnabled', value: 'true', isSynced: false },
-  { name: 'maxContentWidth', value: '1200', isSynced: false },
-  { name: 'compressImages', value: 'true', isSynced: true },
-  { name: 'downloadImagesAutomatically', value: 'true', isSynced: true },
-  { name: 'minTocHeadings', value: '5', isSynced: true },
-  {
-    name: 'highlightsList',
-    value: '["bold","italic","underline","color","bgColor"]',
-    isSynced: true,
-  },
-  { name: 'checkForUpdates', value: 'true', isSynced: true },
-  { name: 'disableTray', value: 'false', isSynced: false },
-  {
-    name: 'eraseUnusedAttachmentsAfterSeconds',
-    value: '2592000',
-    isSynced: true,
-  },
-  { name: 'customSearchEngineName', value: 'DuckDuckGo', isSynced: true },
-  {
-    name: 'customSearchEngineUrl',
-    value: 'https://duckduckgo.com/?q={keyword}',
-    isSynced: true,
-  },
-  { name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true },
-  { name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true },
-  { name: 'totpEnabled', value: 'false', isSynced: true },
+    { name: 'revisionSnapshotTimeInterval', value: '600', isSynced: true },
+    { name: 'protectedSessionTimeout', value: '600', isSynced: true },
+    {
+        name: 'zoomFactor',
+        value: process.platform === 'win32' ? '0.9' : '1.0',
+        isSynced: false
+    },
+    { name: 'overrideThemeFonts', value: 'false', isSynced: false },
+    { name: 'mainFontFamily', value: 'theme', isSynced: false },
+    { name: 'mainFontSize', value: '100', isSynced: false },
+    { name: 'treeFontFamily', value: 'theme', isSynced: false },
+    { name: 'treeFontSize', value: '100', isSynced: false },
+    { name: 'detailFontFamily', value: 'theme', isSynced: false },
+    { name: 'detailFontSize', value: '110', isSynced: false },
+    { name: 'monospaceFontFamily', value: 'theme', isSynced: false },
+    { name: 'monospaceFontSize', value: '110', isSynced: false },
+    { name: 'spellCheckEnabled', value: 'true', isSynced: false },
+    { name: 'spellCheckLanguageCode', value: 'en-US', isSynced: false },
+    { name: 'imageMaxWidthHeight', value: '2000', isSynced: true },
+    { name: 'imageJpegQuality', value: '75', isSynced: true },
+    { name: 'autoFixConsistencyIssues', value: 'true', isSynced: false },
+    { name: 'vimKeymapEnabled', value: 'false', isSynced: false },
+    { name: 'codeLineWrapEnabled', value: 'true', isSynced: false },
+    {
+        name: 'codeNotesMimeTypes',
+        value: '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]',
+        isSynced: true
+    },
+    { name: 'leftPaneWidth', value: '25', isSynced: false },
+    { name: 'leftPaneVisible', value: 'true', isSynced: false },
+    { name: 'rightPaneWidth', value: '25', isSynced: false },
+    { name: 'rightPaneVisible', value: 'true', isSynced: false },
+    { name: 'nativeTitleBarVisible', value: 'false', isSynced: false },
+    {
+        name: 'eraseEntitiesAfterTimeInSeconds',
+        value: '604800',
+        isSynced: true
+    }, // default is 7 days
+    { name: 'hideArchivedNotes_main', value: 'false', isSynced: false },
+    { name: 'debugModeEnabled', value: 'false', isSynced: false },
+    { name: 'headingStyle', value: 'underline', isSynced: true },
+    { name: 'autoCollapseNoteTree', value: 'true', isSynced: true },
+    { name: 'autoReadonlySizeText', value: '10000', isSynced: false },
+    { name: 'autoReadonlySizeCode', value: '30000', isSynced: false },
+    { name: 'dailyBackupEnabled', value: 'true', isSynced: false },
+    { name: 'weeklyBackupEnabled', value: 'true', isSynced: false },
+    { name: 'monthlyBackupEnabled', value: 'true', isSynced: false },
+    { name: 'maxContentWidth', value: '1200', isSynced: false },
+    { name: 'compressImages', value: 'true', isSynced: true },
+    { name: 'downloadImagesAutomatically', value: 'true', isSynced: true },
+    { name: 'minTocHeadings', value: '5', isSynced: true },
+    {
+        name: 'highlightsList',
+        value: '["bold","italic","underline","color","bgColor"]',
+        isSynced: true
+    },
+    { name: 'checkForUpdates', value: 'true', isSynced: true },
+    { name: 'disableTray', value: 'false', isSynced: false },
+    {
+        name: 'eraseUnusedAttachmentsAfterSeconds',
+        value: '2592000',
+        isSynced: true
+    },
+    { name: 'customSearchEngineName', value: 'DuckDuckGo', isSynced: true },
+    {
+        name: 'customSearchEngineUrl',
+        value: 'https://duckduckgo.com/?q={keyword}',
+        isSynced: true
+    },
+    { name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true },
+    { name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true },
+    { name: 'totpEnabled', value: 'false', isSynced: true }
 ];
 
 function initStartupOptions() {
-  const optionsMap = optionService.getOptionMap();
+    const optionsMap = optionService.getOptionMap();
 
-  const allDefaultOptions = defaultOptions.concat(getKeyboardDefaultOptions());
+    const allDefaultOptions = defaultOptions.concat(getKeyboardDefaultOptions());
 
-  for (const { name, value, isSynced } of allDefaultOptions) {
-    if (!(name in optionsMap)) {
-      optionService.createOption(name, value, isSynced);
+    for (const { name, value, isSynced } of allDefaultOptions) {
+        if (!(name in optionsMap)) {
+            optionService.createOption(name, value, isSynced);
 
-      log.info(`Created option "${name}" with default value "${value}"`);
+            log.info(`Created option "${name}" with default value "${value}"`);
+        }
+    }
+
+    if (process.env.TRILIUM_START_NOTE_ID || process.env.TRILIUM_SAFE_MODE) {
+        optionService.setOption(
+            'openNoteContexts',
+            JSON.stringify([
+                {
+                    notePath: process.env.TRILIUM_START_NOTE_ID || 'root',
+                    active: true
+                }
+            ])
+        );
     }
-  }
-
-  if (process.env.TRILIUM_START_NOTE_ID || process.env.TRILIUM_SAFE_MODE) {
-    optionService.setOption(
-      'openNoteContexts',
-      JSON.stringify([
-        {
-          notePath: process.env.TRILIUM_START_NOTE_ID || 'root',
-          active: true,
-        },
-      ])
-    );
-  }
 }
 
 function getKeyboardDefaultOptions() {
-  return (
-    keyboardActions.DEFAULT_KEYBOARD_ACTIONS.filter((ka) => !!ka.actionName) as KeyboardShortcutWithRequiredActionName[]
-  ).map((ka) => ({
-    name: `keyboardShortcuts${ka.actionName.charAt(0).toUpperCase()}${ka.actionName.slice(1)}`,
-    value: JSON.stringify(ka.defaultShortcuts),
-    isSynced: false,
-  }));
+    return (
+        keyboardActions.DEFAULT_KEYBOARD_ACTIONS.filter(
+            (ka) => !!ka.actionName
+        ) as KeyboardShortcutWithRequiredActionName[]
+    ).map((ka) => ({
+        name: `keyboardShortcuts${ka.actionName.charAt(0).toUpperCase()}${ka.actionName.slice(1)}`,
+        value: JSON.stringify(ka.defaultShortcuts),
+        isSynced: false
+    }));
 }
 
 export = {
-  initDocumentOptions,
-  initNotSyncedOptions,
-  initStartupOptions,
+    initDocumentOptions,
+    initNotSyncedOptions,
+    initStartupOptions
 };

From 2f62efd1256121f69a7d191e5f67022ef96d01ca Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 12 May 2024 13:15:30 -0700
Subject: [PATCH 17/63] Formatting

---
 .../options/multi_factor_authentication.js    |  280 ++--
 src/routes/api/options.ts                     |    4 +-
 src/routes/api/recovery_codes.ts              |   12 +-
 src/routes/api/totp.ts                        |   10 +-
 src/routes/login.ts                           |    6 +-
 src/services/encryption/recovery_codes.ts     |    2 +-
 src/services/hidden_subtree.ts                | 1222 ++++++++---------
 src/services/options.ts                       |    2 +-
 src/services/options_init.ts                  |   90 +-
 src/services/totp_secret.ts                   |   24 +-
 10 files changed, 826 insertions(+), 826 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 403945f207..747cc7e112 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -81,148 +81,148 @@ const TPL = `
 </div>`;
 
 export default class MultiFactorAuthenticationOptions extends OptionsWidget {
-  doRender() {
-    this.$widget = $(TPL);
-
-    this.$mfaHeadding = this.$widget.find('.mfa-heading');
-    this.$regenerateTotpButton = this.$widget.find('.regenerate-totp');
-    this.$totpEnabled = this.$widget.find('.totp-enabled');
-    this.$totpSecret = this.$widget.find('.totp-secret');
-    this.$totpSecretInput = this.$widget.find('.totp-secret-input');
-    this.$saveTotpButton = this.$widget.find('.save-totp');
-    this.$password = this.$widget.find('.password');
-    this.$generateRecoveryCodeButton = this.$widget.find('.generate-recovery-code');
-    this.$recoveryKeys = [];
-
-    for (let i = 0; i < 8; i++) this.$recoveryKeys.push(this.$widget.find('.key_' + i));
-
-    this.$mfaHeadding.text('Time-Based One Time Password (TOTP)');
-
-    this.$totpEnabled.on('change', async () => {
-      this.updateSecret();
-    });
-
-    this.$generateRecoveryCodeButton.on('click', async () => {
-      this.setRecoveryKeys();
-    });
-
-    this.$regenerateTotpButton.on('click', async () => {
-      this.generateKey();
-    });
-
-    this.$saveTotpButton.on('click', async () => {
-      this.saveTotpSecret();
-    });
-
-    this.$protectedSessionTimeout = this.$widget.find('.protected-session-timeout-in-seconds');
-    this.$protectedSessionTimeout.on('change', () =>
-      this.updateOption('protectedSessionTimeout', this.$protectedSessionTimeout.val())
-    );
-
-    this.displayRecoveryKeys();
-  }
-
-  async updateSecret() {
-    if (this.$totpEnabled.prop('checked')) server.post('totp/enable');
-    else server.post('totp/disable');
-  }
-
-  async setRecoveryKeys() {
-    server.get('totp_recovery/generate').then((result) => {
-      if (!result.success) {
-        toastService.showError('Error in revevery code generation!');
-        return;
-      }
-      this.keyFiller(result.recoveryCodes);
-      server.post('totp_recovery/set', {
-        recoveryCodes: result.recoveryCodes,
-      });
-    });
-  }
-
-  async keyFiller(values) {
-    // Forces values to be a string so it doesn't error out when I split.
-    // Will be a non-issue when I update everything to typescript.
-    const keys = (values + '').split(',');
-    for (let i = 0; i < keys.length; i++) this.$recoveryKeys[i].text(keys[i]);
-  }
-
-  async generateKey() {
-    server.get('totp/generate').then((result) => {
-      if (result.success) {
-        this.$totpSecret.text(result.message);
-      } else {
-        toastService.showError(result.message);
-      }
-    });
-  }
-
-  optionsLoaded(options) {
-    server.get('totp/enabled').then((result) => {
-      if (result.success) {
-        this.$totpEnabled.prop('checked', result.message);
-        this.$totpSecretInput.prop('disabled', !result.message);
-        this.$saveTotpButton.prop('disabled', !result.message);
-        this.$totpSecret.prop('disapbled', !result.message);
-        this.$regenerateTotpButton.prop('disabled', !result.message);
-        this.$password.prop('disabled', !result.message);
-        this.$generateRecoveryCodeButton.prop('disabled', !result.message);
-      } else {
-        toastService.showError(result.message);
-      }
-    });
-
-    this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
-  }
-
-  saveTotpSecret() {
-    const key = this.$totpSecretInput.val().trim();
-    const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
-
-    if (key.length != 52) {
-      toastService.showError('Invalid Secret', 2000);
-      return;
+    doRender() {
+        this.$widget = $(TPL);
+
+        this.$mfaHeadding = this.$widget.find('.mfa-heading');
+        this.$regenerateTotpButton = this.$widget.find('.regenerate-totp');
+        this.$totpEnabled = this.$widget.find('.totp-enabled');
+        this.$totpSecret = this.$widget.find('.totp-secret');
+        this.$totpSecretInput = this.$widget.find('.totp-secret-input');
+        this.$saveTotpButton = this.$widget.find('.save-totp');
+        this.$password = this.$widget.find('.password');
+        this.$generateRecoveryCodeButton = this.$widget.find('.generate-recovery-code');
+        this.$recoveryKeys = [];
+
+        for (let i = 0; i < 8; i++) this.$recoveryKeys.push(this.$widget.find('.key_' + i));
+
+        this.$mfaHeadding.text('Time-Based One Time Password (TOTP)');
+
+        this.$totpEnabled.on('change', async () => {
+            this.updateSecret();
+        });
+
+        this.$generateRecoveryCodeButton.on('click', async () => {
+            this.setRecoveryKeys();
+        });
+
+        this.$regenerateTotpButton.on('click', async () => {
+            this.generateKey();
+        });
+
+        this.$saveTotpButton.on('click', async () => {
+            this.saveTotpSecret();
+        });
+
+        this.$protectedSessionTimeout = this.$widget.find('.protected-session-timeout-in-seconds');
+        this.$protectedSessionTimeout.on('change', () =>
+            this.updateOption('protectedSessionTimeout', this.$protectedSessionTimeout.val())
+        );
+
+        this.displayRecoveryKeys();
+    }
+
+    async updateSecret() {
+        if (this.$totpEnabled.prop('checked')) server.post('totp/enable');
+        else server.post('totp/disable');
+    }
+
+    async setRecoveryKeys() {
+        server.get('totp_recovery/generate').then((result) => {
+            if (!result.success) {
+                toastService.showError('Error in revevery code generation!');
+                return;
+            }
+            this.keyFiller(result.recoveryCodes);
+            server.post('totp_recovery/set', {
+                recoveryCodes: result.recoveryCodes
+            });
+        });
+    }
+
+    async keyFiller(values) {
+        // Forces values to be a string so it doesn't error out when I split.
+        // Will be a non-issue when I update everything to typescript.
+        const keys = (values + '').split(',');
+        for (let i = 0; i < keys.length; i++) this.$recoveryKeys[i].text(keys[i]);
     }
-    if (regex.test(key)) {
-      toastService.showError('Invalid Secret', 2000);
-      return;
+
+    async generateKey() {
+        server.get('totp/generate').then((result) => {
+            if (result.success) {
+                this.$totpSecret.text(result.message);
+            } else {
+                toastService.showError(result.message);
+            }
+        });
+    }
+
+    optionsLoaded(options) {
+        server.get('totp/enabled').then((result) => {
+            if (result.success) {
+                this.$totpEnabled.prop('checked', result.message);
+                this.$totpSecretInput.prop('disabled', !result.message);
+                this.$saveTotpButton.prop('disabled', !result.message);
+                this.$totpSecret.prop('disapbled', !result.message);
+                this.$regenerateTotpButton.prop('disabled', !result.message);
+                this.$password.prop('disabled', !result.message);
+                this.$generateRecoveryCodeButton.prop('disabled', !result.message);
+            } else {
+                toastService.showError(result.message);
+            }
+        });
+
+        this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
     }
 
-    server
-      .post('totp/set', {
-        secret: this.$totpSecretInput.val(),
-        password: this.$password.val(),
-      })
-      .then((result) => {
-        if (result.success) {
-          toastService.showError('Password has been changed. Trilium will be reloaded after you press OK.');
-
-          // password changed so current protected session is invalid and needs to be cleared
-          protectedSessionHolder.resetProtectedSession();
-        } else {
-          toastService.showError(result.message);
+    saveTotpSecret() {
+        const key = this.$totpSecretInput.val().trim();
+        const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
+
+        if (key.length != 52) {
+            toastService.showError('Invalid Secret', 2000);
+            return;
+        }
+        if (regex.test(key)) {
+            toastService.showError('Invalid Secret', 2000);
+            return;
         }
-      });
-
-    return false;
-  }
-
-  displayRecoveryKeys() {
-    server.get('totp_recovery/enabled').then((result) => {
-      if (!result.success) {
-        this.keyFiller(Array(8).fill('Error generating recovery keys!'));
-        return;
-      }
-
-      if (!result.keysExist) {
-        this.keyFiller(Array(8).fill('No key set'));
-        this.$generateRecoveryCodeButton.text('Generate Recovery Codes');
-        return;
-      }
-    });
-    server.get('totp_recovery/used').then((result) => {
-      this.keyFiller((result.usedRecoveryCodes + '').split(','));
-      this.$generateRecoveryCodeButton.text('Regenerate Recovery Codes');
-    });
-  }
+
+        server
+            .post('totp/set', {
+                secret: this.$totpSecretInput.val(),
+                password: this.$password.val()
+            })
+            .then((result) => {
+                if (result.success) {
+                    toastService.showError('Password has been changed. Trilium will be reloaded after you press OK.');
+
+                    // password changed so current protected session is invalid and needs to be cleared
+                    protectedSessionHolder.resetProtectedSession();
+                } else {
+                    toastService.showError(result.message);
+                }
+            });
+
+        return false;
+    }
+
+    displayRecoveryKeys() {
+        server.get('totp_recovery/enabled').then((result) => {
+            if (!result.success) {
+                this.keyFiller(Array(8).fill('Error generating recovery keys!'));
+                return;
+            }
+
+            if (!result.keysExist) {
+                this.keyFiller(Array(8).fill('No key set'));
+                this.$generateRecoveryCodeButton.text('Generate Recovery Codes');
+                return;
+            }
+        });
+        server.get('totp_recovery/used').then((result) => {
+            this.keyFiller((result.usedRecoveryCodes + '').split(','));
+            this.$generateRecoveryCodeButton.text('Regenerate Recovery Codes');
+        });
+    }
 }
diff --git a/src/routes/api/options.ts b/src/routes/api/options.ts
index 3e7d126352..979493c386 100644
--- a/src/routes/api/options.ts
+++ b/src/routes/api/options.ts
@@ -4,7 +4,7 @@ import optionService = require('../../services/options');
 import log = require('../../services/log');
 import searchService = require('../../services/search/services/search');
 import ValidationError = require('../../errors/validation_error');
-import { Request } from 'express';
+import {Request} from 'express';
 
 // options allowed to be updated directly in the Options dialog
 const ALLOWED_OPTIONS = new Set([
@@ -78,7 +78,7 @@ function getOptions() {
 }
 
 function updateOption(req: Request) {
-    const { name, value } = req.params;
+    const {name, value} = req.params;
 
     if (!update(name, value)) {
         throw new ValidationError('not allowed option to change');
diff --git a/src/routes/api/recovery_codes.ts b/src/routes/api/recovery_codes.ts
index ccda136d77..a9af5b91fc 100644
--- a/src/routes/api/recovery_codes.ts
+++ b/src/routes/api/recovery_codes.ts
@@ -1,20 +1,20 @@
 import recovery_codes = require('../../services/encryption/recovery_codes');
-import { Request } from 'express';
-import { randomBytes } from 'crypto';
+import {Request} from 'express';
+import {randomBytes} from 'crypto';
 
 function setRecoveryCodes(req: Request) {
     const success = recovery_codes.setRecoveryCodes(req.body.recoveryCodes);
-    return { success: success, message: 'Recovery codes set!' };
+    return {success: success, message: 'Recovery codes set!'};
 }
 
 function veryifyRecoveryCode(req: Request) {
     const success = recovery_codes.verifyRecoveryCode(req.body.recovery_code_guess);
 
-    return { success: success };
+    return {success: success};
 }
 
 function checkForRecoveryKeys() {
-    return { success: true, keysExist: recovery_codes.isRecoveryCodeSet() };
+    return {success: true, keysExist: recovery_codes.isRecoveryCodeSet()};
 }
 
 function generateRecoveryCodes() {
@@ -31,7 +31,7 @@ function generateRecoveryCodes() {
 
     recovery_codes.setRecoveryCodes(recoveryKeys.toString());
 
-    return { success: true, recoveryCodes: recoveryKeys.toString() };
+    return {success: true, recoveryCodes: recoveryKeys.toString()};
 }
 
 function getUsedRecoveryCodes() {
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index 581a7b7978..5ab40052fe 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -1,7 +1,7 @@
 import options = require('../../services/options');
 import totp_secret = require('../../services/encryption/totp_secret');
 import passwordEncryptionService = require('../../services/encryption/password_encryption');
-import { Request } from 'express';
+import {Request} from 'express';
 import totp_fs = require('../../services/totp_secret');
 import ValidationError = require('../../errors/validation_error');
 const speakeasy = require('speakeasy');
@@ -18,23 +18,23 @@ function verifyOTPToken(guessedToken: any) {
 }
 
 function generateSecret() {
-    return { success: 'true', message: speakeasy.generateSecret().base32 };
+    return {success: 'true', message: speakeasy.generateSecret().base32};
 }
 
 function checkForTOTP() {
     const totpEnabled = options.getOptionBool('totpEnabled');
-    return { success: 'true', message: totpEnabled };
+    return {success: 'true', message: totpEnabled};
 }
 
 function enableTOTP() {
     options.setOption('totpEnabled', true);
-    return { success: 'true' };
+    return {success: 'true'};
 }
 
 function disableTOTP() {
     options.setOption('totpEnabled', false);
 
-    return { success: totp_fs.removeTotpSecret() };
+    return {success: totp_fs.removeTotpSecret()};
 }
 
 function setTotpSecret(req: Request) {
diff --git a/src/routes/login.ts b/src/routes/login.ts
index c72e86fbbb..03fd3b5f5f 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -9,8 +9,8 @@ import assetPath = require('../services/asset_path');
 import appPath = require('../services/app_path');
 import ValidationError = require('../errors/validation_error');
 import totp_secret = require('../services/totp_secret');
-import { Request, Response } from 'express';
-import { AppRequest } from './route-interface';
+import {Request, Response} from 'express';
+import {AppRequest} from './route-interface';
 import recoveryCodeService = require('../services/encryption/recovery_codes');
 
 const speakeasy = require('speakeasy');
@@ -37,7 +37,7 @@ function setPassword(req: Request, res: Response) {
         throw new ValidationError('Password has been already set');
     }
 
-    let { password1, password2 } = req.body;
+    let {password1, password2} = req.body;
     password1 = password1.trim();
     password2 = password2.trim();
 
diff --git a/src/services/encryption/recovery_codes.ts b/src/services/encryption/recovery_codes.ts
index 1e0d0db4ef..c10bc76486 100644
--- a/src/services/encryption/recovery_codes.ts
+++ b/src/services/encryption/recovery_codes.ts
@@ -80,4 +80,4 @@ function getUsedRecoveryCodes() {
     return usedStatus;
 }
 
-export = { setRecoveryCodes, verifyRecoveryCode, getUsedRecoveryCodes, isRecoveryCodeSet };
+export = {setRecoveryCodes, verifyRecoveryCode, getUsedRecoveryCodes, isRecoveryCodeSet};
diff --git a/src/services/hidden_subtree.ts b/src/services/hidden_subtree.ts
index 01091caad6..a7ec0f836f 100644
--- a/src/services/hidden_subtree.ts
+++ b/src/services/hidden_subtree.ts
@@ -1,5 +1,5 @@
 import BAttribute = require('../becca/entities/battribute');
-import { AttributeType, NoteType } from '../becca/entities/rows';
+import {AttributeType, NoteType} from '../becca/entities/rows';
 
 import becca = require('../becca/becca');
 import noteService = require('./notes');
@@ -16,34 +16,34 @@ const LBTPL_SPACER = '_lbTplSpacer';
 const LBTPL_CUSTOM_WIDGET = '_lbTplCustomWidget';
 
 interface Attribute {
-  type: AttributeType;
-  name: string;
-  isInheritable?: boolean;
-  value?: string;
+    type: AttributeType;
+    name: string;
+    isInheritable?: boolean;
+    value?: string;
 }
 
 interface Item {
-  notePosition?: number;
-  id: string;
-  title: string;
-  type: NoteType;
-  icon?: string;
-  attributes?: Attribute[];
-  children?: Item[];
-  isExpanded?: boolean;
-  baseSize?: string;
-  growthFactor?: string;
-  targetNoteId?: '_backendLog' | '_globalNoteMap';
-  builtinWidget?:
-    | 'bookmarks'
-    | 'spacer'
-    | 'backInHistoryButton'
-    | 'forwardInHistoryButton'
-    | 'syncStatus'
-    | 'protectedSession'
-    | 'todayInJournal'
-    | 'calendar';
-  command?: 'jumpToNote' | 'searchNotes' | 'createNoteIntoInbox' | 'showRecentChanges';
+    notePosition?: number;
+    id: string;
+    title: string;
+    type: NoteType;
+    icon?: string;
+    attributes?: Attribute[];
+    children?: Item[];
+    isExpanded?: boolean;
+    baseSize?: string;
+    growthFactor?: string;
+    targetNoteId?: '_backendLog' | '_globalNoteMap';
+    builtinWidget?:
+        | 'bookmarks'
+        | 'spacer'
+        | 'backInHistoryButton'
+        | 'forwardInHistoryButton'
+        | 'syncStatus'
+        | 'protectedSession'
+        | 'todayInJournal'
+        | 'calendar';
+    command?: 'jumpToNote' | 'searchNotes' | 'createNoteIntoInbox' | 'showRecentChanges';
 }
 
 /*
@@ -53,639 +53,639 @@ interface Item {
  */
 
 const HIDDEN_SUBTREE_DEFINITION: Item = {
-  id: '_hidden',
-  title: 'Hidden Notes',
-  type: 'doc',
-  icon: 'bx bx-chip',
-  // we want to keep the hidden subtree always last, otherwise there will be problems with e.g., keyboard navigation
-  // over tree when it's in the middle
-  notePosition: 999_999_999,
-  attributes: [
-    { type: 'label', name: 'excludeFromNoteMap', isInheritable: true },
-    { type: 'label', name: 'docName', value: 'hidden' },
-  ],
-  children: [
-    {
-      id: '_search',
-      title: 'Search History',
-      type: 'doc',
-    },
-    {
-      id: '_globalNoteMap',
-      title: 'Note Map',
-      type: 'noteMap',
-      attributes: [
-        { type: 'label', name: 'mapRootNoteId', value: 'hoisted' },
-        { type: 'label', name: 'keepCurrentHoisting' },
-      ],
-    },
-    {
-      id: '_sqlConsole',
-      title: 'SQL Console History',
-      type: 'doc',
-      icon: 'bx-data',
-    },
-    {
-      id: '_share',
-      title: 'Shared Notes',
-      type: 'doc',
-      attributes: [{ type: 'label', name: 'docName', value: 'share' }],
-    },
-    {
-      id: '_bulkAction',
-      title: 'Bulk Action',
-      type: 'doc',
-    },
-    {
-      id: '_backendLog',
-      title: 'Backend Log',
-      type: 'contentWidget',
-      icon: 'bx-terminal',
-      attributes: [{ type: 'label', name: 'keepCurrentHoisting' }],
-    },
-    {
-      // place for user scripts hidden stuff (scripts should not create notes directly under hidden root)
-      id: '_userHidden',
-      title: 'User Hidden',
-      type: 'doc',
-      attributes: [{ type: 'label', name: 'docName', value: 'user_hidden' }],
-    },
-    {
-      id: LBTPL_ROOT,
-      title: 'Launch Bar Templates',
-      type: 'doc',
-      children: [
+    id: '_hidden',
+    title: 'Hidden Notes',
+    type: 'doc',
+    icon: 'bx bx-chip',
+    // we want to keep the hidden subtree always last, otherwise there will be problems with e.g., keyboard navigation
+    // over tree when it's in the middle
+    notePosition: 999_999_999,
+    attributes: [
+        {type: 'label', name: 'excludeFromNoteMap', isInheritable: true},
+        {type: 'label', name: 'docName', value: 'hidden'}
+    ],
+    children: [
         {
-          id: LBTPL_BASE,
-          title: 'Base Abstract Launcher',
-          type: 'doc',
+            id: '_search',
+            title: 'Search History',
+            type: 'doc'
         },
         {
-          id: LBTPL_COMMAND,
-          title: 'Command Launcher',
-          type: 'doc',
-          attributes: [
-            {
-              type: 'relation',
-              name: 'template',
-              value: LBTPL_BASE,
-            },
-            {
-              type: 'label',
-              name: 'launcherType',
-              value: 'command',
-            },
-            {
-              type: 'label',
-              name: 'docName',
-              value: 'launchbar_command_launcher',
-            },
-          ],
+            id: '_globalNoteMap',
+            title: 'Note Map',
+            type: 'noteMap',
+            attributes: [
+                {type: 'label', name: 'mapRootNoteId', value: 'hoisted'},
+                {type: 'label', name: 'keepCurrentHoisting'}
+            ]
         },
         {
-          id: LBTPL_NOTE_LAUNCHER,
-          title: 'Note Launcher',
-          type: 'doc',
-          attributes: [
-            {
-              type: 'relation',
-              name: 'template',
-              value: LBTPL_BASE,
-            },
-            { type: 'label', name: 'launcherType', value: 'note' },
-            {
-              type: 'label',
-              name: 'relation:target',
-              value: 'promoted',
-            },
-            {
-              type: 'label',
-              name: 'relation:hoistedNote',
-              value: 'promoted',
-            },
-            {
-              type: 'label',
-              name: 'label:keyboardShortcut',
-              value: 'promoted,text',
-            },
-            {
-              type: 'label',
-              name: 'docName',
-              value: 'launchbar_note_launcher',
-            },
-          ],
+            id: '_sqlConsole',
+            title: 'SQL Console History',
+            type: 'doc',
+            icon: 'bx-data'
         },
         {
-          id: LBTPL_SCRIPT,
-          title: 'Script Launcher',
-          type: 'doc',
-          attributes: [
-            {
-              type: 'relation',
-              name: 'template',
-              value: LBTPL_BASE,
-            },
-            {
-              type: 'label',
-              name: 'launcherType',
-              value: 'script',
-            },
-            {
-              type: 'label',
-              name: 'relation:script',
-              value: 'promoted',
-            },
-            {
-              type: 'label',
-              name: 'label:keyboardShortcut',
-              value: 'promoted,text',
-            },
-            {
-              type: 'label',
-              name: 'docName',
-              value: 'launchbar_script_launcher',
-            },
-          ],
+            id: '_share',
+            title: 'Shared Notes',
+            type: 'doc',
+            attributes: [{type: 'label', name: 'docName', value: 'share'}]
         },
         {
-          id: LBTPL_BUILTIN_WIDGET,
-          title: 'Built-in Widget',
-          type: 'doc',
-          attributes: [
-            {
-              type: 'relation',
-              name: 'template',
-              value: LBTPL_BASE,
-            },
-            {
-              type: 'label',
-              name: 'launcherType',
-              value: 'builtinWidget',
-            },
-          ],
+            id: '_bulkAction',
+            title: 'Bulk Action',
+            type: 'doc'
         },
         {
-          id: LBTPL_SPACER,
-          title: 'Spacer',
-          type: 'doc',
-          icon: 'bx-move-vertical',
-          attributes: [
-            {
-              type: 'relation',
-              name: 'template',
-              value: LBTPL_BUILTIN_WIDGET,
-            },
-            {
-              type: 'label',
-              name: 'builtinWidget',
-              value: 'spacer',
-            },
-            {
-              type: 'label',
-              name: 'label:baseSize',
-              value: 'promoted,number',
-            },
-            {
-              type: 'label',
-              name: 'label:growthFactor',
-              value: 'promoted,number',
-            },
-            {
-              type: 'label',
-              name: 'docName',
-              value: 'launchbar_spacer',
-            },
-          ],
+            id: '_backendLog',
+            title: 'Backend Log',
+            type: 'contentWidget',
+            icon: 'bx-terminal',
+            attributes: [{type: 'label', name: 'keepCurrentHoisting'}]
         },
         {
-          id: LBTPL_CUSTOM_WIDGET,
-          title: 'Custom Widget',
-          type: 'doc',
-          attributes: [
-            {
-              type: 'relation',
-              name: 'template',
-              value: LBTPL_BASE,
-            },
-            {
-              type: 'label',
-              name: 'launcherType',
-              value: 'customWidget',
-            },
-            {
-              type: 'label',
-              name: 'relation:widget',
-              value: 'promoted',
-            },
-            {
-              type: 'label',
-              name: 'docName',
-              value: 'launchbar_widget_launcher',
-            },
-          ],
+            // place for user scripts hidden stuff (scripts should not create notes directly under hidden root)
+            id: '_userHidden',
+            title: 'User Hidden',
+            type: 'doc',
+            attributes: [{type: 'label', name: 'docName', value: 'user_hidden'}]
         },
-      ],
-    },
-    {
-      id: '_lbRoot',
-      title: 'Launch Bar',
-      type: 'doc',
-      icon: 'bx-sidebar',
-      isExpanded: true,
-      attributes: [{ type: 'label', name: 'docName', value: 'launchbar_intro' }],
-      children: [
         {
-          id: '_lbAvailableLaunchers',
-          title: 'Available Launchers',
-          type: 'doc',
-          icon: 'bx-hide',
-          isExpanded: true,
-          attributes: [
-            {
-              type: 'label',
-              name: 'docName',
-              value: 'launchbar_intro',
-            },
-          ],
-          children: [
-            {
-              id: '_lbBackInHistory',
-              title: 'Go to Previous Note',
-              type: 'launcher',
-              builtinWidget: 'backInHistoryButton',
-              icon: 'bx bxs-left-arrow-square',
-              attributes: [
+            id: LBTPL_ROOT,
+            title: 'Launch Bar Templates',
+            type: 'doc',
+            children: [
                 {
-                  type: 'label',
-                  name: 'docName',
-                  value: 'launchbar_history_navigation',
+                    id: LBTPL_BASE,
+                    title: 'Base Abstract Launcher',
+                    type: 'doc'
                 },
-              ],
-            },
-            {
-              id: '_lbForwardInHistory',
-              title: 'Go to Next Note',
-              type: 'launcher',
-              builtinWidget: 'forwardInHistoryButton',
-              icon: 'bx bxs-right-arrow-square',
-              attributes: [
                 {
-                  type: 'label',
-                  name: 'docName',
-                  value: 'launchbar_history_navigation',
+                    id: LBTPL_COMMAND,
+                    title: 'Command Launcher',
+                    type: 'doc',
+                    attributes: [
+                        {
+                            type: 'relation',
+                            name: 'template',
+                            value: LBTPL_BASE
+                        },
+                        {
+                            type: 'label',
+                            name: 'launcherType',
+                            value: 'command'
+                        },
+                        {
+                            type: 'label',
+                            name: 'docName',
+                            value: 'launchbar_command_launcher'
+                        }
+                    ]
                 },
-              ],
-            },
-            {
-              id: '_lbBackendLog',
-              title: 'Backend Log',
-              type: 'launcher',
-              targetNoteId: '_backendLog',
-              icon: 'bx bx-terminal',
-            },
-          ],
-        },
-        {
-          id: '_lbVisibleLaunchers',
-          title: 'Visible Launchers',
-          type: 'doc',
-          icon: 'bx-show',
-          isExpanded: true,
-          attributes: [
-            {
-              type: 'label',
-              name: 'docName',
-              value: 'launchbar_intro',
-            },
-          ],
-          children: [
-            {
-              id: '_lbNewNote',
-              title: 'New Note',
-              type: 'launcher',
-              command: 'createNoteIntoInbox',
-              icon: 'bx bx-file-blank',
-            },
-            {
-              id: '_lbSearch',
-              title: 'Search Notes',
-              type: 'launcher',
-              command: 'searchNotes',
-              icon: 'bx bx-search',
-              attributes: [{ type: 'label', name: 'desktopOnly' }],
-            },
-            {
-              id: '_lbJumpTo',
-              title: 'Jump to Note',
-              type: 'launcher',
-              command: 'jumpToNote',
-              icon: 'bx bx-send',
-              attributes: [{ type: 'label', name: 'desktopOnly' }],
-            },
-            {
-              id: '_lbNoteMap',
-              title: 'Note Map',
-              type: 'launcher',
-              targetNoteId: '_globalNoteMap',
-              icon: 'bx bx-map-alt',
-            },
-            {
-              id: '_lbCalendar',
-              title: 'Calendar',
-              type: 'launcher',
-              builtinWidget: 'calendar',
-              icon: 'bx bx-calendar',
-            },
-            {
-              id: '_lbRecentChanges',
-              title: 'Recent Changes',
-              type: 'launcher',
-              command: 'showRecentChanges',
-              icon: 'bx bx-history',
-              attributes: [{ type: 'label', name: 'desktopOnly' }],
-            },
-            {
-              id: '_lbSpacer1',
-              title: 'Spacer',
-              type: 'launcher',
-              builtinWidget: 'spacer',
-              baseSize: '50',
-              growthFactor: '0',
-            },
-            {
-              id: '_lbBookmarks',
-              title: 'Bookmarks',
-              type: 'launcher',
-              builtinWidget: 'bookmarks',
-              icon: 'bx bx-bookmark',
-            },
-            {
-              id: '_lbToday',
-              title: "Open Today's Journal Note",
-              type: 'launcher',
-              builtinWidget: 'todayInJournal',
-              icon: 'bx bx-calendar-star',
-            },
-            {
-              id: '_lbSpacer2',
-              title: 'Spacer',
-              type: 'launcher',
-              builtinWidget: 'spacer',
-              baseSize: '0',
-              growthFactor: '1',
-            },
-            {
-              id: '_lbProtectedSession',
-              title: 'Protected Session',
-              type: 'launcher',
-              builtinWidget: 'protectedSession',
-              icon: 'bx bx bx-shield-quarter',
-            },
-            {
-              id: '_lbSyncStatus',
-              title: 'Sync Status',
-              type: 'launcher',
-              builtinWidget: 'syncStatus',
-              icon: 'bx bx-wifi',
-            },
-          ],
-        },
-      ],
-    },
-    {
-      id: '_options',
-      title: 'Options',
-      type: 'book',
-      children: [
-        {
-          id: '_optionsAppearance',
-          title: 'Appearance',
-          type: 'contentWidget',
-          icon: 'bx-layout',
-        },
-        {
-          id: '_optionsShortcuts',
-          title: 'Shortcuts',
-          type: 'contentWidget',
-          icon: 'bxs-keyboard',
-        },
-        {
-          id: '_optionsTextNotes',
-          title: 'Text Notes',
-          type: 'contentWidget',
-          icon: 'bx-text',
-        },
-        {
-          id: '_optionsMFA',
-          title: 'MFA',
-          type: 'contentWidget',
-          icon: 'bx-lock',
-        },
-        {
-          id: '_optionsCodeNotes',
-          title: 'Code Notes',
-          type: 'contentWidget',
-          icon: 'bx-code',
-        },
-        {
-          id: '_optionsImages',
-          title: 'Images',
-          type: 'contentWidget',
-          icon: 'bx-image',
-        },
-        {
-          id: '_optionsSpellcheck',
-          title: 'Spellcheck',
-          type: 'contentWidget',
-          icon: 'bx-check-double',
-        },
-        {
-          id: '_optionsPassword',
-          title: 'Password',
-          type: 'contentWidget',
-          icon: 'bx-lock',
-        },
-        {
-          id: '_optionsEtapi',
-          title: 'ETAPI',
-          type: 'contentWidget',
-          icon: 'bx-extension',
-        },
-        {
-          id: '_optionsBackup',
-          title: 'Backup',
-          type: 'contentWidget',
-          icon: 'bx-data',
-        },
-        {
-          id: '_optionsSync',
-          title: 'Sync',
-          type: 'contentWidget',
-          icon: 'bx-wifi',
+                {
+                    id: LBTPL_NOTE_LAUNCHER,
+                    title: 'Note Launcher',
+                    type: 'doc',
+                    attributes: [
+                        {
+                            type: 'relation',
+                            name: 'template',
+                            value: LBTPL_BASE
+                        },
+                        {type: 'label', name: 'launcherType', value: 'note'},
+                        {
+                            type: 'label',
+                            name: 'relation:target',
+                            value: 'promoted'
+                        },
+                        {
+                            type: 'label',
+                            name: 'relation:hoistedNote',
+                            value: 'promoted'
+                        },
+                        {
+                            type: 'label',
+                            name: 'label:keyboardShortcut',
+                            value: 'promoted,text'
+                        },
+                        {
+                            type: 'label',
+                            name: 'docName',
+                            value: 'launchbar_note_launcher'
+                        }
+                    ]
+                },
+                {
+                    id: LBTPL_SCRIPT,
+                    title: 'Script Launcher',
+                    type: 'doc',
+                    attributes: [
+                        {
+                            type: 'relation',
+                            name: 'template',
+                            value: LBTPL_BASE
+                        },
+                        {
+                            type: 'label',
+                            name: 'launcherType',
+                            value: 'script'
+                        },
+                        {
+                            type: 'label',
+                            name: 'relation:script',
+                            value: 'promoted'
+                        },
+                        {
+                            type: 'label',
+                            name: 'label:keyboardShortcut',
+                            value: 'promoted,text'
+                        },
+                        {
+                            type: 'label',
+                            name: 'docName',
+                            value: 'launchbar_script_launcher'
+                        }
+                    ]
+                },
+                {
+                    id: LBTPL_BUILTIN_WIDGET,
+                    title: 'Built-in Widget',
+                    type: 'doc',
+                    attributes: [
+                        {
+                            type: 'relation',
+                            name: 'template',
+                            value: LBTPL_BASE
+                        },
+                        {
+                            type: 'label',
+                            name: 'launcherType',
+                            value: 'builtinWidget'
+                        }
+                    ]
+                },
+                {
+                    id: LBTPL_SPACER,
+                    title: 'Spacer',
+                    type: 'doc',
+                    icon: 'bx-move-vertical',
+                    attributes: [
+                        {
+                            type: 'relation',
+                            name: 'template',
+                            value: LBTPL_BUILTIN_WIDGET
+                        },
+                        {
+                            type: 'label',
+                            name: 'builtinWidget',
+                            value: 'spacer'
+                        },
+                        {
+                            type: 'label',
+                            name: 'label:baseSize',
+                            value: 'promoted,number'
+                        },
+                        {
+                            type: 'label',
+                            name: 'label:growthFactor',
+                            value: 'promoted,number'
+                        },
+                        {
+                            type: 'label',
+                            name: 'docName',
+                            value: 'launchbar_spacer'
+                        }
+                    ]
+                },
+                {
+                    id: LBTPL_CUSTOM_WIDGET,
+                    title: 'Custom Widget',
+                    type: 'doc',
+                    attributes: [
+                        {
+                            type: 'relation',
+                            name: 'template',
+                            value: LBTPL_BASE
+                        },
+                        {
+                            type: 'label',
+                            name: 'launcherType',
+                            value: 'customWidget'
+                        },
+                        {
+                            type: 'label',
+                            name: 'relation:widget',
+                            value: 'promoted'
+                        },
+                        {
+                            type: 'label',
+                            name: 'docName',
+                            value: 'launchbar_widget_launcher'
+                        }
+                    ]
+                }
+            ]
         },
         {
-          id: '_optionsOther',
-          title: 'Other',
-          type: 'contentWidget',
-          icon: 'bx-dots-horizontal',
+            id: '_lbRoot',
+            title: 'Launch Bar',
+            type: 'doc',
+            icon: 'bx-sidebar',
+            isExpanded: true,
+            attributes: [{type: 'label', name: 'docName', value: 'launchbar_intro'}],
+            children: [
+                {
+                    id: '_lbAvailableLaunchers',
+                    title: 'Available Launchers',
+                    type: 'doc',
+                    icon: 'bx-hide',
+                    isExpanded: true,
+                    attributes: [
+                        {
+                            type: 'label',
+                            name: 'docName',
+                            value: 'launchbar_intro'
+                        }
+                    ],
+                    children: [
+                        {
+                            id: '_lbBackInHistory',
+                            title: 'Go to Previous Note',
+                            type: 'launcher',
+                            builtinWidget: 'backInHistoryButton',
+                            icon: 'bx bxs-left-arrow-square',
+                            attributes: [
+                                {
+                                    type: 'label',
+                                    name: 'docName',
+                                    value: 'launchbar_history_navigation'
+                                }
+                            ]
+                        },
+                        {
+                            id: '_lbForwardInHistory',
+                            title: 'Go to Next Note',
+                            type: 'launcher',
+                            builtinWidget: 'forwardInHistoryButton',
+                            icon: 'bx bxs-right-arrow-square',
+                            attributes: [
+                                {
+                                    type: 'label',
+                                    name: 'docName',
+                                    value: 'launchbar_history_navigation'
+                                }
+                            ]
+                        },
+                        {
+                            id: '_lbBackendLog',
+                            title: 'Backend Log',
+                            type: 'launcher',
+                            targetNoteId: '_backendLog',
+                            icon: 'bx bx-terminal'
+                        }
+                    ]
+                },
+                {
+                    id: '_lbVisibleLaunchers',
+                    title: 'Visible Launchers',
+                    type: 'doc',
+                    icon: 'bx-show',
+                    isExpanded: true,
+                    attributes: [
+                        {
+                            type: 'label',
+                            name: 'docName',
+                            value: 'launchbar_intro'
+                        }
+                    ],
+                    children: [
+                        {
+                            id: '_lbNewNote',
+                            title: 'New Note',
+                            type: 'launcher',
+                            command: 'createNoteIntoInbox',
+                            icon: 'bx bx-file-blank'
+                        },
+                        {
+                            id: '_lbSearch',
+                            title: 'Search Notes',
+                            type: 'launcher',
+                            command: 'searchNotes',
+                            icon: 'bx bx-search',
+                            attributes: [{type: 'label', name: 'desktopOnly'}]
+                        },
+                        {
+                            id: '_lbJumpTo',
+                            title: 'Jump to Note',
+                            type: 'launcher',
+                            command: 'jumpToNote',
+                            icon: 'bx bx-send',
+                            attributes: [{type: 'label', name: 'desktopOnly'}]
+                        },
+                        {
+                            id: '_lbNoteMap',
+                            title: 'Note Map',
+                            type: 'launcher',
+                            targetNoteId: '_globalNoteMap',
+                            icon: 'bx bx-map-alt'
+                        },
+                        {
+                            id: '_lbCalendar',
+                            title: 'Calendar',
+                            type: 'launcher',
+                            builtinWidget: 'calendar',
+                            icon: 'bx bx-calendar'
+                        },
+                        {
+                            id: '_lbRecentChanges',
+                            title: 'Recent Changes',
+                            type: 'launcher',
+                            command: 'showRecentChanges',
+                            icon: 'bx bx-history',
+                            attributes: [{type: 'label', name: 'desktopOnly'}]
+                        },
+                        {
+                            id: '_lbSpacer1',
+                            title: 'Spacer',
+                            type: 'launcher',
+                            builtinWidget: 'spacer',
+                            baseSize: '50',
+                            growthFactor: '0'
+                        },
+                        {
+                            id: '_lbBookmarks',
+                            title: 'Bookmarks',
+                            type: 'launcher',
+                            builtinWidget: 'bookmarks',
+                            icon: 'bx bx-bookmark'
+                        },
+                        {
+                            id: '_lbToday',
+                            title: "Open Today's Journal Note",
+                            type: 'launcher',
+                            builtinWidget: 'todayInJournal',
+                            icon: 'bx bx-calendar-star'
+                        },
+                        {
+                            id: '_lbSpacer2',
+                            title: 'Spacer',
+                            type: 'launcher',
+                            builtinWidget: 'spacer',
+                            baseSize: '0',
+                            growthFactor: '1'
+                        },
+                        {
+                            id: '_lbProtectedSession',
+                            title: 'Protected Session',
+                            type: 'launcher',
+                            builtinWidget: 'protectedSession',
+                            icon: 'bx bx bx-shield-quarter'
+                        },
+                        {
+                            id: '_lbSyncStatus',
+                            title: 'Sync Status',
+                            type: 'launcher',
+                            builtinWidget: 'syncStatus',
+                            icon: 'bx bx-wifi'
+                        }
+                    ]
+                }
+            ]
         },
         {
-          id: '_optionsAdvanced',
-          title: 'Advanced',
-          type: 'contentWidget',
-        },
-      ],
-    },
-  ],
+            id: '_options',
+            title: 'Options',
+            type: 'book',
+            children: [
+                {
+                    id: '_optionsAppearance',
+                    title: 'Appearance',
+                    type: 'contentWidget',
+                    icon: 'bx-layout'
+                },
+                {
+                    id: '_optionsShortcuts',
+                    title: 'Shortcuts',
+                    type: 'contentWidget',
+                    icon: 'bxs-keyboard'
+                },
+                {
+                    id: '_optionsTextNotes',
+                    title: 'Text Notes',
+                    type: 'contentWidget',
+                    icon: 'bx-text'
+                },
+                {
+                    id: '_optionsMFA',
+                    title: 'MFA',
+                    type: 'contentWidget',
+                    icon: 'bx-lock'
+                },
+                {
+                    id: '_optionsCodeNotes',
+                    title: 'Code Notes',
+                    type: 'contentWidget',
+                    icon: 'bx-code'
+                },
+                {
+                    id: '_optionsImages',
+                    title: 'Images',
+                    type: 'contentWidget',
+                    icon: 'bx-image'
+                },
+                {
+                    id: '_optionsSpellcheck',
+                    title: 'Spellcheck',
+                    type: 'contentWidget',
+                    icon: 'bx-check-double'
+                },
+                {
+                    id: '_optionsPassword',
+                    title: 'Password',
+                    type: 'contentWidget',
+                    icon: 'bx-lock'
+                },
+                {
+                    id: '_optionsEtapi',
+                    title: 'ETAPI',
+                    type: 'contentWidget',
+                    icon: 'bx-extension'
+                },
+                {
+                    id: '_optionsBackup',
+                    title: 'Backup',
+                    type: 'contentWidget',
+                    icon: 'bx-data'
+                },
+                {
+                    id: '_optionsSync',
+                    title: 'Sync',
+                    type: 'contentWidget',
+                    icon: 'bx-wifi'
+                },
+                {
+                    id: '_optionsOther',
+                    title: 'Other',
+                    type: 'contentWidget',
+                    icon: 'bx-dots-horizontal'
+                },
+                {
+                    id: '_optionsAdvanced',
+                    title: 'Advanced',
+                    type: 'contentWidget'
+                }
+            ]
+        }
+    ]
 };
 
 function checkHiddenSubtree(force = false) {
-  if (!force && !migrationService.isDbUpToDate()) {
-    // on-delete hook might get triggered during some future migration and cause havoc
-    log.info('Will not check hidden subtree until migration is finished.');
-    return;
-  }
+    if (!force && !migrationService.isDbUpToDate()) {
+        // on-delete hook might get triggered during some future migration and cause havoc
+        log.info('Will not check hidden subtree until migration is finished.');
+        return;
+    }
 
-  checkHiddenSubtreeRecursively('root', HIDDEN_SUBTREE_DEFINITION);
+    checkHiddenSubtreeRecursively('root', HIDDEN_SUBTREE_DEFINITION);
 }
 
 function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
-  if (!item.id || !item.type || !item.title) {
-    throw new Error(`Item does not contain mandatory properties: ${JSON.stringify(item)}`);
-  }
-
-  if (item.id.charAt(0) !== '_') {
-    throw new Error(`ID has to start with underscore, given '${item.id}'`);
-  }
+    if (!item.id || !item.type || !item.title) {
+        throw new Error(`Item does not contain mandatory properties: ${JSON.stringify(item)}`);
+    }
 
-  let note = becca.notes[item.id];
-  let branch;
+    if (item.id.charAt(0) !== '_') {
+        throw new Error(`ID has to start with underscore, given '${item.id}'`);
+    }
 
-  if (!note) {
-    ({ note, branch } = noteService.createNewNote({
-      noteId: item.id,
-      title: item.title,
-      type: item.type,
-      parentNoteId: parentNoteId,
-      content: '',
-      ignoreForbiddenParents: true,
-    }));
-  } else {
-    branch = note.getParentBranches().find((branch) => branch.parentNoteId === parentNoteId);
-  }
+    let note = becca.notes[item.id];
+    let branch;
 
-  const attrs = [...(item.attributes || [])];
+    if (!note) {
+        ({note, branch} = noteService.createNewNote({
+            noteId: item.id,
+            title: item.title,
+            type: item.type,
+            parentNoteId: parentNoteId,
+            content: '',
+            ignoreForbiddenParents: true
+        }));
+    } else {
+        branch = note.getParentBranches().find((branch) => branch.parentNoteId === parentNoteId);
+    }
 
-  if (item.icon) {
-    attrs.push({
-      type: 'label',
-      name: 'iconClass',
-      value: `bx ${item.icon}`,
-    });
-  }
+    const attrs = [...(item.attributes || [])];
 
-  if (item.type === 'launcher') {
-    if (item.command) {
-      attrs.push({
-        type: 'relation',
-        name: 'template',
-        value: LBTPL_COMMAND,
-      });
-      attrs.push({ type: 'label', name: 'command', value: item.command });
-    } else if (item.builtinWidget) {
-      if (item.builtinWidget === 'spacer') {
-        attrs.push({
-          type: 'relation',
-          name: 'template',
-          value: LBTPL_SPACER,
-        });
+    if (item.icon) {
         attrs.push({
-          type: 'label',
-          name: 'baseSize',
-          value: item.baseSize,
+            type: 'label',
+            name: 'iconClass',
+            value: `bx ${item.icon}`
         });
-        attrs.push({
-          type: 'label',
-          name: 'growthFactor',
-          value: item.growthFactor,
-        });
-      } else {
-        attrs.push({
-          type: 'relation',
-          name: 'template',
-          value: LBTPL_BUILTIN_WIDGET,
-        });
-      }
-
-      attrs.push({
-        type: 'label',
-        name: 'builtinWidget',
-        value: item.builtinWidget,
-      });
-    } else if (item.targetNoteId) {
-      attrs.push({
-        type: 'relation',
-        name: 'template',
-        value: LBTPL_NOTE_LAUNCHER,
-      });
-      attrs.push({
-        type: 'relation',
-        name: 'target',
-        value: item.targetNoteId,
-      });
-    } else {
-      throw new Error(`No action defined for launcher ${JSON.stringify(item)}`);
     }
-  }
 
-  if (note.type !== item.type) {
-    // enforce a correct note type
-    note.type = item.type;
-    note.save();
-  }
+    if (item.type === 'launcher') {
+        if (item.command) {
+            attrs.push({
+                type: 'relation',
+                name: 'template',
+                value: LBTPL_COMMAND
+            });
+            attrs.push({type: 'label', name: 'command', value: item.command});
+        } else if (item.builtinWidget) {
+            if (item.builtinWidget === 'spacer') {
+                attrs.push({
+                    type: 'relation',
+                    name: 'template',
+                    value: LBTPL_SPACER
+                });
+                attrs.push({
+                    type: 'label',
+                    name: 'baseSize',
+                    value: item.baseSize
+                });
+                attrs.push({
+                    type: 'label',
+                    name: 'growthFactor',
+                    value: item.growthFactor
+                });
+            } else {
+                attrs.push({
+                    type: 'relation',
+                    name: 'template',
+                    value: LBTPL_BUILTIN_WIDGET
+                });
+            }
 
-  if (branch) {
-    // in case of launchers the branch ID is not preserved and should not be relied upon - launchers which move between
-    // visible and available will change branch since the branch's parent-child relationship is immutable
-    if (item.notePosition !== undefined && branch.notePosition !== item.notePosition) {
-      branch.notePosition = item.notePosition;
-      branch.save();
+            attrs.push({
+                type: 'label',
+                name: 'builtinWidget',
+                value: item.builtinWidget
+            });
+        } else if (item.targetNoteId) {
+            attrs.push({
+                type: 'relation',
+                name: 'template',
+                value: LBTPL_NOTE_LAUNCHER
+            });
+            attrs.push({
+                type: 'relation',
+                name: 'target',
+                value: item.targetNoteId
+            });
+        } else {
+            throw new Error(`No action defined for launcher ${JSON.stringify(item)}`);
+        }
     }
 
-    if (item.isExpanded !== undefined && branch.isExpanded !== item.isExpanded) {
-      branch.isExpanded = item.isExpanded;
-      branch.save();
+    if (note.type !== item.type) {
+        // enforce a correct note type
+        note.type = item.type;
+        note.save();
     }
-  }
 
-  for (const attr of attrs) {
-    const attrId = note.noteId + '_' + attr.type.charAt(0) + attr.name;
+    if (branch) {
+        // in case of launchers the branch ID is not preserved and should not be relied upon - launchers which move between
+        // visible and available will change branch since the branch's parent-child relationship is immutable
+        if (item.notePosition !== undefined && branch.notePosition !== item.notePosition) {
+            branch.notePosition = item.notePosition;
+            branch.save();
+        }
 
-    if (!note.getAttributes().find((attr) => attr.attributeId === attrId)) {
-      new BAttribute({
-        attributeId: attrId,
-        noteId: note.noteId,
-        type: attr.type,
-        name: attr.name,
-        value: attr.value,
-        isInheritable: false,
-      }).save();
+        if (item.isExpanded !== undefined && branch.isExpanded !== item.isExpanded) {
+            branch.isExpanded = item.isExpanded;
+            branch.save();
+        }
     }
-  }
 
-  for (const child of item.children || []) {
-    checkHiddenSubtreeRecursively(item.id, child);
-  }
+    for (const attr of attrs) {
+        const attrId = note.noteId + '_' + attr.type.charAt(0) + attr.name;
+
+        if (!note.getAttributes().find((attr) => attr.attributeId === attrId)) {
+            new BAttribute({
+                attributeId: attrId,
+                noteId: note.noteId,
+                type: attr.type,
+                name: attr.name,
+                value: attr.value,
+                isInheritable: false
+            }).save();
+        }
+    }
+
+    for (const child of item.children || []) {
+        checkHiddenSubtreeRecursively(item.id, child);
+    }
 }
 
 export = {
-  checkHiddenSubtree,
-  LBTPL_ROOT,
-  LBTPL_BASE,
-  LBTPL_COMMAND,
-  LBTPL_NOTE_LAUNCHER,
-  LBTPL_SCRIPT,
-  LBTPL_BUILTIN_WIDGET,
-  LBTPL_SPACER,
-  LBTPL_CUSTOM_WIDGET,
+    checkHiddenSubtree,
+    LBTPL_ROOT,
+    LBTPL_BASE,
+    LBTPL_COMMAND,
+    LBTPL_NOTE_LAUNCHER,
+    LBTPL_SCRIPT,
+    LBTPL_BUILTIN_WIDGET,
+    LBTPL_SPACER,
+    LBTPL_CUSTOM_WIDGET
 };
diff --git a/src/services/options.ts b/src/services/options.ts
index e0d01370c6..0cb8f6a219 100644
--- a/src/services/options.ts
+++ b/src/services/options.ts
@@ -1,5 +1,5 @@
 import becca = require('../becca/becca');
-import { OptionRow } from '../becca/entities/rows';
+import {OptionRow} from '../becca/entities/rows';
 import sql = require('./sql');
 
 function getOptionOrNull(name: string): string | null {
diff --git a/src/services/options_init.ts b/src/services/options_init.ts
index 6be9814a01..5162699ec2 100644
--- a/src/services/options_init.ts
+++ b/src/services/options_init.ts
@@ -4,7 +4,7 @@ import utils = require('./utils');
 import log = require('./log');
 import dateUtils = require('./date_utils');
 import keyboardActions = require('./keyboard_actions');
-import { KeyboardShortcutWithRequiredActionName } from './keyboard_actions_interface';
+import {KeyboardShortcutWithRequiredActionName} from './keyboard_actions_interface';
 
 function initDocumentOptions() {
     optionService.createOption('documentId', utils.randomSecureToken(16), false);
@@ -41,7 +41,7 @@ function initNotSyncedOptions(initialized: boolean, opts: NotSyncedOpts = {}) {
     let theme = 'dark'; // default based on the poll in https://github.com/zadam/trilium/issues/2516
 
     if (utils.isElectron()) {
-        const { nativeTheme } = require('electron');
+        const {nativeTheme} = require('electron');
 
         theme = nativeTheme.shouldUseDarkColors ? 'dark' : 'light';
     }
@@ -54,78 +54,78 @@ function initNotSyncedOptions(initialized: boolean, opts: NotSyncedOpts = {}) {
 }
 
 const defaultOptions = [
-    { name: 'revisionSnapshotTimeInterval', value: '600', isSynced: true },
-    { name: 'protectedSessionTimeout', value: '600', isSynced: true },
+    {name: 'revisionSnapshotTimeInterval', value: '600', isSynced: true},
+    {name: 'protectedSessionTimeout', value: '600', isSynced: true},
     {
         name: 'zoomFactor',
         value: process.platform === 'win32' ? '0.9' : '1.0',
         isSynced: false
     },
-    { name: 'overrideThemeFonts', value: 'false', isSynced: false },
-    { name: 'mainFontFamily', value: 'theme', isSynced: false },
-    { name: 'mainFontSize', value: '100', isSynced: false },
-    { name: 'treeFontFamily', value: 'theme', isSynced: false },
-    { name: 'treeFontSize', value: '100', isSynced: false },
-    { name: 'detailFontFamily', value: 'theme', isSynced: false },
-    { name: 'detailFontSize', value: '110', isSynced: false },
-    { name: 'monospaceFontFamily', value: 'theme', isSynced: false },
-    { name: 'monospaceFontSize', value: '110', isSynced: false },
-    { name: 'spellCheckEnabled', value: 'true', isSynced: false },
-    { name: 'spellCheckLanguageCode', value: 'en-US', isSynced: false },
-    { name: 'imageMaxWidthHeight', value: '2000', isSynced: true },
-    { name: 'imageJpegQuality', value: '75', isSynced: true },
-    { name: 'autoFixConsistencyIssues', value: 'true', isSynced: false },
-    { name: 'vimKeymapEnabled', value: 'false', isSynced: false },
-    { name: 'codeLineWrapEnabled', value: 'true', isSynced: false },
+    {name: 'overrideThemeFonts', value: 'false', isSynced: false},
+    {name: 'mainFontFamily', value: 'theme', isSynced: false},
+    {name: 'mainFontSize', value: '100', isSynced: false},
+    {name: 'treeFontFamily', value: 'theme', isSynced: false},
+    {name: 'treeFontSize', value: '100', isSynced: false},
+    {name: 'detailFontFamily', value: 'theme', isSynced: false},
+    {name: 'detailFontSize', value: '110', isSynced: false},
+    {name: 'monospaceFontFamily', value: 'theme', isSynced: false},
+    {name: 'monospaceFontSize', value: '110', isSynced: false},
+    {name: 'spellCheckEnabled', value: 'true', isSynced: false},
+    {name: 'spellCheckLanguageCode', value: 'en-US', isSynced: false},
+    {name: 'imageMaxWidthHeight', value: '2000', isSynced: true},
+    {name: 'imageJpegQuality', value: '75', isSynced: true},
+    {name: 'autoFixConsistencyIssues', value: 'true', isSynced: false},
+    {name: 'vimKeymapEnabled', value: 'false', isSynced: false},
+    {name: 'codeLineWrapEnabled', value: 'true', isSynced: false},
     {
         name: 'codeNotesMimeTypes',
         value: '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]',
         isSynced: true
     },
-    { name: 'leftPaneWidth', value: '25', isSynced: false },
-    { name: 'leftPaneVisible', value: 'true', isSynced: false },
-    { name: 'rightPaneWidth', value: '25', isSynced: false },
-    { name: 'rightPaneVisible', value: 'true', isSynced: false },
-    { name: 'nativeTitleBarVisible', value: 'false', isSynced: false },
+    {name: 'leftPaneWidth', value: '25', isSynced: false},
+    {name: 'leftPaneVisible', value: 'true', isSynced: false},
+    {name: 'rightPaneWidth', value: '25', isSynced: false},
+    {name: 'rightPaneVisible', value: 'true', isSynced: false},
+    {name: 'nativeTitleBarVisible', value: 'false', isSynced: false},
     {
         name: 'eraseEntitiesAfterTimeInSeconds',
         value: '604800',
         isSynced: true
     }, // default is 7 days
-    { name: 'hideArchivedNotes_main', value: 'false', isSynced: false },
-    { name: 'debugModeEnabled', value: 'false', isSynced: false },
-    { name: 'headingStyle', value: 'underline', isSynced: true },
-    { name: 'autoCollapseNoteTree', value: 'true', isSynced: true },
-    { name: 'autoReadonlySizeText', value: '10000', isSynced: false },
-    { name: 'autoReadonlySizeCode', value: '30000', isSynced: false },
-    { name: 'dailyBackupEnabled', value: 'true', isSynced: false },
-    { name: 'weeklyBackupEnabled', value: 'true', isSynced: false },
-    { name: 'monthlyBackupEnabled', value: 'true', isSynced: false },
-    { name: 'maxContentWidth', value: '1200', isSynced: false },
-    { name: 'compressImages', value: 'true', isSynced: true },
-    { name: 'downloadImagesAutomatically', value: 'true', isSynced: true },
-    { name: 'minTocHeadings', value: '5', isSynced: true },
+    {name: 'hideArchivedNotes_main', value: 'false', isSynced: false},
+    {name: 'debugModeEnabled', value: 'false', isSynced: false},
+    {name: 'headingStyle', value: 'underline', isSynced: true},
+    {name: 'autoCollapseNoteTree', value: 'true', isSynced: true},
+    {name: 'autoReadonlySizeText', value: '10000', isSynced: false},
+    {name: 'autoReadonlySizeCode', value: '30000', isSynced: false},
+    {name: 'dailyBackupEnabled', value: 'true', isSynced: false},
+    {name: 'weeklyBackupEnabled', value: 'true', isSynced: false},
+    {name: 'monthlyBackupEnabled', value: 'true', isSynced: false},
+    {name: 'maxContentWidth', value: '1200', isSynced: false},
+    {name: 'compressImages', value: 'true', isSynced: true},
+    {name: 'downloadImagesAutomatically', value: 'true', isSynced: true},
+    {name: 'minTocHeadings', value: '5', isSynced: true},
     {
         name: 'highlightsList',
         value: '["bold","italic","underline","color","bgColor"]',
         isSynced: true
     },
-    { name: 'checkForUpdates', value: 'true', isSynced: true },
-    { name: 'disableTray', value: 'false', isSynced: false },
+    {name: 'checkForUpdates', value: 'true', isSynced: true},
+    {name: 'disableTray', value: 'false', isSynced: false},
     {
         name: 'eraseUnusedAttachmentsAfterSeconds',
         value: '2592000',
         isSynced: true
     },
-    { name: 'customSearchEngineName', value: 'DuckDuckGo', isSynced: true },
+    {name: 'customSearchEngineName', value: 'DuckDuckGo', isSynced: true},
     {
         name: 'customSearchEngineUrl',
         value: 'https://duckduckgo.com/?q={keyword}',
         isSynced: true
     },
-    { name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true },
-    { name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true },
-    { name: 'totpEnabled', value: 'false', isSynced: true }
+    {name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true},
+    {name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true},
+    {name: 'totpEnabled', value: 'false', isSynced: true}
 ];
 
 function initStartupOptions() {
@@ -133,7 +133,7 @@ function initStartupOptions() {
 
     const allDefaultOptions = defaultOptions.concat(getKeyboardDefaultOptions());
 
-    for (const { name, value, isSynced } of allDefaultOptions) {
+    for (const {name, value, isSynced} of allDefaultOptions) {
         if (!(name in optionsMap)) {
             optionService.createOption(name, value, isSynced);
 
diff --git a/src/services/totp_secret.ts b/src/services/totp_secret.ts
index ff4ab0d533..be3ce814af 100644
--- a/src/services/totp_secret.ts
+++ b/src/services/totp_secret.ts
@@ -8,27 +8,27 @@ import log = require('./log');
 const totpSecretPath = `${dataDir.TRILIUM_DATA_DIR}/totp_secret.txt`;
 
 function saveTotpSecret(secret: string) {
-  if (!fs.existsSync(totpSecretPath)) log.info('Generated totp secret file');
+    if (!fs.existsSync(totpSecretPath)) log.info('Generated totp secret file');
 
-  fs.writeFileSync(totpSecretPath, secret, 'utf8');
+    fs.writeFileSync(totpSecretPath, secret, 'utf8');
 }
 
 function getTotpSecret() {
-  return fs.readFileSync(totpSecretPath, 'utf8');
+    return fs.readFileSync(totpSecretPath, 'utf8');
 }
 
 function checkForTotSecret() {
-  return fs.existsSync(totpSecretPath);
+    return fs.existsSync(totpSecretPath);
 }
 
 function removeTotpSecret() {
-  console.log('Attempting to remove secret');
-  fs.unlink(totpSecretPath, (a) => {
-    console.log('Unable to remove totp secret');
-    console.log(a);
-    return false;
-  });
-  return true;
+    console.log('Attempting to remove secret');
+    fs.unlink(totpSecretPath, (a) => {
+        console.log('Unable to remove totp secret');
+        console.log(a);
+        return false;
+    });
+    return true;
 }
 
-export = { saveTotpSecret, getTotpSecret, checkForTotSecret, removeTotpSecret };
+export = {saveTotpSecret, getTotpSecret, checkForTotSecret, removeTotpSecret};

From 349f6b00156d586ef6cc8c7e964213d695d82bd8 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 12 May 2024 13:20:57 -0700
Subject: [PATCH 18/63] Formatting

---
 .../widgets/type_widgets/content_widget.js    | 85 ++++++++++---------
 .../type_widgets/options/options_widget.js    | 28 +++---
 2 files changed, 60 insertions(+), 53 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/content_widget.js b/src/public/app/widgets/type_widgets/content_widget.js
index 24eabc1be5..22898ea79b 100644
--- a/src/public/app/widgets/type_widgets/content_widget.js
+++ b/src/public/app/widgets/type_widgets/content_widget.js
@@ -1,38 +1,38 @@
-import TypeWidget from './type_widget.js';
-import ZoomFactorOptions from './options/appearance/zoom_factor.js';
-import NativeTitleBarOptions from './options/appearance/native_title_bar.js';
-import ThemeOptions from './options/appearance/theme.js';
-import FontsOptions from './options/appearance/fonts.js';
-import MaxContentWidthOptions from './options/appearance/max_content_width.js';
-import KeyboardShortcutsOptions from './options/shortcuts.js';
-import HeadingStyleOptions from './options/text_notes/heading_style.js';
-import TableOfContentsOptions from './options/text_notes/table_of_contents.js';
-import HighlightsListOptions from './options/text_notes/highlights_list.js';
-import TextAutoReadOnlySizeOptions from './options/text_notes/text_auto_read_only_size.js';
-import VimKeyBindingsOptions from './options/code_notes/vim_key_bindings.js';
-import WrapLinesOptions from './options/code_notes/wrap_lines.js';
-import CodeAutoReadOnlySizeOptions from './options/code_notes/code_auto_read_only_size.js';
-import CodeMimeTypesOptions from './options/code_notes/code_mime_types.js';
-import ImageOptions from './options/images/images.js';
-import SpellcheckOptions from './options/spellcheck.js';
-import PasswordOptions from './options/password.js';
-import EtapiOptions from './options/etapi.js';
-import BackupOptions from './options/backup.js';
-import SyncOptions from './options/sync.js';
-import SearchEngineOptions from './options/other/search_engine.js';
-import TrayOptions from './options/other/tray.js';
-import NoteErasureTimeoutOptions from './options/other/note_erasure_timeout.js';
-import RevisionsSnapshotIntervalOptions from './options/other/revisions_snapshot_interval.js';
-import NetworkConnectionsOptions from './options/other/network_connections.js';
-import AdvancedSyncOptions from './options/advanced/sync.js';
-import DatabaseIntegrityCheckOptions from './options/advanced/database_integrity_check.js';
-import ConsistencyChecksOptions from './options/advanced/consistency_checks.js';
-import VacuumDatabaseOptions from './options/advanced/vacuum_database.js';
-import DatabaseAnonymizationOptions from './options/advanced/database_anonymization.js';
-import BackendLogWidget from './content/backend_log.js';
-import AttachmentErasureTimeoutOptions from './options/other/attachment_erasure_timeout.js';
-import RibbonOptions from './options/appearance/ribbon.js';
-import MultiFactorAuthenticationOptions from './options/multi_factor_authentication.js';
+import TypeWidget from "./type_widget.js";
+import ZoomFactorOptions from "./options/appearance/zoom_factor.js";
+import NativeTitleBarOptions from "./options/appearance/native_title_bar.js";
+import ThemeOptions from "./options/appearance/theme.js";
+import FontsOptions from "./options/appearance/fonts.js";
+import MaxContentWidthOptions from "./options/appearance/max_content_width.js";
+import KeyboardShortcutsOptions from "./options/shortcuts.js";
+import HeadingStyleOptions from "./options/text_notes/heading_style.js";
+import TableOfContentsOptions from "./options/text_notes/table_of_contents.js";
+import HighlightsListOptions from "./options/text_notes/highlights_list.js";
+import TextAutoReadOnlySizeOptions from "./options/text_notes/text_auto_read_only_size.js";
+import VimKeyBindingsOptions from "./options/code_notes/vim_key_bindings.js";
+import WrapLinesOptions from "./options/code_notes/wrap_lines.js";
+import CodeAutoReadOnlySizeOptions from "./options/code_notes/code_auto_read_only_size.js";
+import CodeMimeTypesOptions from "./options/code_notes/code_mime_types.js";
+import ImageOptions from "./options/images/images.js";
+import SpellcheckOptions from "./options/spellcheck.js";
+import PasswordOptions from "./options/password.js";
+import EtapiOptions from "./options/etapi.js";
+import BackupOptions from "./options/backup.js";
+import SyncOptions from "./options/sync.js";
+import SearchEngineOptions from "./options/other/search_engine.js";
+import TrayOptions from "./options/other/tray.js";
+import NoteErasureTimeoutOptions from "./options/other/note_erasure_timeout.js";
+import RevisionsSnapshotIntervalOptions from "./options/other/revisions_snapshot_interval.js";
+import NetworkConnectionsOptions from "./options/other/network_connections.js";
+import AdvancedSyncOptions from "./options/advanced/sync.js";
+import DatabaseIntegrityCheckOptions from "./options/advanced/database_integrity_check.js";
+import ConsistencyChecksOptions from "./options/advanced/consistency_checks.js";
+import VacuumDatabaseOptions from "./options/advanced/vacuum_database.js";
+import DatabaseAnonymizationOptions from "./options/advanced/database_anonymization.js";
+import BackendLogWidget from "./content/backend_log.js";
+import AttachmentErasureTimeoutOptions from "./options/other/attachment_erasure_timeout.js";
+import RibbonOptions from "./options/appearance/ribbon.js";
+import MultiFactorAuthenticationOptions from "./options/multi_factor_authentication.js";
 
 const TPL = `<div class="note-detail-content-widget note-detail-printable">
     <style>
@@ -69,7 +69,12 @@ const CONTENT_WIDGETS = {
         HighlightsListOptions,
         TextAutoReadOnlySizeOptions
     ],
-    _optionsCodeNotes: [VimKeyBindingsOptions, WrapLinesOptions, CodeAutoReadOnlySizeOptions, CodeMimeTypesOptions],
+    _optionsCodeNotes: [
+        VimKeyBindingsOptions,
+        WrapLinesOptions,
+        CodeAutoReadOnlySizeOptions,
+        CodeMimeTypesOptions
+    ],
     _optionsMFA: [MultiFactorAuthenticationOptions],
     _optionsImages: [ImageOptions],
     _optionsSpellcheck: [SpellcheckOptions],
@@ -97,12 +102,14 @@ const CONTENT_WIDGETS = {
 
 export default class ContentWidgetTypeWidget extends TypeWidget {
     static getType() {
-        return 'contentWidget';
+        return "contentWidget";
     }
     2;
     doRender() {
         this.$widget = $(TPL);
-        this.$content = this.$widget.find('.note-detail-content-widget-content');
+        this.$content = this.$widget.find(
+            ".note-detail-content-widget-content"
+        );
 
         super.doRender();
     }
@@ -117,7 +124,7 @@ export default class ContentWidgetTypeWidget extends TypeWidget {
             for (const clazz of contentWidgets) {
                 const widget = new clazz();
 
-                await widget.handleEvent('setNoteContext', {
+                await widget.handleEvent("setNoteContext", {
                     noteContext: this.noteContext
                 });
                 this.child(widget);
diff --git a/src/public/app/widgets/type_widgets/options/options_widget.js b/src/public/app/widgets/type_widgets/options/options_widget.js
index 86afe7ba32..5b55c780f0 100644
--- a/src/public/app/widgets/type_widgets/options/options_widget.js
+++ b/src/public/app/widgets/type_widgets/options/options_widget.js
@@ -1,6 +1,6 @@
-import server from '../../../services/server.js';
-import toastService from '../../../services/toast.js';
-import NoteContextAwareWidget from '../../note_context_aware_widget.js';
+import server from "../../../services/server.js";
+import toastService from "../../../services/toast.js";
+import NoteContextAwareWidget from "../../note_context_aware_widget.js";
 
 export default class OptionsWidget extends NoteContextAwareWidget {
     constructor() {
@@ -10,46 +10,46 @@ export default class OptionsWidget extends NoteContextAwareWidget {
     }
 
     async updateOption(name, value) {
-        const opts = { [name]: value };
+        const opts = {[name]: value};
 
         await this.updateMultipleOptions(opts);
     }
 
     async updateMultipleOptions(opts) {
-        await server.put('options', opts);
+        await server.put("options", opts);
 
         this.showUpdateNotification();
     }
 
     showUpdateNotification() {
         toastService.showPersistent({
-            id: 'options-change-saved',
-            title: 'Options status',
-            message: 'Options change have been saved.',
-            icon: 'slider',
+            id: "options-change-saved",
+            title: "Options status",
+            message: "Options change have been saved.",
+            icon: "slider",
             closeAfter: 2000
         });
     }
 
     async updateCheckboxOption(name, $checkbox) {
-        const isChecked = $checkbox.prop('checked');
+        const isChecked = $checkbox.prop("checked");
 
-        return await this.updateOption(name, isChecked ? 'true' : 'false');
+        return await this.updateOption(name, isChecked ? "true" : "false");
     }
 
     setCheckboxState($checkbox, optionValue) {
-        $checkbox.prop('checked', optionValue === 'true');
+        $checkbox.prop("checked", optionValue === "true");
     }
 
     optionsLoaded(options) {}
 
     async refreshWithNote(note) {
-        const options = await server.get('options');
+        const options = await server.get("options");
 
         this.optionsLoaded(options);
     }
 
-    async entitiesReloadedEvent({ loadResults }) {
+    async entitiesReloadedEvent({loadResults}) {
         if (loadResults.getOptionNames().length > 0) {
             this.refresh();
         }

From 28151d78a890a8f83b0d427676bf4214512f584a Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 12 May 2024 16:18:43 -0700
Subject: [PATCH 19/63] Removed unused code

---
 src/services/encryption/totp_secret.ts | 53 +++-----------------------
 1 file changed, 5 insertions(+), 48 deletions(-)

diff --git a/src/services/encryption/totp_secret.ts b/src/services/encryption/totp_secret.ts
index abcf8facf7..fe8d606b48 100644
--- a/src/services/encryption/totp_secret.ts
+++ b/src/services/encryption/totp_secret.ts
@@ -10,45 +10,18 @@ function isTotpSecretSet() {
     return !!sql.getValue("SELECT value FROM options WHERE name = 'passwordVerificationHash'");
 }
 
-function changePassword(currentSecret: string, newSecret: string) {
-    if (!isTotpSecretSet()) {
-        throw new Error("TOTP Secret has not been set yet, so it cannot be changed. Use 'setTotpSecret' instead.");
-    }
-
-    sql.transactional(() => {
-        const decryptedDataKey = totpEncryptionService.getDataKey(currentSecret);
-
-        optionService.setOption('totpSecretVerificationSalt', utils.randomSecureToken(32));
-        optionService.setOption('totpSecretDerivedKeySalt', utils.randomSecureToken(32));
-
-        const newTotpSecretVerificationKey = utils.toBase64(myScryptService.getTotpSecretVerificationHash(newSecret));
-
-        if (decryptedDataKey) {
-            // TODO: what should happen if the decrypted data key is null?
-            totpEncryptionService.setDataKey(newSecret, decryptedDataKey);
-        }
-
-        optionService.setOption('totpSecretVerificationHash', newTotpSecretVerificationKey);
-    });
-
-    return {
-        success: true
-    };
-}
-
 function setTotpSecret(secret: string) {
     if (isTotpSecretSet()) {
         throw new Error("TOTP Secret is set already. Either change it or perform 'reset TOTP' first.");
     }
 
-    optionService.createOption('totpSecretVerificationSalt', utils.randomSecureToken(32), true);
-    optionService.createOption('totpSecretDerivedKeySalt', utils.randomSecureToken(32), true);
+    optionService.setOption('totpSecretVerificationSalt', utils.randomSecureToken(32));
+    optionService.setOption('totpSecretDerivedKeySalt', utils.randomSecureToken(32));
 
     const totpSecretVerificationKey = utils.toBase64(myScryptService.getTotpSecretVerificationHash(secret));
-    optionService.createOption('totpSecretVerificationHash', totpSecretVerificationKey, true);
+    optionService.setOption('totpSecretVerificationHash', totpSecretVerificationKey);
 
-    // totpEncryptionService expects these options to already exist
-    optionService.createOption('encryptedTotpSecretDataKey', '', true);
+    optionService.setOption('encryptedTotpSecretDataKey', '');
 
     totpEncryptionService.setDataKey(secret, utils.randomSecureToken(16));
 
@@ -57,23 +30,7 @@ function setTotpSecret(secret: string) {
     };
 }
 
-function resetPassword() {
-    // user forgot the password,
-    sql.transactional(() => {
-        optionService.setOption('passwordVerificationSalt', '');
-        optionService.setOption('passwordDerivedKeySalt', '');
-        optionService.setOption('encryptedDataKey', '');
-        optionService.setOption('passwordVerificationHash', '');
-    });
-
-    return {
-        success: true
-    };
-}
-
 export = {
     isTotpSecretSet,
-    changePassword,
-    setTotpSecret,
-    resetPassword
+    setTotpSecret
 };

From cab43c75f523bd180ce6580e3252e5144dbac596 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 12 May 2024 16:24:24 -0700
Subject: [PATCH 20/63] Formatting/minor changes

---
 .../options/multi_factor_authentication.js    |  6 ++----
 src/routes/api/totp.ts                        | 15 +-------------
 src/services/encryption/my_scrypt.ts          | 14 ++++++-------
 .../encryption/password_encryption.ts         | 20 +++++--------------
 4 files changed, 15 insertions(+), 40 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 747cc7e112..381f6bc1c8 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -115,9 +115,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
         });
 
         this.$protectedSessionTimeout = this.$widget.find('.protected-session-timeout-in-seconds');
-        this.$protectedSessionTimeout.on('change', () =>
-            this.updateOption('protectedSessionTimeout', this.$protectedSessionTimeout.val())
-        );
+        this.$protectedSessionTimeout.on('change', () => this.updateOption('protectedSessionTimeout', this.$protectedSessionTimeout.val()));
 
         this.displayRecoveryKeys();
     }
@@ -195,7 +193,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
             })
             .then((result) => {
                 if (result.success) {
-                    toastService.showError('Password has been changed. Trilium will be reloaded after you press OK.');
+                    toastService.showError('TOTP Secret has been set');
 
                     // password changed so current protected session is invalid and needs to be cleared
                     protectedSessionHolder.resetProtectedSession();
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index 5ab40052fe..784ac8d9f9 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -6,17 +6,6 @@ import totp_fs = require('../../services/totp_secret');
 import ValidationError = require('../../errors/validation_error');
 const speakeasy = require('speakeasy');
 
-function verifyOTPToken(guessedToken: any) {
-    const tokenValidates = speakeasy.totp.verify({
-        secret: process.env.MFA_SECRET,
-        encoding: 'base32',
-        token: guessedToken,
-        window: 1
-    });
-
-    return tokenValidates;
-}
-
 function generateSecret() {
     return {success: 'true', message: speakeasy.generateSecret().base32};
 }
@@ -38,8 +27,7 @@ function disableTOTP() {
 }
 
 function setTotpSecret(req: Request) {
-    if (!passwordEncryptionService.verifyPassword(req.body.password))
-        throw new ValidationError('Incorrect password reset confirmation');
+    if (!passwordEncryptionService.verifyPassword(req.body.password)) throw new ValidationError('Incorrect password reset confirmation');
 
     const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
     if (req.body.secret.length != 52) return;
@@ -53,7 +41,6 @@ function getSecret() {
 }
 
 export = {
-    verifyOTPToken,
     generateSecret,
     checkForTOTP,
     enableTOTP,
diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index 6c226e0366..495ae62bf7 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -1,16 +1,16 @@
-'use strict';
+"use strict";
 
-import optionService = require('../options');
-import crypto = require('crypto');
+import optionService = require("../options");
+import crypto = require("crypto");
 
 function getVerificationHash(password: crypto.BinaryLike) {
-    const salt = optionService.getOption('passwordVerificationSalt');
+    const salt = optionService.getOption("passwordVerificationSalt");
 
     return getScryptHash(password, salt);
 }
 
 function getPasswordDerivedKey(password: crypto.BinaryLike) {
-    const salt = optionService.getOption('passwordDerivedKeySalt');
+    const salt = optionService.getOption("passwordDerivedKeySalt");
 
     return getScryptHash(password, salt);
 }
@@ -26,13 +26,13 @@ function getScryptHash(password: crypto.BinaryLike, salt: crypto.BinaryLike) {
 }
 
 function getTotpSecretVerificationHash(secret: crypto.BinaryLike) {
-    const salt = optionService.getOption('totpSecretVerificationSalt');
+    const salt = optionService.getOption("totpSecretVerificationSalt");
 
     return getScryptHash(secret, salt);
 }
 
 function getTotpSecretDerivedKey(secret: crypto.BinaryLike) {
-    const salt = optionService.getOption('totpSecretDerivedKeySalt');
+    const salt = optionService.getOption("totpSecretDerivedKeySalt");
 
     return getScryptHash(secret, salt);
 }
diff --git a/src/services/encryption/password_encryption.ts b/src/services/encryption/password_encryption.ts
index 97db57bffe..c0dd067358 100644
--- a/src/services/encryption/password_encryption.ts
+++ b/src/services/encryption/password_encryption.ts
@@ -4,13 +4,9 @@ import utils = require("../utils");
 import dataEncryptionService = require("./data_encryption");
 
 function verifyPassword(password: string) {
-    const givenPasswordHash = utils.toBase64(
-        myScryptService.getVerificationHash(password)
-    );
+    const givenPasswordHash = utils.toBase64(myScryptService.getVerificationHash(password));
 
-    const dbPasswordHash = optionService.getOptionOrNull(
-        "passwordVerificationHash"
-    );
+    const dbPasswordHash = optionService.getOptionOrNull("passwordVerificationHash");
 
     if (!dbPasswordHash) {
         return false;
@@ -22,10 +18,7 @@ function verifyPassword(password: string) {
 function setDataKey(password: string, plainTextDataKey: string | Buffer) {
     const passwordDerivedKey = myScryptService.getPasswordDerivedKey(password);
 
-    const newEncryptedDataKey = dataEncryptionService.encrypt(
-        passwordDerivedKey,
-        plainTextDataKey
-    );
+    const newEncryptedDataKey = dataEncryptionService.encrypt(passwordDerivedKey, plainTextDataKey);
 
     optionService.setOption("encryptedDataKey", newEncryptedDataKey);
 }
@@ -35,10 +28,7 @@ function getDataKey(password: string) {
 
     const encryptedDataKey = optionService.getOption("encryptedDataKey");
 
-    const decryptedDataKey = dataEncryptionService.decrypt(
-        passwordDerivedKey,
-        encryptedDataKey
-    );
+    const decryptedDataKey = dataEncryptionService.decrypt(passwordDerivedKey, encryptedDataKey);
 
     return decryptedDataKey;
 }
@@ -46,5 +36,5 @@ function getDataKey(password: string) {
 export = {
     verifyPassword,
     getDataKey,
-    setDataKey,
+    setDataKey
 };

From 67801725f77278485b78c3562f830d7ed99843b3 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 12 May 2024 16:28:11 -0700
Subject: [PATCH 21/63] Formatting

---
 src/routes/routes.ts           | 949 ++++++++++++++-------------------
 src/services/hidden_subtree.ts | 663 +++++++----------------
 2 files changed, 605 insertions(+), 1007 deletions(-)

diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index a479a34c51..1ca5b89b78 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -10,7 +10,7 @@ import cls = require('../services/cls');
 import sql = require('../services/sql');
 import entityChangesService = require('../services/entity_changes');
 import csurf = require('csurf');
-import { createPartialContentHandler } from 'express-partial-content';
+import {createPartialContentHandler} from 'express-partial-content';
 import rateLimit = require('express-rate-limit');
 import AbstractBeccaEntity = require('../becca/entities/abstract_becca_entity');
 import NotFoundError = require('../errors/not_found_error');
@@ -72,20 +72,20 @@ import etapiNoteRoutes = require('../etapi/notes');
 import etapiSpecialNoteRoutes = require('../etapi/special_notes');
 import etapiSpecRoute = require('../etapi/spec');
 import etapiBackupRoute = require('../etapi/backup');
-import { AppRequest, AppRequestHandler } from './route-interface';
+import {AppRequest, AppRequestHandler} from './route-interface';
 
 const csrfMiddleware = csurf({
-  cookie: {
-    path: '', // empty, so cookie is valid only for the current path
-  },
+    cookie: {
+        path: '' // empty, so cookie is valid only for the current path
+    }
 });
 
 const MAX_ALLOWED_FILE_SIZE_MB = 250;
 const GET = 'get',
-  PST = 'post',
-  PUT = 'put',
-  PATCH = 'patch',
-  DEL = 'delete';
+    PST = 'post',
+    PUT = 'put',
+    PATCH = 'patch',
+    DEL = 'delete';
 
 type ApiResultHandler = (req: express.Request, res: express.Response, result: unknown) => number;
 
@@ -94,583 +94,452 @@ type HttpMethod = 'all' | 'get' | 'post' | 'put' | 'delete' | 'patch' | 'options
 
 const uploadMiddleware = createUploadMiddleware();
 
-const uploadMiddlewareWithErrorHandling = function (
-  req: express.Request,
-  res: express.Response,
-  next: express.NextFunction
-) {
-  uploadMiddleware(req, res, function (err) {
-    if (err?.code === 'LIMIT_FILE_SIZE') {
-      res
-        .setHeader('Content-Type', 'text/plain')
-        .status(400)
-        .send(`Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`);
-    } else {
-      next();
-    }
-  });
+const uploadMiddlewareWithErrorHandling = function (req: express.Request, res: express.Response, next: express.NextFunction) {
+    uploadMiddleware(req, res, function (err) {
+        if (err?.code === 'LIMIT_FILE_SIZE') {
+            res.setHeader('Content-Type', 'text/plain').status(400).send(`Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`);
+        } else {
+            next();
+        }
+    });
 };
 
 function register(app: express.Application) {
-  route(GET, '/', [auth.checkAuth, csrfMiddleware], indexRoute.index);
-  route(GET, '/login', [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage);
-  route(GET, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage);
-
-  const loginRateLimiter = rateLimit.rateLimit({
-    windowMs: 15 * 60 * 1000, // 15 minutes
-    max: 10, // limit each IP to 10 requests per windowMs
-    skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
-  });
-
-  route(PST, '/login', [loginRateLimiter], loginRoute.login);
-  route(PST, '/logout', [csrfMiddleware, auth.checkAuth], loginRoute.logout);
-  route(PST, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPassword);
-  route(GET, '/setup', [], setupRoute.setupPage);
-
-  apiRoute(GET, '/api/totp/generate', totp.generateSecret);
-  apiRoute(GET, '/api/totp/enabled', totp.checkForTOTP);
-  apiRoute(PST, '/api/totp/enable', totp.enableTOTP);
-  apiRoute(PST, '/api/totp/disable', totp.disableTOTP);
-  apiRoute(PST, '/api/totp/set', totp.setTotpSecret);
-  apiRoute(GET, '/api/totp/get', totp.getSecret);
-
-  apiRoute(PST, '/api/totp_recovery/set', recoveryCodes.setRecoveryCodes);
-  apiRoute(PST, '/api/totp_recovery/verify', recoveryCodes.veryifyRecoveryCode);
-  apiRoute(GET, '/api/totp_recovery/generate', recoveryCodes.generateRecoveryCodes);
-  apiRoute(GET, '/api/totp_recovery/enabled', recoveryCodes.checkForRecoveryKeys);
-  apiRoute(GET, '/api/totp_recovery/used', recoveryCodes.getUsedRecoveryCodes);
-
-  apiRoute(GET, '/api/tree', treeApiRoute.getTree);
-  apiRoute(PST, '/api/tree/load', treeApiRoute.load);
-
-  apiRoute(GET, '/api/notes/:noteId', notesApiRoute.getNote);
-  apiRoute(GET, '/api/notes/:noteId/blob', notesApiRoute.getNoteBlob);
-  apiRoute(GET, '/api/notes/:noteId/metadata', notesApiRoute.getNoteMetadata);
-  apiRoute(PUT, '/api/notes/:noteId/data', notesApiRoute.updateNoteData);
-  apiRoute(DEL, '/api/notes/:noteId', notesApiRoute.deleteNote);
-  apiRoute(PUT, '/api/notes/:noteId/undelete', notesApiRoute.undeleteNote);
-  apiRoute(PST, '/api/notes/:noteId/revision', notesApiRoute.forceSaveRevision);
-  apiRoute(PST, '/api/notes/:parentNoteId/children', notesApiRoute.createNote);
-  apiRoute(PUT, '/api/notes/:noteId/sort-children', notesApiRoute.sortChildNotes);
-  apiRoute(PUT, '/api/notes/:noteId/protect/:isProtected', notesApiRoute.protectNote);
-  apiRoute(PUT, '/api/notes/:noteId/type', notesApiRoute.setNoteTypeMime);
-  apiRoute(PUT, '/api/notes/:noteId/title', notesApiRoute.changeTitle);
-  apiRoute(PST, '/api/notes/:noteId/duplicPOSTate/:parentNoteId', notesApiRoute.duplicateSubtree);
-  apiRoute(PUT, '/api/notes/:noteId/clone-to-branch/:parentBranchId', cloningApiRoute.cloneNoteToBranch);
-  apiRoute(PUT, '/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present', cloningApiRoute.toggleNoteInParent);
-  apiRoute(PUT, '/api/notes/:noteId/clone-to-note/:parentNoteId', cloningApiRoute.cloneNoteToParentNote);
-  apiRoute(PUT, '/api/notes/:noteId/clone-after/:afterBranchId', cloningApiRoute.cloneNoteAfter);
-  route(
-    PUT,
-    '/api/notes/:noteId/file',
-    [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-    filesRoute.updateFile,
-    apiResultHandler
-  );
-  route(GET, '/api/notes/:noteId/open', [auth.checkApiAuthOrElectron], filesRoute.openFile);
-  route(
-    GET,
-    '/api/notes/:noteId/open-partial',
-    [auth.checkApiAuthOrElectron],
-    createPartialContentHandler(filesRoute.fileContentProvider, {
-      debug: (string, extra) => {
-        console.log(string, extra);
-      },
-    })
-  );
-  route(GET, '/api/notes/:noteId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
-  // this "hacky" path is used for easier referencing of CSS resources
-  route(GET, '/api/notes/download/:noteId', [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
-  apiRoute(PST, '/api/notes/:noteId/save-to-tmp-dir', filesRoute.saveNoteToTmpDir);
-  apiRoute(PST, '/api/notes/:noteId/upload-modified-file', filesRoute.uploadModifiedFileToNote);
-  apiRoute(PST, '/api/notes/:noteId/convert-to-attachment', notesApiRoute.convertNoteToAttachment);
-
-  apiRoute(PUT, '/api/branches/:branchId/move-to/:parentBranchId', branchesApiRoute.moveBranchToParent);
-  apiRoute(PUT, '/api/branches/:branchId/move-before/:beforeBranchId', branchesApiRoute.moveBranchBeforeNote);
-  apiRoute(PUT, '/api/branches/:branchId/move-after/:afterBranchId', branchesApiRoute.moveBranchAfterNote);
-  apiRoute(PUT, '/api/branches/:branchId/expanded/:expanded', branchesApiRoute.setExpanded);
-  apiRoute(PUT, '/api/branches/:branchId/expanded-subtree/:expanded', branchesApiRoute.setExpandedForSubtree);
-  apiRoute(DEL, '/api/branches/:branchId', branchesApiRoute.deleteBranch);
-  apiRoute(PUT, '/api/branches/:branchId/set-prefix', branchesApiRoute.setPrefix);
-
-  apiRoute(GET, '/api/notes/:noteId/attachments', attachmentsApiRoute.getAttachments);
-  apiRoute(PST, '/api/notes/:noteId/attachments', attachmentsApiRoute.saveAttachment);
-  route(
-    PST,
-    '/api/notes/:noteId/attachments/upload',
-    [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-    attachmentsApiRoute.uploadAttachment,
-    apiResultHandler
-  );
-  apiRoute(GET, '/api/attachments/:attachmentId', attachmentsApiRoute.getAttachment);
-  apiRoute(GET, '/api/attachments/:attachmentId/all', attachmentsApiRoute.getAllAttachments);
-  apiRoute(PST, '/api/attachments/:attachmentId/convert-to-note', attachmentsApiRoute.convertAttachmentToNote);
-  apiRoute(DEL, '/api/attachments/:attachmentId', attachmentsApiRoute.deleteAttachment);
-  apiRoute(PUT, '/api/attachments/:attachmentId/rename', attachmentsApiRoute.renameAttachment);
-  apiRoute(GET, '/api/attachments/:attachmentId/blob', attachmentsApiRoute.getAttachmentBlob);
-  route(
-    GET,
-    '/api/attachments/:attachmentId/image/:filename',
-    [auth.checkApiAuthOrElectron],
-    imageRoute.returnAttachedImage
-  );
-  route(GET, '/api/attachments/:attachmentId/open', [auth.checkApiAuthOrElectron], filesRoute.openAttachment);
-  route(
-    GET,
-    '/api/attachments/:attachmentId/open-partial',
-    [auth.checkApiAuthOrElectron],
-    createPartialContentHandler(filesRoute.attachmentContentProvider, {
-      debug: (string, extra) => {
-        console.log(string, extra);
-      },
-    })
-  );
-  route(GET, '/api/attachments/:attachmentId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
-  // this "hacky" path is used for easier referencing of CSS resources
-  route(GET, '/api/attachments/download/:attachmentId', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
-  apiRoute(PST, '/api/attachments/:attachmentId/save-to-tmp-dir', filesRoute.saveAttachmentToTmpDir);
-  apiRoute(PST, '/api/attachments/:attachmentId/upload-modified-file', filesRoute.uploadModifiedFileToAttachment);
-  route(
-    PUT,
-    '/api/attachments/:attachmentId/file',
-    [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-    filesRoute.updateAttachment,
-    apiResultHandler
-  );
-
-  apiRoute(GET, '/api/notes/:noteId/revisions', revisionsApiRoute.getRevisions);
-  apiRoute(DEL, '/api/notes/:noteId/revisions', revisionsApiRoute.eraseAllRevisions);
-  apiRoute(GET, '/api/revisions/:revisionId', revisionsApiRoute.getRevision);
-  apiRoute(GET, '/api/revisions/:revisionId/blob', revisionsApiRoute.getRevisionBlob);
-  apiRoute(DEL, '/api/revisions/:revisionId', revisionsApiRoute.eraseRevision);
-  apiRoute(PST, '/api/revisions/:revisionId/restore', revisionsApiRoute.restoreRevision);
-  route(
-    GET,
-    '/api/revisions/:revisionId/image/:filename',
-    [auth.checkApiAuthOrElectron],
-    imageRoute.returnImageFromRevision
-  );
-
-  route(GET, '/api/revisions/:revisionId/download', [auth.checkApiAuthOrElectron], revisionsApiRoute.downloadRevision);
-
-  route(
-    GET,
-    '/api/branches/:branchId/export/:type/:format/:version/:taskId',
-    [auth.checkApiAuthOrElectron],
-    exportRoute.exportBranch
-  );
-  route(
-    PST,
-    '/api/notes/:parentNoteId/notes-import',
-    [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-    importRoute.importNotesToBranch,
-    apiResultHandler
-  );
-  route(
-    PST,
-    '/api/notes/:parentNoteId/attachments-import',
-    [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-    importRoute.importAttachmentsToNote,
-    apiResultHandler
-  );
-
-  apiRoute(GET, '/api/notes/:noteId/attributes', attributesRoute.getEffectiveNoteAttributes);
-  apiRoute(PST, '/api/notes/:noteId/attributes', attributesRoute.addNoteAttribute);
-  apiRoute(PUT, '/api/notes/:noteId/attributes', attributesRoute.updateNoteAttributes);
-  apiRoute(PUT, '/api/notes/:noteId/attribute', attributesRoute.updateNoteAttribute);
-  apiRoute(PUT, '/api/notes/:noteId/set-attribute', attributesRoute.setNoteAttribute);
-  apiRoute(PUT, '/api/notes/:noteId/relations/:name/to/:targetNoteId', attributesRoute.createRelation);
-  apiRoute(DEL, '/api/notes/:noteId/relations/:name/to/:targetNoteId', attributesRoute.deleteRelation);
-  apiRoute(DEL, '/api/notes/:noteId/attributes/:attributeId', attributesRoute.deleteNoteAttribute);
-  apiRoute(GET, '/api/attribute-names', attributesRoute.getAttributeNames);
-  apiRoute(GET, '/api/attribute-values/:attributeName', attributesRoute.getValuesForAttribute);
-
-  // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
-  route(GET, '/api/images/:noteId/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromNote);
-  route(
-    PUT,
-    '/api/images/:noteId',
-    [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-    imageRoute.updateImage,
-    apiResultHandler
-  );
-
-  apiRoute(GET, '/api/options', optionsApiRoute.getOptions);
-  // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
-  apiRoute(PUT, '/api/options/:name/:value*', optionsApiRoute.updateOption);
-  apiRoute(PUT, '/api/options', optionsApiRoute.updateOptions);
-  apiRoute(GET, '/api/options/user-themes', optionsApiRoute.getUserThemes);
-
-  apiRoute(PST, '/api/password/change', passwordApiRoute.changePassword);
-  apiRoute(PST, '/api/password/reset', passwordApiRoute.resetPassword);
-
-  apiRoute(PST, '/api/sync/test', syncApiRoute.testSync);
-  apiRoute(PST, '/api/sync/now', syncApiRoute.syncNow);
-  apiRoute(PST, '/api/sync/fill-entity-changes', syncApiRoute.fillEntityChanges);
-  apiRoute(PST, '/api/sync/force-full-sync', syncApiRoute.forceFullSync);
-  route(GET, '/api/sync/check', [auth.checkApiAuth], syncApiRoute.checkSync, apiResultHandler);
-  route(GET, '/api/sync/changed', [auth.checkApiAuth], syncApiRoute.getChanged, apiResultHandler);
-  route(PUT, '/api/sync/update', [auth.checkApiAuth], syncApiRoute.update, apiResultHandler);
-  route(PST, '/api/sync/finished', [auth.checkApiAuth], syncApiRoute.syncFinished, apiResultHandler);
-  route(PST, '/api/sync/check-entity-changes', [auth.checkApiAuth], syncApiRoute.checkEntityChanges, apiResultHandler);
-  route(
-    PST,
-    '/api/sync/queue-sector/:entityName/:sector',
-    [auth.checkApiAuth],
-    syncApiRoute.queueSector,
-    apiResultHandler
-  );
-  route(GET, '/api/sync/stats', [], syncApiRoute.getStats, apiResultHandler);
-
-  apiRoute(PST, '/api/recent-notes', recentNotesRoute.addRecentNote);
-  apiRoute(GET, '/api/app-info', appInfoRoute.getAppInfo);
-
-  // docker health check
-  route(GET, '/api/health-check', [], () => ({ status: 'ok' }), apiResultHandler);
-
-  // group of the services below are meant to be executed from the outside
-  route(GET, '/api/setup/status', [], setupApiRoute.getStatus, apiResultHandler);
-  route(
-    PST,
-    '/api/setup/new-document',
-    [auth.checkAppNotInitialized],
-    setupApiRoute.setupNewDocument,
-    apiResultHandler,
-    false
-  );
-  route(
-    PST,
-    '/api/setup/sync-from-server',
-    [auth.checkAppNotInitialized],
-    setupApiRoute.setupSyncFromServer,
-    apiResultHandler,
-    false
-  );
-  route(GET, '/api/setup/sync-seed', [auth.checkCredentials], setupApiRoute.getSyncSeed, apiResultHandler);
-  route(
-    PST,
-    '/api/setup/sync-seed',
-    [auth.checkAppNotInitialized],
-    setupApiRoute.saveSyncSeed,
-    apiResultHandler,
-    false
-  );
-
-  apiRoute(GET, '/api/autocomplete', autocompleteApiRoute.getAutocomplete);
-  apiRoute(GET, '/api/quick-search/:searchString', searchRoute.quickSearch);
-  apiRoute(GET, '/api/search-note/:noteId', searchRoute.searchFromNote);
-  apiRoute(PST, '/api/search-and-execute-note/:noteId', searchRoute.searchAndExecute);
-  apiRoute(PST, '/api/search-related', searchRoute.getRelatedNotes);
-  apiRoute(GET, '/api/search/:searchString', searchRoute.search);
-  apiRoute(GET, '/api/search-templates', searchRoute.searchTemplates);
-
-  apiRoute(PST, '/api/bulk-action/execute', bulkActionRoute.execute);
-  apiRoute(PST, '/api/bulk-action/affected-notes', bulkActionRoute.getAffectedNoteCount);
-
-  route(PST, '/api/login/sync', [], loginApiRoute.loginSync, apiResultHandler);
-  // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
-  apiRoute(PST, '/api/login/protected', loginApiRoute.loginToProtectedSession);
-  apiRoute(PST, '/api/login/protected/touch', loginApiRoute.touchProtectedSession);
-  apiRoute(PST, '/api/logout/protected', loginApiRoute.logoutFromProtectedSession);
-
-  route(PST, '/api/login/token', [loginRateLimiter], loginApiRoute.token, apiResultHandler);
-
-  apiRoute(GET, '/api/etapi-tokens', etapiTokensApiRoutes.getTokens);
-  apiRoute(PST, '/api/etapi-tokens', etapiTokensApiRoutes.createToken);
-  apiRoute(PATCH, '/api/etapi-tokens/:etapiTokenId', etapiTokensApiRoutes.patchToken);
-  apiRoute(DEL, '/api/etapi-tokens/:etapiTokenId', etapiTokensApiRoutes.deleteToken);
-
-  // in case of local electron, local calls are allowed unauthenticated, for server they need auth
-  const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
-
-  route(GET, '/api/clipper/handshake', clipperMiddleware, clipperRoute.handshake, apiResultHandler);
-  route(PST, '/api/clipper/clippings', clipperMiddleware, clipperRoute.addClipping, apiResultHandler);
-  route(PST, '/api/clipper/notes', clipperMiddleware, clipperRoute.createNote, apiResultHandler);
-  route(PST, '/api/clipper/open/:noteId', clipperMiddleware, clipperRoute.openNote, apiResultHandler);
-  route(GET, '/api/clipper/notes-by-url/:noteUrl', clipperMiddleware, clipperRoute.findNotesByUrl, apiResultHandler);
-
-  apiRoute(GET, '/api/special-notes/inbox/:date', specialNotesRoute.getInboxNote);
-  apiRoute(GET, '/api/special-notes/days/:date', specialNotesRoute.getDayNote);
-  apiRoute(GET, '/api/special-notes/weeks/:date', specialNotesRoute.getWeekNote);
-  apiRoute(GET, '/api/special-notes/months/:month', specialNotesRoute.getMonthNote);
-  apiRoute(GET, '/api/special-notes/years/:year', specialNotesRoute.getYearNote);
-  apiRoute(GET, '/api/special-notes/notes-for-month/:month', specialNotesRoute.getDayNotesForMonth);
-  apiRoute(PST, '/api/special-notes/sql-console', specialNotesRoute.createSqlConsole);
-  apiRoute(PST, '/api/special-notes/save-sql-console', specialNotesRoute.saveSqlConsole);
-  apiRoute(PST, '/api/special-notes/search-note', specialNotesRoute.createSearchNote);
-  apiRoute(PST, '/api/special-notes/save-search-note', specialNotesRoute.saveSearchNote);
-  apiRoute(PST, '/api/special-notes/launchers/:noteId/reset', specialNotesRoute.resetLauncher);
-  apiRoute(PST, '/api/special-notes/launchers/:parentNoteId/:launcherType', specialNotesRoute.createLauncher);
-  apiRoute(PUT, '/api/special-notes/api-script-launcher', specialNotesRoute.createOrUpdateScriptLauncherFromApi);
-
-  apiRoute(GET, '/api/sql/schema', sqlRoute.getSchema);
-  apiRoute(PST, '/api/sql/execute/:noteId', sqlRoute.execute);
-  route(
-    PST,
-    '/api/database/anonymize/:type',
-    [auth.checkApiAuthOrElectron, csrfMiddleware],
-    databaseRoute.anonymize,
-    apiResultHandler,
-    false
-  );
-  apiRoute(GET, '/api/database/anonymized-databases', databaseRoute.getExistingAnonymizedDatabases);
-
-  // backup requires execution outside of transaction
-  route(
-    PST,
-    '/api/database/backup-database',
-    [auth.checkApiAuthOrElectron, csrfMiddleware],
-    databaseRoute.backupDatabase,
-    apiResultHandler,
-    false
-  );
-  apiRoute(GET, '/api/database/backups', databaseRoute.getExistingBackups);
-
-  // VACUUM requires execution outside of transaction
-  route(
-    PST,
-    '/api/database/vacuum-database',
-    [auth.checkApiAuthOrElectron, csrfMiddleware],
-    databaseRoute.vacuumDatabase,
-    apiResultHandler,
-    false
-  );
-
-  route(
-    PST,
-    '/api/database/find-and-fix-consistency-issues',
-    [auth.checkApiAuthOrElectron, csrfMiddleware],
-    databaseRoute.findAndFixConsistencyIssues,
-    apiResultHandler,
-    false
-  );
-
-  apiRoute(GET, '/api/database/check-integrity', databaseRoute.checkIntegrity);
-
-  route(PST, '/api/script/exec', [auth.checkApiAuth, csrfMiddleware], scriptRoute.exec, apiResultHandler, false);
-
-  apiRoute(PST, '/api/script/run/:noteId', scriptRoute.run);
-  apiRoute(GET, '/api/script/startup', scriptRoute.getStartupBundles);
-  apiRoute(GET, '/api/script/widgets', scriptRoute.getWidgetBundles);
-  apiRoute(PST, '/api/script/bundle/:noteId', scriptRoute.getBundle);
-  apiRoute(GET, '/api/script/relation/:noteId/:relationName', scriptRoute.getRelationBundles);
-
-  // no CSRF since this is called from android app
-  route(PST, '/api/sender/login', [loginRateLimiter], loginApiRoute.token, apiResultHandler);
-  route(
-    PST,
-    '/api/sender/image',
-    [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
-    senderRoute.uploadImage,
-    apiResultHandler
-  );
-  route(PST, '/api/sender/note', [auth.checkEtapiToken], senderRoute.saveNote, apiResultHandler);
-
-  apiRoute(GET, '/api/keyboard-actions', keysRoute.getKeyboardActions);
-  apiRoute(GET, '/api/keyboard-shortcuts-for-notes', keysRoute.getShortcutsForNotes);
-
-  apiRoute(PST, '/api/relation-map', relationMapApiRoute.getRelationMap);
-  apiRoute(PST, '/api/notes/erase-deleted-notes-now', notesApiRoute.eraseDeletedNotesNow);
-  apiRoute(PST, '/api/notes/erase-unused-attachments-now', notesApiRoute.eraseUnusedAttachmentsNow);
-  apiRoute(GET, '/api/similar-notes/:noteId', similarNotesRoute.getSimilarNotes);
-  apiRoute(GET, '/api/backend-log', backendLogRoute.getBackendLog);
-  apiRoute(GET, '/api/stats/note-size/:noteId', statsRoute.getNoteSize);
-  apiRoute(GET, '/api/stats/subtree-size/:noteId', statsRoute.getSubtreeSize);
-  apiRoute(PST, '/api/delete-notes-preview', notesApiRoute.getDeleteNotesPreview);
-  route(GET, '/api/fonts', [auth.checkApiAuthOrElectron], fontsRoute.getFontCss);
-  apiRoute(GET, '/api/other/icon-usage', otherRoute.getIconUsage);
-  apiRoute(PST, '/api/other/render-markdown', otherRoute.renderMarkdown);
-  apiRoute(GET, '/api/recent-changes/:ancestorNoteId', recentChangesApiRoute.getRecentChanges);
-  apiRoute(GET, '/api/edited-notes/:date', revisionsApiRoute.getEditedNotesOnDate);
-
-  apiRoute(PST, '/api/note-map/:noteId/tree', noteMapRoute.getTreeMap);
-  apiRoute(PST, '/api/note-map/:noteId/link', noteMapRoute.getLinkMap);
-  apiRoute(GET, '/api/note-map/:noteId/backlink-count', noteMapRoute.getBacklinkCount);
-  apiRoute(GET, '/api/note-map/:noteId/backlinks', noteMapRoute.getBacklinks);
-
-  shareRoutes.register(router);
-
-  etapiAuthRoutes.register(router, [loginRateLimiter]);
-  etapiAppInfoRoutes.register(router);
-  etapiAttachmentRoutes.register(router);
-  etapiAttributeRoutes.register(router);
-  etapiBranchRoutes.register(router);
-  etapiNoteRoutes.register(router);
-  etapiSpecialNoteRoutes.register(router);
-  etapiSpecRoute.register(router);
-  etapiBackupRoute.register(router);
-
-  app.use('', router);
+    route(GET, '/', [auth.checkAuth, csrfMiddleware], indexRoute.index);
+    route(GET, '/login', [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage);
+    route(GET, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage);
+
+    const loginRateLimiter = rateLimit.rateLimit({
+        windowMs: 15 * 60 * 1000, // 15 minutes
+        max: 10, // limit each IP to 10 requests per windowMs
+        skipSuccessfulRequests: true // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
+    });
+
+    route(PST, '/login', [loginRateLimiter], loginRoute.login);
+    route(PST, '/logout', [csrfMiddleware, auth.checkAuth], loginRoute.logout);
+    route(PST, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPassword);
+    route(GET, '/setup', [], setupRoute.setupPage);
+
+    apiRoute(GET, '/api/totp/generate', totp.generateSecret);
+    apiRoute(GET, '/api/totp/enabled', totp.checkForTOTP);
+    apiRoute(PST, '/api/totp/enable', totp.enableTOTP);
+    apiRoute(PST, '/api/totp/disable', totp.disableTOTP);
+    apiRoute(PST, '/api/totp/set', totp.setTotpSecret);
+    apiRoute(GET, '/api/totp/get', totp.getSecret);
+
+    apiRoute(PST, '/api/totp_recovery/set', recoveryCodes.setRecoveryCodes);
+    apiRoute(PST, '/api/totp_recovery/verify', recoveryCodes.veryifyRecoveryCode);
+    apiRoute(GET, '/api/totp_recovery/generate', recoveryCodes.generateRecoveryCodes);
+    apiRoute(GET, '/api/totp_recovery/enabled', recoveryCodes.checkForRecoveryKeys);
+    apiRoute(GET, '/api/totp_recovery/used', recoveryCodes.getUsedRecoveryCodes);
+
+    apiRoute(GET, '/api/tree', treeApiRoute.getTree);
+    apiRoute(PST, '/api/tree/load', treeApiRoute.load);
+
+    apiRoute(GET, '/api/notes/:noteId', notesApiRoute.getNote);
+    apiRoute(GET, '/api/notes/:noteId/blob', notesApiRoute.getNoteBlob);
+    apiRoute(GET, '/api/notes/:noteId/metadata', notesApiRoute.getNoteMetadata);
+    apiRoute(PUT, '/api/notes/:noteId/data', notesApiRoute.updateNoteData);
+    apiRoute(DEL, '/api/notes/:noteId', notesApiRoute.deleteNote);
+    apiRoute(PUT, '/api/notes/:noteId/undelete', notesApiRoute.undeleteNote);
+    apiRoute(PST, '/api/notes/:noteId/revision', notesApiRoute.forceSaveRevision);
+    apiRoute(PST, '/api/notes/:parentNoteId/children', notesApiRoute.createNote);
+    apiRoute(PUT, '/api/notes/:noteId/sort-children', notesApiRoute.sortChildNotes);
+    apiRoute(PUT, '/api/notes/:noteId/protect/:isProtected', notesApiRoute.protectNote);
+    apiRoute(PUT, '/api/notes/:noteId/type', notesApiRoute.setNoteTypeMime);
+    apiRoute(PUT, '/api/notes/:noteId/title', notesApiRoute.changeTitle);
+    apiRoute(PST, '/api/notes/:noteId/duplicPOSTate/:parentNoteId', notesApiRoute.duplicateSubtree);
+    apiRoute(PUT, '/api/notes/:noteId/clone-to-branch/:parentBranchId', cloningApiRoute.cloneNoteToBranch);
+    apiRoute(PUT, '/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present', cloningApiRoute.toggleNoteInParent);
+    apiRoute(PUT, '/api/notes/:noteId/clone-to-note/:parentNoteId', cloningApiRoute.cloneNoteToParentNote);
+    apiRoute(PUT, '/api/notes/:noteId/clone-after/:afterBranchId', cloningApiRoute.cloneNoteAfter);
+    route(PUT, '/api/notes/:noteId/file', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], filesRoute.updateFile, apiResultHandler);
+    route(GET, '/api/notes/:noteId/open', [auth.checkApiAuthOrElectron], filesRoute.openFile);
+    route(
+        GET,
+        '/api/notes/:noteId/open-partial',
+        [auth.checkApiAuthOrElectron],
+        createPartialContentHandler(filesRoute.fileContentProvider, {
+            debug: (string, extra) => {
+                console.log(string, extra);
+            }
+        })
+    );
+    route(GET, '/api/notes/:noteId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
+    // this "hacky" path is used for easier referencing of CSS resources
+    route(GET, '/api/notes/download/:noteId', [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
+    apiRoute(PST, '/api/notes/:noteId/save-to-tmp-dir', filesRoute.saveNoteToTmpDir);
+    apiRoute(PST, '/api/notes/:noteId/upload-modified-file', filesRoute.uploadModifiedFileToNote);
+    apiRoute(PST, '/api/notes/:noteId/convert-to-attachment', notesApiRoute.convertNoteToAttachment);
+
+    apiRoute(PUT, '/api/branches/:branchId/move-to/:parentBranchId', branchesApiRoute.moveBranchToParent);
+    apiRoute(PUT, '/api/branches/:branchId/move-before/:beforeBranchId', branchesApiRoute.moveBranchBeforeNote);
+    apiRoute(PUT, '/api/branches/:branchId/move-after/:afterBranchId', branchesApiRoute.moveBranchAfterNote);
+    apiRoute(PUT, '/api/branches/:branchId/expanded/:expanded', branchesApiRoute.setExpanded);
+    apiRoute(PUT, '/api/branches/:branchId/expanded-subtree/:expanded', branchesApiRoute.setExpandedForSubtree);
+    apiRoute(DEL, '/api/branches/:branchId', branchesApiRoute.deleteBranch);
+    apiRoute(PUT, '/api/branches/:branchId/set-prefix', branchesApiRoute.setPrefix);
+
+    apiRoute(GET, '/api/notes/:noteId/attachments', attachmentsApiRoute.getAttachments);
+    apiRoute(PST, '/api/notes/:noteId/attachments', attachmentsApiRoute.saveAttachment);
+    route(PST, '/api/notes/:noteId/attachments/upload', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], attachmentsApiRoute.uploadAttachment, apiResultHandler);
+    apiRoute(GET, '/api/attachments/:attachmentId', attachmentsApiRoute.getAttachment);
+    apiRoute(GET, '/api/attachments/:attachmentId/all', attachmentsApiRoute.getAllAttachments);
+    apiRoute(PST, '/api/attachments/:attachmentId/convert-to-note', attachmentsApiRoute.convertAttachmentToNote);
+    apiRoute(DEL, '/api/attachments/:attachmentId', attachmentsApiRoute.deleteAttachment);
+    apiRoute(PUT, '/api/attachments/:attachmentId/rename', attachmentsApiRoute.renameAttachment);
+    apiRoute(GET, '/api/attachments/:attachmentId/blob', attachmentsApiRoute.getAttachmentBlob);
+    route(GET, '/api/attachments/:attachmentId/image/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnAttachedImage);
+    route(GET, '/api/attachments/:attachmentId/open', [auth.checkApiAuthOrElectron], filesRoute.openAttachment);
+    route(
+        GET,
+        '/api/attachments/:attachmentId/open-partial',
+        [auth.checkApiAuthOrElectron],
+        createPartialContentHandler(filesRoute.attachmentContentProvider, {
+            debug: (string, extra) => {
+                console.log(string, extra);
+            }
+        })
+    );
+    route(GET, '/api/attachments/:attachmentId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
+    // this "hacky" path is used for easier referencing of CSS resources
+    route(GET, '/api/attachments/download/:attachmentId', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
+    apiRoute(PST, '/api/attachments/:attachmentId/save-to-tmp-dir', filesRoute.saveAttachmentToTmpDir);
+    apiRoute(PST, '/api/attachments/:attachmentId/upload-modified-file', filesRoute.uploadModifiedFileToAttachment);
+    route(PUT, '/api/attachments/:attachmentId/file', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], filesRoute.updateAttachment, apiResultHandler);
+
+    apiRoute(GET, '/api/notes/:noteId/revisions', revisionsApiRoute.getRevisions);
+    apiRoute(DEL, '/api/notes/:noteId/revisions', revisionsApiRoute.eraseAllRevisions);
+    apiRoute(GET, '/api/revisions/:revisionId', revisionsApiRoute.getRevision);
+    apiRoute(GET, '/api/revisions/:revisionId/blob', revisionsApiRoute.getRevisionBlob);
+    apiRoute(DEL, '/api/revisions/:revisionId', revisionsApiRoute.eraseRevision);
+    apiRoute(PST, '/api/revisions/:revisionId/restore', revisionsApiRoute.restoreRevision);
+    route(GET, '/api/revisions/:revisionId/image/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromRevision);
+
+    route(GET, '/api/revisions/:revisionId/download', [auth.checkApiAuthOrElectron], revisionsApiRoute.downloadRevision);
+
+    route(GET, '/api/branches/:branchId/export/:type/:format/:version/:taskId', [auth.checkApiAuthOrElectron], exportRoute.exportBranch);
+    route(PST, '/api/notes/:parentNoteId/notes-import', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], importRoute.importNotesToBranch, apiResultHandler);
+    route(PST, '/api/notes/:parentNoteId/attachments-import', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], importRoute.importAttachmentsToNote, apiResultHandler);
+
+    apiRoute(GET, '/api/notes/:noteId/attributes', attributesRoute.getEffectiveNoteAttributes);
+    apiRoute(PST, '/api/notes/:noteId/attributes', attributesRoute.addNoteAttribute);
+    apiRoute(PUT, '/api/notes/:noteId/attributes', attributesRoute.updateNoteAttributes);
+    apiRoute(PUT, '/api/notes/:noteId/attribute', attributesRoute.updateNoteAttribute);
+    apiRoute(PUT, '/api/notes/:noteId/set-attribute', attributesRoute.setNoteAttribute);
+    apiRoute(PUT, '/api/notes/:noteId/relations/:name/to/:targetNoteId', attributesRoute.createRelation);
+    apiRoute(DEL, '/api/notes/:noteId/relations/:name/to/:targetNoteId', attributesRoute.deleteRelation);
+    apiRoute(DEL, '/api/notes/:noteId/attributes/:attributeId', attributesRoute.deleteNoteAttribute);
+    apiRoute(GET, '/api/attribute-names', attributesRoute.getAttributeNames);
+    apiRoute(GET, '/api/attribute-values/:attributeName', attributesRoute.getValuesForAttribute);
+
+    // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
+    route(GET, '/api/images/:noteId/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromNote);
+    route(PUT, '/api/images/:noteId', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], imageRoute.updateImage, apiResultHandler);
+
+    apiRoute(GET, '/api/options', optionsApiRoute.getOptions);
+    // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
+    apiRoute(PUT, '/api/options/:name/:value*', optionsApiRoute.updateOption);
+    apiRoute(PUT, '/api/options', optionsApiRoute.updateOptions);
+    apiRoute(GET, '/api/options/user-themes', optionsApiRoute.getUserThemes);
+
+    apiRoute(PST, '/api/password/change', passwordApiRoute.changePassword);
+    apiRoute(PST, '/api/password/reset', passwordApiRoute.resetPassword);
+
+    apiRoute(PST, '/api/sync/test', syncApiRoute.testSync);
+    apiRoute(PST, '/api/sync/now', syncApiRoute.syncNow);
+    apiRoute(PST, '/api/sync/fill-entity-changes', syncApiRoute.fillEntityChanges);
+    apiRoute(PST, '/api/sync/force-full-sync', syncApiRoute.forceFullSync);
+    route(GET, '/api/sync/check', [auth.checkApiAuth], syncApiRoute.checkSync, apiResultHandler);
+    route(GET, '/api/sync/changed', [auth.checkApiAuth], syncApiRoute.getChanged, apiResultHandler);
+    route(PUT, '/api/sync/update', [auth.checkApiAuth], syncApiRoute.update, apiResultHandler);
+    route(PST, '/api/sync/finished', [auth.checkApiAuth], syncApiRoute.syncFinished, apiResultHandler);
+    route(PST, '/api/sync/check-entity-changes', [auth.checkApiAuth], syncApiRoute.checkEntityChanges, apiResultHandler);
+    route(PST, '/api/sync/queue-sector/:entityName/:sector', [auth.checkApiAuth], syncApiRoute.queueSector, apiResultHandler);
+    route(GET, '/api/sync/stats', [], syncApiRoute.getStats, apiResultHandler);
+
+    apiRoute(PST, '/api/recent-notes', recentNotesRoute.addRecentNote);
+    apiRoute(GET, '/api/app-info', appInfoRoute.getAppInfo);
+
+    // docker health check
+    route(GET, '/api/health-check', [], () => ({status: 'ok'}), apiResultHandler);
+
+    // group of the services below are meant to be executed from the outside
+    route(GET, '/api/setup/status', [], setupApiRoute.getStatus, apiResultHandler);
+    route(PST, '/api/setup/new-document', [auth.checkAppNotInitialized], setupApiRoute.setupNewDocument, apiResultHandler, false);
+    route(PST, '/api/setup/sync-from-server', [auth.checkAppNotInitialized], setupApiRoute.setupSyncFromServer, apiResultHandler, false);
+    route(GET, '/api/setup/sync-seed', [auth.checkCredentials], setupApiRoute.getSyncSeed, apiResultHandler);
+    route(PST, '/api/setup/sync-seed', [auth.checkAppNotInitialized], setupApiRoute.saveSyncSeed, apiResultHandler, false);
+
+    apiRoute(GET, '/api/autocomplete', autocompleteApiRoute.getAutocomplete);
+    apiRoute(GET, '/api/quick-search/:searchString', searchRoute.quickSearch);
+    apiRoute(GET, '/api/search-note/:noteId', searchRoute.searchFromNote);
+    apiRoute(PST, '/api/search-and-execute-note/:noteId', searchRoute.searchAndExecute);
+    apiRoute(PST, '/api/search-related', searchRoute.getRelatedNotes);
+    apiRoute(GET, '/api/search/:searchString', searchRoute.search);
+    apiRoute(GET, '/api/search-templates', searchRoute.searchTemplates);
+
+    apiRoute(PST, '/api/bulk-action/execute', bulkActionRoute.execute);
+    apiRoute(PST, '/api/bulk-action/affected-notes', bulkActionRoute.getAffectedNoteCount);
+
+    route(PST, '/api/login/sync', [], loginApiRoute.loginSync, apiResultHandler);
+    // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
+    apiRoute(PST, '/api/login/protected', loginApiRoute.loginToProtectedSession);
+    apiRoute(PST, '/api/login/protected/touch', loginApiRoute.touchProtectedSession);
+    apiRoute(PST, '/api/logout/protected', loginApiRoute.logoutFromProtectedSession);
+
+    route(PST, '/api/login/token', [loginRateLimiter], loginApiRoute.token, apiResultHandler);
+
+    apiRoute(GET, '/api/etapi-tokens', etapiTokensApiRoutes.getTokens);
+    apiRoute(PST, '/api/etapi-tokens', etapiTokensApiRoutes.createToken);
+    apiRoute(PATCH, '/api/etapi-tokens/:etapiTokenId', etapiTokensApiRoutes.patchToken);
+    apiRoute(DEL, '/api/etapi-tokens/:etapiTokenId', etapiTokensApiRoutes.deleteToken);
+
+    // in case of local electron, local calls are allowed unauthenticated, for server they need auth
+    const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
+
+    route(GET, '/api/clipper/handshake', clipperMiddleware, clipperRoute.handshake, apiResultHandler);
+    route(PST, '/api/clipper/clippings', clipperMiddleware, clipperRoute.addClipping, apiResultHandler);
+    route(PST, '/api/clipper/notes', clipperMiddleware, clipperRoute.createNote, apiResultHandler);
+    route(PST, '/api/clipper/open/:noteId', clipperMiddleware, clipperRoute.openNote, apiResultHandler);
+    route(GET, '/api/clipper/notes-by-url/:noteUrl', clipperMiddleware, clipperRoute.findNotesByUrl, apiResultHandler);
+
+    apiRoute(GET, '/api/special-notes/inbox/:date', specialNotesRoute.getInboxNote);
+    apiRoute(GET, '/api/special-notes/days/:date', specialNotesRoute.getDayNote);
+    apiRoute(GET, '/api/special-notes/weeks/:date', specialNotesRoute.getWeekNote);
+    apiRoute(GET, '/api/special-notes/months/:month', specialNotesRoute.getMonthNote);
+    apiRoute(GET, '/api/special-notes/years/:year', specialNotesRoute.getYearNote);
+    apiRoute(GET, '/api/special-notes/notes-for-month/:month', specialNotesRoute.getDayNotesForMonth);
+    apiRoute(PST, '/api/special-notes/sql-console', specialNotesRoute.createSqlConsole);
+    apiRoute(PST, '/api/special-notes/save-sql-console', specialNotesRoute.saveSqlConsole);
+    apiRoute(PST, '/api/special-notes/search-note', specialNotesRoute.createSearchNote);
+    apiRoute(PST, '/api/special-notes/save-search-note', specialNotesRoute.saveSearchNote);
+    apiRoute(PST, '/api/special-notes/launchers/:noteId/reset', specialNotesRoute.resetLauncher);
+    apiRoute(PST, '/api/special-notes/launchers/:parentNoteId/:launcherType', specialNotesRoute.createLauncher);
+    apiRoute(PUT, '/api/special-notes/api-script-launcher', specialNotesRoute.createOrUpdateScriptLauncherFromApi);
+
+    apiRoute(GET, '/api/sql/schema', sqlRoute.getSchema);
+    apiRoute(PST, '/api/sql/execute/:noteId', sqlRoute.execute);
+    route(PST, '/api/database/anonymize/:type', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.anonymize, apiResultHandler, false);
+    apiRoute(GET, '/api/database/anonymized-databases', databaseRoute.getExistingAnonymizedDatabases);
+
+    // backup requires execution outside of transaction
+    route(PST, '/api/database/backup-database', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.backupDatabase, apiResultHandler, false);
+    apiRoute(GET, '/api/database/backups', databaseRoute.getExistingBackups);
+
+    // VACUUM requires execution outside of transaction
+    route(PST, '/api/database/vacuum-database', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.vacuumDatabase, apiResultHandler, false);
+
+    route(PST, '/api/database/find-and-fix-consistency-issues', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.findAndFixConsistencyIssues, apiResultHandler, false);
+
+    apiRoute(GET, '/api/database/check-integrity', databaseRoute.checkIntegrity);
+
+    route(PST, '/api/script/exec', [auth.checkApiAuth, csrfMiddleware], scriptRoute.exec, apiResultHandler, false);
+
+    apiRoute(PST, '/api/script/run/:noteId', scriptRoute.run);
+    apiRoute(GET, '/api/script/startup', scriptRoute.getStartupBundles);
+    apiRoute(GET, '/api/script/widgets', scriptRoute.getWidgetBundles);
+    apiRoute(PST, '/api/script/bundle/:noteId', scriptRoute.getBundle);
+    apiRoute(GET, '/api/script/relation/:noteId/:relationName', scriptRoute.getRelationBundles);
+
+    // no CSRF since this is called from android app
+    route(PST, '/api/sender/login', [loginRateLimiter], loginApiRoute.token, apiResultHandler);
+    route(PST, '/api/sender/image', [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling], senderRoute.uploadImage, apiResultHandler);
+    route(PST, '/api/sender/note', [auth.checkEtapiToken], senderRoute.saveNote, apiResultHandler);
+
+    apiRoute(GET, '/api/keyboard-actions', keysRoute.getKeyboardActions);
+    apiRoute(GET, '/api/keyboard-shortcuts-for-notes', keysRoute.getShortcutsForNotes);
+
+    apiRoute(PST, '/api/relation-map', relationMapApiRoute.getRelationMap);
+    apiRoute(PST, '/api/notes/erase-deleted-notes-now', notesApiRoute.eraseDeletedNotesNow);
+    apiRoute(PST, '/api/notes/erase-unused-attachments-now', notesApiRoute.eraseUnusedAttachmentsNow);
+    apiRoute(GET, '/api/similar-notes/:noteId', similarNotesRoute.getSimilarNotes);
+    apiRoute(GET, '/api/backend-log', backendLogRoute.getBackendLog);
+    apiRoute(GET, '/api/stats/note-size/:noteId', statsRoute.getNoteSize);
+    apiRoute(GET, '/api/stats/subtree-size/:noteId', statsRoute.getSubtreeSize);
+    apiRoute(PST, '/api/delete-notes-preview', notesApiRoute.getDeleteNotesPreview);
+    route(GET, '/api/fonts', [auth.checkApiAuthOrElectron], fontsRoute.getFontCss);
+    apiRoute(GET, '/api/other/icon-usage', otherRoute.getIconUsage);
+    apiRoute(PST, '/api/other/render-markdown', otherRoute.renderMarkdown);
+    apiRoute(GET, '/api/recent-changes/:ancestorNoteId', recentChangesApiRoute.getRecentChanges);
+    apiRoute(GET, '/api/edited-notes/:date', revisionsApiRoute.getEditedNotesOnDate);
+
+    apiRoute(PST, '/api/note-map/:noteId/tree', noteMapRoute.getTreeMap);
+    apiRoute(PST, '/api/note-map/:noteId/link', noteMapRoute.getLinkMap);
+    apiRoute(GET, '/api/note-map/:noteId/backlink-count', noteMapRoute.getBacklinkCount);
+    apiRoute(GET, '/api/note-map/:noteId/backlinks', noteMapRoute.getBacklinks);
+
+    shareRoutes.register(router);
+
+    etapiAuthRoutes.register(router, [loginRateLimiter]);
+    etapiAppInfoRoutes.register(router);
+    etapiAttachmentRoutes.register(router);
+    etapiAttributeRoutes.register(router);
+    etapiBranchRoutes.register(router);
+    etapiNoteRoutes.register(router);
+    etapiSpecialNoteRoutes.register(router);
+    etapiSpecRoute.register(router);
+    etapiBackupRoute.register(router);
+
+    app.use('', router);
 }
 
 /** Handling common patterns. If entity is not caught, serialization to JSON will fail */
 function convertEntitiesToPojo(result: unknown) {
-  if (result instanceof AbstractBeccaEntity) {
-    result = result.getPojo();
-  } else if (Array.isArray(result)) {
-    for (const idx in result) {
-      if (result[idx] instanceof AbstractBeccaEntity) {
-        result[idx] = result[idx].getPojo();
-      }
-    }
-  } else if (result && typeof result === 'object') {
-    if ('note' in result && result.note instanceof AbstractBeccaEntity) {
-      result.note = result.note.getPojo();
-    }
+    if (result instanceof AbstractBeccaEntity) {
+        result = result.getPojo();
+    } else if (Array.isArray(result)) {
+        for (const idx in result) {
+            if (result[idx] instanceof AbstractBeccaEntity) {
+                result[idx] = result[idx].getPojo();
+            }
+        }
+    } else if (result && typeof result === 'object') {
+        if ('note' in result && result.note instanceof AbstractBeccaEntity) {
+            result.note = result.note.getPojo();
+        }
 
-    if ('branch' in result && result.branch instanceof AbstractBeccaEntity) {
-      result.branch = result.branch.getPojo();
+        if ('branch' in result && result.branch instanceof AbstractBeccaEntity) {
+            result.branch = result.branch.getPojo();
+        }
     }
-  }
 
-  if (result && typeof result === 'object' && 'executionResult' in result) {
-    // from runOnBackend()
-    result.executionResult = convertEntitiesToPojo(result.executionResult);
-  }
+    if (result && typeof result === 'object' && 'executionResult' in result) {
+        // from runOnBackend()
+        result.executionResult = convertEntitiesToPojo(result.executionResult);
+    }
 
-  return result;
+    return result;
 }
 
 function apiResultHandler(req: express.Request, res: express.Response, result: unknown) {
-  res.setHeader('trilium-max-entity-change-id', entityChangesService.getMaxEntityChangeId());
+    res.setHeader('trilium-max-entity-change-id', entityChangesService.getMaxEntityChangeId());
 
-  result = convertEntitiesToPojo(result);
+    result = convertEntitiesToPojo(result);
 
-  // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
-  if (Array.isArray(result) && result.length > 0 && Number.isInteger(result[0])) {
-    const [statusCode, response] = result;
+    // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
+    if (Array.isArray(result) && result.length > 0 && Number.isInteger(result[0])) {
+        const [statusCode, response] = result;
 
-    if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
-      log.info(`${req.method} ${req.originalUrl} returned ${statusCode} with response ${JSON.stringify(response)}`);
-    }
+        if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
+            log.info(`${req.method} ${req.originalUrl} returned ${statusCode} with response ${JSON.stringify(response)}`);
+        }
 
-    return send(res, statusCode, response);
-  } else if (result === undefined) {
-    return send(res, 204, '');
-  } else {
-    return send(res, 200, result);
-  }
+        return send(res, statusCode, response);
+    } else if (result === undefined) {
+        return send(res, 204, '');
+    } else {
+        return send(res, 200, result);
+    }
 }
 
 function send(res: express.Response, statusCode: number, response: unknown) {
-  if (typeof response === 'string') {
-    if (statusCode >= 400) {
-      res.setHeader('Content-Type', 'text/plain');
-    }
+    if (typeof response === 'string') {
+        if (statusCode >= 400) {
+            res.setHeader('Content-Type', 'text/plain');
+        }
 
-    res.status(statusCode).send(response);
+        res.status(statusCode).send(response);
 
-    return response.length;
-  } else {
-    const json = JSON.stringify(response);
+        return response.length;
+    } else {
+        const json = JSON.stringify(response);
 
-    res.setHeader('Content-Type', 'application/json');
-    res.status(statusCode).send(json);
+        res.setHeader('Content-Type', 'application/json');
+        res.status(statusCode).send(json);
 
-    return json.length;
-  }
+        return json.length;
+    }
 }
 
 function apiRoute(method: HttpMethod, path: string, routeHandler: express.Handler) {
-  route(method, path, [auth.checkApiAuth, csrfMiddleware], routeHandler, apiResultHandler);
+    route(method, path, [auth.checkApiAuth, csrfMiddleware], routeHandler, apiResultHandler);
 }
 
 function route(
-  method: HttpMethod,
-  path: string,
-  middleware: (express.Handler | AppRequestHandler)[],
-  routeHandler: AppRequestHandler,
-  resultHandler: ApiResultHandler | null = null,
-  transactional = true
+    method: HttpMethod,
+    path: string,
+    middleware: (express.Handler | AppRequestHandler)[],
+    routeHandler: AppRequestHandler,
+    resultHandler: ApiResultHandler | null = null,
+    transactional = true
 ) {
-  router[method](
-    path,
-    ...(middleware as express.Handler[]),
-    (req: express.Request, res: express.Response, next: express.NextFunction) => {
-      const start = Date.now();
-
-      try {
-        cls.namespace.bindEmitter(req);
-        cls.namespace.bindEmitter(res);
-
-        const result = cls.init(() => {
-          cls.set('componentId', req.headers['trilium-component-id']);
-          cls.set('localNowDateTime', req.headers['trilium-local-now-datetime']);
-          cls.set('hoistedNoteId', req.headers['trilium-hoisted-note-id'] || 'root');
-
-          const cb = () => routeHandler(req as AppRequest, res, next);
-
-          return transactional ? sql.transactional(cb) : cb();
-        });
-
-        if (!resultHandler) {
-          return;
+    router[method](path, ...(middleware as express.Handler[]), (req: express.Request, res: express.Response, next: express.NextFunction) => {
+        const start = Date.now();
+
+        try {
+            cls.namespace.bindEmitter(req);
+            cls.namespace.bindEmitter(res);
+
+            const result = cls.init(() => {
+                cls.set('componentId', req.headers['trilium-component-id']);
+                cls.set('localNowDateTime', req.headers['trilium-local-now-datetime']);
+                cls.set('hoistedNoteId', req.headers['trilium-hoisted-note-id'] || 'root');
+
+                const cb = () => routeHandler(req as AppRequest, res, next);
+
+                return transactional ? sql.transactional(cb) : cb();
+            });
+
+            if (!resultHandler) {
+                return;
+            }
+
+            if (result?.then) {
+                // promise
+                result.then((promiseResult: unknown) => handleResponse(resultHandler, req, res, promiseResult, start)).catch((e: any) => handleException(e, method, path, res));
+            } else {
+                handleResponse(resultHandler, req, res, result, start);
+            }
+        } catch (e) {
+            handleException(e, method, path, res);
         }
-
-        if (result?.then) {
-          // promise
-          result
-            .then((promiseResult: unknown) => handleResponse(resultHandler, req, res, promiseResult, start))
-            .catch((e: any) => handleException(e, method, path, res));
-        } else {
-          handleResponse(resultHandler, req, res, result, start);
-        }
-      } catch (e) {
-        handleException(e, method, path, res);
-      }
-    }
-  );
+    });
 }
 
-function handleResponse(
-  resultHandler: ApiResultHandler,
-  req: express.Request,
-  res: express.Response,
-  result: unknown,
-  start: number
-) {
-  const responseLength = resultHandler(req, res, result);
+function handleResponse(resultHandler: ApiResultHandler, req: express.Request, res: express.Response, result: unknown, start: number) {
+    const responseLength = resultHandler(req, res, result);
 
-  log.request(req, res, Date.now() - start, responseLength);
+    log.request(req, res, Date.now() - start, responseLength);
 }
 
 function handleException(e: any, method: HttpMethod, path: string, res: express.Response) {
-  log.error(`${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`);
+    log.error(`${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`);
 
-  if (e instanceof ValidationError) {
-    res.status(400).json({
-      message: e.message,
-    });
-  } else if (e instanceof NotFoundError) {
-    res.status(404).json({
-      message: e.message,
-    });
-  } else {
-    res.status(500).json({
-      message: e.message,
-    });
-  }
+    if (e instanceof ValidationError) {
+        res.status(400).json({
+            message: e.message
+        });
+    } else if (e instanceof NotFoundError) {
+        res.status(404).json({
+            message: e.message
+        });
+    } else {
+        res.status(500).json({
+            message: e.message
+        });
+    }
 }
 
 function createUploadMiddleware() {
-  const multerOptions: multer.Options = {
-    fileFilter: (req: express.Request, file, cb) => {
-      // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
-      // See https://github.com/expressjs/multer/pull/1102.
-      file.originalname = Buffer.from(file.originalname, 'latin1').toString('utf-8');
-      cb(null, true);
-    },
-  };
-
-  if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
-    multerOptions.limits = {
-      fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024,
+    const multerOptions: multer.Options = {
+        fileFilter: (req: express.Request, file, cb) => {
+            // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
+            // See https://github.com/expressjs/multer/pull/1102.
+            file.originalname = Buffer.from(file.originalname, 'latin1').toString('utf-8');
+            cb(null, true);
+        }
     };
-  }
 
-  return multer(multerOptions).single('upload');
+    if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
+        multerOptions.limits = {
+            fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024
+        };
+    }
+
+    return multer(multerOptions).single('upload');
 }
 
 export = {
-  register,
+    register
 };
diff --git a/src/services/hidden_subtree.ts b/src/services/hidden_subtree.ts
index a7ec0f836f..6d19860b40 100644
--- a/src/services/hidden_subtree.ts
+++ b/src/services/hidden_subtree.ts
@@ -1,19 +1,19 @@
-import BAttribute = require('../becca/entities/battribute');
-import {AttributeType, NoteType} from '../becca/entities/rows';
+import BAttribute = require("../becca/entities/battribute");
+import {AttributeType, NoteType} from "../becca/entities/rows";
 
-import becca = require('../becca/becca');
-import noteService = require('./notes');
-import log = require('./log');
-import migrationService = require('./migration');
+import becca = require("../becca/becca");
+import noteService = require("./notes");
+import log = require("./log");
+import migrationService = require("./migration");
 
-const LBTPL_ROOT = '_lbTplRoot';
-const LBTPL_BASE = '_lbTplBase';
-const LBTPL_COMMAND = '_lbTplCommandLauncher';
-const LBTPL_NOTE_LAUNCHER = '_lbTplNoteLauncher';
-const LBTPL_SCRIPT = '_lbTplScriptLauncher';
-const LBTPL_BUILTIN_WIDGET = '_lbTplBuiltinWidget';
-const LBTPL_SPACER = '_lbTplSpacer';
-const LBTPL_CUSTOM_WIDGET = '_lbTplCustomWidget';
+const LBTPL_ROOT = "_lbTplRoot";
+const LBTPL_BASE = "_lbTplBase";
+const LBTPL_COMMAND = "_lbTplCommandLauncher";
+const LBTPL_NOTE_LAUNCHER = "_lbTplNoteLauncher";
+const LBTPL_SCRIPT = "_lbTplScriptLauncher";
+const LBTPL_BUILTIN_WIDGET = "_lbTplBuiltinWidget";
+const LBTPL_SPACER = "_lbTplSpacer";
+const LBTPL_CUSTOM_WIDGET = "_lbTplCustomWidget";
 
 interface Attribute {
     type: AttributeType;
@@ -33,17 +33,17 @@ interface Item {
     isExpanded?: boolean;
     baseSize?: string;
     growthFactor?: string;
-    targetNoteId?: '_backendLog' | '_globalNoteMap';
+    targetNoteId?: "_backendLog" | "_globalNoteMap";
     builtinWidget?:
-        | 'bookmarks'
-        | 'spacer'
-        | 'backInHistoryButton'
-        | 'forwardInHistoryButton'
-        | 'syncStatus'
-        | 'protectedSession'
-        | 'todayInJournal'
-        | 'calendar';
-    command?: 'jumpToNote' | 'searchNotes' | 'createNoteIntoInbox' | 'showRecentChanges';
+        | "bookmarks"
+        | "spacer"
+        | "backInHistoryButton"
+        | "forwardInHistoryButton"
+        | "syncStatus"
+        | "protectedSession"
+        | "todayInJournal"
+        | "calendar";
+    command?: "jumpToNote" | "searchNotes" | "createNoteIntoInbox" | "showRecentChanges";
 }
 
 /*
@@ -53,487 +53,252 @@ interface Item {
  */
 
 const HIDDEN_SUBTREE_DEFINITION: Item = {
-    id: '_hidden',
-    title: 'Hidden Notes',
-    type: 'doc',
-    icon: 'bx bx-chip',
+    id: "_hidden",
+    title: "Hidden Notes",
+    type: "doc",
+    icon: "bx bx-chip",
     // we want to keep the hidden subtree always last, otherwise there will be problems with e.g., keyboard navigation
     // over tree when it's in the middle
     notePosition: 999_999_999,
     attributes: [
-        {type: 'label', name: 'excludeFromNoteMap', isInheritable: true},
-        {type: 'label', name: 'docName', value: 'hidden'}
+        {type: "label", name: "excludeFromNoteMap", isInheritable: true},
+        {type: "label", name: "docName", value: "hidden"}
     ],
     children: [
         {
-            id: '_search',
-            title: 'Search History',
-            type: 'doc'
+            id: "_search",
+            title: "Search History",
+            type: "doc"
         },
         {
-            id: '_globalNoteMap',
-            title: 'Note Map',
-            type: 'noteMap',
+            id: "_globalNoteMap",
+            title: "Note Map",
+            type: "noteMap",
             attributes: [
-                {type: 'label', name: 'mapRootNoteId', value: 'hoisted'},
-                {type: 'label', name: 'keepCurrentHoisting'}
+                {type: "label", name: "mapRootNoteId", value: "hoisted"},
+                {type: "label", name: "keepCurrentHoisting"}
             ]
         },
         {
-            id: '_sqlConsole',
-            title: 'SQL Console History',
-            type: 'doc',
-            icon: 'bx-data'
+            id: "_sqlConsole",
+            title: "SQL Console History",
+            type: "doc",
+            icon: "bx-data"
         },
         {
-            id: '_share',
-            title: 'Shared Notes',
-            type: 'doc',
-            attributes: [{type: 'label', name: 'docName', value: 'share'}]
+            id: "_share",
+            title: "Shared Notes",
+            type: "doc",
+            attributes: [{type: "label", name: "docName", value: "share"}]
         },
         {
-            id: '_bulkAction',
-            title: 'Bulk Action',
-            type: 'doc'
+            id: "_bulkAction",
+            title: "Bulk Action",
+            type: "doc"
         },
         {
-            id: '_backendLog',
-            title: 'Backend Log',
-            type: 'contentWidget',
-            icon: 'bx-terminal',
-            attributes: [{type: 'label', name: 'keepCurrentHoisting'}]
+            id: "_backendLog",
+            title: "Backend Log",
+            type: "contentWidget",
+            icon: "bx-terminal",
+            attributes: [{type: "label", name: "keepCurrentHoisting"}]
         },
         {
             // place for user scripts hidden stuff (scripts should not create notes directly under hidden root)
-            id: '_userHidden',
-            title: 'User Hidden',
-            type: 'doc',
-            attributes: [{type: 'label', name: 'docName', value: 'user_hidden'}]
+            id: "_userHidden",
+            title: "User Hidden",
+            type: "doc",
+            attributes: [{type: "label", name: "docName", value: "user_hidden"}]
         },
         {
             id: LBTPL_ROOT,
-            title: 'Launch Bar Templates',
-            type: 'doc',
+            title: "Launch Bar Templates",
+            type: "doc",
             children: [
                 {
                     id: LBTPL_BASE,
-                    title: 'Base Abstract Launcher',
-                    type: 'doc'
+                    title: "Base Abstract Launcher",
+                    type: "doc"
                 },
                 {
                     id: LBTPL_COMMAND,
-                    title: 'Command Launcher',
-                    type: 'doc',
+                    title: "Command Launcher",
+                    type: "doc",
                     attributes: [
-                        {
-                            type: 'relation',
-                            name: 'template',
-                            value: LBTPL_BASE
-                        },
-                        {
-                            type: 'label',
-                            name: 'launcherType',
-                            value: 'command'
-                        },
-                        {
-                            type: 'label',
-                            name: 'docName',
-                            value: 'launchbar_command_launcher'
-                        }
+                        {type: "relation", name: "template", value: LBTPL_BASE},
+                        {type: "label", name: "launcherType", value: "command"},
+                        {type: "label", name: "docName", value: "launchbar_command_launcher"}
                     ]
                 },
                 {
                     id: LBTPL_NOTE_LAUNCHER,
-                    title: 'Note Launcher',
-                    type: 'doc',
+                    title: "Note Launcher",
+                    type: "doc",
                     attributes: [
-                        {
-                            type: 'relation',
-                            name: 'template',
-                            value: LBTPL_BASE
-                        },
-                        {type: 'label', name: 'launcherType', value: 'note'},
-                        {
-                            type: 'label',
-                            name: 'relation:target',
-                            value: 'promoted'
-                        },
-                        {
-                            type: 'label',
-                            name: 'relation:hoistedNote',
-                            value: 'promoted'
-                        },
-                        {
-                            type: 'label',
-                            name: 'label:keyboardShortcut',
-                            value: 'promoted,text'
-                        },
-                        {
-                            type: 'label',
-                            name: 'docName',
-                            value: 'launchbar_note_launcher'
-                        }
+                        {type: "relation", name: "template", value: LBTPL_BASE},
+                        {type: "label", name: "launcherType", value: "note"},
+                        {type: "label", name: "relation:target", value: "promoted"},
+                        {type: "label", name: "relation:hoistedNote", value: "promoted"},
+                        {type: "label", name: "label:keyboardShortcut", value: "promoted,text"},
+                        {type: "label", name: "docName", value: "launchbar_note_launcher"}
                     ]
                 },
                 {
                     id: LBTPL_SCRIPT,
-                    title: 'Script Launcher',
-                    type: 'doc',
+                    title: "Script Launcher",
+                    type: "doc",
                     attributes: [
-                        {
-                            type: 'relation',
-                            name: 'template',
-                            value: LBTPL_BASE
-                        },
-                        {
-                            type: 'label',
-                            name: 'launcherType',
-                            value: 'script'
-                        },
-                        {
-                            type: 'label',
-                            name: 'relation:script',
-                            value: 'promoted'
-                        },
-                        {
-                            type: 'label',
-                            name: 'label:keyboardShortcut',
-                            value: 'promoted,text'
-                        },
-                        {
-                            type: 'label',
-                            name: 'docName',
-                            value: 'launchbar_script_launcher'
-                        }
+                        {type: "relation", name: "template", value: LBTPL_BASE},
+                        {type: "label", name: "launcherType", value: "script"},
+                        {type: "label", name: "relation:script", value: "promoted"},
+                        {type: "label", name: "label:keyboardShortcut", value: "promoted,text"},
+                        {type: "label", name: "docName", value: "launchbar_script_launcher"}
                     ]
                 },
                 {
                     id: LBTPL_BUILTIN_WIDGET,
-                    title: 'Built-in Widget',
-                    type: 'doc',
+                    title: "Built-in Widget",
+                    type: "doc",
                     attributes: [
-                        {
-                            type: 'relation',
-                            name: 'template',
-                            value: LBTPL_BASE
-                        },
-                        {
-                            type: 'label',
-                            name: 'launcherType',
-                            value: 'builtinWidget'
-                        }
+                        {type: "relation", name: "template", value: LBTPL_BASE},
+                        {type: "label", name: "launcherType", value: "builtinWidget"}
                     ]
                 },
                 {
                     id: LBTPL_SPACER,
-                    title: 'Spacer',
-                    type: 'doc',
-                    icon: 'bx-move-vertical',
+                    title: "Spacer",
+                    type: "doc",
+                    icon: "bx-move-vertical",
                     attributes: [
-                        {
-                            type: 'relation',
-                            name: 'template',
-                            value: LBTPL_BUILTIN_WIDGET
-                        },
-                        {
-                            type: 'label',
-                            name: 'builtinWidget',
-                            value: 'spacer'
-                        },
-                        {
-                            type: 'label',
-                            name: 'label:baseSize',
-                            value: 'promoted,number'
-                        },
-                        {
-                            type: 'label',
-                            name: 'label:growthFactor',
-                            value: 'promoted,number'
-                        },
-                        {
-                            type: 'label',
-                            name: 'docName',
-                            value: 'launchbar_spacer'
-                        }
+                        {type: "relation", name: "template", value: LBTPL_BUILTIN_WIDGET},
+                        {type: "label", name: "builtinWidget", value: "spacer"},
+                        {type: "label", name: "label:baseSize", value: "promoted,number"},
+                        {type: "label", name: "label:growthFactor", value: "promoted,number"},
+                        {type: "label", name: "docName", value: "launchbar_spacer"}
                     ]
                 },
                 {
                     id: LBTPL_CUSTOM_WIDGET,
-                    title: 'Custom Widget',
-                    type: 'doc',
+                    title: "Custom Widget",
+                    type: "doc",
                     attributes: [
-                        {
-                            type: 'relation',
-                            name: 'template',
-                            value: LBTPL_BASE
-                        },
-                        {
-                            type: 'label',
-                            name: 'launcherType',
-                            value: 'customWidget'
-                        },
-                        {
-                            type: 'label',
-                            name: 'relation:widget',
-                            value: 'promoted'
-                        },
-                        {
-                            type: 'label',
-                            name: 'docName',
-                            value: 'launchbar_widget_launcher'
-                        }
+                        {type: "relation", name: "template", value: LBTPL_BASE},
+                        {type: "label", name: "launcherType", value: "customWidget"},
+                        {type: "label", name: "relation:widget", value: "promoted"},
+                        {type: "label", name: "docName", value: "launchbar_widget_launcher"}
                     ]
                 }
             ]
         },
         {
-            id: '_lbRoot',
-            title: 'Launch Bar',
-            type: 'doc',
-            icon: 'bx-sidebar',
+            id: "_lbRoot",
+            title: "Launch Bar",
+            type: "doc",
+            icon: "bx-sidebar",
             isExpanded: true,
-            attributes: [{type: 'label', name: 'docName', value: 'launchbar_intro'}],
+            attributes: [{type: "label", name: "docName", value: "launchbar_intro"}],
             children: [
                 {
-                    id: '_lbAvailableLaunchers',
-                    title: 'Available Launchers',
-                    type: 'doc',
-                    icon: 'bx-hide',
+                    id: "_lbAvailableLaunchers",
+                    title: "Available Launchers",
+                    type: "doc",
+                    icon: "bx-hide",
                     isExpanded: true,
-                    attributes: [
-                        {
-                            type: 'label',
-                            name: 'docName',
-                            value: 'launchbar_intro'
-                        }
-                    ],
+                    attributes: [{type: "label", name: "docName", value: "launchbar_intro"}],
                     children: [
                         {
-                            id: '_lbBackInHistory',
-                            title: 'Go to Previous Note',
-                            type: 'launcher',
-                            builtinWidget: 'backInHistoryButton',
-                            icon: 'bx bxs-left-arrow-square',
-                            attributes: [
-                                {
-                                    type: 'label',
-                                    name: 'docName',
-                                    value: 'launchbar_history_navigation'
-                                }
-                            ]
+                            id: "_lbBackInHistory",
+                            title: "Go to Previous Note",
+                            type: "launcher",
+                            builtinWidget: "backInHistoryButton",
+                            icon: "bx bxs-left-arrow-square",
+                            attributes: [{type: "label", name: "docName", value: "launchbar_history_navigation"}]
                         },
                         {
-                            id: '_lbForwardInHistory',
-                            title: 'Go to Next Note',
-                            type: 'launcher',
-                            builtinWidget: 'forwardInHistoryButton',
-                            icon: 'bx bxs-right-arrow-square',
-                            attributes: [
-                                {
-                                    type: 'label',
-                                    name: 'docName',
-                                    value: 'launchbar_history_navigation'
-                                }
-                            ]
+                            id: "_lbForwardInHistory",
+                            title: "Go to Next Note",
+                            type: "launcher",
+                            builtinWidget: "forwardInHistoryButton",
+                            icon: "bx bxs-right-arrow-square",
+                            attributes: [{type: "label", name: "docName", value: "launchbar_history_navigation"}]
                         },
-                        {
-                            id: '_lbBackendLog',
-                            title: 'Backend Log',
-                            type: 'launcher',
-                            targetNoteId: '_backendLog',
-                            icon: 'bx bx-terminal'
-                        }
+                        {id: "_lbBackendLog", title: "Backend Log", type: "launcher", targetNoteId: "_backendLog", icon: "bx bx-terminal"}
                     ]
                 },
                 {
-                    id: '_lbVisibleLaunchers',
-                    title: 'Visible Launchers',
-                    type: 'doc',
-                    icon: 'bx-show',
+                    id: "_lbVisibleLaunchers",
+                    title: "Visible Launchers",
+                    type: "doc",
+                    icon: "bx-show",
                     isExpanded: true,
-                    attributes: [
-                        {
-                            type: 'label',
-                            name: 'docName',
-                            value: 'launchbar_intro'
-                        }
-                    ],
+                    attributes: [{type: "label", name: "docName", value: "launchbar_intro"}],
                     children: [
-                        {
-                            id: '_lbNewNote',
-                            title: 'New Note',
-                            type: 'launcher',
-                            command: 'createNoteIntoInbox',
-                            icon: 'bx bx-file-blank'
-                        },
-                        {
-                            id: '_lbSearch',
-                            title: 'Search Notes',
-                            type: 'launcher',
-                            command: 'searchNotes',
-                            icon: 'bx bx-search',
-                            attributes: [{type: 'label', name: 'desktopOnly'}]
-                        },
-                        {
-                            id: '_lbJumpTo',
-                            title: 'Jump to Note',
-                            type: 'launcher',
-                            command: 'jumpToNote',
-                            icon: 'bx bx-send',
-                            attributes: [{type: 'label', name: 'desktopOnly'}]
-                        },
-                        {
-                            id: '_lbNoteMap',
-                            title: 'Note Map',
-                            type: 'launcher',
-                            targetNoteId: '_globalNoteMap',
-                            icon: 'bx bx-map-alt'
-                        },
-                        {
-                            id: '_lbCalendar',
-                            title: 'Calendar',
-                            type: 'launcher',
-                            builtinWidget: 'calendar',
-                            icon: 'bx bx-calendar'
-                        },
-                        {
-                            id: '_lbRecentChanges',
-                            title: 'Recent Changes',
-                            type: 'launcher',
-                            command: 'showRecentChanges',
-                            icon: 'bx bx-history',
-                            attributes: [{type: 'label', name: 'desktopOnly'}]
+                        {id: "_lbNewNote", title: "New Note", type: "launcher", command: "createNoteIntoInbox", icon: "bx bx-file-blank"},
+                        {
+                            id: "_lbSearch",
+                            title: "Search Notes",
+                            type: "launcher",
+                            command: "searchNotes",
+                            icon: "bx bx-search",
+                            attributes: [{type: "label", name: "desktopOnly"}]
                         },
                         {
-                            id: '_lbSpacer1',
-                            title: 'Spacer',
-                            type: 'launcher',
-                            builtinWidget: 'spacer',
-                            baseSize: '50',
-                            growthFactor: '0'
+                            id: "_lbJumpTo",
+                            title: "Jump to Note",
+                            type: "launcher",
+                            command: "jumpToNote",
+                            icon: "bx bx-send",
+                            attributes: [{type: "label", name: "desktopOnly"}]
                         },
-                        {
-                            id: '_lbBookmarks',
-                            title: 'Bookmarks',
-                            type: 'launcher',
-                            builtinWidget: 'bookmarks',
-                            icon: 'bx bx-bookmark'
+                        {id: "_lbNoteMap", title: "Note Map", type: "launcher", targetNoteId: "_globalNoteMap", icon: "bx bx-map-alt"},
+                        {id: "_lbCalendar", title: "Calendar", type: "launcher", builtinWidget: "calendar", icon: "bx bx-calendar"},
+                        {
+                            id: "_lbRecentChanges",
+                            title: "Recent Changes",
+                            type: "launcher",
+                            command: "showRecentChanges",
+                            icon: "bx bx-history",
+                            attributes: [{type: "label", name: "desktopOnly"}]
                         },
+                        {id: "_lbSpacer1", title: "Spacer", type: "launcher", builtinWidget: "spacer", baseSize: "50", growthFactor: "0"},
+                        {id: "_lbBookmarks", title: "Bookmarks", type: "launcher", builtinWidget: "bookmarks", icon: "bx bx-bookmark"},
                         {
-                            id: '_lbToday',
+                            id: "_lbToday",
                             title: "Open Today's Journal Note",
-                            type: 'launcher',
-                            builtinWidget: 'todayInJournal',
-                            icon: 'bx bx-calendar-star'
-                        },
-                        {
-                            id: '_lbSpacer2',
-                            title: 'Spacer',
-                            type: 'launcher',
-                            builtinWidget: 'spacer',
-                            baseSize: '0',
-                            growthFactor: '1'
+                            type: "launcher",
+                            builtinWidget: "todayInJournal",
+                            icon: "bx bx-calendar-star"
                         },
+                        {id: "_lbSpacer2", title: "Spacer", type: "launcher", builtinWidget: "spacer", baseSize: "0", growthFactor: "1"},
                         {
-                            id: '_lbProtectedSession',
-                            title: 'Protected Session',
-                            type: 'launcher',
-                            builtinWidget: 'protectedSession',
-                            icon: 'bx bx bx-shield-quarter'
+                            id: "_lbProtectedSession",
+                            title: "Protected Session",
+                            type: "launcher",
+                            builtinWidget: "protectedSession",
+                            icon: "bx bx bx-shield-quarter"
                         },
-                        {
-                            id: '_lbSyncStatus',
-                            title: 'Sync Status',
-                            type: 'launcher',
-                            builtinWidget: 'syncStatus',
-                            icon: 'bx bx-wifi'
-                        }
+                        {id: "_lbSyncStatus", title: "Sync Status", type: "launcher", builtinWidget: "syncStatus", icon: "bx bx-wifi"}
                     ]
                 }
             ]
         },
         {
-            id: '_options',
-            title: 'Options',
-            type: 'book',
+            id: "_options",
+            title: "Options",
+            type: "book",
             children: [
-                {
-                    id: '_optionsAppearance',
-                    title: 'Appearance',
-                    type: 'contentWidget',
-                    icon: 'bx-layout'
-                },
-                {
-                    id: '_optionsShortcuts',
-                    title: 'Shortcuts',
-                    type: 'contentWidget',
-                    icon: 'bxs-keyboard'
-                },
-                {
-                    id: '_optionsTextNotes',
-                    title: 'Text Notes',
-                    type: 'contentWidget',
-                    icon: 'bx-text'
-                },
-                {
-                    id: '_optionsMFA',
-                    title: 'MFA',
-                    type: 'contentWidget',
-                    icon: 'bx-lock'
-                },
-                {
-                    id: '_optionsCodeNotes',
-                    title: 'Code Notes',
-                    type: 'contentWidget',
-                    icon: 'bx-code'
-                },
-                {
-                    id: '_optionsImages',
-                    title: 'Images',
-                    type: 'contentWidget',
-                    icon: 'bx-image'
-                },
-                {
-                    id: '_optionsSpellcheck',
-                    title: 'Spellcheck',
-                    type: 'contentWidget',
-                    icon: 'bx-check-double'
-                },
-                {
-                    id: '_optionsPassword',
-                    title: 'Password',
-                    type: 'contentWidget',
-                    icon: 'bx-lock'
-                },
-                {
-                    id: '_optionsEtapi',
-                    title: 'ETAPI',
-                    type: 'contentWidget',
-                    icon: 'bx-extension'
-                },
-                {
-                    id: '_optionsBackup',
-                    title: 'Backup',
-                    type: 'contentWidget',
-                    icon: 'bx-data'
-                },
-                {
-                    id: '_optionsSync',
-                    title: 'Sync',
-                    type: 'contentWidget',
-                    icon: 'bx-wifi'
-                },
-                {
-                    id: '_optionsOther',
-                    title: 'Other',
-                    type: 'contentWidget',
-                    icon: 'bx-dots-horizontal'
-                },
-                {
-                    id: '_optionsAdvanced',
-                    title: 'Advanced',
-                    type: 'contentWidget'
-                }
+                {id: "_optionsAppearance", title: "Appearance", type: "contentWidget", icon: "bx-layout"},
+                {id: "_optionsShortcuts", title: "Shortcuts", type: "contentWidget", icon: "bxs-keyboard"},
+                {id: "_optionsTextNotes", title: "Text Notes", type: "contentWidget", icon: "bx-text"},
+                {id: "_optionsCodeNotes", title: "Code Notes", type: "contentWidget", icon: "bx-code"},
+                {id: "_optionsImages", title: "Images", type: "contentWidget", icon: "bx-image"},
+                {id: "_optionsSpellcheck", title: "Spellcheck", type: "contentWidget", icon: "bx-check-double"},
+                {id: "_optionsPassword", title: "Password", type: "contentWidget", icon: "bx-lock"},
+                {id: "_optionsEtapi", title: "ETAPI", type: "contentWidget", icon: "bx-extension"},
+                {id: "_optionsBackup", title: "Backup", type: "contentWidget", icon: "bx-data"},
+                {id: "_optionsSync", title: "Sync", type: "contentWidget", icon: "bx-wifi"},
+                {id: "_optionsOther", title: "Other", type: "contentWidget", icon: "bx-dots-horizontal"},
+                {id: "_optionsAdvanced", title: "Advanced", type: "contentWidget"}
             ]
         }
     ]
@@ -542,11 +307,11 @@ const HIDDEN_SUBTREE_DEFINITION: Item = {
 function checkHiddenSubtree(force = false) {
     if (!force && !migrationService.isDbUpToDate()) {
         // on-delete hook might get triggered during some future migration and cause havoc
-        log.info('Will not check hidden subtree until migration is finished.');
+        log.info("Will not check hidden subtree until migration is finished.");
         return;
     }
 
-    checkHiddenSubtreeRecursively('root', HIDDEN_SUBTREE_DEFINITION);
+    checkHiddenSubtreeRecursively("root", HIDDEN_SUBTREE_DEFINITION);
 }
 
 function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
@@ -554,7 +319,7 @@ function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
         throw new Error(`Item does not contain mandatory properties: ${JSON.stringify(item)}`);
     }
 
-    if (item.id.charAt(0) !== '_') {
+    if (item.id.charAt(0) !== "_") {
         throw new Error(`ID has to start with underscore, given '${item.id}'`);
     }
 
@@ -567,7 +332,7 @@ function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
             title: item.title,
             type: item.type,
             parentNoteId: parentNoteId,
-            content: '',
+            content: "",
             ignoreForbiddenParents: true
         }));
     } else {
@@ -577,62 +342,26 @@ function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
     const attrs = [...(item.attributes || [])];
 
     if (item.icon) {
-        attrs.push({
-            type: 'label',
-            name: 'iconClass',
-            value: `bx ${item.icon}`
-        });
+        attrs.push({type: "label", name: "iconClass", value: `bx ${item.icon}`});
     }
 
-    if (item.type === 'launcher') {
+    if (item.type === "launcher") {
         if (item.command) {
-            attrs.push({
-                type: 'relation',
-                name: 'template',
-                value: LBTPL_COMMAND
-            });
-            attrs.push({type: 'label', name: 'command', value: item.command});
+            attrs.push({type: "relation", name: "template", value: LBTPL_COMMAND});
+            attrs.push({type: "label", name: "command", value: item.command});
         } else if (item.builtinWidget) {
-            if (item.builtinWidget === 'spacer') {
-                attrs.push({
-                    type: 'relation',
-                    name: 'template',
-                    value: LBTPL_SPACER
-                });
-                attrs.push({
-                    type: 'label',
-                    name: 'baseSize',
-                    value: item.baseSize
-                });
-                attrs.push({
-                    type: 'label',
-                    name: 'growthFactor',
-                    value: item.growthFactor
-                });
+            if (item.builtinWidget === "spacer") {
+                attrs.push({type: "relation", name: "template", value: LBTPL_SPACER});
+                attrs.push({type: "label", name: "baseSize", value: item.baseSize});
+                attrs.push({type: "label", name: "growthFactor", value: item.growthFactor});
             } else {
-                attrs.push({
-                    type: 'relation',
-                    name: 'template',
-                    value: LBTPL_BUILTIN_WIDGET
-                });
+                attrs.push({type: "relation", name: "template", value: LBTPL_BUILTIN_WIDGET});
             }
 
-            attrs.push({
-                type: 'label',
-                name: 'builtinWidget',
-                value: item.builtinWidget
-            });
+            attrs.push({type: "label", name: "builtinWidget", value: item.builtinWidget});
         } else if (item.targetNoteId) {
-            attrs.push({
-                type: 'relation',
-                name: 'template',
-                value: LBTPL_NOTE_LAUNCHER
-            });
-            attrs.push({
-                type: 'relation',
-                name: 'target',
-                value: item.targetNoteId
-            });
+            attrs.push({type: "relation", name: "template", value: LBTPL_NOTE_LAUNCHER});
+            attrs.push({type: "relation", name: "target", value: item.targetNoteId});
         } else {
             throw new Error(`No action defined for launcher ${JSON.stringify(item)}`);
         }
@@ -659,7 +388,7 @@ function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
     }
 
     for (const attr of attrs) {
-        const attrId = note.noteId + '_' + attr.type.charAt(0) + attr.name;
+        const attrId = note.noteId + "_" + attr.type.charAt(0) + attr.name;
 
         if (!note.getAttributes().find((attr) => attr.attributeId === attrId)) {
             new BAttribute({

From 73259e5bca5899696173a73b931e86c53f99031e Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 12 May 2024 16:36:03 -0700
Subject: [PATCH 22/63] Formatting

---
 src/services/hidden_subtree.ts | 357 ++++++++++++++-------------------
 1 file changed, 156 insertions(+), 201 deletions(-)

diff --git a/src/services/hidden_subtree.ts b/src/services/hidden_subtree.ts
index 6d19860b40..5478aed1cf 100644
--- a/src/services/hidden_subtree.ts
+++ b/src/services/hidden_subtree.ts
@@ -1,10 +1,10 @@
 import BAttribute = require("../becca/entities/battribute");
-import {AttributeType, NoteType} from "../becca/entities/rows";
+import { AttributeType, NoteType } from "../becca/entities/rows";
 
-import becca = require("../becca/becca");
-import noteService = require("./notes");
-import log = require("./log");
-import migrationService = require("./migration");
+import becca = require('../becca/becca');
+import noteService = require('./notes');
+import log = require('./log');
+import migrationService = require('./migration');
 
 const LBTPL_ROOT = "_lbTplRoot";
 const LBTPL_BASE = "_lbTplBase";
@@ -19,7 +19,7 @@ interface Attribute {
     type: AttributeType;
     name: string;
     isInheritable?: boolean;
-    value?: string;
+    value?: string
 }
 
 interface Item {
@@ -34,15 +34,7 @@ interface Item {
     baseSize?: string;
     growthFactor?: string;
     targetNoteId?: "_backendLog" | "_globalNoteMap";
-    builtinWidget?:
-        | "bookmarks"
-        | "spacer"
-        | "backInHistoryButton"
-        | "forwardInHistoryButton"
-        | "syncStatus"
-        | "protectedSession"
-        | "todayInJournal"
-        | "calendar";
+    builtinWidget?: "bookmarks" | "spacer" | "backInHistoryButton" | "forwardInHistoryButton" | "syncStatus" | "protectedSession" | "todayInJournal" | "calendar";
     command?: "jumpToNote" | "searchNotes" | "createNoteIntoInbox" | "showRecentChanges";
 }
 
@@ -53,252 +45,215 @@ interface Item {
  */
 
 const HIDDEN_SUBTREE_DEFINITION: Item = {
-    id: "_hidden",
-    title: "Hidden Notes",
-    type: "doc",
-    icon: "bx bx-chip",
+    id: '_hidden',
+    title: 'Hidden Notes',
+    type: 'doc',
+    icon: 'bx bx-chip',
     // we want to keep the hidden subtree always last, otherwise there will be problems with e.g., keyboard navigation
     // over tree when it's in the middle
     notePosition: 999_999_999,
     attributes: [
-        {type: "label", name: "excludeFromNoteMap", isInheritable: true},
-        {type: "label", name: "docName", value: "hidden"}
+        { type: 'label', name: 'excludeFromNoteMap', isInheritable: true },
+        { type: 'label', name: 'docName', value: 'hidden' }
     ],
     children: [
         {
-            id: "_search",
-            title: "Search History",
-            type: "doc"
+            id: '_search',
+            title: 'Search History',
+            type: 'doc'
         },
         {
-            id: "_globalNoteMap",
-            title: "Note Map",
-            type: "noteMap",
+            id: '_globalNoteMap',
+            title: 'Note Map',
+            type: 'noteMap',
             attributes: [
-                {type: "label", name: "mapRootNoteId", value: "hoisted"},
-                {type: "label", name: "keepCurrentHoisting"}
+                { type: 'label', name: 'mapRootNoteId', value: 'hoisted' },
+                { type: 'label', name: 'keepCurrentHoisting' }
             ]
         },
         {
-            id: "_sqlConsole",
-            title: "SQL Console History",
-            type: "doc",
-            icon: "bx-data"
+            id: '_sqlConsole',
+            title: 'SQL Console History',
+            type: 'doc',
+            icon: 'bx-data'
         },
         {
-            id: "_share",
-            title: "Shared Notes",
-            type: "doc",
-            attributes: [{type: "label", name: "docName", value: "share"}]
+            id: '_share',
+            title: 'Shared Notes',
+            type: 'doc',
+            attributes: [ { type: 'label', name: 'docName', value: 'share' } ]
         },
         {
-            id: "_bulkAction",
-            title: "Bulk Action",
-            type: "doc"
+            id: '_bulkAction',
+            title: 'Bulk Action',
+            type: 'doc',
         },
         {
-            id: "_backendLog",
-            title: "Backend Log",
-            type: "contentWidget",
-            icon: "bx-terminal",
-            attributes: [{type: "label", name: "keepCurrentHoisting"}]
+            id: '_backendLog',
+            title: 'Backend Log',
+            type: 'contentWidget',
+            icon: 'bx-terminal',
+            attributes: [
+                { type: 'label', name: 'keepCurrentHoisting' }
+            ]
         },
         {
             // place for user scripts hidden stuff (scripts should not create notes directly under hidden root)
-            id: "_userHidden",
-            title: "User Hidden",
-            type: "doc",
-            attributes: [{type: "label", name: "docName", value: "user_hidden"}]
+            id: '_userHidden',
+            title: 'User Hidden',
+            type: 'doc',
+            attributes: [ { type: 'label', name: 'docName', value: 'user_hidden' } ]
         },
         {
             id: LBTPL_ROOT,
-            title: "Launch Bar Templates",
-            type: "doc",
+            title: 'Launch Bar Templates',
+            type: 'doc',
             children: [
                 {
                     id: LBTPL_BASE,
-                    title: "Base Abstract Launcher",
-                    type: "doc"
+                    title: 'Base Abstract Launcher',
+                    type: 'doc'
                 },
                 {
                     id: LBTPL_COMMAND,
-                    title: "Command Launcher",
-                    type: "doc",
+                    title: 'Command Launcher',
+                    type: 'doc',
                     attributes: [
-                        {type: "relation", name: "template", value: LBTPL_BASE},
-                        {type: "label", name: "launcherType", value: "command"},
-                        {type: "label", name: "docName", value: "launchbar_command_launcher"}
+                        { type: 'relation', name: 'template', value: LBTPL_BASE },
+                        { type: 'label', name: 'launcherType', value: 'command' },
+                        { type: 'label', name: 'docName', value: 'launchbar_command_launcher' }
                     ]
                 },
                 {
                     id: LBTPL_NOTE_LAUNCHER,
-                    title: "Note Launcher",
-                    type: "doc",
+                    title: 'Note Launcher',
+                    type: 'doc',
                     attributes: [
-                        {type: "relation", name: "template", value: LBTPL_BASE},
-                        {type: "label", name: "launcherType", value: "note"},
-                        {type: "label", name: "relation:target", value: "promoted"},
-                        {type: "label", name: "relation:hoistedNote", value: "promoted"},
-                        {type: "label", name: "label:keyboardShortcut", value: "promoted,text"},
-                        {type: "label", name: "docName", value: "launchbar_note_launcher"}
+                        { type: 'relation', name: 'template', value: LBTPL_BASE },
+                        { type: 'label', name: 'launcherType', value: 'note' },
+                        { type: 'label', name: 'relation:target', value: 'promoted' },
+                        { type: 'label', name: 'relation:hoistedNote', value: 'promoted' },
+                        { type: 'label', name: 'label:keyboardShortcut', value: 'promoted,text' },
+                        { type: 'label', name: 'docName', value: 'launchbar_note_launcher' }
                     ]
                 },
                 {
                     id: LBTPL_SCRIPT,
-                    title: "Script Launcher",
-                    type: "doc",
+                    title: 'Script Launcher',
+                    type: 'doc',
                     attributes: [
-                        {type: "relation", name: "template", value: LBTPL_BASE},
-                        {type: "label", name: "launcherType", value: "script"},
-                        {type: "label", name: "relation:script", value: "promoted"},
-                        {type: "label", name: "label:keyboardShortcut", value: "promoted,text"},
-                        {type: "label", name: "docName", value: "launchbar_script_launcher"}
+                        { type: 'relation', name: 'template', value: LBTPL_BASE },
+                        { type: 'label', name: 'launcherType', value: 'script' },
+                        { type: 'label', name: 'relation:script', value: 'promoted' },
+                        { type: 'label', name: 'label:keyboardShortcut', value: 'promoted,text' },
+                        { type: 'label', name: 'docName', value: 'launchbar_script_launcher' }
                     ]
                 },
                 {
                     id: LBTPL_BUILTIN_WIDGET,
-                    title: "Built-in Widget",
-                    type: "doc",
+                    title: 'Built-in Widget',
+                    type: 'doc',
                     attributes: [
-                        {type: "relation", name: "template", value: LBTPL_BASE},
-                        {type: "label", name: "launcherType", value: "builtinWidget"}
+                        { type: 'relation', name: 'template', value: LBTPL_BASE },
+                        { type: 'label', name: 'launcherType', value: 'builtinWidget' }
                     ]
                 },
                 {
                     id: LBTPL_SPACER,
-                    title: "Spacer",
-                    type: "doc",
-                    icon: "bx-move-vertical",
+                    title: 'Spacer',
+                    type: 'doc',
+                    icon: 'bx-move-vertical',
                     attributes: [
-                        {type: "relation", name: "template", value: LBTPL_BUILTIN_WIDGET},
-                        {type: "label", name: "builtinWidget", value: "spacer"},
-                        {type: "label", name: "label:baseSize", value: "promoted,number"},
-                        {type: "label", name: "label:growthFactor", value: "promoted,number"},
-                        {type: "label", name: "docName", value: "launchbar_spacer"}
+                        { type: 'relation', name: 'template', value: LBTPL_BUILTIN_WIDGET },
+                        { type: 'label', name: 'builtinWidget', value: 'spacer' },
+                        { type: 'label', name: 'label:baseSize', value: 'promoted,number' },
+                        { type: 'label', name: 'label:growthFactor', value: 'promoted,number' },
+                        { type: 'label', name: 'docName', value: 'launchbar_spacer' }
                     ]
                 },
                 {
                     id: LBTPL_CUSTOM_WIDGET,
-                    title: "Custom Widget",
-                    type: "doc",
+                    title: 'Custom Widget',
+                    type: 'doc',
                     attributes: [
-                        {type: "relation", name: "template", value: LBTPL_BASE},
-                        {type: "label", name: "launcherType", value: "customWidget"},
-                        {type: "label", name: "relation:widget", value: "promoted"},
-                        {type: "label", name: "docName", value: "launchbar_widget_launcher"}
+                        { type: 'relation', name: 'template', value: LBTPL_BASE },
+                        { type: 'label', name: 'launcherType', value: 'customWidget' },
+                        { type: 'label', name: 'relation:widget', value: 'promoted' },
+                        { type: 'label', name: 'docName', value: 'launchbar_widget_launcher' }
                     ]
-                }
+                },
             ]
         },
         {
-            id: "_lbRoot",
-            title: "Launch Bar",
-            type: "doc",
-            icon: "bx-sidebar",
+            id: '_lbRoot',
+            title: 'Launch Bar',
+            type: 'doc',
+            icon: 'bx-sidebar',
             isExpanded: true,
-            attributes: [{type: "label", name: "docName", value: "launchbar_intro"}],
+            attributes: [ { type: 'label', name: 'docName', value: 'launchbar_intro' } ],
             children: [
                 {
-                    id: "_lbAvailableLaunchers",
-                    title: "Available Launchers",
-                    type: "doc",
-                    icon: "bx-hide",
+                    id: '_lbAvailableLaunchers',
+                    title: 'Available Launchers',
+                    type: 'doc',
+                    icon: 'bx-hide',
                     isExpanded: true,
-                    attributes: [{type: "label", name: "docName", value: "launchbar_intro"}],
+                    attributes: [ { type: 'label', name: 'docName', value: 'launchbar_intro' } ],
                     children: [
-                        {
-                            id: "_lbBackInHistory",
-                            title: "Go to Previous Note",
-                            type: "launcher",
-                            builtinWidget: "backInHistoryButton",
-                            icon: "bx bxs-left-arrow-square",
-                            attributes: [{type: "label", name: "docName", value: "launchbar_history_navigation"}]
-                        },
-                        {
-                            id: "_lbForwardInHistory",
-                            title: "Go to Next Note",
-                            type: "launcher",
-                            builtinWidget: "forwardInHistoryButton",
-                            icon: "bx bxs-right-arrow-square",
-                            attributes: [{type: "label", name: "docName", value: "launchbar_history_navigation"}]
-                        },
-                        {id: "_lbBackendLog", title: "Backend Log", type: "launcher", targetNoteId: "_backendLog", icon: "bx bx-terminal"}
+                        { id: '_lbBackInHistory', title: 'Go to Previous Note', type: 'launcher', builtinWidget: 'backInHistoryButton', icon: 'bx bxs-left-arrow-square',
+                            attributes: [ { type: 'label', name: 'docName', value: 'launchbar_history_navigation' } ]},
+                        { id: '_lbForwardInHistory', title: 'Go to Next Note', type: 'launcher', builtinWidget: 'forwardInHistoryButton', icon: 'bx bxs-right-arrow-square',
+                            attributes: [ { type: 'label', name: 'docName', value: 'launchbar_history_navigation' } ]},
+                        { id: '_lbBackendLog', title: 'Backend Log', type: 'launcher', targetNoteId: '_backendLog', icon: 'bx bx-terminal' },
                     ]
                 },
                 {
-                    id: "_lbVisibleLaunchers",
-                    title: "Visible Launchers",
-                    type: "doc",
-                    icon: "bx-show",
+                    id: '_lbVisibleLaunchers',
+                    title: 'Visible Launchers',
+                    type: 'doc',
+                    icon: 'bx-show',
                     isExpanded: true,
-                    attributes: [{type: "label", name: "docName", value: "launchbar_intro"}],
+                    attributes: [ { type: 'label', name: 'docName', value: 'launchbar_intro' } ],
                     children: [
-                        {id: "_lbNewNote", title: "New Note", type: "launcher", command: "createNoteIntoInbox", icon: "bx bx-file-blank"},
-                        {
-                            id: "_lbSearch",
-                            title: "Search Notes",
-                            type: "launcher",
-                            command: "searchNotes",
-                            icon: "bx bx-search",
-                            attributes: [{type: "label", name: "desktopOnly"}]
-                        },
-                        {
-                            id: "_lbJumpTo",
-                            title: "Jump to Note",
-                            type: "launcher",
-                            command: "jumpToNote",
-                            icon: "bx bx-send",
-                            attributes: [{type: "label", name: "desktopOnly"}]
-                        },
-                        {id: "_lbNoteMap", title: "Note Map", type: "launcher", targetNoteId: "_globalNoteMap", icon: "bx bx-map-alt"},
-                        {id: "_lbCalendar", title: "Calendar", type: "launcher", builtinWidget: "calendar", icon: "bx bx-calendar"},
-                        {
-                            id: "_lbRecentChanges",
-                            title: "Recent Changes",
-                            type: "launcher",
-                            command: "showRecentChanges",
-                            icon: "bx bx-history",
-                            attributes: [{type: "label", name: "desktopOnly"}]
-                        },
-                        {id: "_lbSpacer1", title: "Spacer", type: "launcher", builtinWidget: "spacer", baseSize: "50", growthFactor: "0"},
-                        {id: "_lbBookmarks", title: "Bookmarks", type: "launcher", builtinWidget: "bookmarks", icon: "bx bx-bookmark"},
-                        {
-                            id: "_lbToday",
-                            title: "Open Today's Journal Note",
-                            type: "launcher",
-                            builtinWidget: "todayInJournal",
-                            icon: "bx bx-calendar-star"
-                        },
-                        {id: "_lbSpacer2", title: "Spacer", type: "launcher", builtinWidget: "spacer", baseSize: "0", growthFactor: "1"},
-                        {
-                            id: "_lbProtectedSession",
-                            title: "Protected Session",
-                            type: "launcher",
-                            builtinWidget: "protectedSession",
-                            icon: "bx bx bx-shield-quarter"
-                        },
-                        {id: "_lbSyncStatus", title: "Sync Status", type: "launcher", builtinWidget: "syncStatus", icon: "bx bx-wifi"}
+                        { id: '_lbNewNote', title: 'New Note', type: 'launcher', command: 'createNoteIntoInbox', icon: 'bx bx-file-blank' },
+                        { id: '_lbSearch', title: 'Search Notes', type: 'launcher', command: 'searchNotes', icon: 'bx bx-search', attributes: [
+                                { type: 'label', name: 'desktopOnly' }
+                            ] },
+                        { id: '_lbJumpTo', title: 'Jump to Note', type: 'launcher', command: 'jumpToNote', icon: 'bx bx-send', attributes: [
+                                { type: 'label', name: 'desktopOnly' }
+                            ] },
+                        { id: '_lbNoteMap', title: 'Note Map', type: 'launcher', targetNoteId: '_globalNoteMap', icon: 'bx bx-map-alt' },
+                        { id: '_lbCalendar', title: 'Calendar', type: 'launcher', builtinWidget: 'calendar', icon: 'bx bx-calendar' },
+                        { id: '_lbRecentChanges', title: 'Recent Changes', type: 'launcher', command: 'showRecentChanges', icon: 'bx bx-history', attributes: [
+                                { type: 'label', name: 'desktopOnly' }
+                            ] },
+                        { id: '_lbSpacer1', title: 'Spacer', type: 'launcher', builtinWidget: 'spacer', baseSize: "50", growthFactor: "0" },
+                        { id: '_lbBookmarks', title: 'Bookmarks', type: 'launcher', builtinWidget: 'bookmarks', icon: 'bx bx-bookmark' },
+                        { id: '_lbToday', title: "Open Today's Journal Note", type: 'launcher', builtinWidget: 'todayInJournal', icon: 'bx bx-calendar-star' },
+                        { id: '_lbSpacer2', title: 'Spacer', type: 'launcher', builtinWidget: 'spacer', baseSize: "0", growthFactor: "1" },
+                        { id: '_lbProtectedSession', title: 'Protected Session', type: 'launcher', builtinWidget: 'protectedSession', icon: 'bx bx bx-shield-quarter' },
+                        { id: '_lbSyncStatus', title: 'Sync Status', type: 'launcher', builtinWidget: 'syncStatus', icon: 'bx bx-wifi' }
                     ]
                 }
             ]
         },
         {
-            id: "_options",
-            title: "Options",
-            type: "book",
+            id: '_options',
+            title: 'Options',
+            type: 'book',
             children: [
-                {id: "_optionsAppearance", title: "Appearance", type: "contentWidget", icon: "bx-layout"},
-                {id: "_optionsShortcuts", title: "Shortcuts", type: "contentWidget", icon: "bxs-keyboard"},
-                {id: "_optionsTextNotes", title: "Text Notes", type: "contentWidget", icon: "bx-text"},
-                {id: "_optionsCodeNotes", title: "Code Notes", type: "contentWidget", icon: "bx-code"},
-                {id: "_optionsImages", title: "Images", type: "contentWidget", icon: "bx-image"},
-                {id: "_optionsSpellcheck", title: "Spellcheck", type: "contentWidget", icon: "bx-check-double"},
-                {id: "_optionsPassword", title: "Password", type: "contentWidget", icon: "bx-lock"},
-                {id: "_optionsEtapi", title: "ETAPI", type: "contentWidget", icon: "bx-extension"},
-                {id: "_optionsBackup", title: "Backup", type: "contentWidget", icon: "bx-data"},
-                {id: "_optionsSync", title: "Sync", type: "contentWidget", icon: "bx-wifi"},
-                {id: "_optionsOther", title: "Other", type: "contentWidget", icon: "bx-dots-horizontal"},
-                {id: "_optionsAdvanced", title: "Advanced", type: "contentWidget"}
+                { id: '_optionsAppearance', title: 'Appearance', type: 'contentWidget', icon: 'bx-layout' },
+                { id: '_optionsShortcuts', title: 'Shortcuts', type: 'contentWidget', icon: 'bxs-keyboard' },
+                { id: '_optionsTextNotes', title: 'Text Notes', type: 'contentWidget', icon: 'bx-text' },
+                { id: '_optionsCodeNotes', title: 'Code Notes', type: 'contentWidget', icon: 'bx-code' },
+                { id: '_optionsImages', title: 'Images', type: 'contentWidget', icon: 'bx-image' },
+                { id: '_optionsSpellcheck', title: 'Spellcheck', type: 'contentWidget', icon: 'bx-check-double' },
+                { id: '_optionsPassword', title: 'Password', type: 'contentWidget', icon: 'bx-lock' },
+                { id: '_optionsEtapi', title: 'ETAPI', type: 'contentWidget', icon: 'bx-extension' },
+                { id: '_optionsBackup', title: 'Backup', type: 'contentWidget', icon: 'bx-data' },
+                { id: '_optionsSync', title: 'Sync', type: 'contentWidget', icon: 'bx-wifi' },
+                { id: '_optionsOther', title: 'Other', type: 'contentWidget', icon: 'bx-dots-horizontal' },
+                { id: '_optionsAdvanced', title: 'Advanced', type: 'contentWidget' }
             ]
         }
     ]
@@ -311,7 +266,7 @@ function checkHiddenSubtree(force = false) {
         return;
     }
 
-    checkHiddenSubtreeRecursively("root", HIDDEN_SUBTREE_DEFINITION);
+    checkHiddenSubtreeRecursively('root', HIDDEN_SUBTREE_DEFINITION);
 }
 
 function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
@@ -319,7 +274,7 @@ function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
         throw new Error(`Item does not contain mandatory properties: ${JSON.stringify(item)}`);
     }
 
-    if (item.id.charAt(0) !== "_") {
+    if (item.id.charAt(0) !== '_') {
         throw new Error(`ID has to start with underscore, given '${item.id}'`);
     }
 
@@ -332,36 +287,36 @@ function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
             title: item.title,
             type: item.type,
             parentNoteId: parentNoteId,
-            content: "",
+            content: '',
             ignoreForbiddenParents: true
         }));
     } else {
-        branch = note.getParentBranches().find((branch) => branch.parentNoteId === parentNoteId);
+        branch = note.getParentBranches().find(branch => branch.parentNoteId === parentNoteId);
     }
 
     const attrs = [...(item.attributes || [])];
 
     if (item.icon) {
-        attrs.push({type: "label", name: "iconClass", value: `bx ${item.icon}`});
+        attrs.push({ type: 'label', name: 'iconClass', value: `bx ${item.icon}` });
     }
 
-    if (item.type === "launcher") {
+    if (item.type === 'launcher') {
         if (item.command) {
-            attrs.push({type: "relation", name: "template", value: LBTPL_COMMAND});
-            attrs.push({type: "label", name: "command", value: item.command});
+            attrs.push({ type: 'relation', name: 'template', value: LBTPL_COMMAND });
+            attrs.push({ type: 'label', name: 'command', value: item.command });
         } else if (item.builtinWidget) {
-            if (item.builtinWidget === "spacer") {
-                attrs.push({type: "relation", name: "template", value: LBTPL_SPACER});
-                attrs.push({type: "label", name: "baseSize", value: item.baseSize});
-                attrs.push({type: "label", name: "growthFactor", value: item.growthFactor});
+            if (item.builtinWidget === 'spacer') {
+                attrs.push({ type: 'relation', name: 'template', value: LBTPL_SPACER });
+                attrs.push({ type: 'label', name: 'baseSize', value: item.baseSize });
+                attrs.push({ type: 'label', name: 'growthFactor', value: item.growthFactor });
             } else {
-                attrs.push({type: "relation", name: "template", value: LBTPL_BUILTIN_WIDGET});
+                attrs.push({ type: 'relation', name: 'template', value: LBTPL_BUILTIN_WIDGET });
             }
 
-            attrs.push({type: "label", name: "builtinWidget", value: item.builtinWidget});
+            attrs.push({ type: 'label', name: 'builtinWidget', value: item.builtinWidget });
         } else if (item.targetNoteId) {
-            attrs.push({type: "relation", name: "template", value: LBTPL_NOTE_LAUNCHER});
-            attrs.push({type: "relation", name: "target", value: item.targetNoteId});
+            attrs.push({ type: 'relation', name: 'template', value: LBTPL_NOTE_LAUNCHER });
+            attrs.push({ type: 'relation', name: 'target', value: item.targetNoteId });
         } else {
             throw new Error(`No action defined for launcher ${JSON.stringify(item)}`);
         }
@@ -390,7 +345,7 @@ function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
     for (const attr of attrs) {
         const attrId = note.noteId + "_" + attr.type.charAt(0) + attr.name;
 
-        if (!note.getAttributes().find((attr) => attr.attributeId === attrId)) {
+        if (!note.getAttributes().find(attr => attr.attributeId === attrId)) {
             new BAttribute({
                 attributeId: attrId,
                 noteId: note.noteId,

From fe1d25112149502bc24ff5a6a5d922964b64866f Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 12 May 2024 16:41:28 -0700
Subject: [PATCH 23/63] Formatting

---
 .../widgets/type_widgets/content_widget.js    |  32 ++--
 .../type_widgets/options/options_widget.js    |  10 +-
 src/routes/api/options.ts                     |  24 +--
 src/services/options.ts                       |  11 +-
 src/services/options_init.ts                  | 169 +++++++-----------
 5 files changed, 100 insertions(+), 146 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/content_widget.js b/src/public/app/widgets/type_widgets/content_widget.js
index 22898ea79b..fe7f105afb 100644
--- a/src/public/app/widgets/type_widgets/content_widget.js
+++ b/src/public/app/widgets/type_widgets/content_widget.js
@@ -32,7 +32,6 @@ import DatabaseAnonymizationOptions from "./options/advanced/database_anonymizat
 import BackendLogWidget from "./content/backend_log.js";
 import AttachmentErasureTimeoutOptions from "./options/other/attachment_erasure_timeout.js";
 import RibbonOptions from "./options/appearance/ribbon.js";
-import MultiFactorAuthenticationOptions from "./options/multi_factor_authentication.js";
 
 const TPL = `<div class="note-detail-content-widget note-detail-printable">
     <style>
@@ -62,7 +61,7 @@ const CONTENT_WIDGETS = {
         MaxContentWidthOptions,
         RibbonOptions
     ],
-    _optionsShortcuts: [KeyboardShortcutsOptions],
+    _optionsShortcuts: [ KeyboardShortcutsOptions ],
     _optionsTextNotes: [
         HeadingStyleOptions,
         TableOfContentsOptions,
@@ -75,13 +74,12 @@ const CONTENT_WIDGETS = {
         CodeAutoReadOnlySizeOptions,
         CodeMimeTypesOptions
     ],
-    _optionsMFA: [MultiFactorAuthenticationOptions],
-    _optionsImages: [ImageOptions],
-    _optionsSpellcheck: [SpellcheckOptions],
-    _optionsPassword: [PasswordOptions],
-    _optionsEtapi: [EtapiOptions],
-    _optionsBackup: [BackupOptions],
-    _optionsSync: [SyncOptions],
+    _optionsImages: [ ImageOptions ],
+    _optionsSpellcheck: [ SpellcheckOptions ],
+    _optionsPassword: [ PasswordOptions ],
+    _optionsEtapi: [ EtapiOptions ],
+    _optionsBackup: [ BackupOptions ],
+    _optionsSync: [ SyncOptions ],
     _optionsOther: [
         SearchEngineOptions,
         TrayOptions,
@@ -97,19 +95,15 @@ const CONTENT_WIDGETS = {
         AdvancedSyncOptions,
         VacuumDatabaseOptions
     ],
-    _backendLog: [BackendLogWidget]
+    _backendLog: [ BackendLogWidget ]
 };
 
 export default class ContentWidgetTypeWidget extends TypeWidget {
-    static getType() {
-        return "contentWidget";
-    }
-    2;
+    static getType() { return "contentWidget"; }
+
     doRender() {
         this.$widget = $(TPL);
-        this.$content = this.$widget.find(
-            ".note-detail-content-widget-content"
-        );
+        this.$content = this.$widget.find(".note-detail-content-widget-content");
 
         super.doRender();
     }
@@ -124,9 +118,7 @@ export default class ContentWidgetTypeWidget extends TypeWidget {
             for (const clazz of contentWidgets) {
                 const widget = new clazz();
 
-                await widget.handleEvent("setNoteContext", {
-                    noteContext: this.noteContext
-                });
+                await widget.handleEvent('setNoteContext', { noteContext: this.noteContext });
                 this.child(widget);
 
                 this.$content.append(widget.render());
diff --git a/src/public/app/widgets/type_widgets/options/options_widget.js b/src/public/app/widgets/type_widgets/options/options_widget.js
index 5b55c780f0..3f16308702 100644
--- a/src/public/app/widgets/type_widgets/options/options_widget.js
+++ b/src/public/app/widgets/type_widgets/options/options_widget.js
@@ -10,13 +10,13 @@ export default class OptionsWidget extends NoteContextAwareWidget {
     }
 
     async updateOption(name, value) {
-        const opts = {[name]: value};
+        const opts = { [name]: value };
 
         await this.updateMultipleOptions(opts);
     }
 
     async updateMultipleOptions(opts) {
-        await server.put("options", opts);
+        await server.put('options', opts);
 
         this.showUpdateNotification();
     }
@@ -34,17 +34,17 @@ export default class OptionsWidget extends NoteContextAwareWidget {
     async updateCheckboxOption(name, $checkbox) {
         const isChecked = $checkbox.prop("checked");
 
-        return await this.updateOption(name, isChecked ? "true" : "false");
+        return await this.updateOption(name, isChecked ? 'true' : 'false');
     }
 
     setCheckboxState($checkbox, optionValue) {
-        $checkbox.prop("checked", optionValue === "true");
+        $checkbox.prop('checked', optionValue === 'true');
     }
 
     optionsLoaded(options) {}
 
     async refreshWithNote(note) {
-        const options = await server.get("options");
+        const options = await server.get('options');
 
         this.optionsLoaded(options);
     }
diff --git a/src/routes/api/options.ts b/src/routes/api/options.ts
index 979493c386..54630e825d 100644
--- a/src/routes/api/options.ts
+++ b/src/routes/api/options.ts
@@ -1,10 +1,10 @@
-'use strict';
+"use strict";
 
 import optionService = require('../../services/options');
 import log = require('../../services/log');
 import searchService = require('../../services/search/services/search');
 import ValidationError = require('../../errors/validation_error');
-import {Request} from 'express';
+import { Request } from 'express';
 
 // options allowed to be updated directly in the Options dialog
 const ALLOWED_OPTIONS = new Set([
@@ -58,8 +58,7 @@ const ALLOWED_OPTIONS = new Set([
     'customSearchEngineName',
     'customSearchEngineUrl',
     'promotedAttributesOpenInRibbon',
-    'editedNotesOpenInRibbon',
-    'totpEnabled'
+    'editedNotesOpenInRibbon'
 ]);
 
 function getOptions() {
@@ -81,13 +80,12 @@ function updateOption(req: Request) {
     const {name, value} = req.params;
 
     if (!update(name, value)) {
-        throw new ValidationError('not allowed option to change');
+        throw new ValidationError("not allowed option to change");
     }
 }
 
 function updateOptions(req: Request) {
     for (const optionName in req.body) {
-        console.log(optionName);
         if (!update(optionName, req.body[optionName])) {
             // this should be improved
             // it should return 400 instead of current 500, but at least it now rollbacks transaction
@@ -111,9 +109,7 @@ function update(name: string, value: string) {
 }
 
 function getUserThemes() {
-    const notes = searchService.searchNotes('#appTheme', {
-        ignoreHoistedNote: true
-    });
+    const notes = searchService.searchNotes("#appTheme", {ignoreHoistedNote: true});
     const ret = [];
 
     for (const note of notes) {
@@ -134,12 +130,10 @@ function getUserThemes() {
 }
 
 function isAllowed(name: string) {
-    return (
-        ALLOWED_OPTIONS.has(name) ||
-        name.startsWith('keyboardShortcuts') ||
-        name.endsWith('Collapsed') ||
-        name.startsWith('hideArchivedNotes')
-    );
+    return ALLOWED_OPTIONS.has(name)
+        || name.startsWith("keyboardShortcuts")
+        || name.endsWith("Collapsed")
+        || name.startsWith("hideArchivedNotes");
 }
 
 export = {
diff --git a/src/services/options.ts b/src/services/options.ts
index 0cb8f6a219..b658e4ff71 100644
--- a/src/services/options.ts
+++ b/src/services/options.ts
@@ -1,5 +1,5 @@
 import becca = require('../becca/becca');
-import {OptionRow} from '../becca/entities/rows';
+import { OptionRow } from '../becca/entities/rows';
 import sql = require('./sql');
 
 function getOptionOrNull(name: string): string | null {
@@ -9,7 +9,7 @@ function getOptionOrNull(name: string): string | null {
         option = becca.getOption(name);
     } else {
         // e.g. in initial sync becca is not loaded because DB is not initialized
-        option = sql.getRow<OptionRow>('SELECT * FROM options WHERE name = ?', [name]);
+        option = sql.getRow<OptionRow>("SELECT * FROM options WHERE name = ?", [name]);
     }
 
     return option ? option.value : null;
@@ -44,7 +44,7 @@ function getOptionInt(name: string, defaultValue?: number): number {
 function getOptionBool(name: string): boolean {
     const val = getOption(name);
 
-    if (typeof val !== 'string' || !['true', 'false'].includes(val)) {
+    if (typeof val !== "string" || !['true', 'false'].includes(val)) {
         throw new Error(`Could not parse '${val}' into boolean for option '${name}'`);
     }
 
@@ -52,7 +52,7 @@ function getOptionBool(name: string): boolean {
 }
 
 function setOption(name: string, value: string | number | boolean) {
-    if (value === true || value === false || typeof value === 'number') {
+    if (value === true || value === false || typeof value === "number") {
         value = value.toString();
     }
 
@@ -62,7 +62,8 @@ function setOption(name: string, value: string | number | boolean) {
         option.value = value;
 
         option.save();
-    } else {
+    }
+    else {
         createOption(name, value, false);
     }
 }
diff --git a/src/services/options_init.ts b/src/services/options_init.ts
index 5162699ec2..b9a88de4fd 100644
--- a/src/services/options_init.ts
+++ b/src/services/options_init.ts
@@ -4,7 +4,7 @@ import utils = require('./utils');
 import log = require('./log');
 import dateUtils = require('./date_utils');
 import keyboardActions = require('./keyboard_actions');
-import {KeyboardShortcutWithRequiredActionName} from './keyboard_actions_interface';
+import { KeyboardShortcutWithRequiredActionName } from './keyboard_actions_interface';
 
 function initDocumentOptions() {
     optionService.createOption('documentId', utils.randomSecureToken(16), false);
@@ -17,16 +17,12 @@ interface NotSyncedOpts {
 }
 
 function initNotSyncedOptions(initialized: boolean, opts: NotSyncedOpts = {}) {
-    optionService.createOption(
-        'openNoteContexts',
-        JSON.stringify([
-            {
-                notePath: 'root',
-                active: true
-            }
-        ]),
-        false
-    );
+    optionService.createOption('openNoteContexts', JSON.stringify([
+        {
+            notePath: 'root',
+            active: true
+        }
+    ]), false);
 
     optionService.createOption('lastDailyBackupDate', dateUtils.utcNowDateTime(), false);
     optionService.createOption('lastWeeklyBackupDate', dateUtils.utcNowDateTime(), false);
@@ -54,78 +50,54 @@ function initNotSyncedOptions(initialized: boolean, opts: NotSyncedOpts = {}) {
 }
 
 const defaultOptions = [
-    {name: 'revisionSnapshotTimeInterval', value: '600', isSynced: true},
-    {name: 'protectedSessionTimeout', value: '600', isSynced: true},
-    {
-        name: 'zoomFactor',
-        value: process.platform === 'win32' ? '0.9' : '1.0',
-        isSynced: false
-    },
-    {name: 'overrideThemeFonts', value: 'false', isSynced: false},
-    {name: 'mainFontFamily', value: 'theme', isSynced: false},
-    {name: 'mainFontSize', value: '100', isSynced: false},
-    {name: 'treeFontFamily', value: 'theme', isSynced: false},
-    {name: 'treeFontSize', value: '100', isSynced: false},
-    {name: 'detailFontFamily', value: 'theme', isSynced: false},
-    {name: 'detailFontSize', value: '110', isSynced: false},
-    {name: 'monospaceFontFamily', value: 'theme', isSynced: false},
-    {name: 'monospaceFontSize', value: '110', isSynced: false},
-    {name: 'spellCheckEnabled', value: 'true', isSynced: false},
-    {name: 'spellCheckLanguageCode', value: 'en-US', isSynced: false},
-    {name: 'imageMaxWidthHeight', value: '2000', isSynced: true},
-    {name: 'imageJpegQuality', value: '75', isSynced: true},
-    {name: 'autoFixConsistencyIssues', value: 'true', isSynced: false},
-    {name: 'vimKeymapEnabled', value: 'false', isSynced: false},
-    {name: 'codeLineWrapEnabled', value: 'true', isSynced: false},
-    {
-        name: 'codeNotesMimeTypes',
-        value: '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]',
-        isSynced: true
-    },
-    {name: 'leftPaneWidth', value: '25', isSynced: false},
-    {name: 'leftPaneVisible', value: 'true', isSynced: false},
-    {name: 'rightPaneWidth', value: '25', isSynced: false},
-    {name: 'rightPaneVisible', value: 'true', isSynced: false},
-    {name: 'nativeTitleBarVisible', value: 'false', isSynced: false},
-    {
-        name: 'eraseEntitiesAfterTimeInSeconds',
-        value: '604800',
-        isSynced: true
-    }, // default is 7 days
-    {name: 'hideArchivedNotes_main', value: 'false', isSynced: false},
-    {name: 'debugModeEnabled', value: 'false', isSynced: false},
-    {name: 'headingStyle', value: 'underline', isSynced: true},
-    {name: 'autoCollapseNoteTree', value: 'true', isSynced: true},
-    {name: 'autoReadonlySizeText', value: '10000', isSynced: false},
-    {name: 'autoReadonlySizeCode', value: '30000', isSynced: false},
-    {name: 'dailyBackupEnabled', value: 'true', isSynced: false},
-    {name: 'weeklyBackupEnabled', value: 'true', isSynced: false},
-    {name: 'monthlyBackupEnabled', value: 'true', isSynced: false},
-    {name: 'maxContentWidth', value: '1200', isSynced: false},
-    {name: 'compressImages', value: 'true', isSynced: true},
-    {name: 'downloadImagesAutomatically', value: 'true', isSynced: true},
-    {name: 'minTocHeadings', value: '5', isSynced: true},
-    {
-        name: 'highlightsList',
-        value: '["bold","italic","underline","color","bgColor"]',
-        isSynced: true
-    },
-    {name: 'checkForUpdates', value: 'true', isSynced: true},
-    {name: 'disableTray', value: 'false', isSynced: false},
-    {
-        name: 'eraseUnusedAttachmentsAfterSeconds',
-        value: '2592000',
-        isSynced: true
-    },
-    {name: 'customSearchEngineName', value: 'DuckDuckGo', isSynced: true},
-    {
-        name: 'customSearchEngineUrl',
-        value: 'https://duckduckgo.com/?q={keyword}',
-        isSynced: true
-    },
-    {name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true},
-    {name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true},
-    {name: 'totpEnabled', value: 'false', isSynced: true}
+    { name: 'revisionSnapshotTimeInterval', value: '600', isSynced: true },
+    { name: 'protectedSessionTimeout', value: '600', isSynced: true },
+    { name: 'zoomFactor', value: process.platform === "win32" ? '0.9' : '1.0', isSynced: false },
+    { name: 'overrideThemeFonts', value: 'false', isSynced: false },
+    { name: 'mainFontFamily', value: 'theme', isSynced: false },
+    { name: 'mainFontSize', value: '100', isSynced: false },
+    { name: 'treeFontFamily', value: 'theme', isSynced: false },
+    { name: 'treeFontSize', value: '100', isSynced: false },
+    { name: 'detailFontFamily', value: 'theme', isSynced: false },
+    { name: 'detailFontSize', value: '110', isSynced: false },
+    { name: 'monospaceFontFamily', value: 'theme', isSynced: false },
+    { name: 'monospaceFontSize', value: '110', isSynced: false },
+    { name: 'spellCheckEnabled', value: 'true', isSynced: false },
+    { name: 'spellCheckLanguageCode', value: 'en-US', isSynced: false },
+    { name: 'imageMaxWidthHeight', value: '2000', isSynced: true },
+    { name: 'imageJpegQuality', value: '75', isSynced: true },
+    { name: 'autoFixConsistencyIssues', value: 'true', isSynced: false },
+    { name: 'vimKeymapEnabled', value: 'false', isSynced: false },
+    { name: 'codeLineWrapEnabled', value: 'true', isSynced: false },
+    { name: 'codeNotesMimeTypes', value: '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]', isSynced: true },
+    { name: 'leftPaneWidth', value: '25', isSynced: false },
+    { name: 'leftPaneVisible', value: 'true', isSynced: false },
+    { name: 'rightPaneWidth', value: '25', isSynced: false },
+    { name: 'rightPaneVisible', value: 'true', isSynced: false },
+    { name: 'nativeTitleBarVisible', value: 'false', isSynced: false },
+    { name: 'eraseEntitiesAfterTimeInSeconds', value: '604800', isSynced: true }, // default is 7 days
+    { name: 'hideArchivedNotes_main', value: 'false', isSynced: false },
+    { name: 'debugModeEnabled', value: 'false', isSynced: false },
+    { name: 'headingStyle', value: 'underline', isSynced: true },
+    { name: 'autoCollapseNoteTree', value: 'true', isSynced: true },
+    { name: 'autoReadonlySizeText', value: '10000', isSynced: false },
+    { name: 'autoReadonlySizeCode', value: '30000', isSynced: false },
+    { name: 'dailyBackupEnabled', value: 'true', isSynced: false },
+    { name: 'weeklyBackupEnabled', value: 'true', isSynced: false },
+    { name: 'monthlyBackupEnabled', value: 'true', isSynced: false },
+    { name: 'maxContentWidth', value: '1200', isSynced: false },
+    { name: 'compressImages', value: 'true', isSynced: true },
+    { name: 'downloadImagesAutomatically', value: 'true', isSynced: true },
+    { name: 'minTocHeadings', value: '5', isSynced: true },
+    { name: 'highlightsList', value: '["bold","italic","underline","color","bgColor"]', isSynced: true },
+    { name: 'checkForUpdates', value: 'true', isSynced: true },
+    { name: 'disableTray', value: 'false', isSynced: false },
+    { name: 'eraseUnusedAttachmentsAfterSeconds', value: '2592000', isSynced: true },
+    { name: 'customSearchEngineName', value: 'DuckDuckGo', isSynced: true },
+    { name: 'customSearchEngineUrl', value: 'https://duckduckgo.com/?q={keyword}', isSynced: true },
+    { name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true },
+    { name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true },
+    { name: 'totpEnabled', value: 'false', isSynced: true}
 ];
 
 function initStartupOptions() {
@@ -142,28 +114,23 @@ function initStartupOptions() {
     }
 
     if (process.env.TRILIUM_START_NOTE_ID || process.env.TRILIUM_SAFE_MODE) {
-        optionService.setOption(
-            'openNoteContexts',
-            JSON.stringify([
-                {
-                    notePath: process.env.TRILIUM_START_NOTE_ID || 'root',
-                    active: true
-                }
-            ])
-        );
+        optionService.setOption('openNoteContexts', JSON.stringify([
+            {
+                notePath: process.env.TRILIUM_START_NOTE_ID || 'root',
+                active: true
+            }
+        ]));
     }
 }
 
 function getKeyboardDefaultOptions() {
-    return (
-        keyboardActions.DEFAULT_KEYBOARD_ACTIONS.filter(
-            (ka) => !!ka.actionName
-        ) as KeyboardShortcutWithRequiredActionName[]
-    ).map((ka) => ({
-        name: `keyboardShortcuts${ka.actionName.charAt(0).toUpperCase()}${ka.actionName.slice(1)}`,
-        value: JSON.stringify(ka.defaultShortcuts),
-        isSynced: false
-    }));
+    return (keyboardActions.DEFAULT_KEYBOARD_ACTIONS
+        .filter(ka => !!ka.actionName) as KeyboardShortcutWithRequiredActionName[])
+        .map(ka => ({
+            name: `keyboardShortcuts${ka.actionName.charAt(0).toUpperCase()}${ka.actionName.slice(1)}`,
+            value: JSON.stringify(ka.defaultShortcuts),
+            isSynced: false
+        }));
 }
 
 export = {

From a50c8d6d77778a2f745f745c5e5aa3688df56bf8 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 12 May 2024 16:43:24 -0700
Subject: [PATCH 24/63] Removed POST from middle of string

---
 src/routes/routes.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 1ca5b89b78..c98539389f 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -148,7 +148,7 @@ function register(app: express.Application) {
     apiRoute(PUT, '/api/notes/:noteId/protect/:isProtected', notesApiRoute.protectNote);
     apiRoute(PUT, '/api/notes/:noteId/type', notesApiRoute.setNoteTypeMime);
     apiRoute(PUT, '/api/notes/:noteId/title', notesApiRoute.changeTitle);
-    apiRoute(PST, '/api/notes/:noteId/duplicPOSTate/:parentNoteId', notesApiRoute.duplicateSubtree);
+    apiRoute(PST, '/api/notes/:noteId/duplicate/:parentNoteId', notesApiRoute.duplicateSubtree);
     apiRoute(PUT, '/api/notes/:noteId/clone-to-branch/:parentBranchId', cloningApiRoute.cloneNoteToBranch);
     apiRoute(PUT, '/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present', cloningApiRoute.toggleNoteInParent);
     apiRoute(PUT, '/api/notes/:noteId/clone-to-note/:parentNoteId', cloningApiRoute.cloneNoteToParentNote);

From ad7a171db98867f109b0944ed96e7de311ff7f91 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 12 May 2024 18:26:15 -0700
Subject: [PATCH 25/63] Formatting + minor changes

---
 .../widgets/type_widgets/content_widget.js    |  26 +-
 src/routes/api/totp.ts                        |   9 +-
 src/routes/login.ts                           |   2 +-
 src/services/encryption/recovery_codes.ts     |   8 +-
 src/services/hidden_subtree.ts                | 352 +++++++++++-------
 src/services/options.ts                       |   1 -
 src/services/options_init.ts                  | 101 ++---
 src/services/totp_secret.ts                   |   1 +
 src/views/login.ejs                           |   2 +-
 9 files changed, 298 insertions(+), 204 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/content_widget.js b/src/public/app/widgets/type_widgets/content_widget.js
index fe7f105afb..bf59258673 100644
--- a/src/public/app/widgets/type_widgets/content_widget.js
+++ b/src/public/app/widgets/type_widgets/content_widget.js
@@ -32,6 +32,7 @@ import DatabaseAnonymizationOptions from "./options/advanced/database_anonymizat
 import BackendLogWidget from "./content/backend_log.js";
 import AttachmentErasureTimeoutOptions from "./options/other/attachment_erasure_timeout.js";
 import RibbonOptions from "./options/appearance/ribbon.js";
+import MultiFactorAuthenticationOptions from "./options/multi_factor_authentication.js";
 
 const TPL = `<div class="note-detail-content-widget note-detail-printable">
     <style>
@@ -61,25 +62,22 @@ const CONTENT_WIDGETS = {
         MaxContentWidthOptions,
         RibbonOptions
     ],
-    _optionsShortcuts: [ KeyboardShortcutsOptions ],
+    _optionsShortcuts: [KeyboardShortcutsOptions],
     _optionsTextNotes: [
         HeadingStyleOptions,
         TableOfContentsOptions,
         HighlightsListOptions,
         TextAutoReadOnlySizeOptions
     ],
-    _optionsCodeNotes: [
-        VimKeyBindingsOptions,
-        WrapLinesOptions,
-        CodeAutoReadOnlySizeOptions,
-        CodeMimeTypesOptions
-    ],
-    _optionsImages: [ ImageOptions ],
-    _optionsSpellcheck: [ SpellcheckOptions ],
-    _optionsPassword: [ PasswordOptions ],
-    _optionsEtapi: [ EtapiOptions ],
-    _optionsBackup: [ BackupOptions ],
-    _optionsSync: [ SyncOptions ],
+    _optionsCodeNotes: [VimKeyBindingsOptions, WrapLinesOptions, CodeAutoReadOnlySizeOptions, CodeMimeTypesOptions],
+    _optionsImages: [ImageOptions],
+    _optionsMFA: [MultiFactorAuthenticationOptions],
+    _optionsImages: [ImageOptions],
+    _optionsSpellcheck: [SpellcheckOptions],
+    _optionsPassword: [PasswordOptions],
+    _optionsEtapi: [EtapiOptions],
+    _optionsBackup: [BackupOptions],
+    _optionsSync: [SyncOptions],
     _optionsOther: [
         SearchEngineOptions,
         TrayOptions,
@@ -95,7 +93,7 @@ const CONTENT_WIDGETS = {
         AdvancedSyncOptions,
         VacuumDatabaseOptions
     ],
-    _backendLog: [ BackendLogWidget ]
+    _backendLog: [BackendLogWidget]
 };
 
 export default class ContentWidgetTypeWidget extends TypeWidget {
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index 784ac8d9f9..5f8b9052f9 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -29,11 +29,12 @@ function disableTOTP() {
 function setTotpSecret(req: Request) {
     if (!passwordEncryptionService.verifyPassword(req.body.password)) throw new ValidationError('Incorrect password reset confirmation');
 
-    const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
-    if (req.body.secret.length != 52) return;
-    if (regex.test(req.body.secret)) return;
+    const newSecret = req.body.secret.trim()
+    const regex = RegExp(/^[a-zA-Z0-9]{52}$/gm);
+    
+    if (!regex.test(newSecret)) return;
 
-    totp_fs.saveTotpSecret(req.body.secret);
+    totp_fs.saveTotpSecret(newSecret);
 }
 
 function getSecret() {
diff --git a/src/routes/login.ts b/src/routes/login.ts
index 03fd3b5f5f..23ad2d41c1 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -16,7 +16,7 @@ import recoveryCodeService = require('../services/encryption/recovery_codes');
 const speakeasy = require('speakeasy');
 
 function loginPage(req: Request, res: Response) {
-    res.render('login', {
+    res.render("login", {
         failedAuth: false,
         totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
         assetPath: assetPath,
diff --git a/src/services/encryption/recovery_codes.ts b/src/services/encryption/recovery_codes.ts
index c10bc76486..fe1848393c 100644
--- a/src/services/encryption/recovery_codes.ts
+++ b/src/services/encryption/recovery_codes.ts
@@ -25,9 +25,7 @@ function setRecoveryCodes(recoveryCodes: string) {
 }
 function getRecoveryCodes() {
     if (!isRecoveryCodeSet()) {
-        throw new Error(
-            "Recovery codes have not been set yet, so it cannot be changed. Use 'setRecoveryCodes' instead."
-        );
+        return Array(8).fill("Keys not set")
     }
 
     return sql.transactional(() => {
@@ -69,6 +67,10 @@ function verifyRecoveryCode(recoveryCodeGuess: string) {
 }
 
 function getUsedRecoveryCodes() {
+    if (!isRecoveryCodeSet()){
+        return Array(8).fill("Recovery code not set")
+    }
+
     const dateRegex = RegExp(/^\d{4}\/\d{2}\/\d{2}T\d{2}:\d{2}:\d{2}.\d{3}Z$/gm);
     const recoveryCodes = getRecoveryCodes();
     const usedStatus: string[] = [];
diff --git a/src/services/hidden_subtree.ts b/src/services/hidden_subtree.ts
index 5478aed1cf..33b54d4a58 100644
--- a/src/services/hidden_subtree.ts
+++ b/src/services/hidden_subtree.ts
@@ -45,215 +45,303 @@ interface Item {
  */
 
 const HIDDEN_SUBTREE_DEFINITION: Item = {
-    id: '_hidden',
-    title: 'Hidden Notes',
-    type: 'doc',
-    icon: 'bx bx-chip',
+    id: "_hidden",
+    title: "Hidden Notes",
+    type: "doc",
+    icon: "bx bx-chip",
     // we want to keep the hidden subtree always last, otherwise there will be problems with e.g., keyboard navigation
     // over tree when it's in the middle
     notePosition: 999_999_999,
     attributes: [
-        { type: 'label', name: 'excludeFromNoteMap', isInheritable: true },
-        { type: 'label', name: 'docName', value: 'hidden' }
+        { type: "label", name: "excludeFromNoteMap", isInheritable: true },
+        { type: "label", name: "docName", value: "hidden" }
     ],
     children: [
         {
-            id: '_search',
-            title: 'Search History',
-            type: 'doc'
+            id: "_search",
+            title: "Search History",
+            type: "doc"
         },
         {
-            id: '_globalNoteMap',
-            title: 'Note Map',
-            type: 'noteMap',
+            id: "_globalNoteMap",
+            title: "Note Map",
+            type: "noteMap",
             attributes: [
-                { type: 'label', name: 'mapRootNoteId', value: 'hoisted' },
-                { type: 'label', name: 'keepCurrentHoisting' }
+                { type: "label", name: "mapRootNoteId", value: "hoisted" },
+                { type: "label", name: "keepCurrentHoisting" }
             ]
         },
         {
-            id: '_sqlConsole',
-            title: 'SQL Console History',
-            type: 'doc',
-            icon: 'bx-data'
+            id: "_sqlConsole",
+            title: "SQL Console History",
+            type: "doc",
+            icon: "bx-data"
         },
         {
-            id: '_share',
-            title: 'Shared Notes',
-            type: 'doc',
-            attributes: [ { type: 'label', name: 'docName', value: 'share' } ]
+            id: "_share",
+            title: "Shared Notes",
+            type: "doc",
+            attributes: [{ type: "label", name: "docName", value: "share" }]
         },
         {
-            id: '_bulkAction',
-            title: 'Bulk Action',
-            type: 'doc',
+            id: "_bulkAction",
+            title: "Bulk Action",
+            type: "doc"
         },
         {
-            id: '_backendLog',
-            title: 'Backend Log',
-            type: 'contentWidget',
-            icon: 'bx-terminal',
-            attributes: [
-                { type: 'label', name: 'keepCurrentHoisting' }
-            ]
+            id: "_backendLog",
+            title: "Backend Log",
+            type: "contentWidget",
+            icon: "bx-terminal",
+            attributes: [{ type: "label", name: "keepCurrentHoisting" }]
         },
         {
             // place for user scripts hidden stuff (scripts should not create notes directly under hidden root)
-            id: '_userHidden',
-            title: 'User Hidden',
-            type: 'doc',
-            attributes: [ { type: 'label', name: 'docName', value: 'user_hidden' } ]
+            id: "_userHidden",
+            title: "User Hidden",
+            type: "doc",
+            attributes: [{ type: "label", name: "docName", value: "user_hidden" }]
         },
         {
             id: LBTPL_ROOT,
-            title: 'Launch Bar Templates',
-            type: 'doc',
+            title: "Launch Bar Templates",
+            type: "doc",
             children: [
                 {
                     id: LBTPL_BASE,
-                    title: 'Base Abstract Launcher',
-                    type: 'doc'
+                    title: "Base Abstract Launcher",
+                    type: "doc"
                 },
                 {
                     id: LBTPL_COMMAND,
-                    title: 'Command Launcher',
-                    type: 'doc',
+                    title: "Command Launcher",
+                    type: "doc",
                     attributes: [
-                        { type: 'relation', name: 'template', value: LBTPL_BASE },
-                        { type: 'label', name: 'launcherType', value: 'command' },
-                        { type: 'label', name: 'docName', value: 'launchbar_command_launcher' }
+                        { type: "relation", name: "template", value: LBTPL_BASE },
+                        { type: "label", name: "launcherType", value: "command" },
+                        { type: "label", name: "docName", value: "launchbar_command_launcher" }
                     ]
                 },
                 {
                     id: LBTPL_NOTE_LAUNCHER,
-                    title: 'Note Launcher',
-                    type: 'doc',
+                    title: "Note Launcher",
+                    type: "doc",
                     attributes: [
-                        { type: 'relation', name: 'template', value: LBTPL_BASE },
-                        { type: 'label', name: 'launcherType', value: 'note' },
-                        { type: 'label', name: 'relation:target', value: 'promoted' },
-                        { type: 'label', name: 'relation:hoistedNote', value: 'promoted' },
-                        { type: 'label', name: 'label:keyboardShortcut', value: 'promoted,text' },
-                        { type: 'label', name: 'docName', value: 'launchbar_note_launcher' }
+                        { type: "relation", name: "template", value: LBTPL_BASE },
+                        { type: "label", name: "launcherType", value: "note" },
+                        { type: "label", name: "relation:target", value: "promoted" },
+                        { type: "label", name: "relation:hoistedNote", value: "promoted" },
+                        { type: "label", name: "label:keyboardShortcut", value: "promoted,text" },
+                        { type: "label", name: "docName", value: "launchbar_note_launcher" }
                     ]
                 },
                 {
                     id: LBTPL_SCRIPT,
-                    title: 'Script Launcher',
-                    type: 'doc',
+                    title: "Script Launcher",
+                    type: "doc",
                     attributes: [
-                        { type: 'relation', name: 'template', value: LBTPL_BASE },
-                        { type: 'label', name: 'launcherType', value: 'script' },
-                        { type: 'label', name: 'relation:script', value: 'promoted' },
-                        { type: 'label', name: 'label:keyboardShortcut', value: 'promoted,text' },
-                        { type: 'label', name: 'docName', value: 'launchbar_script_launcher' }
+                        { type: "relation", name: "template", value: LBTPL_BASE },
+                        { type: "label", name: "launcherType", value: "script" },
+                        { type: "label", name: "relation:script", value: "promoted" },
+                        { type: "label", name: "label:keyboardShortcut", value: "promoted,text" },
+                        { type: "label", name: "docName", value: "launchbar_script_launcher" }
                     ]
                 },
                 {
                     id: LBTPL_BUILTIN_WIDGET,
-                    title: 'Built-in Widget',
-                    type: 'doc',
+                    title: "Built-in Widget",
+                    type: "doc",
                     attributes: [
-                        { type: 'relation', name: 'template', value: LBTPL_BASE },
-                        { type: 'label', name: 'launcherType', value: 'builtinWidget' }
+                        { type: "relation", name: "template", value: LBTPL_BASE },
+                        { type: "label", name: "launcherType", value: "builtinWidget" }
                     ]
                 },
                 {
                     id: LBTPL_SPACER,
-                    title: 'Spacer',
-                    type: 'doc',
-                    icon: 'bx-move-vertical',
+                    title: "Spacer",
+                    type: "doc",
+                    icon: "bx-move-vertical",
                     attributes: [
-                        { type: 'relation', name: 'template', value: LBTPL_BUILTIN_WIDGET },
-                        { type: 'label', name: 'builtinWidget', value: 'spacer' },
-                        { type: 'label', name: 'label:baseSize', value: 'promoted,number' },
-                        { type: 'label', name: 'label:growthFactor', value: 'promoted,number' },
-                        { type: 'label', name: 'docName', value: 'launchbar_spacer' }
+                        { type: "relation", name: "template", value: LBTPL_BUILTIN_WIDGET },
+                        { type: "label", name: "builtinWidget", value: "spacer" },
+                        { type: "label", name: "label:baseSize", value: "promoted,number" },
+                        { type: "label", name: "label:growthFactor", value: "promoted,number" },
+                        { type: "label", name: "docName", value: "launchbar_spacer" }
                     ]
                 },
                 {
                     id: LBTPL_CUSTOM_WIDGET,
-                    title: 'Custom Widget',
-                    type: 'doc',
+                    title: "Custom Widget",
+                    type: "doc",
                     attributes: [
-                        { type: 'relation', name: 'template', value: LBTPL_BASE },
-                        { type: 'label', name: 'launcherType', value: 'customWidget' },
-                        { type: 'label', name: 'relation:widget', value: 'promoted' },
-                        { type: 'label', name: 'docName', value: 'launchbar_widget_launcher' }
+                        { type: "relation", name: "template", value: LBTPL_BASE },
+                        { type: "label", name: "launcherType", value: "customWidget" },
+                        { type: "label", name: "relation:widget", value: "promoted" },
+                        { type: "label", name: "docName", value: "launchbar_widget_launcher" }
                     ]
-                },
+                }
             ]
         },
         {
-            id: '_lbRoot',
-            title: 'Launch Bar',
-            type: 'doc',
-            icon: 'bx-sidebar',
+            id: "_lbRoot",
+            title: "Launch Bar",
+            type: "doc",
+            icon: "bx-sidebar",
             isExpanded: true,
-            attributes: [ { type: 'label', name: 'docName', value: 'launchbar_intro' } ],
+            attributes: [{ type: "label", name: "docName", value: "launchbar_intro" }],
             children: [
                 {
-                    id: '_lbAvailableLaunchers',
-                    title: 'Available Launchers',
-                    type: 'doc',
-                    icon: 'bx-hide',
+                    id: "_lbAvailableLaunchers",
+                    title: "Available Launchers",
+                    type: "doc",
+                    icon: "bx-hide",
                     isExpanded: true,
-                    attributes: [ { type: 'label', name: 'docName', value: 'launchbar_intro' } ],
+                    attributes: [{ type: "label", name: "docName", value: "launchbar_intro" }],
                     children: [
-                        { id: '_lbBackInHistory', title: 'Go to Previous Note', type: 'launcher', builtinWidget: 'backInHistoryButton', icon: 'bx bxs-left-arrow-square',
-                            attributes: [ { type: 'label', name: 'docName', value: 'launchbar_history_navigation' } ]},
-                        { id: '_lbForwardInHistory', title: 'Go to Next Note', type: 'launcher', builtinWidget: 'forwardInHistoryButton', icon: 'bx bxs-right-arrow-square',
-                            attributes: [ { type: 'label', name: 'docName', value: 'launchbar_history_navigation' } ]},
-                        { id: '_lbBackendLog', title: 'Backend Log', type: 'launcher', targetNoteId: '_backendLog', icon: 'bx bx-terminal' },
+                        {
+                            id: "_lbBackInHistory",
+                            title: "Go to Previous Note",
+                            type: "launcher",
+                            builtinWidget: "backInHistoryButton",
+                            icon: "bx bxs-left-arrow-square",
+                            attributes: [{ type: "label", name: "docName", value: "launchbar_history_navigation" }]
+                        },
+                        {
+                            id: "_lbForwardInHistory",
+                            title: "Go to Next Note",
+                            type: "launcher",
+                            builtinWidget: "forwardInHistoryButton",
+                            icon: "bx bxs-right-arrow-square",
+                            attributes: [{ type: "label", name: "docName", value: "launchbar_history_navigation" }]
+                        },
+                        {
+                            id: "_lbBackendLog",
+                            title: "Backend Log",
+                            type: "launcher",
+                            targetNoteId: "_backendLog",
+                            icon: "bx bx-terminal"
+                        }
                     ]
                 },
                 {
-                    id: '_lbVisibleLaunchers',
-                    title: 'Visible Launchers',
-                    type: 'doc',
-                    icon: 'bx-show',
+                    id: "_lbVisibleLaunchers",
+                    title: "Visible Launchers",
+                    type: "doc",
+                    icon: "bx-show",
                     isExpanded: true,
-                    attributes: [ { type: 'label', name: 'docName', value: 'launchbar_intro' } ],
+                    attributes: [{ type: "label", name: "docName", value: "launchbar_intro" }],
                     children: [
-                        { id: '_lbNewNote', title: 'New Note', type: 'launcher', command: 'createNoteIntoInbox', icon: 'bx bx-file-blank' },
-                        { id: '_lbSearch', title: 'Search Notes', type: 'launcher', command: 'searchNotes', icon: 'bx bx-search', attributes: [
-                                { type: 'label', name: 'desktopOnly' }
-                            ] },
-                        { id: '_lbJumpTo', title: 'Jump to Note', type: 'launcher', command: 'jumpToNote', icon: 'bx bx-send', attributes: [
-                                { type: 'label', name: 'desktopOnly' }
-                            ] },
-                        { id: '_lbNoteMap', title: 'Note Map', type: 'launcher', targetNoteId: '_globalNoteMap', icon: 'bx bx-map-alt' },
-                        { id: '_lbCalendar', title: 'Calendar', type: 'launcher', builtinWidget: 'calendar', icon: 'bx bx-calendar' },
-                        { id: '_lbRecentChanges', title: 'Recent Changes', type: 'launcher', command: 'showRecentChanges', icon: 'bx bx-history', attributes: [
-                                { type: 'label', name: 'desktopOnly' }
-                            ] },
-                        { id: '_lbSpacer1', title: 'Spacer', type: 'launcher', builtinWidget: 'spacer', baseSize: "50", growthFactor: "0" },
-                        { id: '_lbBookmarks', title: 'Bookmarks', type: 'launcher', builtinWidget: 'bookmarks', icon: 'bx bx-bookmark' },
-                        { id: '_lbToday', title: "Open Today's Journal Note", type: 'launcher', builtinWidget: 'todayInJournal', icon: 'bx bx-calendar-star' },
-                        { id: '_lbSpacer2', title: 'Spacer', type: 'launcher', builtinWidget: 'spacer', baseSize: "0", growthFactor: "1" },
-                        { id: '_lbProtectedSession', title: 'Protected Session', type: 'launcher', builtinWidget: 'protectedSession', icon: 'bx bx bx-shield-quarter' },
-                        { id: '_lbSyncStatus', title: 'Sync Status', type: 'launcher', builtinWidget: 'syncStatus', icon: 'bx bx-wifi' }
+                        {
+                            id: "_lbNewNote",
+                            title: "New Note",
+                            type: "launcher",
+                            command: "createNoteIntoInbox",
+                            icon: "bx bx-file-blank"
+                        },
+                        {
+                            id: "_lbSearch",
+                            title: "Search Notes",
+                            type: "launcher",
+                            command: "searchNotes",
+                            icon: "bx bx-search",
+                            attributes: [{ type: "label", name: "desktopOnly" }]
+                        },
+                        {
+                            id: "_lbJumpTo",
+                            title: "Jump to Note",
+                            type: "launcher",
+                            command: "jumpToNote",
+                            icon: "bx bx-send",
+                            attributes: [{ type: "label", name: "desktopOnly" }]
+                        },
+                        {
+                            id: "_lbNoteMap",
+                            title: "Note Map",
+                            type: "launcher",
+                            targetNoteId: "_globalNoteMap",
+                            icon: "bx bx-map-alt"
+                        },
+                        {
+                            id: "_lbCalendar",
+                            title: "Calendar",
+                            type: "launcher",
+                            builtinWidget: "calendar",
+                            icon: "bx bx-calendar"
+                        },
+                        {
+                            id: "_lbRecentChanges",
+                            title: "Recent Changes",
+                            type: "launcher",
+                            command: "showRecentChanges",
+                            icon: "bx bx-history",
+                            attributes: [{ type: "label", name: "desktopOnly" }]
+                        },
+                        {
+                            id: "_lbSpacer1",
+                            title: "Spacer",
+                            type: "launcher",
+                            builtinWidget: "spacer",
+                            baseSize: "50",
+                            growthFactor: "0"
+                        },
+                        {
+                            id: "_lbBookmarks",
+                            title: "Bookmarks",
+                            type: "launcher",
+                            builtinWidget: "bookmarks",
+                            icon: "bx bx-bookmark"
+                        },
+                        {
+                            id: "_lbToday",
+                            title: "Open Today's Journal Note",
+                            type: "launcher",
+                            builtinWidget: "todayInJournal",
+                            icon: "bx bx-calendar-star"
+                        },
+                        {
+                            id: "_lbSpacer2",
+                            title: "Spacer",
+                            type: "launcher",
+                            builtinWidget: "spacer",
+                            baseSize: "0",
+                            growthFactor: "1"
+                        },
+                        {
+                            id: "_lbProtectedSession",
+                            title: "Protected Session",
+                            type: "launcher",
+                            builtinWidget: "protectedSession",
+                            icon: "bx bx bx-shield-quarter"
+                        },
+                        {
+                            id: "_lbSyncStatus",
+                            title: "Sync Status",
+                            type: "launcher",
+                            builtinWidget: "syncStatus",
+                            icon: "bx bx-wifi"
+                        }
                     ]
                 }
             ]
         },
         {
-            id: '_options',
-            title: 'Options',
-            type: 'book',
+            id: "_options",
+            title: "Options",
+            type: "book",
             children: [
-                { id: '_optionsAppearance', title: 'Appearance', type: 'contentWidget', icon: 'bx-layout' },
-                { id: '_optionsShortcuts', title: 'Shortcuts', type: 'contentWidget', icon: 'bxs-keyboard' },
-                { id: '_optionsTextNotes', title: 'Text Notes', type: 'contentWidget', icon: 'bx-text' },
-                { id: '_optionsCodeNotes', title: 'Code Notes', type: 'contentWidget', icon: 'bx-code' },
-                { id: '_optionsImages', title: 'Images', type: 'contentWidget', icon: 'bx-image' },
-                { id: '_optionsSpellcheck', title: 'Spellcheck', type: 'contentWidget', icon: 'bx-check-double' },
-                { id: '_optionsPassword', title: 'Password', type: 'contentWidget', icon: 'bx-lock' },
-                { id: '_optionsEtapi', title: 'ETAPI', type: 'contentWidget', icon: 'bx-extension' },
-                { id: '_optionsBackup', title: 'Backup', type: 'contentWidget', icon: 'bx-data' },
-                { id: '_optionsSync', title: 'Sync', type: 'contentWidget', icon: 'bx-wifi' },
-                { id: '_optionsOther', title: 'Other', type: 'contentWidget', icon: 'bx-dots-horizontal' },
-                { id: '_optionsAdvanced', title: 'Advanced', type: 'contentWidget' }
+                { id: "_optionsAppearance", title: "Appearance", type: "contentWidget", icon: "bx-layout" },
+                { id: "_optionsShortcuts", title: "Shortcuts", type: "contentWidget", icon: "bxs-keyboard" },
+                { id: "_optionsTextNotes", title: "Text Notes", type: "contentWidget", icon: "bx-text" },
+                { id: "_optionsMFA", title: "MFA", type: "contentWidget", icon: "bx-lock" },
+                { id: "_optionsCodeNotes", title: "Code Notes", type: "contentWidget", icon: "bx-code" },
+                { id: "_optionsImages", title: "Images", type: "contentWidget", icon: "bx-image" },
+                { id: "_optionsSpellcheck", title: "Spellcheck", type: "contentWidget", icon: "bx-check-double" },
+                { id: "_optionsPassword", title: "Password", type: "contentWidget", icon: "bx-lock" },
+                { id: "_optionsEtapi", title: "ETAPI", type: "contentWidget", icon: "bx-extension" },
+                { id: "_optionsBackup", title: "Backup", type: "contentWidget", icon: "bx-data" },
+                { id: "_optionsSync", title: "Sync", type: "contentWidget", icon: "bx-wifi" },
+                { id: "_optionsOther", title: "Other", type: "contentWidget", icon: "bx-dots-horizontal" },
+                { id: "_optionsAdvanced", title: "Advanced", type: "contentWidget" }
             ]
         }
     ]
diff --git a/src/services/options.ts b/src/services/options.ts
index b658e4ff71..e1346c9278 100644
--- a/src/services/options.ts
+++ b/src/services/options.ts
@@ -21,7 +21,6 @@ function getOption(name: string) {
     if (val === null) {
         throw new Error(`Option '${name}' doesn't exist`);
     }
-
     return val;
 }
 
diff --git a/src/services/options_init.ts b/src/services/options_init.ts
index b9a88de4fd..649b1bcb47 100644
--- a/src/services/options_init.ts
+++ b/src/services/options_init.ts
@@ -50,54 +50,59 @@ function initNotSyncedOptions(initialized: boolean, opts: NotSyncedOpts = {}) {
 }
 
 const defaultOptions = [
-    { name: 'revisionSnapshotTimeInterval', value: '600', isSynced: true },
-    { name: 'protectedSessionTimeout', value: '600', isSynced: true },
-    { name: 'zoomFactor', value: process.platform === "win32" ? '0.9' : '1.0', isSynced: false },
-    { name: 'overrideThemeFonts', value: 'false', isSynced: false },
-    { name: 'mainFontFamily', value: 'theme', isSynced: false },
-    { name: 'mainFontSize', value: '100', isSynced: false },
-    { name: 'treeFontFamily', value: 'theme', isSynced: false },
-    { name: 'treeFontSize', value: '100', isSynced: false },
-    { name: 'detailFontFamily', value: 'theme', isSynced: false },
-    { name: 'detailFontSize', value: '110', isSynced: false },
-    { name: 'monospaceFontFamily', value: 'theme', isSynced: false },
-    { name: 'monospaceFontSize', value: '110', isSynced: false },
-    { name: 'spellCheckEnabled', value: 'true', isSynced: false },
-    { name: 'spellCheckLanguageCode', value: 'en-US', isSynced: false },
-    { name: 'imageMaxWidthHeight', value: '2000', isSynced: true },
-    { name: 'imageJpegQuality', value: '75', isSynced: true },
-    { name: 'autoFixConsistencyIssues', value: 'true', isSynced: false },
-    { name: 'vimKeymapEnabled', value: 'false', isSynced: false },
-    { name: 'codeLineWrapEnabled', value: 'true', isSynced: false },
-    { name: 'codeNotesMimeTypes', value: '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]', isSynced: true },
-    { name: 'leftPaneWidth', value: '25', isSynced: false },
-    { name: 'leftPaneVisible', value: 'true', isSynced: false },
-    { name: 'rightPaneWidth', value: '25', isSynced: false },
-    { name: 'rightPaneVisible', value: 'true', isSynced: false },
-    { name: 'nativeTitleBarVisible', value: 'false', isSynced: false },
-    { name: 'eraseEntitiesAfterTimeInSeconds', value: '604800', isSynced: true }, // default is 7 days
-    { name: 'hideArchivedNotes_main', value: 'false', isSynced: false },
-    { name: 'debugModeEnabled', value: 'false', isSynced: false },
-    { name: 'headingStyle', value: 'underline', isSynced: true },
-    { name: 'autoCollapseNoteTree', value: 'true', isSynced: true },
-    { name: 'autoReadonlySizeText', value: '10000', isSynced: false },
-    { name: 'autoReadonlySizeCode', value: '30000', isSynced: false },
-    { name: 'dailyBackupEnabled', value: 'true', isSynced: false },
-    { name: 'weeklyBackupEnabled', value: 'true', isSynced: false },
-    { name: 'monthlyBackupEnabled', value: 'true', isSynced: false },
-    { name: 'maxContentWidth', value: '1200', isSynced: false },
-    { name: 'compressImages', value: 'true', isSynced: true },
-    { name: 'downloadImagesAutomatically', value: 'true', isSynced: true },
-    { name: 'minTocHeadings', value: '5', isSynced: true },
-    { name: 'highlightsList', value: '["bold","italic","underline","color","bgColor"]', isSynced: true },
-    { name: 'checkForUpdates', value: 'true', isSynced: true },
-    { name: 'disableTray', value: 'false', isSynced: false },
-    { name: 'eraseUnusedAttachmentsAfterSeconds', value: '2592000', isSynced: true },
-    { name: 'customSearchEngineName', value: 'DuckDuckGo', isSynced: true },
-    { name: 'customSearchEngineUrl', value: 'https://duckduckgo.com/?q={keyword}', isSynced: true },
-    { name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true },
-    { name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true },
-    { name: 'totpEnabled', value: 'false', isSynced: true}
+    { name: "revisionSnapshotTimeInterval", value: "600", isSynced: true },
+    { name: "protectedSessionTimeout", value: "600", isSynced: true },
+    { name: "zoomFactor", value: process.platform === "win32" ? "0.9" : "1.0", isSynced: false },
+    { name: "overrideThemeFonts", value: "false", isSynced: false },
+    { name: "mainFontFamily", value: "theme", isSynced: false },
+    { name: "mainFontSize", value: "100", isSynced: false },
+    { name: "treeFontFamily", value: "theme", isSynced: false },
+    { name: "treeFontSize", value: "100", isSynced: false },
+    { name: "detailFontFamily", value: "theme", isSynced: false },
+    { name: "detailFontSize", value: "110", isSynced: false },
+    { name: "monospaceFontFamily", value: "theme", isSynced: false },
+    { name: "monospaceFontSize", value: "110", isSynced: false },
+    { name: "spellCheckEnabled", value: "true", isSynced: false },
+    { name: "spellCheckLanguageCode", value: "en-US", isSynced: false },
+    { name: "imageMaxWidthHeight", value: "2000", isSynced: true },
+    { name: "imageJpegQuality", value: "75", isSynced: true },
+    { name: "autoFixConsistencyIssues", value: "true", isSynced: false },
+    { name: "vimKeymapEnabled", value: "false", isSynced: false },
+    { name: "codeLineWrapEnabled", value: "true", isSynced: false },
+    {
+        name: "codeNotesMimeTypes",
+        value: '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]',
+        isSynced: true
+    },
+    { name: "leftPaneWidth", value: "25", isSynced: false },
+    { name: "leftPaneVisible", value: "true", isSynced: false },
+    { name: "rightPaneWidth", value: "25", isSynced: false },
+    { name: "rightPaneVisible", value: "true", isSynced: false },
+    { name: "nativeTitleBarVisible", value: "false", isSynced: false },
+    { name: "eraseEntitiesAfterTimeInSeconds", value: "604800", isSynced: true }, // default is 7 days
+    { name: "hideArchivedNotes_main", value: "false", isSynced: false },
+    { name: "debugModeEnabled", value: "false", isSynced: false },
+    { name: "headingStyle", value: "underline", isSynced: true },
+    { name: "autoCollapseNoteTree", value: "true", isSynced: true },
+    { name: "autoReadonlySizeText", value: "10000", isSynced: false },
+    { name: "autoReadonlySizeCode", value: "30000", isSynced: false },
+    { name: "dailyBackupEnabled", value: "true", isSynced: false },
+    { name: "weeklyBackupEnabled", value: "true", isSynced: false },
+    { name: "monthlyBackupEnabled", value: "true", isSynced: false },
+    { name: "maxContentWidth", value: "1200", isSynced: false },
+    { name: "compressImages", value: "true", isSynced: true },
+    { name: "downloadImagesAutomatically", value: "true", isSynced: true },
+    { name: "minTocHeadings", value: "5", isSynced: true },
+    { name: "highlightsList", value: '["bold","italic","underline","color","bgColor"]', isSynced: true },
+    { name: "checkForUpdates", value: "true", isSynced: true },
+    { name: "disableTray", value: "false", isSynced: false },
+    { name: "eraseUnusedAttachmentsAfterSeconds", value: "2592000", isSynced: true },
+    { name: "customSearchEngineName", value: "DuckDuckGo", isSynced: true },
+    { name: "customSearchEngineUrl", value: "https://duckduckgo.com/?q={keyword}", isSynced: true },
+    { name: "promotedAttributesOpenInRibbon", value: "true", isSynced: true },
+    { name: "editedNotesOpenInRibbon", value: "true", isSynced: true },
+    { name: "totpEnabled", value: "false", isSynced: true },
+    { name: "encryptedRecoveryCodes", value: "false", isSynced: true }
 ];
 
 function initStartupOptions() {
diff --git a/src/services/totp_secret.ts b/src/services/totp_secret.ts
index be3ce814af..0f6c9b62a7 100644
--- a/src/services/totp_secret.ts
+++ b/src/services/totp_secret.ts
@@ -18,6 +18,7 @@ function getTotpSecret() {
 }
 
 function checkForTotSecret() {
+    console.log("Check" + fs.existsSync(totpSecretPath));
     return fs.existsSync(totpSecretPath);
 }
 
diff --git a/src/views/login.ejs b/src/views/login.ejs
index adcdfbcf6e..b359e876ef 100644
--- a/src/views/login.ejs
+++ b/src/views/login.ejs
@@ -122,4 +122,4 @@
       rel="stylesheet"
     />
   </body>
-</html>
+</html>
\ No newline at end of file

From 369034c765e1d8169c2a23b021021b0ecfc652ac Mon Sep 17 00:00:00 2001
From: Chesspro13 <brandon@mauldin314.com>
Date: Wed, 15 May 2024 15:30:55 -0700
Subject: [PATCH 26/63] testing

---
 .vscode/settings.json                         |  15 +-
 package-lock.json                             | 444 +++++++++++++++-
 package.json                                  |   3 +
 src/app.ts                                    |  47 +-
 .../widgets/type_widgets/content_widget.js    |  90 ++--
 .../app/widgets/type_widgets/options/oidc.js  |  43 ++
 src/routes/callback.ts                        |  14 +
 src/routes/routes.ts                          | 287 ++++++++---
 src/services/hidden_subtree.ts                | 484 +++++++++---------
 src/services/login/open_id_connect.ts         |  61 +++
 src/views/authenticate_oidc.ejs               | 128 +++++
 src/views/login.ejs                           |   3 +
 12 files changed, 1251 insertions(+), 368 deletions(-)
 create mode 100644 src/public/app/widgets/type_widgets/options/oidc.js
 create mode 100644 src/routes/callback.ts
 create mode 100644 src/services/login/open_id_connect.ts
 create mode 100644 src/views/authenticate_oidc.ejs

diff --git a/.vscode/settings.json b/.vscode/settings.json
index 9c9430d514..83c34b4694 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,5 +1,14 @@
 {
-  "editor.formatOnSave": true,
-  "files.eol": "\n",
-  "typescript.tsdk": "node_modules/typescript/lib"
+    "editor.formatOnSave": true,
+    "editor.defaultFormatter": "esbenp.prettier-vscode",
+    "prettier.tabWidth": 4,
+    "prettier.bracketSpacing": false,
+    "prettier.printWidth": 120,
+    "prettier.singleQuote": true,
+    "prettier.trailingComma": "es5",
+    "prettier.semi": true,
+    "prettier.singleAttributePerLine": false,
+    "prettier.insertPragma": true,
+    "files.eol": "\n",
+    "typescript.tsdk": "node_modules/typescript/lib"
 }
diff --git a/package-lock.json b/package-lock.json
index 83e37b5842..ca5a5c9a19 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -32,6 +32,7 @@
         "electron-window-state": "5.0.3",
         "escape-html": "1.0.3",
         "express": "4.18.3",
+        "express-openid-connect": "^2.17.1",
         "express-partial-content": "1.0.2",
         "express-rate-limit": "7.2.0",
         "express-session": "1.18.0",
@@ -59,7 +60,9 @@
         "node-abi": "3.56.0",
         "normalize-strings": "1.1.1",
         "open": "8.4.1",
+        "openid-client": "^5.6.5",
         "panzoom": "9.4.3",
+        "passport": "^0.7.0",
         "print-this": "2.0.0",
         "rand-token": "1.0.1",
         "react": "18.2.0",
@@ -473,6 +476,19 @@
       "integrity": "sha512-k2Ty1JcVojjJFwrg/ThKi2ujJ7XNLYaFGNB/bWT9wGR+oSMJHMa5w+CUq6p/pVrKeNNgA7pCqEcjSnHVoqJQFw==",
       "dev": true
     },
+    "node_modules/@hapi/hoek": {
+      "version": "9.3.0",
+      "resolved": "https://registry.npmjs.org/@hapi/hoek/-/hoek-9.3.0.tgz",
+      "integrity": "sha512-/c6rf4UJlmHlC9b5BaNvzAcFv7HZ2QHaV0D4/HNlBdvFnvQq8RI4kYdhyPCl7Xj+oWvTWQ8ujhqS53LIgAe6KQ=="
+    },
+    "node_modules/@hapi/topo": {
+      "version": "5.1.0",
+      "resolved": "https://registry.npmjs.org/@hapi/topo/-/topo-5.1.0.tgz",
+      "integrity": "sha512-foQZKJig7Ob0BMAYBfcJk8d77QtOe7Wo4ox7ff1lQYoNNAb6jwcY1ncdoy2e9wQZzvNy7ODZCYJkK8kzmcAnAg==",
+      "dependencies": {
+        "@hapi/hoek": "^9.0.0"
+      }
+    },
     "node_modules/@isaacs/cliui": {
       "version": "8.0.2",
       "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz",
@@ -1112,6 +1128,14 @@
         "url": "https://github.com/sponsors/isaacs"
       }
     },
+    "node_modules/@panva/asn1.js": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/@panva/asn1.js/-/asn1.js-1.0.0.tgz",
+      "integrity": "sha512-UdkG3mLEqXgnlKsWanWcgb6dOjUzJ+XC5f+aWw30qrtjxeNUSfKX1cd5FBzOaXQumoe9nIqeZUvrRJS03HCCtw==",
+      "engines": {
+        "node": ">=10.13.0"
+      }
+    },
     "node_modules/@pkgjs/parseargs": {
       "version": "0.11.0",
       "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz",
@@ -1121,6 +1145,24 @@
         "node": ">=14"
       }
     },
+    "node_modules/@sideway/address": {
+      "version": "4.1.5",
+      "resolved": "https://registry.npmjs.org/@sideway/address/-/address-4.1.5.tgz",
+      "integrity": "sha512-IqO/DUQHUkPeixNQ8n0JA6102hT9CmaljNTPmQ1u8MEhBo/R4Q8eKLN/vGZxuebwOroDB4cbpjheD4+/sKFK4Q==",
+      "dependencies": {
+        "@hapi/hoek": "^9.0.0"
+      }
+    },
+    "node_modules/@sideway/formula": {
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/@sideway/formula/-/formula-3.0.1.tgz",
+      "integrity": "sha512-/poHZJJVjx3L+zVD6g9KgHfYnb443oi7wLu/XKojDviHy6HOEOA6z1Trk5aR1dGcmPenJEgb2sK2I80LeS3MIg=="
+    },
+    "node_modules/@sideway/pinpoint": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/@sideway/pinpoint/-/pinpoint-2.0.0.tgz",
+      "integrity": "sha512-RNiOoTPkptFtSVzQevY/yWtZwf/RxyVnPy/OcA9HBM3MlGDnBEYL5B41H0MTn0Uec8Hi+2qUtTfG2WWZBmMejQ=="
+    },
     "node_modules/@sindresorhus/is": {
       "version": "4.6.0",
       "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-4.6.0.tgz",
@@ -2078,7 +2120,6 @@
       "version": "3.1.0",
       "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz",
       "integrity": "sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==",
-      "dev": true,
       "dependencies": {
         "clean-stack": "^2.0.0",
         "indent-string": "^4.0.0"
@@ -2733,6 +2774,14 @@
         }
       ]
     },
+    "node_modules/base64url": {
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/base64url/-/base64url-3.0.1.tgz",
+      "integrity": "sha512-ir1UPr3dkwexU7FdV8qBBbNDRUhMmIekYMFZfi+C/sLNnRESKPl23nB9b2pltqfOQNnGzsDdId90AEtG5tCx4A==",
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
     "node_modules/bcrypt-pbkdf": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz",
@@ -3521,7 +3570,6 @@
       "version": "2.2.0",
       "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz",
       "integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==",
-      "dev": true,
       "engines": {
         "node": ">=6"
       }
@@ -6226,6 +6274,108 @@
         "node": ">= 0.10.0"
       }
     },
+    "node_modules/express-openid-connect": {
+      "version": "2.17.1",
+      "resolved": "https://registry.npmjs.org/express-openid-connect/-/express-openid-connect-2.17.1.tgz",
+      "integrity": "sha512-5pVK6PNV09x6UN29R9Mer0XF3hwQq2HxiFsjZvLuIQ9ezeTUGbqrefzBOpzciz1S/1WWVaVPDIcj4EBpD8WB3Q==",
+      "dependencies": {
+        "base64url": "^3.0.1",
+        "clone": "^2.1.2",
+        "cookie": "^0.5.0",
+        "debug": "^4.3.4",
+        "futoin-hkdf": "^1.5.1",
+        "http-errors": "^1.8.1",
+        "joi": "^17.7.0",
+        "jose": "^2.0.6",
+        "on-headers": "^1.0.2",
+        "openid-client": "^4.9.1",
+        "url-join": "^4.0.1"
+      },
+      "engines": {
+        "node": "^10.19.0 || >=12.0.0 < 13 || >=13.7.0 < 14 || >= 14.2.0"
+      },
+      "peerDependencies": {
+        "express": ">= 4.17.0"
+      }
+    },
+    "node_modules/express-openid-connect/node_modules/clone": {
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/clone/-/clone-2.1.2.tgz",
+      "integrity": "sha512-3Pe/CF1Nn94hyhIYpjtiLhdCoEoz0DqQ+988E9gmeEdQZlojxnOb74wctFyuwWQHzqyf9X7C7MG8juUpqBJT8w==",
+      "engines": {
+        "node": ">=0.8"
+      }
+    },
+    "node_modules/express-openid-connect/node_modules/cookie": {
+      "version": "0.5.0",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.5.0.tgz",
+      "integrity": "sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/express-openid-connect/node_modules/http-errors": {
+      "version": "1.8.1",
+      "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.8.1.tgz",
+      "integrity": "sha512-Kpk9Sm7NmI+RHhnj6OIWDI1d6fIoFAtFt9RLaTMRlg/8w49juAStsrBgp0Dp4OdxdVbRIeKhtCUvoi/RuAhO4g==",
+      "dependencies": {
+        "depd": "~1.1.2",
+        "inherits": "2.0.4",
+        "setprototypeof": "1.2.0",
+        "statuses": ">= 1.5.0 < 2",
+        "toidentifier": "1.0.1"
+      },
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/express-openid-connect/node_modules/jose": {
+      "version": "2.0.7",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-2.0.7.tgz",
+      "integrity": "sha512-5hFWIigKqC+e/lRyQhfnirrAqUdIPMB7SJRqflJaO29dW7q5DFvH1XCSTmv6PQ6pb++0k6MJlLRoS0Wv4s38Wg==",
+      "dependencies": {
+        "@panva/asn1.js": "^1.0.0"
+      },
+      "engines": {
+        "node": ">=10.13.0 < 13 || >=13.7.0"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
+    "node_modules/express-openid-connect/node_modules/openid-client": {
+      "version": "4.9.1",
+      "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-4.9.1.tgz",
+      "integrity": "sha512-DYUF07AHjI3QDKqKbn2F7RqozT4hyi4JvmpodLrq0HHoNP7t/AjeG/uqiBK1/N2PZSAQEThVjDLHSmJN4iqu/w==",
+      "dependencies": {
+        "aggregate-error": "^3.1.0",
+        "got": "^11.8.0",
+        "jose": "^2.0.5",
+        "lru-cache": "^6.0.0",
+        "make-error": "^1.3.6",
+        "object-hash": "^2.0.1",
+        "oidc-token-hash": "^5.0.1"
+      },
+      "engines": {
+        "node": "^10.19.0 || >=12.0.0 < 13 || >=13.7.0 < 14 || >= 14.2.0"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
+    "node_modules/express-openid-connect/node_modules/setprototypeof": {
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz",
+      "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw=="
+    },
+    "node_modules/express-openid-connect/node_modules/toidentifier": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz",
+      "integrity": "sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA==",
+      "engines": {
+        "node": ">=0.6"
+      }
+    },
     "node_modules/express-partial-content": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/express-partial-content/-/express-partial-content-1.0.2.tgz",
@@ -6883,6 +7033,14 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/futoin-hkdf": {
+      "version": "1.5.3",
+      "resolved": "https://registry.npmjs.org/futoin-hkdf/-/futoin-hkdf-1.5.3.tgz",
+      "integrity": "sha512-SewY5KdMpaoCeh7jachEWFsh1nNlaDjNHZXWqL5IGwtpEYHTgkr2+AMCgNwKWkcc0wpSYrZfR7he4WdmHFtDxQ==",
+      "engines": {
+        "node": ">=8"
+      }
+    },
     "node_modules/galactus": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/galactus/-/galactus-1.0.0.tgz",
@@ -7569,7 +7727,6 @@
       "version": "4.0.0",
       "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz",
       "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==",
-      "dev": true,
       "engines": {
         "node": ">=8"
       }
@@ -8029,11 +8186,31 @@
         "regenerator-runtime": "^0.13.3"
       }
     },
+    "node_modules/joi": {
+      "version": "17.13.1",
+      "resolved": "https://registry.npmjs.org/joi/-/joi-17.13.1.tgz",
+      "integrity": "sha512-vaBlIKCyo4FCUtCm7Eu4QZd/q02bWcxfUO6YSXAZOWF6gzcLBeba8kwotUdYJjDLW8Cz8RywsSOqiNJZW0mNvg==",
+      "dependencies": {
+        "@hapi/hoek": "^9.3.0",
+        "@hapi/topo": "^5.1.0",
+        "@sideway/address": "^4.1.5",
+        "@sideway/formula": "^3.0.1",
+        "@sideway/pinpoint": "^2.0.0"
+      }
+    },
     "node_modules/joplin-turndown-plugin-gfm": {
       "version": "1.0.12",
       "resolved": "https://registry.npmjs.org/joplin-turndown-plugin-gfm/-/joplin-turndown-plugin-gfm-1.0.12.tgz",
       "integrity": "sha512-qL4+1iycQjZ1fs8zk3jSRk7cg3ROBUHk7GKtiLAQLFzLPKErnILUvz5DLszSQvz3s1sTjPbywLDISVUtBY6HaA=="
     },
+    "node_modules/jose": {
+      "version": "4.15.5",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz",
+      "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==",
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
     "node_modules/jpeg-js": {
       "version": "0.4.4",
       "resolved": "https://registry.npmjs.org/jpeg-js/-/jpeg-js-0.4.4.tgz",
@@ -8648,8 +8825,7 @@
     "node_modules/make-error": {
       "version": "1.3.6",
       "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz",
-      "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==",
-      "dev": true
+      "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw=="
     },
     "node_modules/make-fetch-happen": {
       "version": "10.2.0",
@@ -9898,6 +10074,14 @@
         "node": ">=0.10.0"
       }
     },
+    "node_modules/object-hash": {
+      "version": "2.2.0",
+      "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz",
+      "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==",
+      "engines": {
+        "node": ">= 6"
+      }
+    },
     "node_modules/object-inspect": {
       "version": "1.13.1",
       "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz",
@@ -9915,6 +10099,14 @@
         "node": ">= 0.4"
       }
     },
+    "node_modules/oidc-token-hash": {
+      "version": "5.0.3",
+      "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.3.tgz",
+      "integrity": "sha512-IF4PcGgzAr6XXSff26Sk/+P4KZFJVuHAJZj3wgO3vX2bMdNVp/QXTP3P7CEm9V1IdG8lDLY3HhiqpsE/nOwpPw==",
+      "engines": {
+        "node": "^10.13.0 || >=12.0.0"
+      }
+    },
     "node_modules/omggif": {
       "version": "1.0.10",
       "resolved": "https://registry.npmjs.org/omggif/-/omggif-1.0.10.tgz",
@@ -9986,6 +10178,20 @@
         "opencollective-postinstall": "index.js"
       }
     },
+    "node_modules/openid-client": {
+      "version": "5.6.5",
+      "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.6.5.tgz",
+      "integrity": "sha512-5P4qO9nGJzB5PI0LFlhj4Dzg3m4odt0qsJTfyEtZyOlkgpILwEioOhVVJOrS1iVH494S4Ee5OCjjg6Bf5WOj3w==",
+      "dependencies": {
+        "jose": "^4.15.5",
+        "lru-cache": "^6.0.0",
+        "object-hash": "^2.2.0",
+        "oidc-token-hash": "^5.0.3"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
     "node_modules/ora": {
       "version": "5.4.1",
       "resolved": "https://registry.npmjs.org/ora/-/ora-5.4.1.tgz",
@@ -10212,6 +10418,31 @@
         "node": ">= 0.8"
       }
     },
+    "node_modules/passport": {
+      "version": "0.7.0",
+      "resolved": "https://registry.npmjs.org/passport/-/passport-0.7.0.tgz",
+      "integrity": "sha512-cPLl+qZpSc+ireUvt+IzqbED1cHHkDoVYMo30jbJIdOOjQ1MQYZBPiNvmi8UM6lJuOpTPXJGZQk0DtC4y61MYQ==",
+      "dependencies": {
+        "passport-strategy": "1.x.x",
+        "pause": "0.0.1",
+        "utils-merge": "^1.0.1"
+      },
+      "engines": {
+        "node": ">= 0.4.0"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/jaredhanson"
+      }
+    },
+    "node_modules/passport-strategy": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz",
+      "integrity": "sha512-CB97UUvDKJde2V0KDWWB3lyf6PC3FaZP7YxZ2G8OAtn9p4HI9j9JLP9qjOGZFvyl8uwNT8qM+hGnz/n16NI7oA==",
+      "engines": {
+        "node": ">= 0.4.0"
+      }
+    },
     "node_modules/path-exists": {
       "version": "3.0.0",
       "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-3.0.0.tgz",
@@ -10292,6 +10523,11 @@
         "node": ">=4"
       }
     },
+    "node_modules/pause": {
+      "version": "0.0.1",
+      "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz",
+      "integrity": "sha512-KG8UEiEVkR3wGEb4m5yZkVCzigAD+cVEJck2CzYZO37ZGJfctvVptVO192MwrtPhzONn6go8ylnOdMhKqi4nfg=="
+    },
     "node_modules/peek-readable": {
       "version": "4.1.0",
       "resolved": "https://registry.npmjs.org/peek-readable/-/peek-readable-4.1.0.tgz",
@@ -12735,6 +12971,11 @@
         "punycode": "^2.1.0"
       }
     },
+    "node_modules/url-join": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/url-join/-/url-join-4.0.1.tgz",
+      "integrity": "sha512-jk1+QP6ZJqyOiuEI9AEWQfju/nB2Pw466kbA0LEZljHwKeMgd9WrAEgEGxjPDD2+TNbbb37rTyhEfrCXfuKXnA=="
+    },
     "node_modules/url-parse": {
       "version": "1.5.10",
       "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.5.10.tgz",
@@ -13716,6 +13957,19 @@
       "integrity": "sha512-k2Ty1JcVojjJFwrg/ThKi2ujJ7XNLYaFGNB/bWT9wGR+oSMJHMa5w+CUq6p/pVrKeNNgA7pCqEcjSnHVoqJQFw==",
       "dev": true
     },
+    "@hapi/hoek": {
+      "version": "9.3.0",
+      "resolved": "https://registry.npmjs.org/@hapi/hoek/-/hoek-9.3.0.tgz",
+      "integrity": "sha512-/c6rf4UJlmHlC9b5BaNvzAcFv7HZ2QHaV0D4/HNlBdvFnvQq8RI4kYdhyPCl7Xj+oWvTWQ8ujhqS53LIgAe6KQ=="
+    },
+    "@hapi/topo": {
+      "version": "5.1.0",
+      "resolved": "https://registry.npmjs.org/@hapi/topo/-/topo-5.1.0.tgz",
+      "integrity": "sha512-foQZKJig7Ob0BMAYBfcJk8d77QtOe7Wo4ox7ff1lQYoNNAb6jwcY1ncdoy2e9wQZzvNy7ODZCYJkK8kzmcAnAg==",
+      "requires": {
+        "@hapi/hoek": "^9.0.0"
+      }
+    },
     "@isaacs/cliui": {
       "version": "8.0.2",
       "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz",
@@ -14193,12 +14447,35 @@
         }
       }
     },
+    "@panva/asn1.js": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/@panva/asn1.js/-/asn1.js-1.0.0.tgz",
+      "integrity": "sha512-UdkG3mLEqXgnlKsWanWcgb6dOjUzJ+XC5f+aWw30qrtjxeNUSfKX1cd5FBzOaXQumoe9nIqeZUvrRJS03HCCtw=="
+    },
     "@pkgjs/parseargs": {
       "version": "0.11.0",
       "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz",
       "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==",
       "optional": true
     },
+    "@sideway/address": {
+      "version": "4.1.5",
+      "resolved": "https://registry.npmjs.org/@sideway/address/-/address-4.1.5.tgz",
+      "integrity": "sha512-IqO/DUQHUkPeixNQ8n0JA6102hT9CmaljNTPmQ1u8MEhBo/R4Q8eKLN/vGZxuebwOroDB4cbpjheD4+/sKFK4Q==",
+      "requires": {
+        "@hapi/hoek": "^9.0.0"
+      }
+    },
+    "@sideway/formula": {
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/@sideway/formula/-/formula-3.0.1.tgz",
+      "integrity": "sha512-/poHZJJVjx3L+zVD6g9KgHfYnb443oi7wLu/XKojDviHy6HOEOA6z1Trk5aR1dGcmPenJEgb2sK2I80LeS3MIg=="
+    },
+    "@sideway/pinpoint": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/@sideway/pinpoint/-/pinpoint-2.0.0.tgz",
+      "integrity": "sha512-RNiOoTPkptFtSVzQevY/yWtZwf/RxyVnPy/OcA9HBM3MlGDnBEYL5B41H0MTn0Uec8Hi+2qUtTfG2WWZBmMejQ=="
+    },
     "@sindresorhus/is": {
       "version": "4.6.0",
       "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-4.6.0.tgz",
@@ -15065,7 +15342,6 @@
       "version": "3.1.0",
       "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz",
       "integrity": "sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==",
-      "dev": true,
       "requires": {
         "clean-stack": "^2.0.0",
         "indent-string": "^4.0.0"
@@ -15569,6 +15845,11 @@
       "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz",
       "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA=="
     },
+    "base64url": {
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/base64url/-/base64url-3.0.1.tgz",
+      "integrity": "sha512-ir1UPr3dkwexU7FdV8qBBbNDRUhMmIekYMFZfi+C/sLNnRESKPl23nB9b2pltqfOQNnGzsDdId90AEtG5tCx4A=="
+    },
     "bcrypt-pbkdf": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz",
@@ -16182,8 +16463,7 @@
     "clean-stack": {
       "version": "2.2.0",
       "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz",
-      "integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A==",
-      "dev": true
+      "integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A=="
     },
     "cli-cursor": {
       "version": "3.1.0",
@@ -18269,6 +18549,80 @@
         }
       }
     },
+    "express-openid-connect": {
+      "version": "2.17.1",
+      "resolved": "https://registry.npmjs.org/express-openid-connect/-/express-openid-connect-2.17.1.tgz",
+      "integrity": "sha512-5pVK6PNV09x6UN29R9Mer0XF3hwQq2HxiFsjZvLuIQ9ezeTUGbqrefzBOpzciz1S/1WWVaVPDIcj4EBpD8WB3Q==",
+      "requires": {
+        "base64url": "^3.0.1",
+        "clone": "^2.1.2",
+        "cookie": "^0.5.0",
+        "debug": "^4.3.4",
+        "futoin-hkdf": "^1.5.1",
+        "http-errors": "^1.8.1",
+        "joi": "^17.7.0",
+        "jose": "^2.0.6",
+        "on-headers": "^1.0.2",
+        "openid-client": "^4.9.1",
+        "url-join": "^4.0.1"
+      },
+      "dependencies": {
+        "clone": {
+          "version": "2.1.2",
+          "resolved": "https://registry.npmjs.org/clone/-/clone-2.1.2.tgz",
+          "integrity": "sha512-3Pe/CF1Nn94hyhIYpjtiLhdCoEoz0DqQ+988E9gmeEdQZlojxnOb74wctFyuwWQHzqyf9X7C7MG8juUpqBJT8w=="
+        },
+        "cookie": {
+          "version": "0.5.0",
+          "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.5.0.tgz",
+          "integrity": "sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw=="
+        },
+        "http-errors": {
+          "version": "1.8.1",
+          "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.8.1.tgz",
+          "integrity": "sha512-Kpk9Sm7NmI+RHhnj6OIWDI1d6fIoFAtFt9RLaTMRlg/8w49juAStsrBgp0Dp4OdxdVbRIeKhtCUvoi/RuAhO4g==",
+          "requires": {
+            "depd": "~1.1.2",
+            "inherits": "2.0.4",
+            "setprototypeof": "1.2.0",
+            "statuses": ">= 1.5.0 < 2",
+            "toidentifier": "1.0.1"
+          }
+        },
+        "jose": {
+          "version": "2.0.7",
+          "resolved": "https://registry.npmjs.org/jose/-/jose-2.0.7.tgz",
+          "integrity": "sha512-5hFWIigKqC+e/lRyQhfnirrAqUdIPMB7SJRqflJaO29dW7q5DFvH1XCSTmv6PQ6pb++0k6MJlLRoS0Wv4s38Wg==",
+          "requires": {
+            "@panva/asn1.js": "^1.0.0"
+          }
+        },
+        "openid-client": {
+          "version": "4.9.1",
+          "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-4.9.1.tgz",
+          "integrity": "sha512-DYUF07AHjI3QDKqKbn2F7RqozT4hyi4JvmpodLrq0HHoNP7t/AjeG/uqiBK1/N2PZSAQEThVjDLHSmJN4iqu/w==",
+          "requires": {
+            "aggregate-error": "^3.1.0",
+            "got": "^11.8.0",
+            "jose": "^2.0.5",
+            "lru-cache": "^6.0.0",
+            "make-error": "^1.3.6",
+            "object-hash": "^2.0.1",
+            "oidc-token-hash": "^5.0.1"
+          }
+        },
+        "setprototypeof": {
+          "version": "1.2.0",
+          "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz",
+          "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw=="
+        },
+        "toidentifier": {
+          "version": "1.0.1",
+          "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz",
+          "integrity": "sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA=="
+        }
+      }
+    },
     "express-partial-content": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/express-partial-content/-/express-partial-content-1.0.2.tgz",
@@ -18714,6 +19068,11 @@
       "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz",
       "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA=="
     },
+    "futoin-hkdf": {
+      "version": "1.5.3",
+      "resolved": "https://registry.npmjs.org/futoin-hkdf/-/futoin-hkdf-1.5.3.tgz",
+      "integrity": "sha512-SewY5KdMpaoCeh7jachEWFsh1nNlaDjNHZXWqL5IGwtpEYHTgkr2+AMCgNwKWkcc0wpSYrZfR7he4WdmHFtDxQ=="
+    },
     "galactus": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/galactus/-/galactus-1.0.0.tgz",
@@ -19241,8 +19600,7 @@
     "indent-string": {
       "version": "4.0.0",
       "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz",
-      "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==",
-      "dev": true
+      "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg=="
     },
     "index-array-by": {
       "version": "1.4.1",
@@ -19578,11 +19936,28 @@
         "regenerator-runtime": "^0.13.3"
       }
     },
+    "joi": {
+      "version": "17.13.1",
+      "resolved": "https://registry.npmjs.org/joi/-/joi-17.13.1.tgz",
+      "integrity": "sha512-vaBlIKCyo4FCUtCm7Eu4QZd/q02bWcxfUO6YSXAZOWF6gzcLBeba8kwotUdYJjDLW8Cz8RywsSOqiNJZW0mNvg==",
+      "requires": {
+        "@hapi/hoek": "^9.3.0",
+        "@hapi/topo": "^5.1.0",
+        "@sideway/address": "^4.1.5",
+        "@sideway/formula": "^3.0.1",
+        "@sideway/pinpoint": "^2.0.0"
+      }
+    },
     "joplin-turndown-plugin-gfm": {
       "version": "1.0.12",
       "resolved": "https://registry.npmjs.org/joplin-turndown-plugin-gfm/-/joplin-turndown-plugin-gfm-1.0.12.tgz",
       "integrity": "sha512-qL4+1iycQjZ1fs8zk3jSRk7cg3ROBUHk7GKtiLAQLFzLPKErnILUvz5DLszSQvz3s1sTjPbywLDISVUtBY6HaA=="
     },
+    "jose": {
+      "version": "4.15.5",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz",
+      "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg=="
+    },
     "jpeg-js": {
       "version": "0.4.4",
       "resolved": "https://registry.npmjs.org/jpeg-js/-/jpeg-js-0.4.4.tgz",
@@ -20073,8 +20448,7 @@
     "make-error": {
       "version": "1.3.6",
       "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz",
-      "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==",
-      "dev": true
+      "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw=="
     },
     "make-fetch-happen": {
       "version": "10.2.0",
@@ -20918,6 +21292,11 @@
       "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
       "integrity": "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM="
     },
+    "object-hash": {
+      "version": "2.2.0",
+      "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz",
+      "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw=="
+    },
     "object-inspect": {
       "version": "1.13.1",
       "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz",
@@ -20929,6 +21308,11 @@
       "integrity": "sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==",
       "optional": true
     },
+    "oidc-token-hash": {
+      "version": "5.0.3",
+      "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.3.tgz",
+      "integrity": "sha512-IF4PcGgzAr6XXSff26Sk/+P4KZFJVuHAJZj3wgO3vX2bMdNVp/QXTP3P7CEm9V1IdG8lDLY3HhiqpsE/nOwpPw=="
+    },
     "omggif": {
       "version": "1.0.10",
       "resolved": "https://registry.npmjs.org/omggif/-/omggif-1.0.10.tgz",
@@ -20979,6 +21363,17 @@
       "resolved": "https://registry.npmjs.org/opencollective-postinstall/-/opencollective-postinstall-2.0.3.tgz",
       "integrity": "sha512-8AV/sCtuzUeTo8gQK5qDZzARrulB3egtLzFgteqB2tcT4Mw7B8Kt7JcDHmltjz6FOAHsvTevk70gZEbhM4ZS9Q=="
     },
+    "openid-client": {
+      "version": "5.6.5",
+      "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.6.5.tgz",
+      "integrity": "sha512-5P4qO9nGJzB5PI0LFlhj4Dzg3m4odt0qsJTfyEtZyOlkgpILwEioOhVVJOrS1iVH494S4Ee5OCjjg6Bf5WOj3w==",
+      "requires": {
+        "jose": "^4.15.5",
+        "lru-cache": "^6.0.0",
+        "object-hash": "^2.2.0",
+        "oidc-token-hash": "^5.0.3"
+      }
+    },
     "ora": {
       "version": "5.4.1",
       "resolved": "https://registry.npmjs.org/ora/-/ora-5.4.1.tgz",
@@ -21166,6 +21561,21 @@
       "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz",
       "integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ=="
     },
+    "passport": {
+      "version": "0.7.0",
+      "resolved": "https://registry.npmjs.org/passport/-/passport-0.7.0.tgz",
+      "integrity": "sha512-cPLl+qZpSc+ireUvt+IzqbED1cHHkDoVYMo30jbJIdOOjQ1MQYZBPiNvmi8UM6lJuOpTPXJGZQk0DtC4y61MYQ==",
+      "requires": {
+        "passport-strategy": "1.x.x",
+        "pause": "0.0.1",
+        "utils-merge": "^1.0.1"
+      }
+    },
+    "passport-strategy": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz",
+      "integrity": "sha512-CB97UUvDKJde2V0KDWWB3lyf6PC3FaZP7YxZ2G8OAtn9p4HI9j9JLP9qjOGZFvyl8uwNT8qM+hGnz/n16NI7oA=="
+    },
     "path-exists": {
       "version": "3.0.0",
       "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-3.0.0.tgz",
@@ -21224,6 +21634,11 @@
         "pify": "^2.0.0"
       }
     },
+    "pause": {
+      "version": "0.0.1",
+      "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz",
+      "integrity": "sha512-KG8UEiEVkR3wGEb4m5yZkVCzigAD+cVEJck2CzYZO37ZGJfctvVptVO192MwrtPhzONn6go8ylnOdMhKqi4nfg=="
+    },
     "peek-readable": {
       "version": "4.1.0",
       "resolved": "https://registry.npmjs.org/peek-readable/-/peek-readable-4.1.0.tgz",
@@ -23094,6 +23509,11 @@
         "punycode": "^2.1.0"
       }
     },
+    "url-join": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/url-join/-/url-join-4.0.1.tgz",
+      "integrity": "sha512-jk1+QP6ZJqyOiuEI9AEWQfju/nB2Pw466kbA0LEZljHwKeMgd9WrAEgEGxjPDD2+TNbbb37rTyhEfrCXfuKXnA=="
+    },
     "url-parse": {
       "version": "1.5.10",
       "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.5.10.tgz",
diff --git a/package.json b/package.json
index fdbd270a66..c85be92c0a 100644
--- a/package.json
+++ b/package.json
@@ -56,6 +56,7 @@
     "electron-window-state": "5.0.3",
     "escape-html": "1.0.3",
     "express": "4.18.3",
+    "express-openid-connect": "^2.17.1",
     "express-partial-content": "1.0.2",
     "express-rate-limit": "7.2.0",
     "express-session": "1.18.0",
@@ -83,7 +84,9 @@
     "node-abi": "3.56.0",
     "normalize-strings": "1.1.1",
     "open": "8.4.1",
+    "openid-client": "^5.6.5",
     "panzoom": "9.4.3",
+    "passport": "^0.7.0",
     "print-this": "2.0.0",
     "rand-token": "1.0.1",
     "react": "18.2.0",
diff --git a/src/app.ts b/src/app.ts
index ceabe33f9e..153dc8fd3f 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -1,3 +1,5 @@
+/** @format */
+
 import express = require('express');
 import path = require('path');
 import favicon = require('serve-favicon');
@@ -6,6 +8,9 @@ import helmet = require('helmet');
 import compression = require('compression');
 import sessionParser = require('./routes/session_parser');
 import utils = require('./services/utils');
+import {config} from 'process';
+
+const {auth, requiresAuth} = require('express-openid-connect');
 
 require('./services/handlers');
 require('./becca/becca_loader');
@@ -20,16 +25,18 @@ if (!utils.isElectron()) {
     app.use(compression()); // HTTP compression
 }
 
-app.use(helmet.default({
-    hidePoweredBy: false, // errors out in electron
-    contentSecurityPolicy: false,
-    crossOriginEmbedderPolicy: false
-}));
+app.use(
+    helmet.default({
+        hidePoweredBy: false, // errors out in electron
+        contentSecurityPolicy: false,
+        crossOriginEmbedderPolicy: false,
+    })
+);
 
-app.use(express.text({ limit: '500mb' }));
-app.use(express.json({ limit: '500mb' }));
-app.use(express.raw({ limit: '500mb' }));
-app.use(express.urlencoded({ extended: false }));
+app.use(express.text({limit: '500mb'}));
+app.use(express.json({limit: '500mb'}));
+app.use(express.raw({limit: '500mb'}));
+app.use(express.urlencoded({extended: false}));
 app.use(cookieParser());
 app.use(express.static(path.join(__dirname, 'public/root')));
 app.use(`/manifest.webmanifest`, express.static(path.join(__dirname, 'public/manifest.webmanifest')));
@@ -53,6 +60,28 @@ require('./services/consistency_checks');
 
 require('./services/scheduler');
 
+const authRoutes = {
+    callback: '/callback',
+    login: '/auth',
+    postLogoutRedirect: '/login',
+};
+
+const authConfig = {
+    authRequired: true,
+    auth0Logout: true,
+    ***REMOVED***
+***REMOVED***
+***REMOVED***
+***REMOVED***
+    routes: authRoutes,
+};
+
+app.use(auth(authConfig));
+
+// app.get('/auth', requiresAuth(), (req, res) => {
+//     res.send(JSON.stringify(req, null, 2));
+// });
+
 if (utils.isElectron()) {
     require('@electron/remote/main').initialize();
 }
diff --git a/src/public/app/widgets/type_widgets/content_widget.js b/src/public/app/widgets/type_widgets/content_widget.js
index bf59258673..8ea179aee1 100644
--- a/src/public/app/widgets/type_widgets/content_widget.js
+++ b/src/public/app/widgets/type_widgets/content_widget.js
@@ -1,38 +1,40 @@
-import TypeWidget from "./type_widget.js";
-import ZoomFactorOptions from "./options/appearance/zoom_factor.js";
-import NativeTitleBarOptions from "./options/appearance/native_title_bar.js";
-import ThemeOptions from "./options/appearance/theme.js";
-import FontsOptions from "./options/appearance/fonts.js";
-import MaxContentWidthOptions from "./options/appearance/max_content_width.js";
-import KeyboardShortcutsOptions from "./options/shortcuts.js";
-import HeadingStyleOptions from "./options/text_notes/heading_style.js";
-import TableOfContentsOptions from "./options/text_notes/table_of_contents.js";
-import HighlightsListOptions from "./options/text_notes/highlights_list.js";
-import TextAutoReadOnlySizeOptions from "./options/text_notes/text_auto_read_only_size.js";
-import VimKeyBindingsOptions from "./options/code_notes/vim_key_bindings.js";
-import WrapLinesOptions from "./options/code_notes/wrap_lines.js";
-import CodeAutoReadOnlySizeOptions from "./options/code_notes/code_auto_read_only_size.js";
-import CodeMimeTypesOptions from "./options/code_notes/code_mime_types.js";
-import ImageOptions from "./options/images/images.js";
-import SpellcheckOptions from "./options/spellcheck.js";
-import PasswordOptions from "./options/password.js";
-import EtapiOptions from "./options/etapi.js";
-import BackupOptions from "./options/backup.js";
-import SyncOptions from "./options/sync.js";
-import SearchEngineOptions from "./options/other/search_engine.js";
-import TrayOptions from "./options/other/tray.js";
-import NoteErasureTimeoutOptions from "./options/other/note_erasure_timeout.js";
-import RevisionsSnapshotIntervalOptions from "./options/other/revisions_snapshot_interval.js";
-import NetworkConnectionsOptions from "./options/other/network_connections.js";
-import AdvancedSyncOptions from "./options/advanced/sync.js";
-import DatabaseIntegrityCheckOptions from "./options/advanced/database_integrity_check.js";
-import ConsistencyChecksOptions from "./options/advanced/consistency_checks.js";
-import VacuumDatabaseOptions from "./options/advanced/vacuum_database.js";
-import DatabaseAnonymizationOptions from "./options/advanced/database_anonymization.js";
-import BackendLogWidget from "./content/backend_log.js";
-import AttachmentErasureTimeoutOptions from "./options/other/attachment_erasure_timeout.js";
-import RibbonOptions from "./options/appearance/ribbon.js";
-import MultiFactorAuthenticationOptions from "./options/multi_factor_authentication.js";
+/** @format */
+
+import TypeWidget from './type_widget.js';
+import ZoomFactorOptions from './options/appearance/zoom_factor.js';
+import NativeTitleBarOptions from './options/appearance/native_title_bar.js';
+import ThemeOptions from './options/appearance/theme.js';
+import FontsOptions from './options/appearance/fonts.js';
+import MaxContentWidthOptions from './options/appearance/max_content_width.js';
+import KeyboardShortcutsOptions from './options/shortcuts.js';
+import HeadingStyleOptions from './options/text_notes/heading_style.js';
+import TableOfContentsOptions from './options/text_notes/table_of_contents.js';
+import HighlightsListOptions from './options/text_notes/highlights_list.js';
+import TextAutoReadOnlySizeOptions from './options/text_notes/text_auto_read_only_size.js';
+import VimKeyBindingsOptions from './options/code_notes/vim_key_bindings.js';
+import WrapLinesOptions from './options/code_notes/wrap_lines.js';
+import CodeAutoReadOnlySizeOptions from './options/code_notes/code_auto_read_only_size.js';
+import CodeMimeTypesOptions from './options/code_notes/code_mime_types.js';
+import ImageOptions from './options/images/images.js';
+import SpellcheckOptions from './options/spellcheck.js';
+import PasswordOptions from './options/password.js';
+import EtapiOptions from './options/etapi.js';
+import BackupOptions from './options/backup.js';
+import SyncOptions from './options/sync.js';
+import SearchEngineOptions from './options/other/search_engine.js';
+import TrayOptions from './options/other/tray.js';
+import NoteErasureTimeoutOptions from './options/other/note_erasure_timeout.js';
+import RevisionsSnapshotIntervalOptions from './options/other/revisions_snapshot_interval.js';
+import NetworkConnectionsOptions from './options/other/network_connections.js';
+import AdvancedSyncOptions from './options/advanced/sync.js';
+import DatabaseIntegrityCheckOptions from './options/advanced/database_integrity_check.js';
+import ConsistencyChecksOptions from './options/advanced/consistency_checks.js';
+import VacuumDatabaseOptions from './options/advanced/vacuum_database.js';
+import DatabaseAnonymizationOptions from './options/advanced/database_anonymization.js';
+import BackendLogWidget from './content/backend_log.js';
+import AttachmentErasureTimeoutOptions from './options/other/attachment_erasure_timeout.js';
+import RibbonOptions from './options/appearance/ribbon.js';
+import MultiFactorAuthenticationOptions from './options/multi_factor_authentication.js';
 
 const TPL = `<div class="note-detail-content-widget note-detail-printable">
     <style>
@@ -60,14 +62,14 @@ const CONTENT_WIDGETS = {
         ZoomFactorOptions,
         NativeTitleBarOptions,
         MaxContentWidthOptions,
-        RibbonOptions
+        RibbonOptions,
     ],
     _optionsShortcuts: [KeyboardShortcutsOptions],
     _optionsTextNotes: [
         HeadingStyleOptions,
         TableOfContentsOptions,
         HighlightsListOptions,
-        TextAutoReadOnlySizeOptions
+        TextAutoReadOnlySizeOptions,
     ],
     _optionsCodeNotes: [VimKeyBindingsOptions, WrapLinesOptions, CodeAutoReadOnlySizeOptions, CodeMimeTypesOptions],
     _optionsImages: [ImageOptions],
@@ -84,24 +86,26 @@ const CONTENT_WIDGETS = {
         NoteErasureTimeoutOptions,
         AttachmentErasureTimeoutOptions,
         RevisionsSnapshotIntervalOptions,
-        NetworkConnectionsOptions
+        NetworkConnectionsOptions,
     ],
     _optionsAdvanced: [
         DatabaseIntegrityCheckOptions,
         ConsistencyChecksOptions,
         DatabaseAnonymizationOptions,
         AdvancedSyncOptions,
-        VacuumDatabaseOptions
+        VacuumDatabaseOptions,
     ],
-    _backendLog: [BackendLogWidget]
+    _backendLog: [BackendLogWidget],
 };
 
 export default class ContentWidgetTypeWidget extends TypeWidget {
-    static getType() { return "contentWidget"; }
+    static getType() {
+        return 'contentWidget';
+    }
 
     doRender() {
         this.$widget = $(TPL);
-        this.$content = this.$widget.find(".note-detail-content-widget-content");
+        this.$content = this.$widget.find('.note-detail-content-widget-content');
 
         super.doRender();
     }
@@ -116,7 +120,7 @@ export default class ContentWidgetTypeWidget extends TypeWidget {
             for (const clazz of contentWidgets) {
                 const widget = new clazz();
 
-                await widget.handleEvent('setNoteContext', { noteContext: this.noteContext });
+                await widget.handleEvent('setNoteContext', {noteContext: this.noteContext});
                 this.child(widget);
 
                 this.$content.append(widget.render());
diff --git a/src/public/app/widgets/type_widgets/options/oidc.js b/src/public/app/widgets/type_widgets/options/oidc.js
new file mode 100644
index 0000000000..d58f26683b
--- /dev/null
+++ b/src/public/app/widgets/type_widgets/options/oidc.js
@@ -0,0 +1,43 @@
+/** @format */
+
+// /** @format */
+
+// import server from '../../../services/server.js';
+// import protectedSessionHolder from '../../../services/protected_session_holder.js';
+// import toastService from '../../../services/toast.js';
+// import OptionsWidget from './options_widget.js';
+
+// import {Issuer, Strategy} from 'openid-client';
+// import {generators} from 'openid-client';
+
+// const TPL = `
+// <div class="options-section">
+//     <h4 class="">OIDC</h4>
+//     <button class="oidcButton" > Launch OIDC </button>
+// </div>`;
+
+// export default class MultiFactorAuthenticationOptions extends OptionsWidget {
+//     doRender() {
+//         this.$widget = $(TPL);
+//         this.$oidcButton = this.$widget.find('.oidcButton');
+
+//         this.$protectedSessionTimeout = this.$widget.find('.protected-session-timeout-in-seconds');
+//         this.$protectedSessionTimeout.on('change', () =>
+//             this.updateOption('protectedSessionTimeout', this.$protectedSessionTimeout.val())
+//         );
+
+//         this.$oidcButton.on('click', (async) => {
+//             server.get('oidc/initiate').then((result) => {
+//                 console.log('Initiated');
+//                 console.log(result);
+//                 console.log('done');
+//             });
+//         });
+//     }
+
+//     async authenticate() {}
+
+//     optionsLoaded(options) {
+//         this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
+//     }
+// }
diff --git a/src/routes/callback.ts b/src/routes/callback.ts
new file mode 100644
index 0000000000..978a46a8bc
--- /dev/null
+++ b/src/routes/callback.ts
@@ -0,0 +1,14 @@
+/** @format */
+
+'use strict';
+
+import {Request, Response} from 'express';
+
+function callback(req: Request, res: Response) {
+    console.log('GOT CALLBACK');
+    console.log(req.body);
+}
+
+export = {
+    callback,
+};
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index c98539389f..32b4a3aca2 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -1,3 +1,5 @@
+/** @format */
+
 'use strict';
 
 import utils = require('../services/utils');
@@ -20,6 +22,8 @@ import ValidationError = require('../errors/validation_error');
 import setupRoute = require('./setup');
 import loginRoute = require('./login');
 import indexRoute = require('./index');
+import callbackRoute = require('./callback');
+import oidc = require('../services/login/open_id_connect');
 
 // API routes
 import treeApiRoute = require('./api/tree');
@@ -73,11 +77,15 @@ import etapiSpecialNoteRoutes = require('../etapi/special_notes');
 import etapiSpecRoute = require('../etapi/spec');
 import etapiBackupRoute = require('../etapi/backup');
 import {AppRequest, AppRequestHandler} from './route-interface';
+import callback = require('./callback');
+
+// import { requiresAuth } = require('express-openid-connect');
+const {requiresAuth} = require('express-openid-connect');
 
 const csrfMiddleware = csurf({
     cookie: {
-        path: '' // empty, so cookie is valid only for the current path
-    }
+        path: '', // empty, so cookie is valid only for the current path
+    },
 });
 
 const MAX_ALLOWED_FILE_SIZE_MB = 250;
@@ -94,10 +102,18 @@ type HttpMethod = 'all' | 'get' | 'post' | 'put' | 'delete' | 'patch' | 'options
 
 const uploadMiddleware = createUploadMiddleware();
 
-const uploadMiddlewareWithErrorHandling = function (req: express.Request, res: express.Response, next: express.NextFunction) {
+const uploadMiddlewareWithErrorHandling = function (
+    req: express.Request,
+    res: express.Response,
+    next: express.NextFunction
+) {
     uploadMiddleware(req, res, function (err) {
         if (err?.code === 'LIMIT_FILE_SIZE') {
-            res.setHeader('Content-Type', 'text/plain').status(400).send(`Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`);
+            res.setHeader('Content-Type', 'text/plain')
+                .status(400)
+                .send(
+                    `Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`
+                );
         } else {
             next();
         }
@@ -108,17 +124,21 @@ function register(app: express.Application) {
     route(GET, '/', [auth.checkAuth, csrfMiddleware], indexRoute.index);
     route(GET, '/login', [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage);
     route(GET, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage);
+    route(GET, '/auth', [oidc.preAuth], oidc.authenticate);
 
     const loginRateLimiter = rateLimit.rateLimit({
         windowMs: 15 * 60 * 1000, // 15 minutes
         max: 10, // limit each IP to 10 requests per windowMs
-        skipSuccessfulRequests: true // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
+        skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
     });
 
     route(PST, '/login', [loginRateLimiter], loginRoute.login);
     route(PST, '/logout', [csrfMiddleware, auth.checkAuth], loginRoute.logout);
     route(PST, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPassword);
     route(GET, '/setup', [], setupRoute.setupPage);
+    // route(PST, '/authenticate', [], oidc.authenticate);
+
+    route(GET, '/callback', [], callback.callback);
 
     apiRoute(GET, '/api/totp/generate', totp.generateSecret);
     apiRoute(GET, '/api/totp/enabled', totp.checkForTOTP);
@@ -133,6 +153,8 @@ function register(app: express.Application) {
     apiRoute(GET, '/api/totp_recovery/enabled', recoveryCodes.checkForRecoveryKeys);
     apiRoute(GET, '/api/totp_recovery/used', recoveryCodes.getUsedRecoveryCodes);
 
+    apiRoute(GET, '/api/oidc/initiate', oidc.login);
+
     apiRoute(GET, '/api/tree', treeApiRoute.getTree);
     apiRoute(PST, '/api/tree/load', treeApiRoute.load);
 
@@ -153,7 +175,13 @@ function register(app: express.Application) {
     apiRoute(PUT, '/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present', cloningApiRoute.toggleNoteInParent);
     apiRoute(PUT, '/api/notes/:noteId/clone-to-note/:parentNoteId', cloningApiRoute.cloneNoteToParentNote);
     apiRoute(PUT, '/api/notes/:noteId/clone-after/:afterBranchId', cloningApiRoute.cloneNoteAfter);
-    route(PUT, '/api/notes/:noteId/file', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], filesRoute.updateFile, apiResultHandler);
+    route(
+        PUT,
+        '/api/notes/:noteId/file',
+        [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+        filesRoute.updateFile,
+        apiResultHandler
+    );
     route(GET, '/api/notes/:noteId/open', [auth.checkApiAuthOrElectron], filesRoute.openFile);
     route(
         GET,
@@ -162,7 +190,7 @@ function register(app: express.Application) {
         createPartialContentHandler(filesRoute.fileContentProvider, {
             debug: (string, extra) => {
                 console.log(string, extra);
-            }
+            },
         })
     );
     route(GET, '/api/notes/:noteId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
@@ -182,14 +210,25 @@ function register(app: express.Application) {
 
     apiRoute(GET, '/api/notes/:noteId/attachments', attachmentsApiRoute.getAttachments);
     apiRoute(PST, '/api/notes/:noteId/attachments', attachmentsApiRoute.saveAttachment);
-    route(PST, '/api/notes/:noteId/attachments/upload', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], attachmentsApiRoute.uploadAttachment, apiResultHandler);
+    route(
+        PST,
+        '/api/notes/:noteId/attachments/upload',
+        [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+        attachmentsApiRoute.uploadAttachment,
+        apiResultHandler
+    );
     apiRoute(GET, '/api/attachments/:attachmentId', attachmentsApiRoute.getAttachment);
     apiRoute(GET, '/api/attachments/:attachmentId/all', attachmentsApiRoute.getAllAttachments);
     apiRoute(PST, '/api/attachments/:attachmentId/convert-to-note', attachmentsApiRoute.convertAttachmentToNote);
     apiRoute(DEL, '/api/attachments/:attachmentId', attachmentsApiRoute.deleteAttachment);
     apiRoute(PUT, '/api/attachments/:attachmentId/rename', attachmentsApiRoute.renameAttachment);
     apiRoute(GET, '/api/attachments/:attachmentId/blob', attachmentsApiRoute.getAttachmentBlob);
-    route(GET, '/api/attachments/:attachmentId/image/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnAttachedImage);
+    route(
+        GET,
+        '/api/attachments/:attachmentId/image/:filename',
+        [auth.checkApiAuthOrElectron],
+        imageRoute.returnAttachedImage
+    );
     route(GET, '/api/attachments/:attachmentId/open', [auth.checkApiAuthOrElectron], filesRoute.openAttachment);
     route(
         GET,
@@ -198,7 +237,7 @@ function register(app: express.Application) {
         createPartialContentHandler(filesRoute.attachmentContentProvider, {
             debug: (string, extra) => {
                 console.log(string, extra);
-            }
+            },
         })
     );
     route(GET, '/api/attachments/:attachmentId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
@@ -206,7 +245,13 @@ function register(app: express.Application) {
     route(GET, '/api/attachments/download/:attachmentId', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
     apiRoute(PST, '/api/attachments/:attachmentId/save-to-tmp-dir', filesRoute.saveAttachmentToTmpDir);
     apiRoute(PST, '/api/attachments/:attachmentId/upload-modified-file', filesRoute.uploadModifiedFileToAttachment);
-    route(PUT, '/api/attachments/:attachmentId/file', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], filesRoute.updateAttachment, apiResultHandler);
+    route(
+        PUT,
+        '/api/attachments/:attachmentId/file',
+        [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+        filesRoute.updateAttachment,
+        apiResultHandler
+    );
 
     apiRoute(GET, '/api/notes/:noteId/revisions', revisionsApiRoute.getRevisions);
     apiRoute(DEL, '/api/notes/:noteId/revisions', revisionsApiRoute.eraseAllRevisions);
@@ -214,13 +259,40 @@ function register(app: express.Application) {
     apiRoute(GET, '/api/revisions/:revisionId/blob', revisionsApiRoute.getRevisionBlob);
     apiRoute(DEL, '/api/revisions/:revisionId', revisionsApiRoute.eraseRevision);
     apiRoute(PST, '/api/revisions/:revisionId/restore', revisionsApiRoute.restoreRevision);
-    route(GET, '/api/revisions/:revisionId/image/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromRevision);
+    route(
+        GET,
+        '/api/revisions/:revisionId/image/:filename',
+        [auth.checkApiAuthOrElectron],
+        imageRoute.returnImageFromRevision
+    );
 
-    route(GET, '/api/revisions/:revisionId/download', [auth.checkApiAuthOrElectron], revisionsApiRoute.downloadRevision);
+    route(
+        GET,
+        '/api/revisions/:revisionId/download',
+        [auth.checkApiAuthOrElectron],
+        revisionsApiRoute.downloadRevision
+    );
 
-    route(GET, '/api/branches/:branchId/export/:type/:format/:version/:taskId', [auth.checkApiAuthOrElectron], exportRoute.exportBranch);
-    route(PST, '/api/notes/:parentNoteId/notes-import', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], importRoute.importNotesToBranch, apiResultHandler);
-    route(PST, '/api/notes/:parentNoteId/attachments-import', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], importRoute.importAttachmentsToNote, apiResultHandler);
+    route(
+        GET,
+        '/api/branches/:branchId/export/:type/:format/:version/:taskId',
+        [auth.checkApiAuthOrElectron],
+        exportRoute.exportBranch
+    );
+    route(
+        PST,
+        '/api/notes/:parentNoteId/notes-import',
+        [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+        importRoute.importNotesToBranch,
+        apiResultHandler
+    );
+    route(
+        PST,
+        '/api/notes/:parentNoteId/attachments-import',
+        [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+        importRoute.importAttachmentsToNote,
+        apiResultHandler
+    );
 
     apiRoute(GET, '/api/notes/:noteId/attributes', attributesRoute.getEffectiveNoteAttributes);
     apiRoute(PST, '/api/notes/:noteId/attributes', attributesRoute.addNoteAttribute);
@@ -235,7 +307,13 @@ function register(app: express.Application) {
 
     // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
     route(GET, '/api/images/:noteId/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromNote);
-    route(PUT, '/api/images/:noteId', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], imageRoute.updateImage, apiResultHandler);
+    route(
+        PUT,
+        '/api/images/:noteId',
+        [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+        imageRoute.updateImage,
+        apiResultHandler
+    );
 
     apiRoute(GET, '/api/options', optionsApiRoute.getOptions);
     // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
@@ -254,8 +332,20 @@ function register(app: express.Application) {
     route(GET, '/api/sync/changed', [auth.checkApiAuth], syncApiRoute.getChanged, apiResultHandler);
     route(PUT, '/api/sync/update', [auth.checkApiAuth], syncApiRoute.update, apiResultHandler);
     route(PST, '/api/sync/finished', [auth.checkApiAuth], syncApiRoute.syncFinished, apiResultHandler);
-    route(PST, '/api/sync/check-entity-changes', [auth.checkApiAuth], syncApiRoute.checkEntityChanges, apiResultHandler);
-    route(PST, '/api/sync/queue-sector/:entityName/:sector', [auth.checkApiAuth], syncApiRoute.queueSector, apiResultHandler);
+    route(
+        PST,
+        '/api/sync/check-entity-changes',
+        [auth.checkApiAuth],
+        syncApiRoute.checkEntityChanges,
+        apiResultHandler
+    );
+    route(
+        PST,
+        '/api/sync/queue-sector/:entityName/:sector',
+        [auth.checkApiAuth],
+        syncApiRoute.queueSector,
+        apiResultHandler
+    );
     route(GET, '/api/sync/stats', [], syncApiRoute.getStats, apiResultHandler);
 
     apiRoute(PST, '/api/recent-notes', recentNotesRoute.addRecentNote);
@@ -266,10 +356,31 @@ function register(app: express.Application) {
 
     // group of the services below are meant to be executed from the outside
     route(GET, '/api/setup/status', [], setupApiRoute.getStatus, apiResultHandler);
-    route(PST, '/api/setup/new-document', [auth.checkAppNotInitialized], setupApiRoute.setupNewDocument, apiResultHandler, false);
-    route(PST, '/api/setup/sync-from-server', [auth.checkAppNotInitialized], setupApiRoute.setupSyncFromServer, apiResultHandler, false);
+    route(
+        PST,
+        '/api/setup/new-document',
+        [auth.checkAppNotInitialized],
+        setupApiRoute.setupNewDocument,
+        apiResultHandler,
+        false
+    );
+    route(
+        PST,
+        '/api/setup/sync-from-server',
+        [auth.checkAppNotInitialized],
+        setupApiRoute.setupSyncFromServer,
+        apiResultHandler,
+        false
+    );
     route(GET, '/api/setup/sync-seed', [auth.checkCredentials], setupApiRoute.getSyncSeed, apiResultHandler);
-    route(PST, '/api/setup/sync-seed', [auth.checkAppNotInitialized], setupApiRoute.saveSyncSeed, apiResultHandler, false);
+    route(
+        PST,
+        '/api/setup/sync-seed',
+        [auth.checkAppNotInitialized],
+        setupApiRoute.saveSyncSeed,
+        apiResultHandler,
+        false
+    );
 
     apiRoute(GET, '/api/autocomplete', autocompleteApiRoute.getAutocomplete);
     apiRoute(GET, '/api/quick-search/:searchString', searchRoute.quickSearch);
@@ -320,17 +431,45 @@ function register(app: express.Application) {
 
     apiRoute(GET, '/api/sql/schema', sqlRoute.getSchema);
     apiRoute(PST, '/api/sql/execute/:noteId', sqlRoute.execute);
-    route(PST, '/api/database/anonymize/:type', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.anonymize, apiResultHandler, false);
+    route(
+        PST,
+        '/api/database/anonymize/:type',
+        [auth.checkApiAuthOrElectron, csrfMiddleware],
+        databaseRoute.anonymize,
+        apiResultHandler,
+        false
+    );
     apiRoute(GET, '/api/database/anonymized-databases', databaseRoute.getExistingAnonymizedDatabases);
 
     // backup requires execution outside of transaction
-    route(PST, '/api/database/backup-database', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.backupDatabase, apiResultHandler, false);
+    route(
+        PST,
+        '/api/database/backup-database',
+        [auth.checkApiAuthOrElectron, csrfMiddleware],
+        databaseRoute.backupDatabase,
+        apiResultHandler,
+        false
+    );
     apiRoute(GET, '/api/database/backups', databaseRoute.getExistingBackups);
 
     // VACUUM requires execution outside of transaction
-    route(PST, '/api/database/vacuum-database', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.vacuumDatabase, apiResultHandler, false);
+    route(
+        PST,
+        '/api/database/vacuum-database',
+        [auth.checkApiAuthOrElectron, csrfMiddleware],
+        databaseRoute.vacuumDatabase,
+        apiResultHandler,
+        false
+    );
 
-    route(PST, '/api/database/find-and-fix-consistency-issues', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.findAndFixConsistencyIssues, apiResultHandler, false);
+    route(
+        PST,
+        '/api/database/find-and-fix-consistency-issues',
+        [auth.checkApiAuthOrElectron, csrfMiddleware],
+        databaseRoute.findAndFixConsistencyIssues,
+        apiResultHandler,
+        false
+    );
 
     apiRoute(GET, '/api/database/check-integrity', databaseRoute.checkIntegrity);
 
@@ -344,7 +483,13 @@ function register(app: express.Application) {
 
     // no CSRF since this is called from android app
     route(PST, '/api/sender/login', [loginRateLimiter], loginApiRoute.token, apiResultHandler);
-    route(PST, '/api/sender/image', [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling], senderRoute.uploadImage, apiResultHandler);
+    route(
+        PST,
+        '/api/sender/image',
+        [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
+        senderRoute.uploadImage,
+        apiResultHandler
+    );
     route(PST, '/api/sender/note', [auth.checkEtapiToken], senderRoute.saveNote, apiResultHandler);
 
     apiRoute(GET, '/api/keyboard-actions', keysRoute.getKeyboardActions);
@@ -422,7 +567,9 @@ function apiResultHandler(req: express.Request, res: express.Response, result: u
         const [statusCode, response] = result;
 
         if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
-            log.info(`${req.method} ${req.originalUrl} returned ${statusCode} with response ${JSON.stringify(response)}`);
+            log.info(
+                `${req.method} ${req.originalUrl} returned ${statusCode} with response ${JSON.stringify(response)}`
+            );
         }
 
         return send(res, statusCode, response);
@@ -464,40 +611,52 @@ function route(
     resultHandler: ApiResultHandler | null = null,
     transactional = true
 ) {
-    router[method](path, ...(middleware as express.Handler[]), (req: express.Request, res: express.Response, next: express.NextFunction) => {
-        const start = Date.now();
-
-        try {
-            cls.namespace.bindEmitter(req);
-            cls.namespace.bindEmitter(res);
-
-            const result = cls.init(() => {
-                cls.set('componentId', req.headers['trilium-component-id']);
-                cls.set('localNowDateTime', req.headers['trilium-local-now-datetime']);
-                cls.set('hoistedNoteId', req.headers['trilium-hoisted-note-id'] || 'root');
-
-                const cb = () => routeHandler(req as AppRequest, res, next);
-
-                return transactional ? sql.transactional(cb) : cb();
-            });
-
-            if (!resultHandler) {
-                return;
-            }
-
-            if (result?.then) {
-                // promise
-                result.then((promiseResult: unknown) => handleResponse(resultHandler, req, res, promiseResult, start)).catch((e: any) => handleException(e, method, path, res));
-            } else {
-                handleResponse(resultHandler, req, res, result, start);
+    router[method](
+        path,
+        ...(middleware as express.Handler[]),
+        (req: express.Request, res: express.Response, next: express.NextFunction) => {
+            const start = Date.now();
+
+            try {
+                cls.namespace.bindEmitter(req);
+                cls.namespace.bindEmitter(res);
+
+                const result = cls.init(() => {
+                    cls.set('componentId', req.headers['trilium-component-id']);
+                    cls.set('localNowDateTime', req.headers['trilium-local-now-datetime']);
+                    cls.set('hoistedNoteId', req.headers['trilium-hoisted-note-id'] || 'root');
+
+                    const cb = () => routeHandler(req as AppRequest, res, next);
+
+                    return transactional ? sql.transactional(cb) : cb();
+                });
+
+                if (!resultHandler) {
+                    return;
+                }
+
+                if (result?.then) {
+                    // promise
+                    result
+                        .then((promiseResult: unknown) => handleResponse(resultHandler, req, res, promiseResult, start))
+                        .catch((e: any) => handleException(e, method, path, res));
+                } else {
+                    handleResponse(resultHandler, req, res, result, start);
+                }
+            } catch (e) {
+                handleException(e, method, path, res);
             }
-        } catch (e) {
-            handleException(e, method, path, res);
         }
-    });
+    );
 }
 
-function handleResponse(resultHandler: ApiResultHandler, req: express.Request, res: express.Response, result: unknown, start: number) {
+function handleResponse(
+    resultHandler: ApiResultHandler,
+    req: express.Request,
+    res: express.Response,
+    result: unknown,
+    start: number
+) {
     const responseLength = resultHandler(req, res, result);
 
     log.request(req, res, Date.now() - start, responseLength);
@@ -508,15 +667,15 @@ function handleException(e: any, method: HttpMethod, path: string, res: express.
 
     if (e instanceof ValidationError) {
         res.status(400).json({
-            message: e.message
+            message: e.message,
         });
     } else if (e instanceof NotFoundError) {
         res.status(404).json({
-            message: e.message
+            message: e.message,
         });
     } else {
         res.status(500).json({
-            message: e.message
+            message: e.message,
         });
     }
 }
@@ -528,12 +687,12 @@ function createUploadMiddleware() {
             // See https://github.com/expressjs/multer/pull/1102.
             file.originalname = Buffer.from(file.originalname, 'latin1').toString('utf-8');
             cb(null, true);
-        }
+        },
     };
 
     if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
         multerOptions.limits = {
-            fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024
+            fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024,
         };
     }
 
@@ -541,5 +700,5 @@ function createUploadMiddleware() {
 }
 
 export = {
-    register
+    register,
 };
diff --git a/src/services/hidden_subtree.ts b/src/services/hidden_subtree.ts
index 33b54d4a58..b0d99b82af 100644
--- a/src/services/hidden_subtree.ts
+++ b/src/services/hidden_subtree.ts
@@ -1,25 +1,27 @@
-import BAttribute = require("../becca/entities/battribute");
-import { AttributeType, NoteType } from "../becca/entities/rows";
+/** @format */
+
+import BAttribute = require('../becca/entities/battribute');
+import {AttributeType, NoteType} from '../becca/entities/rows';
 
 import becca = require('../becca/becca');
 import noteService = require('./notes');
 import log = require('./log');
 import migrationService = require('./migration');
 
-const LBTPL_ROOT = "_lbTplRoot";
-const LBTPL_BASE = "_lbTplBase";
-const LBTPL_COMMAND = "_lbTplCommandLauncher";
-const LBTPL_NOTE_LAUNCHER = "_lbTplNoteLauncher";
-const LBTPL_SCRIPT = "_lbTplScriptLauncher";
-const LBTPL_BUILTIN_WIDGET = "_lbTplBuiltinWidget";
-const LBTPL_SPACER = "_lbTplSpacer";
-const LBTPL_CUSTOM_WIDGET = "_lbTplCustomWidget";
+const LBTPL_ROOT = '_lbTplRoot';
+const LBTPL_BASE = '_lbTplBase';
+const LBTPL_COMMAND = '_lbTplCommandLauncher';
+const LBTPL_NOTE_LAUNCHER = '_lbTplNoteLauncher';
+const LBTPL_SCRIPT = '_lbTplScriptLauncher';
+const LBTPL_BUILTIN_WIDGET = '_lbTplBuiltinWidget';
+const LBTPL_SPACER = '_lbTplSpacer';
+const LBTPL_CUSTOM_WIDGET = '_lbTplCustomWidget';
 
 interface Attribute {
     type: AttributeType;
     name: string;
     isInheritable?: boolean;
-    value?: string
+    value?: string;
 }
 
 interface Item {
@@ -33,9 +35,17 @@ interface Item {
     isExpanded?: boolean;
     baseSize?: string;
     growthFactor?: string;
-    targetNoteId?: "_backendLog" | "_globalNoteMap";
-    builtinWidget?: "bookmarks" | "spacer" | "backInHistoryButton" | "forwardInHistoryButton" | "syncStatus" | "protectedSession" | "todayInJournal" | "calendar";
-    command?: "jumpToNote" | "searchNotes" | "createNoteIntoInbox" | "showRecentChanges";
+    targetNoteId?: '_backendLog' | '_globalNoteMap';
+    builtinWidget?:
+        | 'bookmarks'
+        | 'spacer'
+        | 'backInHistoryButton'
+        | 'forwardInHistoryButton'
+        | 'syncStatus'
+        | 'protectedSession'
+        | 'todayInJournal'
+        | 'calendar';
+    command?: 'jumpToNote' | 'searchNotes' | 'createNoteIntoInbox' | 'showRecentChanges';
 }
 
 /*
@@ -45,312 +55,312 @@ interface Item {
  */
 
 const HIDDEN_SUBTREE_DEFINITION: Item = {
-    id: "_hidden",
-    title: "Hidden Notes",
-    type: "doc",
-    icon: "bx bx-chip",
+    id: '_hidden',
+    title: 'Hidden Notes',
+    type: 'doc',
+    icon: 'bx bx-chip',
     // we want to keep the hidden subtree always last, otherwise there will be problems with e.g., keyboard navigation
     // over tree when it's in the middle
     notePosition: 999_999_999,
     attributes: [
-        { type: "label", name: "excludeFromNoteMap", isInheritable: true },
-        { type: "label", name: "docName", value: "hidden" }
+        {type: 'label', name: 'excludeFromNoteMap', isInheritable: true},
+        {type: 'label', name: 'docName', value: 'hidden'},
     ],
     children: [
         {
-            id: "_search",
-            title: "Search History",
-            type: "doc"
+            id: '_search',
+            title: 'Search History',
+            type: 'doc',
         },
         {
-            id: "_globalNoteMap",
-            title: "Note Map",
-            type: "noteMap",
+            id: '_globalNoteMap',
+            title: 'Note Map',
+            type: 'noteMap',
             attributes: [
-                { type: "label", name: "mapRootNoteId", value: "hoisted" },
-                { type: "label", name: "keepCurrentHoisting" }
-            ]
+                {type: 'label', name: 'mapRootNoteId', value: 'hoisted'},
+                {type: 'label', name: 'keepCurrentHoisting'},
+            ],
         },
         {
-            id: "_sqlConsole",
-            title: "SQL Console History",
-            type: "doc",
-            icon: "bx-data"
+            id: '_sqlConsole',
+            title: 'SQL Console History',
+            type: 'doc',
+            icon: 'bx-data',
         },
         {
-            id: "_share",
-            title: "Shared Notes",
-            type: "doc",
-            attributes: [{ type: "label", name: "docName", value: "share" }]
+            id: '_share',
+            title: 'Shared Notes',
+            type: 'doc',
+            attributes: [{type: 'label', name: 'docName', value: 'share'}],
         },
         {
-            id: "_bulkAction",
-            title: "Bulk Action",
-            type: "doc"
+            id: '_bulkAction',
+            title: 'Bulk Action',
+            type: 'doc',
         },
         {
-            id: "_backendLog",
-            title: "Backend Log",
-            type: "contentWidget",
-            icon: "bx-terminal",
-            attributes: [{ type: "label", name: "keepCurrentHoisting" }]
+            id: '_backendLog',
+            title: 'Backend Log',
+            type: 'contentWidget',
+            icon: 'bx-terminal',
+            attributes: [{type: 'label', name: 'keepCurrentHoisting'}],
         },
         {
             // place for user scripts hidden stuff (scripts should not create notes directly under hidden root)
-            id: "_userHidden",
-            title: "User Hidden",
-            type: "doc",
-            attributes: [{ type: "label", name: "docName", value: "user_hidden" }]
+            id: '_userHidden',
+            title: 'User Hidden',
+            type: 'doc',
+            attributes: [{type: 'label', name: 'docName', value: 'user_hidden'}],
         },
         {
             id: LBTPL_ROOT,
-            title: "Launch Bar Templates",
-            type: "doc",
+            title: 'Launch Bar Templates',
+            type: 'doc',
             children: [
                 {
                     id: LBTPL_BASE,
-                    title: "Base Abstract Launcher",
-                    type: "doc"
+                    title: 'Base Abstract Launcher',
+                    type: 'doc',
                 },
                 {
                     id: LBTPL_COMMAND,
-                    title: "Command Launcher",
-                    type: "doc",
+                    title: 'Command Launcher',
+                    type: 'doc',
                     attributes: [
-                        { type: "relation", name: "template", value: LBTPL_BASE },
-                        { type: "label", name: "launcherType", value: "command" },
-                        { type: "label", name: "docName", value: "launchbar_command_launcher" }
-                    ]
+                        {type: 'relation', name: 'template', value: LBTPL_BASE},
+                        {type: 'label', name: 'launcherType', value: 'command'},
+                        {type: 'label', name: 'docName', value: 'launchbar_command_launcher'},
+                    ],
                 },
                 {
                     id: LBTPL_NOTE_LAUNCHER,
-                    title: "Note Launcher",
-                    type: "doc",
+                    title: 'Note Launcher',
+                    type: 'doc',
                     attributes: [
-                        { type: "relation", name: "template", value: LBTPL_BASE },
-                        { type: "label", name: "launcherType", value: "note" },
-                        { type: "label", name: "relation:target", value: "promoted" },
-                        { type: "label", name: "relation:hoistedNote", value: "promoted" },
-                        { type: "label", name: "label:keyboardShortcut", value: "promoted,text" },
-                        { type: "label", name: "docName", value: "launchbar_note_launcher" }
-                    ]
+                        {type: 'relation', name: 'template', value: LBTPL_BASE},
+                        {type: 'label', name: 'launcherType', value: 'note'},
+                        {type: 'label', name: 'relation:target', value: 'promoted'},
+                        {type: 'label', name: 'relation:hoistedNote', value: 'promoted'},
+                        {type: 'label', name: 'label:keyboardShortcut', value: 'promoted,text'},
+                        {type: 'label', name: 'docName', value: 'launchbar_note_launcher'},
+                    ],
                 },
                 {
                     id: LBTPL_SCRIPT,
-                    title: "Script Launcher",
-                    type: "doc",
+                    title: 'Script Launcher',
+                    type: 'doc',
                     attributes: [
-                        { type: "relation", name: "template", value: LBTPL_BASE },
-                        { type: "label", name: "launcherType", value: "script" },
-                        { type: "label", name: "relation:script", value: "promoted" },
-                        { type: "label", name: "label:keyboardShortcut", value: "promoted,text" },
-                        { type: "label", name: "docName", value: "launchbar_script_launcher" }
-                    ]
+                        {type: 'relation', name: 'template', value: LBTPL_BASE},
+                        {type: 'label', name: 'launcherType', value: 'script'},
+                        {type: 'label', name: 'relation:script', value: 'promoted'},
+                        {type: 'label', name: 'label:keyboardShortcut', value: 'promoted,text'},
+                        {type: 'label', name: 'docName', value: 'launchbar_script_launcher'},
+                    ],
                 },
                 {
                     id: LBTPL_BUILTIN_WIDGET,
-                    title: "Built-in Widget",
-                    type: "doc",
+                    title: 'Built-in Widget',
+                    type: 'doc',
                     attributes: [
-                        { type: "relation", name: "template", value: LBTPL_BASE },
-                        { type: "label", name: "launcherType", value: "builtinWidget" }
-                    ]
+                        {type: 'relation', name: 'template', value: LBTPL_BASE},
+                        {type: 'label', name: 'launcherType', value: 'builtinWidget'},
+                    ],
                 },
                 {
                     id: LBTPL_SPACER,
-                    title: "Spacer",
-                    type: "doc",
-                    icon: "bx-move-vertical",
+                    title: 'Spacer',
+                    type: 'doc',
+                    icon: 'bx-move-vertical',
                     attributes: [
-                        { type: "relation", name: "template", value: LBTPL_BUILTIN_WIDGET },
-                        { type: "label", name: "builtinWidget", value: "spacer" },
-                        { type: "label", name: "label:baseSize", value: "promoted,number" },
-                        { type: "label", name: "label:growthFactor", value: "promoted,number" },
-                        { type: "label", name: "docName", value: "launchbar_spacer" }
-                    ]
+                        {type: 'relation', name: 'template', value: LBTPL_BUILTIN_WIDGET},
+                        {type: 'label', name: 'builtinWidget', value: 'spacer'},
+                        {type: 'label', name: 'label:baseSize', value: 'promoted,number'},
+                        {type: 'label', name: 'label:growthFactor', value: 'promoted,number'},
+                        {type: 'label', name: 'docName', value: 'launchbar_spacer'},
+                    ],
                 },
                 {
                     id: LBTPL_CUSTOM_WIDGET,
-                    title: "Custom Widget",
-                    type: "doc",
+                    title: 'Custom Widget',
+                    type: 'doc',
                     attributes: [
-                        { type: "relation", name: "template", value: LBTPL_BASE },
-                        { type: "label", name: "launcherType", value: "customWidget" },
-                        { type: "label", name: "relation:widget", value: "promoted" },
-                        { type: "label", name: "docName", value: "launchbar_widget_launcher" }
-                    ]
-                }
-            ]
+                        {type: 'relation', name: 'template', value: LBTPL_BASE},
+                        {type: 'label', name: 'launcherType', value: 'customWidget'},
+                        {type: 'label', name: 'relation:widget', value: 'promoted'},
+                        {type: 'label', name: 'docName', value: 'launchbar_widget_launcher'},
+                    ],
+                },
+            ],
         },
         {
-            id: "_lbRoot",
-            title: "Launch Bar",
-            type: "doc",
-            icon: "bx-sidebar",
+            id: '_lbRoot',
+            title: 'Launch Bar',
+            type: 'doc',
+            icon: 'bx-sidebar',
             isExpanded: true,
-            attributes: [{ type: "label", name: "docName", value: "launchbar_intro" }],
+            attributes: [{type: 'label', name: 'docName', value: 'launchbar_intro'}],
             children: [
                 {
-                    id: "_lbAvailableLaunchers",
-                    title: "Available Launchers",
-                    type: "doc",
-                    icon: "bx-hide",
+                    id: '_lbAvailableLaunchers',
+                    title: 'Available Launchers',
+                    type: 'doc',
+                    icon: 'bx-hide',
                     isExpanded: true,
-                    attributes: [{ type: "label", name: "docName", value: "launchbar_intro" }],
+                    attributes: [{type: 'label', name: 'docName', value: 'launchbar_intro'}],
                     children: [
                         {
-                            id: "_lbBackInHistory",
-                            title: "Go to Previous Note",
-                            type: "launcher",
-                            builtinWidget: "backInHistoryButton",
-                            icon: "bx bxs-left-arrow-square",
-                            attributes: [{ type: "label", name: "docName", value: "launchbar_history_navigation" }]
+                            id: '_lbBackInHistory',
+                            title: 'Go to Previous Note',
+                            type: 'launcher',
+                            builtinWidget: 'backInHistoryButton',
+                            icon: 'bx bxs-left-arrow-square',
+                            attributes: [{type: 'label', name: 'docName', value: 'launchbar_history_navigation'}],
                         },
                         {
-                            id: "_lbForwardInHistory",
-                            title: "Go to Next Note",
-                            type: "launcher",
-                            builtinWidget: "forwardInHistoryButton",
-                            icon: "bx bxs-right-arrow-square",
-                            attributes: [{ type: "label", name: "docName", value: "launchbar_history_navigation" }]
+                            id: '_lbForwardInHistory',
+                            title: 'Go to Next Note',
+                            type: 'launcher',
+                            builtinWidget: 'forwardInHistoryButton',
+                            icon: 'bx bxs-right-arrow-square',
+                            attributes: [{type: 'label', name: 'docName', value: 'launchbar_history_navigation'}],
                         },
                         {
-                            id: "_lbBackendLog",
-                            title: "Backend Log",
-                            type: "launcher",
-                            targetNoteId: "_backendLog",
-                            icon: "bx bx-terminal"
-                        }
-                    ]
+                            id: '_lbBackendLog',
+                            title: 'Backend Log',
+                            type: 'launcher',
+                            targetNoteId: '_backendLog',
+                            icon: 'bx bx-terminal',
+                        },
+                    ],
                 },
                 {
-                    id: "_lbVisibleLaunchers",
-                    title: "Visible Launchers",
-                    type: "doc",
-                    icon: "bx-show",
+                    id: '_lbVisibleLaunchers',
+                    title: 'Visible Launchers',
+                    type: 'doc',
+                    icon: 'bx-show',
                     isExpanded: true,
-                    attributes: [{ type: "label", name: "docName", value: "launchbar_intro" }],
+                    attributes: [{type: 'label', name: 'docName', value: 'launchbar_intro'}],
                     children: [
                         {
-                            id: "_lbNewNote",
-                            title: "New Note",
-                            type: "launcher",
-                            command: "createNoteIntoInbox",
-                            icon: "bx bx-file-blank"
+                            id: '_lbNewNote',
+                            title: 'New Note',
+                            type: 'launcher',
+                            command: 'createNoteIntoInbox',
+                            icon: 'bx bx-file-blank',
                         },
                         {
-                            id: "_lbSearch",
-                            title: "Search Notes",
-                            type: "launcher",
-                            command: "searchNotes",
-                            icon: "bx bx-search",
-                            attributes: [{ type: "label", name: "desktopOnly" }]
+                            id: '_lbSearch',
+                            title: 'Search Notes',
+                            type: 'launcher',
+                            command: 'searchNotes',
+                            icon: 'bx bx-search',
+                            attributes: [{type: 'label', name: 'desktopOnly'}],
                         },
                         {
-                            id: "_lbJumpTo",
-                            title: "Jump to Note",
-                            type: "launcher",
-                            command: "jumpToNote",
-                            icon: "bx bx-send",
-                            attributes: [{ type: "label", name: "desktopOnly" }]
+                            id: '_lbJumpTo',
+                            title: 'Jump to Note',
+                            type: 'launcher',
+                            command: 'jumpToNote',
+                            icon: 'bx bx-send',
+                            attributes: [{type: 'label', name: 'desktopOnly'}],
                         },
                         {
-                            id: "_lbNoteMap",
-                            title: "Note Map",
-                            type: "launcher",
-                            targetNoteId: "_globalNoteMap",
-                            icon: "bx bx-map-alt"
+                            id: '_lbNoteMap',
+                            title: 'Note Map',
+                            type: 'launcher',
+                            targetNoteId: '_globalNoteMap',
+                            icon: 'bx bx-map-alt',
                         },
                         {
-                            id: "_lbCalendar",
-                            title: "Calendar",
-                            type: "launcher",
-                            builtinWidget: "calendar",
-                            icon: "bx bx-calendar"
+                            id: '_lbCalendar',
+                            title: 'Calendar',
+                            type: 'launcher',
+                            builtinWidget: 'calendar',
+                            icon: 'bx bx-calendar',
                         },
                         {
-                            id: "_lbRecentChanges",
-                            title: "Recent Changes",
-                            type: "launcher",
-                            command: "showRecentChanges",
-                            icon: "bx bx-history",
-                            attributes: [{ type: "label", name: "desktopOnly" }]
+                            id: '_lbRecentChanges',
+                            title: 'Recent Changes',
+                            type: 'launcher',
+                            command: 'showRecentChanges',
+                            icon: 'bx bx-history',
+                            attributes: [{type: 'label', name: 'desktopOnly'}],
                         },
                         {
-                            id: "_lbSpacer1",
-                            title: "Spacer",
-                            type: "launcher",
-                            builtinWidget: "spacer",
-                            baseSize: "50",
-                            growthFactor: "0"
+                            id: '_lbSpacer1',
+                            title: 'Spacer',
+                            type: 'launcher',
+                            builtinWidget: 'spacer',
+                            baseSize: '50',
+                            growthFactor: '0',
                         },
                         {
-                            id: "_lbBookmarks",
-                            title: "Bookmarks",
-                            type: "launcher",
-                            builtinWidget: "bookmarks",
-                            icon: "bx bx-bookmark"
+                            id: '_lbBookmarks',
+                            title: 'Bookmarks',
+                            type: 'launcher',
+                            builtinWidget: 'bookmarks',
+                            icon: 'bx bx-bookmark',
                         },
                         {
-                            id: "_lbToday",
+                            id: '_lbToday',
                             title: "Open Today's Journal Note",
-                            type: "launcher",
-                            builtinWidget: "todayInJournal",
-                            icon: "bx bx-calendar-star"
+                            type: 'launcher',
+                            builtinWidget: 'todayInJournal',
+                            icon: 'bx bx-calendar-star',
                         },
                         {
-                            id: "_lbSpacer2",
-                            title: "Spacer",
-                            type: "launcher",
-                            builtinWidget: "spacer",
-                            baseSize: "0",
-                            growthFactor: "1"
+                            id: '_lbSpacer2',
+                            title: 'Spacer',
+                            type: 'launcher',
+                            builtinWidget: 'spacer',
+                            baseSize: '0',
+                            growthFactor: '1',
                         },
                         {
-                            id: "_lbProtectedSession",
-                            title: "Protected Session",
-                            type: "launcher",
-                            builtinWidget: "protectedSession",
-                            icon: "bx bx bx-shield-quarter"
+                            id: '_lbProtectedSession',
+                            title: 'Protected Session',
+                            type: 'launcher',
+                            builtinWidget: 'protectedSession',
+                            icon: 'bx bx bx-shield-quarter',
                         },
                         {
-                            id: "_lbSyncStatus",
-                            title: "Sync Status",
-                            type: "launcher",
-                            builtinWidget: "syncStatus",
-                            icon: "bx bx-wifi"
-                        }
-                    ]
-                }
-            ]
+                            id: '_lbSyncStatus',
+                            title: 'Sync Status',
+                            type: 'launcher',
+                            builtinWidget: 'syncStatus',
+                            icon: 'bx bx-wifi',
+                        },
+                    ],
+                },
+            ],
         },
         {
-            id: "_options",
-            title: "Options",
-            type: "book",
+            id: '_options',
+            title: 'Options',
+            type: 'book',
             children: [
-                { id: "_optionsAppearance", title: "Appearance", type: "contentWidget", icon: "bx-layout" },
-                { id: "_optionsShortcuts", title: "Shortcuts", type: "contentWidget", icon: "bxs-keyboard" },
-                { id: "_optionsTextNotes", title: "Text Notes", type: "contentWidget", icon: "bx-text" },
-                { id: "_optionsMFA", title: "MFA", type: "contentWidget", icon: "bx-lock" },
-                { id: "_optionsCodeNotes", title: "Code Notes", type: "contentWidget", icon: "bx-code" },
-                { id: "_optionsImages", title: "Images", type: "contentWidget", icon: "bx-image" },
-                { id: "_optionsSpellcheck", title: "Spellcheck", type: "contentWidget", icon: "bx-check-double" },
-                { id: "_optionsPassword", title: "Password", type: "contentWidget", icon: "bx-lock" },
-                { id: "_optionsEtapi", title: "ETAPI", type: "contentWidget", icon: "bx-extension" },
-                { id: "_optionsBackup", title: "Backup", type: "contentWidget", icon: "bx-data" },
-                { id: "_optionsSync", title: "Sync", type: "contentWidget", icon: "bx-wifi" },
-                { id: "_optionsOther", title: "Other", type: "contentWidget", icon: "bx-dots-horizontal" },
-                { id: "_optionsAdvanced", title: "Advanced", type: "contentWidget" }
-            ]
-        }
-    ]
+                {id: '_optionsAppearance', title: 'Appearance', type: 'contentWidget', icon: 'bx-layout'},
+                {id: '_optionsShortcuts', title: 'Shortcuts', type: 'contentWidget', icon: 'bxs-keyboard'},
+                {id: '_optionsTextNotes', title: 'Text Notes', type: 'contentWidget', icon: 'bx-text'},
+                {id: '_optionsMFA', title: 'MFA', type: 'contentWidget', icon: 'bx-lock'},
+                {id: '_optionsCodeNotes', title: 'Code Notes', type: 'contentWidget', icon: 'bx-code'},
+                {id: '_optionsImages', title: 'Images', type: 'contentWidget', icon: 'bx-image'},
+                {id: '_optionsSpellcheck', title: 'Spellcheck', type: 'contentWidget', icon: 'bx-check-double'},
+                {id: '_optionsPassword', title: 'Password', type: 'contentWidget', icon: 'bx-lock'},
+                {id: '_optionsEtapi', title: 'ETAPI', type: 'contentWidget', icon: 'bx-extension'},
+                {id: '_optionsBackup', title: 'Backup', type: 'contentWidget', icon: 'bx-data'},
+                {id: '_optionsSync', title: 'Sync', type: 'contentWidget', icon: 'bx-wifi'},
+                {id: '_optionsOther', title: 'Other', type: 'contentWidget', icon: 'bx-dots-horizontal'},
+                {id: '_optionsAdvanced', title: 'Advanced', type: 'contentWidget'},
+            ],
+        },
+    ],
 };
 
 function checkHiddenSubtree(force = false) {
     if (!force && !migrationService.isDbUpToDate()) {
         // on-delete hook might get triggered during some future migration and cause havoc
-        log.info("Will not check hidden subtree until migration is finished.");
+        log.info('Will not check hidden subtree until migration is finished.');
         return;
     }
 
@@ -376,35 +386,35 @@ function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
             type: item.type,
             parentNoteId: parentNoteId,
             content: '',
-            ignoreForbiddenParents: true
+            ignoreForbiddenParents: true,
         }));
     } else {
-        branch = note.getParentBranches().find(branch => branch.parentNoteId === parentNoteId);
+        branch = note.getParentBranches().find((branch) => branch.parentNoteId === parentNoteId);
     }
 
     const attrs = [...(item.attributes || [])];
 
     if (item.icon) {
-        attrs.push({ type: 'label', name: 'iconClass', value: `bx ${item.icon}` });
+        attrs.push({type: 'label', name: 'iconClass', value: `bx ${item.icon}`});
     }
 
     if (item.type === 'launcher') {
         if (item.command) {
-            attrs.push({ type: 'relation', name: 'template', value: LBTPL_COMMAND });
-            attrs.push({ type: 'label', name: 'command', value: item.command });
+            attrs.push({type: 'relation', name: 'template', value: LBTPL_COMMAND});
+            attrs.push({type: 'label', name: 'command', value: item.command});
         } else if (item.builtinWidget) {
             if (item.builtinWidget === 'spacer') {
-                attrs.push({ type: 'relation', name: 'template', value: LBTPL_SPACER });
-                attrs.push({ type: 'label', name: 'baseSize', value: item.baseSize });
-                attrs.push({ type: 'label', name: 'growthFactor', value: item.growthFactor });
+                attrs.push({type: 'relation', name: 'template', value: LBTPL_SPACER});
+                attrs.push({type: 'label', name: 'baseSize', value: item.baseSize});
+                attrs.push({type: 'label', name: 'growthFactor', value: item.growthFactor});
             } else {
-                attrs.push({ type: 'relation', name: 'template', value: LBTPL_BUILTIN_WIDGET });
+                attrs.push({type: 'relation', name: 'template', value: LBTPL_BUILTIN_WIDGET});
             }
 
-            attrs.push({ type: 'label', name: 'builtinWidget', value: item.builtinWidget });
+            attrs.push({type: 'label', name: 'builtinWidget', value: item.builtinWidget});
         } else if (item.targetNoteId) {
-            attrs.push({ type: 'relation', name: 'template', value: LBTPL_NOTE_LAUNCHER });
-            attrs.push({ type: 'relation', name: 'target', value: item.targetNoteId });
+            attrs.push({type: 'relation', name: 'template', value: LBTPL_NOTE_LAUNCHER});
+            attrs.push({type: 'relation', name: 'target', value: item.targetNoteId});
         } else {
             throw new Error(`No action defined for launcher ${JSON.stringify(item)}`);
         }
@@ -431,16 +441,16 @@ function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
     }
 
     for (const attr of attrs) {
-        const attrId = note.noteId + "_" + attr.type.charAt(0) + attr.name;
+        const attrId = note.noteId + '_' + attr.type.charAt(0) + attr.name;
 
-        if (!note.getAttributes().find(attr => attr.attributeId === attrId)) {
+        if (!note.getAttributes().find((attr) => attr.attributeId === attrId)) {
             new BAttribute({
                 attributeId: attrId,
                 noteId: note.noteId,
                 type: attr.type,
                 name: attr.name,
                 value: attr.value,
-                isInheritable: false
+                isInheritable: false,
             }).save();
         }
     }
@@ -459,5 +469,5 @@ export = {
     LBTPL_SCRIPT,
     LBTPL_BUILTIN_WIDGET,
     LBTPL_SPACER,
-    LBTPL_CUSTOM_WIDGET
+    LBTPL_CUSTOM_WIDGET,
 };
diff --git a/src/services/login/open_id_connect.ts b/src/services/login/open_id_connect.ts
new file mode 100644
index 0000000000..8d1cd703a8
--- /dev/null
+++ b/src/services/login/open_id_connect.ts
@@ -0,0 +1,61 @@
+/** @format */
+
+'use strict';
+
+import {NextFunction, Request, Response} from 'express';
+// This entire file is boilerplate from https://www.npmjs.com/package/openid-client
+
+import {Issuer, Strategy} from 'openid-client';
+import {generators} from 'openid-client';
+const {auth, requiresAuth} = require('express-openid-connect');
+
+const code_verifier = generators.codeVerifier();
+// store the code_verifier in your framework's session mechanism, if it is a cookie based solution
+// it should be httpOnly (not readable by javascript) and encrypted.
+
+async function login() {
+    const googleIssuer = await Issuer.discover(
+        'https://auth.mauldin314.com/application/o/trilium/.well-known/openid-configuration'
+    );
+    const nonce = generators.nonce();
+    console.log('Discovered issuer %s %O', googleIssuer.issuer, googleIssuer.metadata);
+
+    const client = new googleIssuer.Client({
+        client_id: 'utqV1OgVM9wiCL9rfk92a84pkQs2CpvzBkSdrXF4',
+        redirect_uris: ['http://localhost:8080/callback'],
+        response_types: ['id_token'],
+        // id_token_signed_response_alg (default "RS256")
+        // token_endpoint_auth_method (default "client_secret_basic")
+    }); // => Client
+
+    let a = new Strategy({client, passReqToCallback: true}, (req, tokenSet, userinfo, done) => {
+        console.log('tokenSet', tokenSet);
+        console.log('userinfo', userinfo);
+    });
+
+    //     const code_challenge = generators.codeChallenge(code_verifier);
+
+    //     client.authorizationUrl({
+    //         scope: 'openid email profile',
+    //         resource: 'https://auth.mauldin314.com/application/o/authorize/',
+    //         nonce,
+    //     });
+    // }
+}
+
+function authenticate(req: Request, res: Response) {
+    console.log('AHHHH');
+    // res.send(JSON.stringify(req.oidc.user, null, 2));
+}
+
+function preAuth(req: Request, res: Response, next: NextFunction) {
+    console.log('DKKDKDK');
+    requiresAuth();
+    next;
+}
+
+export = {
+    authenticate,
+    login,
+    preAuth,
+};
diff --git a/src/views/authenticate_oidc.ejs b/src/views/authenticate_oidc.ejs
new file mode 100644
index 0000000000..2100a800f5
--- /dev/null
+++ b/src/views/authenticate_oidc.ejs
@@ -0,0 +1,128 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8" />
+    <meta
+      name="viewport"
+      content="width=device-width, initial-scale=1, maximum-scale=1"
+    />
+    <title>Login</title>
+    <link
+      rel="apple-touch-icon"
+      sizes="180x180"
+      href="<%= assetPath %>/images/app-icons/ios/apple-touch-icon.png"
+    />
+    <link rel="shortcut icon" href="favicon.ico" />
+  </head>
+  <body>
+    <div class="container">
+      <div
+        class="col-xs-12 col-sm-10 col-md-6 col-lg-4 col-xl-4 mx-auto"
+        style="padding-top: 25px"
+      >
+        <h1>Trilium login</h1>
+
+        <% if (failedAuth) { %>
+        <div class="alert alert-warning">
+          Password is incorrect. Please try again.
+        </div>
+        <% } %>
+
+        <form action="login" method="POST">
+          <div class="form-group">
+            <label for="password">Password</label>
+            <div class="controls">
+              <input
+                id="password"
+                name="password"
+                placeholder=""
+                class="form-control"
+                type="password"
+              />
+            </div>
+          </div>
+          <% if( totpEnabled ) { %>
+            <div class="form-group">
+                <label for="otp-token">OTP Token</label>
+                <div class="controls">
+                <input
+                    id="token"
+                    name="token"
+                    placeholder=""
+                    class="form-control"
+                    type="text"
+                    required
+                />
+            </div>
+        <% } %>
+          <div class="form-group">
+            <div class="checkbox">
+              <label>
+                <input
+                  id="remember-me"
+                  name="rememberMe"
+                  value="1"
+                  type="checkbox"
+                />
+                Remember me
+              </label>
+            </div>
+          </div>
+          <div class="form-group">
+            <button class="btn btn-success">Login</button>
+          </div>
+        </form>
+        <div>
+          <button class="oidc">Login with Google</button>
+        </div>
+      </div>
+    </div>
+
+    <script>
+      // Required for correct loading of scripts in Electron
+      if (typeof module === "object") {
+        window.module = module;
+        module = undefined;
+      }
+
+      let device;
+
+      if (window.location.search === "?desktop") {
+        device = "desktop";
+      } else if (window.location.search === "?mobile") {
+        device = "mobile";
+      } else {
+        device = isMobile() ? "mobile" : "desktop";
+      }
+
+      console.log("Setting device cookie to:", device);
+
+      setCookie("trilium-device", device);
+
+      function setCookie(name, value) {
+        const date = new Date(Date.now() + 10 * 365 * 24 * 60 * 60 * 1000);
+        const expires = "; expires=" + date.toUTCString();
+
+        document.cookie = name + "=" + (value || "") + expires + "; path=/";
+      }
+
+      // https://stackoverflow.com/a/73731646/944162
+      function isMobile() {
+        const mQ = matchMedia?.("(pointer:coarse)");
+        if (mQ?.media === "(pointer:coarse)") return !!mQ.matches;
+
+        if ("orientation" in window) return true;
+
+        return (
+          /\b(BlackBerry|webOS|iPhone|IEMobile)\b/i.test(navigator.userAgent) ||
+          /\b(Android|Windows Phone|iPad|iPod)\b/i.test(navigator.userAgent)
+        );
+      }
+    </script>
+
+    <link
+      href="<%= assetPath %>/libraries/bootstrap/css/bootstrap.min.css"
+      rel="stylesheet"
+    />
+  </body>
+</html>
\ No newline at end of file
diff --git a/src/views/login.ejs b/src/views/login.ejs
index b359e876ef..48f754513d 100644
--- a/src/views/login.ejs
+++ b/src/views/login.ejs
@@ -72,6 +72,9 @@
             <button class="btn btn-success">Login</button>
           </div>
         </form>
+        <div>
+          <button href="http://localhost:8080/authenticate">Login with OAuth</button>
+        </div>
       </div>
     </div>
 

From e62edb45731887b89486d81256c6172649c57672 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sat, 18 May 2024 15:54:01 -0700
Subject: [PATCH 27/63] Can access OpenID providers and login. Has no bearing
 on logging in to trilium.

---
 .env.example                       |  5 +++
 .gitignore                         |  1 +
 package.json                       |  3 +-
 src/app.ts                         | 49 +++++++++++++++---------------
 src/routes/routes.ts               | 11 ++-----
 src/services/login/oidc_testing.ts | 17 +++++++++++
 6 files changed, 52 insertions(+), 34 deletions(-)
 create mode 100644 .env.example
 create mode 100644 src/services/login/oidc_testing.ts

diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000000..91f1307d27
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,5 @@
+ENABLE_OAUTH="true"
+BASE_URL="http://localhost:8080"
+CLIENT_ID="1234"
+ISSUER_BASE_URL="https://example.com/xyz.well-known/openid-configuration"
+SECRET="I_Like_Trilium"
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index 0e095b0756..457353451c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -14,3 +14,4 @@ data/
 data-test/
 tmp/
 .eslintcache
+.env
diff --git a/package.json b/package.json
index c85be92c0a..a464dd9077 100644
--- a/package.json
+++ b/package.json
@@ -50,12 +50,13 @@
     "dayjs": "1.11.10",
     "dayjs-plugin-utc": "0.1.2",
     "debounce": "1.2.1",
+    "dotenv": "^16.4.5",
     "ejs": "3.1.9",
     "electron-debug": "3.2.0",
     "electron-dl": "3.5.2",
     "electron-window-state": "5.0.3",
     "escape-html": "1.0.3",
-    "express": "4.18.3",
+    "express": "4.19.2",
     "express-openid-connect": "^2.17.1",
     "express-partial-content": "1.0.2",
     "express-rate-limit": "7.2.0",
diff --git a/src/app.ts b/src/app.ts
index 153dc8fd3f..9b4c87d152 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -8,15 +8,33 @@ import helmet = require('helmet');
 import compression = require('compression');
 import sessionParser = require('./routes/session_parser');
 import utils = require('./services/utils');
-import {config} from 'process';
-
-const {auth, requiresAuth} = require('express-openid-connect');
+import process = require('process');
+import oidc = require('express-openid-connect')
 
 require('./services/handlers');
 require('./becca/becca_loader');
+require("dotenv").config()
 
 const app = express();
 
+const authRoutes = {
+    callback: '/callback',
+    login: '/auth',
+    postLogoutRedirect: '/login',
+    logout: '/logout'
+};
+
+const authConfig = {
+    authRequired: true,
+    auth0Logout: true,
+    baseURL: process.env.BASE_URL,
+    clientID: process.env.CLIENT_ID,
+    issuerBaseURL: process.env.ISSUER_BASE_URL,
+    secret: process.env.SECRET,
+    routes: authRoutes,
+};
+
+
 // view engine setup
 app.set('views', path.join(__dirname, 'views'));
 app.set('view engine', 'ejs');
@@ -44,6 +62,9 @@ app.use(`/robots.txt`, express.static(path.join(__dirname, 'public/robots.txt'))
 app.use(sessionParser);
 app.use(favicon(`${__dirname}/../images/app-icons/win/icon.ico`));
 
+if ( process.env.ENABLE_OAUTH?.toLocaleLowerCase() === "true")
+    app.use(oidc.auth(authConfig));
+
 require('./routes/assets').register(app);
 require('./routes/routes').register(app);
 require('./routes/custom').register(app);
@@ -60,28 +81,6 @@ require('./services/consistency_checks');
 
 require('./services/scheduler');
 
-const authRoutes = {
-    callback: '/callback',
-    login: '/auth',
-    postLogoutRedirect: '/login',
-};
-
-const authConfig = {
-    authRequired: true,
-    auth0Logout: true,
-    ***REMOVED***
-***REMOVED***
-***REMOVED***
-***REMOVED***
-    routes: authRoutes,
-};
-
-app.use(auth(authConfig));
-
-// app.get('/auth', requiresAuth(), (req, res) => {
-//     res.send(JSON.stringify(req, null, 2));
-// });
-
 if (utils.isElectron()) {
     require('@electron/remote/main').initialize();
 }
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 32b4a3aca2..6ee5410d54 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -23,7 +23,7 @@ import setupRoute = require('./setup');
 import loginRoute = require('./login');
 import indexRoute = require('./index');
 import callbackRoute = require('./callback');
-import oidc = require('../services/login/open_id_connect');
+import oidc = require('../services/login/oidc_testing');
 
 // API routes
 import treeApiRoute = require('./api/tree');
@@ -79,8 +79,6 @@ import etapiBackupRoute = require('../etapi/backup');
 import {AppRequest, AppRequestHandler} from './route-interface';
 import callback = require('./callback');
 
-// import { requiresAuth } = require('express-openid-connect');
-const {requiresAuth} = require('express-openid-connect');
 
 const csrfMiddleware = csurf({
     cookie: {
@@ -124,7 +122,8 @@ function register(app: express.Application) {
     route(GET, '/', [auth.checkAuth, csrfMiddleware], indexRoute.index);
     route(GET, '/login', [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage);
     route(GET, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage);
-    route(GET, '/auth', [oidc.preAuth], oidc.authenticate);
+    route(GET, '/info', [], oidc.explain)
+
 
     const loginRateLimiter = rateLimit.rateLimit({
         windowMs: 15 * 60 * 1000, // 15 minutes
@@ -136,9 +135,7 @@ function register(app: express.Application) {
     route(PST, '/logout', [csrfMiddleware, auth.checkAuth], loginRoute.logout);
     route(PST, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPassword);
     route(GET, '/setup', [], setupRoute.setupPage);
-    // route(PST, '/authenticate', [], oidc.authenticate);
 
-    route(GET, '/callback', [], callback.callback);
 
     apiRoute(GET, '/api/totp/generate', totp.generateSecret);
     apiRoute(GET, '/api/totp/enabled', totp.checkForTOTP);
@@ -153,8 +150,6 @@ function register(app: express.Application) {
     apiRoute(GET, '/api/totp_recovery/enabled', recoveryCodes.checkForRecoveryKeys);
     apiRoute(GET, '/api/totp_recovery/used', recoveryCodes.getUsedRecoveryCodes);
 
-    apiRoute(GET, '/api/oidc/initiate', oidc.login);
-
     apiRoute(GET, '/api/tree', treeApiRoute.getTree);
     apiRoute(PST, '/api/tree/load', treeApiRoute.load);
 
diff --git a/src/services/login/oidc_testing.ts b/src/services/login/oidc_testing.ts
new file mode 100644
index 0000000000..8969600a69
--- /dev/null
+++ b/src/services/login/oidc_testing.ts
@@ -0,0 +1,17 @@
+/** @format */
+
+'use strict';
+
+import {NextFunction, Request, Response} from 'express';
+
+function explain(req: Request, res: Response, next: NextFunction){
+    
+    if ( req.oidc.user)
+        res.send( req.oidc.user?.name )
+    else
+        res.send( "User is not logged in")
+}
+
+export = {
+    explain,
+};

From 28b506eda67ddefc011af37f218968cf7fc8b44a Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 19 May 2024 20:47:42 -0700
Subject: [PATCH 28/63] Logout issue fixed

---
 package-lock.json                             |  67 ++++---
 src/app.ts                                    |  28 ++-
 src/errors/open_id_error.ts                   |  11 ++
 src/routes/callback.ts                        |   3 +-
 src/routes/index.ts                           |  33 +++-
 src/routes/login.ts                           |  36 +++-
 src/routes/routes.ts                          |  12 +-
 src/services/auth.ts                          |   7 +-
 src/services/encryption/my_scrypt.ts          |  34 +++-
 src/services/encryption/open_id.ts            |  86 ++++++++
 src/services/encryption/open_id_encryption.ts |  42 ++++
 src/services/login/oidc_testing.ts            |  68 ++++++-
 src/services/login/open_id_connect.ts         |  61 ------
 src/services/open_id.ts                       |  23 +++
 src/views/auth-failed.ejs                     |  73 +++++++
 src/views/authenticate_oidc.ejs               | 128 ------------
 src/views/login.ejs                           | 186 ++++++++----------
 17 files changed, 533 insertions(+), 365 deletions(-)
 create mode 100644 src/errors/open_id_error.ts
 create mode 100644 src/services/encryption/open_id.ts
 create mode 100644 src/services/encryption/open_id_encryption.ts
 delete mode 100644 src/services/login/open_id_connect.ts
 create mode 100644 src/services/open_id.ts
 create mode 100644 src/views/auth-failed.ejs
 delete mode 100644 src/views/authenticate_oidc.ejs

diff --git a/package-lock.json b/package-lock.json
index ca5a5c9a19..8700a5af27 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -26,12 +26,13 @@
         "dayjs": "1.11.10",
         "dayjs-plugin-utc": "0.1.2",
         "debounce": "1.2.1",
+        "dotenv": "^16.4.5",
         "ejs": "3.1.9",
         "electron-debug": "3.2.0",
         "electron-dl": "3.5.2",
         "electron-window-state": "5.0.3",
         "escape-html": "1.0.3",
-        "express": "4.18.3",
+        "express": "4.19.2",
         "express-openid-connect": "^2.17.1",
         "express-partial-content": "1.0.2",
         "express-rate-limit": "7.2.0",
@@ -5213,12 +5214,14 @@
       }
     },
     "node_modules/dotenv": {
-      "version": "9.0.2",
-      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-9.0.2.tgz",
-      "integrity": "sha512-I9OvvrHp4pIARv4+x9iuewrWycX6CcZtoAu1XrzPxc5UygMJXJZYmBsynku8IkrJwgypE5DGNjDPmPRhDCptUg==",
-      "dev": true,
+      "version": "16.4.5",
+      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.4.5.tgz",
+      "integrity": "sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg==",
       "engines": {
-        "node": ">=10"
+        "node": ">=12"
+      },
+      "funding": {
+        "url": "https://dotenvx.com"
       }
     },
     "node_modules/dotenv-expand": {
@@ -6234,16 +6237,16 @@
       }
     },
     "node_modules/express": {
-      "version": "4.18.3",
-      "resolved": "https://registry.npmjs.org/express/-/express-4.18.3.tgz",
-      "integrity": "sha512-6VyCijWQ+9O7WuVMTRBTl+cjNNIzD5cY5mQ1WM8r/LEkI2u8EYpOotESNwzNlyCn3g+dmjKYI6BmNneSr/FSRw==",
+      "version": "4.19.2",
+      "resolved": "https://registry.npmjs.org/express/-/express-4.19.2.tgz",
+      "integrity": "sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==",
       "dependencies": {
         "accepts": "~1.3.8",
         "array-flatten": "1.1.1",
         "body-parser": "1.20.2",
         "content-disposition": "0.5.4",
         "content-type": "~1.0.4",
-        "cookie": "0.5.0",
+        "cookie": "0.6.0",
         "cookie-signature": "1.0.6",
         "debug": "2.6.9",
         "depd": "2.0.0",
@@ -6465,9 +6468,9 @@
       ]
     },
     "node_modules/express/node_modules/cookie": {
-      "version": "0.5.0",
-      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.5.0.tgz",
-      "integrity": "sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==",
+      "version": "0.6.0",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
+      "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==",
       "engines": {
         "node": ">= 0.6"
       }
@@ -11033,6 +11036,15 @@
         "node": ">=12.0.0"
       }
     },
+    "node_modules/read-config-file/node_modules/dotenv": {
+      "version": "9.0.2",
+      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-9.0.2.tgz",
+      "integrity": "sha512-I9OvvrHp4pIARv4+x9iuewrWycX6CcZtoAu1XrzPxc5UygMJXJZYmBsynku8IkrJwgypE5DGNjDPmPRhDCptUg==",
+      "dev": true,
+      "engines": {
+        "node": ">=10"
+      }
+    },
     "node_modules/read-pkg": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-2.0.0.tgz",
@@ -17671,10 +17683,9 @@
       }
     },
     "dotenv": {
-      "version": "9.0.2",
-      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-9.0.2.tgz",
-      "integrity": "sha512-I9OvvrHp4pIARv4+x9iuewrWycX6CcZtoAu1XrzPxc5UygMJXJZYmBsynku8IkrJwgypE5DGNjDPmPRhDCptUg==",
-      "dev": true
+      "version": "16.4.5",
+      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.4.5.tgz",
+      "integrity": "sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg=="
     },
     "dotenv-expand": {
       "version": "5.1.0",
@@ -18477,16 +18488,16 @@
       "integrity": "sha512-XYfuKMvj4O35f/pOXLObndIRvyQ+/+6AhODh+OKWj9S9498pHHn/IMszH+gt0fBCRWMNfk1ZSp5x3AifmnI2vg=="
     },
     "express": {
-      "version": "4.18.3",
-      "resolved": "https://registry.npmjs.org/express/-/express-4.18.3.tgz",
-      "integrity": "sha512-6VyCijWQ+9O7WuVMTRBTl+cjNNIzD5cY5mQ1WM8r/LEkI2u8EYpOotESNwzNlyCn3g+dmjKYI6BmNneSr/FSRw==",
+      "version": "4.19.2",
+      "resolved": "https://registry.npmjs.org/express/-/express-4.19.2.tgz",
+      "integrity": "sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==",
       "requires": {
         "accepts": "~1.3.8",
         "array-flatten": "1.1.1",
         "body-parser": "1.20.2",
         "content-disposition": "0.5.4",
         "content-type": "~1.0.4",
-        "cookie": "0.5.0",
+        "cookie": "0.6.0",
         "cookie-signature": "1.0.6",
         "debug": "2.6.9",
         "depd": "2.0.0",
@@ -18515,9 +18526,9 @@
       },
       "dependencies": {
         "cookie": {
-          "version": "0.5.0",
-          "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.5.0.tgz",
-          "integrity": "sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw=="
+          "version": "0.6.0",
+          "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
+          "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw=="
         },
         "debug": {
           "version": "2.6.9",
@@ -22034,6 +22045,14 @@
         "js-yaml": "^4.1.0",
         "json5": "^2.2.0",
         "lazy-val": "^1.0.4"
+      },
+      "dependencies": {
+        "dotenv": {
+          "version": "9.0.2",
+          "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-9.0.2.tgz",
+          "integrity": "sha512-I9OvvrHp4pIARv4+x9iuewrWycX6CcZtoAu1XrzPxc5UygMJXJZYmBsynku8IkrJwgypE5DGNjDPmPRhDCptUg==",
+          "dev": true
+        }
       }
     },
     "read-pkg": {
diff --git a/src/app.ts b/src/app.ts
index 9b4c87d152..610a6cc1ea 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -9,11 +9,17 @@ import compression = require('compression');
 import sessionParser = require('./routes/session_parser');
 import utils = require('./services/utils');
 import process = require('process');
-import oidc = require('express-openid-connect')
+import oidc = require('express-openid-connect');
+import openID = require('./services/open_id');
+import {Request, Response, NextFunction} from 'express';
+import {userInfo} from 'os';
+import {request} from 'http';
+import a = require('./services/login/oidc_testing');
+import oidc_testing = require('./services/login/oidc_testing');
 
 require('./services/handlers');
 require('./becca/becca_loader');
-require("dotenv").config()
+require('dotenv').config();
 
 const app = express();
 
@@ -21,20 +27,26 @@ const authRoutes = {
     callback: '/callback',
     login: '/auth',
     postLogoutRedirect: '/login',
-    logout: '/logout'
+    logout: '/logout',
+};
+
+const logoutParams = {
+    end_session_endpoint: '/end-session/',
 };
 
 const authConfig = {
     authRequired: true,
-    auth0Logout: true,
+    auth0Logout: false,
     baseURL: process.env.BASE_URL,
     clientID: process.env.CLIENT_ID,
     issuerBaseURL: process.env.ISSUER_BASE_URL,
     secret: process.env.SECRET,
+    // scope: 'code',
     routes: authRoutes,
+    idpLogout: true,
+    logoutParams: logoutParams,
 };
 
-
 // view engine setup
 app.set('views', path.join(__dirname, 'views'));
 app.set('view engine', 'ejs');
@@ -62,8 +74,10 @@ app.use(`/robots.txt`, express.static(path.join(__dirname, 'public/robots.txt'))
 app.use(sessionParser);
 app.use(favicon(`${__dirname}/../images/app-icons/win/icon.ico`));
 
-if ( process.env.ENABLE_OAUTH?.toLocaleLowerCase() === "true")
-    app.use(oidc.auth(authConfig));
+if (openID.checkOpenIDRequirements()) app.use(oidc.auth(authConfig));
+
+app.get('/info', a.explain);
+app.get('/callback', oidc_testing.callback);
 
 require('./routes/assets').register(app);
 require('./routes/routes').register(app);
diff --git a/src/errors/open_id_error.ts b/src/errors/open_id_error.ts
new file mode 100644
index 0000000000..8395c79716
--- /dev/null
+++ b/src/errors/open_id_error.ts
@@ -0,0 +1,11 @@
+/** @format */
+
+class OpenIDError {
+    message: string;
+
+    constructor(message: string) {
+        this.message = message;
+    }
+}
+
+export = OpenIDError;
diff --git a/src/routes/callback.ts b/src/routes/callback.ts
index 978a46a8bc..aab730da1c 100644
--- a/src/routes/callback.ts
+++ b/src/routes/callback.ts
@@ -7,8 +7,9 @@ import {Request, Response} from 'express';
 function callback(req: Request, res: Response) {
     console.log('GOT CALLBACK');
     console.log(req.body);
+    res.redirect("/")
 }
 
 export = {
-    callback,
+    // callback,
 };
diff --git a/src/routes/index.ts b/src/routes/index.ts
index 2ede70f424..7829a01daf 100644
--- a/src/routes/index.ts
+++ b/src/routes/index.ts
@@ -1,4 +1,6 @@
-"use strict";
+/** @format */
+
+'use strict';
 
 import sql = require('../services/sql');
 import attributeService = require('../services/attributes');
@@ -11,14 +13,25 @@ import protectedSessionService = require('../services/protected_session');
 import packageJson = require('../../package.json');
 import assetPath = require('../services/asset_path');
 import appPath = require('../services/app_path');
-import { Request, Response } from 'express';
+import {Request, Response} from 'express';
+import openIDService = require('../services/encryption/open_id');
 
 function index(req: Request, res: Response) {
     const options = optionService.getOptionMap();
 
-    const view = (!utils.isElectron() && req.cookies['trilium-device'] === 'mobile')
-        ? 'mobile'
-        : 'desktop';
+    if (req.app.locals.firstLogin === true) {
+        openIDService.setSubjectIdentifier(req.oidc.user?.sub);
+        // console.log(req.oidc.user?.sub);
+        // pass();
+
+        // req.oidc.fetchUserInfo().then((result) => {
+        //     console.log('Set User Subject-Identifier');
+        //     openIDService.setSubjectIdentifier(result.sub);
+        // });
+        // next();
+    }
+
+    const view = !utils.isElectron() && req.cookies['trilium-device'] === 'mobile' ? 'mobile' : 'desktop';
 
     const csrfToken = req.csrfToken();
     log.info(`Generated CSRF token ${csrfToken} with secret ${res.getHeader('set-cookie')}`);
@@ -30,8 +43,8 @@ function index(req: Request, res: Response) {
         mainFontSize: parseInt(options.mainFontSize),
         treeFontSize: parseInt(options.treeFontSize),
         detailFontSize: parseInt(options.detailFontSize),
-        maxEntityChangeIdAtLoad: sql.getValue("SELECT COALESCE(MAX(id), 0) FROM entity_changes"),
-        maxEntityChangeSyncIdAtLoad: sql.getValue("SELECT COALESCE(MAX(id), 0) FROM entity_changes WHERE isSynced = 1"),
+        maxEntityChangeIdAtLoad: sql.getValue('SELECT COALESCE(MAX(id), 0) FROM entity_changes'),
+        maxEntityChangeSyncIdAtLoad: sql.getValue('SELECT COALESCE(MAX(id), 0) FROM entity_changes WHERE isSynced = 1'),
         instanceName: config.General ? config.General.instanceName : null,
         appCssNoteIds: getAppCssNoteIds(),
         isDev: env.isDev(),
@@ -40,7 +53,7 @@ function index(req: Request, res: Response) {
         maxContentWidth: parseInt(options.maxContentWidth),
         triliumVersion: packageJson.version,
         assetPath: assetPath,
-        appPath: appPath
+        appPath: appPath,
     });
 }
 
@@ -61,9 +74,9 @@ function getThemeCssUrl(theme: string) {
 }
 
 function getAppCssNoteIds() {
-    return attributeService.getNotesWithLabel('appCss').map(note => note.noteId);
+    return attributeService.getNotesWithLabel('appCss').map((note) => note.noteId);
 }
 
 export = {
-    index
+    index,
 };
diff --git a/src/routes/login.ts b/src/routes/login.ts
index 23ad2d41c1..49d0c3ca13 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -1,3 +1,5 @@
+/** @format */
+
 'use strict';
 
 import utils = require('../services/utils');
@@ -12,15 +14,31 @@ import totp_secret = require('../services/totp_secret');
 import {Request, Response} from 'express';
 import {AppRequest} from './route-interface';
 import recoveryCodeService = require('../services/encryption/recovery_codes');
+import openID = require('../services/open_id');
 
 const speakeasy = require('speakeasy');
 
 function loginPage(req: Request, res: Response) {
-    res.render("login", {
+    // console.log( req.oidc.isAuthenticated())
+    if (openID.isOpenIDEnabled()) res.redirect('/auth');
+    else
+        res.render('login', {
+            failedAuth: false,
+            totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
+            openIDEnabled: openID.isOpenIDEnabled(),
+            assetPath: assetPath,
+            appPath: appPath,
+        });
+}
+
+function authFailedPage(req: Request, res: Response) {
+    // console.log( req.oidc.isAuthenticated())
+    res.render('auth-failed', {
         failedAuth: false,
         totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
+        openIDEnabled: openID.isOpenIDEnabled(),
         assetPath: assetPath,
-        appPath: appPath
+        appPath: appPath,
     });
 }
 
@@ -28,7 +46,7 @@ function setPasswordPage(req: Request, res: Response) {
     res.render('set_password', {
         error: false,
         assetPath: assetPath,
-        appPath: appPath
+        appPath: appPath,
     });
 }
 
@@ -52,7 +70,7 @@ function setPassword(req: Request, res: Response) {
     if (error) {
         res.render('set_password', {
             error,
-            assetPath: assetPath
+            assetPath: assetPath,
         });
         return;
     }
@@ -98,7 +116,7 @@ function sendLoginError(req: AppRequest, res: Response) {
     res.status(401).render('login', {
         failedAuth: true,
         totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
-        assetPath: assetPath
+        assetPath: assetPath,
     });
 }
 
@@ -107,7 +125,7 @@ function verifyTOTP(guessedToken: string) {
         secret: totp_secret.getTotpSecret(),
         encoding: 'base32',
         token: guessedToken,
-        window: 1
+        window: 1,
     });
 
     if (tokenValidates) return true;
@@ -129,7 +147,8 @@ function logout(req: AppRequest, res: Response) {
     req.session.regenerate(() => {
         req.session.loggedIn = false;
 
-        res.redirect('login');
+        if (openID.isOpenIDEnabled()) res.oidc.logout({});
+        else res.redirect('login');
     });
 }
 
@@ -138,5 +157,6 @@ export = {
     setPasswordPage,
     setPassword,
     login,
-    logout
+    logout,
+    authFailedPage,
 };
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 6ee5410d54..784a8de8c6 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -78,7 +78,7 @@ import etapiSpecRoute = require('../etapi/spec');
 import etapiBackupRoute = require('../etapi/backup');
 import {AppRequest, AppRequestHandler} from './route-interface';
 import callback = require('./callback');
-
+import {LogoutOptions} from 'express-openid-connect';
 
 const csrfMiddleware = csurf({
     cookie: {
@@ -119,11 +119,13 @@ const uploadMiddlewareWithErrorHandling = function (
 };
 
 function register(app: express.Application) {
-    route(GET, '/', [auth.checkAuth, csrfMiddleware], indexRoute.index);
+    route(GET, '/', [auth.checkAuth, oidc.authCallback, csrfMiddleware], indexRoute.index);
     route(GET, '/login', [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage);
     route(GET, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage);
-    route(GET, '/info', [], oidc.explain)
-
+    route(GET, '/auth-failed', [], loginRoute.authFailedPage);
+    // route(GET, '/info', [], oidc.explain)
+    // route(GET, '/callback', [oidc.authCallback], oidc.callback)
+    route(GET, '/logot', [], oidc.logoutOfOidc);
 
     const loginRateLimiter = rateLimit.rateLimit({
         windowMs: 15 * 60 * 1000, // 15 minutes
@@ -136,6 +138,8 @@ function register(app: express.Application) {
     route(PST, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPassword);
     route(GET, '/setup', [], setupRoute.setupPage);
 
+    apiRoute(GET, '/callback', oidc.callback);
+    apiRoute(PST, '/callback', oidc.callback);
 
     apiRoute(GET, '/api/totp/generate', totp.generateSecret);
     apiRoute(GET, '/api/totp/enabled', totp.checkForTOTP);
diff --git a/src/services/auth.ts b/src/services/auth.ts
index 39f2b430eb..bce906d1f9 100644
--- a/src/services/auth.ts
+++ b/src/services/auth.ts
@@ -9,14 +9,19 @@ import config = require('./config');
 import passwordService = require('./encryption/password');
 import type { NextFunction, Request, Response } from 'express';
 import { AppRequest } from '../routes/route-interface';
+import openID = require('./open_id');
 
 const noAuthentication = config.General && config.General.noAuthentication === true;
 
 function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
     if (!sqlInit.isDbInitialized()) {
         res.redirect("setup");
+    // TODO: Find out how to set session logged in
+    }else if ( !req.oidc.isAuthenticated() && openID.isOpenIDEnabled()){
+        // !req.session.loggedIn
+        res.redirect("auth")
     }
-    else if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
+    else if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication && !openID.isOpenIDEnabled()) {
         res.redirect("login");
     }
     else {
diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index 495ae62bf7..c36de1c7e0 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -1,16 +1,18 @@
-"use strict";
+/** @format */
 
-import optionService = require("../options");
-import crypto = require("crypto");
+'use strict';
+
+import optionService = require('../options');
+import crypto = require('crypto');
 
 function getVerificationHash(password: crypto.BinaryLike) {
-    const salt = optionService.getOption("passwordVerificationSalt");
+    const salt = optionService.getOption('passwordVerificationSalt');
 
     return getScryptHash(password, salt);
 }
 
 function getPasswordDerivedKey(password: crypto.BinaryLike) {
-    const salt = optionService.getOption("passwordDerivedKeySalt");
+    const salt = optionService.getOption('passwordDerivedKeySalt');
 
     return getScryptHash(password, salt);
 }
@@ -19,27 +21,41 @@ function getScryptHash(password: crypto.BinaryLike, salt: crypto.BinaryLike) {
     const hashed = crypto.scryptSync(password, salt, 32, {
         N: 16384,
         r: 8,
-        p: 1
+        p: 1,
     });
 
     return hashed;
 }
 
 function getTotpSecretVerificationHash(secret: crypto.BinaryLike) {
-    const salt = optionService.getOption("totpSecretVerificationSalt");
+    const salt = optionService.getOption('totpSecretVerificationSalt');
 
     return getScryptHash(secret, salt);
 }
 
 function getTotpSecretDerivedKey(secret: crypto.BinaryLike) {
-    const salt = optionService.getOption("totpSecretDerivedKeySalt");
+    const salt = optionService.getOption('totpSecretDerivedKeySalt');
 
     return getScryptHash(secret, salt);
 }
 
+function getSubjectIdentifierVerificationHash(password: crypto.BinaryLike) {
+    const salt = optionService.getOption('subjectIdentifierVerificationSalt');
+
+    return getScryptHash(password, salt);
+}
+
+function getSubjectIdentifierDerivedKey(subjectIdentifer: crypto.BinaryLike) {
+    const salt = optionService.getOption('subjectIdentifierDerivedKeySalt');
+
+    return getScryptHash(subjectIdentifer, salt);
+}
+
 export = {
     getVerificationHash,
     getPasswordDerivedKey,
     getTotpSecretVerificationHash,
-    getTotpSecretDerivedKey
+    getTotpSecretDerivedKey,
+    getSubjectIdentifierVerificationHash,
+    getSubjectIdentifierDerivedKey,
 };
diff --git a/src/services/encryption/open_id.ts b/src/services/encryption/open_id.ts
new file mode 100644
index 0000000000..cacbdd36e1
--- /dev/null
+++ b/src/services/encryption/open_id.ts
@@ -0,0 +1,86 @@
+/** @format */
+
+'use strict';
+
+import sql = require('../sql');
+import optionService = require('../options');
+import myScryptService = require('./my_scrypt');
+import utils = require('../utils');
+import openIDEncryptionService = require('./open_id_encryption');
+
+function isSubjectIdentifierSet() {
+    return !!sql.getValue("SELECT value FROM options WHERE name = 'subjectIdentifierVerificationHash'");
+}
+
+// function changeSubjectIdentifier(currentSubjectIdentifier: string, newPassword: string) {
+//     if (!isSubjectIdentifierSet()) {
+//         throw new Error("Password has not been set yet, so it cannot be changed. Use 'setPassword' instead.");
+//     }
+
+//     if (!passwordEncryptionService.verifyPassword(currentSubjectIdentifier)) {
+//         return {
+//             success: false,
+//             message: "Given current password doesn't match hash",
+//         };
+//     }
+
+//     sql.transactional(() => {
+//         const decryptedDataKey = passwordEncryptionService.getDataKey(currentSubjectIdentifier);
+
+//         optionService.setOption('passwordVerificationSalt', utils.randomSecureToken(32));
+//         optionService.setOption('passwordDerivedKeySalt', utils.randomSecureToken(32));
+
+//         const newPasswordVerificationKey = utils.toBase64(myScryptService.getVerificationHash(newPassword));
+
+//         if (decryptedDataKey) {
+//             // TODO: what should happen if the decrypted data key is null?
+//             passwordEncryptionService.setDataKey(newPassword, decryptedDataKey);
+//         }
+
+//         optionService.setOption('passwordVerificationHash', newPasswordVerificationKey);
+//     });
+
+//     return {
+//         success: true,
+//     };
+// }
+
+function setSubjectIdentifier(subjectIdentifier: string) {
+    if (isSubjectIdentifierSet()) {
+        throw new Error(
+            "SubjectIdentifier is set already. Either change it or perform 'reset Subject Identifier' first."
+        );
+    }
+    optionService.setOption('subjectIdentifierVerificationSalt', utils.randomSecureToken(32));
+    optionService.setOption('subjectIdentifierDerivedKeySalt', utils.randomSecureToken(32));
+    const subjectIdentifierVerificationKey = utils.toBase64(myScryptService.getVerificationHash(subjectIdentifier));
+    optionService.setOption('subjectIdentifierVerificationHash', subjectIdentifierVerificationKey);
+
+    // passwordEncryptionService expects these options to already exist
+    optionService.setOption('subjectIdentifierEncryptedDataKey', '');
+    openIDEncryptionService.setDataKey(subjectIdentifier, utils.randomSecureToken(16));
+    return {
+        success: true,
+    };
+}
+
+function resetSubjectIdentifier() {
+    // user forgot the subjectIdentifier,
+    sql.transactional(() => {
+        optionService.setOption('subjectIdentifierVerificationSalt', '');
+        optionService.setOption('subjectIdentifierDerivedKeySalt', '');
+        optionService.setOption('subjectIdentifierEncryptedDataKey', '');
+        optionService.setOption('subjectIdentifierVerificationHash', '');
+    });
+
+    return {
+        success: true,
+    };
+}
+
+export = {
+    isSubjectIdentifierSet,
+    // changeSubjectIdentifier,
+    setSubjectIdentifier,
+    resetSubjectIdentifier,
+};
diff --git a/src/services/encryption/open_id_encryption.ts b/src/services/encryption/open_id_encryption.ts
new file mode 100644
index 0000000000..1c07655ce2
--- /dev/null
+++ b/src/services/encryption/open_id_encryption.ts
@@ -0,0 +1,42 @@
+/** @format */
+
+import optionService = require('../options');
+import myScryptService = require('./my_scrypt');
+import utils = require('../utils');
+import dataEncryptionService = require('./data_encryption');
+
+function verifyOpenIDSubjectIdentifier(password: string) {
+    const givenSubjectIdentifierHash = utils.toBase64(myScryptService.getSubjectIdentifierVerificationHash(password));
+
+    const dbSubjectIdentifierHash = optionService.getOptionOrNull('subjectIdentifierVerificationHash');
+
+    if (!dbSubjectIdentifierHash) {
+        return false;
+    }
+
+    return givenSubjectIdentifierHash === dbSubjectIdentifierHash;
+}
+
+function setDataKey(subjectIdentifier: string, plainTextDataKey: string | Buffer) {
+    const subjectIdentifierDerivedKey = myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
+
+    const newEncryptedDataKey = dataEncryptionService.encrypt(subjectIdentifierDerivedKey, plainTextDataKey);
+
+    optionService.setOption('subjectIdentifierEncryptedDataKey', newEncryptedDataKey);
+}
+
+function getDataKey(subjectIdentifier: string) {
+    const subjectIdentifierDerivedKey = myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
+
+    const encryptedDataKey = optionService.getOption('subjectIdentifierEncryptedDataKey');
+
+    const decryptedDataKey = dataEncryptionService.decrypt(subjectIdentifierDerivedKey, encryptedDataKey);
+
+    return decryptedDataKey;
+}
+
+export = {
+    verifyOpenIDSubjectIdentifier,
+    getDataKey,
+    setDataKey,
+};
diff --git a/src/services/login/oidc_testing.ts b/src/services/login/oidc_testing.ts
index 8969600a69..d0e5c31a81 100644
--- a/src/services/login/oidc_testing.ts
+++ b/src/services/login/oidc_testing.ts
@@ -3,15 +3,71 @@
 'use strict';
 
 import {NextFunction, Request, Response} from 'express';
+import {AppRequest} from '../../routes/route-interface';
+import openIDService = require('../encryption/open_id');
+import openIDEncryptionService = require('../encryption/open_id_encryption');
+import open_id = require('../open_id');
+import options = require('../options');
 
-function explain(req: Request, res: Response, next: NextFunction){
-    
-    if ( req.oidc.user)
-        res.send( req.oidc.user?.name )
-    else
-        res.send( "User is not logged in")
+async function pass() {
+    await openIDService.setSubjectIdentifier('req.oidc.user?.sub');
+}
+
+function authCallback(req: AppRequest, res: Response, next: NextFunction) {
+    console.log('CALLBACK');
+
+    // if (!openIDService.isSubjectIdentifierSet()) {
+    req.session.loggedIn = true;
+    // req.app.locals.firstLogin = true;
+    next();
+    // } else {
+    //     console.log('Verifying user: ' + openIDEncryptionService.verifyOpenIDSubjectIdentifier(req.oidc.user?.sub));
+    //     next();
+    // }
+
+    // next();
+
+    // req.oidc.fetchUserInfo().then((result) => {
+    //     if (openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)) {
+    //         req.session.loggedIn = true;
+    //         next();
+    //     }
+    // });
+
+    // res.redirect('/auth-failed');
+}
+
+function callback(req: Request, res: Response, next: NextFunction) {
+    console.log('CALLBACK FINALLY');
+}
+
+function logoutOfOidc(req: Request, res: Response, next: NextFunction) {
+    // res.oidc.logout({returnTo: "http://localhost:8080/info"})
+    res.redirect('info');
+}
+function explain(req: Request, res: Response, next: NextFunction) {
+    if (open_id.isOpenIDEnabled()) {
+        if (req.oidc.isAuthenticated()) {
+            req.oidc.fetchUserInfo().then((result) => {
+                console.log(result.sub);
+            });
+            res.send(req.oidc.user?.name);
+        } else res.send('User is not logged in');
+    } else res.send('OIDC Not enabled');
+}
+
+function postAuth(req: Request, res: Response, next: NextFunction) {
+    if (!open_id.isOpenIDEnabled()) next();
+
+    if (!req.oidc.isAuthenticated()) next;
+
+    // req.session.
 }
 
 export = {
     explain,
+    authCallback,
+    postAuth,
+    callback,
+    logoutOfOidc,
 };
diff --git a/src/services/login/open_id_connect.ts b/src/services/login/open_id_connect.ts
deleted file mode 100644
index 8d1cd703a8..0000000000
--- a/src/services/login/open_id_connect.ts
+++ /dev/null
@@ -1,61 +0,0 @@
-/** @format */
-
-'use strict';
-
-import {NextFunction, Request, Response} from 'express';
-// This entire file is boilerplate from https://www.npmjs.com/package/openid-client
-
-import {Issuer, Strategy} from 'openid-client';
-import {generators} from 'openid-client';
-const {auth, requiresAuth} = require('express-openid-connect');
-
-const code_verifier = generators.codeVerifier();
-// store the code_verifier in your framework's session mechanism, if it is a cookie based solution
-// it should be httpOnly (not readable by javascript) and encrypted.
-
-async function login() {
-    const googleIssuer = await Issuer.discover(
-        'https://auth.mauldin314.com/application/o/trilium/.well-known/openid-configuration'
-    );
-    const nonce = generators.nonce();
-    console.log('Discovered issuer %s %O', googleIssuer.issuer, googleIssuer.metadata);
-
-    const client = new googleIssuer.Client({
-        client_id: 'utqV1OgVM9wiCL9rfk92a84pkQs2CpvzBkSdrXF4',
-        redirect_uris: ['http://localhost:8080/callback'],
-        response_types: ['id_token'],
-        // id_token_signed_response_alg (default "RS256")
-        // token_endpoint_auth_method (default "client_secret_basic")
-    }); // => Client
-
-    let a = new Strategy({client, passReqToCallback: true}, (req, tokenSet, userinfo, done) => {
-        console.log('tokenSet', tokenSet);
-        console.log('userinfo', userinfo);
-    });
-
-    //     const code_challenge = generators.codeChallenge(code_verifier);
-
-    //     client.authorizationUrl({
-    //         scope: 'openid email profile',
-    //         resource: 'https://auth.mauldin314.com/application/o/authorize/',
-    //         nonce,
-    //     });
-    // }
-}
-
-function authenticate(req: Request, res: Response) {
-    console.log('AHHHH');
-    // res.send(JSON.stringify(req.oidc.user, null, 2));
-}
-
-function preAuth(req: Request, res: Response, next: NextFunction) {
-    console.log('DKKDKDK');
-    requiresAuth();
-    next;
-}
-
-export = {
-    authenticate,
-    login,
-    preAuth,
-};
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
new file mode 100644
index 0000000000..f3a5588741
--- /dev/null
+++ b/src/services/open_id.ts
@@ -0,0 +1,23 @@
+/** @format */
+
+import OpenIDError = require('../errors/open_id_error');
+
+function isOpenIDEnabled() {
+    if (process.env.ENABLE_OAUTH?.toLocaleLowerCase() === 'true') return true;
+    return false;
+}
+
+function checkOpenIDRequirements() {
+    if (!isOpenIDEnabled()) return false;
+    if (process.env.BASE_URL === undefined) throw new OpenIDError('BASE_URL is undefined in .env!');
+    if (process.env.CLIENT_ID === undefined) throw new OpenIDError('CLIENT_ID is undefined in .env!');
+    if (process.env.ISSUER_BASE_URL === undefined) throw new OpenIDError('ISSUER_BASE_URL is undefined in .env!');
+    if (process.env.SECRET === undefined) throw new OpenIDError('SECRET is undefined in .env!');
+
+    return true;
+}
+
+export = {
+    isOpenIDEnabled,
+    checkOpenIDRequirements,
+};
diff --git a/src/views/auth-failed.ejs b/src/views/auth-failed.ejs
new file mode 100644
index 0000000000..e30772b59a
--- /dev/null
+++ b/src/views/auth-failed.ejs
@@ -0,0 +1,73 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="utf-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
+    <title>Login</title>
+    <link rel="apple-touch-icon" sizes="180x180" href="<%= assetPath %>/images/app-icons/ios/apple-touch-icon.png" />
+    <link rel="shortcut icon" href="favicon.ico" />
+</head>
+
+<body>
+    <div class="container">
+        <div class="col-xs-12 col-sm-10 col-md-6 col-lg-4 col-xl-4 mx-auto" style="padding-top: 25px">
+            <h1>Trilium login</h1>
+
+            <% if (failedAuth) { %>
+                <div class="alert alert-warning">
+                    Password is incorrect. Please try again.
+                </div>
+                <% } %>
+                    <div>
+                        <button href="http://localhost:8080/auth">Login with OAuth</button>
+                    </div>
+        </div>
+    </div>
+
+    <script>
+        // Required for correct loading of scripts in Electron
+        if (typeof module === "object") {
+            window.module = module;
+            module = undefined;
+        }
+
+        let device;
+
+        if (window.location.search === "?desktop") {
+            device = "desktop";
+        } else if (window.location.search === "?mobile") {
+            device = "mobile";
+        } else {
+            device = isMobile() ? "mobile" : "desktop";
+        }
+
+        console.log("Setting device cookie to:", device);
+
+        setCookie("trilium-device", device);
+
+        function setCookie(name, value) {
+            const date = new Date(Date.now() + 10 * 365 * 24 * 60 * 60 * 1000);
+            const expires = "; expires=" + date.toUTCString();
+
+            document.cookie = name + "=" + (value || "") + expires + "; path=/";
+        }
+
+        // https://stackoverflow.com/a/73731646/944162
+        function isMobile() {
+            const mQ = matchMedia?.("(pointer:coarse)");
+            if (mQ?.media === "(pointer:coarse)") return !!mQ.matches;
+
+            if ("orientation" in window) return true;
+
+            return (
+                /\b(BlackBerry|webOS|iPhone|IEMobile)\b/i.test(navigator.userAgent) ||
+                /\b(Android|Windows Phone|iPad|iPod)\b/i.test(navigator.userAgent)
+            );
+        }
+    </script>
+
+    <link href="<%= assetPath %>/libraries/bootstrap/css/bootstrap.min.css" rel="stylesheet" />
+</body>
+
+</html>
\ No newline at end of file
diff --git a/src/views/authenticate_oidc.ejs b/src/views/authenticate_oidc.ejs
deleted file mode 100644
index 2100a800f5..0000000000
--- a/src/views/authenticate_oidc.ejs
+++ /dev/null
@@ -1,128 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-  <head>
-    <meta charset="utf-8" />
-    <meta
-      name="viewport"
-      content="width=device-width, initial-scale=1, maximum-scale=1"
-    />
-    <title>Login</title>
-    <link
-      rel="apple-touch-icon"
-      sizes="180x180"
-      href="<%= assetPath %>/images/app-icons/ios/apple-touch-icon.png"
-    />
-    <link rel="shortcut icon" href="favicon.ico" />
-  </head>
-  <body>
-    <div class="container">
-      <div
-        class="col-xs-12 col-sm-10 col-md-6 col-lg-4 col-xl-4 mx-auto"
-        style="padding-top: 25px"
-      >
-        <h1>Trilium login</h1>
-
-        <% if (failedAuth) { %>
-        <div class="alert alert-warning">
-          Password is incorrect. Please try again.
-        </div>
-        <% } %>
-
-        <form action="login" method="POST">
-          <div class="form-group">
-            <label for="password">Password</label>
-            <div class="controls">
-              <input
-                id="password"
-                name="password"
-                placeholder=""
-                class="form-control"
-                type="password"
-              />
-            </div>
-          </div>
-          <% if( totpEnabled ) { %>
-            <div class="form-group">
-                <label for="otp-token">OTP Token</label>
-                <div class="controls">
-                <input
-                    id="token"
-                    name="token"
-                    placeholder=""
-                    class="form-control"
-                    type="text"
-                    required
-                />
-            </div>
-        <% } %>
-          <div class="form-group">
-            <div class="checkbox">
-              <label>
-                <input
-                  id="remember-me"
-                  name="rememberMe"
-                  value="1"
-                  type="checkbox"
-                />
-                Remember me
-              </label>
-            </div>
-          </div>
-          <div class="form-group">
-            <button class="btn btn-success">Login</button>
-          </div>
-        </form>
-        <div>
-          <button class="oidc">Login with Google</button>
-        </div>
-      </div>
-    </div>
-
-    <script>
-      // Required for correct loading of scripts in Electron
-      if (typeof module === "object") {
-        window.module = module;
-        module = undefined;
-      }
-
-      let device;
-
-      if (window.location.search === "?desktop") {
-        device = "desktop";
-      } else if (window.location.search === "?mobile") {
-        device = "mobile";
-      } else {
-        device = isMobile() ? "mobile" : "desktop";
-      }
-
-      console.log("Setting device cookie to:", device);
-
-      setCookie("trilium-device", device);
-
-      function setCookie(name, value) {
-        const date = new Date(Date.now() + 10 * 365 * 24 * 60 * 60 * 1000);
-        const expires = "; expires=" + date.toUTCString();
-
-        document.cookie = name + "=" + (value || "") + expires + "; path=/";
-      }
-
-      // https://stackoverflow.com/a/73731646/944162
-      function isMobile() {
-        const mQ = matchMedia?.("(pointer:coarse)");
-        if (mQ?.media === "(pointer:coarse)") return !!mQ.matches;
-
-        if ("orientation" in window) return true;
-
-        return (
-          /\b(BlackBerry|webOS|iPhone|IEMobile)\b/i.test(navigator.userAgent) ||
-          /\b(Android|Windows Phone|iPad|iPod)\b/i.test(navigator.userAgent)
-        );
-      }
-    </script>
-
-    <link
-      href="<%= assetPath %>/libraries/bootstrap/css/bootstrap.min.css"
-      rel="stylesheet"
-    />
-  </body>
-</html>
\ No newline at end of file
diff --git a/src/views/login.ejs b/src/views/login.ejs
index 48f754513d..59a7692555 100644
--- a/src/views/login.ejs
+++ b/src/views/login.ejs
@@ -1,128 +1,102 @@
 <!DOCTYPE html>
 <html lang="en">
-  <head>
+
+<head>
     <meta charset="utf-8" />
-    <meta
-      name="viewport"
-      content="width=device-width, initial-scale=1, maximum-scale=1"
-    />
+    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
     <title>Login</title>
-    <link
-      rel="apple-touch-icon"
-      sizes="180x180"
-      href="<%= assetPath %>/images/app-icons/ios/apple-touch-icon.png"
-    />
+    <link rel="apple-touch-icon" sizes="180x180" href="<%= assetPath %>/images/app-icons/ios/apple-touch-icon.png" />
     <link rel="shortcut icon" href="favicon.ico" />
-  </head>
-  <body>
+</head>
+
+<body>
     <div class="container">
-      <div
-        class="col-xs-12 col-sm-10 col-md-6 col-lg-4 col-xl-4 mx-auto"
-        style="padding-top: 25px"
-      >
-        <h1>Trilium login</h1>
-
-        <% if (failedAuth) { %>
-        <div class="alert alert-warning">
-          Password is incorrect. Please try again.
-        </div>
-        <% } %>
-
-        <form action="login" method="POST">
-          <div class="form-group">
-            <label for="password">Password</label>
-            <div class="controls">
-              <input
-                id="password"
-                name="password"
-                placeholder=""
-                class="form-control"
-                type="password"
-              />
-            </div>
-          </div>
-          <% if( totpEnabled ) { %>
-            <div class="form-group">
-                <label for="otp-token">OTP Token</label>
-                <div class="controls">
-                <input
-                    id="token"
-                    name="token"
-                    placeholder=""
-                    class="form-control"
-                    type="text"
-                    required
-                />
-            </div>
-        <% } %>
-          <div class="form-group">
-            <div class="checkbox">
-              <label>
-                <input
-                  id="remember-me"
-                  name="rememberMe"
-                  value="1"
-                  type="checkbox"
-                />
-                Remember me
-              </label>
-            </div>
-          </div>
-          <div class="form-group">
-            <button class="btn btn-success">Login</button>
-          </div>
-        </form>
-        <div>
-          <button href="http://localhost:8080/authenticate">Login with OAuth</button>
+        <div class="col-xs-12 col-sm-10 col-md-6 col-lg-4 col-xl-4 mx-auto" style="padding-top: 25px">
+            <h1>Trilium login</h1>
+
+            <% if (failedAuth) { %>
+                <div class="alert alert-warning">
+                    Password is incorrect. Please try again.
+                </div>
+                <% } %>
+
+                    <form action="login" method="POST">
+                        <div class="form-group">
+                            <label for="password">Password</label>
+                            <div class="controls">
+                                <input id="password" name="password" placeholder="" class="form-control"
+                                    type="password" />
+                            </div>
+                        </div>
+                        <% if( totpEnabled ) { %>
+                            <div class="form-group">
+                                <label for="otp-token">OTP Token</label>
+                                <div class="controls">
+                                    <input id="token" name="token" placeholder="" class="form-control" type="text"
+                                        required />
+                                </div>
+                                <% } %>
+                                    <div class="form-group">
+                                        <div class="checkbox">
+                                            <label>
+                                                <input id="remember-me" name="rememberMe" value="1" type="checkbox" />
+                                                Remember me
+                                            </label>
+                                        </div>
+                                    </div>
+                                    <div class="form-group">
+                                        <button class="btn btn-success">Login</button>
+                                    </div>
+                    </form>
+                    <div>
+                        <button href="http://localhost:8080/authenticate">Login with OAuth</button>
+                    </div>
         </div>
-      </div>
     </div>
 
     <script>
-      // Required for correct loading of scripts in Electron
-      if (typeof module === "object") {
-        window.module = module;
-        module = undefined;
-      }
+        // Required for correct loading of scripts in Electron
+        if (typeof module === "object") {
+            window.module = module;
+            module = undefined;
+        }
 
-      let device;
+        let device;
 
-      if (window.location.search === "?desktop") {
-        device = "desktop";
-      } else if (window.location.search === "?mobile") {
-        device = "mobile";
-      } else {
-        device = isMobile() ? "mobile" : "desktop";
-      }
+        if (window.location.search === "?desktop") {
+            device = "desktop";
+        } else if (window.location.search === "?mobile") {
+            device = "mobile";
+        } else {
+            device = isMobile() ? "mobile" : "desktop";
+        }
 
-      console.log("Setting device cookie to:", device);
+        console.log("Setting device cookie to:", device);
 
-      setCookie("trilium-device", device);
+        setCookie("trilium-device", device);
 
-      function setCookie(name, value) {
-        const date = new Date(Date.now() + 10 * 365 * 24 * 60 * 60 * 1000);
-        const expires = "; expires=" + date.toUTCString();
+        function setCookie(name, value) {
+            const date = new Date(Date.now() + 10 * 365 * 24 * 60 * 60 * 1000);
+            const expires = "; expires=" + date.toUTCString();
 
-        document.cookie = name + "=" + (value || "") + expires + "; path=/";
-      }
+            document.cookie = name + "=" + (value || "") + expires + "; path=/";
+        }
 
-      // https://stackoverflow.com/a/73731646/944162
-      function isMobile() {
-        const mQ = matchMedia?.("(pointer:coarse)");
-        if (mQ?.media === "(pointer:coarse)") return !!mQ.matches;
+        // https://stackoverflow.com/a/73731646/944162
+        function isMobile() {
+            const mQ = matchMedia?.("(pointer:coarse)");
+            if (mQ?.media === "(pointer:coarse)") return !!mQ.matches;
 
-        if ("orientation" in window) return true;
+            if ("orientation" in window) return true;
 
-        return (
-          /\b(BlackBerry|webOS|iPhone|IEMobile)\b/i.test(navigator.userAgent) ||
-          /\b(Android|Windows Phone|iPad|iPod)\b/i.test(navigator.userAgent)
-        );
-      }
+            return (
+                /\b(BlackBerry|webOS|iPhone|IEMobile)\b/i.test(navigator.userAgent) ||
+                /\b(Android|Windows Phone|iPad|iPod)\b/i.test(navigator.userAgent)
+            );
+        }
     </script>
 
-    <link
-      href="<%= assetPath %>/libraries/bootstrap/css/bootstrap.min.css"
-      rel="stylesheet"
-    />
-  </body>
+    <link href="<%= assetPath %>/libraries/bootstrap/css/bootstrap.min.css" rel="stylesheet" />
+</body>
+
 </html>
\ No newline at end of file

From 7e86d79998d7ee4e9bed0aa262b35ff17f6d3cc5 Mon Sep 17 00:00:00 2001
From: Chesspro13 <brandon@mauldin314.com>
Date: Mon, 20 May 2024 15:31:32 -0700
Subject: [PATCH 29/63] Working on setup

---
 .../widgets/type_widgets/content_widget.js    |   2 +
 .../app/widgets/type_widgets/options/oidc.js  | 110 +++++++++----
 src/routes/index.ts                           |  20 +--
 src/routes/login.ts                           |   2 +-
 src/routes/routes.ts                          |   6 +
 src/services/auth.ts                          |  79 ++++-----
 src/services/encryption/open_id.ts            |  18 +-
 src/services/encryption/open_id_encryption.ts |   5 +
 src/services/hidden_subtree.ts                |   1 +
 src/services/login/oidc_testing.ts            |  53 +++---
 src/services/options_init.ts                  | 154 ++++++++++--------
 11 files changed, 262 insertions(+), 188 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/content_widget.js b/src/public/app/widgets/type_widgets/content_widget.js
index 8ea179aee1..add13a6770 100644
--- a/src/public/app/widgets/type_widgets/content_widget.js
+++ b/src/public/app/widgets/type_widgets/content_widget.js
@@ -35,6 +35,7 @@ import BackendLogWidget from './content/backend_log.js';
 import AttachmentErasureTimeoutOptions from './options/other/attachment_erasure_timeout.js';
 import RibbonOptions from './options/appearance/ribbon.js';
 import MultiFactorAuthenticationOptions from './options/multi_factor_authentication.js';
+import OpenIDOptions from './options/oidc.js';
 
 const TPL = `<div class="note-detail-content-widget note-detail-printable">
     <style>
@@ -74,6 +75,7 @@ const CONTENT_WIDGETS = {
     _optionsCodeNotes: [VimKeyBindingsOptions, WrapLinesOptions, CodeAutoReadOnlySizeOptions, CodeMimeTypesOptions],
     _optionsImages: [ImageOptions],
     _optionsMFA: [MultiFactorAuthenticationOptions],
+    _optionsOpenID: [OpenIDOptions],
     _optionsImages: [ImageOptions],
     _optionsSpellcheck: [SpellcheckOptions],
     _optionsPassword: [PasswordOptions],
diff --git a/src/public/app/widgets/type_widgets/options/oidc.js b/src/public/app/widgets/type_widgets/options/oidc.js
index d58f26683b..6566509a11 100644
--- a/src/public/app/widgets/type_widgets/options/oidc.js
+++ b/src/public/app/widgets/type_widgets/options/oidc.js
@@ -1,43 +1,85 @@
 /** @format */
 
-// /** @format */
+/** @format */
 
-// import server from '../../../services/server.js';
+import server from '../../../services/server.js';
 // import protectedSessionHolder from '../../../services/protected_session_holder.js';
 // import toastService from '../../../services/toast.js';
-// import OptionsWidget from './options_widget.js';
+import OptionsWidget from './options_widget.js';
 
 // import {Issuer, Strategy} from 'openid-client';
 // import {generators} from 'openid-client';
 
-// const TPL = `
-// <div class="options-section">
-//     <h4 class="">OIDC</h4>
-//     <button class="oidcButton" > Launch OIDC </button>
-// </div>`;
-
-// export default class MultiFactorAuthenticationOptions extends OptionsWidget {
-//     doRender() {
-//         this.$widget = $(TPL);
-//         this.$oidcButton = this.$widget.find('.oidcButton');
-
-//         this.$protectedSessionTimeout = this.$widget.find('.protected-session-timeout-in-seconds');
-//         this.$protectedSessionTimeout.on('change', () =>
-//             this.updateOption('protectedSessionTimeout', this.$protectedSessionTimeout.val())
-//         );
-
-//         this.$oidcButton.on('click', (async) => {
-//             server.get('oidc/initiate').then((result) => {
-//                 console.log('Initiated');
-//                 console.log(result);
-//                 console.log('done');
-//             });
-//         });
-//     }
-
-//     async authenticate() {}
-
-//     optionsLoaded(options) {
-//         this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
-//     }
-// }
+const TPL = `
+<div class="options-section">
+    <div>
+        <h4>Login</h4>
+        <span class="loginResult"><i>No data loaded</i></span>
+        <br>
+        <button class="loginButton" > Launch OIDC </button>
+    </div>
+
+
+    <div>
+        <h4>Data</h4>
+        <span class="info-dump"><i>No data loaded</i></span>
+        <br>
+        <button class="infoButton" > Launch OIDC </button>
+    </div>
+
+    <div>
+        <h4>Current User</h4>
+        <span class="current-user-dump"><i>No data loaded</i></span>
+        <br>
+        <button class="currentUserButton" > Launch OIDC </button>
+    </div>
+</div>`;
+
+export default class OpenIDOptions extends OptionsWidget {
+    doRender() {
+        this.$widget = $(TPL);
+        this.$infoText = this.$widget.find('.info-dump');
+        this.$infoButton = this.$widget.find('.infoButton');
+        this.$currentUserText = this.$widget.find('.current-user-dump');
+        this.$currentUserButton = this.$widget.find('.currentUserButton');
+        this.$loginButton = this.$widget.find('.loginButton');
+        this.$loginText = this.$widget.find('.loginResult');
+
+        this.$protectedSessionTimeout = this.$widget.find('.protected-session-timeout-in-seconds');
+        this.$protectedSessionTimeout.on('change', () =>
+            this.updateOption('protectedSessionTimeout', this.$protectedSessionTimeout.val())
+        );
+
+        this.$infoButton.on('click', (async) => {
+            server.get('oidc/info').then((result) => {
+                this.$infoText.text(JSON.stringify(result));
+            });
+        });
+
+        this.$currentUserButton.on('click', (async) => {
+            server.get('oidc/verify').then((result) => {
+                this.$currentUserText.text(JSON.stringify(result));
+            });
+        });
+
+        this.$loginButton.on('click', (async) => {
+            server.get('oidc/login').then((result) => {
+                this.$loginText.text(JSON.stringify(result));
+            });
+        });
+    }
+
+    optionsLoaded(options) {
+        server.get('oidc/check').then((result) => {
+            console.log(result);
+            if (result.message === true) {
+                this.$loginText.text('User logged in');
+                this.$loginButton.text('Reset');
+            } else {
+                this.$loginText.text('No user logged in');
+                this.$loginButton.text('Set');
+            }
+        });
+        this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
+    }
+}
diff --git a/src/routes/index.ts b/src/routes/index.ts
index 7829a01daf..5c9b60fd68 100644
--- a/src/routes/index.ts
+++ b/src/routes/index.ts
@@ -19,17 +19,17 @@ import openIDService = require('../services/encryption/open_id');
 function index(req: Request, res: Response) {
     const options = optionService.getOptionMap();
 
-    if (req.app.locals.firstLogin === true) {
-        openIDService.setSubjectIdentifier(req.oidc.user?.sub);
-        // console.log(req.oidc.user?.sub);
-        // pass();
+    // if (req.app.locals.firstLogin === true) {
+    //     openIDService.cre(req.oidc.user?.sub);
+    // console.log(req.oidc.user?.sub);
+    // pass();
 
-        // req.oidc.fetchUserInfo().then((result) => {
-        //     console.log('Set User Subject-Identifier');
-        //     openIDService.setSubjectIdentifier(result.sub);
-        // });
-        // next();
-    }
+    // req.oidc.fetchUserInfo().then((result) => {
+    //     console.log('Set User Subject-Identifier');
+    //     openIDService.setSubjectIdentifier(result.sub);
+    // });
+    // next();
+    // }
 
     const view = !utils.isElectron() && req.cookies['trilium-device'] === 'mobile' ? 'mobile' : 'desktop';
 
diff --git a/src/routes/login.ts b/src/routes/login.ts
index 49d0c3ca13..d4d9695c4c 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -20,7 +20,7 @@ const speakeasy = require('speakeasy');
 
 function loginPage(req: Request, res: Response) {
     // console.log( req.oidc.isAuthenticated())
-    if (openID.isOpenIDEnabled()) res.redirect('/auth');
+    if (openID.isOpenIDEnabled() && req.app.locals.userSubjectIdentifierSaved) res.redirect('/auth');
     else
         res.render('login', {
             failedAuth: false,
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 784a8de8c6..0189fcc06d 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -80,6 +80,8 @@ import {AppRequest, AppRequestHandler} from './route-interface';
 import callback = require('./callback');
 import {LogoutOptions} from 'express-openid-connect';
 
+import openIDService = require('../services/open_id');
+
 const csrfMiddleware = csurf({
     cookie: {
         path: '', // empty, so cookie is valid only for the current path
@@ -147,6 +149,10 @@ function register(app: express.Application) {
     apiRoute(PST, '/api/totp/disable', totp.disableTOTP);
     apiRoute(PST, '/api/totp/set', totp.setTotpSecret);
     apiRoute(GET, '/api/totp/get', totp.getSecret);
+    apiRoute(GET, '/api/oidc/info', oidc.explain);
+    apiRoute(GET, '/api/oidc/verify', oidc.verifySubId);
+    apiRoute(GET, '/api/oidc/login', oidc.login);
+    apiRoute(GET, '/api/oidc/check', oidc.check);
 
     apiRoute(PST, '/api/totp_recovery/set', recoveryCodes.setRecoveryCodes);
     apiRoute(PST, '/api/totp_recovery/verify', recoveryCodes.veryifyRecoveryCode);
diff --git a/src/services/auth.ts b/src/services/auth.ts
index bce906d1f9..064bcbbb8d 100644
--- a/src/services/auth.ts
+++ b/src/services/auth.ts
@@ -1,4 +1,6 @@
-"use strict";
+/** @format */
+
+'use strict';
 
 import etapiTokenService = require('./etapi_tokens');
 import log = require('./log');
@@ -7,60 +9,54 @@ import utils = require('./utils');
 import passwordEncryptionService = require('./encryption/password_encryption');
 import config = require('./config');
 import passwordService = require('./encryption/password');
-import type { NextFunction, Request, Response } from 'express';
-import { AppRequest } from '../routes/route-interface';
+import type {NextFunction, Request, Response} from 'express';
+import {AppRequest} from '../routes/route-interface';
 import openID = require('./open_id');
 
 const noAuthentication = config.General && config.General.noAuthentication === true;
 
 function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
     if (!sqlInit.isDbInitialized()) {
-        res.redirect("setup");
-    // TODO: Find out how to set session logged in
-    }else if ( !req.oidc.isAuthenticated() && openID.isOpenIDEnabled()){
-        // !req.session.loggedIn
-        res.redirect("auth")
-    }
-    else if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication && !openID.isOpenIDEnabled()) {
-        res.redirect("login");
-    }
-    else {
-        next();
-    }
+        req.app.locals.userSubjectIdentifierSaved = false;
+        res.redirect('setup');
+        // TODO: Find out how to set session logged in
+    } else if (!req.session.loggedIn && openID.isOpenIDEnabled()) {
+        if (req.app.locals.userSubjectIdentifierSaved) res.redirect('auth');
+    } else if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication && !openID.isOpenIDEnabled()) {
+        res.redirect('login');
+    }
+    next();
 }
 
 // for electron things which need network stuff
 //  currently, we're doing that for file upload because handling form data seems to be difficult
 function checkApiAuthOrElectron(req: AppRequest, res: Response, next: NextFunction) {
     if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
-        reject(req, res, "Logged in session not found");
-    }
-    else {
+        reject(req, res, 'Logged in session not found');
+    } else {
         next();
     }
 }
 
 function checkApiAuth(req: AppRequest, res: Response, next: NextFunction) {
     if (!req.session.loggedIn && !noAuthentication) {
-        reject(req, res, "Logged in session not found");
-    }
-    else {
+        reject(req, res, 'Logged in session not found');
+    } else {
         next();
     }
 }
 
 function checkAppInitialized(req: AppRequest, res: Response, next: NextFunction) {
     if (!sqlInit.isDbInitialized()) {
-        res.redirect("setup");
-    }
-    else {
+        res.redirect('setup');
+    } else {
         next();
     }
 }
 
 function checkPasswordSet(req: AppRequest, res: Response, next: NextFunction) {
     if (!utils.isElectron() && !passwordService.isPasswordSet()) {
-        res.redirect("set-password");
+        res.redirect('set-password');
     } else {
         next();
     }
@@ -68,7 +64,7 @@ function checkPasswordSet(req: AppRequest, res: Response, next: NextFunction) {
 
 function checkPasswordNotSet(req: AppRequest, res: Response, next: NextFunction) {
     if (!utils.isElectron() && passwordService.isPasswordSet()) {
-        res.redirect("login");
+        res.redirect('login');
     } else {
         next();
     }
@@ -76,9 +72,8 @@ function checkPasswordNotSet(req: AppRequest, res: Response, next: NextFunction)
 
 function checkAppNotInitialized(req: AppRequest, res: Response, next: NextFunction) {
     if (sqlInit.isDbInitialized()) {
-        reject(req, res, "App already initialized.");
-    }
-    else {
+        reject(req, res, 'App already initialized.');
+    } else {
         next();
     }
 }
@@ -86,30 +81,25 @@ function checkAppNotInitialized(req: AppRequest, res: Response, next: NextFuncti
 function checkEtapiToken(req: AppRequest, res: Response, next: NextFunction) {
     if (etapiTokenService.isValidAuthHeader(req.headers.authorization)) {
         next();
-    }
-    else {
-        reject(req, res, "Token not found");
+    } else {
+        reject(req, res, 'Token not found');
     }
 }
 
 function reject(req: AppRequest, res: Response, message: string) {
     log.info(`${req.method} ${req.path} rejected with 401 ${message}`);
 
-    res.setHeader("Content-Type", "text/plain")
-        .status(401)
-        .send(message);
+    res.setHeader('Content-Type', 'text/plain').status(401).send(message);
 }
 
 function checkCredentials(req: AppRequest, res: Response, next: NextFunction) {
     if (!sqlInit.isDbInitialized()) {
-        res.setHeader("Content-Type", "text/plain")
-            .status(400)
-            .send('Database is not initialized yet.');
+        res.setHeader('Content-Type', 'text/plain').status(400).send('Database is not initialized yet.');
         return;
     }
 
     if (!passwordService.isPasswordSet()) {
-        res.setHeader("Content-Type", "text/plain")
+        res.setHeader('Content-Type', 'text/plain')
             .status(400)
             .send('Password has not been set yet. Please set a password and repeat the action');
         return;
@@ -118,15 +108,12 @@ function checkCredentials(req: AppRequest, res: Response, next: NextFunction) {
     const header = req.headers['trilium-cred'] || '';
     const auth = Buffer.from(header, 'base64').toString();
     const colonIndex = auth.indexOf(':');
-    const password = colonIndex === -1 ? "" : auth.substr(colonIndex + 1);
+    const password = colonIndex === -1 ? '' : auth.substr(colonIndex + 1);
     // username is ignored
 
     if (!passwordEncryptionService.verifyPassword(password)) {
-        res.setHeader("Content-Type", "text/plain")
-            .status(401)
-            .send('Incorrect password');
-    }
-    else {
+        res.setHeader('Content-Type', 'text/plain').status(401).send('Incorrect password');
+    } else {
         next();
     }
 }
@@ -140,5 +127,5 @@ export = {
     checkAppNotInitialized,
     checkApiAuthOrElectron,
     checkEtapiToken,
-    checkCredentials
+    checkCredentials,
 };
diff --git a/src/services/encryption/open_id.ts b/src/services/encryption/open_id.ts
index cacbdd36e1..d4b0aa2a8b 100644
--- a/src/services/encryption/open_id.ts
+++ b/src/services/encryption/open_id.ts
@@ -45,19 +45,20 @@ function isSubjectIdentifierSet() {
 //     };
 // }
 
-function setSubjectIdentifier(subjectIdentifier: string) {
+function createSubjectIdentifier(options: any, subjectIdentifier: string) {
     if (isSubjectIdentifierSet()) {
         throw new Error(
             "SubjectIdentifier is set already. Either change it or perform 'reset Subject Identifier' first."
         );
     }
-    optionService.setOption('subjectIdentifierVerificationSalt', utils.randomSecureToken(32));
-    optionService.setOption('subjectIdentifierDerivedKeySalt', utils.randomSecureToken(32));
+    console.log('FDFFF');
+    options.createOption('subjectIdentifierVerificationSalt', utils.randomSecureToken(32), true);
+    options.createOption('subjectIdentifierDerivedKeySalt', utils.randomSecureToken(32), true);
     const subjectIdentifierVerificationKey = utils.toBase64(myScryptService.getVerificationHash(subjectIdentifier));
-    optionService.setOption('subjectIdentifierVerificationHash', subjectIdentifierVerificationKey);
+    options.createOption('subjectIdentifierVerificationHash', subjectIdentifierVerificationKey, true);
 
     // passwordEncryptionService expects these options to already exist
-    optionService.setOption('subjectIdentifierEncryptedDataKey', '');
+    options.createOption('subjectIdentifierEncryptedDataKey', '', true);
     openIDEncryptionService.setDataKey(subjectIdentifier, utils.randomSecureToken(16));
     return {
         success: true,
@@ -78,9 +79,14 @@ function resetSubjectIdentifier() {
     };
 }
 
+function isSubjectIdentifierSaved() {
+    return optionService.getOptionBool('userSubjectIdentifierSaved');
+}
+
 export = {
     isSubjectIdentifierSet,
     // changeSubjectIdentifier,
-    setSubjectIdentifier,
+    createSubjectIdentifier,
     resetSubjectIdentifier,
+    isSubjectIdentifierSaved,
 };
diff --git a/src/services/encryption/open_id_encryption.ts b/src/services/encryption/open_id_encryption.ts
index 1c07655ce2..cef78998ce 100644
--- a/src/services/encryption/open_id_encryption.ts
+++ b/src/services/encryption/open_id_encryption.ts
@@ -4,8 +4,11 @@ import optionService = require('../options');
 import myScryptService = require('./my_scrypt');
 import utils = require('../utils');
 import dataEncryptionService = require('./data_encryption');
+import open_id = require('./open_id');
 
 function verifyOpenIDSubjectIdentifier(password: string) {
+    if (!optionService.getOptionBool('userSubjectIdentifierSaved')) return false;
+
     const givenSubjectIdentifierHash = utils.toBase64(myScryptService.getSubjectIdentifierVerificationHash(password));
 
     const dbSubjectIdentifierHash = optionService.getOptionOrNull('subjectIdentifierVerificationHash');
@@ -13,6 +16,8 @@ function verifyOpenIDSubjectIdentifier(password: string) {
     if (!dbSubjectIdentifierHash) {
         return false;
     }
+    console.log('HERE');
+    console.log(givenSubjectIdentifierHash === dbSubjectIdentifierHash);
 
     return givenSubjectIdentifierHash === dbSubjectIdentifierHash;
 }
diff --git a/src/services/hidden_subtree.ts b/src/services/hidden_subtree.ts
index b0d99b82af..d5e313bccb 100644
--- a/src/services/hidden_subtree.ts
+++ b/src/services/hidden_subtree.ts
@@ -343,6 +343,7 @@ const HIDDEN_SUBTREE_DEFINITION: Item = {
                 {id: '_optionsShortcuts', title: 'Shortcuts', type: 'contentWidget', icon: 'bxs-keyboard'},
                 {id: '_optionsTextNotes', title: 'Text Notes', type: 'contentWidget', icon: 'bx-text'},
                 {id: '_optionsMFA', title: 'MFA', type: 'contentWidget', icon: 'bx-lock'},
+                {id: '_optionsOpenID', title: 'OpenID', type: 'contentWidget', icon: 'bx-lock'},
                 {id: '_optionsCodeNotes', title: 'Code Notes', type: 'contentWidget', icon: 'bx-code'},
                 {id: '_optionsImages', title: 'Images', type: 'contentWidget', icon: 'bx-image'},
                 {id: '_optionsSpellcheck', title: 'Spellcheck', type: 'contentWidget', icon: 'bx-check-double'},
diff --git a/src/services/login/oidc_testing.ts b/src/services/login/oidc_testing.ts
index d0e5c31a81..1a1bd68823 100644
--- a/src/services/login/oidc_testing.ts
+++ b/src/services/login/oidc_testing.ts
@@ -10,31 +10,21 @@ import open_id = require('../open_id');
 import options = require('../options');
 
 async function pass() {
-    await openIDService.setSubjectIdentifier('req.oidc.user?.sub');
+    // await openIDService.setSubjectIdentifier('req.oidc.user?.sub');
 }
 
 function authCallback(req: AppRequest, res: Response, next: NextFunction) {
     console.log('CALLBACK');
 
-    // if (!openIDService.isSubjectIdentifierSet()) {
-    req.session.loggedIn = true;
-    // req.app.locals.firstLogin = true;
+    console.log('Checking to see if [' + req.oidc.user?.name + '] is logged in');
+    if (!req.app.locals.userSubjectIdentifierSaved) {
+        req.session.loggedIn = true;
+        console.log('USER IS NOT SET! NEED TO SET!');
+    } else {
+        if (req.app.locals.userAuthenticated) req.session.loggedIn = true;
+        else req.session.loggedIn = false;
+    }
     next();
-    // } else {
-    //     console.log('Verifying user: ' + openIDEncryptionService.verifyOpenIDSubjectIdentifier(req.oidc.user?.sub));
-    //     next();
-    // }
-
-    // next();
-
-    // req.oidc.fetchUserInfo().then((result) => {
-    //     if (openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)) {
-    //         req.session.loggedIn = true;
-    //         next();
-    //     }
-    // });
-
-    // res.redirect('/auth-failed');
 }
 
 function callback(req: Request, res: Response, next: NextFunction) {
@@ -51,7 +41,8 @@ function explain(req: Request, res: Response, next: NextFunction) {
             req.oidc.fetchUserInfo().then((result) => {
                 console.log(result.sub);
             });
-            res.send(req.oidc.user?.name);
+            // res.send(req.oidc.user?.name);
+            return {success: true, data: req.oidc.user};
         } else res.send('User is not logged in');
     } else res.send('OIDC Not enabled');
 }
@@ -64,10 +55,32 @@ function postAuth(req: Request, res: Response, next: NextFunction) {
     // req.session.
 }
 
+function verifySubId(req: Request, res: Response, next: NextFunction) {
+    req.oidc.fetchUserInfo().then((result) => {
+        return {success: true, result: openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)};
+    });
+}
+
+function check(req: Request, res: Response, next: NextFunction) {
+    return {success: true, message: openIDService.isSubjectIdentifierSet()};
+}
+
+function login(req: Request, res: Response, next: NextFunction) {
+    if (openIDService.isSubjectIdentifierSaved()) return {success: false, message: 'User ID already saved!'};
+    if (!req.oidc.user) return {success: false, message: 'User not logged in!'};
+
+    openIDService.createSubjectIdentifier(options, req.oidc.user?.sub);
+    console.log('User Sub saved!');
+    return {success: true, message: 'User ' + req.oidc.user.sub + ' saved!'};
+}
+
 export = {
     explain,
     authCallback,
     postAuth,
     callback,
     logoutOfOidc,
+    verifySubId,
+    login,
+    check,
 };
diff --git a/src/services/options_init.ts b/src/services/options_init.ts
index 649b1bcb47..21b0602760 100644
--- a/src/services/options_init.ts
+++ b/src/services/options_init.ts
@@ -1,10 +1,12 @@
+/** @format */
+
 import optionService = require('./options');
 import appInfo = require('./app_info');
 import utils = require('./utils');
 import log = require('./log');
 import dateUtils = require('./date_utils');
 import keyboardActions = require('./keyboard_actions');
-import { KeyboardShortcutWithRequiredActionName } from './keyboard_actions_interface';
+import {KeyboardShortcutWithRequiredActionName} from './keyboard_actions_interface';
 
 function initDocumentOptions() {
     optionService.createOption('documentId', utils.randomSecureToken(16), false);
@@ -17,12 +19,16 @@ interface NotSyncedOpts {
 }
 
 function initNotSyncedOptions(initialized: boolean, opts: NotSyncedOpts = {}) {
-    optionService.createOption('openNoteContexts', JSON.stringify([
-        {
-            notePath: 'root',
-            active: true
-        }
-    ]), false);
+    optionService.createOption(
+        'openNoteContexts',
+        JSON.stringify([
+            {
+                notePath: 'root',
+                active: true,
+            },
+        ]),
+        false
+    );
 
     optionService.createOption('lastDailyBackupDate', dateUtils.utcNowDateTime(), false);
     optionService.createOption('lastWeeklyBackupDate', dateUtils.utcNowDateTime(), false);
@@ -50,59 +56,60 @@ function initNotSyncedOptions(initialized: boolean, opts: NotSyncedOpts = {}) {
 }
 
 const defaultOptions = [
-    { name: "revisionSnapshotTimeInterval", value: "600", isSynced: true },
-    { name: "protectedSessionTimeout", value: "600", isSynced: true },
-    { name: "zoomFactor", value: process.platform === "win32" ? "0.9" : "1.0", isSynced: false },
-    { name: "overrideThemeFonts", value: "false", isSynced: false },
-    { name: "mainFontFamily", value: "theme", isSynced: false },
-    { name: "mainFontSize", value: "100", isSynced: false },
-    { name: "treeFontFamily", value: "theme", isSynced: false },
-    { name: "treeFontSize", value: "100", isSynced: false },
-    { name: "detailFontFamily", value: "theme", isSynced: false },
-    { name: "detailFontSize", value: "110", isSynced: false },
-    { name: "monospaceFontFamily", value: "theme", isSynced: false },
-    { name: "monospaceFontSize", value: "110", isSynced: false },
-    { name: "spellCheckEnabled", value: "true", isSynced: false },
-    { name: "spellCheckLanguageCode", value: "en-US", isSynced: false },
-    { name: "imageMaxWidthHeight", value: "2000", isSynced: true },
-    { name: "imageJpegQuality", value: "75", isSynced: true },
-    { name: "autoFixConsistencyIssues", value: "true", isSynced: false },
-    { name: "vimKeymapEnabled", value: "false", isSynced: false },
-    { name: "codeLineWrapEnabled", value: "true", isSynced: false },
+    {name: 'revisionSnapshotTimeInterval', value: '600', isSynced: true},
+    {name: 'protectedSessionTimeout', value: '600', isSynced: true},
+    {name: 'zoomFactor', value: process.platform === 'win32' ? '0.9' : '1.0', isSynced: false},
+    {name: 'overrideThemeFonts', value: 'false', isSynced: false},
+    {name: 'mainFontFamily', value: 'theme', isSynced: false},
+    {name: 'mainFontSize', value: '100', isSynced: false},
+    {name: 'treeFontFamily', value: 'theme', isSynced: false},
+    {name: 'treeFontSize', value: '100', isSynced: false},
+    {name: 'detailFontFamily', value: 'theme', isSynced: false},
+    {name: 'detailFontSize', value: '110', isSynced: false},
+    {name: 'monospaceFontFamily', value: 'theme', isSynced: false},
+    {name: 'monospaceFontSize', value: '110', isSynced: false},
+    {name: 'spellCheckEnabled', value: 'true', isSynced: false},
+    {name: 'spellCheckLanguageCode', value: 'en-US', isSynced: false},
+    {name: 'imageMaxWidthHeight', value: '2000', isSynced: true},
+    {name: 'imageJpegQuality', value: '75', isSynced: true},
+    {name: 'autoFixConsistencyIssues', value: 'true', isSynced: false},
+    {name: 'vimKeymapEnabled', value: 'false', isSynced: false},
+    {name: 'codeLineWrapEnabled', value: 'true', isSynced: false},
     {
-        name: "codeNotesMimeTypes",
+        name: 'codeNotesMimeTypes',
         value: '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]',
-        isSynced: true
+        isSynced: true,
     },
-    { name: "leftPaneWidth", value: "25", isSynced: false },
-    { name: "leftPaneVisible", value: "true", isSynced: false },
-    { name: "rightPaneWidth", value: "25", isSynced: false },
-    { name: "rightPaneVisible", value: "true", isSynced: false },
-    { name: "nativeTitleBarVisible", value: "false", isSynced: false },
-    { name: "eraseEntitiesAfterTimeInSeconds", value: "604800", isSynced: true }, // default is 7 days
-    { name: "hideArchivedNotes_main", value: "false", isSynced: false },
-    { name: "debugModeEnabled", value: "false", isSynced: false },
-    { name: "headingStyle", value: "underline", isSynced: true },
-    { name: "autoCollapseNoteTree", value: "true", isSynced: true },
-    { name: "autoReadonlySizeText", value: "10000", isSynced: false },
-    { name: "autoReadonlySizeCode", value: "30000", isSynced: false },
-    { name: "dailyBackupEnabled", value: "true", isSynced: false },
-    { name: "weeklyBackupEnabled", value: "true", isSynced: false },
-    { name: "monthlyBackupEnabled", value: "true", isSynced: false },
-    { name: "maxContentWidth", value: "1200", isSynced: false },
-    { name: "compressImages", value: "true", isSynced: true },
-    { name: "downloadImagesAutomatically", value: "true", isSynced: true },
-    { name: "minTocHeadings", value: "5", isSynced: true },
-    { name: "highlightsList", value: '["bold","italic","underline","color","bgColor"]', isSynced: true },
-    { name: "checkForUpdates", value: "true", isSynced: true },
-    { name: "disableTray", value: "false", isSynced: false },
-    { name: "eraseUnusedAttachmentsAfterSeconds", value: "2592000", isSynced: true },
-    { name: "customSearchEngineName", value: "DuckDuckGo", isSynced: true },
-    { name: "customSearchEngineUrl", value: "https://duckduckgo.com/?q={keyword}", isSynced: true },
-    { name: "promotedAttributesOpenInRibbon", value: "true", isSynced: true },
-    { name: "editedNotesOpenInRibbon", value: "true", isSynced: true },
-    { name: "totpEnabled", value: "false", isSynced: true },
-    { name: "encryptedRecoveryCodes", value: "false", isSynced: true }
+    {name: 'leftPaneWidth', value: '25', isSynced: false},
+    {name: 'leftPaneVisible', value: 'true', isSynced: false},
+    {name: 'rightPaneWidth', value: '25', isSynced: false},
+    {name: 'rightPaneVisible', value: 'true', isSynced: false},
+    {name: 'nativeTitleBarVisible', value: 'false', isSynced: false},
+    {name: 'eraseEntitiesAfterTimeInSeconds', value: '604800', isSynced: true}, // default is 7 days
+    {name: 'hideArchivedNotes_main', value: 'false', isSynced: false},
+    {name: 'debugModeEnabled', value: 'false', isSynced: false},
+    {name: 'headingStyle', value: 'underline', isSynced: true},
+    {name: 'autoCollapseNoteTree', value: 'true', isSynced: true},
+    {name: 'autoReadonlySizeText', value: '10000', isSynced: false},
+    {name: 'autoReadonlySizeCode', value: '30000', isSynced: false},
+    {name: 'dailyBackupEnabled', value: 'true', isSynced: false},
+    {name: 'weeklyBackupEnabled', value: 'true', isSynced: false},
+    {name: 'monthlyBackupEnabled', value: 'true', isSynced: false},
+    {name: 'maxContentWidth', value: '1200', isSynced: false},
+    {name: 'compressImages', value: 'true', isSynced: true},
+    {name: 'downloadImagesAutomatically', value: 'true', isSynced: true},
+    {name: 'minTocHeadings', value: '5', isSynced: true},
+    {name: 'highlightsList', value: '["bold","italic","underline","color","bgColor"]', isSynced: true},
+    {name: 'checkForUpdates', value: 'true', isSynced: true},
+    {name: 'disableTray', value: 'false', isSynced: false},
+    {name: 'eraseUnusedAttachmentsAfterSeconds', value: '2592000', isSynced: true},
+    {name: 'customSearchEngineName', value: 'DuckDuckGo', isSynced: true},
+    {name: 'customSearchEngineUrl', value: 'https://duckduckgo.com/?q={keyword}', isSynced: true},
+    {name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true},
+    {name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true},
+    {name: 'totpEnabled', value: 'false', isSynced: true},
+    {name: 'encryptedRecoveryCodes', value: 'false', isSynced: true},
+    {name: 'userSubjectIdentifierSaved', value: 'false', isSynced: true},
 ];
 
 function initStartupOptions() {
@@ -119,27 +126,32 @@ function initStartupOptions() {
     }
 
     if (process.env.TRILIUM_START_NOTE_ID || process.env.TRILIUM_SAFE_MODE) {
-        optionService.setOption('openNoteContexts', JSON.stringify([
-            {
-                notePath: process.env.TRILIUM_START_NOTE_ID || 'root',
-                active: true
-            }
-        ]));
+        optionService.setOption(
+            'openNoteContexts',
+            JSON.stringify([
+                {
+                    notePath: process.env.TRILIUM_START_NOTE_ID || 'root',
+                    active: true,
+                },
+            ])
+        );
     }
 }
 
 function getKeyboardDefaultOptions() {
-    return (keyboardActions.DEFAULT_KEYBOARD_ACTIONS
-        .filter(ka => !!ka.actionName) as KeyboardShortcutWithRequiredActionName[])
-        .map(ka => ({
-            name: `keyboardShortcuts${ka.actionName.charAt(0).toUpperCase()}${ka.actionName.slice(1)}`,
-            value: JSON.stringify(ka.defaultShortcuts),
-            isSynced: false
-        }));
+    return (
+        keyboardActions.DEFAULT_KEYBOARD_ACTIONS.filter(
+            (ka) => !!ka.actionName
+        ) as KeyboardShortcutWithRequiredActionName[]
+    ).map((ka) => ({
+        name: `keyboardShortcuts${ka.actionName.charAt(0).toUpperCase()}${ka.actionName.slice(1)}`,
+        value: JSON.stringify(ka.defaultShortcuts),
+        isSynced: false,
+    }));
 }
 
 export = {
     initDocumentOptions,
     initNotSyncedOptions,
-    initStartupOptions
+    initStartupOptions,
 };

From c84280a90556f1dedca2cc26ffcd1f4dc9ffb9b3 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Tue, 21 May 2024 20:19:05 -0700
Subject: [PATCH 30/63] Cleaned up. Still login looping when server restarts.

---
 src/app.ts                                    |  1 -
 .../app/widgets/type_widgets/options/oidc.js  |  5 +-
 src/routes/index.ts                           | 12 ----
 src/routes/login.ts                           | 12 ++--
 src/routes/routes.ts                          |  7 +--
 src/services/auth.ts                          | 17 +++---
 src/services/encryption/open_id.ts            | 59 ++++---------------
 src/services/encryption/open_id_encryption.ts | 17 +++---
 src/services/login/oidc_testing.ts            | 53 +++++++++--------
 9 files changed, 66 insertions(+), 117 deletions(-)

diff --git a/src/app.ts b/src/app.ts
index 610a6cc1ea..23d34965d1 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -77,7 +77,6 @@ app.use(favicon(`${__dirname}/../images/app-icons/win/icon.ico`));
 if (openID.checkOpenIDRequirements()) app.use(oidc.auth(authConfig));
 
 app.get('/info', a.explain);
-app.get('/callback', oidc_testing.callback);
 
 require('./routes/assets').register(app);
 require('./routes/routes').register(app);
diff --git a/src/public/app/widgets/type_widgets/options/oidc.js b/src/public/app/widgets/type_widgets/options/oidc.js
index 6566509a11..fb45256433 100644
--- a/src/public/app/widgets/type_widgets/options/oidc.js
+++ b/src/public/app/widgets/type_widgets/options/oidc.js
@@ -19,7 +19,6 @@ const TPL = `
         <button class="loginButton" > Launch OIDC </button>
     </div>
 
-
     <div>
         <h4>Data</h4>
         <span class="info-dump"><i>No data loaded</i></span>
@@ -28,7 +27,7 @@ const TPL = `
     </div>
 
     <div>
-        <h4>Current User</h4>
+        <h4>Validate Current User</h4>
         <span class="current-user-dump"><i>No data loaded</i></span>
         <br>
         <button class="currentUserButton" > Launch OIDC </button>
@@ -58,7 +57,7 @@ export default class OpenIDOptions extends OptionsWidget {
 
         this.$currentUserButton.on('click', (async) => {
             server.get('oidc/verify').then((result) => {
-                this.$currentUserText.text(JSON.stringify(result));
+                this.$currentUserText.text(result.message);
             });
         });
 
diff --git a/src/routes/index.ts b/src/routes/index.ts
index 5c9b60fd68..14839db54b 100644
--- a/src/routes/index.ts
+++ b/src/routes/index.ts
@@ -19,18 +19,6 @@ import openIDService = require('../services/encryption/open_id');
 function index(req: Request, res: Response) {
     const options = optionService.getOptionMap();
 
-    // if (req.app.locals.firstLogin === true) {
-    //     openIDService.cre(req.oidc.user?.sub);
-    // console.log(req.oidc.user?.sub);
-    // pass();
-
-    // req.oidc.fetchUserInfo().then((result) => {
-    //     console.log('Set User Subject-Identifier');
-    //     openIDService.setSubjectIdentifier(result.sub);
-    // });
-    // next();
-    // }
-
     const view = !utils.isElectron() && req.cookies['trilium-device'] === 'mobile' ? 'mobile' : 'desktop';
 
     const csrfToken = req.csrfToken();
diff --git a/src/routes/login.ts b/src/routes/login.ts
index d4d9695c4c..b1597ec3c1 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -14,18 +14,18 @@ import totp_secret = require('../services/totp_secret');
 import {Request, Response} from 'express';
 import {AppRequest} from './route-interface';
 import recoveryCodeService = require('../services/encryption/recovery_codes');
-import openID = require('../services/open_id');
+import openIDService = require('../services/open_id');
+import openID = require('../services/encryption/open_id');
 
 const speakeasy = require('speakeasy');
 
 function loginPage(req: Request, res: Response) {
-    // console.log( req.oidc.isAuthenticated())
-    if (openID.isOpenIDEnabled() && req.app.locals.userSubjectIdentifierSaved) res.redirect('/auth');
+    if (openIDService.isOpenIDEnabled() && req.app.locals.userSubjectIdentifierSaved) res.redirect('/auth');
     else
         res.render('login', {
             failedAuth: false,
             totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
-            openIDEnabled: openID.isOpenIDEnabled(),
+            openIDEnabled: openIDService.isOpenIDEnabled(),
             assetPath: assetPath,
             appPath: appPath,
         });
@@ -36,7 +36,7 @@ function authFailedPage(req: Request, res: Response) {
     res.render('auth-failed', {
         failedAuth: false,
         totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
-        openIDEnabled: openID.isOpenIDEnabled(),
+        openIDEnabled: openIDService.isOpenIDEnabled(),
         assetPath: assetPath,
         appPath: appPath,
     });
@@ -147,7 +147,7 @@ function logout(req: AppRequest, res: Response) {
     req.session.regenerate(() => {
         req.session.loggedIn = false;
 
-        if (openID.isOpenIDEnabled()) res.oidc.logout({});
+        if (openIDService.isOpenIDEnabled() && openID.isSubjectIdentifierSaved()) res.oidc.logout({});
         else res.redirect('login');
     });
 }
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 0189fcc06d..24132ac55a 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -121,13 +121,13 @@ const uploadMiddlewareWithErrorHandling = function (
 };
 
 function register(app: express.Application) {
-    route(GET, '/', [auth.checkAuth, oidc.authCallback, csrfMiddleware], indexRoute.index);
+    route(GET, '/', [auth.checkAuth, oidc.openIDCheck, csrfMiddleware], indexRoute.index);
     route(GET, '/login', [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage);
     route(GET, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage);
     route(GET, '/auth-failed', [], loginRoute.authFailedPage);
     // route(GET, '/info', [], oidc.explain)
     // route(GET, '/callback', [oidc.authCallback], oidc.callback)
-    route(GET, '/logot', [], oidc.logoutOfOidc);
+    // route(GET, '/logot', [], oidc.logoutOfOidc);
 
     const loginRateLimiter = rateLimit.rateLimit({
         windowMs: 15 * 60 * 1000, // 15 minutes
@@ -140,9 +140,6 @@ function register(app: express.Application) {
     route(PST, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPassword);
     route(GET, '/setup', [], setupRoute.setupPage);
 
-    apiRoute(GET, '/callback', oidc.callback);
-    apiRoute(PST, '/callback', oidc.callback);
-
     apiRoute(GET, '/api/totp/generate', totp.generateSecret);
     apiRoute(GET, '/api/totp/enabled', totp.checkForTOTP);
     apiRoute(PST, '/api/totp/enable', totp.enableTOTP);
diff --git a/src/services/auth.ts b/src/services/auth.ts
index 064bcbbb8d..55b3921a40 100644
--- a/src/services/auth.ts
+++ b/src/services/auth.ts
@@ -12,20 +12,23 @@ import passwordService = require('./encryption/password');
 import type {NextFunction, Request, Response} from 'express';
 import {AppRequest} from '../routes/route-interface';
 import openID = require('./open_id');
+import openIdService = require('../services/encryption/open_id');
 
 const noAuthentication = config.General && config.General.noAuthentication === true;
 
 function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
     if (!sqlInit.isDbInitialized()) {
-        req.app.locals.userSubjectIdentifierSaved = false;
         res.redirect('setup');
-        // TODO: Find out how to set session logged in
-    } else if (!req.session.loggedIn && openID.isOpenIDEnabled()) {
-        if (req.app.locals.userSubjectIdentifierSaved) res.redirect('auth');
-    } else if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication && !openID.isOpenIDEnabled()) {
+    } else if (
+        !req.session.loggedIn &&
+        openID.isOpenIDEnabled() &&
+        openIdService.isSubjectIdentifierSaved() &&
+        !noAuthentication
+    ) {
+        res.redirect('auth');
+    } else if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
         res.redirect('login');
-    }
-    next();
+    } else next();
 }
 
 // for electron things which need network stuff
diff --git a/src/services/encryption/open_id.ts b/src/services/encryption/open_id.ts
index d4b0aa2a8b..4f7dc476bb 100644
--- a/src/services/encryption/open_id.ts
+++ b/src/services/encryption/open_id.ts
@@ -8,58 +8,21 @@ import myScryptService = require('./my_scrypt');
 import utils = require('../utils');
 import openIDEncryptionService = require('./open_id_encryption');
 
-function isSubjectIdentifierSet() {
-    return !!sql.getValue("SELECT value FROM options WHERE name = 'subjectIdentifierVerificationHash'");
-}
-
-// function changeSubjectIdentifier(currentSubjectIdentifier: string, newPassword: string) {
-//     if (!isSubjectIdentifierSet()) {
-//         throw new Error("Password has not been set yet, so it cannot be changed. Use 'setPassword' instead.");
-//     }
-
-//     if (!passwordEncryptionService.verifyPassword(currentSubjectIdentifier)) {
-//         return {
-//             success: false,
-//             message: "Given current password doesn't match hash",
-//         };
-//     }
-
-//     sql.transactional(() => {
-//         const decryptedDataKey = passwordEncryptionService.getDataKey(currentSubjectIdentifier);
-
-//         optionService.setOption('passwordVerificationSalt', utils.randomSecureToken(32));
-//         optionService.setOption('passwordDerivedKeySalt', utils.randomSecureToken(32));
-
-//         const newPasswordVerificationKey = utils.toBase64(myScryptService.getVerificationHash(newPassword));
-
-//         if (decryptedDataKey) {
-//             // TODO: what should happen if the decrypted data key is null?
-//             passwordEncryptionService.setDataKey(newPassword, decryptedDataKey);
-//         }
-
-//         optionService.setOption('passwordVerificationHash', newPasswordVerificationKey);
-//     });
-
-//     return {
-//         success: true,
-//     };
-// }
-
-function createSubjectIdentifier(options: any, subjectIdentifier: string) {
-    if (isSubjectIdentifierSet()) {
+function saveSubjectIdentifier(options: any, subjectIdentifier: string) {
+    if (isSubjectIdentifierSaved()) {
         throw new Error(
             "SubjectIdentifier is set already. Either change it or perform 'reset Subject Identifier' first."
         );
     }
-    console.log('FDFFF');
-    options.createOption('subjectIdentifierVerificationSalt', utils.randomSecureToken(32), true);
-    options.createOption('subjectIdentifierDerivedKeySalt', utils.randomSecureToken(32), true);
-    const subjectIdentifierVerificationKey = utils.toBase64(myScryptService.getVerificationHash(subjectIdentifier));
-    options.createOption('subjectIdentifierVerificationHash', subjectIdentifierVerificationKey, true);
+    options.setOption('subjectIdentifierVerificationSalt', utils.randomSecureToken(32), true);
+    options.setOption('subjectIdentifierDerivedKeySalt', utils.randomSecureToken(32), true);
+    const subjectIdentifierVerificationKey = utils.toBase64(
+        myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier)
+    );
+    options.setOption('subjectIdentifierVerificationHash', subjectIdentifierVerificationKey, true);
 
-    // passwordEncryptionService expects these options to already exist
-    options.createOption('subjectIdentifierEncryptedDataKey', '', true);
     openIDEncryptionService.setDataKey(subjectIdentifier, utils.randomSecureToken(16));
+    options.setOption('userSubjectIdentifierSaved', 'true', true);
     return {
         success: true,
     };
@@ -84,9 +47,7 @@ function isSubjectIdentifierSaved() {
 }
 
 export = {
-    isSubjectIdentifierSet,
-    // changeSubjectIdentifier,
-    createSubjectIdentifier,
+    saveSubjectIdentifier,
     resetSubjectIdentifier,
     isSubjectIdentifierSaved,
 };
diff --git a/src/services/encryption/open_id_encryption.ts b/src/services/encryption/open_id_encryption.ts
index cef78998ce..f5f6b327ff 100644
--- a/src/services/encryption/open_id_encryption.ts
+++ b/src/services/encryption/open_id_encryption.ts
@@ -4,20 +4,19 @@ import optionService = require('../options');
 import myScryptService = require('./my_scrypt');
 import utils = require('../utils');
 import dataEncryptionService = require('./data_encryption');
-import open_id = require('./open_id');
 
-function verifyOpenIDSubjectIdentifier(password: string) {
-    if (!optionService.getOptionBool('userSubjectIdentifierSaved')) return false;
+function verifyOpenIDSubjectIdentifier(subjectIdentifier: string) {
+    if (!optionService.getOptionBool('userSubjectIdentifierSaved')) {
+        return false;
+    }
 
-    const givenSubjectIdentifierHash = utils.toBase64(myScryptService.getSubjectIdentifierVerificationHash(password));
+    const givenSubjectIdentifierHash = utils.toBase64(
+        myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier)
+    );
 
     const dbSubjectIdentifierHash = optionService.getOptionOrNull('subjectIdentifierVerificationHash');
 
-    if (!dbSubjectIdentifierHash) {
-        return false;
-    }
-    console.log('HERE');
-    console.log(givenSubjectIdentifierHash === dbSubjectIdentifierHash);
+    if (!dbSubjectIdentifierHash) return false;
 
     return givenSubjectIdentifierHash === dbSubjectIdentifierHash;
 }
diff --git a/src/services/login/oidc_testing.ts b/src/services/login/oidc_testing.ts
index 1a1bd68823..c981d7f9b3 100644
--- a/src/services/login/oidc_testing.ts
+++ b/src/services/login/oidc_testing.ts
@@ -9,32 +9,30 @@ import openIDEncryptionService = require('../encryption/open_id_encryption');
 import open_id = require('../open_id');
 import options = require('../options');
 
-async function pass() {
-    // await openIDService.setSubjectIdentifier('req.oidc.user?.sub');
-}
-
-function authCallback(req: AppRequest, res: Response, next: NextFunction) {
+function openIDCheck(req: AppRequest, res: Response, next: NextFunction) {
     console.log('CALLBACK');
 
-    console.log('Checking to see if [' + req.oidc.user?.name + '] is logged in');
-    if (!req.app.locals.userSubjectIdentifierSaved) {
+    if (!openIDService.isSubjectIdentifierSaved()) {
         req.session.loggedIn = true;
         console.log('USER IS NOT SET! NEED TO SET!');
+        next();
     } else {
-        if (req.app.locals.userAuthenticated) req.session.loggedIn = true;
-        else req.session.loggedIn = false;
+        console.log('Checking ' + req.oidc.user?.sub + ' against saved data');
+        req.oidc.fetchUserInfo().then((result) => {
+            if (openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)) {
+                req.session.loggedIn = true;
+                next();
+            } else {
+                req.session.loggedIn = false;
+                console.log('WRONG USER');
+                // Add page to explain "Wrong user, log out and log back in to proceed"
+                res.oidc.logout({});
+                // res.redirect('/login');
+            }
+        });
     }
-    next();
-}
-
-function callback(req: Request, res: Response, next: NextFunction) {
-    console.log('CALLBACK FINALLY');
 }
 
-function logoutOfOidc(req: Request, res: Response, next: NextFunction) {
-    // res.oidc.logout({returnTo: "http://localhost:8080/info"})
-    res.redirect('info');
-}
 function explain(req: Request, res: Response, next: NextFunction) {
     if (open_id.isOpenIDEnabled()) {
         if (req.oidc.isAuthenticated()) {
@@ -55,32 +53,37 @@ function postAuth(req: Request, res: Response, next: NextFunction) {
     // req.session.
 }
 
-function verifySubId(req: Request, res: Response, next: NextFunction) {
+async function verifySubId(req: Request, res: Response, next: NextFunction) {
+    console.log('Checking....');
+
     req.oidc.fetchUserInfo().then((result) => {
-        return {success: true, result: openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)};
+        console.log(result);
+        const isIn = openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub);
+
+        console.log(isIn);
+        res.locals.flig = true;
+        return {success: true, result: isIn};
     });
 }
 
 function check(req: Request, res: Response, next: NextFunction) {
-    return {success: true, message: openIDService.isSubjectIdentifierSet()};
+    return {success: true, message: openIDService.isSubjectIdentifierSaved()};
 }
 
 function login(req: Request, res: Response, next: NextFunction) {
     if (openIDService.isSubjectIdentifierSaved()) return {success: false, message: 'User ID already saved!'};
     if (!req.oidc.user) return {success: false, message: 'User not logged in!'};
 
-    openIDService.createSubjectIdentifier(options, req.oidc.user?.sub);
+    openIDService.saveSubjectIdentifier(options, req.oidc.user?.sub);
     console.log('User Sub saved!');
     return {success: true, message: 'User ' + req.oidc.user.sub + ' saved!'};
 }
 
 export = {
     explain,
-    authCallback,
     postAuth,
-    callback,
-    logoutOfOidc,
     verifySubId,
     login,
     check,
+    openIDCheck,
 };

From 994708472c1ff3728d1bd89b102556f42b9754bf Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Wed, 22 May 2024 17:05:26 -0700
Subject: [PATCH 31/63] Login loop fixed

---
 src/routes/routes.ts               |  2 +-
 src/services/auth.ts               | 11 ++++++++++-
 src/services/login/oidc_testing.ts | 25 -------------------------
 3 files changed, 11 insertions(+), 27 deletions(-)

diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 24132ac55a..6e0babd9c5 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -121,7 +121,7 @@ const uploadMiddlewareWithErrorHandling = function (
 };
 
 function register(app: express.Application) {
-    route(GET, '/', [auth.checkAuth, oidc.openIDCheck, csrfMiddleware], indexRoute.index);
+    route(GET, '/', [auth.checkAuth, csrfMiddleware], indexRoute.index);
     route(GET, '/login', [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage);
     route(GET, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage);
     route(GET, '/auth-failed', [], loginRoute.authFailedPage);
diff --git a/src/services/auth.ts b/src/services/auth.ts
index 55b3921a40..d9a9e5cec6 100644
--- a/src/services/auth.ts
+++ b/src/services/auth.ts
@@ -13,6 +13,7 @@ import type {NextFunction, Request, Response} from 'express';
 import {AppRequest} from '../routes/route-interface';
 import openID = require('./open_id');
 import openIdService = require('../services/encryption/open_id');
+import openIDEncryptionService = require('../services/encryption/open_id_encryption');
 
 const noAuthentication = config.General && config.General.noAuthentication === true;
 
@@ -25,7 +26,15 @@ function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
         openIdService.isSubjectIdentifierSaved() &&
         !noAuthentication
     ) {
-        res.redirect('auth');
+        const result = req.oidc.fetchUserInfo().then((result) => {
+            if (openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)) {
+                req.session.loggedIn = true;
+                next();
+            } else {
+                req.session.loggedIn = false;
+                res.oidc.logout({});
+            }
+        });
     } else if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
         res.redirect('login');
     } else next();
diff --git a/src/services/login/oidc_testing.ts b/src/services/login/oidc_testing.ts
index c981d7f9b3..1b1d46a8d0 100644
--- a/src/services/login/oidc_testing.ts
+++ b/src/services/login/oidc_testing.ts
@@ -9,30 +9,6 @@ import openIDEncryptionService = require('../encryption/open_id_encryption');
 import open_id = require('../open_id');
 import options = require('../options');
 
-function openIDCheck(req: AppRequest, res: Response, next: NextFunction) {
-    console.log('CALLBACK');
-
-    if (!openIDService.isSubjectIdentifierSaved()) {
-        req.session.loggedIn = true;
-        console.log('USER IS NOT SET! NEED TO SET!');
-        next();
-    } else {
-        console.log('Checking ' + req.oidc.user?.sub + ' against saved data');
-        req.oidc.fetchUserInfo().then((result) => {
-            if (openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)) {
-                req.session.loggedIn = true;
-                next();
-            } else {
-                req.session.loggedIn = false;
-                console.log('WRONG USER');
-                // Add page to explain "Wrong user, log out and log back in to proceed"
-                res.oidc.logout({});
-                // res.redirect('/login');
-            }
-        });
-    }
-}
-
 function explain(req: Request, res: Response, next: NextFunction) {
     if (open_id.isOpenIDEnabled()) {
         if (req.oidc.isAuthenticated()) {
@@ -85,5 +61,4 @@ export = {
     verifySubId,
     login,
     check,
-    openIDCheck,
 };

From 091764c81124291ded12f8a6b904fe0fc44ecccc Mon Sep 17 00:00:00 2001
From: Chesspro13 <brandon@mauldin314.com>
Date: Thu, 23 May 2024 08:44:27 -0700
Subject: [PATCH 32/63] Cleanup/refactoring

---
 src/app.ts                         |  6 +--
 src/routes/callback.ts             | 15 -------
 src/routes/login.ts                | 12 ------
 src/routes/routes.ts               | 13 +-----
 src/services/encryption/open_id.ts | 11 ++---
 src/services/login/oidc_testing.ts | 64 ------------------------------
 src/services/open_id.ts            | 22 ++++++++++
 src/views/login.ejs                |  3 --
 8 files changed, 31 insertions(+), 115 deletions(-)
 delete mode 100644 src/routes/callback.ts
 delete mode 100644 src/services/login/oidc_testing.ts

diff --git a/src/app.ts b/src/app.ts
index 23d34965d1..b758b12d38 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -14,8 +14,8 @@ import openID = require('./services/open_id');
 import {Request, Response, NextFunction} from 'express';
 import {userInfo} from 'os';
 import {request} from 'http';
-import a = require('./services/login/oidc_testing');
-import oidc_testing = require('./services/login/oidc_testing');
+import a = require('./services/open_id');
+import oidc_testing = require('./services/open_id');
 
 require('./services/handlers');
 require('./becca/becca_loader');
@@ -76,8 +76,6 @@ app.use(favicon(`${__dirname}/../images/app-icons/win/icon.ico`));
 
 if (openID.checkOpenIDRequirements()) app.use(oidc.auth(authConfig));
 
-app.get('/info', a.explain);
-
 require('./routes/assets').register(app);
 require('./routes/routes').register(app);
 require('./routes/custom').register(app);
diff --git a/src/routes/callback.ts b/src/routes/callback.ts
deleted file mode 100644
index aab730da1c..0000000000
--- a/src/routes/callback.ts
+++ /dev/null
@@ -1,15 +0,0 @@
-/** @format */
-
-'use strict';
-
-import {Request, Response} from 'express';
-
-function callback(req: Request, res: Response) {
-    console.log('GOT CALLBACK');
-    console.log(req.body);
-    res.redirect("/")
-}
-
-export = {
-    // callback,
-};
diff --git a/src/routes/login.ts b/src/routes/login.ts
index b1597ec3c1..5f5915f441 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -31,17 +31,6 @@ function loginPage(req: Request, res: Response) {
         });
 }
 
-function authFailedPage(req: Request, res: Response) {
-    // console.log( req.oidc.isAuthenticated())
-    res.render('auth-failed', {
-        failedAuth: false,
-        totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
-        openIDEnabled: openIDService.isOpenIDEnabled(),
-        assetPath: assetPath,
-        appPath: appPath,
-    });
-}
-
 function setPasswordPage(req: Request, res: Response) {
     res.render('set_password', {
         error: false,
@@ -158,5 +147,4 @@ export = {
     setPassword,
     login,
     logout,
-    authFailedPage,
 };
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 6e0babd9c5..f348eadc17 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -22,8 +22,7 @@ import ValidationError = require('../errors/validation_error');
 import setupRoute = require('./setup');
 import loginRoute = require('./login');
 import indexRoute = require('./index');
-import callbackRoute = require('./callback');
-import oidc = require('../services/login/oidc_testing');
+import oidc = require('../services/open_id');
 
 // API routes
 import treeApiRoute = require('./api/tree');
@@ -77,10 +76,6 @@ import etapiSpecialNoteRoutes = require('../etapi/special_notes');
 import etapiSpecRoute = require('../etapi/spec');
 import etapiBackupRoute = require('../etapi/backup');
 import {AppRequest, AppRequestHandler} from './route-interface';
-import callback = require('./callback');
-import {LogoutOptions} from 'express-openid-connect';
-
-import openIDService = require('../services/open_id');
 
 const csrfMiddleware = csurf({
     cookie: {
@@ -124,10 +119,6 @@ function register(app: express.Application) {
     route(GET, '/', [auth.checkAuth, csrfMiddleware], indexRoute.index);
     route(GET, '/login', [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage);
     route(GET, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage);
-    route(GET, '/auth-failed', [], loginRoute.authFailedPage);
-    // route(GET, '/info', [], oidc.explain)
-    // route(GET, '/callback', [oidc.authCallback], oidc.callback)
-    // route(GET, '/logot', [], oidc.logoutOfOidc);
 
     const loginRateLimiter = rateLimit.rateLimit({
         windowMs: 15 * 60 * 1000, // 15 minutes
@@ -146,10 +137,8 @@ function register(app: express.Application) {
     apiRoute(PST, '/api/totp/disable', totp.disableTOTP);
     apiRoute(PST, '/api/totp/set', totp.setTotpSecret);
     apiRoute(GET, '/api/totp/get', totp.getSecret);
-    apiRoute(GET, '/api/oidc/info', oidc.explain);
     apiRoute(GET, '/api/oidc/verify', oidc.verifySubId);
     apiRoute(GET, '/api/oidc/login', oidc.login);
-    apiRoute(GET, '/api/oidc/check', oidc.check);
 
     apiRoute(PST, '/api/totp_recovery/set', recoveryCodes.setRecoveryCodes);
     apiRoute(PST, '/api/totp_recovery/verify', recoveryCodes.veryifyRecoveryCode);
diff --git a/src/services/encryption/open_id.ts b/src/services/encryption/open_id.ts
index 4f7dc476bb..197b28af69 100644
--- a/src/services/encryption/open_id.ts
+++ b/src/services/encryption/open_id.ts
@@ -7,22 +7,23 @@ import optionService = require('../options');
 import myScryptService = require('./my_scrypt');
 import utils = require('../utils');
 import openIDEncryptionService = require('./open_id_encryption');
+import options = require('../options');
 
-function saveSubjectIdentifier(options: any, subjectIdentifier: string) {
+function saveSubjectIdentifier(subjectIdentifier: string) {
     if (isSubjectIdentifierSaved()) {
         throw new Error(
             "SubjectIdentifier is set already. Either change it or perform 'reset Subject Identifier' first."
         );
     }
-    options.setOption('subjectIdentifierVerificationSalt', utils.randomSecureToken(32), true);
-    options.setOption('subjectIdentifierDerivedKeySalt', utils.randomSecureToken(32), true);
+    options.setOption('subjectIdentifierVerificationSalt', utils.randomSecureToken(32));
+    options.setOption('subjectIdentifierDerivedKeySalt', utils.randomSecureToken(32));
     const subjectIdentifierVerificationKey = utils.toBase64(
         myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier)
     );
-    options.setOption('subjectIdentifierVerificationHash', subjectIdentifierVerificationKey, true);
+    options.setOption('subjectIdentifierVerificationHash', subjectIdentifierVerificationKey);
 
     openIDEncryptionService.setDataKey(subjectIdentifier, utils.randomSecureToken(16));
-    options.setOption('userSubjectIdentifierSaved', 'true', true);
+    options.setOption('userSubjectIdentifierSaved', 'true');
     return {
         success: true,
     };
diff --git a/src/services/login/oidc_testing.ts b/src/services/login/oidc_testing.ts
deleted file mode 100644
index 1b1d46a8d0..0000000000
--- a/src/services/login/oidc_testing.ts
+++ /dev/null
@@ -1,64 +0,0 @@
-/** @format */
-
-'use strict';
-
-import {NextFunction, Request, Response} from 'express';
-import {AppRequest} from '../../routes/route-interface';
-import openIDService = require('../encryption/open_id');
-import openIDEncryptionService = require('../encryption/open_id_encryption');
-import open_id = require('../open_id');
-import options = require('../options');
-
-function explain(req: Request, res: Response, next: NextFunction) {
-    if (open_id.isOpenIDEnabled()) {
-        if (req.oidc.isAuthenticated()) {
-            req.oidc.fetchUserInfo().then((result) => {
-                console.log(result.sub);
-            });
-            // res.send(req.oidc.user?.name);
-            return {success: true, data: req.oidc.user};
-        } else res.send('User is not logged in');
-    } else res.send('OIDC Not enabled');
-}
-
-function postAuth(req: Request, res: Response, next: NextFunction) {
-    if (!open_id.isOpenIDEnabled()) next();
-
-    if (!req.oidc.isAuthenticated()) next;
-
-    // req.session.
-}
-
-async function verifySubId(req: Request, res: Response, next: NextFunction) {
-    console.log('Checking....');
-
-    req.oidc.fetchUserInfo().then((result) => {
-        console.log(result);
-        const isIn = openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub);
-
-        console.log(isIn);
-        res.locals.flig = true;
-        return {success: true, result: isIn};
-    });
-}
-
-function check(req: Request, res: Response, next: NextFunction) {
-    return {success: true, message: openIDService.isSubjectIdentifierSaved()};
-}
-
-function login(req: Request, res: Response, next: NextFunction) {
-    if (openIDService.isSubjectIdentifierSaved()) return {success: false, message: 'User ID already saved!'};
-    if (!req.oidc.user) return {success: false, message: 'User not logged in!'};
-
-    openIDService.saveSubjectIdentifier(options, req.oidc.user?.sub);
-    console.log('User Sub saved!');
-    return {success: true, message: 'User ' + req.oidc.user.sub + ' saved!'};
-}
-
-export = {
-    explain,
-    postAuth,
-    verifySubId,
-    login,
-    check,
-};
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index f3a5588741..e1745c8964 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -1,6 +1,10 @@
 /** @format */
 
 import OpenIDError = require('../errors/open_id_error');
+import {NextFunction, Request, Response} from 'express';
+import openIDService = require('./encryption/open_id');
+import openIDEncryptionService = require('./encryption/open_id_encryption');
+import options = require('./options');
 
 function isOpenIDEnabled() {
     if (process.env.ENABLE_OAUTH?.toLocaleLowerCase() === 'true') return true;
@@ -17,7 +21,25 @@ function checkOpenIDRequirements() {
     return true;
 }
 
+async function verifySubId(req: Request, res: Response, next: NextFunction) {
+    req.oidc.fetchUserInfo().then((result) => {
+        return {success: true, result: openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)};
+    });
+}
+
+function login(req: Request, res: Response, next: NextFunction) {
+    if (openIDService.isSubjectIdentifierSaved()) return {success: false, message: 'User ID already saved!'};
+    if (!req.oidc.user) return {success: false, message: 'User not logged in!'};
+
+    req.oidc.fetchUserInfo().then((result) => {
+        openIDService.saveSubjectIdentifier(result.sub);
+    });
+    return {success: true, message: 'User ' + req.oidc.user.sub + ' saved!'};
+}
+
 export = {
     isOpenIDEnabled,
     checkOpenIDRequirements,
+    verifySubId,
+    login,
 };
diff --git a/src/views/login.ejs b/src/views/login.ejs
index 59a7692555..88297fc162 100644
--- a/src/views/login.ejs
+++ b/src/views/login.ejs
@@ -48,9 +48,6 @@
                                         <button class="btn btn-success">Login</button>
                                     </div>
                     </form>
-                    <div>
-                        <button href="http://localhost:8080/authenticate">Login with OAuth</button>
-                    </div>
         </div>
     </div>
 

From bfc5778acbeba8398eb984ac5e177ff350c72818 Mon Sep 17 00:00:00 2001
From: Chesspro13 <brandon@mauldin314.com>
Date: Thu, 23 May 2024 14:16:22 -0700
Subject: [PATCH 33/63] Merged TOTP and OAuth into MFA widget.

---
 .../widgets/type_widgets/content_widget.js    |   2 -
 .../options/multi_factor_authentication.js    | 166 +++++++++++-------
 .../app/widgets/type_widgets/options/oidc.js  |  84 ---------
 src/routes/api/totp.ts                        |  16 +-
 src/routes/routes.ts                          |   8 +-
 src/services/hidden_subtree.ts                |   1 -
 src/services/open_id.ts                       |  28 ++-
 src/services/options_init.ts                  |   1 +
 8 files changed, 147 insertions(+), 159 deletions(-)
 delete mode 100644 src/public/app/widgets/type_widgets/options/oidc.js

diff --git a/src/public/app/widgets/type_widgets/content_widget.js b/src/public/app/widgets/type_widgets/content_widget.js
index add13a6770..8ea179aee1 100644
--- a/src/public/app/widgets/type_widgets/content_widget.js
+++ b/src/public/app/widgets/type_widgets/content_widget.js
@@ -35,7 +35,6 @@ import BackendLogWidget from './content/backend_log.js';
 import AttachmentErasureTimeoutOptions from './options/other/attachment_erasure_timeout.js';
 import RibbonOptions from './options/appearance/ribbon.js';
 import MultiFactorAuthenticationOptions from './options/multi_factor_authentication.js';
-import OpenIDOptions from './options/oidc.js';
 
 const TPL = `<div class="note-detail-content-widget note-detail-printable">
     <style>
@@ -75,7 +74,6 @@ const CONTENT_WIDGETS = {
     _optionsCodeNotes: [VimKeyBindingsOptions, WrapLinesOptions, CodeAutoReadOnlySizeOptions, CodeMimeTypesOptions],
     _optionsImages: [ImageOptions],
     _optionsMFA: [MultiFactorAuthenticationOptions],
-    _optionsOpenID: [OpenIDOptions],
     _optionsImages: [ImageOptions],
     _optionsSpellcheck: [SpellcheckOptions],
     _optionsPassword: [PasswordOptions],
diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 381f6bc1c8..f104993ee3 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -1,3 +1,5 @@
+/** @format */
+
 import server from '../../../services/server.js';
 import protectedSessionHolder from '../../../services/protected_session_holder.js';
 import toastService from '../../../services/toast.js';
@@ -5,78 +7,96 @@ import OptionsWidget from './options_widget.js';
 
 const TPL = `
 <div class="options-section">
-    <h4 class="">What is TOTP?</h4>
+    <h2 class=""><b>What is Multi-Factor Authentication?</b></h2>
 
     <div class="">
-        TOTP stands for Time-Based One-Time Password. It's a security protocol used to generate temporary passwords that are valid for a short period, 
-        typically 30 or 60 seconds. These passwords are generated by combining a secret key (known only to the user and the service) with the current 
-        time. An authenticator app is a software tool that implements the TOTP algorithm, generating these time-based passwords. Users typically use 
-        authenticator apps like Google Authenticator or Authy to add an extra layer of security.
+        <i>MFA description</i>
     </div>
-
     <br>
-    <h4>TOTP Settings</h4>
-    <div>
-        <label>
-           Enable TOTP
-        </label>
-        <input type="checkbox" class="totp-enabled" />
-    </div>
 
-    <br>
     <div>
-        <div class="form-group">
-            <label>Password confirmation</label>
-            <input class="password form-control" type="password">
-        </div>
-        <div class="options-section">
+        <h3><b>OAuth</b></h3>
+        <span>This is what OAuth is</span>
+
+        <div>
             <label>
-            TOTP Secret
+            <b>Enable OAuth</b>
             </label>
-            <input class="totp-secret-input form-control" disabled="true" type="text">
-            <button class="save-totp" disabled="true"> Save TOTP Secret </button>
+            <input type="checkbox" class="oauth-enabled-checkbox" />
+        </div>
+
+        <div>
+            <button class="authenticate-user-button" > Login to conigured OAuth service </button>
         </div>
     </div>
+
     <br>
-    <h4> Generate TOTP Secret </h4>
+    <h3><b>Time-based One-Time Password<b></h3>
     <div>
-        <span class="totp-secret" > TOTP Secret Key </span>
-        <br>
-        <button class="regenerate-totp" disabled="true"> Regenerate TOTP Secret </button>
+        <label>
+           <b>Enable TOTP</b>
+        </label>
+        <input type="checkbox" class="totp-enabled"  />
+    </div>
+    <div>
+        <span>This is what TOTP is</span>
     </div>
     <br>
-    <h4> Single Sign-on Recovery Keys </h4>
+    <div class="totp-details">
         <div>
-        <span >Single sign-on recovery keys are used to login in the event you cannot access your Authenticator codes. Keep them somewhere safe and secure. </span>
-        <br><br>
-        <span class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">After a recovery key is used it cannot be used again.</span>
-        <br><br>
-        <table style="border: 0px solid white">
-        <tbody>
-            <tr>
-                <td class="key_0">Recover Key 1</td>
-                <td style="width: 20px" />
-                <td class="key_1">Recover Key 2</td>
-            </tr>
-            <tr>
-                <td class="key_2">Recover Key 3</td>
-                <td />
-                <td class="key_3">Recover Key 4</td>
-            </tr>
-            <tr>
-                <td class="key_4">Recover Key 5</td>
-                <td />
-                <td class="key_5">Recover Key 6</td>
-            </tr>
-            <tr>
-                <td class="key_6">Recover Key 7</td>
-                <td />
-                <td class="key_7">Recover Key 8</td>
-            </tr>
-        </tbody>
-        </table>
+            <div class="form-group">
+                <label>Password confirmation</label>
+                <input class="password form-control" type="password">
+            </div>
+            <div class="options-section">
+                <label>
+                TOTP Secret
+                </label>
+                <input class="totp-secret-input form-control" disabled="true" type="text">
+                <button class="save-totp" disabled="true"> Save TOTP Secret </button>
+            </div>
+        </div>
+        <br>
+        <h4> Generate TOTP Secret </h4>
+        <div>
+            <span class="totp-secret" > TOTP Secret Key </span>
+            <br>
+            <button class="regenerate-totp" disabled="true"> Regenerate TOTP Secret </button>
+        </div>
         <br>
-        <button class="generate-recovery-code" disabled="true"> Generate Recovery Keys </button>
+        <h4> Single Sign-on Recovery Keys </h4>
+            <div>
+            <span >Single sign-on recovery keys are used to login in the event you cannot access your Authenticator codes. Keep them somewhere safe and secure. </span>
+            <br><br>
+            <span class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">After a recovery key is used it cannot be used again.</span>
+            <br><br>
+            <table style="border: 0px solid white">
+            <tbody>
+                <tr>
+                    <td class="key_0">Recover Key 1</td>
+                    <td style="width: 20px" />
+                    <td class="key_1">Recover Key 2</td>
+                </tr>
+                <tr>
+                    <td class="key_2">Recover Key 3</td>
+                    <td />
+                    <td class="key_3">Recover Key 4</td>
+                </tr>
+                <tr>
+                    <td class="key_4">Recover Key 5</td>
+                    <td />
+                    <td class="key_5">Recover Key 6</td>
+                </tr>
+                <tr>
+                    <td class="key_6">Recover Key 7</td>
+                    <td />
+                    <td class="key_7">Recover Key 8</td>
+                </tr>
+            </tbody>
+            </table>
+            <br>
+            <button class="generate-recovery-code" disabled="true"> Generate Recovery Keys </button>
+        </div>
     </div>
 </div>`;
 
@@ -86,12 +106,15 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
 
         this.$mfaHeadding = this.$widget.find('.mfa-heading');
         this.$regenerateTotpButton = this.$widget.find('.regenerate-totp');
+        this.$totpDetails = this.$widget.find('.totp-details');
         this.$totpEnabled = this.$widget.find('.totp-enabled');
         this.$totpSecret = this.$widget.find('.totp-secret');
         this.$totpSecretInput = this.$widget.find('.totp-secret-input');
         this.$saveTotpButton = this.$widget.find('.save-totp');
         this.$password = this.$widget.find('.password');
         this.$generateRecoveryCodeButton = this.$widget.find('.generate-recovery-code');
+        this.$oAuthEnabledCheckbox = this.$widget.find('.oauth-enabled-checkbox');
+        this.$authenticateuserButton = this.$widget.find('.authenticate-user-button');
         this.$recoveryKeys = [];
 
         for (let i = 0; i < 8; i++) this.$recoveryKeys.push(this.$widget.find('.key_' + i));
@@ -102,6 +125,10 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
             this.updateSecret();
         });
 
+        this.$oAuthEnabledCheckbox.on('change', async () => {
+            this.updateOAuthStatus();
+        });
+
         this.$generateRecoveryCodeButton.on('click', async () => {
             this.setRecoveryKeys();
         });
@@ -114,8 +141,14 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
             this.saveTotpSecret();
         });
 
+        this.$authenticateuserButton.on('click', (async) => {
+            server.get('oidc/authenticate');
+        });
+
         this.$protectedSessionTimeout = this.$widget.find('.protected-session-timeout-in-seconds');
-        this.$protectedSessionTimeout.on('change', () => this.updateOption('protectedSessionTimeout', this.$protectedSessionTimeout.val()));
+        this.$protectedSessionTimeout.on('change', () =>
+            this.updateOption('protectedSessionTimeout', this.$protectedSessionTimeout.val())
+        );
 
         this.displayRecoveryKeys();
     }
@@ -125,6 +158,11 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
         else server.post('totp/disable');
     }
 
+    async updateOAuthStatus() {
+        if (this.$oAuthEnabledCheckbox.prop('checked')) server.post('oauth/enable');
+        else server.post('oauth/disable');
+    }
+
     async setRecoveryKeys() {
         server.get('totp_recovery/generate').then((result) => {
             if (!result.success) {
@@ -133,7 +171,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
             }
             this.keyFiller(result.recoveryCodes);
             server.post('totp_recovery/set', {
-                recoveryCodes: result.recoveryCodes
+                recoveryCodes: result.recoveryCodes,
             });
         });
     }
@@ -156,7 +194,15 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     }
 
     optionsLoaded(options) {
-        server.get('totp/enabled').then((result) => {
+        server.get('oauth/status').then((result) => {
+            if (result.success) {
+                this.$oAuthEnabledCheckbox.prop('checked', result.message);
+                this.$authenticateuserButton.prop('disabled', !result.message);
+            } else {
+                toastService.showError(result.message);
+            }
+        });
+        server.get('totp/status').then((result) => {
             if (result.success) {
                 this.$totpEnabled.prop('checked', result.message);
                 this.$totpSecretInput.prop('disabled', !result.message);
@@ -189,7 +235,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
         server
             .post('totp/set', {
                 secret: this.$totpSecretInput.val(),
-                password: this.$password.val()
+                password: this.$password.val(),
             })
             .then((result) => {
                 if (result.success) {
diff --git a/src/public/app/widgets/type_widgets/options/oidc.js b/src/public/app/widgets/type_widgets/options/oidc.js
deleted file mode 100644
index fb45256433..0000000000
--- a/src/public/app/widgets/type_widgets/options/oidc.js
+++ /dev/null
@@ -1,84 +0,0 @@
-/** @format */
-
-/** @format */
-
-import server from '../../../services/server.js';
-// import protectedSessionHolder from '../../../services/protected_session_holder.js';
-// import toastService from '../../../services/toast.js';
-import OptionsWidget from './options_widget.js';
-
-// import {Issuer, Strategy} from 'openid-client';
-// import {generators} from 'openid-client';
-
-const TPL = `
-<div class="options-section">
-    <div>
-        <h4>Login</h4>
-        <span class="loginResult"><i>No data loaded</i></span>
-        <br>
-        <button class="loginButton" > Launch OIDC </button>
-    </div>
-
-    <div>
-        <h4>Data</h4>
-        <span class="info-dump"><i>No data loaded</i></span>
-        <br>
-        <button class="infoButton" > Launch OIDC </button>
-    </div>
-
-    <div>
-        <h4>Validate Current User</h4>
-        <span class="current-user-dump"><i>No data loaded</i></span>
-        <br>
-        <button class="currentUserButton" > Launch OIDC </button>
-    </div>
-</div>`;
-
-export default class OpenIDOptions extends OptionsWidget {
-    doRender() {
-        this.$widget = $(TPL);
-        this.$infoText = this.$widget.find('.info-dump');
-        this.$infoButton = this.$widget.find('.infoButton');
-        this.$currentUserText = this.$widget.find('.current-user-dump');
-        this.$currentUserButton = this.$widget.find('.currentUserButton');
-        this.$loginButton = this.$widget.find('.loginButton');
-        this.$loginText = this.$widget.find('.loginResult');
-
-        this.$protectedSessionTimeout = this.$widget.find('.protected-session-timeout-in-seconds');
-        this.$protectedSessionTimeout.on('change', () =>
-            this.updateOption('protectedSessionTimeout', this.$protectedSessionTimeout.val())
-        );
-
-        this.$infoButton.on('click', (async) => {
-            server.get('oidc/info').then((result) => {
-                this.$infoText.text(JSON.stringify(result));
-            });
-        });
-
-        this.$currentUserButton.on('click', (async) => {
-            server.get('oidc/verify').then((result) => {
-                this.$currentUserText.text(result.message);
-            });
-        });
-
-        this.$loginButton.on('click', (async) => {
-            server.get('oidc/login').then((result) => {
-                this.$loginText.text(JSON.stringify(result));
-            });
-        });
-    }
-
-    optionsLoaded(options) {
-        server.get('oidc/check').then((result) => {
-            console.log(result);
-            if (result.message === true) {
-                this.$loginText.text('User logged in');
-                this.$loginButton.text('Reset');
-            } else {
-                this.$loginText.text('No user logged in');
-                this.$loginButton.text('Set');
-            }
-        });
-        this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
-    }
-}
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index 5f8b9052f9..e0cf056054 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -1,3 +1,5 @@
+/** @format */
+
 import options = require('../../services/options');
 import totp_secret = require('../../services/encryption/totp_secret');
 import passwordEncryptionService = require('../../services/encryption/password_encryption');
@@ -10,13 +12,14 @@ function generateSecret() {
     return {success: 'true', message: speakeasy.generateSecret().base32};
 }
 
-function checkForTOTP() {
+function getTOTPStatus() {
     const totpEnabled = options.getOptionBool('totpEnabled');
     return {success: 'true', message: totpEnabled};
 }
 
 function enableTOTP() {
     options.setOption('totpEnabled', true);
+    options.setOption('oAuthEnabled', false);
     return {success: 'true'};
 }
 
@@ -27,11 +30,12 @@ function disableTOTP() {
 }
 
 function setTotpSecret(req: Request) {
-    if (!passwordEncryptionService.verifyPassword(req.body.password)) throw new ValidationError('Incorrect password reset confirmation');
+    if (!passwordEncryptionService.verifyPassword(req.body.password))
+        throw new ValidationError('Incorrect password reset confirmation');
 
-    const newSecret = req.body.secret.trim()
+    const newSecret = req.body.secret.trim();
     const regex = RegExp(/^[a-zA-Z0-9]{52}$/gm);
-    
+
     if (!regex.test(newSecret)) return;
 
     totp_fs.saveTotpSecret(newSecret);
@@ -43,9 +47,9 @@ function getSecret() {
 
 export = {
     generateSecret,
-    checkForTOTP,
+    getTOTPStatus,
     enableTOTP,
     disableTOTP,
     setTotpSecret,
-    getSecret
+    getSecret,
 };
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index f348eadc17..784d575893 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -132,13 +132,17 @@ function register(app: express.Application) {
     route(GET, '/setup', [], setupRoute.setupPage);
 
     apiRoute(GET, '/api/totp/generate', totp.generateSecret);
-    apiRoute(GET, '/api/totp/enabled', totp.checkForTOTP);
+    apiRoute(GET, '/api/totp/status', totp.getTOTPStatus);
     apiRoute(PST, '/api/totp/enable', totp.enableTOTP);
     apiRoute(PST, '/api/totp/disable', totp.disableTOTP);
     apiRoute(PST, '/api/totp/set', totp.setTotpSecret);
     apiRoute(GET, '/api/totp/get', totp.getSecret);
+
+    apiRoute(GET, '/api/oauth/status', oidc.getOAuthStatus);
+    apiRoute(PST, '/api/oauth/enable', oidc.enableOAuth);
+    apiRoute(PST, '/api/oauth/disable', oidc.disableOAuth);
     apiRoute(GET, '/api/oidc/verify', oidc.verifySubId);
-    apiRoute(GET, '/api/oidc/login', oidc.login);
+    apiRoute(GET, '/api/oidc/authenticate', oidc.authenticateUser);
 
     apiRoute(PST, '/api/totp_recovery/set', recoveryCodes.setRecoveryCodes);
     apiRoute(PST, '/api/totp_recovery/verify', recoveryCodes.veryifyRecoveryCode);
diff --git a/src/services/hidden_subtree.ts b/src/services/hidden_subtree.ts
index d5e313bccb..b0d99b82af 100644
--- a/src/services/hidden_subtree.ts
+++ b/src/services/hidden_subtree.ts
@@ -343,7 +343,6 @@ const HIDDEN_SUBTREE_DEFINITION: Item = {
                 {id: '_optionsShortcuts', title: 'Shortcuts', type: 'contentWidget', icon: 'bxs-keyboard'},
                 {id: '_optionsTextNotes', title: 'Text Notes', type: 'contentWidget', icon: 'bx-text'},
                 {id: '_optionsMFA', title: 'MFA', type: 'contentWidget', icon: 'bx-lock'},
-                {id: '_optionsOpenID', title: 'OpenID', type: 'contentWidget', icon: 'bx-lock'},
                 {id: '_optionsCodeNotes', title: 'Code Notes', type: 'contentWidget', icon: 'bx-code'},
                 {id: '_optionsImages', title: 'Images', type: 'contentWidget', icon: 'bx-image'},
                 {id: '_optionsSpellcheck', title: 'Spellcheck', type: 'contentWidget', icon: 'bx-check-double'},
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index e1745c8964..404d84bc8b 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -7,8 +7,9 @@ import openIDEncryptionService = require('./encryption/open_id_encryption');
 import options = require('./options');
 
 function isOpenIDEnabled() {
-    if (process.env.ENABLE_OAUTH?.toLocaleLowerCase() === 'true') return true;
-    return false;
+    if (process.env.ENABLE_OAUTH?.toLocaleLowerCase() !== 'true') return false;
+
+    return options.getOptionBool('oAuthEnabled');
 }
 
 function checkOpenIDRequirements() {
@@ -21,13 +22,29 @@ function checkOpenIDRequirements() {
     return true;
 }
 
+function enableOAuth() {
+    options.setOption('oAuthEnabled', true);
+    options.setOption('totpEnabled', false);
+
+    return {success: true, message: 'OAuth Enabled'};
+}
+
+function disableOAuth() {
+    options.setOption('oAuthEnabled', false);
+    return {success: true, message: 'OAuth Disabled'};
+}
+
+function getOAuthStatus() {
+    return {success: true, message: options.getOptionBool('oAuthEnabled')};
+}
+
 async function verifySubId(req: Request, res: Response, next: NextFunction) {
     req.oidc.fetchUserInfo().then((result) => {
         return {success: true, result: openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)};
     });
 }
 
-function login(req: Request, res: Response, next: NextFunction) {
+function authenticateUser(req: Request, res: Response, next: NextFunction) {
     if (openIDService.isSubjectIdentifierSaved()) return {success: false, message: 'User ID already saved!'};
     if (!req.oidc.user) return {success: false, message: 'User not logged in!'};
 
@@ -38,8 +55,11 @@ function login(req: Request, res: Response, next: NextFunction) {
 }
 
 export = {
+    getOAuthStatus,
+    enableOAuth,
+    disableOAuth,
     isOpenIDEnabled,
     checkOpenIDRequirements,
     verifySubId,
-    login,
+    authenticateUser,
 };
diff --git a/src/services/options_init.ts b/src/services/options_init.ts
index 21b0602760..eb71d8a53c 100644
--- a/src/services/options_init.ts
+++ b/src/services/options_init.ts
@@ -110,6 +110,7 @@ const defaultOptions = [
     {name: 'totpEnabled', value: 'false', isSynced: true},
     {name: 'encryptedRecoveryCodes', value: 'false', isSynced: true},
     {name: 'userSubjectIdentifierSaved', value: 'false', isSynced: true},
+    {name: 'oAuthEnabled', value: 'false', isSynced: true},
 ];
 
 function initStartupOptions() {

From 7b2ce8a901f79118df6fa3171dc8545056449ab6 Mon Sep 17 00:00:00 2001
From: Chesspro13 <chesspro13@gmail.com>
Date: Thu, 23 May 2024 14:31:03 -0700
Subject: [PATCH 34/63] Changed TOTP to require authenticator code to save
 secret instead of password.

---
 .../options/multi_factor_authentication.js           | 12 +++++-------
 src/routes/api/totp.ts                               | 11 +++++++++--
 2 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index f104993ee3..8fcc991511 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -45,8 +45,8 @@ const TPL = `
     <div class="totp-details">
         <div>
             <div class="form-group">
-                <label>Password confirmation</label>
-                <input class="password form-control" type="password">
+                <label>Authenticator Code</label>
+                <input class="authenticator-code" type="text">
             </div>
             <div class="options-section">
                 <label>
@@ -111,7 +111,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
         this.$totpSecret = this.$widget.find('.totp-secret');
         this.$totpSecretInput = this.$widget.find('.totp-secret-input');
         this.$saveTotpButton = this.$widget.find('.save-totp');
-        this.$password = this.$widget.find('.password');
+        this.$authenticatorCode = this.$widget.find('.authenticator-code');
         this.$generateRecoveryCodeButton = this.$widget.find('.generate-recovery-code');
         this.$oAuthEnabledCheckbox = this.$widget.find('.oauth-enabled-checkbox');
         this.$authenticateuserButton = this.$widget.find('.authenticate-user-button');
@@ -119,8 +119,6 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
 
         for (let i = 0; i < 8; i++) this.$recoveryKeys.push(this.$widget.find('.key_' + i));
 
-        this.$mfaHeadding.text('Time-Based One Time Password (TOTP)');
-
         this.$totpEnabled.on('change', async () => {
             this.updateSecret();
         });
@@ -209,7 +207,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
                 this.$saveTotpButton.prop('disabled', !result.message);
                 this.$totpSecret.prop('disapbled', !result.message);
                 this.$regenerateTotpButton.prop('disabled', !result.message);
-                this.$password.prop('disabled', !result.message);
+                this.$authenticatorCode.prop('disabled', !result.message);
                 this.$generateRecoveryCodeButton.prop('disabled', !result.message);
             } else {
                 toastService.showError(result.message);
@@ -235,7 +233,7 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
         server
             .post('totp/set', {
                 secret: this.$totpSecretInput.val(),
-                password: this.$password.val(),
+                authenticatorCode: this.$authenticatorCode.val(),
             })
             .then((result) => {
                 if (result.success) {
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index e0cf056054..7ed74d1b51 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -30,8 +30,14 @@ function disableTOTP() {
 }
 
 function setTotpSecret(req: Request) {
-    if (!passwordEncryptionService.verifyPassword(req.body.password))
-        throw new ValidationError('Incorrect password reset confirmation');
+    const authenticationResult = speakeasy.totp.verify({
+        secret: req.body.secret,
+        encoding: 'base32',
+        token: req.body.authenticatorCode,
+        window: 1,
+    });
+
+    if (!authenticationResult) throw new ValidationError('TOTP does not match authenticator secret!');
 
     const newSecret = req.body.secret.trim();
     const regex = RegExp(/^[a-zA-Z0-9]{52}$/gm);
@@ -39,6 +45,7 @@ function setTotpSecret(req: Request) {
     if (!regex.test(newSecret)) return;
 
     totp_fs.saveTotpSecret(newSecret);
+    // TODO: let the user know that the operatoin was successful
 }
 
 function getSecret() {

From 78fc105e138e4cca64e5d4973f08f96c0697c578 Mon Sep 17 00:00:00 2001
From: Chesspro13 <chesspro13@gmail.com>
Date: Thu, 23 May 2024 15:12:05 -0700
Subject: [PATCH 35/63] Added MFA reference

---
 README.md | 61 +++++++++++++++++++++++++++++--------------------------
 1 file changed, 32 insertions(+), 29 deletions(-)

diff --git a/README.md b/README.md
index 9868d18966..f4898fe51c 100644
--- a/README.md
+++ b/README.md
@@ -1,13 +1,14 @@
+<!-- @format -->
+
 # Trilium Notes
 
 ## Trilium is in maintenance mode - see details in https://github.com/zadam/trilium/issues/4620
 
-Preliminary disccusions on the successor organization are taking place in [Trilium Next discussions](https://github.com/orgs/TriliumNext/discussions). 
+Preliminary disccusions on the successor organization are taking place in [Trilium Next discussions](https://github.com/orgs/TriliumNext/discussions).
 
 [![Join the chat at https://gitter.im/trilium-notes/Lobby](https://badges.gitter.im/trilium-notes/Lobby.svg)](https://gitter.im/trilium-notes/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [English](https://github.com/zadam/trilium/blob/master/README.md) | [Chinese](https://github.com/zadam/trilium/blob/master/README-ZH_CN.md) | [Russian](https://github.com/zadam/trilium/blob/master/README.ru.md) | [Japanese](https://github.com/zadam/trilium/blob/master/README.ja.md) | [Italian](https://github.com/zadam/trilium/blob/master/README.it.md)
 
-
-Trilium Notes is a hierarchical note taking application with focus on building large personal knowledge bases. 
+Trilium Notes is a hierarchical note taking application with focus on building large personal knowledge bases.
 
 See [screenshots](https://github.com/zadam/trilium/wiki/Screenshot-tour) for quick overview:
 
@@ -22,25 +23,26 @@ Ukraine is currently defending itself from Russian aggression, please consider [
 
 ## 🎁 Features
 
-* Notes can be arranged into arbitrarily deep tree. Single note can be placed into multiple places in the tree (see [cloning](https://github.com/zadam/trilium/wiki/Cloning-notes))
-* Rich WYSIWYG note editing including e.g. tables, images and [math](https://github.com/zadam/trilium/wiki/Text-notes#math-support) with markdown [autoformat](https://github.com/zadam/trilium/wiki/Text-notes#autoformat)
-* Support for editing [notes with source code](https://github.com/zadam/trilium/wiki/Code-notes), including syntax highlighting
-* Fast and easy [navigation between notes](https://github.com/zadam/trilium/wiki/Note-navigation), full text search and [note hoisting](https://github.com/zadam/trilium/wiki/Note-hoisting)
-* Seamless [note versioning](https://github.com/zadam/trilium/wiki/Note-revisions)
-* Note [attributes](https://github.com/zadam/trilium/wiki/Attributes) can be used for note organization, querying and advanced [scripting](https://github.com/zadam/trilium/wiki/Scripts)
-* [Synchronization](https://github.com/zadam/trilium/wiki/Synchronization) with self-hosted sync server
-  * there's a [3rd party service for hosting synchronisation server](https://trilium.cc/paid-hosting)
-* [Sharing](https://github.com/zadam/trilium/wiki/Sharing) (publishing) notes to public internet
-* Strong [note encryption](https://github.com/zadam/trilium/wiki/Protected-notes) with per-note granularity
-* Sketching diagrams with built-in Excalidraw (note type "canvas")
-* [Relation maps](https://github.com/zadam/trilium/wiki/Relation-map) and [link maps](https://github.com/zadam/trilium/wiki/Link-map) for visualizing notes and their relations
-* [Scripting](https://github.com/zadam/trilium/wiki/Scripts) - see [Advanced showcases](https://github.com/zadam/trilium/wiki/Advanced-showcases)
-* [REST API](https://github.com/zadam/trilium/wiki/ETAPI) for automation
-* Scales well in both usability and performance upwards of 100 000 notes
-* Touch optimized [mobile frontend](https://github.com/zadam/trilium/wiki/Mobile-frontend) for smartphones and tablets
-* [Night theme](https://github.com/zadam/trilium/wiki/Themes)
-* [Evernote](https://github.com/zadam/trilium/wiki/Evernote-import) and [Markdown import & export](https://github.com/zadam/trilium/wiki/Markdown)
-* [Web Clipper](https://github.com/zadam/trilium/wiki/Web-clipper) for easy saving of web content
+-   Notes can be arranged into arbitrarily deep tree. Single note can be placed into multiple places in the tree (see [cloning](https://github.com/zadam/trilium/wiki/Cloning-notes))
+-   Rich WYSIWYG note editing including e.g. tables, images and [math](https://github.com/zadam/trilium/wiki/Text-notes#math-support) with markdown [autoformat](https://github.com/zadam/trilium/wiki/Text-notes#autoformat)
+-   Support for editing [notes with source code](https://github.com/zadam/trilium/wiki/Code-notes), including syntax highlighting
+-   Fast and easy [navigation between notes](https://github.com/zadam/trilium/wiki/Note-navigation), full text search and [note hoisting](https://github.com/zadam/trilium/wiki/Note-hoisting)
+-   Seamless [note versioning](https://github.com/zadam/trilium/wiki/Note-revisions)
+-   Note [attributes](https://github.com/zadam/trilium/wiki/Attributes) can be used for note organization, querying and advanced [scripting](https://github.com/zadam/trilium/wiki/Scripts)
+-   [Synchronization](https://github.com/zadam/trilium/wiki/Synchronization) with self-hosted sync server
+    -   there's a [3rd party service for hosting synchronisation server](https://trilium.cc/paid-hosting)
+-   [Sharing](https://github.com/zadam/trilium/wiki/Sharing) (publishing) notes to public internet
+-   Strong [note encryption](https://github.com/zadam/trilium/wiki/Protected-notes) with per-note granularity
+-   Sketching diagrams with built-in Excalidraw (note type "canvas")
+-   [Relation maps](https://github.com/zadam/trilium/wiki/Relation-map) and [link maps](https://github.com/zadam/trilium/wiki/Link-map) for visualizing notes and their relations
+-   [Scripting](https://github.com/zadam/trilium/wiki/Scripts) - see [Advanced showcases](https://github.com/zadam/trilium/wiki/Advanced-showcases)
+-   [REST API](https://github.com/zadam/trilium/wiki/ETAPI) for automation
+-   Scales well in both usability and performance upwards of 100 000 notes
+-   Touch optimized [mobile frontend](https://github.com/zadam/trilium/wiki/Mobile-frontend) for smartphones and tablets
+-   [Night theme](https://github.com/zadam/trilium/wiki/Themes)
+-   [Evernote](https://github.com/zadam/trilium/wiki/Evernote-import) and [Markdown import & export](https://github.com/zadam/trilium/wiki/Markdown)
+-   [Web Clipper](https://github.com/zadam/trilium/wiki/Web-clipper) for easy saving of web content
+-   [Multi-Factor Authentication] to keep your notes safe
 
 Check out [awesome-trilium](https://github.com/Nriver/awesome-trilium) for 3rd party themes, scripts, plugins and more.
 
@@ -48,9 +50,9 @@ Check out [awesome-trilium](https://github.com/Nriver/awesome-trilium) for 3rd p
 
 Trilium is provided as either desktop application (Linux and Windows) or web application hosted on your server (Linux). Mac OS desktop build is available, but it is [unsupported](https://github.com/zadam/trilium/wiki/FAQ#mac-os-support).
 
-* If you want to use Trilium on the desktop, download binary release for your platform from [latest release](https://github.com/zadam/trilium/releases/latest), unzip the package and run ```trilium``` executable.
-* If you want to install Trilium on server, follow [this page](https://github.com/zadam/trilium/wiki/Server-installation).
-  * Currently only recent Chrome and Firefox are supported (tested) browsers.
+-   If you want to use Trilium on the desktop, download binary release for your platform from [latest release](https://github.com/zadam/trilium/releases/latest), unzip the package and run `trilium` executable.
+-   If you want to install Trilium on server, follow [this page](https://github.com/zadam/trilium/wiki/Server-installation).
+    -   Currently only recent Chrome and Firefox are supported (tested) browsers.
 
 Trilium is also provided as a Flatpak:
 
@@ -69,6 +71,7 @@ Use a browser based dev environment
 [![Open in Gitpod](https://gitpod.io/button/open-in-gitpod.svg)](https://gitpod.io/#https://github.com/zadam/trilium)
 
 Or clone locally and run
+
 ```
 npm install
 npm run start-server
@@ -76,10 +79,10 @@ npm run start-server
 
 ## 📢 Shoutouts
 
-* [CKEditor 5](https://github.com/ckeditor/ckeditor5) - best WYSIWYG editor on the market, very interactive and listening team
-* [FancyTree](https://github.com/mar10/fancytree) - very feature rich tree library without real competition. Trilium Notes would not be the same without it.
-* [CodeMirror](https://github.com/codemirror/CodeMirror) - code editor with support for huge amount of languages
-* [jsPlumb](https://github.com/jsplumb/jsplumb) - visual connectivity library without competition. Used in [relation maps](https://github.com/zadam/trilium/wiki/Relation-map) and [link maps](https://github.com/zadam/trilium/wiki/Link-map)
+-   [CKEditor 5](https://github.com/ckeditor/ckeditor5) - best WYSIWYG editor on the market, very interactive and listening team
+-   [FancyTree](https://github.com/mar10/fancytree) - very feature rich tree library without real competition. Trilium Notes would not be the same without it.
+-   [CodeMirror](https://github.com/codemirror/CodeMirror) - code editor with support for huge amount of languages
+-   [jsPlumb](https://github.com/jsplumb/jsplumb) - visual connectivity library without competition. Used in [relation maps](https://github.com/zadam/trilium/wiki/Relation-map) and [link maps](https://github.com/zadam/trilium/wiki/Link-map)
 
 ## 🤝 Support
 

From 42f774fc7245e6d6848ea9021e3a48b37607f6fe Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Thu, 23 May 2024 16:46:56 -0700
Subject: [PATCH 36/63] Fixed SQL init error

---
 package-lock.json       | 210 +++++++++++++++++++++-------------------
 src/services/open_id.ts |  12 ++-
 2 files changed, 122 insertions(+), 100 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 8700a5af27..66bd027abf 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -276,9 +276,9 @@
       }
     },
     "node_modules/@electron/get/node_modules/semver": {
-      "version": "6.3.0",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz",
-      "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==",
+      "version": "6.3.1",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz",
+      "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA==",
       "bin": {
         "semver": "bin/semver.js"
       }
@@ -3704,9 +3704,9 @@
       }
     },
     "node_modules/cls-hooked/node_modules/semver": {
-      "version": "5.7.1",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
-      "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==",
+      "version": "5.7.2",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz",
+      "integrity": "sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g==",
       "bin": {
         "semver": "bin/semver"
       }
@@ -6855,9 +6855,9 @@
       }
     },
     "node_modules/follow-redirects": {
-      "version": "1.15.5",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.5.tgz",
-      "integrity": "sha512-vSFWUON1B+yAw1VN4xMfxgn5fTUiaOzAJCKBwIIgT/+7CuGy9+r+5gITvP62j3RmaD5Ph65UaERdOSRGUzZtgw==",
+      "version": "1.15.6",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz",
+      "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA==",
       "funding": [
         {
           "type": "individual",
@@ -7488,9 +7488,9 @@
       }
     },
     "node_modules/http-cache-semantics": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.0.tgz",
-      "integrity": "sha512-carPklcUh7ROWRK7Cv27RPtdhYhUsela/ue5/jKzjegVvXDqM2ILE9Q2BGn9JZJh1g87cp56su/FgQSzcWS8cQ=="
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz",
+      "integrity": "sha512-er295DKPVsV82j5kw1Gjt+ADA/XYHsajl82cGNQG2eyoPkvgUhX+nDIyelzhIWbbsXP39EHcI6l5tYs2FYqYXQ=="
     },
     "node_modules/http-errors": {
       "version": "2.0.0",
@@ -7797,9 +7797,9 @@
       }
     },
     "node_modules/ip": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/ip/-/ip-2.0.0.tgz",
-      "integrity": "sha512-WKa+XuLG1A1R0UWhl2+1XQSi+fZWMsYKffMZTTYsiZaUD8k2yDAj5atimTUD2TZkyCkNEeYE5NhFZmupOGtjYQ==",
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/ip/-/ip-2.0.1.tgz",
+      "integrity": "sha512-lJUL9imLTNi1ZfXT+DU6rBBdbiKGBuay9B6xGSPVjUeQwaH1RIGqef8RZkUtHioLmSNpPR5M4HVKJGm1j8FWVQ==",
       "dev": true
     },
     "node_modules/ipaddr.js": {
@@ -8426,9 +8426,9 @@
       "dev": true
     },
     "node_modules/json-schema": {
-      "version": "0.2.3",
-      "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz",
-      "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM="
+      "version": "0.4.0",
+      "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz",
+      "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA=="
     },
     "node_modules/json-schema-traverse": {
       "version": "0.4.1",
@@ -8461,17 +8461,17 @@
       }
     },
     "node_modules/jsprim": {
-      "version": "1.4.1",
-      "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz",
-      "integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=",
-      "engines": [
-        "node >=0.6.0"
-      ],
+      "version": "1.4.2",
+      "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz",
+      "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==",
       "dependencies": {
         "assert-plus": "1.0.0",
         "extsprintf": "1.3.0",
-        "json-schema": "0.2.3",
+        "json-schema": "0.4.0",
         "verror": "1.10.0"
+      },
+      "engines": {
+        "node": ">=0.6.0"
       }
     },
     "node_modules/junk": {
@@ -9715,9 +9715,15 @@
       }
     },
     "node_modules/nanoid": {
-      "version": "3.1.30",
-      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.1.30.tgz",
-      "integrity": "sha512-zJpuPDwOv8D2zq2WRoMe1HsfZthVewpel9CAvTfc/2mBD1uUT/agc5f7GHGWXlYkFvi1mVxe4IjvP2HNrop7nQ==",
+      "version": "3.3.7",
+      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz",
+      "integrity": "sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
       "bin": {
         "nanoid": "bin/nanoid.cjs"
       },
@@ -10013,9 +10019,9 @@
       }
     },
     "node_modules/normalize-package-data/node_modules/semver": {
-      "version": "5.7.1",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
-      "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==",
+      "version": "5.7.2",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz",
+      "integrity": "sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g==",
       "dev": true,
       "bin": {
         "semver": "bin/semver"
@@ -10651,20 +10657,30 @@
       }
     },
     "node_modules/postcss": {
-      "version": "8.4.5",
-      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.5.tgz",
-      "integrity": "sha512-jBDboWM8qpaqwkMwItqTQTiFikhs/67OYVvblFFTM7MrZjt6yMKd6r2kgXizEbTTljacm4NldIlZnhbjr84QYg==",
+      "version": "8.4.38",
+      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.38.tgz",
+      "integrity": "sha512-Wglpdk03BSfXkHoQa3b/oulrotAkwrlLDRSOb9D0bN86FdRyE9lppSp33aHNPgBa0JKCoB+drFLZkQoRRYae5A==",
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/postcss/"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/postcss"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
       "dependencies": {
-        "nanoid": "^3.1.30",
+        "nanoid": "^3.3.7",
         "picocolors": "^1.0.0",
-        "source-map-js": "^1.0.1"
+        "source-map-js": "^1.2.0"
       },
       "engines": {
         "node": "^10 || ^12 || >=14"
-      },
-      "funding": {
-        "type": "opencollective",
-        "url": "https://opencollective.com/postcss/"
       }
     },
     "node_modules/prebuild-install": {
@@ -11213,9 +11229,9 @@
       }
     },
     "node_modules/request/node_modules/qs": {
-      "version": "6.5.2",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz",
-      "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==",
+      "version": "6.5.3",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz",
+      "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA==",
       "engines": {
         "node": ">=0.6"
       }
@@ -12000,9 +12016,9 @@
       }
     },
     "node_modules/source-map-js": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.0.1.tgz",
-      "integrity": "sha512-4+TN2b3tqOCd/kaGRJ/sTYA0tR0mdXx26ipdolxcwtJVqEnqNYvlCAt1q3ypy4QMlYus+Zh34RNtYLoq2oQ4IA==",
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.0.tgz",
+      "integrity": "sha512-itJW8lvSA0TXEphiRoawsCksnlf8SyvmFzIhltqAHluXd88pkCd+cXJVHTDwdCr0IzwptSm035IHQktUu1QUMg==",
       "engines": {
         "node": ">=0.10.0"
       }
@@ -12333,9 +12349,9 @@
       }
     },
     "node_modules/tar": {
-      "version": "6.1.15",
-      "resolved": "https://registry.npmjs.org/tar/-/tar-6.1.15.tgz",
-      "integrity": "sha512-/zKt9UyngnxIT/EAGYuxaMYgOIJiP81ab9ZfkILq4oNLPFX50qyYmu7jRj9qeXoxmJHjGlbH0+cm2uy1WCs10A==",
+      "version": "6.2.1",
+      "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz",
+      "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==",
       "dev": true,
       "dependencies": {
         "chownr": "^2.0.0",
@@ -13339,9 +13355,9 @@
       "dev": true
     },
     "node_modules/word-wrap": {
-      "version": "1.2.3",
-      "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz",
-      "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==",
+      "version": "1.2.5",
+      "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.5.tgz",
+      "integrity": "sha512-BN22B5eaMMI9UMtjrGd5g5eCYPpCPDUy0FJXbYsaT5zYxjFOckS53SQDE3pWkVoWpHXVb3BrYcEN4Twa55B5cA==",
       "optional": true,
       "engines": {
         "node": ">=0.10.0"
@@ -13811,9 +13827,9 @@
           }
         },
         "semver": {
-          "version": "6.3.0",
-          "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.0.tgz",
-          "integrity": "sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw=="
+          "version": "6.3.1",
+          "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz",
+          "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA=="
         }
       }
     },
@@ -16574,9 +16590,9 @@
       },
       "dependencies": {
         "semver": {
-          "version": "5.7.1",
-          "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
-          "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ=="
+          "version": "5.7.2",
+          "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz",
+          "integrity": "sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g=="
         }
       }
     },
@@ -18956,9 +18972,9 @@
       }
     },
     "follow-redirects": {
-      "version": "1.15.5",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.5.tgz",
-      "integrity": "sha512-vSFWUON1B+yAw1VN4xMfxgn5fTUiaOzAJCKBwIIgT/+7CuGy9+r+5gITvP62j3RmaD5Ph65UaERdOSRGUzZtgw=="
+      "version": "1.15.6",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz",
+      "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA=="
     },
     "force-graph": {
       "version": "1.43.5",
@@ -19429,9 +19445,9 @@
       }
     },
     "http-cache-semantics": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.0.tgz",
-      "integrity": "sha512-carPklcUh7ROWRK7Cv27RPtdhYhUsela/ue5/jKzjegVvXDqM2ILE9Q2BGn9JZJh1g87cp56su/FgQSzcWS8cQ=="
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz",
+      "integrity": "sha512-er295DKPVsV82j5kw1Gjt+ADA/XYHsajl82cGNQG2eyoPkvgUhX+nDIyelzhIWbbsXP39EHcI6l5tYs2FYqYXQ=="
     },
     "http-errors": {
       "version": "2.0.0",
@@ -19664,9 +19680,9 @@
       }
     },
     "ip": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/ip/-/ip-2.0.0.tgz",
-      "integrity": "sha512-WKa+XuLG1A1R0UWhl2+1XQSi+fZWMsYKffMZTTYsiZaUD8k2yDAj5atimTUD2TZkyCkNEeYE5NhFZmupOGtjYQ==",
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/ip/-/ip-2.0.1.tgz",
+      "integrity": "sha512-lJUL9imLTNi1ZfXT+DU6rBBdbiKGBuay9B6xGSPVjUeQwaH1RIGqef8RZkUtHioLmSNpPR5M4HVKJGm1j8FWVQ==",
       "dev": true
     },
     "ipaddr.js": {
@@ -20132,9 +20148,9 @@
       "dev": true
     },
     "json-schema": {
-      "version": "0.2.3",
-      "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz",
-      "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM="
+      "version": "0.4.0",
+      "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz",
+      "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA=="
     },
     "json-schema-traverse": {
       "version": "0.4.1",
@@ -20161,13 +20177,13 @@
       }
     },
     "jsprim": {
-      "version": "1.4.1",
-      "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz",
-      "integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=",
+      "version": "1.4.2",
+      "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz",
+      "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==",
       "requires": {
         "assert-plus": "1.0.0",
         "extsprintf": "1.3.0",
-        "json-schema": "0.2.3",
+        "json-schema": "0.4.0",
         "verror": "1.10.0"
       }
     },
@@ -21028,9 +21044,9 @@
       }
     },
     "nanoid": {
-      "version": "3.1.30",
-      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.1.30.tgz",
-      "integrity": "sha512-zJpuPDwOv8D2zq2WRoMe1HsfZthVewpel9CAvTfc/2mBD1uUT/agc5f7GHGWXlYkFvi1mVxe4IjvP2HNrop7nQ=="
+      "version": "3.3.7",
+      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz",
+      "integrity": "sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g=="
     },
     "napi-build-utils": {
       "version": "1.0.2",
@@ -21258,9 +21274,9 @@
       },
       "dependencies": {
         "semver": {
-          "version": "5.7.1",
-          "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
-          "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==",
+          "version": "5.7.2",
+          "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz",
+          "integrity": "sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g==",
           "dev": true
         }
       }
@@ -21739,13 +21755,13 @@
       "integrity": "sha512-TRzzuFRRmEoSW/p1KVAmiOgPco2Irlah+bGFCeNfJXxxYGwSw7YwAOAcd7X28K/m5bjBWKsC29KyoMfHbypayg=="
     },
     "postcss": {
-      "version": "8.4.5",
-      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.5.tgz",
-      "integrity": "sha512-jBDboWM8qpaqwkMwItqTQTiFikhs/67OYVvblFFTM7MrZjt6yMKd6r2kgXizEbTTljacm4NldIlZnhbjr84QYg==",
+      "version": "8.4.38",
+      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.38.tgz",
+      "integrity": "sha512-Wglpdk03BSfXkHoQa3b/oulrotAkwrlLDRSOb9D0bN86FdRyE9lppSp33aHNPgBa0JKCoB+drFLZkQoRRYae5A==",
       "requires": {
-        "nanoid": "^3.1.30",
+        "nanoid": "^3.3.7",
         "picocolors": "^1.0.0",
-        "source-map-js": "^1.0.1"
+        "source-map-js": "^1.2.0"
       }
     },
     "prebuild-install": {
@@ -22197,9 +22213,9 @@
       },
       "dependencies": {
         "qs": {
-          "version": "6.5.2",
-          "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz",
-          "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA=="
+          "version": "6.5.3",
+          "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz",
+          "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA=="
         },
         "tough-cookie": {
           "version": "2.5.0",
@@ -22792,9 +22808,9 @@
       "dev": true
     },
     "source-map-js": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.0.1.tgz",
-      "integrity": "sha512-4+TN2b3tqOCd/kaGRJ/sTYA0tR0mdXx26ipdolxcwtJVqEnqNYvlCAt1q3ypy4QMlYus+Zh34RNtYLoq2oQ4IA=="
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.0.tgz",
+      "integrity": "sha512-itJW8lvSA0TXEphiRoawsCksnlf8SyvmFzIhltqAHluXd88pkCd+cXJVHTDwdCr0IzwptSm035IHQktUu1QUMg=="
     },
     "source-map-support": {
       "version": "0.5.21",
@@ -23050,9 +23066,9 @@
       "dev": true
     },
     "tar": {
-      "version": "6.1.15",
-      "resolved": "https://registry.npmjs.org/tar/-/tar-6.1.15.tgz",
-      "integrity": "sha512-/zKt9UyngnxIT/EAGYuxaMYgOIJiP81ab9ZfkILq4oNLPFX50qyYmu7jRj9qeXoxmJHjGlbH0+cm2uy1WCs10A==",
+      "version": "6.2.1",
+      "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz",
+      "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==",
       "dev": true,
       "requires": {
         "chownr": "^2.0.0",
@@ -23795,9 +23811,9 @@
       "dev": true
     },
     "word-wrap": {
-      "version": "1.2.3",
-      "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz",
-      "integrity": "sha512-Hz/mrNwitNRh/HUAtM/VT/5VH+ygD6DV7mYKZAtHOrbs8U7lvPS6xf7EJKMF0uW1KJCl0H701g3ZGus+muE5vQ==",
+      "version": "1.2.5",
+      "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.5.tgz",
+      "integrity": "sha512-BN22B5eaMMI9UMtjrGd5g5eCYPpCPDUy0FJXbYsaT5zYxjFOckS53SQDE3pWkVoWpHXVb3BrYcEN4Twa55B5cA==",
       "optional": true
     },
     "wrap-ansi": {
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index 404d84bc8b..54ad3c74ad 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -9,7 +9,11 @@ import options = require('./options');
 function isOpenIDEnabled() {
     if (process.env.ENABLE_OAUTH?.toLocaleLowerCase() !== 'true') return false;
 
-    return options.getOptionBool('oAuthEnabled');
+    try {
+        return options.getOptionBool('oAuthEnabled');
+    } catch (e) {
+        return false;
+    }
 }
 
 function checkOpenIDRequirements() {
@@ -46,12 +50,14 @@ async function verifySubId(req: Request, res: Response, next: NextFunction) {
 
 function authenticateUser(req: Request, res: Response, next: NextFunction) {
     if (openIDService.isSubjectIdentifierSaved()) return {success: false, message: 'User ID already saved!'};
-    if (!req.oidc.user) return {success: false, message: 'User not logged in!'};
+    if (!req.oidc.user) {
+        res.redirect('/auth');
+    }
 
     req.oidc.fetchUserInfo().then((result) => {
         openIDService.saveSubjectIdentifier(result.sub);
     });
-    return {success: true, message: 'User ' + req.oidc.user.sub + ' saved!'};
+    return {success: true, message: 'User ' + req.oidc.user?.sub + ' saved!'};
 }
 
 export = {

From 61c7065a1197cce5bf2787b7a8e5ab484b5f3b83 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Thu, 23 May 2024 17:21:25 -0700
Subject: [PATCH 37/63] Changed TOTP to be loaded from .env

---
 .env.example                                  |  5 +-
 .../options/multi_factor_authentication.js    | 99 ++++---------------
 src/routes/api/totp.ts                        | 30 +-----
 src/routes/routes.ts                          | 12 +--
 src/services/open_id.ts                       |  9 --
 src/services/totp.ts                          | 14 +++
 src/services/totp_secret.ts                   | 35 -------
 7 files changed, 44 insertions(+), 160 deletions(-)
 create mode 100644 src/services/totp.ts
 delete mode 100644 src/services/totp_secret.ts

diff --git a/.env.example b/.env.example
index 91f1307d27..74a01be19e 100644
--- a/.env.example
+++ b/.env.example
@@ -1,5 +1,6 @@
-ENABLE_OAUTH="true"
 BASE_URL="http://localhost:8080"
 CLIENT_ID="1234"
 ISSUER_BASE_URL="https://example.com/xyz.well-known/openid-configuration"
-SECRET="I_Like_Trilium"
\ No newline at end of file
+SECRET="I-Like-Trilium"
+
+TOTP_SECRET="Trilium-is-the-best
\ No newline at end of file
diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 8fcc991511..5861f38cf0 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -8,33 +8,28 @@ import OptionsWidget from './options_widget.js';
 const TPL = `
 <div class="options-section">
     <h2 class=""><b>What is Multi-Factor Authentication?</b></h2>
-
     <div class="">
         <i>MFA description</i>
     </div>
     <br>
-
     <div>
         <h3><b>OAuth</b></h3>
         <span>This is what OAuth is</span>
-
         <div>
             <label>
             <b>Enable OAuth</b>
             </label>
             <input type="checkbox" class="oauth-enabled-checkbox" />
         </div>
-
         <div>
             <button class="authenticate-user-button" > Login to conigured OAuth service </button>
         </div>
     </div>
-
     <br>
     <h3><b>Time-based One-Time Password<b></h3>
     <div>
         <label>
-           <b>Enable TOTP</b>
+        <b>Enable TOTP</b>
         </label>
         <input type="checkbox" class="totp-enabled"  />
     </div>
@@ -42,35 +37,20 @@ const TPL = `
         <span>This is what TOTP is</span>
     </div>
     <br>
-    <div class="totp-details">
-        <div>
-            <div class="form-group">
-                <label>Authenticator Code</label>
-                <input class="authenticator-code" type="text">
-            </div>
-            <div class="options-section">
-                <label>
-                TOTP Secret
-                </label>
-                <input class="totp-secret-input form-control" disabled="true" type="text">
-                <button class="save-totp" disabled="true"> Save TOTP Secret </button>
-            </div>
-        </div>
-        <br>
-        <h4> Generate TOTP Secret </h4>
-        <div>
-            <span class="totp-secret" > TOTP Secret Key </span>
-            <br>
-            <button class="regenerate-totp" disabled="true"> Regenerate TOTP Secret </button>
-        </div>
+    <h4> Generate TOTP Secret </h4>
+    <div>
+        <span class="totp-secret" > TOTP Secret Key </span>
         <br>
-        <h4> Single Sign-on Recovery Keys </h4>
-            <div>
-            <span >Single sign-on recovery keys are used to login in the event you cannot access your Authenticator codes. Keep them somewhere safe and secure. </span>
-            <br><br>
-            <span class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">After a recovery key is used it cannot be used again.</span>
-            <br><br>
-            <table style="border: 0px solid white">
+        <button class="regenerate-totp" disabled="true"> Regenerate TOTP Secret </button>
+    </div>
+    <br>
+    <h4> Single Sign-on Recovery Keys </h4>
+    <div>
+        <span >Single sign-on recovery keys are used to login in the event you cannot access your Authenticator codes. Keep them somewhere safe and secure. </span>
+        <br><br>
+        <span class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">After a recovery key is used it cannot be used again.</span>
+        <br><br>
+        <table style="border: 0px solid white">
             <tbody>
                 <tr>
                     <td class="key_0">Recover Key 1</td>
@@ -93,24 +73,22 @@ const TPL = `
                     <td class="key_7">Recover Key 8</td>
                 </tr>
             </tbody>
-            </table>
-            <br>
-            <button class="generate-recovery-code" disabled="true"> Generate Recovery Keys </button>
-        </div>
+        </table>
+        <br>
+        <button class="generate-recovery-code" disabled="true"> Generate Recovery Keys </button>
     </div>
-</div>`;
+</div>
+`;
 
 export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     doRender() {
         this.$widget = $(TPL);
 
-        this.$mfaHeadding = this.$widget.find('.mfa-heading');
         this.$regenerateTotpButton = this.$widget.find('.regenerate-totp');
         this.$totpDetails = this.$widget.find('.totp-details');
         this.$totpEnabled = this.$widget.find('.totp-enabled');
         this.$totpSecret = this.$widget.find('.totp-secret');
         this.$totpSecretInput = this.$widget.find('.totp-secret-input');
-        this.$saveTotpButton = this.$widget.find('.save-totp');
         this.$authenticatorCode = this.$widget.find('.authenticator-code');
         this.$generateRecoveryCodeButton = this.$widget.find('.generate-recovery-code');
         this.$oAuthEnabledCheckbox = this.$widget.find('.oauth-enabled-checkbox');
@@ -135,12 +113,8 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
             this.generateKey();
         });
 
-        this.$saveTotpButton.on('click', async () => {
-            this.saveTotpSecret();
-        });
-
         this.$authenticateuserButton.on('click', (async) => {
-            server.get('oidc/authenticate');
+            server.get('oauth/authenticate');
         });
 
         this.$protectedSessionTimeout = this.$widget.find('.protected-session-timeout-in-seconds');
@@ -204,7 +178,6 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
             if (result.success) {
                 this.$totpEnabled.prop('checked', result.message);
                 this.$totpSecretInput.prop('disabled', !result.message);
-                this.$saveTotpButton.prop('disabled', !result.message);
                 this.$totpSecret.prop('disapbled', !result.message);
                 this.$regenerateTotpButton.prop('disabled', !result.message);
                 this.$authenticatorCode.prop('disabled', !result.message);
@@ -217,38 +190,6 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
         this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
     }
 
-    saveTotpSecret() {
-        const key = this.$totpSecretInput.val().trim();
-        const regex = /[!@#$%^&*()_+\-=\[\]{};':"\\|,.<>\/?]+/;
-
-        if (key.length != 52) {
-            toastService.showError('Invalid Secret', 2000);
-            return;
-        }
-        if (regex.test(key)) {
-            toastService.showError('Invalid Secret', 2000);
-            return;
-        }
-
-        server
-            .post('totp/set', {
-                secret: this.$totpSecretInput.val(),
-                authenticatorCode: this.$authenticatorCode.val(),
-            })
-            .then((result) => {
-                if (result.success) {
-                    toastService.showError('TOTP Secret has been set');
-
-                    // password changed so current protected session is invalid and needs to be cleared
-                    protectedSessionHolder.resetProtectedSession();
-                } else {
-                    toastService.showError(result.message);
-                }
-            });
-
-        return false;
-    }
-
     displayRecoveryKeys() {
         server.get('totp_recovery/enabled').then((result) => {
             if (!result.success) {
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index 7ed74d1b51..d1a82ad703 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -1,11 +1,6 @@
 /** @format */
 
 import options = require('../../services/options');
-import totp_secret = require('../../services/encryption/totp_secret');
-import passwordEncryptionService = require('../../services/encryption/password_encryption');
-import {Request} from 'express';
-import totp_fs = require('../../services/totp_secret');
-import ValidationError = require('../../errors/validation_error');
 const speakeasy = require('speakeasy');
 
 function generateSecret() {
@@ -25,31 +20,11 @@ function enableTOTP() {
 
 function disableTOTP() {
     options.setOption('totpEnabled', false);
-
-    return {success: totp_fs.removeTotpSecret()};
-}
-
-function setTotpSecret(req: Request) {
-    const authenticationResult = speakeasy.totp.verify({
-        secret: req.body.secret,
-        encoding: 'base32',
-        token: req.body.authenticatorCode,
-        window: 1,
-    });
-
-    if (!authenticationResult) throw new ValidationError('TOTP does not match authenticator secret!');
-
-    const newSecret = req.body.secret.trim();
-    const regex = RegExp(/^[a-zA-Z0-9]{52}$/gm);
-
-    if (!regex.test(newSecret)) return;
-
-    totp_fs.saveTotpSecret(newSecret);
-    // TODO: let the user know that the operatoin was successful
+    return {success: true};
 }
 
 function getSecret() {
-    return totp_fs.getTotpSecret();
+    return process.env.TOTP_SECRET;
 }
 
 export = {
@@ -57,6 +32,5 @@ export = {
     getTOTPStatus,
     enableTOTP,
     disableTOTP,
-    setTotpSecret,
     getSecret,
 };
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 784d575893..109d1d87df 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -22,7 +22,7 @@ import ValidationError = require('../errors/validation_error');
 import setupRoute = require('./setup');
 import loginRoute = require('./login');
 import indexRoute = require('./index');
-import oidc = require('../services/open_id');
+import openID = require('../services/open_id');
 
 // API routes
 import treeApiRoute = require('./api/tree');
@@ -135,14 +135,12 @@ function register(app: express.Application) {
     apiRoute(GET, '/api/totp/status', totp.getTOTPStatus);
     apiRoute(PST, '/api/totp/enable', totp.enableTOTP);
     apiRoute(PST, '/api/totp/disable', totp.disableTOTP);
-    apiRoute(PST, '/api/totp/set', totp.setTotpSecret);
     apiRoute(GET, '/api/totp/get', totp.getSecret);
 
-    apiRoute(GET, '/api/oauth/status', oidc.getOAuthStatus);
-    apiRoute(PST, '/api/oauth/enable', oidc.enableOAuth);
-    apiRoute(PST, '/api/oauth/disable', oidc.disableOAuth);
-    apiRoute(GET, '/api/oidc/verify', oidc.verifySubId);
-    apiRoute(GET, '/api/oidc/authenticate', oidc.authenticateUser);
+    apiRoute(GET, '/api/oauth/status', openID.getOAuthStatus);
+    apiRoute(PST, '/api/oauth/enable', openID.enableOAuth);
+    apiRoute(PST, '/api/oauth/disable', openID.disableOAuth);
+    apiRoute(GET, '/api/oauth/authenticate', openID.authenticateUser);
 
     apiRoute(PST, '/api/totp_recovery/set', recoveryCodes.setRecoveryCodes);
     apiRoute(PST, '/api/totp_recovery/verify', recoveryCodes.veryifyRecoveryCode);
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index 54ad3c74ad..93ebe0a461 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -7,8 +7,6 @@ import openIDEncryptionService = require('./encryption/open_id_encryption');
 import options = require('./options');
 
 function isOpenIDEnabled() {
-    if (process.env.ENABLE_OAUTH?.toLocaleLowerCase() !== 'true') return false;
-
     try {
         return options.getOptionBool('oAuthEnabled');
     } catch (e) {
@@ -42,12 +40,6 @@ function getOAuthStatus() {
     return {success: true, message: options.getOptionBool('oAuthEnabled')};
 }
 
-async function verifySubId(req: Request, res: Response, next: NextFunction) {
-    req.oidc.fetchUserInfo().then((result) => {
-        return {success: true, result: openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)};
-    });
-}
-
 function authenticateUser(req: Request, res: Response, next: NextFunction) {
     if (openIDService.isSubjectIdentifierSaved()) return {success: false, message: 'User ID already saved!'};
     if (!req.oidc.user) {
@@ -66,6 +58,5 @@ export = {
     disableOAuth,
     isOpenIDEnabled,
     checkOpenIDRequirements,
-    verifySubId,
     authenticateUser,
 };
diff --git a/src/services/totp.ts b/src/services/totp.ts
new file mode 100644
index 0000000000..02ce490005
--- /dev/null
+++ b/src/services/totp.ts
@@ -0,0 +1,14 @@
+/** @format */
+
+'use strict';
+
+function getTotpSecret() {
+    return process.env.TOTP_SECRET;
+}
+
+function checkForTotSecret() {
+    if (process.env.TOTP_SECRET) return true;
+    else return false;
+}
+
+export = {getTotpSecret, checkForTotSecret};
diff --git a/src/services/totp_secret.ts b/src/services/totp_secret.ts
deleted file mode 100644
index 0f6c9b62a7..0000000000
--- a/src/services/totp_secret.ts
+++ /dev/null
@@ -1,35 +0,0 @@
-'use strict';
-
-import fs = require('fs');
-import crypto = require('crypto');
-import dataDir = require('./data_dir');
-import log = require('./log');
-
-const totpSecretPath = `${dataDir.TRILIUM_DATA_DIR}/totp_secret.txt`;
-
-function saveTotpSecret(secret: string) {
-    if (!fs.existsSync(totpSecretPath)) log.info('Generated totp secret file');
-
-    fs.writeFileSync(totpSecretPath, secret, 'utf8');
-}
-
-function getTotpSecret() {
-    return fs.readFileSync(totpSecretPath, 'utf8');
-}
-
-function checkForTotSecret() {
-    console.log("Check" + fs.existsSync(totpSecretPath));
-    return fs.existsSync(totpSecretPath);
-}
-
-function removeTotpSecret() {
-    console.log('Attempting to remove secret');
-    fs.unlink(totpSecretPath, (a) => {
-        console.log('Unable to remove totp secret');
-        console.log(a);
-        return false;
-    });
-    return true;
-}
-
-export = {saveTotpSecret, getTotpSecret, checkForTotSecret, removeTotpSecret};

From 76818518bd3112dae8248bc889ab8e3e4f094fb2 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Thu, 23 May 2024 17:25:28 -0700
Subject: [PATCH 38/63] Fixed outdated import

---
 src/routes/login.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/routes/login.ts b/src/routes/login.ts
index 5f5915f441..91ea6590d1 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -10,7 +10,7 @@ import passwordService = require('../services/encryption/password');
 import assetPath = require('../services/asset_path');
 import appPath = require('../services/app_path');
 import ValidationError = require('../errors/validation_error');
-import totp_secret = require('../services/totp_secret');
+import totp_secret = require('../services/totp');
 import {Request, Response} from 'express';
 import {AppRequest} from './route-interface';
 import recoveryCodeService = require('../services/encryption/recovery_codes');

From fdda99cfbef19a1dfd0e7ecac0650fcce1a94354 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Thu, 23 May 2024 17:52:58 -0700
Subject: [PATCH 39/63] Added MFA description/refactored

---
 .env.example                                  |  3 +-
 src/app.ts                                    | 26 +-------------
 .../options/multi_factor_authentication.js    | 21 +++++++----
 src/services/open_id.ts                       | 35 +++++++++++++++++++
 4 files changed, 52 insertions(+), 33 deletions(-)

diff --git a/.env.example b/.env.example
index 74a01be19e..3a4757c256 100644
--- a/.env.example
+++ b/.env.example
@@ -2,5 +2,6 @@ BASE_URL="http://localhost:8080"
 CLIENT_ID="1234"
 ISSUER_BASE_URL="https://example.com/xyz.well-known/openid-configuration"
 SECRET="I-Like-Trilium"
+AUTH_0_LOGOUT="false"
 
-TOTP_SECRET="Trilium-is-the-best
\ No newline at end of file
+TOTP_SECRET="Trilium-is-the-best"
\ No newline at end of file
diff --git a/src/app.ts b/src/app.ts
index b758b12d38..5a88e05d1d 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -23,30 +23,6 @@ require('dotenv').config();
 
 const app = express();
 
-const authRoutes = {
-    callback: '/callback',
-    login: '/auth',
-    postLogoutRedirect: '/login',
-    logout: '/logout',
-};
-
-const logoutParams = {
-    end_session_endpoint: '/end-session/',
-};
-
-const authConfig = {
-    authRequired: true,
-    auth0Logout: false,
-    baseURL: process.env.BASE_URL,
-    clientID: process.env.CLIENT_ID,
-    issuerBaseURL: process.env.ISSUER_BASE_URL,
-    secret: process.env.SECRET,
-    // scope: 'code',
-    routes: authRoutes,
-    idpLogout: true,
-    logoutParams: logoutParams,
-};
-
 // view engine setup
 app.set('views', path.join(__dirname, 'views'));
 app.set('view engine', 'ejs');
@@ -74,7 +50,7 @@ app.use(`/robots.txt`, express.static(path.join(__dirname, 'public/robots.txt'))
 app.use(sessionParser);
 app.use(favicon(`${__dirname}/../images/app-icons/win/icon.ico`));
 
-if (openID.checkOpenIDRequirements()) app.use(oidc.auth(authConfig));
+if (openID.checkOpenIDRequirements()) app.use(oidc.auth(openID.generateOAuthConfig()));
 
 require('./routes/assets').register(app);
 require('./routes/routes').register(app);
diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 5861f38cf0..f38f773468 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -1,7 +1,6 @@
 /** @format */
 
 import server from '../../../services/server.js';
-import protectedSessionHolder from '../../../services/protected_session_holder.js';
 import toastService from '../../../services/toast.js';
 import OptionsWidget from './options_widget.js';
 
@@ -9,12 +8,18 @@ const TPL = `
 <div class="options-section">
     <h2 class=""><b>What is Multi-Factor Authentication?</b></h2>
     <div class="">
-        <i>MFA description</i>
+        <i>
+            Multi-Factor Authentication (MFA) adds an extra layer of security to your account. Instead
+             of just entering a password to log in, MFA requires you to provide one or more additional 
+             pieces of evidence to verify your identity. This way, even if someone gets hold of your 
+             password, they still can't access your account without the second piece of information. 
+             It's like adding an extra lock to your door, making it much harder for anyone else to 
+             break in.</i>
     </div>
     <br>
     <div>
-        <h3><b>OAuth</b></h3>
-        <span>This is what OAuth is</span>
+        <h3><b>OAuth/OpenID</b></h3>
+        <span><i>OpenID is a standardized way to let you log into websites using an account from another service, like Google, to verify your identity.</i></span>
         <div>
             <label>
             <b>Enable OAuth</b>
@@ -26,7 +31,7 @@ const TPL = `
         </div>
     </div>
     <br>
-    <h3><b>Time-based One-Time Password<b></h3>
+    <h3><b>Time-based One-Time Password</b></h3>
     <div>
         <label>
         <b>Enable TOTP</b>
@@ -34,7 +39,9 @@ const TPL = `
         <input type="checkbox" class="totp-enabled"  />
     </div>
     <div>
-        <span>This is what TOTP is</span>
+        <span><i>TOTP (Time-Based One-Time Password) is a security feature that generates a unique, temporary 
+        code which changes every 30 seconds. You use this code, along with your password to log into your 
+        account, making it much harder for anyone else to access it.</i></span>
     </div>
     <br>
     <h4> Generate TOTP Secret </h4>
@@ -46,7 +53,7 @@ const TPL = `
     <br>
     <h4> Single Sign-on Recovery Keys </h4>
     <div>
-        <span >Single sign-on recovery keys are used to login in the event you cannot access your Authenticator codes. Keep them somewhere safe and secure. </span>
+        <span ><i>Single sign-on recovery keys are used to login in the event you cannot access your Authenticator codes. Keep them somewhere safe and secure. </i></span>
         <br><br>
         <span class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">After a recovery key is used it cannot be used again.</span>
         <br><br>
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index 93ebe0a461..0a4610d81b 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -20,6 +20,7 @@ function checkOpenIDRequirements() {
     if (process.env.CLIENT_ID === undefined) throw new OpenIDError('CLIENT_ID is undefined in .env!');
     if (process.env.ISSUER_BASE_URL === undefined) throw new OpenIDError('ISSUER_BASE_URL is undefined in .env!');
     if (process.env.SECRET === undefined) throw new OpenIDError('SECRET is undefined in .env!');
+    if (process.env.AUTH_0_LOGOUT === undefined) throw new OpenIDError('AUTH_0_LOGOUT is undefined in .env!');
 
     return true;
 }
@@ -52,7 +53,41 @@ function authenticateUser(req: Request, res: Response, next: NextFunction) {
     return {success: true, message: 'User ' + req.oidc.user?.sub + ' saved!'};
 }
 
+function checkAuth0Logout() {
+    if (process.env.AUTH_0_LOGOUT === undefined) return false;
+    if (process.env.AUTH_0_LOGOUT.toLocaleLowerCase() === 'true') return true;
+    return false;
+}
+
+function generateOAuthConfig() {
+    const authRoutes = {
+        callback: '/callback',
+        login: '/auth',
+        postLogoutRedirect: '/login',
+        logout: '/logout',
+    };
+
+    const logoutParams = {
+        end_session_endpoint: '/end-session/',
+    };
+
+    const authConfig = {
+        authRequired: true,
+        auth0Logout: checkAuth0Logout(),
+        baseURL: process.env.BASE_URL,
+        clientID: process.env.CLIENT_ID,
+        issuerBaseURL: process.env.ISSUER_BASE_URL,
+        secret: process.env.SECRET,
+        // scope: 'code',
+        routes: authRoutes,
+        idpLogout: true,
+        logoutParams: logoutParams,
+    };
+    return authConfig;
+}
+
 export = {
+    generateOAuthConfig,
     getOAuthStatus,
     enableOAuth,
     disableOAuth,

From c76898aa19714692c00284f2dbde82a636fc5319 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Fri, 24 May 2024 07:27:06 -0700
Subject: [PATCH 40/63] Fixing OAuth

---
 .../options/multi_factor_authentication.js    |  4 +--
 src/routes/login.ts                           | 19 ++++++------
 src/services/auth.ts                          | 30 +++++++++++--------
 src/services/open_id.ts                       | 20 +++++++++++--
 src/services/totp.ts                          |  2 +-
 5 files changed, 46 insertions(+), 29 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index f38f773468..dde53c981a 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -22,12 +22,12 @@ const TPL = `
         <span><i>OpenID is a standardized way to let you log into websites using an account from another service, like Google, to verify your identity.</i></span>
         <div>
             <label>
-            <b>Enable OAuth</b>
+            <b>Enable OAuth/OpenID</b>
             </label>
             <input type="checkbox" class="oauth-enabled-checkbox" />
         </div>
         <div>
-            <button class="authenticate-user-button" > Login to conigured OAuth service </button>
+            <button class="authenticate-user-button" > Login to configured OAuth/OpenID service </button>
         </div>
     </div>
     <br>
diff --git a/src/routes/login.ts b/src/routes/login.ts
index 91ea6590d1..f6a8ea20ec 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -20,15 +20,14 @@ import openID = require('../services/encryption/open_id');
 const speakeasy = require('speakeasy');
 
 function loginPage(req: Request, res: Response) {
-    if (openIDService.isOpenIDEnabled() && req.app.locals.userSubjectIdentifierSaved) res.redirect('/auth');
-    else
-        res.render('login', {
-            failedAuth: false,
-            totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
-            openIDEnabled: openIDService.isOpenIDEnabled(),
-            assetPath: assetPath,
-            appPath: appPath,
-        });
+    // if (openIDService.isOpenIDEnabled() && req.app.locals.userSubjectIdentifierSaved) res.redirect('/auth');
+    // else
+    res.render('login', {
+        failedAuth: false,
+        totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
+        assetPath: assetPath,
+        appPath: appPath,
+    });
 }
 
 function setPasswordPage(req: Request, res: Response) {
@@ -78,7 +77,7 @@ function login(req: AppRequest, res: Response) {
         return;
     }
 
-    if (optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret())
+    if (optionService.getOptionBool('totpEnabled') && totp_secret.checkForTotSecret())
         if (!verifyTOTP(guessedTotp)) {
             sendLoginError(req, res);
             return;
diff --git a/src/services/auth.ts b/src/services/auth.ts
index d9a9e5cec6..fd6b63cd48 100644
--- a/src/services/auth.ts
+++ b/src/services/auth.ts
@@ -20,21 +20,25 @@ const noAuthentication = config.General && config.General.noAuthentication === t
 function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
     if (!sqlInit.isDbInitialized()) {
         res.redirect('setup');
-    } else if (
-        !req.session.loggedIn &&
-        openID.isOpenIDEnabled() &&
-        openIdService.isSubjectIdentifierSaved() &&
-        !noAuthentication
-    ) {
-        const result = req.oidc.fetchUserInfo().then((result) => {
-            if (openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)) {
-                req.session.loggedIn = true;
-                next();
+    } else if (openID.isOpenIDEnabled() && openID.getOAuthStatus().message) {
+        if (openIdService.isSubjectIdentifierSaved() && req.oidc !== undefined) {
+            const result = req.oidc.fetchUserInfo().then((result) => {
+                if (openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)) {
+                    req.session.loggedIn = true;
+                    next();
+                } else {
+                    req.session.loggedIn = false;
+                    res.oidc.logout({});
+                }
+            });
+        } else {
+            if (req.oidc === undefined) {
+                res.redirect('http:localhost:8080/auth');
             } else {
-                req.session.loggedIn = false;
-                res.oidc.logout({});
+                console.log("Refresh?? Make sure it's valid??");
+                next();
             }
-        });
+        }
     } else if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
         res.redirect('login');
     } else next();
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index 0a4610d81b..b1d0163e82 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -42,9 +42,19 @@ function getOAuthStatus() {
 }
 
 function authenticateUser(req: Request, res: Response, next: NextFunction) {
+    // TODO: Add validity
     if (openIDService.isSubjectIdentifierSaved()) return {success: false, message: 'User ID already saved!'};
-    if (!req.oidc.user) {
-        res.redirect('/auth');
+
+    if (req.oidc !== undefined) {
+        console.log('Access token valid!');
+        console.log(req.oidc.accessToken);
+    } else {
+        console.log('Access token Invalid!');
+        res.redirect('http://localhost:8080/auth');
+        // req.oidc.accessToken.refresh().then((result) => {
+        //     console.log('Refreshed');
+        //     console.log(result);
+        // });
     }
 
     req.oidc.fetchUserInfo().then((result) => {
@@ -78,7 +88,11 @@ function generateOAuthConfig() {
         clientID: process.env.CLIENT_ID,
         issuerBaseURL: process.env.ISSUER_BASE_URL,
         secret: process.env.SECRET,
-        // scope: 'code',
+        clientSecret: process.env.SECRET,
+        // authorizationParams: {
+        //     response_type: 'code',
+        //     scope: 'openid profile email read:reports',
+        // },
         routes: authRoutes,
         idpLogout: true,
         logoutParams: logoutParams,
diff --git a/src/services/totp.ts b/src/services/totp.ts
index 02ce490005..6a03b24258 100644
--- a/src/services/totp.ts
+++ b/src/services/totp.ts
@@ -7,7 +7,7 @@ function getTotpSecret() {
 }
 
 function checkForTotSecret() {
-    if (process.env.TOTP_SECRET) return true;
+    if (process.env.TOTP_SECRET !== undefined) return true;
     else return false;
 }
 

From e7825e51e81e501d2f11a69cc697a8f4df93f52b Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Mon, 27 May 2024 10:57:11 -0700
Subject: [PATCH 41/63] Fixed OAuth login and TOTP enabled by default

---
 .../options/multi_factor_authentication.js    | 36 +++++++++++++--
 src/routes/login.ts                           |  4 +-
 src/routes/routes.ts                          |  2 +
 src/services/auth.ts                          |  3 +-
 src/services/open_id.ts                       | 46 +++++++++++++------
 5 files changed, 68 insertions(+), 23 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index dde53c981a..e467646ecd 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -27,7 +27,10 @@ const TPL = `
             <input type="checkbox" class="oauth-enabled-checkbox" />
         </div>
         <div>
-            <button class="authenticate-user-button" > Login to configured OAuth/OpenID service </button>
+            <span> <b>Token status: </b></span><span class="token-status"> Needs login! </span><span><b>User status: </b></span><span class="user-status"> No user saved!</span>
+            <br>
+            <button class="oauth-login-button" onclick="location.href='/authenticate'" > Login to configured OAuth/OpenID service </button>
+            <button class="save-user-button" > Save User </button>
         </div>
     </div>
     <br>
@@ -99,7 +102,10 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
         this.$authenticatorCode = this.$widget.find('.authenticator-code');
         this.$generateRecoveryCodeButton = this.$widget.find('.generate-recovery-code');
         this.$oAuthEnabledCheckbox = this.$widget.find('.oauth-enabled-checkbox');
-        this.$authenticateuserButton = this.$widget.find('.authenticate-user-button');
+        this.$saveUserButton = this.$widget.find('.save-user-button');
+        this.$oauthLoginButton = this.$widget.find('.oauth-login-button');
+        this.$tokenStatus = this.$widget.find('.token-status');
+        this.$userStatus = this.$widget.find('.user-status');
         this.$recoveryKeys = [];
 
         for (let i = 0; i < 8; i++) this.$recoveryKeys.push(this.$widget.find('.key_' + i));
@@ -120,8 +126,17 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
             this.generateKey();
         });
 
-        this.$authenticateuserButton.on('click', (async) => {
-            server.get('oauth/authenticate');
+        this.$saveUserButton.on('click', (async) => {
+            server
+                .get('oauth/authenticate')
+                .then((result) => {
+                    console.log(result.message);
+                    toastService.showMessage(result.message);
+                })
+                .catch((result) => {
+                    console.error(result.message);
+                    toastService.showError(result.message);
+                });
         });
 
         this.$protectedSessionTimeout = this.$widget.find('.protected-session-timeout-in-seconds');
@@ -173,10 +188,21 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     }
 
     optionsLoaded(options) {
+        server.get('oauth/validate').then((result) => {
+            this.$saveUserButton.prop('disabled', !result.success);
+
+            if (result.success) this.$tokenStatus.text('Logged in!');
+            else this.$tokenStatus.text('Not logged in!');
+        });
+        server.get('oauth/user').then((result) => {
+            if (result.success) this.$userStatus.text('User saved!');
+            else this.$userStatus.text('User not saved');
+        });
         server.get('oauth/status').then((result) => {
             if (result.success) {
                 this.$oAuthEnabledCheckbox.prop('checked', result.message);
-                this.$authenticateuserButton.prop('disabled', !result.message);
+                this.$oauthLoginButton.prop('disabled', !result.message);
+                this.$saveUserButton.prop('disabled', !result.message);
             } else {
                 toastService.showError(result.message);
             }
diff --git a/src/routes/login.ts b/src/routes/login.ts
index f6a8ea20ec..4955341fdf 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -20,11 +20,9 @@ import openID = require('../services/encryption/open_id');
 const speakeasy = require('speakeasy');
 
 function loginPage(req: Request, res: Response) {
-    // if (openIDService.isOpenIDEnabled() && req.app.locals.userSubjectIdentifierSaved) res.redirect('/auth');
-    // else
     res.render('login', {
         failedAuth: false,
-        totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
+        totpEnabled: optionService.getOptionBool('totpEnabled') && totp_secret.checkForTotSecret(),
         assetPath: assetPath,
         appPath: appPath,
     });
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 109d1d87df..8c32690781 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -141,6 +141,8 @@ function register(app: express.Application) {
     apiRoute(PST, '/api/oauth/enable', openID.enableOAuth);
     apiRoute(PST, '/api/oauth/disable', openID.disableOAuth);
     apiRoute(GET, '/api/oauth/authenticate', openID.authenticateUser);
+    apiRoute(GET, '/api/oauth/validate', openID.isTokenValid);
+    apiRoute(GET, '/api/oauth/user', openID.isUserSaved);
 
     apiRoute(PST, '/api/totp_recovery/set', recoveryCodes.setRecoveryCodes);
     apiRoute(PST, '/api/totp_recovery/verify', recoveryCodes.veryifyRecoveryCode);
diff --git a/src/services/auth.ts b/src/services/auth.ts
index fd6b63cd48..dcd22e65a3 100644
--- a/src/services/auth.ts
+++ b/src/services/auth.ts
@@ -33,9 +33,8 @@ function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
             });
         } else {
             if (req.oidc === undefined) {
-                res.redirect('http:localhost:8080/auth');
+                res.redirect('/authenticate');
             } else {
-                console.log("Refresh?? Make sure it's valid??");
                 next();
             }
         }
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index b1d0163e82..de9a7ff2b5 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -3,7 +3,6 @@
 import OpenIDError = require('../errors/open_id_error');
 import {NextFunction, Request, Response} from 'express';
 import openIDService = require('./encryption/open_id');
-import openIDEncryptionService = require('./encryption/open_id_encryption');
 import options = require('./options');
 
 function isOpenIDEnabled() {
@@ -46,21 +45,40 @@ function authenticateUser(req: Request, res: Response, next: NextFunction) {
     if (openIDService.isSubjectIdentifierSaved()) return {success: false, message: 'User ID already saved!'};
 
     if (req.oidc !== undefined) {
-        console.log('Access token valid!');
-        console.log(req.oidc.accessToken);
+        const result = req.oidc
+            .fetchUserInfo()
+            .then((result) => {
+                openIDService.saveSubjectIdentifier(result.sub);
+                return {success: true, message: 'User ' + req.oidc.user?.name + ' saved!'};
+            })
+            .catch((result) => {
+                return {success: false, message: 'Need to login again!'};
+            });
+        return result;
     } else {
         console.log('Access token Invalid!');
-        res.redirect('http://localhost:8080/auth');
-        // req.oidc.accessToken.refresh().then((result) => {
-        //     console.log('Refreshed');
-        //     console.log(result);
-        // });
+        return {success: false, message: 'Access token Invalid!'};
     }
+}
+
+function isUserSaved(req: Request, res: Response, next: NextFunction) {
+    return {success: true, message: openIDService.isSubjectIdentifierSaved()};
+}
 
-    req.oidc.fetchUserInfo().then((result) => {
-        openIDService.saveSubjectIdentifier(result.sub);
-    });
-    return {success: true, message: 'User ' + req.oidc.user?.sub + ' saved!'};
+function isTokenValid(req: Request, res: Response, next: NextFunction) {
+    if (req.oidc !== undefined) {
+        const result = req.oidc
+            .fetchUserInfo()
+            .then((result) => {
+                return {success: true, message: 'Token is valid'};
+            })
+            .catch((result) => {
+                return {success: false, message: 'Token is not valid'};
+            });
+        return result;
+    } else {
+        return {success: false, message: 'Token not set up'};
+    }
 }
 
 function checkAuth0Logout() {
@@ -72,7 +90,7 @@ function checkAuth0Logout() {
 function generateOAuthConfig() {
     const authRoutes = {
         callback: '/callback',
-        login: '/auth',
+        login: '/authenticate',
         postLogoutRedirect: '/login',
         logout: '/logout',
     };
@@ -108,4 +126,6 @@ export = {
     isOpenIDEnabled,
     checkOpenIDRequirements,
     authenticateUser,
+    isTokenValid,
+    isUserSaved,
 };

From b0c04b8b87636ba3fb0d0b7e624b7d863b3a3ce3 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Mon, 27 May 2024 11:00:15 -0700
Subject: [PATCH 42/63] Fixed redirect error

---
 src/services/auth.ts | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/src/services/auth.ts b/src/services/auth.ts
index dcd22e65a3..8ef76826bb 100644
--- a/src/services/auth.ts
+++ b/src/services/auth.ts
@@ -32,11 +32,7 @@ function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
                 }
             });
         } else {
-            if (req.oidc === undefined) {
-                res.redirect('/authenticate');
-            } else {
-                next();
-            }
+            next();
         }
     } else if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
         res.redirect('login');

From 6f1856d086f06ab2f25087d0ba20fa122b7b94d6 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Mon, 27 May 2024 12:39:31 -0700
Subject: [PATCH 43/63] Minor Fixes

---
 .../options/multi_factor_authentication.js    | 41 +++++++++++--------
 src/routes/routes.ts                          |  1 -
 src/services/open_id.ts                       | 14 +++----
 3 files changed, 28 insertions(+), 28 deletions(-)

diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index e467646ecd..0f1e6bb309 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -27,7 +27,7 @@ const TPL = `
             <input type="checkbox" class="oauth-enabled-checkbox" />
         </div>
         <div>
-            <span> <b>Token status: </b></span><span class="token-status"> Needs login! </span><span><b>User status: </b></span><span class="user-status"> No user saved!</span>
+            <span> <b>Token status: </b></span><span class="token-status"> Needs login! </span><span><b> User status: </b></span><span class="user-status"> No user saved!</span>
             <br>
             <button class="oauth-login-button" onclick="location.href='/authenticate'" > Login to configured OAuth/OpenID service </button>
             <button class="save-user-button" > Save User </button>
@@ -40,6 +40,7 @@ const TPL = `
         <b>Enable TOTP</b>
         </label>
         <input type="checkbox" class="totp-enabled"  />
+        <span class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">REQUIRES RESTART IF SECRET IS NOT ALREADY IN .env</span>
     </div>
     <div>
         <span><i>TOTP (Time-Based One-Time Password) is a security feature that generates a unique, temporary 
@@ -188,25 +189,30 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
     }
 
     optionsLoaded(options) {
-        server.get('oauth/validate').then((result) => {
-            this.$saveUserButton.prop('disabled', !result.success);
-
-            if (result.success) this.$tokenStatus.text('Logged in!');
-            else this.$tokenStatus.text('Not logged in!');
-        });
-        server.get('oauth/user').then((result) => {
-            if (result.success) this.$userStatus.text('User saved!');
-            else this.$userStatus.text('User not saved');
-        });
         server.get('oauth/status').then((result) => {
-            if (result.success) {
-                this.$oAuthEnabledCheckbox.prop('checked', result.message);
-                this.$oauthLoginButton.prop('disabled', !result.message);
-                this.$saveUserButton.prop('disabled', !result.message);
-            } else {
-                toastService.showError(result.message);
+            if (result.success) this.$oAuthEnabledCheckbox.prop('checked', result.message);
+
+            this.$oauthLoginButton.prop('disabled', !result.message);
+            this.$saveUserButton.prop('disabled', !result.message);
+
+            if (result.message) {
+                this.$oauthLoginButton.prop('disabled', false);
+                this.$saveUserButton.prop('disabled', false);
+                server.get('oauth/validate').then((result) => {
+                    if (result.success) {
+                        this.$tokenStatus.text('Logged in!');
+
+                        if (result.user) {
+                            this.$userStatus.text('User saved!');
+                        } else {
+                            this.$saveUserButton.prop('disabled', false);
+                            this.$userStatus.text('User not saved');
+                        }
+                    } else this.$tokenStatus.text('Not logged in!');
+                });
             }
         });
+
         server.get('totp/status').then((result) => {
             if (result.success) {
                 this.$totpEnabled.prop('checked', result.message);
@@ -219,7 +225,6 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
                 toastService.showError(result.message);
             }
         });
-
         this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
     }
 
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 8c32690781..44017ba291 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -142,7 +142,6 @@ function register(app: express.Application) {
     apiRoute(PST, '/api/oauth/disable', openID.disableOAuth);
     apiRoute(GET, '/api/oauth/authenticate', openID.authenticateUser);
     apiRoute(GET, '/api/oauth/validate', openID.isTokenValid);
-    apiRoute(GET, '/api/oauth/user', openID.isUserSaved);
 
     apiRoute(PST, '/api/totp_recovery/set', recoveryCodes.setRecoveryCodes);
     apiRoute(PST, '/api/totp_recovery/verify', recoveryCodes.veryifyRecoveryCode);
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index de9a7ff2b5..6d2c6d428f 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -14,7 +14,6 @@ function isOpenIDEnabled() {
 }
 
 function checkOpenIDRequirements() {
-    if (!isOpenIDEnabled()) return false;
     if (process.env.BASE_URL === undefined) throw new OpenIDError('BASE_URL is undefined in .env!');
     if (process.env.CLIENT_ID === undefined) throw new OpenIDError('CLIENT_ID is undefined in .env!');
     if (process.env.ISSUER_BASE_URL === undefined) throw new OpenIDError('ISSUER_BASE_URL is undefined in .env!');
@@ -61,23 +60,21 @@ function authenticateUser(req: Request, res: Response, next: NextFunction) {
     }
 }
 
-function isUserSaved(req: Request, res: Response, next: NextFunction) {
-    return {success: true, message: openIDService.isSubjectIdentifierSaved()};
-}
-
 function isTokenValid(req: Request, res: Response, next: NextFunction) {
+    const userStatus = openIDService.isSubjectIdentifierSaved();
+
     if (req.oidc !== undefined) {
         const result = req.oidc
             .fetchUserInfo()
             .then((result) => {
-                return {success: true, message: 'Token is valid'};
+                return {success: true, message: 'Token is valid', user: userStatus};
             })
             .catch((result) => {
-                return {success: false, message: 'Token is not valid'};
+                return {success: false, message: 'Token is not valid', user: userStatus};
             });
         return result;
     } else {
-        return {success: false, message: 'Token not set up'};
+        return {success: false, message: 'Token not set up', user: userStatus};
     }
 }
 
@@ -127,5 +124,4 @@ export = {
     checkOpenIDRequirements,
     authenticateUser,
     isTokenValid,
-    isUserSaved,
 };

From a582a2ca397c4068017f6635527eee2d0ac9f369 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Mon, 27 May 2024 12:50:34 -0700
Subject: [PATCH 44/63] Fixed initial OAuth crash

---
 src/services/open_id.ts | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index 6d2c6d428f..cd6933e796 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -14,6 +14,9 @@ function isOpenIDEnabled() {
 }
 
 function checkOpenIDRequirements() {
+    if (process.env.OAUTH_ENABLED === undefined) return false;
+    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== 'true') return false;
+
     if (process.env.BASE_URL === undefined) throw new OpenIDError('BASE_URL is undefined in .env!');
     if (process.env.CLIENT_ID === undefined) throw new OpenIDError('CLIENT_ID is undefined in .env!');
     if (process.env.ISSUER_BASE_URL === undefined) throw new OpenIDError('ISSUER_BASE_URL is undefined in .env!');

From e5763e02650c09d95f7fbc899ac7a555b4545559 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Mon, 27 May 2024 13:19:34 -0700
Subject: [PATCH 45/63] Force user to have env variables set to use OAuth and
 TOTP.

---
 .env.example                                  |  6 +-
 .../options/multi_factor_authentication.js    | 87 ++++++++++++-------
 src/routes/api/totp.ts                        |  9 +-
 src/services/open_id.ts                       |  9 +-
 4 files changed, 76 insertions(+), 35 deletions(-)

diff --git a/.env.example b/.env.example
index 3a4757c256..cb0daaf436 100644
--- a/.env.example
+++ b/.env.example
@@ -1,7 +1,9 @@
+OAUTH_ENABLED="false"
 BASE_URL="http://localhost:8080"
 CLIENT_ID="1234"
 ISSUER_BASE_URL="https://example.com/xyz.well-known/openid-configuration"
-SECRET="I-Like-Trilium"
+SECRET="I-Like-Trilium-Notes"
 AUTH_0_LOGOUT="false"
 
-TOTP_SECRET="Trilium-is-the-best"
\ No newline at end of file
+TOTP_ENABLED="false"
+TOTP_SECRET="Trilium-Notes-is-the-best"
\ No newline at end of file
diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 0f1e6bb309..5d6078c3ed 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -25,6 +25,7 @@ const TPL = `
             <b>Enable OAuth/OpenID</b>
             </label>
             <input type="checkbox" class="oauth-enabled-checkbox" />
+            <span class="env-oauth-enabled" "alert alert-warning" role="alert" style="font-weight: bold; color: red !important;" > </span>
         </div>
         <div>
             <span> <b>Token status: </b></span><span class="token-status"> Needs login! </span><span><b> User status: </b></span><span class="user-status"> No user saved!</span>
@@ -39,8 +40,8 @@ const TPL = `
         <label>
         <b>Enable TOTP</b>
         </label>
-        <input type="checkbox" class="totp-enabled"  />
-        <span class="alert alert-warning" role="alert" style="font-weight: bold; color: red !important;">REQUIRES RESTART IF SECRET IS NOT ALREADY IN .env</span>
+        <input type="checkbox" class="totp-enabled" /> 
+        <span class="env-totp-enabled" "alert alert-warning" role="alert" style="font-weight: bold; color: red !important;" > </span>
     </div>
     <div>
         <span><i>TOTP (Time-Based One-Time Password) is a security feature that generates a unique, temporary 
@@ -107,6 +108,9 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
         this.$oauthLoginButton = this.$widget.find('.oauth-login-button');
         this.$tokenStatus = this.$widget.find('.token-status');
         this.$userStatus = this.$widget.find('.user-status');
+        this.$envEnabledTOTP = this.$widget.find('.env-totp-enabled');
+        this.$envEnabledOAuth = this.$widget.find('.env-oauth-enabled');
+
         this.$recoveryKeys = [];
 
         for (let i = 0; i < 8; i++) this.$recoveryKeys.push(this.$widget.find('.key_' + i));
@@ -190,39 +194,60 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
 
     optionsLoaded(options) {
         server.get('oauth/status').then((result) => {
-            if (result.success) this.$oAuthEnabledCheckbox.prop('checked', result.message);
-
-            this.$oauthLoginButton.prop('disabled', !result.message);
-            this.$saveUserButton.prop('disabled', !result.message);
-
-            if (result.message) {
-                this.$oauthLoginButton.prop('disabled', false);
-                this.$saveUserButton.prop('disabled', false);
-                server.get('oauth/validate').then((result) => {
-                    if (result.success) {
-                        this.$tokenStatus.text('Logged in!');
-
-                        if (result.user) {
-                            this.$userStatus.text('User saved!');
-                        } else {
-                            this.$saveUserButton.prop('disabled', false);
-                            this.$userStatus.text('User not saved');
-                        }
-                    } else this.$tokenStatus.text('Not logged in!');
-                });
+            if (result.enabled) {
+                if (result.success) this.$oAuthEnabledCheckbox.prop('checked', result.message);
+
+                this.$oauthLoginButton.prop('disabled', !result.message);
+                this.$saveUserButton.prop('disabled', !result.message);
+
+                if (result.message) {
+                    this.$oauthLoginButton.prop('disabled', false);
+                    this.$saveUserButton.prop('disabled', false);
+                    server.get('oauth/validate').then((result) => {
+                        if (result.success) {
+                            this.$tokenStatus.text('Logged in!');
+
+                            if (result.user) {
+                                this.$userStatus.text('User saved!');
+                            } else {
+                                this.$saveUserButton.prop('disabled', false);
+                                this.$userStatus.text('User not saved');
+                            }
+                        } else this.$tokenStatus.text('Not logged in!');
+                    });
+                }
+            } else {
+                this.$oAuthEnabledCheckbox.prop('checked', false);
+                this.$oauthLoginButton.prop('disabled', true);
+                this.$saveUserButton.prop('disabled', true);
+                this.$oAuthEnabledCheckbox.prop('disabled', true);
+
+                this.$envEnabledOAuth.text('OAUTH_ENABLED is not set in environment variable. Requires restart.');
             }
         });
 
         server.get('totp/status').then((result) => {
-            if (result.success) {
-                this.$totpEnabled.prop('checked', result.message);
-                this.$totpSecretInput.prop('disabled', !result.message);
-                this.$totpSecret.prop('disapbled', !result.message);
-                this.$regenerateTotpButton.prop('disabled', !result.message);
-                this.$authenticatorCode.prop('disabled', !result.message);
-                this.$generateRecoveryCodeButton.prop('disabled', !result.message);
-            } else {
-                toastService.showError(result.message);
+            if (result.enabled)
+                if (result.success) {
+                    this.$totpEnabled.prop('checked', result.message);
+                    this.$totpSecretInput.prop('disabled', !result.message);
+                    this.$totpSecret.prop('disapbled', !result.message);
+                    this.$regenerateTotpButton.prop('disabled', !result.message);
+                    this.$authenticatorCode.prop('disabled', !result.message);
+                    this.$generateRecoveryCodeButton.prop('disabled', !result.message);
+                } else {
+                    toastService.showError(result.message);
+                }
+            else {
+                this.$totpEnabled.prop('checked', false);
+                this.$totpEnabled.prop('disabled', true);
+                this.$totpSecretInput.prop('disabled', true);
+                this.$totpSecret.prop('disapbled', true);
+                this.$regenerateTotpButton.prop('disabled', true);
+                this.$authenticatorCode.prop('disabled', true);
+                this.$generateRecoveryCodeButton.prop('disabled', true);
+
+                this.$envEnabledTOTP.text('TOTP_ENABLED is not set in environment variable. Requires restart.');
             }
         });
         this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index d1a82ad703..77cf577b2c 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -7,9 +7,16 @@ function generateSecret() {
     return {success: 'true', message: speakeasy.generateSecret().base32};
 }
 
+function getTotpEnabled() {
+    if (process.env.TOTP_ENABLED === undefined) return false;
+    if (process.env.TOTP_ENABLED.toLocaleLowerCase() !== 'true') return false;
+
+    return true;
+}
+
 function getTOTPStatus() {
     const totpEnabled = options.getOptionBool('totpEnabled');
-    return {success: 'true', message: totpEnabled};
+    return {success: 'true', message: totpEnabled, enabled: getTotpEnabled()};
 }
 
 function enableTOTP() {
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index cd6933e796..1c83dcd9e9 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -38,8 +38,15 @@ function disableOAuth() {
     return {success: true, message: 'OAuth Disabled'};
 }
 
+function getOauthEnv() {
+    if (process.env.OAUTH_ENABLED === undefined) return false;
+    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== 'true') return false;
+
+    return true;
+}
+
 function getOAuthStatus() {
-    return {success: true, message: options.getOptionBool('oAuthEnabled')};
+    return {success: true, message: options.getOptionBool('oAuthEnabled'), enabled: getOauthEnv()};
 }
 
 function authenticateUser(req: Request, res: Response, next: NextFunction) {

From ac90e1c493489061e40d03bd98a59c0795ed4038 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Mon, 27 May 2024 13:28:16 -0700
Subject: [PATCH 46/63] Force user to have env variables set to use OAuth and
 TOTP server side

---
 src/routes/api/totp.ts  | 2 ++
 src/services/open_id.ts | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index 77cf577b2c..fdd74b9b61 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -20,6 +20,8 @@ function getTOTPStatus() {
 }
 
 function enableTOTP() {
+    if (!getTotpEnabled()) return {success: 'false'};
+
     options.setOption('totpEnabled', true);
     options.setOption('oAuthEnabled', false);
     return {success: 'true'};
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index 1c83dcd9e9..40b1d44c4b 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -27,6 +27,8 @@ function checkOpenIDRequirements() {
 }
 
 function enableOAuth() {
+    if (!getOauthEnv()) return {success: false, message: 'OAuth Not Enabled'};
+
     options.setOption('oAuthEnabled', true);
     options.setOption('totpEnabled', false);
 

From 6e9deed7dbbd2c4687153e2c6daa0a9ea6f9da81 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Wed, 29 May 2024 16:27:27 -0700
Subject: [PATCH 47/63] Update settings.json

---
 .vscode/settings.json | 10 +---------
 1 file changed, 1 insertion(+), 9 deletions(-)

diff --git a/.vscode/settings.json b/.vscode/settings.json
index 83c34b4694..98337b9030 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,14 +1,6 @@
 {
     "editor.formatOnSave": true,
-    "editor.defaultFormatter": "esbenp.prettier-vscode",
-    "prettier.tabWidth": 4,
-    "prettier.bracketSpacing": false,
-    "prettier.printWidth": 120,
-    "prettier.singleQuote": true,
-    "prettier.trailingComma": "es5",
-    "prettier.semi": true,
-    "prettier.singleAttributePerLine": false,
-    "prettier.insertPragma": true,
+    
     "files.eol": "\n",
     "typescript.tsdk": "node_modules/typescript/lib"
 }

From 0818eb450d4321a839383718bcd7488f097abbfe Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Wed, 29 May 2024 17:42:09 -0700
Subject: [PATCH 48/63] Formatting

---
 .env.example                                  |   2 +-
 package.json                                  |   2 -
 src/app.ts                                    |  31 +-
 src/errors/open_id_error.ts                   |   2 -
 .../widgets/type_widgets/content_widget.js    | 110 ++---
 .../options/multi_factor_authentication.js    |   2 -
 src/routes/api/totp.ts                        |   2 -
 src/routes/index.ts                           |  21 +-
 src/routes/login.ts                           |  87 ++--
 src/routes/routes.ts                          | 387 ++++++------------
 src/services/auth.ts                          |  71 ++--
 src/services/encryption/my_scrypt.ts          |  11 +-
 src/services/encryption/open_id.ts            |   2 -
 src/services/encryption/open_id_encryption.ts |   2 -
 .../encryption/password_encryption.ts         |  14 +-
 .../encryption/totp_secret_encryption.ts      |   1 -
 src/services/hidden_subtree.ts                | 341 ++++++---------
 src/services/open_id.ts                       |   2 -
 src/services/options.ts                       |   1 +
 src/services/options_init.ts                  | 159 ++++---
 src/services/totp.ts                          |   2 -
 src/views/auth-failed.ejs                     |  73 ----
 src/views/login.ejs                           | 151 ++++---
 23 files changed, 564 insertions(+), 912 deletions(-)
 delete mode 100644 src/views/auth-failed.ejs

diff --git a/.env.example b/.env.example
index cb0daaf436..cec43d3b49 100644
--- a/.env.example
+++ b/.env.example
@@ -1,7 +1,7 @@
 OAUTH_ENABLED="false"
 BASE_URL="http://localhost:8080"
 CLIENT_ID="1234"
-ISSUER_BASE_URL="https://example.com/xyz.well-known/openid-configuration"
+ISSUER_BASE_URL="https://example.com/xyz/.well-known/openid-configuration"
 SECRET="I-Like-Trilium-Notes"
 AUTH_0_LOGOUT="false"
 
diff --git a/package.json b/package.json
index adf1e84169..8990013e29 100644
--- a/package.json
+++ b/package.json
@@ -86,9 +86,7 @@
     "node-abi": "3.56.0",
     "normalize-strings": "1.1.1",
     "open": "8.4.1",
-    "openid-client": "^5.6.5",
     "panzoom": "9.4.3",
-    "passport": "^0.7.0",
     "print-this": "2.0.0",
     "rand-token": "1.0.1",
     "react": "18.2.0",
diff --git a/src/app.ts b/src/app.ts
index 5a88e05d1d..7479795478 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -1,5 +1,3 @@
-/** @format */
-
 import express = require('express');
 import path = require('path');
 import favicon = require('serve-favicon');
@@ -8,14 +6,8 @@ import helmet = require('helmet');
 import compression = require('compression');
 import sessionParser = require('./routes/session_parser');
 import utils = require('./services/utils');
-import process = require('process');
 import oidc = require('express-openid-connect');
 import openID = require('./services/open_id');
-import {Request, Response, NextFunction} from 'express';
-import {userInfo} from 'os';
-import {request} from 'http';
-import a = require('./services/open_id');
-import oidc_testing = require('./services/open_id');
 
 require('./services/handlers');
 require('./becca/becca_loader');
@@ -31,18 +23,16 @@ if (!utils.isElectron()) {
     app.use(compression()); // HTTP compression
 }
 
-app.use(
-    helmet.default({
-        hidePoweredBy: false, // errors out in electron
-        contentSecurityPolicy: false,
-        crossOriginEmbedderPolicy: false,
-    })
-);
+app.use(helmet.default({
+    hidePoweredBy: false, // errors out in electron
+    contentSecurityPolicy: false,
+    crossOriginEmbedderPolicy: false
+}));
 
-app.use(express.text({limit: '500mb'}));
-app.use(express.json({limit: '500mb'}));
-app.use(express.raw({limit: '500mb'}));
-app.use(express.urlencoded({extended: false}));
+app.use(express.text({ limit: '500mb' }));
+app.use(express.json({ limit: '500mb' }));
+app.use(express.raw({ limit: '500mb' }));
+app.use(express.urlencoded({ extended: false }));
 app.use(cookieParser());
 app.use(express.static(path.join(__dirname, 'public/root')));
 app.use(`/manifest.webmanifest`, express.static(path.join(__dirname, 'public/manifest.webmanifest')));
@@ -50,7 +40,8 @@ app.use(`/robots.txt`, express.static(path.join(__dirname, 'public/robots.txt'))
 app.use(sessionParser);
 app.use(favicon(`${__dirname}/../images/app-icons/win/icon.ico`));
 
-if (openID.checkOpenIDRequirements()) app.use(oidc.auth(openID.generateOAuthConfig()));
+if (openID.checkOpenIDRequirements()) 
+    app.use(oidc.auth(openID.generateOAuthConfig()));
 
 require('./routes/assets').register(app);
 require('./routes/routes').register(app);
diff --git a/src/errors/open_id_error.ts b/src/errors/open_id_error.ts
index 8395c79716..115ad62257 100644
--- a/src/errors/open_id_error.ts
+++ b/src/errors/open_id_error.ts
@@ -1,5 +1,3 @@
-/** @format */
-
 class OpenIDError {
     message: string;
 
diff --git a/src/public/app/widgets/type_widgets/content_widget.js b/src/public/app/widgets/type_widgets/content_widget.js
index 8ea179aee1..d21fe91973 100644
--- a/src/public/app/widgets/type_widgets/content_widget.js
+++ b/src/public/app/widgets/type_widgets/content_widget.js
@@ -1,39 +1,37 @@
-/** @format */
-
-import TypeWidget from './type_widget.js';
-import ZoomFactorOptions from './options/appearance/zoom_factor.js';
-import NativeTitleBarOptions from './options/appearance/native_title_bar.js';
-import ThemeOptions from './options/appearance/theme.js';
-import FontsOptions from './options/appearance/fonts.js';
-import MaxContentWidthOptions from './options/appearance/max_content_width.js';
-import KeyboardShortcutsOptions from './options/shortcuts.js';
-import HeadingStyleOptions from './options/text_notes/heading_style.js';
-import TableOfContentsOptions from './options/text_notes/table_of_contents.js';
-import HighlightsListOptions from './options/text_notes/highlights_list.js';
-import TextAutoReadOnlySizeOptions from './options/text_notes/text_auto_read_only_size.js';
-import VimKeyBindingsOptions from './options/code_notes/vim_key_bindings.js';
-import WrapLinesOptions from './options/code_notes/wrap_lines.js';
-import CodeAutoReadOnlySizeOptions from './options/code_notes/code_auto_read_only_size.js';
-import CodeMimeTypesOptions from './options/code_notes/code_mime_types.js';
-import ImageOptions from './options/images/images.js';
-import SpellcheckOptions from './options/spellcheck.js';
-import PasswordOptions from './options/password.js';
-import EtapiOptions from './options/etapi.js';
-import BackupOptions from './options/backup.js';
-import SyncOptions from './options/sync.js';
-import SearchEngineOptions from './options/other/search_engine.js';
-import TrayOptions from './options/other/tray.js';
-import NoteErasureTimeoutOptions from './options/other/note_erasure_timeout.js';
-import RevisionsSnapshotIntervalOptions from './options/other/revisions_snapshot_interval.js';
-import NetworkConnectionsOptions from './options/other/network_connections.js';
-import AdvancedSyncOptions from './options/advanced/sync.js';
-import DatabaseIntegrityCheckOptions from './options/advanced/database_integrity_check.js';
-import ConsistencyChecksOptions from './options/advanced/consistency_checks.js';
-import VacuumDatabaseOptions from './options/advanced/vacuum_database.js';
-import DatabaseAnonymizationOptions from './options/advanced/database_anonymization.js';
-import BackendLogWidget from './content/backend_log.js';
-import AttachmentErasureTimeoutOptions from './options/other/attachment_erasure_timeout.js';
-import RibbonOptions from './options/appearance/ribbon.js';
+import TypeWidget from "./type_widget.js";
+import ZoomFactorOptions from "./options/appearance/zoom_factor.js";
+import NativeTitleBarOptions from "./options/appearance/native_title_bar.js";
+import ThemeOptions from "./options/appearance/theme.js";
+import FontsOptions from "./options/appearance/fonts.js";
+import MaxContentWidthOptions from "./options/appearance/max_content_width.js";
+import KeyboardShortcutsOptions from "./options/shortcuts.js";
+import HeadingStyleOptions from "./options/text_notes/heading_style.js";
+import TableOfContentsOptions from "./options/text_notes/table_of_contents.js";
+import HighlightsListOptions from "./options/text_notes/highlights_list.js";
+import TextAutoReadOnlySizeOptions from "./options/text_notes/text_auto_read_only_size.js";
+import VimKeyBindingsOptions from "./options/code_notes/vim_key_bindings.js";
+import WrapLinesOptions from "./options/code_notes/wrap_lines.js";
+import CodeAutoReadOnlySizeOptions from "./options/code_notes/code_auto_read_only_size.js";
+import CodeMimeTypesOptions from "./options/code_notes/code_mime_types.js";
+import ImageOptions from "./options/images/images.js";
+import SpellcheckOptions from "./options/spellcheck.js";
+import PasswordOptions from "./options/password.js";
+import EtapiOptions from "./options/etapi.js";
+import BackupOptions from "./options/backup.js";
+import SyncOptions from "./options/sync.js";
+import SearchEngineOptions from "./options/other/search_engine.js";
+import TrayOptions from "./options/other/tray.js";
+import NoteErasureTimeoutOptions from "./options/other/note_erasure_timeout.js";
+import RevisionsSnapshotIntervalOptions from "./options/other/revisions_snapshot_interval.js";
+import NetworkConnectionsOptions from "./options/other/network_connections.js";
+import AdvancedSyncOptions from "./options/advanced/sync.js";
+import DatabaseIntegrityCheckOptions from "./options/advanced/database_integrity_check.js";
+import ConsistencyChecksOptions from "./options/advanced/consistency_checks.js";
+import VacuumDatabaseOptions from "./options/advanced/vacuum_database.js";
+import DatabaseAnonymizationOptions from "./options/advanced/database_anonymization.js";
+import BackendLogWidget from "./content/backend_log.js";
+import AttachmentErasureTimeoutOptions from "./options/other/attachment_erasure_timeout.js";
+import RibbonOptions from "./options/appearance/ribbon.js";
 import MultiFactorAuthenticationOptions from './options/multi_factor_authentication.js';
 
 const TPL = `<div class="note-detail-content-widget note-detail-printable">
@@ -62,50 +60,52 @@ const CONTENT_WIDGETS = {
         ZoomFactorOptions,
         NativeTitleBarOptions,
         MaxContentWidthOptions,
-        RibbonOptions,
+        RibbonOptions
     ],
-    _optionsShortcuts: [KeyboardShortcutsOptions],
+    _optionsShortcuts: [ KeyboardShortcutsOptions ],
     _optionsTextNotes: [
         HeadingStyleOptions,
         TableOfContentsOptions,
         HighlightsListOptions,
-        TextAutoReadOnlySizeOptions,
+        TextAutoReadOnlySizeOptions
+    ],
+    _optionsCodeNotes: [
+        VimKeyBindingsOptions,
+        WrapLinesOptions,
+        CodeAutoReadOnlySizeOptions,
+        CodeMimeTypesOptions
     ],
-    _optionsCodeNotes: [VimKeyBindingsOptions, WrapLinesOptions, CodeAutoReadOnlySizeOptions, CodeMimeTypesOptions],
-    _optionsImages: [ImageOptions],
+    _optionsImages: [ ImageOptions ],
+    _optionsSpellcheck: [ SpellcheckOptions ],
+    _optionsPassword: [ PasswordOptions ],
     _optionsMFA: [MultiFactorAuthenticationOptions],
-    _optionsImages: [ImageOptions],
-    _optionsSpellcheck: [SpellcheckOptions],
-    _optionsPassword: [PasswordOptions],
-    _optionsEtapi: [EtapiOptions],
-    _optionsBackup: [BackupOptions],
-    _optionsSync: [SyncOptions],
+    _optionsEtapi: [ EtapiOptions ],
+    _optionsBackup: [ BackupOptions ],
+    _optionsSync: [ SyncOptions ],
     _optionsOther: [
         SearchEngineOptions,
         TrayOptions,
         NoteErasureTimeoutOptions,
         AttachmentErasureTimeoutOptions,
         RevisionsSnapshotIntervalOptions,
-        NetworkConnectionsOptions,
+        NetworkConnectionsOptions
     ],
     _optionsAdvanced: [
         DatabaseIntegrityCheckOptions,
         ConsistencyChecksOptions,
         DatabaseAnonymizationOptions,
         AdvancedSyncOptions,
-        VacuumDatabaseOptions,
+        VacuumDatabaseOptions
     ],
-    _backendLog: [BackendLogWidget],
+    _backendLog: [ BackendLogWidget ]
 };
 
 export default class ContentWidgetTypeWidget extends TypeWidget {
-    static getType() {
-        return 'contentWidget';
-    }
+    static getType() { return "contentWidget"; }
 
     doRender() {
         this.$widget = $(TPL);
-        this.$content = this.$widget.find('.note-detail-content-widget-content');
+        this.$content = this.$widget.find(".note-detail-content-widget-content");
 
         super.doRender();
     }
@@ -120,7 +120,7 @@ export default class ContentWidgetTypeWidget extends TypeWidget {
             for (const clazz of contentWidgets) {
                 const widget = new clazz();
 
-                await widget.handleEvent('setNoteContext', {noteContext: this.noteContext});
+                await widget.handleEvent('setNoteContext', { noteContext: this.noteContext });
                 this.child(widget);
 
                 this.$content.append(widget.render());
diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 5d6078c3ed..7615218981 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -1,5 +1,3 @@
-/** @format */
-
 import server from '../../../services/server.js';
 import toastService from '../../../services/toast.js';
 import OptionsWidget from './options_widget.js';
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index fdd74b9b61..3ce23fc5b9 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -1,5 +1,3 @@
-/** @format */
-
 import options = require('../../services/options');
 const speakeasy = require('speakeasy');
 
diff --git a/src/routes/index.ts b/src/routes/index.ts
index 14839db54b..2ede70f424 100644
--- a/src/routes/index.ts
+++ b/src/routes/index.ts
@@ -1,6 +1,4 @@
-/** @format */
-
-'use strict';
+"use strict";
 
 import sql = require('../services/sql');
 import attributeService = require('../services/attributes');
@@ -13,13 +11,14 @@ import protectedSessionService = require('../services/protected_session');
 import packageJson = require('../../package.json');
 import assetPath = require('../services/asset_path');
 import appPath = require('../services/app_path');
-import {Request, Response} from 'express';
-import openIDService = require('../services/encryption/open_id');
+import { Request, Response } from 'express';
 
 function index(req: Request, res: Response) {
     const options = optionService.getOptionMap();
 
-    const view = !utils.isElectron() && req.cookies['trilium-device'] === 'mobile' ? 'mobile' : 'desktop';
+    const view = (!utils.isElectron() && req.cookies['trilium-device'] === 'mobile')
+        ? 'mobile'
+        : 'desktop';
 
     const csrfToken = req.csrfToken();
     log.info(`Generated CSRF token ${csrfToken} with secret ${res.getHeader('set-cookie')}`);
@@ -31,8 +30,8 @@ function index(req: Request, res: Response) {
         mainFontSize: parseInt(options.mainFontSize),
         treeFontSize: parseInt(options.treeFontSize),
         detailFontSize: parseInt(options.detailFontSize),
-        maxEntityChangeIdAtLoad: sql.getValue('SELECT COALESCE(MAX(id), 0) FROM entity_changes'),
-        maxEntityChangeSyncIdAtLoad: sql.getValue('SELECT COALESCE(MAX(id), 0) FROM entity_changes WHERE isSynced = 1'),
+        maxEntityChangeIdAtLoad: sql.getValue("SELECT COALESCE(MAX(id), 0) FROM entity_changes"),
+        maxEntityChangeSyncIdAtLoad: sql.getValue("SELECT COALESCE(MAX(id), 0) FROM entity_changes WHERE isSynced = 1"),
         instanceName: config.General ? config.General.instanceName : null,
         appCssNoteIds: getAppCssNoteIds(),
         isDev: env.isDev(),
@@ -41,7 +40,7 @@ function index(req: Request, res: Response) {
         maxContentWidth: parseInt(options.maxContentWidth),
         triliumVersion: packageJson.version,
         assetPath: assetPath,
-        appPath: appPath,
+        appPath: appPath
     });
 }
 
@@ -62,9 +61,9 @@ function getThemeCssUrl(theme: string) {
 }
 
 function getAppCssNoteIds() {
-    return attributeService.getNotesWithLabel('appCss').map((note) => note.noteId);
+    return attributeService.getNotesWithLabel('appCss').map(note => note.noteId);
 }
 
 export = {
-    index,
+    index
 };
diff --git a/src/routes/login.ts b/src/routes/login.ts
index 4955341fdf..d6b1d5142f 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -1,30 +1,28 @@
-/** @format */
-
-'use strict';
+"use strict";
 
 import utils = require('../services/utils');
 import optionService = require('../services/options');
 import myScryptService = require('../services/encryption/my_scrypt');
 import log = require('../services/log');
 import passwordService = require('../services/encryption/password');
-import assetPath = require('../services/asset_path');
-import appPath = require('../services/app_path');
-import ValidationError = require('../errors/validation_error');
 import totp_secret = require('../services/totp');
-import {Request, Response} from 'express';
-import {AppRequest} from './route-interface';
 import recoveryCodeService = require('../services/encryption/recovery_codes');
 import openIDService = require('../services/open_id');
 import openID = require('../services/encryption/open_id');
-
+import assetPath = require('../services/asset_path');
+import appPath = require('../services/app_path');
+import ValidationError = require('../errors/validation_error');
+import { Request, Response } from 'express';
+import { AppRequest } from './route-interface';
 const speakeasy = require('speakeasy');
 
 function loginPage(req: Request, res: Response) {
     res.render('login', {
         failedAuth: false,
-        totpEnabled: optionService.getOptionBool('totpEnabled') && totp_secret.checkForTotSecret(),
+        totpEnabled: optionService.getOptionBool('totpEnabled')
+            && totp_secret.checkForTotSecret(),
         assetPath: assetPath,
-        appPath: appPath,
+        appPath: appPath
     });
 }
 
@@ -32,13 +30,13 @@ function setPasswordPage(req: Request, res: Response) {
     res.render('set_password', {
         error: false,
         assetPath: assetPath,
-        appPath: appPath,
+        appPath: appPath
     });
 }
 
 function setPassword(req: Request, res: Response) {
     if (passwordService.isPasswordSet()) {
-        throw new ValidationError('Password has been already set');
+        throw new ValidationError("Password has been already set");
     }
 
     let {password1, password2} = req.body;
@@ -50,13 +48,13 @@ function setPassword(req: Request, res: Response) {
     if (password1 !== password2) {
         error = "Entered passwords don't match.";
     } else if (password1.length < 4) {
-        error = 'Password must be at least 4 characters long.';
+        error = "Password must be at least 4 characters long.";
     }
 
     if (error) {
         res.render('set_password', {
             error,
-            assetPath: assetPath,
+            assetPath: assetPath
         });
         return;
     }
@@ -70,31 +68,46 @@ function login(req: AppRequest, res: Response) {
     const guessedPassword = req.body.password;
     const guessedTotp = req.body.token;
 
-    if (!verifyPassword(guessedPassword)) {
-        sendLoginError(req, res);
-        return;
-    }
+    if (verifyPassword(guessedPassword)) {
 
-    if (optionService.getOptionBool('totpEnabled') && totp_secret.checkForTotSecret())
-        if (!verifyTOTP(guessedTotp)) {
+        if (!verifyPassword(guessedPassword)) {
             sendLoginError(req, res);
             return;
         }
 
-    const rememberMe = req.body.rememberMe;
+        if (optionService.getOptionBool('totpEnabled') && totp_secret.checkForTotSecret())
+            if (!verifyTOTP(guessedTotp)) {
+                sendLoginError(req, res);
+                return;
+            }
 
-    req.session.regenerate(() => {
-        if (rememberMe) {
-            req.session.cookie.maxAge = 21 * 24 * 3600000; // 3 weeks
-        } else {
-            req.session.cookie.expires = null;
-        }
+        
+        const rememberMe = req.body.rememberMe;
 
-        req.session.loggedIn = true;
-        res.redirect('.');
-    });
+        req.session.regenerate(() => {
+            if (rememberMe) {
+                req.session.cookie.maxAge = 21 * 24 * 3600000;  // 3 weeks
+            } else {
+                req.session.cookie.expires = null;
+            }
+
+            req.session.loggedIn = true;
+            res.redirect('.');
+        });
+    }
+    else {
+        // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
+        log.info(`WARNING: Wrong password from ${req.ip}, rejecting.`);
+
+        res.status(401).render('login', {
+            failedAuth: true,
+            assetPath: assetPath
+        });
+    }
 }
 
+
+
 function sendLoginError(req: AppRequest, res: Response) {
     // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
     log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
@@ -114,7 +127,8 @@ function verifyTOTP(guessedToken: string) {
         window: 1,
     });
 
-    if (tokenValidates) return true;
+    if (tokenValidates) 
+        return true;
 
     const recoveryCodeValidates = recoveryCodeService.verifyRecoveryCode(guessedToken);
 
@@ -133,9 +147,12 @@ function logout(req: AppRequest, res: Response) {
     req.session.regenerate(() => {
         req.session.loggedIn = false;
 
-        if (openIDService.isOpenIDEnabled() && openID.isSubjectIdentifierSaved()) res.oidc.logout({});
-        else res.redirect('login');
+        if (openIDService.isOpenIDEnabled() && openID.isSubjectIdentifierSaved()) 
+            res.oidc.logout({});
+        else 
+            res.redirect('login');
     });
+
 }
 
 export = {
@@ -143,5 +160,5 @@ export = {
     setPasswordPage,
     setPassword,
     login,
-    logout,
+    logout
 };
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 44017ba291..3c37d4dc40 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -1,6 +1,4 @@
-/** @format */
-
-'use strict';
+"use strict";
 
 import utils = require('../services/utils');
 import multer = require('multer');
@@ -8,12 +6,15 @@ import log = require('../services/log');
 import express = require('express');
 const router = express.Router();
 import auth = require('../services/auth');
+import openID = require('../services/open_id');
+import totp = require('./api/totp');
+import recoveryCodes = require('./api/recovery_codes');
 import cls = require('../services/cls');
 import sql = require('../services/sql');
 import entityChangesService = require('../services/entity_changes');
 import csurf = require('csurf');
-import {createPartialContentHandler} from 'express-partial-content';
-import rateLimit = require('express-rate-limit');
+import { createPartialContentHandler } from "express-partial-content";
+import rateLimit = require("express-rate-limit");
 import AbstractBeccaEntity = require('../becca/entities/abstract_becca_entity');
 import NotFoundError = require('../errors/not_found_error');
 import ValidationError = require('../errors/validation_error');
@@ -22,7 +23,6 @@ import ValidationError = require('../errors/validation_error');
 import setupRoute = require('./setup');
 import loginRoute = require('./login');
 import indexRoute = require('./index');
-import openID = require('../services/open_id');
 
 // API routes
 import treeApiRoute = require('./api/tree');
@@ -63,8 +63,6 @@ import etapiTokensApiRoutes = require('./api/etapi_tokens');
 import relationMapApiRoute = require('./api/relation-map');
 import otherRoute = require('./api/other');
 import shareRoutes = require('../share/routes');
-import totp = require('./api/totp');
-import recoveryCodes = require('./api/recovery_codes');
 
 import etapiAuthRoutes = require('../etapi/auth');
 import etapiAppInfoRoutes = require('../etapi/app_info');
@@ -75,41 +73,32 @@ import etapiNoteRoutes = require('../etapi/notes');
 import etapiSpecialNoteRoutes = require('../etapi/special_notes');
 import etapiSpecRoute = require('../etapi/spec');
 import etapiBackupRoute = require('../etapi/backup');
-import {AppRequest, AppRequestHandler} from './route-interface';
+import { AppRequest, AppRequestHandler } from './route-interface';
 
 const csrfMiddleware = csurf({
     cookie: {
-        path: '', // empty, so cookie is valid only for the current path
-    },
+        path: ""       // empty, so cookie is valid only for the current path
+    }
 });
 
 const MAX_ALLOWED_FILE_SIZE_MB = 250;
-const GET = 'get',
-    PST = 'post',
-    PUT = 'put',
-    PATCH = 'patch',
-    DEL = 'delete';
+const GET = 'get', PST = 'post', PUT = 'put', PATCH = 'patch', DEL = 'delete';
 
 type ApiResultHandler = (req: express.Request, res: express.Response, result: unknown) => number;
 
 // TODO: Deduplicate with etapi_utils.ts afterwards.
-type HttpMethod = 'all' | 'get' | 'post' | 'put' | 'delete' | 'patch' | 'options' | 'head';
+type HttpMethod = "all" | "get" | "post" | "put" | "delete" | "patch" | "options" | "head";
 
 const uploadMiddleware = createUploadMiddleware();
 
-const uploadMiddlewareWithErrorHandling = function (
-    req: express.Request,
-    res: express.Response,
-    next: express.NextFunction
-) {
+const uploadMiddlewareWithErrorHandling = function (req: express.Request, res: express.Response, next: express.NextFunction) {
     uploadMiddleware(req, res, function (err) {
         if (err?.code === 'LIMIT_FILE_SIZE') {
-            res.setHeader('Content-Type', 'text/plain')
+            res.setHeader("Content-Type", "text/plain")
                 .status(400)
-                .send(
-                    `Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`
-                );
-        } else {
+                .send(`Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`);
+        }
+        else {
             next();
         }
     });
@@ -123,7 +112,7 @@ function register(app: express.Application) {
     const loginRateLimiter = rateLimit.rateLimit({
         windowMs: 15 * 60 * 1000, // 15 minutes
         max: 10, // limit each IP to 10 requests per windowMs
-        skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
+        skipSuccessfulRequests: true // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
     });
 
     route(PST, '/login', [loginRateLimiter], loginRoute.login);
@@ -169,24 +158,13 @@ function register(app: express.Application) {
     apiRoute(PUT, '/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present', cloningApiRoute.toggleNoteInParent);
     apiRoute(PUT, '/api/notes/:noteId/clone-to-note/:parentNoteId', cloningApiRoute.cloneNoteToParentNote);
     apiRoute(PUT, '/api/notes/:noteId/clone-after/:afterBranchId', cloningApiRoute.cloneNoteAfter);
-    route(
-        PUT,
-        '/api/notes/:noteId/file',
-        [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-        filesRoute.updateFile,
-        apiResultHandler
-    );
+    route(PUT, '/api/notes/:noteId/file', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+        filesRoute.updateFile, apiResultHandler);
     route(GET, '/api/notes/:noteId/open', [auth.checkApiAuthOrElectron], filesRoute.openFile);
-    route(
-        GET,
-        '/api/notes/:noteId/open-partial',
-        [auth.checkApiAuthOrElectron],
+    route(GET, '/api/notes/:noteId/open-partial', [auth.checkApiAuthOrElectron],
         createPartialContentHandler(filesRoute.fileContentProvider, {
-            debug: (string, extra) => {
-                console.log(string, extra);
-            },
-        })
-    );
+            debug: (string, extra) => { console.log(string, extra); }
+        }));
     route(GET, '/api/notes/:noteId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
     // this "hacky" path is used for easier referencing of CSS resources
     route(GET, '/api/notes/download/:noteId', [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
@@ -204,48 +182,26 @@ function register(app: express.Application) {
 
     apiRoute(GET, '/api/notes/:noteId/attachments', attachmentsApiRoute.getAttachments);
     apiRoute(PST, '/api/notes/:noteId/attachments', attachmentsApiRoute.saveAttachment);
-    route(
-        PST,
-        '/api/notes/:noteId/attachments/upload',
-        [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-        attachmentsApiRoute.uploadAttachment,
-        apiResultHandler
-    );
+    route(PST, '/api/notes/:noteId/attachments/upload', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], attachmentsApiRoute.uploadAttachment, apiResultHandler);
     apiRoute(GET, '/api/attachments/:attachmentId', attachmentsApiRoute.getAttachment);
     apiRoute(GET, '/api/attachments/:attachmentId/all', attachmentsApiRoute.getAllAttachments);
     apiRoute(PST, '/api/attachments/:attachmentId/convert-to-note', attachmentsApiRoute.convertAttachmentToNote);
     apiRoute(DEL, '/api/attachments/:attachmentId', attachmentsApiRoute.deleteAttachment);
     apiRoute(PUT, '/api/attachments/:attachmentId/rename', attachmentsApiRoute.renameAttachment);
     apiRoute(GET, '/api/attachments/:attachmentId/blob', attachmentsApiRoute.getAttachmentBlob);
-    route(
-        GET,
-        '/api/attachments/:attachmentId/image/:filename',
-        [auth.checkApiAuthOrElectron],
-        imageRoute.returnAttachedImage
-    );
+    route(GET, '/api/attachments/:attachmentId/image/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnAttachedImage);
     route(GET, '/api/attachments/:attachmentId/open', [auth.checkApiAuthOrElectron], filesRoute.openAttachment);
-    route(
-        GET,
-        '/api/attachments/:attachmentId/open-partial',
-        [auth.checkApiAuthOrElectron],
+    route(GET, '/api/attachments/:attachmentId/open-partial', [auth.checkApiAuthOrElectron],
         createPartialContentHandler(filesRoute.attachmentContentProvider, {
-            debug: (string, extra) => {
-                console.log(string, extra);
-            },
-        })
-    );
+            debug: (string, extra) => { console.log(string, extra); }
+        }));
     route(GET, '/api/attachments/:attachmentId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
     // this "hacky" path is used for easier referencing of CSS resources
     route(GET, '/api/attachments/download/:attachmentId', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
     apiRoute(PST, '/api/attachments/:attachmentId/save-to-tmp-dir', filesRoute.saveAttachmentToTmpDir);
     apiRoute(PST, '/api/attachments/:attachmentId/upload-modified-file', filesRoute.uploadModifiedFileToAttachment);
-    route(
-        PUT,
-        '/api/attachments/:attachmentId/file',
-        [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-        filesRoute.updateAttachment,
-        apiResultHandler
-    );
+    route(PUT, '/api/attachments/:attachmentId/file', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
+        filesRoute.updateAttachment, apiResultHandler);
 
     apiRoute(GET, '/api/notes/:noteId/revisions', revisionsApiRoute.getRevisions);
     apiRoute(DEL, '/api/notes/:noteId/revisions', revisionsApiRoute.eraseAllRevisions);
@@ -253,40 +209,14 @@ function register(app: express.Application) {
     apiRoute(GET, '/api/revisions/:revisionId/blob', revisionsApiRoute.getRevisionBlob);
     apiRoute(DEL, '/api/revisions/:revisionId', revisionsApiRoute.eraseRevision);
     apiRoute(PST, '/api/revisions/:revisionId/restore', revisionsApiRoute.restoreRevision);
-    route(
-        GET,
-        '/api/revisions/:revisionId/image/:filename',
-        [auth.checkApiAuthOrElectron],
-        imageRoute.returnImageFromRevision
-    );
-
-    route(
-        GET,
-        '/api/revisions/:revisionId/download',
-        [auth.checkApiAuthOrElectron],
-        revisionsApiRoute.downloadRevision
-    );
-
-    route(
-        GET,
-        '/api/branches/:branchId/export/:type/:format/:version/:taskId',
-        [auth.checkApiAuthOrElectron],
-        exportRoute.exportBranch
-    );
-    route(
-        PST,
-        '/api/notes/:parentNoteId/notes-import',
-        [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-        importRoute.importNotesToBranch,
-        apiResultHandler
-    );
-    route(
-        PST,
-        '/api/notes/:parentNoteId/attachments-import',
-        [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-        importRoute.importAttachmentsToNote,
-        apiResultHandler
-    );
+    route(GET, '/api/revisions/:revisionId/image/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromRevision);
+
+    route(GET, '/api/revisions/:revisionId/download', [auth.checkApiAuthOrElectron], revisionsApiRoute.downloadRevision);
+
+
+    route(GET, '/api/branches/:branchId/export/:type/:format/:version/:taskId', [auth.checkApiAuthOrElectron], exportRoute.exportBranch);
+    route(PST, '/api/notes/:parentNoteId/notes-import', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], importRoute.importNotesToBranch, apiResultHandler);
+    route(PST, '/api/notes/:parentNoteId/attachments-import', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], importRoute.importAttachmentsToNote, apiResultHandler);
 
     apiRoute(GET, '/api/notes/:noteId/attributes', attributesRoute.getEffectiveNoteAttributes);
     apiRoute(PST, '/api/notes/:noteId/attributes', attributesRoute.addNoteAttribute);
@@ -301,13 +231,7 @@ function register(app: express.Application) {
 
     // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
     route(GET, '/api/images/:noteId/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromNote);
-    route(
-        PUT,
-        '/api/images/:noteId',
-        [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-        imageRoute.updateImage,
-        apiResultHandler
-    );
+    route(PUT, '/api/images/:noteId', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], imageRoute.updateImage, apiResultHandler);
 
     apiRoute(GET, '/api/options', optionsApiRoute.getOptions);
     // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
@@ -326,55 +250,22 @@ function register(app: express.Application) {
     route(GET, '/api/sync/changed', [auth.checkApiAuth], syncApiRoute.getChanged, apiResultHandler);
     route(PUT, '/api/sync/update', [auth.checkApiAuth], syncApiRoute.update, apiResultHandler);
     route(PST, '/api/sync/finished', [auth.checkApiAuth], syncApiRoute.syncFinished, apiResultHandler);
-    route(
-        PST,
-        '/api/sync/check-entity-changes',
-        [auth.checkApiAuth],
-        syncApiRoute.checkEntityChanges,
-        apiResultHandler
-    );
-    route(
-        PST,
-        '/api/sync/queue-sector/:entityName/:sector',
-        [auth.checkApiAuth],
-        syncApiRoute.queueSector,
-        apiResultHandler
-    );
+    route(PST, '/api/sync/check-entity-changes', [auth.checkApiAuth], syncApiRoute.checkEntityChanges, apiResultHandler);
+    route(PST, '/api/sync/queue-sector/:entityName/:sector', [auth.checkApiAuth], syncApiRoute.queueSector, apiResultHandler);
     route(GET, '/api/sync/stats', [], syncApiRoute.getStats, apiResultHandler);
 
     apiRoute(PST, '/api/recent-notes', recentNotesRoute.addRecentNote);
     apiRoute(GET, '/api/app-info', appInfoRoute.getAppInfo);
 
     // docker health check
-    route(GET, '/api/health-check', [], () => ({status: 'ok'}), apiResultHandler);
+    route(GET, '/api/health-check', [], () => ({ "status": "ok" }), apiResultHandler);
 
     // group of the services below are meant to be executed from the outside
     route(GET, '/api/setup/status', [], setupApiRoute.getStatus, apiResultHandler);
-    route(
-        PST,
-        '/api/setup/new-document',
-        [auth.checkAppNotInitialized],
-        setupApiRoute.setupNewDocument,
-        apiResultHandler,
-        false
-    );
-    route(
-        PST,
-        '/api/setup/sync-from-server',
-        [auth.checkAppNotInitialized],
-        setupApiRoute.setupSyncFromServer,
-        apiResultHandler,
-        false
-    );
+    route(PST, '/api/setup/new-document', [auth.checkAppNotInitialized], setupApiRoute.setupNewDocument, apiResultHandler, false);
+    route(PST, '/api/setup/sync-from-server', [auth.checkAppNotInitialized], setupApiRoute.setupSyncFromServer, apiResultHandler, false);
     route(GET, '/api/setup/sync-seed', [auth.checkCredentials], setupApiRoute.getSyncSeed, apiResultHandler);
-    route(
-        PST,
-        '/api/setup/sync-seed',
-        [auth.checkAppNotInitialized],
-        setupApiRoute.saveSyncSeed,
-        apiResultHandler,
-        false
-    );
+    route(PST, '/api/setup/sync-seed', [auth.checkAppNotInitialized], setupApiRoute.saveSyncSeed, apiResultHandler, false);
 
     apiRoute(GET, '/api/autocomplete', autocompleteApiRoute.getAutocomplete);
     apiRoute(GET, '/api/quick-search/:searchString', searchRoute.quickSearch);
@@ -425,45 +316,17 @@ function register(app: express.Application) {
 
     apiRoute(GET, '/api/sql/schema', sqlRoute.getSchema);
     apiRoute(PST, '/api/sql/execute/:noteId', sqlRoute.execute);
-    route(
-        PST,
-        '/api/database/anonymize/:type',
-        [auth.checkApiAuthOrElectron, csrfMiddleware],
-        databaseRoute.anonymize,
-        apiResultHandler,
-        false
-    );
+    route(PST, '/api/database/anonymize/:type', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.anonymize, apiResultHandler, false);
     apiRoute(GET, '/api/database/anonymized-databases', databaseRoute.getExistingAnonymizedDatabases);
 
     // backup requires execution outside of transaction
-    route(
-        PST,
-        '/api/database/backup-database',
-        [auth.checkApiAuthOrElectron, csrfMiddleware],
-        databaseRoute.backupDatabase,
-        apiResultHandler,
-        false
-    );
+    route(PST, '/api/database/backup-database', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.backupDatabase, apiResultHandler, false);
     apiRoute(GET, '/api/database/backups', databaseRoute.getExistingBackups);
 
     // VACUUM requires execution outside of transaction
-    route(
-        PST,
-        '/api/database/vacuum-database',
-        [auth.checkApiAuthOrElectron, csrfMiddleware],
-        databaseRoute.vacuumDatabase,
-        apiResultHandler,
-        false
-    );
-
-    route(
-        PST,
-        '/api/database/find-and-fix-consistency-issues',
-        [auth.checkApiAuthOrElectron, csrfMiddleware],
-        databaseRoute.findAndFixConsistencyIssues,
-        apiResultHandler,
-        false
-    );
+    route(PST, '/api/database/vacuum-database', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.vacuumDatabase, apiResultHandler, false);
+
+    route(PST, '/api/database/find-and-fix-consistency-issues', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.findAndFixConsistencyIssues, apiResultHandler, false);
 
     apiRoute(GET, '/api/database/check-integrity', databaseRoute.checkIntegrity);
 
@@ -477,13 +340,7 @@ function register(app: express.Application) {
 
     // no CSRF since this is called from android app
     route(PST, '/api/sender/login', [loginRateLimiter], loginApiRoute.token, apiResultHandler);
-    route(
-        PST,
-        '/api/sender/image',
-        [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
-        senderRoute.uploadImage,
-        apiResultHandler
-    );
+    route(PST, '/api/sender/image', [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling], senderRoute.uploadImage, apiResultHandler);
     route(PST, '/api/sender/note', [auth.checkEtapiToken], senderRoute.saveNote, apiResultHandler);
 
     apiRoute(GET, '/api/keyboard-actions', keysRoute.getKeyboardActions);
@@ -527,24 +384,25 @@ function register(app: express.Application) {
 function convertEntitiesToPojo(result: unknown) {
     if (result instanceof AbstractBeccaEntity) {
         result = result.getPojo();
-    } else if (Array.isArray(result)) {
+    }
+    else if (Array.isArray(result)) {
         for (const idx in result) {
             if (result[idx] instanceof AbstractBeccaEntity) {
                 result[idx] = result[idx].getPojo();
             }
         }
-    } else if (result && typeof result === 'object') {
-        if ('note' in result && result.note instanceof AbstractBeccaEntity) {
+    }
+    else if (result && typeof result === "object") {
+        if ("note" in result && result.note instanceof AbstractBeccaEntity) {
             result.note = result.note.getPojo();
         }
 
-        if ('branch' in result && result.branch instanceof AbstractBeccaEntity) {
+        if ("branch" in result && result.branch instanceof AbstractBeccaEntity) {
             result.branch = result.branch.getPojo();
         }
     }
 
-    if (result && typeof result === 'object' && 'executionResult' in result) {
-        // from runOnBackend()
+    if (result && typeof result === "object" && "executionResult" in result) { // from runOnBackend()
         result.executionResult = convertEntitiesToPojo(result.executionResult);
     }
 
@@ -561,15 +419,15 @@ function apiResultHandler(req: express.Request, res: express.Response, result: u
         const [statusCode, response] = result;
 
         if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
-            log.info(
-                `${req.method} ${req.originalUrl} returned ${statusCode} with response ${JSON.stringify(response)}`
-            );
+            log.info(`${req.method} ${req.originalUrl} returned ${statusCode} with response ${JSON.stringify(response)}`);
         }
 
         return send(res, statusCode, response);
-    } else if (result === undefined) {
-        return send(res, 204, '');
-    } else {
+    }
+    else if (result === undefined) {
+        return send(res, 204, "");
+    }
+    else {
         return send(res, 200, result);
     }
 }
@@ -577,16 +435,17 @@ function apiResultHandler(req: express.Request, res: express.Response, result: u
 function send(res: express.Response, statusCode: number, response: unknown) {
     if (typeof response === 'string') {
         if (statusCode >= 400) {
-            res.setHeader('Content-Type', 'text/plain');
+            res.setHeader("Content-Type", "text/plain");
         }
 
         res.status(statusCode).send(response);
 
         return response.length;
-    } else {
+    }
+    else {
         const json = JSON.stringify(response);
 
-        res.setHeader('Content-Type', 'application/json');
+        res.setHeader("Content-Type", "application/json");
         res.status(statusCode).send(json);
 
         return json.length;
@@ -597,60 +456,43 @@ function apiRoute(method: HttpMethod, path: string, routeHandler: express.Handle
     route(method, path, [auth.checkApiAuth, csrfMiddleware], routeHandler, apiResultHandler);
 }
 
-function route(
-    method: HttpMethod,
-    path: string,
-    middleware: (express.Handler | AppRequestHandler)[],
-    routeHandler: AppRequestHandler,
-    resultHandler: ApiResultHandler | null = null,
-    transactional = true
-) {
-    router[method](
-        path,
-        ...(middleware as express.Handler[]),
-        (req: express.Request, res: express.Response, next: express.NextFunction) => {
-            const start = Date.now();
-
-            try {
-                cls.namespace.bindEmitter(req);
-                cls.namespace.bindEmitter(res);
-
-                const result = cls.init(() => {
-                    cls.set('componentId', req.headers['trilium-component-id']);
-                    cls.set('localNowDateTime', req.headers['trilium-local-now-datetime']);
-                    cls.set('hoistedNoteId', req.headers['trilium-hoisted-note-id'] || 'root');
-
-                    const cb = () => routeHandler(req as AppRequest, res, next);
-
-                    return transactional ? sql.transactional(cb) : cb();
-                });
-
-                if (!resultHandler) {
-                    return;
-                }
-
-                if (result?.then) {
-                    // promise
-                    result
-                        .then((promiseResult: unknown) => handleResponse(resultHandler, req, res, promiseResult, start))
-                        .catch((e: any) => handleException(e, method, path, res));
-                } else {
-                    handleResponse(resultHandler, req, res, result, start);
-                }
-            } catch (e) {
-                handleException(e, method, path, res);
+function route(method: HttpMethod, path: string, middleware: (express.Handler | AppRequestHandler)[], routeHandler: AppRequestHandler, resultHandler: ApiResultHandler | null = null, transactional = true) {
+    router[method](path, ...(middleware as express.Handler[]), (req: express.Request, res: express.Response, next: express.NextFunction) => {
+        const start = Date.now();
+
+        try {
+            cls.namespace.bindEmitter(req);
+            cls.namespace.bindEmitter(res);
+
+            const result = cls.init(() => {
+                cls.set('componentId', req.headers['trilium-component-id']);
+                cls.set('localNowDateTime', req.headers['trilium-local-now-datetime']);
+                cls.set('hoistedNoteId', req.headers['trilium-hoisted-note-id'] || 'root');
+
+                const cb = () => routeHandler(req as AppRequest, res, next);
+
+                return transactional ? sql.transactional(cb) : cb();
+            });
+
+            if (!resultHandler) {
+                return;
+            }
+
+            if (result?.then) { // promise
+                result
+                    .then((promiseResult: unknown) => handleResponse(resultHandler, req, res, promiseResult, start))
+                    .catch((e: any) => handleException(e, method, path, res));
+            } else {
+                handleResponse(resultHandler, req, res, result, start)
             }
         }
-    );
+        catch (e) {
+            handleException(e, method, path, res);
+        }
+    });
 }
 
-function handleResponse(
-    resultHandler: ApiResultHandler,
-    req: express.Request,
-    res: express.Response,
-    result: unknown,
-    start: number
-) {
+function handleResponse(resultHandler: ApiResultHandler, req: express.Request, res: express.Response, result: unknown, start: number) {
     const responseLength = resultHandler(req, res, result);
 
     log.request(req, res, Date.now() - start, responseLength);
@@ -660,17 +502,20 @@ function handleException(e: any, method: HttpMethod, path: string, res: express.
     log.error(`${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`);
 
     if (e instanceof ValidationError) {
-        res.status(400).json({
-            message: e.message,
-        });
+        res.status(400)
+            .json({
+                message: e.message
+            });
     } else if (e instanceof NotFoundError) {
-        res.status(404).json({
-            message: e.message,
-        });
+        res.status(404)
+            .json({
+                message: e.message
+            });
     } else {
-        res.status(500).json({
-            message: e.message,
-        });
+        res.status(500)
+            .json({
+                message: e.message
+            });
     }
 }
 
@@ -679,14 +524,14 @@ function createUploadMiddleware() {
         fileFilter: (req: express.Request, file, cb) => {
             // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
             // See https://github.com/expressjs/multer/pull/1102.
-            file.originalname = Buffer.from(file.originalname, 'latin1').toString('utf-8');
+            file.originalname = Buffer.from(file.originalname, "latin1").toString("utf-8");
             cb(null, true);
-        },
+        }
     };
 
     if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
         multerOptions.limits = {
-            fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024,
+            fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024
         };
     }
 
@@ -694,5 +539,5 @@ function createUploadMiddleware() {
 }
 
 export = {
-    register,
+    register
 };
diff --git a/src/services/auth.ts b/src/services/auth.ts
index 8ef76826bb..cad9e75d14 100644
--- a/src/services/auth.ts
+++ b/src/services/auth.ts
@@ -1,6 +1,4 @@
-/** @format */
-
-'use strict';
+"use strict";
 
 import etapiTokenService = require('./etapi_tokens');
 import log = require('./log');
@@ -9,8 +7,8 @@ import utils = require('./utils');
 import passwordEncryptionService = require('./encryption/password_encryption');
 import config = require('./config');
 import passwordService = require('./encryption/password');
-import type {NextFunction, Request, Response} from 'express';
-import {AppRequest} from '../routes/route-interface';
+import type { NextFunction, Request, Response } from 'express';
+import { AppRequest } from '../routes/route-interface';
 import openID = require('./open_id');
 import openIdService = require('../services/encryption/open_id');
 import openIDEncryptionService = require('../services/encryption/open_id_encryption');
@@ -19,8 +17,8 @@ const noAuthentication = config.General && config.General.noAuthentication === t
 
 function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
     if (!sqlInit.isDbInitialized()) {
-        res.redirect('setup');
-    } else if (openID.isOpenIDEnabled() && openID.getOAuthStatus().message) {
+        res.redirect("setup");
+    }else if (openID.isOpenIDEnabled() && openID.getOAuthStatus().message) {
         if (openIdService.isSubjectIdentifierSaved() && req.oidc !== undefined) {
             const result = req.oidc.fetchUserInfo().then((result) => {
                 if (openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)) {
@@ -34,40 +32,46 @@ function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
         } else {
             next();
         }
-    } else if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
-        res.redirect('login');
-    } else next();
+    }else if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
+        res.redirect("login");
+    }
+    else {
+        next();
+    }
 }
 
 // for electron things which need network stuff
 //  currently, we're doing that for file upload because handling form data seems to be difficult
 function checkApiAuthOrElectron(req: AppRequest, res: Response, next: NextFunction) {
     if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
-        reject(req, res, 'Logged in session not found');
-    } else {
+        reject(req, res, "Logged in session not found");
+    }
+    else {
         next();
     }
 }
 
 function checkApiAuth(req: AppRequest, res: Response, next: NextFunction) {
     if (!req.session.loggedIn && !noAuthentication) {
-        reject(req, res, 'Logged in session not found');
-    } else {
+        reject(req, res, "Logged in session not found");
+    }
+    else {
         next();
     }
 }
 
 function checkAppInitialized(req: AppRequest, res: Response, next: NextFunction) {
     if (!sqlInit.isDbInitialized()) {
-        res.redirect('setup');
-    } else {
+        res.redirect("setup");
+    }
+    else {
         next();
     }
 }
 
 function checkPasswordSet(req: AppRequest, res: Response, next: NextFunction) {
     if (!utils.isElectron() && !passwordService.isPasswordSet()) {
-        res.redirect('set-password');
+        res.redirect("set-password");
     } else {
         next();
     }
@@ -75,7 +79,7 @@ function checkPasswordSet(req: AppRequest, res: Response, next: NextFunction) {
 
 function checkPasswordNotSet(req: AppRequest, res: Response, next: NextFunction) {
     if (!utils.isElectron() && passwordService.isPasswordSet()) {
-        res.redirect('login');
+        res.redirect("login");
     } else {
         next();
     }
@@ -83,8 +87,9 @@ function checkPasswordNotSet(req: AppRequest, res: Response, next: NextFunction)
 
 function checkAppNotInitialized(req: AppRequest, res: Response, next: NextFunction) {
     if (sqlInit.isDbInitialized()) {
-        reject(req, res, 'App already initialized.');
-    } else {
+        reject(req, res, "App already initialized.");
+    }
+    else {
         next();
     }
 }
@@ -92,25 +97,30 @@ function checkAppNotInitialized(req: AppRequest, res: Response, next: NextFuncti
 function checkEtapiToken(req: AppRequest, res: Response, next: NextFunction) {
     if (etapiTokenService.isValidAuthHeader(req.headers.authorization)) {
         next();
-    } else {
-        reject(req, res, 'Token not found');
+    }
+    else {
+        reject(req, res, "Token not found");
     }
 }
 
 function reject(req: AppRequest, res: Response, message: string) {
     log.info(`${req.method} ${req.path} rejected with 401 ${message}`);
 
-    res.setHeader('Content-Type', 'text/plain').status(401).send(message);
+    res.setHeader("Content-Type", "text/plain")
+        .status(401)
+        .send(message);
 }
 
 function checkCredentials(req: AppRequest, res: Response, next: NextFunction) {
     if (!sqlInit.isDbInitialized()) {
-        res.setHeader('Content-Type', 'text/plain').status(400).send('Database is not initialized yet.');
+        res.setHeader("Content-Type", "text/plain")
+            .status(400)
+            .send('Database is not initialized yet.');
         return;
     }
 
     if (!passwordService.isPasswordSet()) {
-        res.setHeader('Content-Type', 'text/plain')
+        res.setHeader("Content-Type", "text/plain")
             .status(400)
             .send('Password has not been set yet. Please set a password and repeat the action');
         return;
@@ -119,12 +129,15 @@ function checkCredentials(req: AppRequest, res: Response, next: NextFunction) {
     const header = req.headers['trilium-cred'] || '';
     const auth = Buffer.from(header, 'base64').toString();
     const colonIndex = auth.indexOf(':');
-    const password = colonIndex === -1 ? '' : auth.substr(colonIndex + 1);
+    const password = colonIndex === -1 ? "" : auth.substr(colonIndex + 1);
     // username is ignored
 
     if (!passwordEncryptionService.verifyPassword(password)) {
-        res.setHeader('Content-Type', 'text/plain').status(401).send('Incorrect password');
-    } else {
+        res.setHeader("Content-Type", "text/plain")
+            .status(401)
+            .send('Incorrect password');
+    }
+    else {
         next();
     }
 }
@@ -138,5 +151,5 @@ export = {
     checkAppNotInitialized,
     checkApiAuthOrElectron,
     checkEtapiToken,
-    checkCredentials,
+    checkCredentials
 };
diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index c36de1c7e0..50734c7135 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -1,6 +1,4 @@
-/** @format */
-
-'use strict';
+"use strict";
 
 import optionService = require('../options');
 import crypto = require('crypto');
@@ -18,11 +16,8 @@ function getPasswordDerivedKey(password: crypto.BinaryLike) {
 }
 
 function getScryptHash(password: crypto.BinaryLike, salt: crypto.BinaryLike) {
-    const hashed = crypto.scryptSync(password, salt, 32, {
-        N: 16384,
-        r: 8,
-        p: 1,
-    });
+    const hashed = crypto.scryptSync(password, salt, 32,
+        {N: 16384, r:8, p:1});
 
     return hashed;
 }
diff --git a/src/services/encryption/open_id.ts b/src/services/encryption/open_id.ts
index 197b28af69..1c93117c97 100644
--- a/src/services/encryption/open_id.ts
+++ b/src/services/encryption/open_id.ts
@@ -1,5 +1,3 @@
-/** @format */
-
 'use strict';
 
 import sql = require('../sql');
diff --git a/src/services/encryption/open_id_encryption.ts b/src/services/encryption/open_id_encryption.ts
index f5f6b327ff..fb1bcb88ff 100644
--- a/src/services/encryption/open_id_encryption.ts
+++ b/src/services/encryption/open_id_encryption.ts
@@ -1,5 +1,3 @@
-/** @format */
-
 import optionService = require('../options');
 import myScryptService = require('./my_scrypt');
 import utils = require('../utils');
diff --git a/src/services/encryption/password_encryption.ts b/src/services/encryption/password_encryption.ts
index c0dd067358..36420d03d2 100644
--- a/src/services/encryption/password_encryption.ts
+++ b/src/services/encryption/password_encryption.ts
@@ -1,12 +1,12 @@
-import optionService = require("../options");
-import myScryptService = require("./my_scrypt");
-import utils = require("../utils");
-import dataEncryptionService = require("./data_encryption");
+import optionService = require('../options');
+import myScryptService = require('./my_scrypt');
+import utils = require('../utils');
+import dataEncryptionService = require('./data_encryption');
 
 function verifyPassword(password: string) {
     const givenPasswordHash = utils.toBase64(myScryptService.getVerificationHash(password));
 
-    const dbPasswordHash = optionService.getOptionOrNull("passwordVerificationHash");
+    const dbPasswordHash = optionService.getOptionOrNull('passwordVerificationHash');
 
     if (!dbPasswordHash) {
         return false;
@@ -20,13 +20,13 @@ function setDataKey(password: string, plainTextDataKey: string | Buffer) {
 
     const newEncryptedDataKey = dataEncryptionService.encrypt(passwordDerivedKey, plainTextDataKey);
 
-    optionService.setOption("encryptedDataKey", newEncryptedDataKey);
+    optionService.setOption('encryptedDataKey', newEncryptedDataKey);
 }
 
 function getDataKey(password: string) {
     const passwordDerivedKey = myScryptService.getPasswordDerivedKey(password);
 
-    const encryptedDataKey = optionService.getOption("encryptedDataKey");
+    const encryptedDataKey = optionService.getOption('encryptedDataKey');
 
     const decryptedDataKey = dataEncryptionService.decrypt(passwordDerivedKey, encryptedDataKey);
 
diff --git a/src/services/encryption/totp_secret_encryption.ts b/src/services/encryption/totp_secret_encryption.ts
index 3da7329bbf..7e09fd3bf0 100644
--- a/src/services/encryption/totp_secret_encryption.ts
+++ b/src/services/encryption/totp_secret_encryption.ts
@@ -22,7 +22,6 @@ function getDataKey(secret: string) {
 }
 
 export = {
-    //   verifyPassword,
     getDataKey,
     setDataKey
 };
diff --git a/src/services/hidden_subtree.ts b/src/services/hidden_subtree.ts
index b0d99b82af..d6c5cd38f8 100644
--- a/src/services/hidden_subtree.ts
+++ b/src/services/hidden_subtree.ts
@@ -1,27 +1,25 @@
-/** @format */
-
-import BAttribute = require('../becca/entities/battribute');
-import {AttributeType, NoteType} from '../becca/entities/rows';
+import BAttribute = require("../becca/entities/battribute");
+import { AttributeType, NoteType } from "../becca/entities/rows";
 
 import becca = require('../becca/becca');
 import noteService = require('./notes');
 import log = require('./log');
 import migrationService = require('./migration');
 
-const LBTPL_ROOT = '_lbTplRoot';
-const LBTPL_BASE = '_lbTplBase';
-const LBTPL_COMMAND = '_lbTplCommandLauncher';
-const LBTPL_NOTE_LAUNCHER = '_lbTplNoteLauncher';
-const LBTPL_SCRIPT = '_lbTplScriptLauncher';
-const LBTPL_BUILTIN_WIDGET = '_lbTplBuiltinWidget';
-const LBTPL_SPACER = '_lbTplSpacer';
-const LBTPL_CUSTOM_WIDGET = '_lbTplCustomWidget';
+const LBTPL_ROOT = "_lbTplRoot";
+const LBTPL_BASE = "_lbTplBase";
+const LBTPL_COMMAND = "_lbTplCommandLauncher";
+const LBTPL_NOTE_LAUNCHER = "_lbTplNoteLauncher";
+const LBTPL_SCRIPT = "_lbTplScriptLauncher";
+const LBTPL_BUILTIN_WIDGET = "_lbTplBuiltinWidget";
+const LBTPL_SPACER = "_lbTplSpacer";
+const LBTPL_CUSTOM_WIDGET = "_lbTplCustomWidget";
 
 interface Attribute {
     type: AttributeType;
     name: string;
     isInheritable?: boolean;
-    value?: string;
+    value?: string
 }
 
 interface Item {
@@ -35,17 +33,9 @@ interface Item {
     isExpanded?: boolean;
     baseSize?: string;
     growthFactor?: string;
-    targetNoteId?: '_backendLog' | '_globalNoteMap';
-    builtinWidget?:
-        | 'bookmarks'
-        | 'spacer'
-        | 'backInHistoryButton'
-        | 'forwardInHistoryButton'
-        | 'syncStatus'
-        | 'protectedSession'
-        | 'todayInJournal'
-        | 'calendar';
-    command?: 'jumpToNote' | 'searchNotes' | 'createNoteIntoInbox' | 'showRecentChanges';
+    targetNoteId?: "_backendLog" | "_globalNoteMap";
+    builtinWidget?: "bookmarks" | "spacer" | "backInHistoryButton" | "forwardInHistoryButton" | "syncStatus" | "protectedSession" | "todayInJournal" | "calendar";
+    command?: "jumpToNote" | "searchNotes" | "createNoteIntoInbox" | "showRecentChanges";
 }
 
 /*
@@ -63,35 +53,35 @@ const HIDDEN_SUBTREE_DEFINITION: Item = {
     // over tree when it's in the middle
     notePosition: 999_999_999,
     attributes: [
-        {type: 'label', name: 'excludeFromNoteMap', isInheritable: true},
-        {type: 'label', name: 'docName', value: 'hidden'},
+        { type: 'label', name: 'excludeFromNoteMap', isInheritable: true },
+        { type: 'label', name: 'docName', value: 'hidden' }
     ],
     children: [
         {
             id: '_search',
             title: 'Search History',
-            type: 'doc',
+            type: 'doc'
         },
         {
             id: '_globalNoteMap',
             title: 'Note Map',
             type: 'noteMap',
             attributes: [
-                {type: 'label', name: 'mapRootNoteId', value: 'hoisted'},
-                {type: 'label', name: 'keepCurrentHoisting'},
-            ],
+                { type: 'label', name: 'mapRootNoteId', value: 'hoisted' },
+                { type: 'label', name: 'keepCurrentHoisting' }
+            ]
         },
         {
             id: '_sqlConsole',
             title: 'SQL Console History',
             type: 'doc',
-            icon: 'bx-data',
+            icon: 'bx-data'
         },
         {
             id: '_share',
             title: 'Shared Notes',
             type: 'doc',
-            attributes: [{type: 'label', name: 'docName', value: 'share'}],
+            attributes: [ { type: 'label', name: 'docName', value: 'share' } ]
         },
         {
             id: '_bulkAction',
@@ -103,14 +93,16 @@ const HIDDEN_SUBTREE_DEFINITION: Item = {
             title: 'Backend Log',
             type: 'contentWidget',
             icon: 'bx-terminal',
-            attributes: [{type: 'label', name: 'keepCurrentHoisting'}],
+            attributes: [
+                { type: 'label', name: 'keepCurrentHoisting' }
+            ]
         },
         {
             // place for user scripts hidden stuff (scripts should not create notes directly under hidden root)
             id: '_userHidden',
             title: 'User Hidden',
             type: 'doc',
-            attributes: [{type: 'label', name: 'docName', value: 'user_hidden'}],
+            attributes: [ { type: 'label', name: 'docName', value: 'user_hidden' } ]
         },
         {
             id: LBTPL_ROOT,
@@ -120,51 +112,51 @@ const HIDDEN_SUBTREE_DEFINITION: Item = {
                 {
                     id: LBTPL_BASE,
                     title: 'Base Abstract Launcher',
-                    type: 'doc',
+                    type: 'doc'
                 },
                 {
                     id: LBTPL_COMMAND,
                     title: 'Command Launcher',
                     type: 'doc',
                     attributes: [
-                        {type: 'relation', name: 'template', value: LBTPL_BASE},
-                        {type: 'label', name: 'launcherType', value: 'command'},
-                        {type: 'label', name: 'docName', value: 'launchbar_command_launcher'},
-                    ],
+                        { type: 'relation', name: 'template', value: LBTPL_BASE },
+                        { type: 'label', name: 'launcherType', value: 'command' },
+                        { type: 'label', name: 'docName', value: 'launchbar_command_launcher' }
+                    ]
                 },
                 {
                     id: LBTPL_NOTE_LAUNCHER,
                     title: 'Note Launcher',
                     type: 'doc',
                     attributes: [
-                        {type: 'relation', name: 'template', value: LBTPL_BASE},
-                        {type: 'label', name: 'launcherType', value: 'note'},
-                        {type: 'label', name: 'relation:target', value: 'promoted'},
-                        {type: 'label', name: 'relation:hoistedNote', value: 'promoted'},
-                        {type: 'label', name: 'label:keyboardShortcut', value: 'promoted,text'},
-                        {type: 'label', name: 'docName', value: 'launchbar_note_launcher'},
-                    ],
+                        { type: 'relation', name: 'template', value: LBTPL_BASE },
+                        { type: 'label', name: 'launcherType', value: 'note' },
+                        { type: 'label', name: 'relation:target', value: 'promoted' },
+                        { type: 'label', name: 'relation:hoistedNote', value: 'promoted' },
+                        { type: 'label', name: 'label:keyboardShortcut', value: 'promoted,text' },
+                        { type: 'label', name: 'docName', value: 'launchbar_note_launcher' }
+                    ]
                 },
                 {
                     id: LBTPL_SCRIPT,
                     title: 'Script Launcher',
                     type: 'doc',
                     attributes: [
-                        {type: 'relation', name: 'template', value: LBTPL_BASE},
-                        {type: 'label', name: 'launcherType', value: 'script'},
-                        {type: 'label', name: 'relation:script', value: 'promoted'},
-                        {type: 'label', name: 'label:keyboardShortcut', value: 'promoted,text'},
-                        {type: 'label', name: 'docName', value: 'launchbar_script_launcher'},
-                    ],
+                        { type: 'relation', name: 'template', value: LBTPL_BASE },
+                        { type: 'label', name: 'launcherType', value: 'script' },
+                        { type: 'label', name: 'relation:script', value: 'promoted' },
+                        { type: 'label', name: 'label:keyboardShortcut', value: 'promoted,text' },
+                        { type: 'label', name: 'docName', value: 'launchbar_script_launcher' }
+                    ]
                 },
                 {
                     id: LBTPL_BUILTIN_WIDGET,
                     title: 'Built-in Widget',
                     type: 'doc',
                     attributes: [
-                        {type: 'relation', name: 'template', value: LBTPL_BASE},
-                        {type: 'label', name: 'launcherType', value: 'builtinWidget'},
-                    ],
+                        { type: 'relation', name: 'template', value: LBTPL_BASE },
+                        { type: 'label', name: 'launcherType', value: 'builtinWidget' }
+                    ]
                 },
                 {
                     id: LBTPL_SPACER,
@@ -172,25 +164,25 @@ const HIDDEN_SUBTREE_DEFINITION: Item = {
                     type: 'doc',
                     icon: 'bx-move-vertical',
                     attributes: [
-                        {type: 'relation', name: 'template', value: LBTPL_BUILTIN_WIDGET},
-                        {type: 'label', name: 'builtinWidget', value: 'spacer'},
-                        {type: 'label', name: 'label:baseSize', value: 'promoted,number'},
-                        {type: 'label', name: 'label:growthFactor', value: 'promoted,number'},
-                        {type: 'label', name: 'docName', value: 'launchbar_spacer'},
-                    ],
+                        { type: 'relation', name: 'template', value: LBTPL_BUILTIN_WIDGET },
+                        { type: 'label', name: 'builtinWidget', value: 'spacer' },
+                        { type: 'label', name: 'label:baseSize', value: 'promoted,number' },
+                        { type: 'label', name: 'label:growthFactor', value: 'promoted,number' },
+                        { type: 'label', name: 'docName', value: 'launchbar_spacer' }
+                    ]
                 },
                 {
                     id: LBTPL_CUSTOM_WIDGET,
                     title: 'Custom Widget',
                     type: 'doc',
                     attributes: [
-                        {type: 'relation', name: 'template', value: LBTPL_BASE},
-                        {type: 'label', name: 'launcherType', value: 'customWidget'},
-                        {type: 'label', name: 'relation:widget', value: 'promoted'},
-                        {type: 'label', name: 'docName', value: 'launchbar_widget_launcher'},
-                    ],
+                        { type: 'relation', name: 'template', value: LBTPL_BASE },
+                        { type: 'label', name: 'launcherType', value: 'customWidget' },
+                        { type: 'label', name: 'relation:widget', value: 'promoted' },
+                        { type: 'label', name: 'docName', value: 'launchbar_widget_launcher' }
+                    ]
                 },
-            ],
+            ]
         },
         {
             id: '_lbRoot',
@@ -198,7 +190,7 @@ const HIDDEN_SUBTREE_DEFINITION: Item = {
             type: 'doc',
             icon: 'bx-sidebar',
             isExpanded: true,
-            attributes: [{type: 'label', name: 'docName', value: 'launchbar_intro'}],
+            attributes: [ { type: 'label', name: 'docName', value: 'launchbar_intro' } ],
             children: [
                 {
                     id: '_lbAvailableLaunchers',
@@ -206,32 +198,14 @@ const HIDDEN_SUBTREE_DEFINITION: Item = {
                     type: 'doc',
                     icon: 'bx-hide',
                     isExpanded: true,
-                    attributes: [{type: 'label', name: 'docName', value: 'launchbar_intro'}],
+                    attributes: [ { type: 'label', name: 'docName', value: 'launchbar_intro' } ],
                     children: [
-                        {
-                            id: '_lbBackInHistory',
-                            title: 'Go to Previous Note',
-                            type: 'launcher',
-                            builtinWidget: 'backInHistoryButton',
-                            icon: 'bx bxs-left-arrow-square',
-                            attributes: [{type: 'label', name: 'docName', value: 'launchbar_history_navigation'}],
-                        },
-                        {
-                            id: '_lbForwardInHistory',
-                            title: 'Go to Next Note',
-                            type: 'launcher',
-                            builtinWidget: 'forwardInHistoryButton',
-                            icon: 'bx bxs-right-arrow-square',
-                            attributes: [{type: 'label', name: 'docName', value: 'launchbar_history_navigation'}],
-                        },
-                        {
-                            id: '_lbBackendLog',
-                            title: 'Backend Log',
-                            type: 'launcher',
-                            targetNoteId: '_backendLog',
-                            icon: 'bx bx-terminal',
-                        },
-                    ],
+                        { id: '_lbBackInHistory', title: 'Go to Previous Note', type: 'launcher', builtinWidget: 'backInHistoryButton', icon: 'bx bxs-left-arrow-square',
+                            attributes: [ { type: 'label', name: 'docName', value: 'launchbar_history_navigation' } ]},
+                        { id: '_lbForwardInHistory', title: 'Go to Next Note', type: 'launcher', builtinWidget: 'forwardInHistoryButton', icon: 'bx bxs-right-arrow-square',
+                            attributes: [ { type: 'label', name: 'docName', value: 'launchbar_history_navigation' } ]},
+                        { id: '_lbBackendLog', title: 'Backend Log', type: 'launcher', targetNoteId: '_backendLog', icon: 'bx bx-terminal' },
+                    ]
                 },
                 {
                     id: '_lbVisibleLaunchers',
@@ -239,128 +213,57 @@ const HIDDEN_SUBTREE_DEFINITION: Item = {
                     type: 'doc',
                     icon: 'bx-show',
                     isExpanded: true,
-                    attributes: [{type: 'label', name: 'docName', value: 'launchbar_intro'}],
+                    attributes: [ { type: 'label', name: 'docName', value: 'launchbar_intro' } ],
                     children: [
-                        {
-                            id: '_lbNewNote',
-                            title: 'New Note',
-                            type: 'launcher',
-                            command: 'createNoteIntoInbox',
-                            icon: 'bx bx-file-blank',
-                        },
-                        {
-                            id: '_lbSearch',
-                            title: 'Search Notes',
-                            type: 'launcher',
-                            command: 'searchNotes',
-                            icon: 'bx bx-search',
-                            attributes: [{type: 'label', name: 'desktopOnly'}],
-                        },
-                        {
-                            id: '_lbJumpTo',
-                            title: 'Jump to Note',
-                            type: 'launcher',
-                            command: 'jumpToNote',
-                            icon: 'bx bx-send',
-                            attributes: [{type: 'label', name: 'desktopOnly'}],
-                        },
-                        {
-                            id: '_lbNoteMap',
-                            title: 'Note Map',
-                            type: 'launcher',
-                            targetNoteId: '_globalNoteMap',
-                            icon: 'bx bx-map-alt',
-                        },
-                        {
-                            id: '_lbCalendar',
-                            title: 'Calendar',
-                            type: 'launcher',
-                            builtinWidget: 'calendar',
-                            icon: 'bx bx-calendar',
-                        },
-                        {
-                            id: '_lbRecentChanges',
-                            title: 'Recent Changes',
-                            type: 'launcher',
-                            command: 'showRecentChanges',
-                            icon: 'bx bx-history',
-                            attributes: [{type: 'label', name: 'desktopOnly'}],
-                        },
-                        {
-                            id: '_lbSpacer1',
-                            title: 'Spacer',
-                            type: 'launcher',
-                            builtinWidget: 'spacer',
-                            baseSize: '50',
-                            growthFactor: '0',
-                        },
-                        {
-                            id: '_lbBookmarks',
-                            title: 'Bookmarks',
-                            type: 'launcher',
-                            builtinWidget: 'bookmarks',
-                            icon: 'bx bx-bookmark',
-                        },
-                        {
-                            id: '_lbToday',
-                            title: "Open Today's Journal Note",
-                            type: 'launcher',
-                            builtinWidget: 'todayInJournal',
-                            icon: 'bx bx-calendar-star',
-                        },
-                        {
-                            id: '_lbSpacer2',
-                            title: 'Spacer',
-                            type: 'launcher',
-                            builtinWidget: 'spacer',
-                            baseSize: '0',
-                            growthFactor: '1',
-                        },
-                        {
-                            id: '_lbProtectedSession',
-                            title: 'Protected Session',
-                            type: 'launcher',
-                            builtinWidget: 'protectedSession',
-                            icon: 'bx bx bx-shield-quarter',
-                        },
-                        {
-                            id: '_lbSyncStatus',
-                            title: 'Sync Status',
-                            type: 'launcher',
-                            builtinWidget: 'syncStatus',
-                            icon: 'bx bx-wifi',
-                        },
-                    ],
-                },
-            ],
+                        { id: '_lbNewNote', title: 'New Note', type: 'launcher', command: 'createNoteIntoInbox', icon: 'bx bx-file-blank' },
+                        { id: '_lbSearch', title: 'Search Notes', type: 'launcher', command: 'searchNotes', icon: 'bx bx-search', attributes: [
+                                { type: 'label', name: 'desktopOnly' }
+                            ] },
+                        { id: '_lbJumpTo', title: 'Jump to Note', type: 'launcher', command: 'jumpToNote', icon: 'bx bx-send', attributes: [
+                                { type: 'label', name: 'desktopOnly' }
+                            ] },
+                        { id: '_lbNoteMap', title: 'Note Map', type: 'launcher', targetNoteId: '_globalNoteMap', icon: 'bx bx-map-alt' },
+                        { id: '_lbCalendar', title: 'Calendar', type: 'launcher', builtinWidget: 'calendar', icon: 'bx bx-calendar' },
+                        { id: '_lbRecentChanges', title: 'Recent Changes', type: 'launcher', command: 'showRecentChanges', icon: 'bx bx-history', attributes: [
+                                { type: 'label', name: 'desktopOnly' }
+                            ] },
+                        { id: '_lbSpacer1', title: 'Spacer', type: 'launcher', builtinWidget: 'spacer', baseSize: "50", growthFactor: "0" },
+                        { id: '_lbBookmarks', title: 'Bookmarks', type: 'launcher', builtinWidget: 'bookmarks', icon: 'bx bx-bookmark' },
+                        { id: '_lbToday', title: "Open Today's Journal Note", type: 'launcher', builtinWidget: 'todayInJournal', icon: 'bx bx-calendar-star' },
+                        { id: '_lbSpacer2', title: 'Spacer', type: 'launcher', builtinWidget: 'spacer', baseSize: "0", growthFactor: "1" },
+                        { id: '_lbProtectedSession', title: 'Protected Session', type: 'launcher', builtinWidget: 'protectedSession', icon: 'bx bx bx-shield-quarter' },
+                        { id: '_lbSyncStatus', title: 'Sync Status', type: 'launcher', builtinWidget: 'syncStatus', icon: 'bx bx-wifi' }
+                    ]
+                }
+            ]
         },
         {
             id: '_options',
             title: 'Options',
             type: 'book',
             children: [
-                {id: '_optionsAppearance', title: 'Appearance', type: 'contentWidget', icon: 'bx-layout'},
-                {id: '_optionsShortcuts', title: 'Shortcuts', type: 'contentWidget', icon: 'bxs-keyboard'},
-                {id: '_optionsTextNotes', title: 'Text Notes', type: 'contentWidget', icon: 'bx-text'},
-                {id: '_optionsMFA', title: 'MFA', type: 'contentWidget', icon: 'bx-lock'},
-                {id: '_optionsCodeNotes', title: 'Code Notes', type: 'contentWidget', icon: 'bx-code'},
-                {id: '_optionsImages', title: 'Images', type: 'contentWidget', icon: 'bx-image'},
-                {id: '_optionsSpellcheck', title: 'Spellcheck', type: 'contentWidget', icon: 'bx-check-double'},
-                {id: '_optionsPassword', title: 'Password', type: 'contentWidget', icon: 'bx-lock'},
-                {id: '_optionsEtapi', title: 'ETAPI', type: 'contentWidget', icon: 'bx-extension'},
-                {id: '_optionsBackup', title: 'Backup', type: 'contentWidget', icon: 'bx-data'},
-                {id: '_optionsSync', title: 'Sync', type: 'contentWidget', icon: 'bx-wifi'},
-                {id: '_optionsOther', title: 'Other', type: 'contentWidget', icon: 'bx-dots-horizontal'},
-                {id: '_optionsAdvanced', title: 'Advanced', type: 'contentWidget'},
-            ],
-        },
-    ],
+                { id: '_optionsAppearance', title: 'Appearance', type: 'contentWidget', icon: 'bx-layout' },
+                { id: '_optionsShortcuts', title: 'Shortcuts', type: 'contentWidget', icon: 'bxs-keyboard' },
+                { id: '_optionsTextNotes', title: 'Text Notes', type: 'contentWidget', icon: 'bx-text' },
+                { id: '_optionsCodeNotes', title: 'Code Notes', type: 'contentWidget', icon: 'bx-code' },
+                { id: '_optionsImages', title: 'Images', type: 'contentWidget', icon: 'bx-image' },
+                { id: '_optionsSpellcheck', title: 'Spellcheck', type: 'contentWidget', icon: 'bx-check-double' },
+                { id: '_optionsPassword', title: 'Password', type: 'contentWidget', icon: 'bx-lock' },
+                { id: '_optionsMFA', title: 'MFA', type: 'contentWidget', icon: 'bx-lock'},
+                { id: '_optionsEtapi', title: 'ETAPI', type: 'contentWidget', icon: 'bx-extension' },
+                { id: '_optionsBackup', title: 'Backup', type: 'contentWidget', icon: 'bx-data' },
+                { id: '_optionsSync', title: 'Sync', type: 'contentWidget', icon: 'bx-wifi' },
+                { id: '_optionsOther', title: 'Other', type: 'contentWidget', icon: 'bx-dots-horizontal' },
+                { id: '_optionsAdvanced', title: 'Advanced', type: 'contentWidget' }
+            ]
+        }
+    ]
 };
 
 function checkHiddenSubtree(force = false) {
     if (!force && !migrationService.isDbUpToDate()) {
         // on-delete hook might get triggered during some future migration and cause havoc
-        log.info('Will not check hidden subtree until migration is finished.');
+        log.info("Will not check hidden subtree until migration is finished.");
         return;
     }
 
@@ -386,35 +289,35 @@ function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
             type: item.type,
             parentNoteId: parentNoteId,
             content: '',
-            ignoreForbiddenParents: true,
+            ignoreForbiddenParents: true
         }));
     } else {
-        branch = note.getParentBranches().find((branch) => branch.parentNoteId === parentNoteId);
+        branch = note.getParentBranches().find(branch => branch.parentNoteId === parentNoteId);
     }
 
     const attrs = [...(item.attributes || [])];
 
     if (item.icon) {
-        attrs.push({type: 'label', name: 'iconClass', value: `bx ${item.icon}`});
+        attrs.push({ type: 'label', name: 'iconClass', value: `bx ${item.icon}` });
     }
 
     if (item.type === 'launcher') {
         if (item.command) {
-            attrs.push({type: 'relation', name: 'template', value: LBTPL_COMMAND});
-            attrs.push({type: 'label', name: 'command', value: item.command});
+            attrs.push({ type: 'relation', name: 'template', value: LBTPL_COMMAND });
+            attrs.push({ type: 'label', name: 'command', value: item.command });
         } else if (item.builtinWidget) {
             if (item.builtinWidget === 'spacer') {
-                attrs.push({type: 'relation', name: 'template', value: LBTPL_SPACER});
-                attrs.push({type: 'label', name: 'baseSize', value: item.baseSize});
-                attrs.push({type: 'label', name: 'growthFactor', value: item.growthFactor});
+                attrs.push({ type: 'relation', name: 'template', value: LBTPL_SPACER });
+                attrs.push({ type: 'label', name: 'baseSize', value: item.baseSize });
+                attrs.push({ type: 'label', name: 'growthFactor', value: item.growthFactor });
             } else {
-                attrs.push({type: 'relation', name: 'template', value: LBTPL_BUILTIN_WIDGET});
+                attrs.push({ type: 'relation', name: 'template', value: LBTPL_BUILTIN_WIDGET });
             }
 
-            attrs.push({type: 'label', name: 'builtinWidget', value: item.builtinWidget});
+            attrs.push({ type: 'label', name: 'builtinWidget', value: item.builtinWidget });
         } else if (item.targetNoteId) {
-            attrs.push({type: 'relation', name: 'template', value: LBTPL_NOTE_LAUNCHER});
-            attrs.push({type: 'relation', name: 'target', value: item.targetNoteId});
+            attrs.push({ type: 'relation', name: 'template', value: LBTPL_NOTE_LAUNCHER });
+            attrs.push({ type: 'relation', name: 'target', value: item.targetNoteId });
         } else {
             throw new Error(`No action defined for launcher ${JSON.stringify(item)}`);
         }
@@ -441,16 +344,16 @@ function checkHiddenSubtreeRecursively(parentNoteId: string, item: Item) {
     }
 
     for (const attr of attrs) {
-        const attrId = note.noteId + '_' + attr.type.charAt(0) + attr.name;
+        const attrId = note.noteId + "_" + attr.type.charAt(0) + attr.name;
 
-        if (!note.getAttributes().find((attr) => attr.attributeId === attrId)) {
+        if (!note.getAttributes().find(attr => attr.attributeId === attrId)) {
             new BAttribute({
                 attributeId: attrId,
                 noteId: note.noteId,
                 type: attr.type,
                 name: attr.name,
                 value: attr.value,
-                isInheritable: false,
+                isInheritable: false
             }).save();
         }
     }
@@ -469,5 +372,5 @@ export = {
     LBTPL_SCRIPT,
     LBTPL_BUILTIN_WIDGET,
     LBTPL_SPACER,
-    LBTPL_CUSTOM_WIDGET,
+    LBTPL_CUSTOM_WIDGET
 };
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index 40b1d44c4b..d6acf1083c 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -1,5 +1,3 @@
-/** @format */
-
 import OpenIDError = require('../errors/open_id_error');
 import {NextFunction, Request, Response} from 'express';
 import openIDService = require('./encryption/open_id');
diff --git a/src/services/options.ts b/src/services/options.ts
index e1346c9278..b658e4ff71 100644
--- a/src/services/options.ts
+++ b/src/services/options.ts
@@ -21,6 +21,7 @@ function getOption(name: string) {
     if (val === null) {
         throw new Error(`Option '${name}' doesn't exist`);
     }
+
     return val;
 }
 
diff --git a/src/services/options_init.ts b/src/services/options_init.ts
index eb71d8a53c..13edf36d33 100644
--- a/src/services/options_init.ts
+++ b/src/services/options_init.ts
@@ -1,12 +1,10 @@
-/** @format */
-
 import optionService = require('./options');
 import appInfo = require('./app_info');
 import utils = require('./utils');
 import log = require('./log');
 import dateUtils = require('./date_utils');
 import keyboardActions = require('./keyboard_actions');
-import {KeyboardShortcutWithRequiredActionName} from './keyboard_actions_interface';
+import { KeyboardShortcutWithRequiredActionName } from './keyboard_actions_interface';
 
 function initDocumentOptions() {
     optionService.createOption('documentId', utils.randomSecureToken(16), false);
@@ -19,16 +17,12 @@ interface NotSyncedOpts {
 }
 
 function initNotSyncedOptions(initialized: boolean, opts: NotSyncedOpts = {}) {
-    optionService.createOption(
-        'openNoteContexts',
-        JSON.stringify([
-            {
-                notePath: 'root',
-                active: true,
-            },
-        ]),
-        false
-    );
+    optionService.createOption('openNoteContexts', JSON.stringify([
+        {
+            notePath: 'root',
+            active: true
+        }
+    ]), false);
 
     optionService.createOption('lastDailyBackupDate', dateUtils.utcNowDateTime(), false);
     optionService.createOption('lastWeeklyBackupDate', dateUtils.utcNowDateTime(), false);
@@ -56,61 +50,57 @@ function initNotSyncedOptions(initialized: boolean, opts: NotSyncedOpts = {}) {
 }
 
 const defaultOptions = [
-    {name: 'revisionSnapshotTimeInterval', value: '600', isSynced: true},
-    {name: 'protectedSessionTimeout', value: '600', isSynced: true},
-    {name: 'zoomFactor', value: process.platform === 'win32' ? '0.9' : '1.0', isSynced: false},
-    {name: 'overrideThemeFonts', value: 'false', isSynced: false},
-    {name: 'mainFontFamily', value: 'theme', isSynced: false},
-    {name: 'mainFontSize', value: '100', isSynced: false},
-    {name: 'treeFontFamily', value: 'theme', isSynced: false},
-    {name: 'treeFontSize', value: '100', isSynced: false},
-    {name: 'detailFontFamily', value: 'theme', isSynced: false},
-    {name: 'detailFontSize', value: '110', isSynced: false},
-    {name: 'monospaceFontFamily', value: 'theme', isSynced: false},
-    {name: 'monospaceFontSize', value: '110', isSynced: false},
-    {name: 'spellCheckEnabled', value: 'true', isSynced: false},
-    {name: 'spellCheckLanguageCode', value: 'en-US', isSynced: false},
-    {name: 'imageMaxWidthHeight', value: '2000', isSynced: true},
-    {name: 'imageJpegQuality', value: '75', isSynced: true},
-    {name: 'autoFixConsistencyIssues', value: 'true', isSynced: false},
-    {name: 'vimKeymapEnabled', value: 'false', isSynced: false},
-    {name: 'codeLineWrapEnabled', value: 'true', isSynced: false},
-    {
-        name: 'codeNotesMimeTypes',
-        value: '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]',
-        isSynced: true,
-    },
-    {name: 'leftPaneWidth', value: '25', isSynced: false},
-    {name: 'leftPaneVisible', value: 'true', isSynced: false},
-    {name: 'rightPaneWidth', value: '25', isSynced: false},
-    {name: 'rightPaneVisible', value: 'true', isSynced: false},
-    {name: 'nativeTitleBarVisible', value: 'false', isSynced: false},
-    {name: 'eraseEntitiesAfterTimeInSeconds', value: '604800', isSynced: true}, // default is 7 days
-    {name: 'hideArchivedNotes_main', value: 'false', isSynced: false},
-    {name: 'debugModeEnabled', value: 'false', isSynced: false},
-    {name: 'headingStyle', value: 'underline', isSynced: true},
-    {name: 'autoCollapseNoteTree', value: 'true', isSynced: true},
-    {name: 'autoReadonlySizeText', value: '10000', isSynced: false},
-    {name: 'autoReadonlySizeCode', value: '30000', isSynced: false},
-    {name: 'dailyBackupEnabled', value: 'true', isSynced: false},
-    {name: 'weeklyBackupEnabled', value: 'true', isSynced: false},
-    {name: 'monthlyBackupEnabled', value: 'true', isSynced: false},
-    {name: 'maxContentWidth', value: '1200', isSynced: false},
-    {name: 'compressImages', value: 'true', isSynced: true},
-    {name: 'downloadImagesAutomatically', value: 'true', isSynced: true},
-    {name: 'minTocHeadings', value: '5', isSynced: true},
-    {name: 'highlightsList', value: '["bold","italic","underline","color","bgColor"]', isSynced: true},
-    {name: 'checkForUpdates', value: 'true', isSynced: true},
-    {name: 'disableTray', value: 'false', isSynced: false},
-    {name: 'eraseUnusedAttachmentsAfterSeconds', value: '2592000', isSynced: true},
-    {name: 'customSearchEngineName', value: 'DuckDuckGo', isSynced: true},
-    {name: 'customSearchEngineUrl', value: 'https://duckduckgo.com/?q={keyword}', isSynced: true},
-    {name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true},
-    {name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true},
-    {name: 'totpEnabled', value: 'false', isSynced: true},
-    {name: 'encryptedRecoveryCodes', value: 'false', isSynced: true},
-    {name: 'userSubjectIdentifierSaved', value: 'false', isSynced: true},
-    {name: 'oAuthEnabled', value: 'false', isSynced: true},
+    { name: 'revisionSnapshotTimeInterval', value: '600', isSynced: true },
+    { name: 'protectedSessionTimeout', value: '600', isSynced: true },
+    { name: 'zoomFactor', value: process.platform === "win32" ? '0.9' : '1.0', isSynced: false },
+    { name: 'overrideThemeFonts', value: 'false', isSynced: false },
+    { name: 'mainFontFamily', value: 'theme', isSynced: false },
+    { name: 'mainFontSize', value: '100', isSynced: false },
+    { name: 'treeFontFamily', value: 'theme', isSynced: false },
+    { name: 'treeFontSize', value: '100', isSynced: false },
+    { name: 'detailFontFamily', value: 'theme', isSynced: false },
+    { name: 'detailFontSize', value: '110', isSynced: false },
+    { name: 'monospaceFontFamily', value: 'theme', isSynced: false },
+    { name: 'monospaceFontSize', value: '110', isSynced: false },
+    { name: 'spellCheckEnabled', value: 'true', isSynced: false },
+    { name: 'spellCheckLanguageCode', value: 'en-US', isSynced: false },
+    { name: 'imageMaxWidthHeight', value: '2000', isSynced: true },
+    { name: 'imageJpegQuality', value: '75', isSynced: true },
+    { name: 'autoFixConsistencyIssues', value: 'true', isSynced: false },
+    { name: 'vimKeymapEnabled', value: 'false', isSynced: false },
+    { name: 'codeLineWrapEnabled', value: 'true', isSynced: false },
+    { name: 'codeNotesMimeTypes', value: '["text/x-csrc","text/x-c++src","text/x-csharp","text/css","text/x-go","text/x-groovy","text/x-haskell","text/html","message/http","text/x-java","application/javascript;env=frontend","application/javascript;env=backend","application/json","text/x-kotlin","text/x-markdown","text/x-perl","text/x-php","text/x-python","text/x-ruby",null,"text/x-sql","text/x-sqlite;schema=trilium","text/x-swift","text/xml","text/x-yaml","text/x-sh"]', isSynced: true },
+    { name: 'leftPaneWidth', value: '25', isSynced: false },
+    { name: 'leftPaneVisible', value: 'true', isSynced: false },
+    { name: 'rightPaneWidth', value: '25', isSynced: false },
+    { name: 'rightPaneVisible', value: 'true', isSynced: false },
+    { name: 'nativeTitleBarVisible', value: 'false', isSynced: false },
+    { name: 'eraseEntitiesAfterTimeInSeconds', value: '604800', isSynced: true }, // default is 7 days
+    { name: 'hideArchivedNotes_main', value: 'false', isSynced: false },
+    { name: 'debugModeEnabled', value: 'false', isSynced: false },
+    { name: 'headingStyle', value: 'underline', isSynced: true },
+    { name: 'autoCollapseNoteTree', value: 'true', isSynced: true },
+    { name: 'autoReadonlySizeText', value: '10000', isSynced: false },
+    { name: 'autoReadonlySizeCode', value: '30000', isSynced: false },
+    { name: 'dailyBackupEnabled', value: 'true', isSynced: false },
+    { name: 'weeklyBackupEnabled', value: 'true', isSynced: false },
+    { name: 'monthlyBackupEnabled', value: 'true', isSynced: false },
+    { name: 'maxContentWidth', value: '1200', isSynced: false },
+    { name: 'compressImages', value: 'true', isSynced: true },
+    { name: 'downloadImagesAutomatically', value: 'true', isSynced: true },
+    { name: 'minTocHeadings', value: '5', isSynced: true },
+    { name: 'highlightsList', value: '["bold","italic","underline","color","bgColor"]', isSynced: true },
+    { name: 'checkForUpdates', value: 'true', isSynced: true },
+    { name: 'disableTray', value: 'false', isSynced: false },
+    { name: 'eraseUnusedAttachmentsAfterSeconds', value: '2592000', isSynced: true },
+    { name: 'customSearchEngineName', value: 'DuckDuckGo', isSynced: true },
+    { name: 'customSearchEngineUrl', value: 'https://duckduckgo.com/?q={keyword}', isSynced: true },
+    { name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true },
+    { name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true },
+    { name: 'totpEnabled', value: 'false', isSynced: true},
+    { name: 'encryptedRecoveryCodes', value: 'false', isSynced: true},
+    { name: 'userSubjectIdentifierSaved', value: 'false', isSynced: true},
+    { name: 'oAuthEnabled', value: 'false', isSynced: true},
 ];
 
 function initStartupOptions() {
@@ -127,32 +117,27 @@ function initStartupOptions() {
     }
 
     if (process.env.TRILIUM_START_NOTE_ID || process.env.TRILIUM_SAFE_MODE) {
-        optionService.setOption(
-            'openNoteContexts',
-            JSON.stringify([
-                {
-                    notePath: process.env.TRILIUM_START_NOTE_ID || 'root',
-                    active: true,
-                },
-            ])
-        );
+        optionService.setOption('openNoteContexts', JSON.stringify([
+            {
+                notePath: process.env.TRILIUM_START_NOTE_ID || 'root',
+                active: true
+            }
+        ]));
     }
 }
 
 function getKeyboardDefaultOptions() {
-    return (
-        keyboardActions.DEFAULT_KEYBOARD_ACTIONS.filter(
-            (ka) => !!ka.actionName
-        ) as KeyboardShortcutWithRequiredActionName[]
-    ).map((ka) => ({
-        name: `keyboardShortcuts${ka.actionName.charAt(0).toUpperCase()}${ka.actionName.slice(1)}`,
-        value: JSON.stringify(ka.defaultShortcuts),
-        isSynced: false,
-    }));
+    return (keyboardActions.DEFAULT_KEYBOARD_ACTIONS
+        .filter(ka => !!ka.actionName) as KeyboardShortcutWithRequiredActionName[])
+        .map(ka => ({
+            name: `keyboardShortcuts${ka.actionName.charAt(0).toUpperCase()}${ka.actionName.slice(1)}`,
+            value: JSON.stringify(ka.defaultShortcuts),
+            isSynced: false
+        }));
 }
 
 export = {
     initDocumentOptions,
     initNotSyncedOptions,
-    initStartupOptions,
+    initStartupOptions
 };
diff --git a/src/services/totp.ts b/src/services/totp.ts
index 6a03b24258..edbecdb204 100644
--- a/src/services/totp.ts
+++ b/src/services/totp.ts
@@ -1,5 +1,3 @@
-/** @format */
-
 'use strict';
 
 function getTotpSecret() {
diff --git a/src/views/auth-failed.ejs b/src/views/auth-failed.ejs
deleted file mode 100644
index e30772b59a..0000000000
--- a/src/views/auth-failed.ejs
+++ /dev/null
@@ -1,73 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-
-<head>
-    <meta charset="utf-8" />
-    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
-    <title>Login</title>
-    <link rel="apple-touch-icon" sizes="180x180" href="<%= assetPath %>/images/app-icons/ios/apple-touch-icon.png" />
-    <link rel="shortcut icon" href="favicon.ico" />
-</head>
-
-<body>
-    <div class="container">
-        <div class="col-xs-12 col-sm-10 col-md-6 col-lg-4 col-xl-4 mx-auto" style="padding-top: 25px">
-            <h1>Trilium login</h1>
-
-            <% if (failedAuth) { %>
-                <div class="alert alert-warning">
-                    Password is incorrect. Please try again.
-                </div>
-                <% } %>
-                    <div>
-                        <button href="http://localhost:8080/auth">Login with OAuth</button>
-                    </div>
-        </div>
-    </div>
-
-    <script>
-        // Required for correct loading of scripts in Electron
-        if (typeof module === "object") {
-            window.module = module;
-            module = undefined;
-        }
-
-        let device;
-
-        if (window.location.search === "?desktop") {
-            device = "desktop";
-        } else if (window.location.search === "?mobile") {
-            device = "mobile";
-        } else {
-            device = isMobile() ? "mobile" : "desktop";
-        }
-
-        console.log("Setting device cookie to:", device);
-
-        setCookie("trilium-device", device);
-
-        function setCookie(name, value) {
-            const date = new Date(Date.now() + 10 * 365 * 24 * 60 * 60 * 1000);
-            const expires = "; expires=" + date.toUTCString();
-
-            document.cookie = name + "=" + (value || "") + expires + "; path=/";
-        }
-
-        // https://stackoverflow.com/a/73731646/944162
-        function isMobile() {
-            const mQ = matchMedia?.("(pointer:coarse)");
-            if (mQ?.media === "(pointer:coarse)") return !!mQ.matches;
-
-            if ("orientation" in window) return true;
-
-            return (
-                /\b(BlackBerry|webOS|iPhone|IEMobile)\b/i.test(navigator.userAgent) ||
-                /\b(Android|Windows Phone|iPad|iPod)\b/i.test(navigator.userAgent)
-            );
-        }
-    </script>
-
-    <link href="<%= assetPath %>/libraries/bootstrap/css/bootstrap.min.css" rel="stylesheet" />
-</body>
-
-</html>
\ No newline at end of file
diff --git a/src/views/login.ejs b/src/views/login.ejs
index 88297fc162..1837bd4e42 100644
--- a/src/views/login.ejs
+++ b/src/views/login.ejs
@@ -1,99 +1,92 @@
 <!DOCTYPE html>
 <html lang="en">
-
 <head>
-    <meta charset="utf-8" />
-    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
     <title>Login</title>
-    <link rel="apple-touch-icon" sizes="180x180" href="<%= assetPath %>/images/app-icons/ios/apple-touch-icon.png" />
-    <link rel="shortcut icon" href="favicon.ico" />
+    <link rel="apple-touch-icon" sizes="180x180" href="<%= assetPath %>/images/app-icons/ios/apple-touch-icon.png">
+    <link rel="shortcut icon" href="favicon.ico">
 </head>
-
 <body>
-    <div class="container">
-        <div class="col-xs-12 col-sm-10 col-md-6 col-lg-4 col-xl-4 mx-auto" style="padding-top: 25px">
-            <h1>Trilium login</h1>
-
-            <% if (failedAuth) { %>
-                <div class="alert alert-warning">
-                    Password is incorrect. Please try again.
+<div class="container">
+    <div class="col-xs-12 col-sm-10 col-md-6 col-lg-4 col-xl-4 mx-auto" style="padding-top: 25px;">
+        <h1>Trilium login</h1>
+
+        <% if (failedAuth) { %>
+            <div class="alert alert-warning">
+                Password is incorrect. Please try again.
+            </div>
+        <% } %>
+
+        <form action="login" method="POST">
+            <div class="form-group">
+                <label for="password">Password</label>
+                <div class="controls">
+                    <input id="password" name="password" placeholder="" class="form-control" type="password">
                 </div>
-                <% } %>
-
-                    <form action="login" method="POST">
-                        <div class="form-group">
-                            <label for="password">Password</label>
-                            <div class="controls">
-                                <input id="password" name="password" placeholder="" class="form-control"
-                                    type="password" />
-                            </div>
-                        </div>
-                        <% if( totpEnabled ) { %>
-                            <div class="form-group">
-                                <label for="otp-token">OTP Token</label>
-                                <div class="controls">
-                                    <input id="token" name="token" placeholder="" class="form-control" type="text"
-                                        required />
-                                </div>
-                                <% } %>
-                                    <div class="form-group">
-                                        <div class="checkbox">
-                                            <label>
-                                                <input id="remember-me" name="rememberMe" value="1" type="checkbox" />
-                                                Remember me
-                                            </label>
-                                        </div>
-                                    </div>
-                                    <div class="form-group">
-                                        <button class="btn btn-success">Login</button>
-                                    </div>
-                    </form>
-        </div>
+            </div>
+            <% if( totpEnabled ) { %>
+                <div class="form-group">
+                    <label for="otp-token">OTP Token</label>
+                    <div class="controls">
+                        <input id="token" name="token" placeholder="" class="form-control" type="text"
+                            required />
+                    </div>
+                </div>
+            <% } %>
+            <div class="form-group">
+                <div class="checkbox">
+                    <label>
+                        <input id="remember-me" name="rememberMe" value="1" type="checkbox"> Remember me
+                    </label>
+                </div>
+            </div>
+            <div class="form-group">
+                <button class="btn btn-success">Login</button>
+            </div>
+        </form>
     </div>
+</div>
 
-    <script>
-        // Required for correct loading of scripts in Electron
-        if (typeof module === "object") {
-            window.module = module;
-            module = undefined;
-        }
+<script>
+    // Required for correct loading of scripts in Electron
+    if (typeof module === 'object') {window.module = module; module = undefined;}
 
-        let device;
+    let device;
 
-        if (window.location.search === "?desktop") {
-            device = "desktop";
-        } else if (window.location.search === "?mobile") {
-            device = "mobile";
-        } else {
-            device = isMobile() ? "mobile" : "desktop";
-        }
+    if (window.location.search === '?desktop') {
+        device = "desktop";
+    }
+    else if (window.location.search === '?mobile') {
+        device = "mobile";
+    }
+    else {
+        device = isMobile() ? "mobile" : "desktop";
+    }
 
-        console.log("Setting device cookie to:", device);
+    console.log("Setting device cookie to:", device);
 
-        setCookie("trilium-device", device);
+    setCookie("trilium-device", device);
 
-        function setCookie(name, value) {
-            const date = new Date(Date.now() + 10 * 365 * 24 * 60 * 60 * 1000);
-            const expires = "; expires=" + date.toUTCString();
+    function setCookie(name, value) {
+        const date = new Date(Date.now() + 10 * 365 * 24 * 60 * 60 * 1000);
+        const expires = "; expires=" + date.toUTCString();
 
-            document.cookie = name + "=" + (value || "") + expires + "; path=/";
-        }
+        document.cookie = name + "=" + (value || "")  + expires + "; path=/";
+    }
 
-        // https://stackoverflow.com/a/73731646/944162
-        function isMobile() {
-            const mQ = matchMedia?.("(pointer:coarse)");
-            if (mQ?.media === "(pointer:coarse)") return !!mQ.matches;
+    // https://stackoverflow.com/a/73731646/944162
+    function isMobile() {
+        const mQ = matchMedia?.('(pointer:coarse)');
+        if (mQ?.media === '(pointer:coarse)') return !!mQ.matches;
 
-            if ("orientation" in window) return true;
+        if ('orientation' in window) return true;
 
-            return (
-                /\b(BlackBerry|webOS|iPhone|IEMobile)\b/i.test(navigator.userAgent) ||
-                /\b(Android|Windows Phone|iPad|iPod)\b/i.test(navigator.userAgent)
-            );
-        }
-    </script>
+        return /\b(BlackBerry|webOS|iPhone|IEMobile)\b/i.test(navigator.userAgent) ||
+            /\b(Android|Windows Phone|iPad|iPod)\b/i.test(navigator.userAgent);
+    }
+</script>
 
-    <link href="<%= assetPath %>/libraries/bootstrap/css/bootstrap.min.css" rel="stylesheet" />
+<link href="<%= assetPath %>/libraries/bootstrap/css/bootstrap.min.css" rel="stylesheet">
 </body>
-
-</html>
\ No newline at end of file
+</html>

From 5535252cfe20490728a8cdf59f76d27ccd859b96 Mon Sep 17 00:00:00 2001
From: Chesspro13 <chesspro13@gmail.com>
Date: Fri, 31 May 2024 12:37:41 -0700
Subject: [PATCH 49/63] Switched from unmaintained library "Speakeasy" to
 "time2fa"

---
 package.json                           |  2 +-
 src/routes/api/totp.ts                 | 10 +++---
 src/routes/login.ts                    | 43 ++++++++------------------
 src/services/encryption/totp_secret.ts | 18 ++++++++++-
 4 files changed, 36 insertions(+), 37 deletions(-)

diff --git a/package.json b/package.json
index 8990013e29..310a1651d2 100644
--- a/package.json
+++ b/package.json
@@ -100,10 +100,10 @@
     "semver": "7.6.0",
     "serve-favicon": "2.5.0",
     "session-file-store": "1.5.0",
-    "speakeasy": "^2.0.0",
     "split.js": "1.6.5",
     "stream-throttle": "0.1.3",
     "striptags": "3.2.0",
+    "time2fa": "^1.3.0",
     "tmp": "0.2.3",
     "tree-kill": "1.2.2",
     "turndown": "7.1.2",
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index 3ce23fc5b9..031d022192 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -1,8 +1,8 @@
 import options = require('../../services/options');
-const speakeasy = require('speakeasy');
+import {generateSecret} from 'time2fa';
 
-function generateSecret() {
-    return {success: 'true', message: speakeasy.generateSecret().base32};
+function generateTOTPSecret() {
+    return {success: 'true', message: generateSecret()};
 }
 
 function getTotpEnabled() {
@@ -35,9 +35,9 @@ function getSecret() {
 }
 
 export = {
-    generateSecret,
+    generateSecret: generateTOTPSecret,
     getTOTPStatus,
     enableTOTP,
     disableTOTP,
-    getSecret,
+    getSecret
 };
diff --git a/src/routes/login.ts b/src/routes/login.ts
index d6b1d5142f..3069639d8d 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -1,4 +1,4 @@
-"use strict";
+'use strict';
 
 import utils = require('../services/utils');
 import optionService = require('../services/options');
@@ -12,15 +12,14 @@ import openID = require('../services/encryption/open_id');
 import assetPath = require('../services/asset_path');
 import appPath = require('../services/app_path');
 import ValidationError = require('../errors/validation_error');
-import { Request, Response } from 'express';
-import { AppRequest } from './route-interface';
-const speakeasy = require('speakeasy');
+import {Request, Response} from 'express';
+import {AppRequest} from './route-interface';
+import totp = require('../services/encryption/totp_secret');
 
 function loginPage(req: Request, res: Response) {
     res.render('login', {
         failedAuth: false,
-        totpEnabled: optionService.getOptionBool('totpEnabled')
-            && totp_secret.checkForTotSecret(),
+        totpEnabled: optionService.getOptionBool('totpEnabled') && totp_secret.checkForTotSecret(),
         assetPath: assetPath,
         appPath: appPath
     });
@@ -36,7 +35,7 @@ function setPasswordPage(req: Request, res: Response) {
 
 function setPassword(req: Request, res: Response) {
     if (passwordService.isPasswordSet()) {
-        throw new ValidationError("Password has been already set");
+        throw new ValidationError('Password has been already set');
     }
 
     let {password1, password2} = req.body;
@@ -48,7 +47,7 @@ function setPassword(req: Request, res: Response) {
     if (password1 !== password2) {
         error = "Entered passwords don't match.";
     } else if (password1.length < 4) {
-        error = "Password must be at least 4 characters long.";
+        error = 'Password must be at least 4 characters long.';
     }
 
     if (error) {
@@ -69,7 +68,6 @@ function login(req: AppRequest, res: Response) {
     const guessedTotp = req.body.token;
 
     if (verifyPassword(guessedPassword)) {
-
         if (!verifyPassword(guessedPassword)) {
             sendLoginError(req, res);
             return;
@@ -81,12 +79,11 @@ function login(req: AppRequest, res: Response) {
                 return;
             }
 
-        
         const rememberMe = req.body.rememberMe;
 
         req.session.regenerate(() => {
             if (rememberMe) {
-                req.session.cookie.maxAge = 21 * 24 * 3600000;  // 3 weeks
+                req.session.cookie.maxAge = 21 * 24 * 3600000; // 3 weeks
             } else {
                 req.session.cookie.expires = null;
             }
@@ -94,8 +91,7 @@ function login(req: AppRequest, res: Response) {
             req.session.loggedIn = true;
             res.redirect('.');
         });
-    }
-    else {
+    } else {
         // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
         log.info(`WARNING: Wrong password from ${req.ip}, rejecting.`);
 
@@ -106,8 +102,6 @@ function login(req: AppRequest, res: Response) {
     }
 }
 
-
-
 function sendLoginError(req: AppRequest, res: Response) {
     // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
     log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
@@ -115,20 +109,12 @@ function sendLoginError(req: AppRequest, res: Response) {
     res.status(401).render('login', {
         failedAuth: true,
         totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
-        assetPath: assetPath,
+        assetPath: assetPath
     });
 }
 
 function verifyTOTP(guessedToken: string) {
-    const tokenValidates = speakeasy.totp.verify({
-        secret: totp_secret.getTotpSecret(),
-        encoding: 'base32',
-        token: guessedToken,
-        window: 1,
-    });
-
-    if (tokenValidates) 
-        return true;
+    if (totp.validateTOTP(guessedToken)) return true;
 
     const recoveryCodeValidates = recoveryCodeService.verifyRecoveryCode(guessedToken);
 
@@ -147,12 +133,9 @@ function logout(req: AppRequest, res: Response) {
     req.session.regenerate(() => {
         req.session.loggedIn = false;
 
-        if (openIDService.isOpenIDEnabled() && openID.isSubjectIdentifierSaved()) 
-            res.oidc.logout({});
-        else 
-            res.redirect('login');
+        if (openIDService.isOpenIDEnabled() && openID.isSubjectIdentifierSaved()) res.oidc.logout({});
+        else res.redirect('login');
     });
-
 }
 
 export = {
diff --git a/src/services/encryption/totp_secret.ts b/src/services/encryption/totp_secret.ts
index fe8d606b48..65e6c38995 100644
--- a/src/services/encryption/totp_secret.ts
+++ b/src/services/encryption/totp_secret.ts
@@ -5,6 +5,7 @@ import optionService = require('../options');
 import myScryptService = require('./my_scrypt');
 import utils = require('../utils');
 import totpEncryptionService = require('./totp_secret_encryption');
+import {Totp} from 'time2fa';
 
 function isTotpSecretSet() {
     return !!sql.getValue("SELECT value FROM options WHERE name = 'passwordVerificationHash'");
@@ -30,7 +31,22 @@ function setTotpSecret(secret: string) {
     };
 }
 
+function validateTOTP(guessedPasscode: string) {
+    if (process.env.TOTP_SECRET === undefined) return false;
+
+    try {
+        const valid = Totp.validate({
+            passcode: guessedPasscode,
+            secret: process.env.TOTP_SECRET.trim()
+        });
+        return valid;
+    } catch (e) {
+        return false;
+    }
+}
+
 export = {
     isTotpSecretSet,
-    setTotpSecret
+    setTotpSecret,
+    validateTOTP
 };

From 97df8f8137046c6d318ae27c6856e576e5aeb8cb Mon Sep 17 00:00:00 2001
From: Chesspro13 <chesspro13@gmail.com>
Date: Fri, 31 May 2024 12:52:18 -0700
Subject: [PATCH 50/63] Removed depricated functions/files

---
 src/routes/login.ts                           |  2 +-
 src/services/encryption/my_scrypt.ts          | 21 ++------
 src/services/encryption/totp_secret.ts        | 52 -------------------
 .../encryption/totp_secret_encryption.ts      | 27 ----------
 src/services/totp.ts                          | 18 ++++++-
 5 files changed, 21 insertions(+), 99 deletions(-)
 delete mode 100644 src/services/encryption/totp_secret.ts
 delete mode 100644 src/services/encryption/totp_secret_encryption.ts

diff --git a/src/routes/login.ts b/src/routes/login.ts
index 3069639d8d..079cca322c 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -14,7 +14,7 @@ import appPath = require('../services/app_path');
 import ValidationError = require('../errors/validation_error');
 import {Request, Response} from 'express';
 import {AppRequest} from './route-interface';
-import totp = require('../services/encryption/totp_secret');
+import totp = require('../services/totp');
 
 function loginPage(req: Request, res: Response) {
     res.render('login', {
diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index 50734c7135..89987b25cf 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -1,4 +1,4 @@
-"use strict";
+'use strict';
 
 import optionService = require('../options');
 import crypto = require('crypto');
@@ -16,24 +16,11 @@ function getPasswordDerivedKey(password: crypto.BinaryLike) {
 }
 
 function getScryptHash(password: crypto.BinaryLike, salt: crypto.BinaryLike) {
-    const hashed = crypto.scryptSync(password, salt, 32,
-        {N: 16384, r:8, p:1});
+    const hashed = crypto.scryptSync(password, salt, 32, {N: 16384, r: 8, p: 1});
 
     return hashed;
 }
 
-function getTotpSecretVerificationHash(secret: crypto.BinaryLike) {
-    const salt = optionService.getOption('totpSecretVerificationSalt');
-
-    return getScryptHash(secret, salt);
-}
-
-function getTotpSecretDerivedKey(secret: crypto.BinaryLike) {
-    const salt = optionService.getOption('totpSecretDerivedKeySalt');
-
-    return getScryptHash(secret, salt);
-}
-
 function getSubjectIdentifierVerificationHash(password: crypto.BinaryLike) {
     const salt = optionService.getOption('subjectIdentifierVerificationSalt');
 
@@ -49,8 +36,6 @@ function getSubjectIdentifierDerivedKey(subjectIdentifer: crypto.BinaryLike) {
 export = {
     getVerificationHash,
     getPasswordDerivedKey,
-    getTotpSecretVerificationHash,
-    getTotpSecretDerivedKey,
     getSubjectIdentifierVerificationHash,
-    getSubjectIdentifierDerivedKey,
+    getSubjectIdentifierDerivedKey
 };
diff --git a/src/services/encryption/totp_secret.ts b/src/services/encryption/totp_secret.ts
deleted file mode 100644
index 65e6c38995..0000000000
--- a/src/services/encryption/totp_secret.ts
+++ /dev/null
@@ -1,52 +0,0 @@
-'use strict';
-
-import sql = require('../sql');
-import optionService = require('../options');
-import myScryptService = require('./my_scrypt');
-import utils = require('../utils');
-import totpEncryptionService = require('./totp_secret_encryption');
-import {Totp} from 'time2fa';
-
-function isTotpSecretSet() {
-    return !!sql.getValue("SELECT value FROM options WHERE name = 'passwordVerificationHash'");
-}
-
-function setTotpSecret(secret: string) {
-    if (isTotpSecretSet()) {
-        throw new Error("TOTP Secret is set already. Either change it or perform 'reset TOTP' first.");
-    }
-
-    optionService.setOption('totpSecretVerificationSalt', utils.randomSecureToken(32));
-    optionService.setOption('totpSecretDerivedKeySalt', utils.randomSecureToken(32));
-
-    const totpSecretVerificationKey = utils.toBase64(myScryptService.getTotpSecretVerificationHash(secret));
-    optionService.setOption('totpSecretVerificationHash', totpSecretVerificationKey);
-
-    optionService.setOption('encryptedTotpSecretDataKey', '');
-
-    totpEncryptionService.setDataKey(secret, utils.randomSecureToken(16));
-
-    return {
-        success: true
-    };
-}
-
-function validateTOTP(guessedPasscode: string) {
-    if (process.env.TOTP_SECRET === undefined) return false;
-
-    try {
-        const valid = Totp.validate({
-            passcode: guessedPasscode,
-            secret: process.env.TOTP_SECRET.trim()
-        });
-        return valid;
-    } catch (e) {
-        return false;
-    }
-}
-
-export = {
-    isTotpSecretSet,
-    setTotpSecret,
-    validateTOTP
-};
diff --git a/src/services/encryption/totp_secret_encryption.ts b/src/services/encryption/totp_secret_encryption.ts
deleted file mode 100644
index 7e09fd3bf0..0000000000
--- a/src/services/encryption/totp_secret_encryption.ts
+++ /dev/null
@@ -1,27 +0,0 @@
-import optionService = require('../options');
-import myScryptService = require('./my_scrypt');
-import utils = require('../utils');
-import dataEncryptionService = require('./data_encryption');
-
-function setDataKey(secret: string, plainTextDataKey: string | Buffer) {
-    const totpSecretDerivedKey = myScryptService.getTotpSecretDerivedKey(secret);
-
-    const newEncryptedDataKey = dataEncryptionService.encrypt(totpSecretDerivedKey, plainTextDataKey);
-
-    optionService.setOption('encryptedTotpSecretDataKey', newEncryptedDataKey);
-}
-
-function getDataKey(secret: string) {
-    const totpSecretDerivedKey = myScryptService.getTotpSecretDerivedKey(secret);
-
-    const encryptedDataKey = optionService.getOption('encryptedTotpSecretDataKey');
-
-    const decryptedDataKey = dataEncryptionService.decrypt(totpSecretDerivedKey, encryptedDataKey);
-
-    return decryptedDataKey;
-}
-
-export = {
-    getDataKey,
-    setDataKey
-};
diff --git a/src/services/totp.ts b/src/services/totp.ts
index edbecdb204..9c51bb619a 100644
--- a/src/services/totp.ts
+++ b/src/services/totp.ts
@@ -1,5 +1,7 @@
 'use strict';
 
+import {Totp} from 'time2fa';
+
 function getTotpSecret() {
     return process.env.TOTP_SECRET;
 }
@@ -9,4 +11,18 @@ function checkForTotSecret() {
     else return false;
 }
 
-export = {getTotpSecret, checkForTotSecret};
+function validateTOTP(guessedPasscode: string) {
+    if (process.env.TOTP_SECRET === undefined) return false;
+
+    try {
+        const valid = Totp.validate({
+            passcode: guessedPasscode,
+            secret: process.env.TOTP_SECRET.trim()
+        });
+        return valid;
+    } catch (e) {
+        return false;
+    }
+}
+
+export = {getTotpSecret, checkForTotSecret, validateTOTP};

From 124cac47d88f895ce4846794d252d8857c04e77c Mon Sep 17 00:00:00 2001
From: Chesspro13 <chesspro13@gmail.com>
Date: Thu, 6 Jun 2024 15:06:28 -0700
Subject: [PATCH 51/63] Refactoring

---
 src/services/auth.ts    | 145 +++++++++++++++++++++++++---------------
 src/services/open_id.ts | 113 ++++++++++++++++++++-----------
 2 files changed, 165 insertions(+), 93 deletions(-)

diff --git a/src/services/auth.ts b/src/services/auth.ts
index cad9e75d14..6f7261cfec 100644
--- a/src/services/auth.ts
+++ b/src/services/auth.ts
@@ -1,52 +1,80 @@
 "use strict";
 
-import etapiTokenService = require('./etapi_tokens');
-import log = require('./log');
-import sqlInit = require('./sql_init');
-import utils = require('./utils');
-import passwordEncryptionService = require('./encryption/password_encryption');
-import config = require('./config');
-import passwordService = require('./encryption/password');
-import type { NextFunction, Request, Response } from 'express';
-import { AppRequest } from '../routes/route-interface';
-import openID = require('./open_id');
-import openIdService = require('../services/encryption/open_id');
-import openIDEncryptionService = require('../services/encryption/open_id_encryption');
-
-const noAuthentication = config.General && config.General.noAuthentication === true;
+import etapiTokenService = require("./etapi_tokens");
+import log = require("./log");
+import sqlInit = require("./sql_init");
+import utils = require("./utils");
+import passwordEncryptionService = require("./encryption/password_encryption");
+import config = require("./config");
+import passwordService = require("./encryption/password");
+import type { NextFunction, Request, Response } from "express";
+import { AppRequest } from "../routes/route-interface";
+import openID = require("./open_id");
+import openIdService = require("../services/encryption/open_id");
+import openIDEncryptionService = require("../services/encryption/open_id_encryption");
+
+const noAuthentication =
+    config.General && config.General.noAuthentication === true;
 
 function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
     if (!sqlInit.isDbInitialized()) {
         res.redirect("setup");
-    }else if (openID.isOpenIDEnabled() && openID.getOAuthStatus().message) {
-        if (openIdService.isSubjectIdentifierSaved() && req.oidc !== undefined) {
-            const result = req.oidc.fetchUserInfo().then((result) => {
-                if (openIDEncryptionService.verifyOpenIDSubjectIdentifier(result.sub)) {
-                    req.session.loggedIn = true;
-                    next();
-                } else {
-                    req.session.loggedIn = false;
-                    res.oidc.logout({});
-                }
-            });
-        } else {
+    } else if (openID.checkOpenIDRequirements()) {
+        // }else if (openID.isOpenIDEnabled() && openID.getOAuthStatus().message) {
+        // console.log("SLKDJLKJSDFl");
+        if (req.oidc.isAuthenticated()) {
+            openID.doStuff();
+            req.oidc
+                .fetchUserInfo()
+                .then((a) => console.log("YAY"))
+                .catch((f) => console.log("OH NOOO"));
+            req.session.loggedIn = true;
             next();
+        } else {
+            req.session.loggedIn = false;
+            res.oidc.login({});
         }
-    }else if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
+        // if (
+        //     openIdService.isSubjectIdentifierSaved() &&
+        //     req.oidc !== undefined
+        // ) {
+        //     const result = req.oidc.fetchUserInfo().then((result) => {
+        //         if (
+        //             openIDEncryptionService.verifyOpenIDSubjectIdentifier(
+        //                 result.sub
+        //             )
+        //         ) {
+        //             req.session.loggedIn = true;
+        //             next();
+        //         } else {
+        //             req.session.loggedIn = false;
+        //             res.oidc.logout({});
+        //         }
+        //     });
+        // } else {
+        //     next();
+        // }
+    } else if (
+        !req.session.loggedIn &&
+        !utils.isElectron() &&
+        !noAuthentication
+    ) {
         res.redirect("login");
-    }
-    else {
+    } else {
         next();
     }
 }
 
 // for electron things which need network stuff
 //  currently, we're doing that for file upload because handling form data seems to be difficult
-function checkApiAuthOrElectron(req: AppRequest, res: Response, next: NextFunction) {
+function checkApiAuthOrElectron(
+    req: AppRequest,
+    res: Response,
+    next: NextFunction
+) {
     if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
         reject(req, res, "Logged in session not found");
-    }
-    else {
+    } else {
         next();
     }
 }
@@ -54,17 +82,19 @@ function checkApiAuthOrElectron(req: AppRequest, res: Response, next: NextFuncti
 function checkApiAuth(req: AppRequest, res: Response, next: NextFunction) {
     if (!req.session.loggedIn && !noAuthentication) {
         reject(req, res, "Logged in session not found");
-    }
-    else {
+    } else {
         next();
     }
 }
 
-function checkAppInitialized(req: AppRequest, res: Response, next: NextFunction) {
+function checkAppInitialized(
+    req: AppRequest,
+    res: Response,
+    next: NextFunction
+) {
     if (!sqlInit.isDbInitialized()) {
         res.redirect("setup");
-    }
-    else {
+    } else {
         next();
     }
 }
@@ -77,7 +107,11 @@ function checkPasswordSet(req: AppRequest, res: Response, next: NextFunction) {
     }
 }
 
-function checkPasswordNotSet(req: AppRequest, res: Response, next: NextFunction) {
+function checkPasswordNotSet(
+    req: AppRequest,
+    res: Response,
+    next: NextFunction
+) {
     if (!utils.isElectron() && passwordService.isPasswordSet()) {
         res.redirect("login");
     } else {
@@ -85,11 +119,14 @@ function checkPasswordNotSet(req: AppRequest, res: Response, next: NextFunction)
     }
 }
 
-function checkAppNotInitialized(req: AppRequest, res: Response, next: NextFunction) {
+function checkAppNotInitialized(
+    req: AppRequest,
+    res: Response,
+    next: NextFunction
+) {
     if (sqlInit.isDbInitialized()) {
         reject(req, res, "App already initialized.");
-    }
-    else {
+    } else {
         next();
     }
 }
@@ -97,8 +134,7 @@ function checkAppNotInitialized(req: AppRequest, res: Response, next: NextFuncti
 function checkEtapiToken(req: AppRequest, res: Response, next: NextFunction) {
     if (etapiTokenService.isValidAuthHeader(req.headers.authorization)) {
         next();
-    }
-    else {
+    } else {
         reject(req, res, "Token not found");
     }
 }
@@ -106,38 +142,37 @@ function checkEtapiToken(req: AppRequest, res: Response, next: NextFunction) {
 function reject(req: AppRequest, res: Response, message: string) {
     log.info(`${req.method} ${req.path} rejected with 401 ${message}`);
 
-    res.setHeader("Content-Type", "text/plain")
-        .status(401)
-        .send(message);
+    res.setHeader("Content-Type", "text/plain").status(401).send(message);
 }
 
 function checkCredentials(req: AppRequest, res: Response, next: NextFunction) {
     if (!sqlInit.isDbInitialized()) {
         res.setHeader("Content-Type", "text/plain")
             .status(400)
-            .send('Database is not initialized yet.');
+            .send("Database is not initialized yet.");
         return;
     }
 
     if (!passwordService.isPasswordSet()) {
         res.setHeader("Content-Type", "text/plain")
             .status(400)
-            .send('Password has not been set yet. Please set a password and repeat the action');
+            .send(
+                "Password has not been set yet. Please set a password and repeat the action"
+            );
         return;
     }
 
-    const header = req.headers['trilium-cred'] || '';
-    const auth = Buffer.from(header, 'base64').toString();
-    const colonIndex = auth.indexOf(':');
+    const header = req.headers["trilium-cred"] || "";
+    const auth = Buffer.from(header, "base64").toString();
+    const colonIndex = auth.indexOf(":");
     const password = colonIndex === -1 ? "" : auth.substr(colonIndex + 1);
     // username is ignored
 
     if (!passwordEncryptionService.verifyPassword(password)) {
         res.setHeader("Content-Type", "text/plain")
             .status(401)
-            .send('Incorrect password');
-    }
-    else {
+            .send("Incorrect password");
+    } else {
         next();
     }
 }
@@ -151,5 +186,5 @@ export = {
     checkAppNotInitialized,
     checkApiAuthOrElectron,
     checkEtapiToken,
-    checkCredentials
+    checkCredentials,
 };
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index d6acf1083c..64191f2c97 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -1,11 +1,12 @@
-import OpenIDError = require('../errors/open_id_error');
-import {NextFunction, Request, Response} from 'express';
-import openIDService = require('./encryption/open_id');
-import options = require('./options');
+import OpenIDError = require("../errors/open_id_error");
+import { NextFunction, Request, Response } from "express";
+import openIDService = require("./encryption/open_id");
+import options = require("./options");
+import { Session, auth } from "express-openid-connect";
 
 function isOpenIDEnabled() {
     try {
-        return options.getOptionBool('oAuthEnabled');
+        return options.getOptionBool("oAuthEnabled");
     } catch (e) {
         return false;
     }
@@ -13,60 +14,73 @@ function isOpenIDEnabled() {
 
 function checkOpenIDRequirements() {
     if (process.env.OAUTH_ENABLED === undefined) return false;
-    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== 'true') return false;
-
-    if (process.env.BASE_URL === undefined) throw new OpenIDError('BASE_URL is undefined in .env!');
-    if (process.env.CLIENT_ID === undefined) throw new OpenIDError('CLIENT_ID is undefined in .env!');
-    if (process.env.ISSUER_BASE_URL === undefined) throw new OpenIDError('ISSUER_BASE_URL is undefined in .env!');
-    if (process.env.SECRET === undefined) throw new OpenIDError('SECRET is undefined in .env!');
-    if (process.env.AUTH_0_LOGOUT === undefined) throw new OpenIDError('AUTH_0_LOGOUT is undefined in .env!');
+    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
+
+    if (process.env.BASE_URL === undefined)
+        throw new OpenIDError("BASE_URL is undefined in .env!");
+    if (process.env.CLIENT_ID === undefined)
+        throw new OpenIDError("CLIENT_ID is undefined in .env!");
+    if (process.env.ISSUER_BASE_URL === undefined)
+        throw new OpenIDError("ISSUER_BASE_URL is undefined in .env!");
+    if (process.env.SECRET === undefined)
+        throw new OpenIDError("SECRET is undefined in .env!");
+    if (process.env.AUTH_0_LOGOUT === undefined)
+        throw new OpenIDError("AUTH_0_LOGOUT is undefined in .env!");
 
     return true;
 }
 
 function enableOAuth() {
-    if (!getOauthEnv()) return {success: false, message: 'OAuth Not Enabled'};
+    if (!getOauthEnv()) return { success: false, message: "OAuth Not Enabled" };
 
-    options.setOption('oAuthEnabled', true);
-    options.setOption('totpEnabled', false);
+    options.setOption("oAuthEnabled", true);
+    options.setOption("totpEnabled", false);
 
-    return {success: true, message: 'OAuth Enabled'};
+    return { success: true, message: "OAuth Enabled" };
 }
 
 function disableOAuth() {
-    options.setOption('oAuthEnabled', false);
-    return {success: true, message: 'OAuth Disabled'};
+    options.setOption("oAuthEnabled", false);
+    return { success: true, message: "OAuth Disabled" };
 }
 
 function getOauthEnv() {
     if (process.env.OAUTH_ENABLED === undefined) return false;
-    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== 'true') return false;
+    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
 
     return true;
 }
 
 function getOAuthStatus() {
-    return {success: true, message: options.getOptionBool('oAuthEnabled'), enabled: getOauthEnv()};
+    return {
+        success: true,
+        message: options.getOptionBool("oAuthEnabled"),
+        enabled: getOauthEnv(),
+    };
 }
 
 function authenticateUser(req: Request, res: Response, next: NextFunction) {
     // TODO: Add validity
-    if (openIDService.isSubjectIdentifierSaved()) return {success: false, message: 'User ID already saved!'};
+    if (openIDService.isSubjectIdentifierSaved())
+        return { success: false, message: "User ID already saved!" };
 
     if (req.oidc !== undefined) {
         const result = req.oidc
             .fetchUserInfo()
             .then((result) => {
                 openIDService.saveSubjectIdentifier(result.sub);
-                return {success: true, message: 'User ' + req.oidc.user?.name + ' saved!'};
+                return {
+                    success: true,
+                    message: "User " + req.oidc.user?.name + " saved!",
+                };
             })
             .catch((result) => {
-                return {success: false, message: 'Need to login again!'};
+                return { success: false, message: "Need to login again!" };
             });
         return result;
     } else {
-        console.log('Access token Invalid!');
-        return {success: false, message: 'Access token Invalid!'};
+        console.log("Access token Invalid!");
+        return { success: false, message: "Access token Invalid!" };
     }
 }
 
@@ -77,33 +91,45 @@ function isTokenValid(req: Request, res: Response, next: NextFunction) {
         const result = req.oidc
             .fetchUserInfo()
             .then((result) => {
-                return {success: true, message: 'Token is valid', user: userStatus};
+                return {
+                    success: true,
+                    message: "Token is valid",
+                    user: userStatus,
+                };
             })
             .catch((result) => {
-                return {success: false, message: 'Token is not valid', user: userStatus};
+                return {
+                    success: false,
+                    message: "Token is not valid",
+                    user: userStatus,
+                };
             });
         return result;
     } else {
-        return {success: false, message: 'Token not set up', user: userStatus};
+        return {
+            success: false,
+            message: "Token not set up",
+            user: userStatus,
+        };
     }
 }
 
 function checkAuth0Logout() {
     if (process.env.AUTH_0_LOGOUT === undefined) return false;
-    if (process.env.AUTH_0_LOGOUT.toLocaleLowerCase() === 'true') return true;
+    if (process.env.AUTH_0_LOGOUT.toLocaleLowerCase() === "true") return true;
     return false;
 }
 
 function generateOAuthConfig() {
     const authRoutes = {
-        callback: '/callback',
-        login: '/authenticate',
-        postLogoutRedirect: '/login',
-        logout: '/logout',
+        callback: "/callback",
+        login: "/authenticate",
+        postLogoutRedirect: "/login",
+        logout: "/logout",
     };
 
     const logoutParams = {
-        end_session_endpoint: '/end-session/',
+        // end_session_endpoint: "/end-session/",
     };
 
     const authConfig = {
@@ -114,17 +140,27 @@ function generateOAuthConfig() {
         issuerBaseURL: process.env.ISSUER_BASE_URL,
         secret: process.env.SECRET,
         clientSecret: process.env.SECRET,
-        // authorizationParams: {
-        //     response_type: 'code',
-        //     scope: 'openid profile email read:reports',
-        // },
+        authorizationParams: {
+            response_type: "code",
+            scope: "openid profile email",
+        },
         routes: authRoutes,
         idpLogout: true,
         logoutParams: logoutParams,
+        // CookieConfigParams: { path: "/home/chesspro13/" },
+        // afterCallback: doStuff,
     };
     return authConfig;
 }
 
+async function doStuff() {
+    // async function doStuff(req: Request, res: Response, session: Session) {
+    console.log("After Callback");
+    // res.oidc.logout({ returnTo: "/" });
+
+    openIDService.saveSubjectIdentifier("AbCD");
+}
+
 export = {
     generateOAuthConfig,
     getOAuthStatus,
@@ -134,4 +170,5 @@ export = {
     checkOpenIDRequirements,
     authenticateUser,
     isTokenValid,
+    doStuff,
 };

From 2e8350d3c96c07a5cbccb0fe76e003cc6029fc16 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Thu, 6 Jun 2024 21:22:40 -0700
Subject: [PATCH 52/63] Added user_data table to track user ID for oauth

---
 db/schema.sql                                 |    4 +
 .../options/multi_factor_authentication.js    |  329 ++--
 src/routes/routes.ts                          | 1621 ++++++++++++-----
 src/services/auth.ts                          |  243 ++-
 src/services/open_id.ts                       |  240 ++-
 5 files changed, 1533 insertions(+), 904 deletions(-)

diff --git a/db/schema.sql b/db/schema.sql
index 1b4c463211..57a38fb38a 100644
--- a/db/schema.sql
+++ b/db/schema.sql
@@ -62,6 +62,10 @@ CREATE TABLE IF NOT EXISTS "options"
     isSynced INTEGER default 0 not null,
     utcDateModified TEXT NOT NULL
 );
+CREATE TABLE IF NOT EXISTS "user_data"
+(
+    userID TEXT not null PRIMARY KEY
+);
 CREATE TABLE IF NOT EXISTS "attributes"
 (
     attributeId      TEXT not null primary key,
diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 7615218981..815a8c6cac 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -1,6 +1,6 @@
-import server from '../../../services/server.js';
-import toastService from '../../../services/toast.js';
-import OptionsWidget from './options_widget.js';
+import server from "../../../services/server.js";
+import toastService from "../../../services/toast.js";
+import OptionsWidget from "./options_widget.js";
 
 const TPL = `
 <div class="options-section">
@@ -22,7 +22,7 @@ const TPL = `
             <label>
             <b>Enable OAuth/OpenID</b>
             </label>
-            <input type="checkbox" class="oauth-enabled-checkbox" />
+            <input type="checkbox" class="oauth-enabled-checkbox" disabled="true" />
             <span class="env-oauth-enabled" "alert alert-warning" role="alert" style="font-weight: bold; color: red !important;" > </span>
         </div>
         <div>
@@ -91,182 +91,197 @@ const TPL = `
 `;
 
 export default class MultiFactorAuthenticationOptions extends OptionsWidget {
-    doRender() {
-        this.$widget = $(TPL);
+  doRender() {
+    this.$widget = $(TPL);
 
-        this.$regenerateTotpButton = this.$widget.find('.regenerate-totp');
-        this.$totpDetails = this.$widget.find('.totp-details');
-        this.$totpEnabled = this.$widget.find('.totp-enabled');
-        this.$totpSecret = this.$widget.find('.totp-secret');
-        this.$totpSecretInput = this.$widget.find('.totp-secret-input');
-        this.$authenticatorCode = this.$widget.find('.authenticator-code');
-        this.$generateRecoveryCodeButton = this.$widget.find('.generate-recovery-code');
-        this.$oAuthEnabledCheckbox = this.$widget.find('.oauth-enabled-checkbox');
-        this.$saveUserButton = this.$widget.find('.save-user-button');
-        this.$oauthLoginButton = this.$widget.find('.oauth-login-button');
-        this.$tokenStatus = this.$widget.find('.token-status');
-        this.$userStatus = this.$widget.find('.user-status');
-        this.$envEnabledTOTP = this.$widget.find('.env-totp-enabled');
-        this.$envEnabledOAuth = this.$widget.find('.env-oauth-enabled');
+    this.$regenerateTotpButton = this.$widget.find(".regenerate-totp");
+    this.$totpDetails = this.$widget.find(".totp-details");
+    this.$totpEnabled = this.$widget.find(".totp-enabled");
+    this.$totpSecret = this.$widget.find(".totp-secret");
+    this.$totpSecretInput = this.$widget.find(".totp-secret-input");
+    this.$authenticatorCode = this.$widget.find(".authenticator-code");
+    this.$generateRecoveryCodeButton = this.$widget.find(
+      ".generate-recovery-code"
+    );
+    this.$oAuthEnabledCheckbox = this.$widget.find(".oauth-enabled-checkbox");
+    this.$saveUserButton = this.$widget.find(".save-user-button");
+    this.$oauthLoginButton = this.$widget.find(".oauth-login-button");
+    this.$tokenStatus = this.$widget.find(".token-status");
+    this.$userStatus = this.$widget.find(".user-status");
+    this.$envEnabledTOTP = this.$widget.find(".env-totp-enabled");
+    this.$envEnabledOAuth = this.$widget.find(".env-oauth-enabled");
 
-        this.$recoveryKeys = [];
+    this.$recoveryKeys = [];
 
-        for (let i = 0; i < 8; i++) this.$recoveryKeys.push(this.$widget.find('.key_' + i));
+    for (let i = 0; i < 8; i++)
+      this.$recoveryKeys.push(this.$widget.find(".key_" + i));
 
-        this.$totpEnabled.on('change', async () => {
-            this.updateSecret();
-        });
+    this.$totpEnabled.on("change", async () => {
+      this.updateSecret();
+    });
 
-        this.$oAuthEnabledCheckbox.on('change', async () => {
-            this.updateOAuthStatus();
-        });
+    this.$oAuthEnabledCheckbox.on("change", async () => {
+      this.updateOAuthStatus();
+    });
 
-        this.$generateRecoveryCodeButton.on('click', async () => {
-            this.setRecoveryKeys();
-        });
+    this.$generateRecoveryCodeButton.on("click", async () => {
+      this.setRecoveryKeys();
+    });
 
-        this.$regenerateTotpButton.on('click', async () => {
-            this.generateKey();
-        });
+    this.$regenerateTotpButton.on("click", async () => {
+      this.generateKey();
+    });
 
-        this.$saveUserButton.on('click', (async) => {
-            server
-                .get('oauth/authenticate')
-                .then((result) => {
-                    console.log(result.message);
-                    toastService.showMessage(result.message);
-                })
-                .catch((result) => {
-                    console.error(result.message);
-                    toastService.showError(result.message);
-                });
+    this.$saveUserButton.on("click", (async) => {
+      server
+        .get("oauth/authenticate")
+        .then((result) => {
+          console.log(result.message);
+          toastService.showMessage(result.message);
+        })
+        .catch((result) => {
+          console.error(result.message);
+          toastService.showError(result.message);
         });
+    });
 
-        this.$protectedSessionTimeout = this.$widget.find('.protected-session-timeout-in-seconds');
-        this.$protectedSessionTimeout.on('change', () =>
-            this.updateOption('protectedSessionTimeout', this.$protectedSessionTimeout.val())
-        );
+    this.$protectedSessionTimeout = this.$widget.find(
+      ".protected-session-timeout-in-seconds"
+    );
+    this.$protectedSessionTimeout.on("change", () =>
+      this.updateOption(
+        "protectedSessionTimeout",
+        this.$protectedSessionTimeout.val()
+      )
+    );
 
-        this.displayRecoveryKeys();
-    }
+    this.displayRecoveryKeys();
+  }
 
-    async updateSecret() {
-        if (this.$totpEnabled.prop('checked')) server.post('totp/enable');
-        else server.post('totp/disable');
-    }
+  async updateSecret() {
+    if (this.$totpEnabled.prop("checked")) server.post("totp/enable");
+    else server.post("totp/disable");
+  }
 
-    async updateOAuthStatus() {
-        if (this.$oAuthEnabledCheckbox.prop('checked')) server.post('oauth/enable');
-        else server.post('oauth/disable');
-    }
+  async updateOAuthStatus() {
+    if (this.$oAuthEnabledCheckbox.prop("checked")) server.post("oauth/enable");
+    else server.post("oauth/disable");
+  }
 
-    async setRecoveryKeys() {
-        server.get('totp_recovery/generate').then((result) => {
-            if (!result.success) {
-                toastService.showError('Error in revevery code generation!');
-                return;
-            }
-            this.keyFiller(result.recoveryCodes);
-            server.post('totp_recovery/set', {
-                recoveryCodes: result.recoveryCodes,
-            });
-        });
-    }
+  async setRecoveryKeys() {
+    server.get("totp_recovery/generate").then((result) => {
+      if (!result.success) {
+        toastService.showError("Error in revevery code generation!");
+        return;
+      }
+      this.keyFiller(result.recoveryCodes);
+      server.post("totp_recovery/set", {
+        recoveryCodes: result.recoveryCodes,
+      });
+    });
+  }
 
-    async keyFiller(values) {
-        // Forces values to be a string so it doesn't error out when I split.
-        // Will be a non-issue when I update everything to typescript.
-        const keys = (values + '').split(',');
-        for (let i = 0; i < keys.length; i++) this.$recoveryKeys[i].text(keys[i]);
-    }
+  async keyFiller(values) {
+    // Forces values to be a string so it doesn't error out when I split.
+    // Will be a non-issue when I update everything to typescript.
+    const keys = (values + "").split(",");
+    for (let i = 0; i < keys.length; i++) this.$recoveryKeys[i].text(keys[i]);
+  }
 
-    async generateKey() {
-        server.get('totp/generate').then((result) => {
-            if (result.success) {
-                this.$totpSecret.text(result.message);
-            } else {
-                toastService.showError(result.message);
-            }
-        });
-    }
+  async generateKey() {
+    server.get("totp/generate").then((result) => {
+      if (result.success) {
+        this.$totpSecret.text(result.message);
+      } else {
+        toastService.showError(result.message);
+      }
+    });
+  }
 
-    optionsLoaded(options) {
-        server.get('oauth/status').then((result) => {
-            if (result.enabled) {
-                if (result.success) this.$oAuthEnabledCheckbox.prop('checked', result.message);
+  optionsLoaded(options) {
+    // TODO: Rework the logic since I've changed how OAuth works
 
-                this.$oauthLoginButton.prop('disabled', !result.message);
-                this.$saveUserButton.prop('disabled', !result.message);
+    // server.get("oauth/status").then((result) => {
+    //   if (result.enabled) {
+    //     if (result.success)
+    //       this.$oAuthEnabledCheckbox.prop("checked", result.message);
 
-                if (result.message) {
-                    this.$oauthLoginButton.prop('disabled', false);
-                    this.$saveUserButton.prop('disabled', false);
-                    server.get('oauth/validate').then((result) => {
-                        if (result.success) {
-                            this.$tokenStatus.text('Logged in!');
+    //     this.$oauthLoginButton.prop("disabled", !result.message);
+    //     this.$saveUserButton.prop("disabled", !result.message);
 
-                            if (result.user) {
-                                this.$userStatus.text('User saved!');
-                            } else {
-                                this.$saveUserButton.prop('disabled', false);
-                                this.$userStatus.text('User not saved');
-                            }
-                        } else this.$tokenStatus.text('Not logged in!');
-                    });
-                }
-            } else {
-                this.$oAuthEnabledCheckbox.prop('checked', false);
-                this.$oauthLoginButton.prop('disabled', true);
-                this.$saveUserButton.prop('disabled', true);
-                this.$oAuthEnabledCheckbox.prop('disabled', true);
+    //     if (result.message) {
+    //       this.$oauthLoginButton.prop("disabled", false);
+    //       this.$saveUserButton.prop("disabled", false);
+    //       server.get("oauth/validate").then((result) => {
+    //         if (result.success) {
+    //           this.$tokenStatus.text("Logged in!");
 
-                this.$envEnabledOAuth.text('OAUTH_ENABLED is not set in environment variable. Requires restart.');
-            }
-        });
+    //           if (result.user) {
+    //             this.$userStatus.text("User saved!");
+    //           } else {
+    //             this.$saveUserButton.prop("disabled", false);
+    //             this.$userStatus.text("User not saved");
+    //           }
+    //         } else this.$tokenStatus.text("Not logged in!");
+    //       });
+    //     }
+    //   } else {
+    //     this.$oAuthEnabledCheckbox.prop("checked", false);
+    //     this.$oauthLoginButton.prop("disabled", true);
+    //     this.$saveUserButton.prop("disabled", true);
+    //     this.$oAuthEnabledCheckbox.prop("disabled", true);
 
-        server.get('totp/status').then((result) => {
-            if (result.enabled)
-                if (result.success) {
-                    this.$totpEnabled.prop('checked', result.message);
-                    this.$totpSecretInput.prop('disabled', !result.message);
-                    this.$totpSecret.prop('disapbled', !result.message);
-                    this.$regenerateTotpButton.prop('disabled', !result.message);
-                    this.$authenticatorCode.prop('disabled', !result.message);
-                    this.$generateRecoveryCodeButton.prop('disabled', !result.message);
-                } else {
-                    toastService.showError(result.message);
-                }
-            else {
-                this.$totpEnabled.prop('checked', false);
-                this.$totpEnabled.prop('disabled', true);
-                this.$totpSecretInput.prop('disabled', true);
-                this.$totpSecret.prop('disapbled', true);
-                this.$regenerateTotpButton.prop('disabled', true);
-                this.$authenticatorCode.prop('disabled', true);
-                this.$generateRecoveryCodeButton.prop('disabled', true);
+    //     this.$envEnabledOAuth.text(
+    //       "OAuth can only be enabled with environment variables. REQUIRES RESTART"
+    //     );
+    //   }
+    // });
 
-                this.$envEnabledTOTP.text('TOTP_ENABLED is not set in environment variable. Requires restart.');
-            }
-        });
-        this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
-    }
+    server.get("totp/status").then((result) => {
+      if (result.enabled)
+        if (result.success) {
+          this.$totpEnabled.prop("checked", result.message);
+          this.$totpSecretInput.prop("disabled", !result.message);
+          this.$totpSecret.prop("disapbled", !result.message);
+          this.$regenerateTotpButton.prop("disabled", !result.message);
+          this.$authenticatorCode.prop("disabled", !result.message);
+          this.$generateRecoveryCodeButton.prop("disabled", !result.message);
+        } else {
+          toastService.showError(result.message);
+        }
+      else {
+        this.$totpEnabled.prop("checked", false);
+        this.$totpEnabled.prop("disabled", true);
+        this.$totpSecretInput.prop("disabled", true);
+        this.$totpSecret.prop("disapbled", true);
+        this.$regenerateTotpButton.prop("disabled", true);
+        this.$authenticatorCode.prop("disabled", true);
+        this.$generateRecoveryCodeButton.prop("disabled", true);
+
+        this.$envEnabledTOTP.text(
+          "TOTP_ENABLED is not set in environment variable. Requires restart."
+        );
+      }
+    });
+    this.$protectedSessionTimeout.val(options.protectedSessionTimeout);
+  }
 
-    displayRecoveryKeys() {
-        server.get('totp_recovery/enabled').then((result) => {
-            if (!result.success) {
-                this.keyFiller(Array(8).fill('Error generating recovery keys!'));
-                return;
-            }
+  displayRecoveryKeys() {
+    server.get("totp_recovery/enabled").then((result) => {
+      if (!result.success) {
+        this.keyFiller(Array(8).fill("Error generating recovery keys!"));
+        return;
+      }
 
-            if (!result.keysExist) {
-                this.keyFiller(Array(8).fill('No key set'));
-                this.$generateRecoveryCodeButton.text('Generate Recovery Codes');
-                return;
-            }
-        });
-        server.get('totp_recovery/used').then((result) => {
-            this.keyFiller((result.usedRecoveryCodes + '').split(','));
-            this.$generateRecoveryCodeButton.text('Regenerate Recovery Codes');
-        });
-    }
+      if (!result.keysExist) {
+        this.keyFiller(Array(8).fill("No key set"));
+        this.$generateRecoveryCodeButton.text("Generate Recovery Codes");
+        return;
+      }
+    });
+    server.get("totp_recovery/used").then((result) => {
+      this.keyFiller((result.usedRecoveryCodes + "").split(","));
+      this.$generateRecoveryCodeButton.text("Regenerate Recovery Codes");
+    });
+  }
 }
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 3c37d4dc40..565aa87d45 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -1,543 +1,1202 @@
 "use strict";
 
-import utils = require('../services/utils');
-import multer = require('multer');
-import log = require('../services/log');
-import express = require('express');
+import utils = require("../services/utils");
+import multer = require("multer");
+import log = require("../services/log");
+import express = require("express");
 const router = express.Router();
-import auth = require('../services/auth');
-import openID = require('../services/open_id');
-import totp = require('./api/totp');
-import recoveryCodes = require('./api/recovery_codes');
-import cls = require('../services/cls');
-import sql = require('../services/sql');
-import entityChangesService = require('../services/entity_changes');
-import csurf = require('csurf');
+import auth = require("../services/auth");
+import openID = require("../services/open_id");
+import totp = require("./api/totp");
+import recoveryCodes = require("./api/recovery_codes");
+import cls = require("../services/cls");
+import sql = require("../services/sql");
+import entityChangesService = require("../services/entity_changes");
+import csurf = require("csurf");
 import { createPartialContentHandler } from "express-partial-content";
 import rateLimit = require("express-rate-limit");
-import AbstractBeccaEntity = require('../becca/entities/abstract_becca_entity');
-import NotFoundError = require('../errors/not_found_error');
-import ValidationError = require('../errors/validation_error');
+import AbstractBeccaEntity = require("../becca/entities/abstract_becca_entity");
+import NotFoundError = require("../errors/not_found_error");
+import ValidationError = require("../errors/validation_error");
 
 // page routes
-import setupRoute = require('./setup');
-import loginRoute = require('./login');
-import indexRoute = require('./index');
+import setupRoute = require("./setup");
+import loginRoute = require("./login");
+import indexRoute = require("./index");
 
 // API routes
-import treeApiRoute = require('./api/tree');
-import notesApiRoute = require('./api/notes');
-import branchesApiRoute = require('./api/branches');
-import attachmentsApiRoute = require('./api/attachments');
-import autocompleteApiRoute = require('./api/autocomplete');
-import cloningApiRoute = require('./api/cloning');
-import revisionsApiRoute = require('./api/revisions');
-import recentChangesApiRoute = require('./api/recent_changes');
-import optionsApiRoute = require('./api/options');
-import passwordApiRoute = require('./api/password');
-import syncApiRoute = require('./api/sync');
-import loginApiRoute = require('./api/login');
-import recentNotesRoute = require('./api/recent_notes');
-import appInfoRoute = require('./api/app_info');
-import exportRoute = require('./api/export');
-import importRoute = require('./api/import');
-import setupApiRoute = require('./api/setup');
-import sqlRoute = require('./api/sql');
-import databaseRoute = require('./api/database');
-import imageRoute = require('./api/image');
-import attributesRoute = require('./api/attributes');
-import scriptRoute = require('./api/script');
-import senderRoute = require('./api/sender');
-import filesRoute = require('./api/files');
-import searchRoute = require('./api/search');
-import bulkActionRoute = require('./api/bulk_action');
-import specialNotesRoute = require('./api/special_notes');
-import noteMapRoute = require('./api/note_map');
-import clipperRoute = require('./api/clipper');
-import similarNotesRoute = require('./api/similar_notes');
-import keysRoute = require('./api/keys');
-import backendLogRoute = require('./api/backend_log');
-import statsRoute = require('./api/stats');
-import fontsRoute = require('./api/fonts');
-import etapiTokensApiRoutes = require('./api/etapi_tokens');
-import relationMapApiRoute = require('./api/relation-map');
-import otherRoute = require('./api/other');
-import shareRoutes = require('../share/routes');
-
-import etapiAuthRoutes = require('../etapi/auth');
-import etapiAppInfoRoutes = require('../etapi/app_info');
-import etapiAttachmentRoutes = require('../etapi/attachments');
-import etapiAttributeRoutes = require('../etapi/attributes');
-import etapiBranchRoutes = require('../etapi/branches');
-import etapiNoteRoutes = require('../etapi/notes');
-import etapiSpecialNoteRoutes = require('../etapi/special_notes');
-import etapiSpecRoute = require('../etapi/spec');
-import etapiBackupRoute = require('../etapi/backup');
-import { AppRequest, AppRequestHandler } from './route-interface';
+import treeApiRoute = require("./api/tree");
+import notesApiRoute = require("./api/notes");
+import branchesApiRoute = require("./api/branches");
+import attachmentsApiRoute = require("./api/attachments");
+import autocompleteApiRoute = require("./api/autocomplete");
+import cloningApiRoute = require("./api/cloning");
+import revisionsApiRoute = require("./api/revisions");
+import recentChangesApiRoute = require("./api/recent_changes");
+import optionsApiRoute = require("./api/options");
+import passwordApiRoute = require("./api/password");
+import syncApiRoute = require("./api/sync");
+import loginApiRoute = require("./api/login");
+import recentNotesRoute = require("./api/recent_notes");
+import appInfoRoute = require("./api/app_info");
+import exportRoute = require("./api/export");
+import importRoute = require("./api/import");
+import setupApiRoute = require("./api/setup");
+import sqlRoute = require("./api/sql");
+import databaseRoute = require("./api/database");
+import imageRoute = require("./api/image");
+import attributesRoute = require("./api/attributes");
+import scriptRoute = require("./api/script");
+import senderRoute = require("./api/sender");
+import filesRoute = require("./api/files");
+import searchRoute = require("./api/search");
+import bulkActionRoute = require("./api/bulk_action");
+import specialNotesRoute = require("./api/special_notes");
+import noteMapRoute = require("./api/note_map");
+import clipperRoute = require("./api/clipper");
+import similarNotesRoute = require("./api/similar_notes");
+import keysRoute = require("./api/keys");
+import backendLogRoute = require("./api/backend_log");
+import statsRoute = require("./api/stats");
+import fontsRoute = require("./api/fonts");
+import etapiTokensApiRoutes = require("./api/etapi_tokens");
+import relationMapApiRoute = require("./api/relation-map");
+import otherRoute = require("./api/other");
+import shareRoutes = require("../share/routes");
+
+import etapiAuthRoutes = require("../etapi/auth");
+import etapiAppInfoRoutes = require("../etapi/app_info");
+import etapiAttachmentRoutes = require("../etapi/attachments");
+import etapiAttributeRoutes = require("../etapi/attributes");
+import etapiBranchRoutes = require("../etapi/branches");
+import etapiNoteRoutes = require("../etapi/notes");
+import etapiSpecialNoteRoutes = require("../etapi/special_notes");
+import etapiSpecRoute = require("../etapi/spec");
+import etapiBackupRoute = require("../etapi/backup");
+import { AppRequest, AppRequestHandler } from "./route-interface";
 
 const csrfMiddleware = csurf({
-    cookie: {
-        path: ""       // empty, so cookie is valid only for the current path
-    }
+  cookie: {
+    path: "", // empty, so cookie is valid only for the current path
+  },
 });
 
 const MAX_ALLOWED_FILE_SIZE_MB = 250;
-const GET = 'get', PST = 'post', PUT = 'put', PATCH = 'patch', DEL = 'delete';
-
-type ApiResultHandler = (req: express.Request, res: express.Response, result: unknown) => number;
+const GET = "get",
+  PST = "post",
+  PUT = "put",
+  PATCH = "patch",
+  DEL = "delete";
+
+type ApiResultHandler = (
+  req: express.Request,
+  res: express.Response,
+  result: unknown
+) => number;
 
 // TODO: Deduplicate with etapi_utils.ts afterwards.
-type HttpMethod = "all" | "get" | "post" | "put" | "delete" | "patch" | "options" | "head";
+type HttpMethod =
+  | "all"
+  | "get"
+  | "post"
+  | "put"
+  | "delete"
+  | "patch"
+  | "options"
+  | "head";
 
 const uploadMiddleware = createUploadMiddleware();
 
-const uploadMiddlewareWithErrorHandling = function (req: express.Request, res: express.Response, next: express.NextFunction) {
-    uploadMiddleware(req, res, function (err) {
-        if (err?.code === 'LIMIT_FILE_SIZE') {
-            res.setHeader("Content-Type", "text/plain")
-                .status(400)
-                .send(`Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`);
-        }
-        else {
-            next();
-        }
-    });
+const uploadMiddlewareWithErrorHandling = function (
+  req: express.Request,
+  res: express.Response,
+  next: express.NextFunction
+) {
+  uploadMiddleware(req, res, function (err) {
+    if (err?.code === "LIMIT_FILE_SIZE") {
+      res
+        .setHeader("Content-Type", "text/plain")
+        .status(400)
+        .send(
+          `Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`
+        );
+    } else {
+      next();
+    }
+  });
 };
 
 function register(app: express.Application) {
-    route(GET, '/', [auth.checkAuth, csrfMiddleware], indexRoute.index);
-    route(GET, '/login', [auth.checkAppInitialized, auth.checkPasswordSet], loginRoute.loginPage);
-    route(GET, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPasswordPage);
-
-    const loginRateLimiter = rateLimit.rateLimit({
-        windowMs: 15 * 60 * 1000, // 15 minutes
-        max: 10, // limit each IP to 10 requests per windowMs
-        skipSuccessfulRequests: true // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
-    });
-
-    route(PST, '/login', [loginRateLimiter], loginRoute.login);
-    route(PST, '/logout', [csrfMiddleware, auth.checkAuth], loginRoute.logout);
-    route(PST, '/set-password', [auth.checkAppInitialized, auth.checkPasswordNotSet], loginRoute.setPassword);
-    route(GET, '/setup', [], setupRoute.setupPage);
-
-    apiRoute(GET, '/api/totp/generate', totp.generateSecret);
-    apiRoute(GET, '/api/totp/status', totp.getTOTPStatus);
-    apiRoute(PST, '/api/totp/enable', totp.enableTOTP);
-    apiRoute(PST, '/api/totp/disable', totp.disableTOTP);
-    apiRoute(GET, '/api/totp/get', totp.getSecret);
-
-    apiRoute(GET, '/api/oauth/status', openID.getOAuthStatus);
-    apiRoute(PST, '/api/oauth/enable', openID.enableOAuth);
-    apiRoute(PST, '/api/oauth/disable', openID.disableOAuth);
-    apiRoute(GET, '/api/oauth/authenticate', openID.authenticateUser);
-    apiRoute(GET, '/api/oauth/validate', openID.isTokenValid);
-
-    apiRoute(PST, '/api/totp_recovery/set', recoveryCodes.setRecoveryCodes);
-    apiRoute(PST, '/api/totp_recovery/verify', recoveryCodes.veryifyRecoveryCode);
-    apiRoute(GET, '/api/totp_recovery/generate', recoveryCodes.generateRecoveryCodes);
-    apiRoute(GET, '/api/totp_recovery/enabled', recoveryCodes.checkForRecoveryKeys);
-    apiRoute(GET, '/api/totp_recovery/used', recoveryCodes.getUsedRecoveryCodes);
-
-    apiRoute(GET, '/api/tree', treeApiRoute.getTree);
-    apiRoute(PST, '/api/tree/load', treeApiRoute.load);
-
-    apiRoute(GET, '/api/notes/:noteId', notesApiRoute.getNote);
-    apiRoute(GET, '/api/notes/:noteId/blob', notesApiRoute.getNoteBlob);
-    apiRoute(GET, '/api/notes/:noteId/metadata', notesApiRoute.getNoteMetadata);
-    apiRoute(PUT, '/api/notes/:noteId/data', notesApiRoute.updateNoteData);
-    apiRoute(DEL, '/api/notes/:noteId', notesApiRoute.deleteNote);
-    apiRoute(PUT, '/api/notes/:noteId/undelete', notesApiRoute.undeleteNote);
-    apiRoute(PST, '/api/notes/:noteId/revision', notesApiRoute.forceSaveRevision);
-    apiRoute(PST, '/api/notes/:parentNoteId/children', notesApiRoute.createNote);
-    apiRoute(PUT, '/api/notes/:noteId/sort-children', notesApiRoute.sortChildNotes);
-    apiRoute(PUT, '/api/notes/:noteId/protect/:isProtected', notesApiRoute.protectNote);
-    apiRoute(PUT, '/api/notes/:noteId/type', notesApiRoute.setNoteTypeMime);
-    apiRoute(PUT, '/api/notes/:noteId/title', notesApiRoute.changeTitle);
-    apiRoute(PST, '/api/notes/:noteId/duplicate/:parentNoteId', notesApiRoute.duplicateSubtree);
-    apiRoute(PUT, '/api/notes/:noteId/clone-to-branch/:parentBranchId', cloningApiRoute.cloneNoteToBranch);
-    apiRoute(PUT, '/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present', cloningApiRoute.toggleNoteInParent);
-    apiRoute(PUT, '/api/notes/:noteId/clone-to-note/:parentNoteId', cloningApiRoute.cloneNoteToParentNote);
-    apiRoute(PUT, '/api/notes/:noteId/clone-after/:afterBranchId', cloningApiRoute.cloneNoteAfter);
-    route(PUT, '/api/notes/:noteId/file', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-        filesRoute.updateFile, apiResultHandler);
-    route(GET, '/api/notes/:noteId/open', [auth.checkApiAuthOrElectron], filesRoute.openFile);
-    route(GET, '/api/notes/:noteId/open-partial', [auth.checkApiAuthOrElectron],
-        createPartialContentHandler(filesRoute.fileContentProvider, {
-            debug: (string, extra) => { console.log(string, extra); }
-        }));
-    route(GET, '/api/notes/:noteId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
-    // this "hacky" path is used for easier referencing of CSS resources
-    route(GET, '/api/notes/download/:noteId', [auth.checkApiAuthOrElectron], filesRoute.downloadFile);
-    apiRoute(PST, '/api/notes/:noteId/save-to-tmp-dir', filesRoute.saveNoteToTmpDir);
-    apiRoute(PST, '/api/notes/:noteId/upload-modified-file', filesRoute.uploadModifiedFileToNote);
-    apiRoute(PST, '/api/notes/:noteId/convert-to-attachment', notesApiRoute.convertNoteToAttachment);
-
-    apiRoute(PUT, '/api/branches/:branchId/move-to/:parentBranchId', branchesApiRoute.moveBranchToParent);
-    apiRoute(PUT, '/api/branches/:branchId/move-before/:beforeBranchId', branchesApiRoute.moveBranchBeforeNote);
-    apiRoute(PUT, '/api/branches/:branchId/move-after/:afterBranchId', branchesApiRoute.moveBranchAfterNote);
-    apiRoute(PUT, '/api/branches/:branchId/expanded/:expanded', branchesApiRoute.setExpanded);
-    apiRoute(PUT, '/api/branches/:branchId/expanded-subtree/:expanded', branchesApiRoute.setExpandedForSubtree);
-    apiRoute(DEL, '/api/branches/:branchId', branchesApiRoute.deleteBranch);
-    apiRoute(PUT, '/api/branches/:branchId/set-prefix', branchesApiRoute.setPrefix);
-
-    apiRoute(GET, '/api/notes/:noteId/attachments', attachmentsApiRoute.getAttachments);
-    apiRoute(PST, '/api/notes/:noteId/attachments', attachmentsApiRoute.saveAttachment);
-    route(PST, '/api/notes/:noteId/attachments/upload', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], attachmentsApiRoute.uploadAttachment, apiResultHandler);
-    apiRoute(GET, '/api/attachments/:attachmentId', attachmentsApiRoute.getAttachment);
-    apiRoute(GET, '/api/attachments/:attachmentId/all', attachmentsApiRoute.getAllAttachments);
-    apiRoute(PST, '/api/attachments/:attachmentId/convert-to-note', attachmentsApiRoute.convertAttachmentToNote);
-    apiRoute(DEL, '/api/attachments/:attachmentId', attachmentsApiRoute.deleteAttachment);
-    apiRoute(PUT, '/api/attachments/:attachmentId/rename', attachmentsApiRoute.renameAttachment);
-    apiRoute(GET, '/api/attachments/:attachmentId/blob', attachmentsApiRoute.getAttachmentBlob);
-    route(GET, '/api/attachments/:attachmentId/image/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnAttachedImage);
-    route(GET, '/api/attachments/:attachmentId/open', [auth.checkApiAuthOrElectron], filesRoute.openAttachment);
-    route(GET, '/api/attachments/:attachmentId/open-partial', [auth.checkApiAuthOrElectron],
-        createPartialContentHandler(filesRoute.attachmentContentProvider, {
-            debug: (string, extra) => { console.log(string, extra); }
-        }));
-    route(GET, '/api/attachments/:attachmentId/download', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
-    // this "hacky" path is used for easier referencing of CSS resources
-    route(GET, '/api/attachments/download/:attachmentId', [auth.checkApiAuthOrElectron], filesRoute.downloadAttachment);
-    apiRoute(PST, '/api/attachments/:attachmentId/save-to-tmp-dir', filesRoute.saveAttachmentToTmpDir);
-    apiRoute(PST, '/api/attachments/:attachmentId/upload-modified-file', filesRoute.uploadModifiedFileToAttachment);
-    route(PUT, '/api/attachments/:attachmentId/file', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware],
-        filesRoute.updateAttachment, apiResultHandler);
-
-    apiRoute(GET, '/api/notes/:noteId/revisions', revisionsApiRoute.getRevisions);
-    apiRoute(DEL, '/api/notes/:noteId/revisions', revisionsApiRoute.eraseAllRevisions);
-    apiRoute(GET, '/api/revisions/:revisionId', revisionsApiRoute.getRevision);
-    apiRoute(GET, '/api/revisions/:revisionId/blob', revisionsApiRoute.getRevisionBlob);
-    apiRoute(DEL, '/api/revisions/:revisionId', revisionsApiRoute.eraseRevision);
-    apiRoute(PST, '/api/revisions/:revisionId/restore', revisionsApiRoute.restoreRevision);
-    route(GET, '/api/revisions/:revisionId/image/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromRevision);
-
-    route(GET, '/api/revisions/:revisionId/download', [auth.checkApiAuthOrElectron], revisionsApiRoute.downloadRevision);
-
-
-    route(GET, '/api/branches/:branchId/export/:type/:format/:version/:taskId', [auth.checkApiAuthOrElectron], exportRoute.exportBranch);
-    route(PST, '/api/notes/:parentNoteId/notes-import', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], importRoute.importNotesToBranch, apiResultHandler);
-    route(PST, '/api/notes/:parentNoteId/attachments-import', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], importRoute.importAttachmentsToNote, apiResultHandler);
-
-    apiRoute(GET, '/api/notes/:noteId/attributes', attributesRoute.getEffectiveNoteAttributes);
-    apiRoute(PST, '/api/notes/:noteId/attributes', attributesRoute.addNoteAttribute);
-    apiRoute(PUT, '/api/notes/:noteId/attributes', attributesRoute.updateNoteAttributes);
-    apiRoute(PUT, '/api/notes/:noteId/attribute', attributesRoute.updateNoteAttribute);
-    apiRoute(PUT, '/api/notes/:noteId/set-attribute', attributesRoute.setNoteAttribute);
-    apiRoute(PUT, '/api/notes/:noteId/relations/:name/to/:targetNoteId', attributesRoute.createRelation);
-    apiRoute(DEL, '/api/notes/:noteId/relations/:name/to/:targetNoteId', attributesRoute.deleteRelation);
-    apiRoute(DEL, '/api/notes/:noteId/attributes/:attributeId', attributesRoute.deleteNoteAttribute);
-    apiRoute(GET, '/api/attribute-names', attributesRoute.getAttributeNames);
-    apiRoute(GET, '/api/attribute-values/:attributeName', attributesRoute.getValuesForAttribute);
-
-    // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
-    route(GET, '/api/images/:noteId/:filename', [auth.checkApiAuthOrElectron], imageRoute.returnImageFromNote);
-    route(PUT, '/api/images/:noteId', [auth.checkApiAuthOrElectron, uploadMiddlewareWithErrorHandling, csrfMiddleware], imageRoute.updateImage, apiResultHandler);
-
-    apiRoute(GET, '/api/options', optionsApiRoute.getOptions);
-    // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
-    apiRoute(PUT, '/api/options/:name/:value*', optionsApiRoute.updateOption);
-    apiRoute(PUT, '/api/options', optionsApiRoute.updateOptions);
-    apiRoute(GET, '/api/options/user-themes', optionsApiRoute.getUserThemes);
-
-    apiRoute(PST, '/api/password/change', passwordApiRoute.changePassword);
-    apiRoute(PST, '/api/password/reset', passwordApiRoute.resetPassword);
-
-    apiRoute(PST, '/api/sync/test', syncApiRoute.testSync);
-    apiRoute(PST, '/api/sync/now', syncApiRoute.syncNow);
-    apiRoute(PST, '/api/sync/fill-entity-changes', syncApiRoute.fillEntityChanges);
-    apiRoute(PST, '/api/sync/force-full-sync', syncApiRoute.forceFullSync);
-    route(GET, '/api/sync/check', [auth.checkApiAuth], syncApiRoute.checkSync, apiResultHandler);
-    route(GET, '/api/sync/changed', [auth.checkApiAuth], syncApiRoute.getChanged, apiResultHandler);
-    route(PUT, '/api/sync/update', [auth.checkApiAuth], syncApiRoute.update, apiResultHandler);
-    route(PST, '/api/sync/finished', [auth.checkApiAuth], syncApiRoute.syncFinished, apiResultHandler);
-    route(PST, '/api/sync/check-entity-changes', [auth.checkApiAuth], syncApiRoute.checkEntityChanges, apiResultHandler);
-    route(PST, '/api/sync/queue-sector/:entityName/:sector', [auth.checkApiAuth], syncApiRoute.queueSector, apiResultHandler);
-    route(GET, '/api/sync/stats', [], syncApiRoute.getStats, apiResultHandler);
-
-    apiRoute(PST, '/api/recent-notes', recentNotesRoute.addRecentNote);
-    apiRoute(GET, '/api/app-info', appInfoRoute.getAppInfo);
-
-    // docker health check
-    route(GET, '/api/health-check', [], () => ({ "status": "ok" }), apiResultHandler);
-
-    // group of the services below are meant to be executed from the outside
-    route(GET, '/api/setup/status', [], setupApiRoute.getStatus, apiResultHandler);
-    route(PST, '/api/setup/new-document', [auth.checkAppNotInitialized], setupApiRoute.setupNewDocument, apiResultHandler, false);
-    route(PST, '/api/setup/sync-from-server', [auth.checkAppNotInitialized], setupApiRoute.setupSyncFromServer, apiResultHandler, false);
-    route(GET, '/api/setup/sync-seed', [auth.checkCredentials], setupApiRoute.getSyncSeed, apiResultHandler);
-    route(PST, '/api/setup/sync-seed', [auth.checkAppNotInitialized], setupApiRoute.saveSyncSeed, apiResultHandler, false);
-
-    apiRoute(GET, '/api/autocomplete', autocompleteApiRoute.getAutocomplete);
-    apiRoute(GET, '/api/quick-search/:searchString', searchRoute.quickSearch);
-    apiRoute(GET, '/api/search-note/:noteId', searchRoute.searchFromNote);
-    apiRoute(PST, '/api/search-and-execute-note/:noteId', searchRoute.searchAndExecute);
-    apiRoute(PST, '/api/search-related', searchRoute.getRelatedNotes);
-    apiRoute(GET, '/api/search/:searchString', searchRoute.search);
-    apiRoute(GET, '/api/search-templates', searchRoute.searchTemplates);
-
-    apiRoute(PST, '/api/bulk-action/execute', bulkActionRoute.execute);
-    apiRoute(PST, '/api/bulk-action/affected-notes', bulkActionRoute.getAffectedNoteCount);
-
-    route(PST, '/api/login/sync', [], loginApiRoute.loginSync, apiResultHandler);
-    // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
-    apiRoute(PST, '/api/login/protected', loginApiRoute.loginToProtectedSession);
-    apiRoute(PST, '/api/login/protected/touch', loginApiRoute.touchProtectedSession);
-    apiRoute(PST, '/api/logout/protected', loginApiRoute.logoutFromProtectedSession);
-
-    route(PST, '/api/login/token', [loginRateLimiter], loginApiRoute.token, apiResultHandler);
-
-    apiRoute(GET, '/api/etapi-tokens', etapiTokensApiRoutes.getTokens);
-    apiRoute(PST, '/api/etapi-tokens', etapiTokensApiRoutes.createToken);
-    apiRoute(PATCH, '/api/etapi-tokens/:etapiTokenId', etapiTokensApiRoutes.patchToken);
-    apiRoute(DEL, '/api/etapi-tokens/:etapiTokenId', etapiTokensApiRoutes.deleteToken);
-
-    // in case of local electron, local calls are allowed unauthenticated, for server they need auth
-    const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
-
-    route(GET, '/api/clipper/handshake', clipperMiddleware, clipperRoute.handshake, apiResultHandler);
-    route(PST, '/api/clipper/clippings', clipperMiddleware, clipperRoute.addClipping, apiResultHandler);
-    route(PST, '/api/clipper/notes', clipperMiddleware, clipperRoute.createNote, apiResultHandler);
-    route(PST, '/api/clipper/open/:noteId', clipperMiddleware, clipperRoute.openNote, apiResultHandler);
-    route(GET, '/api/clipper/notes-by-url/:noteUrl', clipperMiddleware, clipperRoute.findNotesByUrl, apiResultHandler);
-
-    apiRoute(GET, '/api/special-notes/inbox/:date', specialNotesRoute.getInboxNote);
-    apiRoute(GET, '/api/special-notes/days/:date', specialNotesRoute.getDayNote);
-    apiRoute(GET, '/api/special-notes/weeks/:date', specialNotesRoute.getWeekNote);
-    apiRoute(GET, '/api/special-notes/months/:month', specialNotesRoute.getMonthNote);
-    apiRoute(GET, '/api/special-notes/years/:year', specialNotesRoute.getYearNote);
-    apiRoute(GET, '/api/special-notes/notes-for-month/:month', specialNotesRoute.getDayNotesForMonth);
-    apiRoute(PST, '/api/special-notes/sql-console', specialNotesRoute.createSqlConsole);
-    apiRoute(PST, '/api/special-notes/save-sql-console', specialNotesRoute.saveSqlConsole);
-    apiRoute(PST, '/api/special-notes/search-note', specialNotesRoute.createSearchNote);
-    apiRoute(PST, '/api/special-notes/save-search-note', specialNotesRoute.saveSearchNote);
-    apiRoute(PST, '/api/special-notes/launchers/:noteId/reset', specialNotesRoute.resetLauncher);
-    apiRoute(PST, '/api/special-notes/launchers/:parentNoteId/:launcherType', specialNotesRoute.createLauncher);
-    apiRoute(PUT, '/api/special-notes/api-script-launcher', specialNotesRoute.createOrUpdateScriptLauncherFromApi);
-
-    apiRoute(GET, '/api/sql/schema', sqlRoute.getSchema);
-    apiRoute(PST, '/api/sql/execute/:noteId', sqlRoute.execute);
-    route(PST, '/api/database/anonymize/:type', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.anonymize, apiResultHandler, false);
-    apiRoute(GET, '/api/database/anonymized-databases', databaseRoute.getExistingAnonymizedDatabases);
-
-    // backup requires execution outside of transaction
-    route(PST, '/api/database/backup-database', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.backupDatabase, apiResultHandler, false);
-    apiRoute(GET, '/api/database/backups', databaseRoute.getExistingBackups);
-
-    // VACUUM requires execution outside of transaction
-    route(PST, '/api/database/vacuum-database', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.vacuumDatabase, apiResultHandler, false);
-
-    route(PST, '/api/database/find-and-fix-consistency-issues', [auth.checkApiAuthOrElectron, csrfMiddleware], databaseRoute.findAndFixConsistencyIssues, apiResultHandler, false);
-
-    apiRoute(GET, '/api/database/check-integrity', databaseRoute.checkIntegrity);
-
-    route(PST, '/api/script/exec', [auth.checkApiAuth, csrfMiddleware], scriptRoute.exec, apiResultHandler, false);
-
-    apiRoute(PST, '/api/script/run/:noteId', scriptRoute.run);
-    apiRoute(GET, '/api/script/startup', scriptRoute.getStartupBundles);
-    apiRoute(GET, '/api/script/widgets', scriptRoute.getWidgetBundles);
-    apiRoute(PST, '/api/script/bundle/:noteId', scriptRoute.getBundle);
-    apiRoute(GET, '/api/script/relation/:noteId/:relationName', scriptRoute.getRelationBundles);
-
-    // no CSRF since this is called from android app
-    route(PST, '/api/sender/login', [loginRateLimiter], loginApiRoute.token, apiResultHandler);
-    route(PST, '/api/sender/image', [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling], senderRoute.uploadImage, apiResultHandler);
-    route(PST, '/api/sender/note', [auth.checkEtapiToken], senderRoute.saveNote, apiResultHandler);
-
-    apiRoute(GET, '/api/keyboard-actions', keysRoute.getKeyboardActions);
-    apiRoute(GET, '/api/keyboard-shortcuts-for-notes', keysRoute.getShortcutsForNotes);
-
-    apiRoute(PST, '/api/relation-map', relationMapApiRoute.getRelationMap);
-    apiRoute(PST, '/api/notes/erase-deleted-notes-now', notesApiRoute.eraseDeletedNotesNow);
-    apiRoute(PST, '/api/notes/erase-unused-attachments-now', notesApiRoute.eraseUnusedAttachmentsNow);
-    apiRoute(GET, '/api/similar-notes/:noteId', similarNotesRoute.getSimilarNotes);
-    apiRoute(GET, '/api/backend-log', backendLogRoute.getBackendLog);
-    apiRoute(GET, '/api/stats/note-size/:noteId', statsRoute.getNoteSize);
-    apiRoute(GET, '/api/stats/subtree-size/:noteId', statsRoute.getSubtreeSize);
-    apiRoute(PST, '/api/delete-notes-preview', notesApiRoute.getDeleteNotesPreview);
-    route(GET, '/api/fonts', [auth.checkApiAuthOrElectron], fontsRoute.getFontCss);
-    apiRoute(GET, '/api/other/icon-usage', otherRoute.getIconUsage);
-    apiRoute(PST, '/api/other/render-markdown', otherRoute.renderMarkdown);
-    apiRoute(GET, '/api/recent-changes/:ancestorNoteId', recentChangesApiRoute.getRecentChanges);
-    apiRoute(GET, '/api/edited-notes/:date', revisionsApiRoute.getEditedNotesOnDate);
-
-    apiRoute(PST, '/api/note-map/:noteId/tree', noteMapRoute.getTreeMap);
-    apiRoute(PST, '/api/note-map/:noteId/link', noteMapRoute.getLinkMap);
-    apiRoute(GET, '/api/note-map/:noteId/backlink-count', noteMapRoute.getBacklinkCount);
-    apiRoute(GET, '/api/note-map/:noteId/backlinks', noteMapRoute.getBacklinks);
-
-    shareRoutes.register(router);
-
-    etapiAuthRoutes.register(router, [loginRateLimiter]);
-    etapiAppInfoRoutes.register(router);
-    etapiAttachmentRoutes.register(router);
-    etapiAttributeRoutes.register(router);
-    etapiBranchRoutes.register(router);
-    etapiNoteRoutes.register(router);
-    etapiSpecialNoteRoutes.register(router);
-    etapiSpecRoute.register(router);
-    etapiBackupRoute.register(router);
-
-    app.use('', router);
+  route(GET, "/", [auth.checkAuth, csrfMiddleware], indexRoute.index);
+  route(
+    GET,
+    "/login",
+    [auth.checkAppInitialized, auth.checkPasswordSet],
+    loginRoute.loginPage
+  );
+  route(
+    GET,
+    "/set-password",
+    [auth.checkAppInitialized, auth.checkPasswordNotSet],
+    loginRoute.setPasswordPage
+  );
+
+  const loginRateLimiter = rateLimit.rateLimit({
+    windowMs: 15 * 60 * 1000, // 15 minutes
+    max: 10, // limit each IP to 10 requests per windowMs
+    skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
+  });
+
+  route(PST, "/login", [loginRateLimiter], loginRoute.login);
+  route(PST, "/logout", [csrfMiddleware, auth.checkAuth], loginRoute.logout);
+  route(
+    PST,
+    "/set-password",
+    [auth.checkAppInitialized, auth.checkPasswordNotSet],
+    loginRoute.setPassword
+  );
+  route(GET, "/setup", [], setupRoute.setupPage);
+
+  apiRoute(GET, "/api/totp/generate", totp.generateSecret);
+  apiRoute(GET, "/api/totp/status", totp.getTOTPStatus);
+  apiRoute(PST, "/api/totp/enable", totp.enableTOTP);
+  apiRoute(PST, "/api/totp/disable", totp.disableTOTP);
+  apiRoute(GET, "/api/totp/get", totp.getSecret);
+
+  apiRoute(GET, "/api/oauth/status", openID.getOAuthStatus);
+  apiRoute(GET, "/api/oauth/validate", openID.isTokenValid);
+
+  apiRoute(PST, "/api/totp_recovery/set", recoveryCodes.setRecoveryCodes);
+  apiRoute(PST, "/api/totp_recovery/verify", recoveryCodes.veryifyRecoveryCode);
+  apiRoute(
+    GET,
+    "/api/totp_recovery/generate",
+    recoveryCodes.generateRecoveryCodes
+  );
+  apiRoute(
+    GET,
+    "/api/totp_recovery/enabled",
+    recoveryCodes.checkForRecoveryKeys
+  );
+  apiRoute(GET, "/api/totp_recovery/used", recoveryCodes.getUsedRecoveryCodes);
+
+  apiRoute(GET, "/api/tree", treeApiRoute.getTree);
+  apiRoute(PST, "/api/tree/load", treeApiRoute.load);
+
+  apiRoute(GET, "/api/notes/:noteId", notesApiRoute.getNote);
+  apiRoute(GET, "/api/notes/:noteId/blob", notesApiRoute.getNoteBlob);
+  apiRoute(GET, "/api/notes/:noteId/metadata", notesApiRoute.getNoteMetadata);
+  apiRoute(PUT, "/api/notes/:noteId/data", notesApiRoute.updateNoteData);
+  apiRoute(DEL, "/api/notes/:noteId", notesApiRoute.deleteNote);
+  apiRoute(PUT, "/api/notes/:noteId/undelete", notesApiRoute.undeleteNote);
+  apiRoute(PST, "/api/notes/:noteId/revision", notesApiRoute.forceSaveRevision);
+  apiRoute(PST, "/api/notes/:parentNoteId/children", notesApiRoute.createNote);
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/sort-children",
+    notesApiRoute.sortChildNotes
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/protect/:isProtected",
+    notesApiRoute.protectNote
+  );
+  apiRoute(PUT, "/api/notes/:noteId/type", notesApiRoute.setNoteTypeMime);
+  apiRoute(PUT, "/api/notes/:noteId/title", notesApiRoute.changeTitle);
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/duplicate/:parentNoteId",
+    notesApiRoute.duplicateSubtree
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/clone-to-branch/:parentBranchId",
+    cloningApiRoute.cloneNoteToBranch
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present",
+    cloningApiRoute.toggleNoteInParent
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/clone-to-note/:parentNoteId",
+    cloningApiRoute.cloneNoteToParentNote
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/clone-after/:afterBranchId",
+    cloningApiRoute.cloneNoteAfter
+  );
+  route(
+    PUT,
+    "/api/notes/:noteId/file",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    filesRoute.updateFile,
+    apiResultHandler
+  );
+  route(
+    GET,
+    "/api/notes/:noteId/open",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.openFile
+  );
+  route(
+    GET,
+    "/api/notes/:noteId/open-partial",
+    [auth.checkApiAuthOrElectron],
+    createPartialContentHandler(filesRoute.fileContentProvider, {
+      debug: (string, extra) => {
+        console.log(string, extra);
+      },
+    })
+  );
+  route(
+    GET,
+    "/api/notes/:noteId/download",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.downloadFile
+  );
+  // this "hacky" path is used for easier referencing of CSS resources
+  route(
+    GET,
+    "/api/notes/download/:noteId",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.downloadFile
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/save-to-tmp-dir",
+    filesRoute.saveNoteToTmpDir
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/upload-modified-file",
+    filesRoute.uploadModifiedFileToNote
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/convert-to-attachment",
+    notesApiRoute.convertNoteToAttachment
+  );
+
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/move-to/:parentBranchId",
+    branchesApiRoute.moveBranchToParent
+  );
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/move-before/:beforeBranchId",
+    branchesApiRoute.moveBranchBeforeNote
+  );
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/move-after/:afterBranchId",
+    branchesApiRoute.moveBranchAfterNote
+  );
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/expanded/:expanded",
+    branchesApiRoute.setExpanded
+  );
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/expanded-subtree/:expanded",
+    branchesApiRoute.setExpandedForSubtree
+  );
+  apiRoute(DEL, "/api/branches/:branchId", branchesApiRoute.deleteBranch);
+  apiRoute(
+    PUT,
+    "/api/branches/:branchId/set-prefix",
+    branchesApiRoute.setPrefix
+  );
+
+  apiRoute(
+    GET,
+    "/api/notes/:noteId/attachments",
+    attachmentsApiRoute.getAttachments
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/attachments",
+    attachmentsApiRoute.saveAttachment
+  );
+  route(
+    PST,
+    "/api/notes/:noteId/attachments/upload",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    attachmentsApiRoute.uploadAttachment,
+    apiResultHandler
+  );
+  apiRoute(
+    GET,
+    "/api/attachments/:attachmentId",
+    attachmentsApiRoute.getAttachment
+  );
+  apiRoute(
+    GET,
+    "/api/attachments/:attachmentId/all",
+    attachmentsApiRoute.getAllAttachments
+  );
+  apiRoute(
+    PST,
+    "/api/attachments/:attachmentId/convert-to-note",
+    attachmentsApiRoute.convertAttachmentToNote
+  );
+  apiRoute(
+    DEL,
+    "/api/attachments/:attachmentId",
+    attachmentsApiRoute.deleteAttachment
+  );
+  apiRoute(
+    PUT,
+    "/api/attachments/:attachmentId/rename",
+    attachmentsApiRoute.renameAttachment
+  );
+  apiRoute(
+    GET,
+    "/api/attachments/:attachmentId/blob",
+    attachmentsApiRoute.getAttachmentBlob
+  );
+  route(
+    GET,
+    "/api/attachments/:attachmentId/image/:filename",
+    [auth.checkApiAuthOrElectron],
+    imageRoute.returnAttachedImage
+  );
+  route(
+    GET,
+    "/api/attachments/:attachmentId/open",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.openAttachment
+  );
+  route(
+    GET,
+    "/api/attachments/:attachmentId/open-partial",
+    [auth.checkApiAuthOrElectron],
+    createPartialContentHandler(filesRoute.attachmentContentProvider, {
+      debug: (string, extra) => {
+        console.log(string, extra);
+      },
+    })
+  );
+  route(
+    GET,
+    "/api/attachments/:attachmentId/download",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.downloadAttachment
+  );
+  // this "hacky" path is used for easier referencing of CSS resources
+  route(
+    GET,
+    "/api/attachments/download/:attachmentId",
+    [auth.checkApiAuthOrElectron],
+    filesRoute.downloadAttachment
+  );
+  apiRoute(
+    PST,
+    "/api/attachments/:attachmentId/save-to-tmp-dir",
+    filesRoute.saveAttachmentToTmpDir
+  );
+  apiRoute(
+    PST,
+    "/api/attachments/:attachmentId/upload-modified-file",
+    filesRoute.uploadModifiedFileToAttachment
+  );
+  route(
+    PUT,
+    "/api/attachments/:attachmentId/file",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    filesRoute.updateAttachment,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/notes/:noteId/revisions", revisionsApiRoute.getRevisions);
+  apiRoute(
+    DEL,
+    "/api/notes/:noteId/revisions",
+    revisionsApiRoute.eraseAllRevisions
+  );
+  apiRoute(GET, "/api/revisions/:revisionId", revisionsApiRoute.getRevision);
+  apiRoute(
+    GET,
+    "/api/revisions/:revisionId/blob",
+    revisionsApiRoute.getRevisionBlob
+  );
+  apiRoute(DEL, "/api/revisions/:revisionId", revisionsApiRoute.eraseRevision);
+  apiRoute(
+    PST,
+    "/api/revisions/:revisionId/restore",
+    revisionsApiRoute.restoreRevision
+  );
+  route(
+    GET,
+    "/api/revisions/:revisionId/image/:filename",
+    [auth.checkApiAuthOrElectron],
+    imageRoute.returnImageFromRevision
+  );
+
+  route(
+    GET,
+    "/api/revisions/:revisionId/download",
+    [auth.checkApiAuthOrElectron],
+    revisionsApiRoute.downloadRevision
+  );
+
+  route(
+    GET,
+    "/api/branches/:branchId/export/:type/:format/:version/:taskId",
+    [auth.checkApiAuthOrElectron],
+    exportRoute.exportBranch
+  );
+  route(
+    PST,
+    "/api/notes/:parentNoteId/notes-import",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    importRoute.importNotesToBranch,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/notes/:parentNoteId/attachments-import",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    importRoute.importAttachmentsToNote,
+    apiResultHandler
+  );
+
+  apiRoute(
+    GET,
+    "/api/notes/:noteId/attributes",
+    attributesRoute.getEffectiveNoteAttributes
+  );
+  apiRoute(
+    PST,
+    "/api/notes/:noteId/attributes",
+    attributesRoute.addNoteAttribute
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/attributes",
+    attributesRoute.updateNoteAttributes
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/attribute",
+    attributesRoute.updateNoteAttribute
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/set-attribute",
+    attributesRoute.setNoteAttribute
+  );
+  apiRoute(
+    PUT,
+    "/api/notes/:noteId/relations/:name/to/:targetNoteId",
+    attributesRoute.createRelation
+  );
+  apiRoute(
+    DEL,
+    "/api/notes/:noteId/relations/:name/to/:targetNoteId",
+    attributesRoute.deleteRelation
+  );
+  apiRoute(
+    DEL,
+    "/api/notes/:noteId/attributes/:attributeId",
+    attributesRoute.deleteNoteAttribute
+  );
+  apiRoute(GET, "/api/attribute-names", attributesRoute.getAttributeNames);
+  apiRoute(
+    GET,
+    "/api/attribute-values/:attributeName",
+    attributesRoute.getValuesForAttribute
+  );
+
+  // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
+  route(
+    GET,
+    "/api/images/:noteId/:filename",
+    [auth.checkApiAuthOrElectron],
+    imageRoute.returnImageFromNote
+  );
+  route(
+    PUT,
+    "/api/images/:noteId",
+    [
+      auth.checkApiAuthOrElectron,
+      uploadMiddlewareWithErrorHandling,
+      csrfMiddleware,
+    ],
+    imageRoute.updateImage,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/options", optionsApiRoute.getOptions);
+  // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
+  apiRoute(PUT, "/api/options/:name/:value*", optionsApiRoute.updateOption);
+  apiRoute(PUT, "/api/options", optionsApiRoute.updateOptions);
+  apiRoute(GET, "/api/options/user-themes", optionsApiRoute.getUserThemes);
+
+  apiRoute(PST, "/api/password/change", passwordApiRoute.changePassword);
+  apiRoute(PST, "/api/password/reset", passwordApiRoute.resetPassword);
+
+  apiRoute(PST, "/api/sync/test", syncApiRoute.testSync);
+  apiRoute(PST, "/api/sync/now", syncApiRoute.syncNow);
+  apiRoute(
+    PST,
+    "/api/sync/fill-entity-changes",
+    syncApiRoute.fillEntityChanges
+  );
+  apiRoute(PST, "/api/sync/force-full-sync", syncApiRoute.forceFullSync);
+  route(
+    GET,
+    "/api/sync/check",
+    [auth.checkApiAuth],
+    syncApiRoute.checkSync,
+    apiResultHandler
+  );
+  route(
+    GET,
+    "/api/sync/changed",
+    [auth.checkApiAuth],
+    syncApiRoute.getChanged,
+    apiResultHandler
+  );
+  route(
+    PUT,
+    "/api/sync/update",
+    [auth.checkApiAuth],
+    syncApiRoute.update,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sync/finished",
+    [auth.checkApiAuth],
+    syncApiRoute.syncFinished,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sync/check-entity-changes",
+    [auth.checkApiAuth],
+    syncApiRoute.checkEntityChanges,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sync/queue-sector/:entityName/:sector",
+    [auth.checkApiAuth],
+    syncApiRoute.queueSector,
+    apiResultHandler
+  );
+  route(GET, "/api/sync/stats", [], syncApiRoute.getStats, apiResultHandler);
+
+  apiRoute(PST, "/api/recent-notes", recentNotesRoute.addRecentNote);
+  apiRoute(GET, "/api/app-info", appInfoRoute.getAppInfo);
+
+  // docker health check
+  route(
+    GET,
+    "/api/health-check",
+    [],
+    () => ({ status: "ok" }),
+    apiResultHandler
+  );
+
+  // group of the services below are meant to be executed from the outside
+  route(
+    GET,
+    "/api/setup/status",
+    [],
+    setupApiRoute.getStatus,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/setup/new-document",
+    [auth.checkAppNotInitialized],
+    setupApiRoute.setupNewDocument,
+    apiResultHandler,
+    false
+  );
+  route(
+    PST,
+    "/api/setup/sync-from-server",
+    [auth.checkAppNotInitialized],
+    setupApiRoute.setupSyncFromServer,
+    apiResultHandler,
+    false
+  );
+  route(
+    GET,
+    "/api/setup/sync-seed",
+    [auth.checkCredentials],
+    setupApiRoute.getSyncSeed,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/setup/sync-seed",
+    [auth.checkAppNotInitialized],
+    setupApiRoute.saveSyncSeed,
+    apiResultHandler,
+    false
+  );
+
+  apiRoute(GET, "/api/autocomplete", autocompleteApiRoute.getAutocomplete);
+  apiRoute(GET, "/api/quick-search/:searchString", searchRoute.quickSearch);
+  apiRoute(GET, "/api/search-note/:noteId", searchRoute.searchFromNote);
+  apiRoute(
+    PST,
+    "/api/search-and-execute-note/:noteId",
+    searchRoute.searchAndExecute
+  );
+  apiRoute(PST, "/api/search-related", searchRoute.getRelatedNotes);
+  apiRoute(GET, "/api/search/:searchString", searchRoute.search);
+  apiRoute(GET, "/api/search-templates", searchRoute.searchTemplates);
+
+  apiRoute(PST, "/api/bulk-action/execute", bulkActionRoute.execute);
+  apiRoute(
+    PST,
+    "/api/bulk-action/affected-notes",
+    bulkActionRoute.getAffectedNoteCount
+  );
+
+  route(PST, "/api/login/sync", [], loginApiRoute.loginSync, apiResultHandler);
+  // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
+  apiRoute(PST, "/api/login/protected", loginApiRoute.loginToProtectedSession);
+  apiRoute(
+    PST,
+    "/api/login/protected/touch",
+    loginApiRoute.touchProtectedSession
+  );
+  apiRoute(
+    PST,
+    "/api/logout/protected",
+    loginApiRoute.logoutFromProtectedSession
+  );
+
+  route(
+    PST,
+    "/api/login/token",
+    [loginRateLimiter],
+    loginApiRoute.token,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/etapi-tokens", etapiTokensApiRoutes.getTokens);
+  apiRoute(PST, "/api/etapi-tokens", etapiTokensApiRoutes.createToken);
+  apiRoute(
+    PATCH,
+    "/api/etapi-tokens/:etapiTokenId",
+    etapiTokensApiRoutes.patchToken
+  );
+  apiRoute(
+    DEL,
+    "/api/etapi-tokens/:etapiTokenId",
+    etapiTokensApiRoutes.deleteToken
+  );
+
+  // in case of local electron, local calls are allowed unauthenticated, for server they need auth
+  const clipperMiddleware = utils.isElectron() ? [] : [auth.checkEtapiToken];
+
+  route(
+    GET,
+    "/api/clipper/handshake",
+    clipperMiddleware,
+    clipperRoute.handshake,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/clipper/clippings",
+    clipperMiddleware,
+    clipperRoute.addClipping,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/clipper/notes",
+    clipperMiddleware,
+    clipperRoute.createNote,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/clipper/open/:noteId",
+    clipperMiddleware,
+    clipperRoute.openNote,
+    apiResultHandler
+  );
+  route(
+    GET,
+    "/api/clipper/notes-by-url/:noteUrl",
+    clipperMiddleware,
+    clipperRoute.findNotesByUrl,
+    apiResultHandler
+  );
+
+  apiRoute(
+    GET,
+    "/api/special-notes/inbox/:date",
+    specialNotesRoute.getInboxNote
+  );
+  apiRoute(GET, "/api/special-notes/days/:date", specialNotesRoute.getDayNote);
+  apiRoute(
+    GET,
+    "/api/special-notes/weeks/:date",
+    specialNotesRoute.getWeekNote
+  );
+  apiRoute(
+    GET,
+    "/api/special-notes/months/:month",
+    specialNotesRoute.getMonthNote
+  );
+  apiRoute(
+    GET,
+    "/api/special-notes/years/:year",
+    specialNotesRoute.getYearNote
+  );
+  apiRoute(
+    GET,
+    "/api/special-notes/notes-for-month/:month",
+    specialNotesRoute.getDayNotesForMonth
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/sql-console",
+    specialNotesRoute.createSqlConsole
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/save-sql-console",
+    specialNotesRoute.saveSqlConsole
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/search-note",
+    specialNotesRoute.createSearchNote
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/save-search-note",
+    specialNotesRoute.saveSearchNote
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/launchers/:noteId/reset",
+    specialNotesRoute.resetLauncher
+  );
+  apiRoute(
+    PST,
+    "/api/special-notes/launchers/:parentNoteId/:launcherType",
+    specialNotesRoute.createLauncher
+  );
+  apiRoute(
+    PUT,
+    "/api/special-notes/api-script-launcher",
+    specialNotesRoute.createOrUpdateScriptLauncherFromApi
+  );
+
+  apiRoute(GET, "/api/sql/schema", sqlRoute.getSchema);
+  apiRoute(PST, "/api/sql/execute/:noteId", sqlRoute.execute);
+  route(
+    PST,
+    "/api/database/anonymize/:type",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.anonymize,
+    apiResultHandler,
+    false
+  );
+  apiRoute(
+    GET,
+    "/api/database/anonymized-databases",
+    databaseRoute.getExistingAnonymizedDatabases
+  );
+
+  // backup requires execution outside of transaction
+  route(
+    PST,
+    "/api/database/backup-database",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.backupDatabase,
+    apiResultHandler,
+    false
+  );
+  apiRoute(GET, "/api/database/backups", databaseRoute.getExistingBackups);
+
+  // VACUUM requires execution outside of transaction
+  route(
+    PST,
+    "/api/database/vacuum-database",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.vacuumDatabase,
+    apiResultHandler,
+    false
+  );
+
+  route(
+    PST,
+    "/api/database/find-and-fix-consistency-issues",
+    [auth.checkApiAuthOrElectron, csrfMiddleware],
+    databaseRoute.findAndFixConsistencyIssues,
+    apiResultHandler,
+    false
+  );
+
+  apiRoute(GET, "/api/database/check-integrity", databaseRoute.checkIntegrity);
+
+  route(
+    PST,
+    "/api/script/exec",
+    [auth.checkApiAuth, csrfMiddleware],
+    scriptRoute.exec,
+    apiResultHandler,
+    false
+  );
+
+  apiRoute(PST, "/api/script/run/:noteId", scriptRoute.run);
+  apiRoute(GET, "/api/script/startup", scriptRoute.getStartupBundles);
+  apiRoute(GET, "/api/script/widgets", scriptRoute.getWidgetBundles);
+  apiRoute(PST, "/api/script/bundle/:noteId", scriptRoute.getBundle);
+  apiRoute(
+    GET,
+    "/api/script/relation/:noteId/:relationName",
+    scriptRoute.getRelationBundles
+  );
+
+  // no CSRF since this is called from android app
+  route(
+    PST,
+    "/api/sender/login",
+    [loginRateLimiter],
+    loginApiRoute.token,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sender/image",
+    [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
+    senderRoute.uploadImage,
+    apiResultHandler
+  );
+  route(
+    PST,
+    "/api/sender/note",
+    [auth.checkEtapiToken],
+    senderRoute.saveNote,
+    apiResultHandler
+  );
+
+  apiRoute(GET, "/api/keyboard-actions", keysRoute.getKeyboardActions);
+  apiRoute(
+    GET,
+    "/api/keyboard-shortcuts-for-notes",
+    keysRoute.getShortcutsForNotes
+  );
+
+  apiRoute(PST, "/api/relation-map", relationMapApiRoute.getRelationMap);
+  apiRoute(
+    PST,
+    "/api/notes/erase-deleted-notes-now",
+    notesApiRoute.eraseDeletedNotesNow
+  );
+  apiRoute(
+    PST,
+    "/api/notes/erase-unused-attachments-now",
+    notesApiRoute.eraseUnusedAttachmentsNow
+  );
+  apiRoute(
+    GET,
+    "/api/similar-notes/:noteId",
+    similarNotesRoute.getSimilarNotes
+  );
+  apiRoute(GET, "/api/backend-log", backendLogRoute.getBackendLog);
+  apiRoute(GET, "/api/stats/note-size/:noteId", statsRoute.getNoteSize);
+  apiRoute(GET, "/api/stats/subtree-size/:noteId", statsRoute.getSubtreeSize);
+  apiRoute(
+    PST,
+    "/api/delete-notes-preview",
+    notesApiRoute.getDeleteNotesPreview
+  );
+  route(
+    GET,
+    "/api/fonts",
+    [auth.checkApiAuthOrElectron],
+    fontsRoute.getFontCss
+  );
+  apiRoute(GET, "/api/other/icon-usage", otherRoute.getIconUsage);
+  apiRoute(PST, "/api/other/render-markdown", otherRoute.renderMarkdown);
+  apiRoute(
+    GET,
+    "/api/recent-changes/:ancestorNoteId",
+    recentChangesApiRoute.getRecentChanges
+  );
+  apiRoute(
+    GET,
+    "/api/edited-notes/:date",
+    revisionsApiRoute.getEditedNotesOnDate
+  );
+
+  apiRoute(PST, "/api/note-map/:noteId/tree", noteMapRoute.getTreeMap);
+  apiRoute(PST, "/api/note-map/:noteId/link", noteMapRoute.getLinkMap);
+  apiRoute(
+    GET,
+    "/api/note-map/:noteId/backlink-count",
+    noteMapRoute.getBacklinkCount
+  );
+  apiRoute(GET, "/api/note-map/:noteId/backlinks", noteMapRoute.getBacklinks);
+
+  shareRoutes.register(router);
+
+  etapiAuthRoutes.register(router, [loginRateLimiter]);
+  etapiAppInfoRoutes.register(router);
+  etapiAttachmentRoutes.register(router);
+  etapiAttributeRoutes.register(router);
+  etapiBranchRoutes.register(router);
+  etapiNoteRoutes.register(router);
+  etapiSpecialNoteRoutes.register(router);
+  etapiSpecRoute.register(router);
+  etapiBackupRoute.register(router);
+
+  app.use("", router);
 }
 
 /** Handling common patterns. If entity is not caught, serialization to JSON will fail */
 function convertEntitiesToPojo(result: unknown) {
-    if (result instanceof AbstractBeccaEntity) {
-        result = result.getPojo();
+  if (result instanceof AbstractBeccaEntity) {
+    result = result.getPojo();
+  } else if (Array.isArray(result)) {
+    for (const idx in result) {
+      if (result[idx] instanceof AbstractBeccaEntity) {
+        result[idx] = result[idx].getPojo();
+      }
     }
-    else if (Array.isArray(result)) {
-        for (const idx in result) {
-            if (result[idx] instanceof AbstractBeccaEntity) {
-                result[idx] = result[idx].getPojo();
-            }
-        }
+  } else if (result && typeof result === "object") {
+    if ("note" in result && result.note instanceof AbstractBeccaEntity) {
+      result.note = result.note.getPojo();
     }
-    else if (result && typeof result === "object") {
-        if ("note" in result && result.note instanceof AbstractBeccaEntity) {
-            result.note = result.note.getPojo();
-        }
 
-        if ("branch" in result && result.branch instanceof AbstractBeccaEntity) {
-            result.branch = result.branch.getPojo();
-        }
+    if ("branch" in result && result.branch instanceof AbstractBeccaEntity) {
+      result.branch = result.branch.getPojo();
     }
+  }
 
-    if (result && typeof result === "object" && "executionResult" in result) { // from runOnBackend()
-        result.executionResult = convertEntitiesToPojo(result.executionResult);
-    }
+  if (result && typeof result === "object" && "executionResult" in result) {
+    // from runOnBackend()
+    result.executionResult = convertEntitiesToPojo(result.executionResult);
+  }
 
-    return result;
+  return result;
 }
 
-function apiResultHandler(req: express.Request, res: express.Response, result: unknown) {
-    res.setHeader('trilium-max-entity-change-id', entityChangesService.getMaxEntityChangeId());
-
-    result = convertEntitiesToPojo(result);
-
-    // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
-    if (Array.isArray(result) && result.length > 0 && Number.isInteger(result[0])) {
-        const [statusCode, response] = result;
-
-        if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
-            log.info(`${req.method} ${req.originalUrl} returned ${statusCode} with response ${JSON.stringify(response)}`);
-        }
-
-        return send(res, statusCode, response);
-    }
-    else if (result === undefined) {
-        return send(res, 204, "");
-    }
-    else {
-        return send(res, 200, result);
+function apiResultHandler(
+  req: express.Request,
+  res: express.Response,
+  result: unknown
+) {
+  res.setHeader(
+    "trilium-max-entity-change-id",
+    entityChangesService.getMaxEntityChangeId()
+  );
+
+  result = convertEntitiesToPojo(result);
+
+  // if it's an array and the first element is integer, then we consider this to be [statusCode, response] format
+  if (
+    Array.isArray(result) &&
+    result.length > 0 &&
+    Number.isInteger(result[0])
+  ) {
+    const [statusCode, response] = result;
+
+    if (statusCode !== 200 && statusCode !== 201 && statusCode !== 204) {
+      log.info(
+        `${req.method} ${
+          req.originalUrl
+        } returned ${statusCode} with response ${JSON.stringify(response)}`
+      );
     }
+
+    return send(res, statusCode, response);
+  } else if (result === undefined) {
+    return send(res, 204, "");
+  } else {
+    return send(res, 200, result);
+  }
 }
 
 function send(res: express.Response, statusCode: number, response: unknown) {
-    if (typeof response === 'string') {
-        if (statusCode >= 400) {
-            res.setHeader("Content-Type", "text/plain");
-        }
+  if (typeof response === "string") {
+    if (statusCode >= 400) {
+      res.setHeader("Content-Type", "text/plain");
+    }
 
-        res.status(statusCode).send(response);
+    res.status(statusCode).send(response);
 
-        return response.length;
-    }
-    else {
-        const json = JSON.stringify(response);
+    return response.length;
+  } else {
+    const json = JSON.stringify(response);
 
-        res.setHeader("Content-Type", "application/json");
-        res.status(statusCode).send(json);
+    res.setHeader("Content-Type", "application/json");
+    res.status(statusCode).send(json);
 
-        return json.length;
-    }
+    return json.length;
+  }
 }
 
-function apiRoute(method: HttpMethod, path: string, routeHandler: express.Handler) {
-    route(method, path, [auth.checkApiAuth, csrfMiddleware], routeHandler, apiResultHandler);
+function apiRoute(
+  method: HttpMethod,
+  path: string,
+  routeHandler: express.Handler
+) {
+  route(
+    method,
+    path,
+    [auth.checkApiAuth, csrfMiddleware],
+    routeHandler,
+    apiResultHandler
+  );
 }
 
-function route(method: HttpMethod, path: string, middleware: (express.Handler | AppRequestHandler)[], routeHandler: AppRequestHandler, resultHandler: ApiResultHandler | null = null, transactional = true) {
-    router[method](path, ...(middleware as express.Handler[]), (req: express.Request, res: express.Response, next: express.NextFunction) => {
-        const start = Date.now();
-
-        try {
-            cls.namespace.bindEmitter(req);
-            cls.namespace.bindEmitter(res);
-
-            const result = cls.init(() => {
-                cls.set('componentId', req.headers['trilium-component-id']);
-                cls.set('localNowDateTime', req.headers['trilium-local-now-datetime']);
-                cls.set('hoistedNoteId', req.headers['trilium-hoisted-note-id'] || 'root');
-
-                const cb = () => routeHandler(req as AppRequest, res, next);
-
-                return transactional ? sql.transactional(cb) : cb();
-            });
-
-            if (!resultHandler) {
-                return;
-            }
-
-            if (result?.then) { // promise
-                result
-                    .then((promiseResult: unknown) => handleResponse(resultHandler, req, res, promiseResult, start))
-                    .catch((e: any) => handleException(e, method, path, res));
-            } else {
-                handleResponse(resultHandler, req, res, result, start)
-            }
+function route(
+  method: HttpMethod,
+  path: string,
+  middleware: (express.Handler | AppRequestHandler)[],
+  routeHandler: AppRequestHandler,
+  resultHandler: ApiResultHandler | null = null,
+  transactional = true
+) {
+  router[method](
+    path,
+    ...(middleware as express.Handler[]),
+    (
+      req: express.Request,
+      res: express.Response,
+      next: express.NextFunction
+    ) => {
+      const start = Date.now();
+
+      try {
+        cls.namespace.bindEmitter(req);
+        cls.namespace.bindEmitter(res);
+
+        const result = cls.init(() => {
+          cls.set("componentId", req.headers["trilium-component-id"]);
+          cls.set(
+            "localNowDateTime",
+            req.headers["trilium-local-now-datetime"]
+          );
+          cls.set(
+            "hoistedNoteId",
+            req.headers["trilium-hoisted-note-id"] || "root"
+          );
+
+          const cb = () => routeHandler(req as AppRequest, res, next);
+
+          return transactional ? sql.transactional(cb) : cb();
+        });
+
+        if (!resultHandler) {
+          return;
         }
-        catch (e) {
-            handleException(e, method, path, res);
+
+        if (result?.then) {
+          // promise
+          result
+            .then((promiseResult: unknown) =>
+              handleResponse(resultHandler, req, res, promiseResult, start)
+            )
+            .catch((e: any) => handleException(e, method, path, res));
+        } else {
+          handleResponse(resultHandler, req, res, result, start);
         }
-    });
+      } catch (e) {
+        handleException(e, method, path, res);
+      }
+    }
+  );
 }
 
-function handleResponse(resultHandler: ApiResultHandler, req: express.Request, res: express.Response, result: unknown, start: number) {
-    const responseLength = resultHandler(req, res, result);
+function handleResponse(
+  resultHandler: ApiResultHandler,
+  req: express.Request,
+  res: express.Response,
+  result: unknown,
+  start: number
+) {
+  const responseLength = resultHandler(req, res, result);
 
-    log.request(req, res, Date.now() - start, responseLength);
+  log.request(req, res, Date.now() - start, responseLength);
 }
 
-function handleException(e: any, method: HttpMethod, path: string, res: express.Response) {
-    log.error(`${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`);
-
-    if (e instanceof ValidationError) {
-        res.status(400)
-            .json({
-                message: e.message
-            });
-    } else if (e instanceof NotFoundError) {
-        res.status(404)
-            .json({
-                message: e.message
-            });
-    } else {
-        res.status(500)
-            .json({
-                message: e.message
-            });
-    }
+function handleException(
+  e: any,
+  method: HttpMethod,
+  path: string,
+  res: express.Response
+) {
+  log.error(
+    `${method} ${path} threw exception: '${e.message}', stack: ${e.stack}`
+  );
+
+  if (e instanceof ValidationError) {
+    res.status(400).json({
+      message: e.message,
+    });
+  } else if (e instanceof NotFoundError) {
+    res.status(404).json({
+      message: e.message,
+    });
+  } else {
+    res.status(500).json({
+      message: e.message,
+    });
+  }
 }
 
 function createUploadMiddleware() {
-    const multerOptions: multer.Options = {
-        fileFilter: (req: express.Request, file, cb) => {
-            // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
-            // See https://github.com/expressjs/multer/pull/1102.
-            file.originalname = Buffer.from(file.originalname, "latin1").toString("utf-8");
-            cb(null, true);
-        }
+  const multerOptions: multer.Options = {
+    fileFilter: (req: express.Request, file, cb) => {
+      // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
+      // See https://github.com/expressjs/multer/pull/1102.
+      file.originalname = Buffer.from(file.originalname, "latin1").toString(
+        "utf-8"
+      );
+      cb(null, true);
+    },
+  };
+
+  if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
+    multerOptions.limits = {
+      fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024,
     };
+  }
 
-    if (!process.env.TRILIUM_NO_UPLOAD_LIMIT) {
-        multerOptions.limits = {
-            fileSize: MAX_ALLOWED_FILE_SIZE_MB * 1024 * 1024
-        };
-    }
-
-    return multer(multerOptions).single('upload');
+  return multer(multerOptions).single("upload");
 }
 
 export = {
-    register
+  register,
 };
diff --git a/src/services/auth.ts b/src/services/auth.ts
index 6f7261cfec..2a3094fd92 100644
--- a/src/services/auth.ts
+++ b/src/services/auth.ts
@@ -10,181 +10,156 @@ import passwordService = require("./encryption/password");
 import type { NextFunction, Request, Response } from "express";
 import { AppRequest } from "../routes/route-interface";
 import openID = require("./open_id");
-import openIdService = require("../services/encryption/open_id");
-import openIDEncryptionService = require("../services/encryption/open_id_encryption");
+import sql = require("./sql");
 
 const noAuthentication =
-    config.General && config.General.noAuthentication === true;
+  config.General && config.General.noAuthentication === true;
 
 function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
-    if (!sqlInit.isDbInitialized()) {
-        res.redirect("setup");
-    } else if (openID.checkOpenIDRequirements()) {
-        // }else if (openID.isOpenIDEnabled() && openID.getOAuthStatus().message) {
-        // console.log("SLKDJLKJSDFl");
-        if (req.oidc.isAuthenticated()) {
-            openID.doStuff();
-            req.oidc
-                .fetchUserInfo()
-                .then((a) => console.log("YAY"))
-                .catch((f) => console.log("OH NOOO"));
-            req.session.loggedIn = true;
-            next();
-        } else {
-            req.session.loggedIn = false;
-            res.oidc.login({});
-        }
-        // if (
-        //     openIdService.isSubjectIdentifierSaved() &&
-        //     req.oidc !== undefined
-        // ) {
-        //     const result = req.oidc.fetchUserInfo().then((result) => {
-        //         if (
-        //             openIDEncryptionService.verifyOpenIDSubjectIdentifier(
-        //                 result.sub
-        //             )
-        //         ) {
-        //             req.session.loggedIn = true;
-        //             next();
-        //         } else {
-        //             req.session.loggedIn = false;
-        //             res.oidc.logout({});
-        //         }
-        //     });
-        // } else {
-        //     next();
-        // }
-    } else if (
-        !req.session.loggedIn &&
-        !utils.isElectron() &&
-        !noAuthentication
-    ) {
-        res.redirect("login");
+  if (!sqlInit.isDbInitialized()) {
+    res.redirect("setup");
+  } else if (openID.checkOpenIDRequirements()) {
+    if (req.oidc.isAuthenticated() && openID.validateUser(req.oidc.user?.sub)) {
+      req.session.loggedIn = true;
+      next();
     } else {
-        next();
+      req.session.loggedIn = false;
+      res.oidc.login({});
     }
+  } else if (
+    !req.session.loggedIn &&
+    !utils.isElectron() &&
+    !noAuthentication
+  ) {
+    res.redirect("login");
+  } else {
+    next();
+  }
 }
 
 // for electron things which need network stuff
 //  currently, we're doing that for file upload because handling form data seems to be difficult
 function checkApiAuthOrElectron(
-    req: AppRequest,
-    res: Response,
-    next: NextFunction
+  req: AppRequest,
+  res: Response,
+  next: NextFunction
 ) {
-    if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
-        reject(req, res, "Logged in session not found");
-    } else {
-        next();
-    }
+  if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
+    reject(req, res, "Logged in session not found");
+  } else {
+    next();
+  }
 }
 
 function checkApiAuth(req: AppRequest, res: Response, next: NextFunction) {
-    if (!req.session.loggedIn && !noAuthentication) {
-        reject(req, res, "Logged in session not found");
-    } else {
-        next();
-    }
+  if (!req.session.loggedIn && !noAuthentication) {
+    reject(req, res, "Logged in session not found");
+  } else {
+    next();
+  }
 }
 
 function checkAppInitialized(
-    req: AppRequest,
-    res: Response,
-    next: NextFunction
+  req: AppRequest,
+  res: Response,
+  next: NextFunction
 ) {
-    if (!sqlInit.isDbInitialized()) {
-        res.redirect("setup");
-    } else {
-        next();
-    }
+  if (!sqlInit.isDbInitialized()) {
+    res.redirect("setup");
+  } else {
+    next();
+  }
 }
 
 function checkPasswordSet(req: AppRequest, res: Response, next: NextFunction) {
-    if (!utils.isElectron() && !passwordService.isPasswordSet()) {
-        res.redirect("set-password");
-    } else {
-        next();
-    }
+  if (!utils.isElectron() && !passwordService.isPasswordSet()) {
+    res.redirect("set-password");
+  } else {
+    next();
+  }
 }
 
 function checkPasswordNotSet(
-    req: AppRequest,
-    res: Response,
-    next: NextFunction
+  req: AppRequest,
+  res: Response,
+  next: NextFunction
 ) {
-    if (!utils.isElectron() && passwordService.isPasswordSet()) {
-        res.redirect("login");
-    } else {
-        next();
-    }
+  if (!utils.isElectron() && passwordService.isPasswordSet()) {
+    res.redirect("login");
+  } else {
+    next();
+  }
 }
 
 function checkAppNotInitialized(
-    req: AppRequest,
-    res: Response,
-    next: NextFunction
+  req: AppRequest,
+  res: Response,
+  next: NextFunction
 ) {
-    if (sqlInit.isDbInitialized()) {
-        reject(req, res, "App already initialized.");
-    } else {
-        next();
-    }
+  if (sqlInit.isDbInitialized()) {
+    reject(req, res, "App already initialized.");
+  } else {
+    next();
+  }
 }
 
 function checkEtapiToken(req: AppRequest, res: Response, next: NextFunction) {
-    if (etapiTokenService.isValidAuthHeader(req.headers.authorization)) {
-        next();
-    } else {
-        reject(req, res, "Token not found");
-    }
+  if (etapiTokenService.isValidAuthHeader(req.headers.authorization)) {
+    next();
+  } else {
+    reject(req, res, "Token not found");
+  }
 }
 
 function reject(req: AppRequest, res: Response, message: string) {
-    log.info(`${req.method} ${req.path} rejected with 401 ${message}`);
+  log.info(`${req.method} ${req.path} rejected with 401 ${message}`);
 
-    res.setHeader("Content-Type", "text/plain").status(401).send(message);
+  res.setHeader("Content-Type", "text/plain").status(401).send(message);
 }
 
 function checkCredentials(req: AppRequest, res: Response, next: NextFunction) {
-    if (!sqlInit.isDbInitialized()) {
-        res.setHeader("Content-Type", "text/plain")
-            .status(400)
-            .send("Database is not initialized yet.");
-        return;
-    }
-
-    if (!passwordService.isPasswordSet()) {
-        res.setHeader("Content-Type", "text/plain")
-            .status(400)
-            .send(
-                "Password has not been set yet. Please set a password and repeat the action"
-            );
-        return;
-    }
-
-    const header = req.headers["trilium-cred"] || "";
-    const auth = Buffer.from(header, "base64").toString();
-    const colonIndex = auth.indexOf(":");
-    const password = colonIndex === -1 ? "" : auth.substr(colonIndex + 1);
-    // username is ignored
-
-    if (!passwordEncryptionService.verifyPassword(password)) {
-        res.setHeader("Content-Type", "text/plain")
-            .status(401)
-            .send("Incorrect password");
-    } else {
-        next();
-    }
+  if (!sqlInit.isDbInitialized()) {
+    res
+      .setHeader("Content-Type", "text/plain")
+      .status(400)
+      .send("Database is not initialized yet.");
+    return;
+  }
+
+  if (!passwordService.isPasswordSet()) {
+    res
+      .setHeader("Content-Type", "text/plain")
+      .status(400)
+      .send(
+        "Password has not been set yet. Please set a password and repeat the action"
+      );
+    return;
+  }
+
+  const header = req.headers["trilium-cred"] || "";
+  const auth = Buffer.from(header, "base64").toString();
+  const colonIndex = auth.indexOf(":");
+  const password = colonIndex === -1 ? "" : auth.substr(colonIndex + 1);
+  // username is ignored
+
+  if (!passwordEncryptionService.verifyPassword(password)) {
+    res
+      .setHeader("Content-Type", "text/plain")
+      .status(401)
+      .send("Incorrect password");
+  } else {
+    next();
+  }
 }
 
 export = {
-    checkAuth,
-    checkApiAuth,
-    checkAppInitialized,
-    checkPasswordSet,
-    checkPasswordNotSet,
-    checkAppNotInitialized,
-    checkApiAuthOrElectron,
-    checkEtapiToken,
-    checkCredentials,
+  checkAuth,
+  checkApiAuth,
+  checkAppInitialized,
+  checkPasswordSet,
+  checkPasswordNotSet,
+  checkAppNotInitialized,
+  checkApiAuthOrElectron,
+  checkEtapiToken,
+  checkCredentials,
 };
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index 64191f2c97..f040f13e80 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -3,172 +3,148 @@ import { NextFunction, Request, Response } from "express";
 import openIDService = require("./encryption/open_id");
 import options = require("./options");
 import { Session, auth } from "express-openid-connect";
+import sql = require("./sql");
 
 function isOpenIDEnabled() {
-    try {
-        return options.getOptionBool("oAuthEnabled");
-    } catch (e) {
-        return false;
-    }
+  try {
+    return options.getOptionBool("oAuthEnabled");
+  } catch (e) {
+    return false;
+  }
 }
 
 function checkOpenIDRequirements() {
-    if (process.env.OAUTH_ENABLED === undefined) return false;
-    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
-
-    if (process.env.BASE_URL === undefined)
-        throw new OpenIDError("BASE_URL is undefined in .env!");
-    if (process.env.CLIENT_ID === undefined)
-        throw new OpenIDError("CLIENT_ID is undefined in .env!");
-    if (process.env.ISSUER_BASE_URL === undefined)
-        throw new OpenIDError("ISSUER_BASE_URL is undefined in .env!");
-    if (process.env.SECRET === undefined)
-        throw new OpenIDError("SECRET is undefined in .env!");
-    if (process.env.AUTH_0_LOGOUT === undefined)
-        throw new OpenIDError("AUTH_0_LOGOUT is undefined in .env!");
-
-    return true;
+  if (process.env.OAUTH_ENABLED === undefined) return false;
+  if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
+
+  if (process.env.BASE_URL === undefined)
+    throw new OpenIDError("BASE_URL is undefined in .env!");
+  if (process.env.CLIENT_ID === undefined)
+    throw new OpenIDError("CLIENT_ID is undefined in .env!");
+  if (process.env.CONFIGURATION_URL === undefined)
+    throw new OpenIDError("CONFIGURATION_URL is undefined in .env!");
+  if (process.env.SECRET === undefined)
+    throw new OpenIDError("SECRET is undefined in .env!");
+  if (process.env.AUTH_0_LOGOUT === undefined)
+    throw new OpenIDError("AUTH_0_LOGOUT is undefined in .env!");
+
+  return true;
 }
 
 function enableOAuth() {
-    if (!getOauthEnv()) return { success: false, message: "OAuth Not Enabled" };
+  if (!getOauthEnv()) return { success: false, message: "OAuth Not Enabled" };
 
-    options.setOption("oAuthEnabled", true);
-    options.setOption("totpEnabled", false);
+  options.setOption("oAuthEnabled", true);
+  options.setOption("totpEnabled", false);
 
-    return { success: true, message: "OAuth Enabled" };
+  return { success: true, message: "OAuth Enabled" };
 }
 
 function disableOAuth() {
-    options.setOption("oAuthEnabled", false);
-    return { success: true, message: "OAuth Disabled" };
+  options.setOption("oAuthEnabled", false);
+  return { success: true, message: "OAuth Disabled" };
 }
 
 function getOauthEnv() {
-    if (process.env.OAUTH_ENABLED === undefined) return false;
-    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
+  if (process.env.OAUTH_ENABLED === undefined) return false;
+  if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
 
-    return true;
+  return true;
 }
 
 function getOAuthStatus() {
-    return {
-        success: true,
-        message: options.getOptionBool("oAuthEnabled"),
-        enabled: getOauthEnv(),
-    };
+  return {
+    success: true,
+    message: checkOpenIDRequirements(),
+  };
 }
 
-function authenticateUser(req: Request, res: Response, next: NextFunction) {
-    // TODO: Add validity
-    if (openIDService.isSubjectIdentifierSaved())
-        return { success: false, message: "User ID already saved!" };
-
-    if (req.oidc !== undefined) {
-        const result = req.oidc
-            .fetchUserInfo()
-            .then((result) => {
-                openIDService.saveSubjectIdentifier(result.sub);
-                return {
-                    success: true,
-                    message: "User " + req.oidc.user?.name + " saved!",
-                };
-            })
-            .catch((result) => {
-                return { success: false, message: "Need to login again!" };
-            });
-        return result;
-    } else {
-        console.log("Access token Invalid!");
-        return { success: false, message: "Access token Invalid!" };
-    }
+function validateUser(userID: string) {
+  console.log("Checking to see if the user is valid :D");
+  if (userID === sql.getValue("SELECT * FROM user_data")) return true;
+  return false;
 }
 
 function isTokenValid(req: Request, res: Response, next: NextFunction) {
-    const userStatus = openIDService.isSubjectIdentifierSaved();
-
-    if (req.oidc !== undefined) {
-        const result = req.oidc
-            .fetchUserInfo()
-            .then((result) => {
-                return {
-                    success: true,
-                    message: "Token is valid",
-                    user: userStatus,
-                };
-            })
-            .catch((result) => {
-                return {
-                    success: false,
-                    message: "Token is not valid",
-                    user: userStatus,
-                };
-            });
-        return result;
-    } else {
+  const userStatus = openIDService.isSubjectIdentifierSaved();
+
+  if (req.oidc !== undefined) {
+    const result = req.oidc
+      .fetchUserInfo()
+      .then((result) => {
         return {
-            success: false,
-            message: "Token not set up",
-            user: userStatus,
+          success: true,
+          message: "Token is valid",
+          user: userStatus,
         };
-    }
+      })
+      .catch((result) => {
+        return {
+          success: false,
+          message: "Token is not valid",
+          user: userStatus,
+        };
+      });
+    return result;
+  } else {
+    return {
+      success: false,
+      message: "Token not set up",
+      user: userStatus,
+    };
+  }
 }
 
 function checkAuth0Logout() {
-    if (process.env.AUTH_0_LOGOUT === undefined) return false;
-    if (process.env.AUTH_0_LOGOUT.toLocaleLowerCase() === "true") return true;
-    return false;
+  if (process.env.AUTH_0_LOGOUT === undefined) return false;
+  if (process.env.AUTH_0_LOGOUT.toLocaleLowerCase() === "true") return true;
+  return false;
 }
 
 function generateOAuthConfig() {
-    const authRoutes = {
-        callback: "/callback",
-        login: "/authenticate",
-        postLogoutRedirect: "/login",
-        logout: "/logout",
-    };
-
-    const logoutParams = {
-        // end_session_endpoint: "/end-session/",
-    };
-
-    const authConfig = {
-        authRequired: true,
-        auth0Logout: checkAuth0Logout(),
-        baseURL: process.env.BASE_URL,
-        clientID: process.env.CLIENT_ID,
-        issuerBaseURL: process.env.ISSUER_BASE_URL,
-        secret: process.env.SECRET,
-        clientSecret: process.env.SECRET,
-        authorizationParams: {
-            response_type: "code",
-            scope: "openid profile email",
-        },
-        routes: authRoutes,
-        idpLogout: true,
-        logoutParams: logoutParams,
-        // CookieConfigParams: { path: "/home/chesspro13/" },
-        // afterCallback: doStuff,
-    };
-    return authConfig;
-}
-
-async function doStuff() {
-    // async function doStuff(req: Request, res: Response, session: Session) {
-    console.log("After Callback");
-    // res.oidc.logout({ returnTo: "/" });
-
-    openIDService.saveSubjectIdentifier("AbCD");
+  const authRoutes = {
+    callback: "/callback",
+    login: "/authenticate",
+    postLogoutRedirect: "/login",
+    logout: "/logout",
+  };
+
+  const logoutParams = {
+    end_session_endpoint: "/end-session/",
+  };
+
+  const authConfig = {
+    authRequired: true,
+    auth0Logout: checkAuth0Logout(),
+    baseURL: process.env.BASE_URL,
+    clientID: process.env.CLIENT_ID,
+    issuerBaseURL: process.env.CONFIGURATION_URL,
+    secret: process.env.SECRET,
+    clientSecret: process.env.SECRET,
+    authorizationParams: {
+      response_type: "code",
+      scope: "openid profile email",
+    },
+    routes: authRoutes,
+    idpLogout: true,
+    logoutParams: logoutParams,
+    afterCallback: async (req: Request, res: Response, session: Session) => {
+      sql.replace("user_data", {
+        userID: req.oidc.user?.sub.toString(),
+      });
+      return session;
+    },
+  };
+  return authConfig;
 }
 
 export = {
-    generateOAuthConfig,
-    getOAuthStatus,
-    enableOAuth,
-    disableOAuth,
-    isOpenIDEnabled,
-    checkOpenIDRequirements,
-    authenticateUser,
-    isTokenValid,
-    doStuff,
+  generateOAuthConfig,
+  getOAuthStatus,
+  enableOAuth,
+  disableOAuth,
+  isOpenIDEnabled,
+  checkOpenIDRequirements,
+  isTokenValid,
+  validateUser,
 };

From 48698519a4e56179c95be76f893fa27509a0148d Mon Sep 17 00:00:00 2001
From: Chesspro13 <chesspro13@gmail.com>
Date: Mon, 10 Jun 2024 12:28:05 -0700
Subject: [PATCH 53/63] Re-wrote userID getting saved to DB

---
 src/routes/login.ts                           |  96 ++++----
 src/services/auth.ts                          | 217 ++++++++---------
 src/services/encryption/open_id.ts            |  93 +++++---
 src/services/encryption/open_id_encryption.ts |  42 +++-
 src/services/open_id.ts                       | 222 +++++++++---------
 5 files changed, 368 insertions(+), 302 deletions(-)

diff --git a/src/routes/login.ts b/src/routes/login.ts
index 079cca322c..3c42260d72 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -1,44 +1,46 @@
-'use strict';
-
-import utils = require('../services/utils');
-import optionService = require('../services/options');
-import myScryptService = require('../services/encryption/my_scrypt');
-import log = require('../services/log');
-import passwordService = require('../services/encryption/password');
-import totp_secret = require('../services/totp');
-import recoveryCodeService = require('../services/encryption/recovery_codes');
-import openIDService = require('../services/open_id');
-import openID = require('../services/encryption/open_id');
-import assetPath = require('../services/asset_path');
-import appPath = require('../services/app_path');
-import ValidationError = require('../errors/validation_error');
-import {Request, Response} from 'express';
-import {AppRequest} from './route-interface';
-import totp = require('../services/totp');
+"use strict";
+
+import utils = require("../services/utils");
+import optionService = require("../services/options");
+import myScryptService = require("../services/encryption/my_scrypt");
+import log = require("../services/log");
+import passwordService = require("../services/encryption/password");
+import totp_secret = require("../services/totp");
+import recoveryCodeService = require("../services/encryption/recovery_codes");
+import openIDService = require("../services/open_id");
+import openID = require("../services/encryption/open_id");
+import assetPath = require("../services/asset_path");
+import appPath = require("../services/app_path");
+import ValidationError = require("../errors/validation_error");
+import { Request, Response } from "express";
+import { AppRequest } from "./route-interface";
+import totp = require("../services/totp");
 
 function loginPage(req: Request, res: Response) {
-    res.render('login', {
+    res.render("login", {
         failedAuth: false,
-        totpEnabled: optionService.getOptionBool('totpEnabled') && totp_secret.checkForTotSecret(),
+        totpEnabled:
+            optionService.getOptionBool("totpEnabled") &&
+            totp_secret.checkForTotSecret(),
         assetPath: assetPath,
-        appPath: appPath
+        appPath: appPath,
     });
 }
 
 function setPasswordPage(req: Request, res: Response) {
-    res.render('set_password', {
+    res.render("set_password", {
         error: false,
         assetPath: assetPath,
-        appPath: appPath
+        appPath: appPath,
     });
 }
 
 function setPassword(req: Request, res: Response) {
     if (passwordService.isPasswordSet()) {
-        throw new ValidationError('Password has been already set');
+        throw new ValidationError("Password has been already set");
     }
 
-    let {password1, password2} = req.body;
+    let { password1, password2 } = req.body;
     password1 = password1.trim();
     password2 = password2.trim();
 
@@ -47,20 +49,20 @@ function setPassword(req: Request, res: Response) {
     if (password1 !== password2) {
         error = "Entered passwords don't match.";
     } else if (password1.length < 4) {
-        error = 'Password must be at least 4 characters long.';
+        error = "Password must be at least 4 characters long.";
     }
 
     if (error) {
-        res.render('set_password', {
+        res.render("set_password", {
             error,
-            assetPath: assetPath
+            assetPath: assetPath,
         });
         return;
     }
 
     passwordService.setPassword(password1);
 
-    res.redirect('login');
+    res.redirect("login");
 }
 
 function login(req: AppRequest, res: Response) {
@@ -73,7 +75,10 @@ function login(req: AppRequest, res: Response) {
             return;
         }
 
-        if (optionService.getOptionBool('totpEnabled') && totp_secret.checkForTotSecret())
+        if (
+            optionService.getOptionBool("totpEnabled") &&
+            totp_secret.checkForTotSecret()
+        )
             if (!verifyTOTP(guessedTotp)) {
                 sendLoginError(req, res);
                 return;
@@ -89,15 +94,15 @@ function login(req: AppRequest, res: Response) {
             }
 
             req.session.loggedIn = true;
-            res.redirect('.');
+            res.redirect(".");
         });
     } else {
         // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
         log.info(`WARNING: Wrong password from ${req.ip}, rejecting.`);
 
-        res.status(401).render('login', {
+        res.status(401).render("login", {
             failedAuth: true,
-            assetPath: assetPath
+            assetPath: assetPath,
         });
     }
 }
@@ -106,23 +111,28 @@ function sendLoginError(req: AppRequest, res: Response) {
     // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
     log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
 
-    res.status(401).render('login', {
+    res.status(401).render("login", {
         failedAuth: true,
-        totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
-        assetPath: assetPath
+        totpEnabled:
+            optionService.getOption("totpEnabled") &&
+            totp_secret.checkForTotSecret(),
+        assetPath: assetPath,
     });
 }
 
 function verifyTOTP(guessedToken: string) {
     if (totp.validateTOTP(guessedToken)) return true;
 
-    const recoveryCodeValidates = recoveryCodeService.verifyRecoveryCode(guessedToken);
+    const recoveryCodeValidates =
+        recoveryCodeService.verifyRecoveryCode(guessedToken);
 
     return recoveryCodeValidates;
 }
 
 function verifyPassword(guessedPassword: string) {
-    const hashed_password = utils.fromBase64(optionService.getOption('passwordVerificationHash'));
+    const hashed_password = utils.fromBase64(
+        optionService.getOption("passwordVerificationHash")
+    );
 
     const guess_hashed = myScryptService.getVerificationHash(guessedPassword);
 
@@ -132,9 +142,13 @@ function verifyPassword(guessedPassword: string) {
 function logout(req: AppRequest, res: Response) {
     req.session.regenerate(() => {
         req.session.loggedIn = false;
-
-        if (openIDService.isOpenIDEnabled() && openID.isSubjectIdentifierSaved()) res.oidc.logout({});
-        else res.redirect('login');
+        if (
+            openIDService.isOpenIDEnabled() &&
+            openID.isSubjectIdentifierSaved()
+        ) {
+            console.log("CAN LOGOUT");
+            res.oidc.logout({});
+        } else res.redirect("login");
     });
 }
 
@@ -143,5 +157,5 @@ export = {
     setPasswordPage,
     setPassword,
     login,
-    logout
+    logout,
 };
diff --git a/src/services/auth.ts b/src/services/auth.ts
index 2a3094fd92..7cd81c2bab 100644
--- a/src/services/auth.ts
+++ b/src/services/auth.ts
@@ -11,155 +11,156 @@ import type { NextFunction, Request, Response } from "express";
 import { AppRequest } from "../routes/route-interface";
 import openID = require("./open_id");
 import sql = require("./sql");
+import open_id_encryption = require("./encryption/open_id_encryption");
 
 const noAuthentication =
-  config.General && config.General.noAuthentication === true;
+    config.General && config.General.noAuthentication === true;
 
 function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
-  if (!sqlInit.isDbInitialized()) {
-    res.redirect("setup");
-  } else if (openID.checkOpenIDRequirements()) {
-    if (req.oidc.isAuthenticated() && openID.validateUser(req.oidc.user?.sub)) {
-      req.session.loggedIn = true;
-      next();
+    if (!sqlInit.isDbInitialized()) {
+        res.redirect("setup");
+    } else if (openID.checkOpenIDRequirements()) {
+        if (
+            req.oidc.isAuthenticated() &&
+            open_id_encryption.verifyOpenIDSubjectIdentifier(req.oidc.user?.sub)
+        ) {
+            req.session.loggedIn = true;
+            next();
+        } else {
+            req.session.loggedIn = false;
+            res.oidc.login({});
+        }
+    } else if (
+        !req.session.loggedIn &&
+        !utils.isElectron() &&
+        !noAuthentication
+    ) {
+        res.redirect("login");
     } else {
-      req.session.loggedIn = false;
-      res.oidc.login({});
+        next();
     }
-  } else if (
-    !req.session.loggedIn &&
-    !utils.isElectron() &&
-    !noAuthentication
-  ) {
-    res.redirect("login");
-  } else {
-    next();
-  }
 }
 
 // for electron things which need network stuff
 //  currently, we're doing that for file upload because handling form data seems to be difficult
 function checkApiAuthOrElectron(
-  req: AppRequest,
-  res: Response,
-  next: NextFunction
+    req: AppRequest,
+    res: Response,
+    next: NextFunction
 ) {
-  if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
-    reject(req, res, "Logged in session not found");
-  } else {
-    next();
-  }
+    if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
+        reject(req, res, "Logged in session not found");
+    } else {
+        next();
+    }
 }
 
 function checkApiAuth(req: AppRequest, res: Response, next: NextFunction) {
-  if (!req.session.loggedIn && !noAuthentication) {
-    reject(req, res, "Logged in session not found");
-  } else {
-    next();
-  }
+    if (!req.session.loggedIn && !noAuthentication) {
+        reject(req, res, "Logged in session not found");
+    } else {
+        next();
+    }
 }
 
 function checkAppInitialized(
-  req: AppRequest,
-  res: Response,
-  next: NextFunction
+    req: AppRequest,
+    res: Response,
+    next: NextFunction
 ) {
-  if (!sqlInit.isDbInitialized()) {
-    res.redirect("setup");
-  } else {
-    next();
-  }
+    if (!sqlInit.isDbInitialized()) {
+        res.redirect("setup");
+    } else {
+        next();
+    }
 }
 
 function checkPasswordSet(req: AppRequest, res: Response, next: NextFunction) {
-  if (!utils.isElectron() && !passwordService.isPasswordSet()) {
-    res.redirect("set-password");
-  } else {
-    next();
-  }
+    if (!utils.isElectron() && !passwordService.isPasswordSet()) {
+        res.redirect("set-password");
+    } else {
+        next();
+    }
 }
 
 function checkPasswordNotSet(
-  req: AppRequest,
-  res: Response,
-  next: NextFunction
+    req: AppRequest,
+    res: Response,
+    next: NextFunction
 ) {
-  if (!utils.isElectron() && passwordService.isPasswordSet()) {
-    res.redirect("login");
-  } else {
-    next();
-  }
+    if (!utils.isElectron() && passwordService.isPasswordSet()) {
+        res.redirect("login");
+    } else {
+        next();
+    }
 }
 
 function checkAppNotInitialized(
-  req: AppRequest,
-  res: Response,
-  next: NextFunction
+    req: AppRequest,
+    res: Response,
+    next: NextFunction
 ) {
-  if (sqlInit.isDbInitialized()) {
-    reject(req, res, "App already initialized.");
-  } else {
-    next();
-  }
+    if (sqlInit.isDbInitialized()) {
+        reject(req, res, "App already initialized.");
+    } else {
+        next();
+    }
 }
 
 function checkEtapiToken(req: AppRequest, res: Response, next: NextFunction) {
-  if (etapiTokenService.isValidAuthHeader(req.headers.authorization)) {
-    next();
-  } else {
-    reject(req, res, "Token not found");
-  }
+    if (etapiTokenService.isValidAuthHeader(req.headers.authorization)) {
+        next();
+    } else {
+        reject(req, res, "Token not found");
+    }
 }
 
 function reject(req: AppRequest, res: Response, message: string) {
-  log.info(`${req.method} ${req.path} rejected with 401 ${message}`);
+    log.info(`${req.method} ${req.path} rejected with 401 ${message}`);
 
-  res.setHeader("Content-Type", "text/plain").status(401).send(message);
+    res.setHeader("Content-Type", "text/plain").status(401).send(message);
 }
 
 function checkCredentials(req: AppRequest, res: Response, next: NextFunction) {
-  if (!sqlInit.isDbInitialized()) {
-    res
-      .setHeader("Content-Type", "text/plain")
-      .status(400)
-      .send("Database is not initialized yet.");
-    return;
-  }
-
-  if (!passwordService.isPasswordSet()) {
-    res
-      .setHeader("Content-Type", "text/plain")
-      .status(400)
-      .send(
-        "Password has not been set yet. Please set a password and repeat the action"
-      );
-    return;
-  }
-
-  const header = req.headers["trilium-cred"] || "";
-  const auth = Buffer.from(header, "base64").toString();
-  const colonIndex = auth.indexOf(":");
-  const password = colonIndex === -1 ? "" : auth.substr(colonIndex + 1);
-  // username is ignored
-
-  if (!passwordEncryptionService.verifyPassword(password)) {
-    res
-      .setHeader("Content-Type", "text/plain")
-      .status(401)
-      .send("Incorrect password");
-  } else {
-    next();
-  }
+    if (!sqlInit.isDbInitialized()) {
+        res.setHeader("Content-Type", "text/plain")
+            .status(400)
+            .send("Database is not initialized yet.");
+        return;
+    }
+
+    if (!passwordService.isPasswordSet()) {
+        res.setHeader("Content-Type", "text/plain")
+            .status(400)
+            .send(
+                "Password has not been set yet. Please set a password and repeat the action"
+            );
+        return;
+    }
+
+    const header = req.headers["trilium-cred"] || "";
+    const auth = Buffer.from(header, "base64").toString();
+    const colonIndex = auth.indexOf(":");
+    const password = colonIndex === -1 ? "" : auth.substr(colonIndex + 1);
+    // username is ignored
+
+    if (!passwordEncryptionService.verifyPassword(password)) {
+        res.setHeader("Content-Type", "text/plain")
+            .status(401)
+            .send("Incorrect password");
+    } else {
+        next();
+    }
 }
 
 export = {
-  checkAuth,
-  checkApiAuth,
-  checkAppInitialized,
-  checkPasswordSet,
-  checkPasswordNotSet,
-  checkAppNotInitialized,
-  checkApiAuthOrElectron,
-  checkEtapiToken,
-  checkCredentials,
+    checkAuth,
+    checkApiAuth,
+    checkAppInitialized,
+    checkPasswordSet,
+    checkPasswordNotSet,
+    checkAppNotInitialized,
+    checkApiAuthOrElectron,
+    checkEtapiToken,
+    checkCredentials,
 };
diff --git a/src/services/encryption/open_id.ts b/src/services/encryption/open_id.ts
index 1c93117c97..f4f8bcfc43 100644
--- a/src/services/encryption/open_id.ts
+++ b/src/services/encryption/open_id.ts
@@ -1,52 +1,81 @@
-'use strict';
+"use strict";
 
-import sql = require('../sql');
-import optionService = require('../options');
-import myScryptService = require('./my_scrypt');
-import utils = require('../utils');
-import openIDEncryptionService = require('./open_id_encryption');
-import options = require('../options');
+import sql = require("../sql");
+import optionService = require("../options");
+import myScryptService = require("./my_scrypt");
+import utils = require("../utils");
+import openIDEncryptionService = require("./open_id_encryption");
+import options = require("../options");
 
 function saveSubjectIdentifier(subjectIdentifier: string) {
-    if (isSubjectIdentifierSaved()) {
-        throw new Error(
-            "SubjectIdentifier is set already. Either change it or perform 'reset Subject Identifier' first."
-        );
-    }
-    options.setOption('subjectIdentifierVerificationSalt', utils.randomSecureToken(32));
-    options.setOption('subjectIdentifierDerivedKeySalt', utils.randomSecureToken(32));
-    const subjectIdentifierVerificationKey = utils.toBase64(
+    // if (isSubjectIdentifierSaved()) {
+    //     throw new Error(
+    //         "SubjectIdentifier is set already. Either change it or perform 'reset Subject Identifier' first."
+    //     );
+    // }
+
+    // sql.replace("user_data", {
+    //     userID: subjectIdentifier,
+    // });
+
+    // sql.replace("user_data", {
+    //     userID: subjectIdentifier,
+    // });
+
+    const verificationSalt = utils.randomSecureToken(32);
+    const derivedKeySalt = utils.randomSecureToken(32);
+    const verificationHash = utils.toBase64(
         myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier)
     );
-    options.setOption('subjectIdentifierVerificationHash', subjectIdentifierVerificationKey);
-
-    openIDEncryptionService.setDataKey(subjectIdentifier, utils.randomSecureToken(16));
-    options.setOption('userSubjectIdentifierSaved', 'true');
-    return {
-        success: true,
-    };
-}
+    const userIDEncryptedDataKey = openIDEncryptionService.setDataKey(
+        subjectIdentifier,
+        utils.randomSecureToken(16)
+    );
 
-function resetSubjectIdentifier() {
-    // user forgot the subjectIdentifier,
-    sql.transactional(() => {
-        optionService.setOption('subjectIdentifierVerificationSalt', '');
-        optionService.setOption('subjectIdentifierDerivedKeySalt', '');
-        optionService.setOption('subjectIdentifierEncryptedDataKey', '');
-        optionService.setOption('subjectIdentifierVerificationHash', '');
+    sql.replace("user_data", {
+        userIDVerificationHash: verificationHash,
+        userIDVerificationSalt: verificationSalt,
+        userIDDerivedKey: derivedKeySalt,
+        userIDEcnryptedDataKey: userIDEncryptedDataKey,
     });
+    // if (userID === sql.getValue("SELECT * FROM user_data"))
 
+    // options.setOption('subjectIdentifierVerificationSalt', utils.randomSecureToken(32));
+    // options.setOption('subjectIdentifierDerivedKeySalt', utils.randomSecureToken(32));
+    // const subjectIdentifierVerificationKey = utils.toBase64(
+    //     myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier)
+    // );
+    // options.setOption('subjectIdentifierVerificationHash', subjectIdentifierVerificationKey);
+
+    // openIDEncryptionService.setDataKey(subjectIdentifier, utils.randomSecureToken(16));
+    // options.setOption('userSubjectIdentifierSaved', 'true');
     return {
         success: true,
     };
 }
 
+// function resetSubjectIdentifier() {
+//     // user forgot the subjectIdentifier,
+//     sql.transactional(() => {
+//         optionService.setOption("subjectIdentifierVerificationSalt", "");
+//         optionService.setOption("subjectIdentifierDerivedKeySalt", "");
+//         optionService.setOption("subjectIdentifierEncryptedDataKey", "");
+//         optionService.setOption("subjectIdentifierVerificationHash", "");
+//     });
+
+//     return {
+//         success: true,
+//     };
+// }
+
 function isSubjectIdentifierSaved() {
-    return optionService.getOptionBool('userSubjectIdentifierSaved');
+    const value = sql.getValue("SELECT userIDEcnryptedDataKey FROM user_data");
+    if (value === undefined || value === null || value === "") return false;
+    return true;
 }
 
 export = {
     saveSubjectIdentifier,
-    resetSubjectIdentifier,
+    // resetSubjectIdentifier,
     isSubjectIdentifierSaved,
 };
diff --git a/src/services/encryption/open_id_encryption.ts b/src/services/encryption/open_id_encryption.ts
index fb1bcb88ff..d90e743466 100644
--- a/src/services/encryption/open_id_encryption.ts
+++ b/src/services/encryption/open_id_encryption.ts
@@ -1,10 +1,10 @@
-import optionService = require('../options');
-import myScryptService = require('./my_scrypt');
-import utils = require('../utils');
-import dataEncryptionService = require('./data_encryption');
+import optionService = require("../options");
+import myScryptService = require("./my_scrypt");
+import utils = require("../utils");
+import dataEncryptionService = require("./data_encryption");
 
 function verifyOpenIDSubjectIdentifier(subjectIdentifier: string) {
-    if (!optionService.getOptionBool('userSubjectIdentifierSaved')) {
+    if (!optionService.getOptionBool("userSubjectIdentifierSaved")) {
         return false;
     }
 
@@ -12,27 +12,43 @@ function verifyOpenIDSubjectIdentifier(subjectIdentifier: string) {
         myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier)
     );
 
-    const dbSubjectIdentifierHash = optionService.getOptionOrNull('subjectIdentifierVerificationHash');
+    const dbSubjectIdentifierHash = optionService.getOptionOrNull(
+        "subjectIdentifierVerificationHash"
+    );
 
     if (!dbSubjectIdentifierHash) return false;
 
     return givenSubjectIdentifierHash === dbSubjectIdentifierHash;
 }
 
-function setDataKey(subjectIdentifier: string, plainTextDataKey: string | Buffer) {
-    const subjectIdentifierDerivedKey = myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
+function setDataKey(
+    subjectIdentifier: string,
+    plainTextDataKey: string | Buffer
+) {
+    const subjectIdentifierDerivedKey =
+        myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
 
-    const newEncryptedDataKey = dataEncryptionService.encrypt(subjectIdentifierDerivedKey, plainTextDataKey);
+    const newEncryptedDataKey = dataEncryptionService.encrypt(
+        subjectIdentifierDerivedKey,
+        plainTextDataKey
+    );
 
-    optionService.setOption('subjectIdentifierEncryptedDataKey', newEncryptedDataKey);
+    // optionService.setOption('subjectIdentifierEncryptedDataKey', newEncryptedDataKey);
+    return newEncryptedDataKey;
 }
 
 function getDataKey(subjectIdentifier: string) {
-    const subjectIdentifierDerivedKey = myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
+    const subjectIdentifierDerivedKey =
+        myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
 
-    const encryptedDataKey = optionService.getOption('subjectIdentifierEncryptedDataKey');
+    const encryptedDataKey = optionService.getOption(
+        "subjectIdentifierEncryptedDataKey"
+    );
 
-    const decryptedDataKey = dataEncryptionService.decrypt(subjectIdentifierDerivedKey, encryptedDataKey);
+    const decryptedDataKey = dataEncryptionService.decrypt(
+        subjectIdentifierDerivedKey,
+        encryptedDataKey
+    );
 
     return decryptedDataKey;
 }
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index f040f13e80..b5000fed8f 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -1,150 +1,156 @@
 import OpenIDError = require("../errors/open_id_error");
 import { NextFunction, Request, Response } from "express";
 import openIDService = require("./encryption/open_id");
+import sqlInit = require("./sql_init");
 import options = require("./options");
 import { Session, auth } from "express-openid-connect";
 import sql = require("./sql");
 
 function isOpenIDEnabled() {
-  try {
-    return options.getOptionBool("oAuthEnabled");
-  } catch (e) {
-    return false;
-  }
+    try {
+        return options.getOptionBool("oAuthEnabled");
+    } catch (e) {
+        return false;
+    }
 }
 
 function checkOpenIDRequirements() {
-  if (process.env.OAUTH_ENABLED === undefined) return false;
-  if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
-
-  if (process.env.BASE_URL === undefined)
-    throw new OpenIDError("BASE_URL is undefined in .env!");
-  if (process.env.CLIENT_ID === undefined)
-    throw new OpenIDError("CLIENT_ID is undefined in .env!");
-  if (process.env.CONFIGURATION_URL === undefined)
-    throw new OpenIDError("CONFIGURATION_URL is undefined in .env!");
-  if (process.env.SECRET === undefined)
-    throw new OpenIDError("SECRET is undefined in .env!");
-  if (process.env.AUTH_0_LOGOUT === undefined)
-    throw new OpenIDError("AUTH_0_LOGOUT is undefined in .env!");
-
-  return true;
+    if (process.env.OAUTH_ENABLED === undefined) return false;
+    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
+
+    if (process.env.BASE_URL === undefined)
+        throw new OpenIDError("BASE_URL is undefined in .env!");
+    if (process.env.CLIENT_ID === undefined)
+        throw new OpenIDError("CLIENT_ID is undefined in .env!");
+    if (process.env.ISSUER_BASE_URL === undefined)
+        throw new OpenIDError("ISSUER_BASE_URL is undefined in .env!");
+    if (process.env.SECRET === undefined)
+        throw new OpenIDError("SECRET is undefined in .env!");
+    if (process.env.AUTH_0_LOGOUT === undefined)
+        throw new OpenIDError("AUTH_0_LOGOUT is undefined in .env!");
+
+    return true;
 }
 
 function enableOAuth() {
-  if (!getOauthEnv()) return { success: false, message: "OAuth Not Enabled" };
+    if (!getOauthEnv()) return { success: false, message: "OAuth Not Enabled" };
 
-  options.setOption("oAuthEnabled", true);
-  options.setOption("totpEnabled", false);
+    options.setOption("oAuthEnabled", true);
+    options.setOption("totpEnabled", false);
 
-  return { success: true, message: "OAuth Enabled" };
+    return { success: true, message: "OAuth Enabled" };
 }
 
 function disableOAuth() {
-  options.setOption("oAuthEnabled", false);
-  return { success: true, message: "OAuth Disabled" };
+    options.setOption("oAuthEnabled", false);
+    return { success: true, message: "OAuth Disabled" };
 }
 
 function getOauthEnv() {
-  if (process.env.OAUTH_ENABLED === undefined) return false;
-  if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
+    if (process.env.OAUTH_ENABLED === undefined) return false;
+    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
 
-  return true;
+    return true;
 }
 
 function getOAuthStatus() {
-  return {
-    success: true,
-    message: checkOpenIDRequirements(),
-  };
+    return {
+        success: true,
+        message: checkOpenIDRequirements(),
+    };
 }
 
-function validateUser(userID: string) {
-  console.log("Checking to see if the user is valid :D");
-  if (userID === sql.getValue("SELECT * FROM user_data")) return true;
-  return false;
-}
+// function validateUser(userID: string) {
+//     console.log("Checking to see if the user is valid :D");
+//     if (userID === sql.getValue("SELECT * FROM user_data")) return true;
+//     return false;
+// }
 
 function isTokenValid(req: Request, res: Response, next: NextFunction) {
-  const userStatus = openIDService.isSubjectIdentifierSaved();
-
-  if (req.oidc !== undefined) {
-    const result = req.oidc
-      .fetchUserInfo()
-      .then((result) => {
-        return {
-          success: true,
-          message: "Token is valid",
-          user: userStatus,
-        };
-      })
-      .catch((result) => {
+    const userStatus = openIDService.isSubjectIdentifierSaved();
+
+    if (req.oidc !== undefined) {
+        const result = req.oidc
+            .fetchUserInfo()
+            .then((result) => {
+                return {
+                    success: true,
+                    message: "Token is valid",
+                    user: userStatus,
+                };
+            })
+            .catch((result) => {
+                return {
+                    success: false,
+                    message: "Token is not valid",
+                    user: userStatus,
+                };
+            });
+        return result;
+    } else {
         return {
-          success: false,
-          message: "Token is not valid",
-          user: userStatus,
+            success: false,
+            message: "Token not set up",
+            user: userStatus,
         };
-      });
-    return result;
-  } else {
-    return {
-      success: false,
-      message: "Token not set up",
-      user: userStatus,
-    };
-  }
+    }
 }
 
 function checkAuth0Logout() {
-  if (process.env.AUTH_0_LOGOUT === undefined) return false;
-  if (process.env.AUTH_0_LOGOUT.toLocaleLowerCase() === "true") return true;
-  return false;
+    if (process.env.AUTH_0_LOGOUT === undefined) return false;
+    if (process.env.AUTH_0_LOGOUT.toLocaleLowerCase() === "true") return true;
+    return false;
 }
 
 function generateOAuthConfig() {
-  const authRoutes = {
-    callback: "/callback",
-    login: "/authenticate",
-    postLogoutRedirect: "/login",
-    logout: "/logout",
-  };
-
-  const logoutParams = {
-    end_session_endpoint: "/end-session/",
-  };
-
-  const authConfig = {
-    authRequired: true,
-    auth0Logout: checkAuth0Logout(),
-    baseURL: process.env.BASE_URL,
-    clientID: process.env.CLIENT_ID,
-    issuerBaseURL: process.env.CONFIGURATION_URL,
-    secret: process.env.SECRET,
-    clientSecret: process.env.SECRET,
-    authorizationParams: {
-      response_type: "code",
-      scope: "openid profile email",
-    },
-    routes: authRoutes,
-    idpLogout: true,
-    logoutParams: logoutParams,
-    afterCallback: async (req: Request, res: Response, session: Session) => {
-      sql.replace("user_data", {
-        userID: req.oidc.user?.sub.toString(),
-      });
-      return session;
-    },
-  };
-  return authConfig;
+    const authRoutes = {
+        callback: "/callback",
+        login: "/authenticate",
+        postLogoutRedirect: "/login",
+        logout: "/logout",
+    };
+
+    const logoutParams = {
+        // end_session_endpoint: "/end-session/",
+    };
+
+    const authConfig = {
+        authRequired: true,
+        auth0Logout: checkAuth0Logout(),
+        baseURL: process.env.BASE_URL,
+        clientID: process.env.CLIENT_ID,
+        issuerBaseURL: process.env.ISSUER_BASE_URL,
+        secret: process.env.SECRET,
+        clientSecret: process.env.SECRET,
+        authorizationParams: {
+            response_type: "code",
+            scope: "openid profile email",
+        },
+        routes: authRoutes,
+        idpLogout: true,
+        logoutParams: logoutParams,
+        afterCallback: async (
+            req: Request,
+            res: Response,
+            session: Session
+        ) => {
+            if (sqlInit.isDbInitialized())
+                openIDService.saveSubjectIdentifier(
+                    req.oidc.user?.sub.toString()
+                );
+            return session;
+        },
+    };
+    return authConfig;
 }
 
 export = {
-  generateOAuthConfig,
-  getOAuthStatus,
-  enableOAuth,
-  disableOAuth,
-  isOpenIDEnabled,
-  checkOpenIDRequirements,
-  isTokenValid,
-  validateUser,
+    generateOAuthConfig,
+    getOAuthStatus,
+    enableOAuth,
+    disableOAuth,
+    isOpenIDEnabled,
+    checkOpenIDRequirements,
+    isTokenValid,
+    // validateUser,
 };

From 50dbf8750a078fe0796dc4d36bb9a949e1ca1058 Mon Sep 17 00:00:00 2001
From: Chesspro13 <chesspro13@gmail.com>
Date: Tue, 11 Jun 2024 15:34:10 -0700
Subject: [PATCH 54/63] Still refactoring

---
 db/schema.sql                                 |  6 ++-
 src/services/encryption/my_scrypt.ts          | 44 ++++++++++++-----
 src/services/encryption/open_id.ts            | 48 ++++---------------
 src/services/encryption/open_id_encryption.ts | 47 ++++++++++++++----
 src/services/open_id.ts                       | 10 ++--
 5 files changed, 88 insertions(+), 67 deletions(-)

diff --git a/db/schema.sql b/db/schema.sql
index 57a38fb38a..964ffb61ec 100644
--- a/db/schema.sql
+++ b/db/schema.sql
@@ -64,7 +64,11 @@ CREATE TABLE IF NOT EXISTS "options"
 );
 CREATE TABLE IF NOT EXISTS "user_data"
 (
-    userID TEXT not null PRIMARY KEY
+    userIDEcnryptedDataKey TEXT not null,
+    userIDVerificationHash TEXT not null,
+    userIDVerificationSalt TEXT not null,
+    userIDDerivedKey TEXT not null,
+    isSetup TEXT DEFAULT "false"
 );
 CREATE TABLE IF NOT EXISTS "attributes"
 (
diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index 89987b25cf..8930aa1ed9 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -1,41 +1,61 @@
-'use strict';
+"use strict";
 
-import optionService = require('../options');
-import crypto = require('crypto');
+import optionService = require("../options");
+import crypto = require("crypto");
+import utils = require("../utils");
+import sql = require("../sql");
 
 function getVerificationHash(password: crypto.BinaryLike) {
-    const salt = optionService.getOption('passwordVerificationSalt');
+    const salt = optionService.getOption("passwordVerificationSalt");
 
     return getScryptHash(password, salt);
 }
 
 function getPasswordDerivedKey(password: crypto.BinaryLike) {
-    const salt = optionService.getOption('passwordDerivedKeySalt');
+    const salt = optionService.getOption("passwordDerivedKeySalt");
 
     return getScryptHash(password, salt);
 }
 
-function getScryptHash(password: crypto.BinaryLike, salt: crypto.BinaryLike) {
-    const hashed = crypto.scryptSync(password, salt, 32, {N: 16384, r: 8, p: 1});
+function getScryptHash(
+    password: crypto.BinaryLike,
+    salt: string | crypto.BinaryLike
+) {
+    const hashed = crypto.scryptSync(
+        password,
+        salt instanceof String ? utils.toBase64(salt.toString()) : salt,
+        32,
+        {
+            N: 16384,
+            r: 8,
+            p: 1,
+        }
+    );
 
     return hashed;
 }
 
-function getSubjectIdentifierVerificationHash(password: crypto.BinaryLike) {
-    const salt = optionService.getOption('subjectIdentifierVerificationSalt');
+function getSubjectIdentifierVerificationHash(
+    password: crypto.BinaryLike,
+    salt: crypto.BinaryLike
+) {
+    // const salt = optionService.getOption('subjectIdentifierVerificationSalt');
 
     return getScryptHash(password, salt);
 }
 
 function getSubjectIdentifierDerivedKey(subjectIdentifer: crypto.BinaryLike) {
-    const salt = optionService.getOption('subjectIdentifierDerivedKeySalt');
+    // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
 
-    return getScryptHash(subjectIdentifer, salt);
+    const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
+    if (salt === undefined || salt === null) return undefined;
+
+    return getScryptHash(subjectIdentifer, utils.toBase64(salt.toString()));
 }
 
 export = {
     getVerificationHash,
     getPasswordDerivedKey,
     getSubjectIdentifierVerificationHash,
-    getSubjectIdentifierDerivedKey
+    getSubjectIdentifierDerivedKey,
 };
diff --git a/src/services/encryption/open_id.ts b/src/services/encryption/open_id.ts
index f4f8bcfc43..845f66e22d 100644
--- a/src/services/encryption/open_id.ts
+++ b/src/services/encryption/open_id.ts
@@ -8,66 +8,35 @@ import openIDEncryptionService = require("./open_id_encryption");
 import options = require("../options");
 
 function saveSubjectIdentifier(subjectIdentifier: string) {
-    // if (isSubjectIdentifierSaved()) {
-    //     throw new Error(
-    //         "SubjectIdentifier is set already. Either change it or perform 'reset Subject Identifier' first."
-    //     );
-    // }
-
-    // sql.replace("user_data", {
-    //     userID: subjectIdentifier,
-    // });
-
-    // sql.replace("user_data", {
-    //     userID: subjectIdentifier,
-    // });
-
     const verificationSalt = utils.randomSecureToken(32);
     const derivedKeySalt = utils.randomSecureToken(32);
     const verificationHash = utils.toBase64(
-        myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier)
+        myScryptService.getSubjectIdentifierVerificationHash(
+            subjectIdentifier,
+            verificationSalt
+        )
     );
     const userIDEncryptedDataKey = openIDEncryptionService.setDataKey(
         subjectIdentifier,
         utils.randomSecureToken(16)
     );
 
+    if (userIDEncryptedDataKey === undefined || userIDEncryptedDataKey === null)
+        console.log("USERID ENCRYPTED DATA KEY NULL");
+
     sql.replace("user_data", {
         userIDVerificationHash: verificationHash,
         userIDVerificationSalt: verificationSalt,
         userIDDerivedKey: derivedKeySalt,
         userIDEcnryptedDataKey: userIDEncryptedDataKey,
+        isSetup: "true",
     });
-    // if (userID === sql.getValue("SELECT * FROM user_data"))
 
-    // options.setOption('subjectIdentifierVerificationSalt', utils.randomSecureToken(32));
-    // options.setOption('subjectIdentifierDerivedKeySalt', utils.randomSecureToken(32));
-    // const subjectIdentifierVerificationKey = utils.toBase64(
-    //     myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier)
-    // );
-    // options.setOption('subjectIdentifierVerificationHash', subjectIdentifierVerificationKey);
-
-    // openIDEncryptionService.setDataKey(subjectIdentifier, utils.randomSecureToken(16));
-    // options.setOption('userSubjectIdentifierSaved', 'true');
     return {
         success: true,
     };
 }
 
-// function resetSubjectIdentifier() {
-//     // user forgot the subjectIdentifier,
-//     sql.transactional(() => {
-//         optionService.setOption("subjectIdentifierVerificationSalt", "");
-//         optionService.setOption("subjectIdentifierDerivedKeySalt", "");
-//         optionService.setOption("subjectIdentifierEncryptedDataKey", "");
-//         optionService.setOption("subjectIdentifierVerificationHash", "");
-//     });
-
-//     return {
-//         success: true,
-//     };
-// }
-
 function isSubjectIdentifierSaved() {
     const value = sql.getValue("SELECT userIDEcnryptedDataKey FROM user_data");
     if (value === undefined || value === null || value === "") return false;
@@ -76,6 +45,5 @@ function isSubjectIdentifierSaved() {
 
 export = {
     saveSubjectIdentifier,
-    // resetSubjectIdentifier,
     isSubjectIdentifierSaved,
 };
diff --git a/src/services/encryption/open_id_encryption.ts b/src/services/encryption/open_id_encryption.ts
index d90e743466..2910acfe0c 100644
--- a/src/services/encryption/open_id_encryption.ts
+++ b/src/services/encryption/open_id_encryption.ts
@@ -2,23 +2,46 @@ import optionService = require("../options");
 import myScryptService = require("./my_scrypt");
 import utils = require("../utils");
 import dataEncryptionService = require("./data_encryption");
+import sql = require("../sql");
+import sqlInit = require("../sql_init");
 
 function verifyOpenIDSubjectIdentifier(subjectIdentifier: string) {
-    if (!optionService.getOptionBool("userSubjectIdentifierSaved")) {
-        return false;
+    // Check to see if table exists
+    if (!sqlInit.isDbInitialized()) return undefined;
+
+    const data = sql.getValue("SELECT isSetup FROM user_data");
+    if (data !== "true") {
+        console.log("DATABASE NOT SETUP");
+        return undefined;
     }
 
+    // if (!optionService.getOptionBool("userSubjectIdentifierSaved")) {
+    //     return false;
+    // }
+
+    console.log("DKDKDKDK");
+    const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
+    console.log(salt);
+    if (salt == undefined) return undefined;
+
     const givenSubjectIdentifierHash = utils.toBase64(
-        myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier)
+        myScryptService.getSubjectIdentifierVerificationHash(
+            subjectIdentifier,
+            utils.toBase64(salt.toString())
+        )
     );
 
-    const dbSubjectIdentifierHash = optionService.getOptionOrNull(
-        "subjectIdentifierVerificationHash"
-    );
+    const hash = sql.getValue("SELECT userIDVerificationHash FROM user_data");
+    if (hash === undefined) return undefined;
 
-    if (!dbSubjectIdentifierHash) return false;
+    const dbSubjectIdentifierHash = hash;
 
-    return givenSubjectIdentifierHash === dbSubjectIdentifierHash;
+    if (!hash) return false;
+
+    console.log("Matches: " + givenSubjectIdentifierHash === hash);
+    console.log(givenSubjectIdentifierHash);
+    console.log(hash);
+    return givenSubjectIdentifierHash === hash;
 }
 
 function setDataKey(
@@ -28,6 +51,10 @@ function setDataKey(
     const subjectIdentifierDerivedKey =
         myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
 
+    if (subjectIdentifierDerivedKey === undefined) {
+        console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
+        return undefined;
+    }
     const newEncryptedDataKey = dataEncryptionService.encrypt(
         subjectIdentifierDerivedKey,
         plainTextDataKey
@@ -45,6 +72,10 @@ function getDataKey(subjectIdentifier: string) {
         "subjectIdentifierEncryptedDataKey"
     );
 
+    if (subjectIdentifierDerivedKey === undefined) {
+        console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
+        return undefined;
+    }
     const decryptedDataKey = dataEncryptionService.decrypt(
         subjectIdentifierDerivedKey,
         encryptedDataKey
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index b5000fed8f..cd19f9b274 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -7,11 +7,7 @@ import { Session, auth } from "express-openid-connect";
 import sql = require("./sql");
 
 function isOpenIDEnabled() {
-    try {
-        return options.getOptionBool("oAuthEnabled");
-    } catch (e) {
-        return false;
-    }
+    return checkOpenIDRequirements();
 }
 
 function checkOpenIDRequirements() {
@@ -134,10 +130,12 @@ function generateOAuthConfig() {
             res: Response,
             session: Session
         ) => {
-            if (sqlInit.isDbInitialized())
+            if (sqlInit.isDbInitialized()) {
+                console.log("Saving USER ID");
                 openIDService.saveSubjectIdentifier(
                     req.oidc.user?.sub.toString()
                 );
+            }
             return session;
         },
     };

From 788ca9a33ea24cd638b98fb0aa250aba29100583 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Tue, 11 Jun 2024 18:01:39 -0700
Subject: [PATCH 55/63] Reworking and refactoring

---
 src/routes/login.ts                           | 197 ++++++++--------
 src/services/encryption/my_scrypt.ts          |  67 +++---
 src/services/encryption/open_id.ts            |  49 ----
 src/services/encryption/open_id_encryption.ts | 158 +++++++------
 src/services/open_id.ts                       | 212 +++++++++---------
 5 files changed, 314 insertions(+), 369 deletions(-)
 delete mode 100644 src/services/encryption/open_id.ts

diff --git a/src/routes/login.ts b/src/routes/login.ts
index 3c42260d72..87562433ba 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -8,7 +8,7 @@ import passwordService = require("../services/encryption/password");
 import totp_secret = require("../services/totp");
 import recoveryCodeService = require("../services/encryption/recovery_codes");
 import openIDService = require("../services/open_id");
-import openID = require("../services/encryption/open_id");
+import openIDEncryption = require("../services/encryption/open_id_encryption");
 import assetPath = require("../services/asset_path");
 import appPath = require("../services/app_path");
 import ValidationError = require("../errors/validation_error");
@@ -17,145 +17,132 @@ import { AppRequest } from "./route-interface";
 import totp = require("../services/totp");
 
 function loginPage(req: Request, res: Response) {
-    res.render("login", {
-        failedAuth: false,
-        totpEnabled:
-            optionService.getOptionBool("totpEnabled") &&
-            totp_secret.checkForTotSecret(),
-        assetPath: assetPath,
-        appPath: appPath,
-    });
+  res.render("login", {
+    failedAuth: false,
+    totpEnabled: optionService.getOptionBool("totpEnabled") && totp_secret.checkForTotSecret(),
+    assetPath: assetPath,
+    appPath: appPath,
+  });
 }
 
 function setPasswordPage(req: Request, res: Response) {
-    res.render("set_password", {
-        error: false,
-        assetPath: assetPath,
-        appPath: appPath,
-    });
+  res.render("set_password", {
+    error: false,
+    assetPath: assetPath,
+    appPath: appPath,
+  });
 }
 
 function setPassword(req: Request, res: Response) {
-    if (passwordService.isPasswordSet()) {
-        throw new ValidationError("Password has been already set");
-    }
+  if (passwordService.isPasswordSet()) {
+    throw new ValidationError("Password has been already set");
+  }
 
-    let { password1, password2 } = req.body;
-    password1 = password1.trim();
-    password2 = password2.trim();
+  let { password1, password2 } = req.body;
+  password1 = password1.trim();
+  password2 = password2.trim();
 
-    let error;
+  let error;
 
-    if (password1 !== password2) {
-        error = "Entered passwords don't match.";
-    } else if (password1.length < 4) {
-        error = "Password must be at least 4 characters long.";
-    }
+  if (password1 !== password2) {
+    error = "Entered passwords don't match.";
+  } else if (password1.length < 4) {
+    error = "Password must be at least 4 characters long.";
+  }
 
-    if (error) {
-        res.render("set_password", {
-            error,
-            assetPath: assetPath,
-        });
-        return;
-    }
+  if (error) {
+    res.render("set_password", {
+      error,
+      assetPath: assetPath,
+    });
+    return;
+  }
 
-    passwordService.setPassword(password1);
+  passwordService.setPassword(password1);
 
-    res.redirect("login");
+  res.redirect("login");
 }
 
 function login(req: AppRequest, res: Response) {
-    const guessedPassword = req.body.password;
-    const guessedTotp = req.body.token;
-
-    if (verifyPassword(guessedPassword)) {
-        if (!verifyPassword(guessedPassword)) {
-            sendLoginError(req, res);
-            return;
-        }
-
-        if (
-            optionService.getOptionBool("totpEnabled") &&
-            totp_secret.checkForTotSecret()
-        )
-            if (!verifyTOTP(guessedTotp)) {
-                sendLoginError(req, res);
-                return;
-            }
-
-        const rememberMe = req.body.rememberMe;
-
-        req.session.regenerate(() => {
-            if (rememberMe) {
-                req.session.cookie.maxAge = 21 * 24 * 3600000; // 3 weeks
-            } else {
-                req.session.cookie.expires = null;
-            }
-
-            req.session.loggedIn = true;
-            res.redirect(".");
-        });
-    } else {
-        // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
-        log.info(`WARNING: Wrong password from ${req.ip}, rejecting.`);
-
-        res.status(401).render("login", {
-            failedAuth: true,
-            assetPath: assetPath,
-        });
+  const guessedPassword = req.body.password;
+  const guessedTotp = req.body.token;
+
+  if (verifyPassword(guessedPassword)) {
+    if (!verifyPassword(guessedPassword)) {
+      sendLoginError(req, res);
+      return;
     }
-}
 
-function sendLoginError(req: AppRequest, res: Response) {
+    if (optionService.getOptionBool("totpEnabled") && totp_secret.checkForTotSecret())
+      if (!verifyTOTP(guessedTotp)) {
+        sendLoginError(req, res);
+        return;
+      }
+
+    const rememberMe = req.body.rememberMe;
+
+    req.session.regenerate(() => {
+      if (rememberMe) {
+        req.session.cookie.maxAge = 21 * 24 * 3600000; // 3 weeks
+      } else {
+        req.session.cookie.expires = null;
+      }
+
+      req.session.loggedIn = true;
+      res.redirect(".");
+    });
+  } else {
     // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
-    log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
+    log.info(`WARNING: Wrong password from ${req.ip}, rejecting.`);
 
     res.status(401).render("login", {
-        failedAuth: true,
-        totpEnabled:
-            optionService.getOption("totpEnabled") &&
-            totp_secret.checkForTotSecret(),
-        assetPath: assetPath,
+      failedAuth: true,
+      assetPath: assetPath,
     });
+  }
+}
+
+function sendLoginError(req: AppRequest, res: Response) {
+  // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
+  log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
+
+  res.status(401).render("login", {
+    failedAuth: true,
+    totpEnabled: optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret(),
+    assetPath: assetPath,
+  });
 }
 
 function verifyTOTP(guessedToken: string) {
-    if (totp.validateTOTP(guessedToken)) return true;
+  if (totp.validateTOTP(guessedToken)) return true;
 
-    const recoveryCodeValidates =
-        recoveryCodeService.verifyRecoveryCode(guessedToken);
+  const recoveryCodeValidates = recoveryCodeService.verifyRecoveryCode(guessedToken);
 
-    return recoveryCodeValidates;
+  return recoveryCodeValidates;
 }
 
 function verifyPassword(guessedPassword: string) {
-    const hashed_password = utils.fromBase64(
-        optionService.getOption("passwordVerificationHash")
-    );
+  const hashed_password = utils.fromBase64(optionService.getOption("passwordVerificationHash"));
 
-    const guess_hashed = myScryptService.getVerificationHash(guessedPassword);
+  const guess_hashed = myScryptService.getVerificationHash(guessedPassword);
 
-    return guess_hashed.equals(hashed_password);
+  return guess_hashed.equals(hashed_password);
 }
 
 function logout(req: AppRequest, res: Response) {
-    req.session.regenerate(() => {
-        req.session.loggedIn = false;
-        if (
-            openIDService.isOpenIDEnabled() &&
-            openID.isSubjectIdentifierSaved()
-        ) {
-            console.log("CAN LOGOUT");
-            res.oidc.logout({});
-        } else res.redirect("login");
-    });
+  req.session.regenerate(() => {
+    req.session.loggedIn = false;
+    if (openIDService.isOpenIDEnabled() && openIDEncryption.isSubjectIdentifierSaved()) {
+      console.log("CAN LOGOUT");
+      res.oidc.logout({});
+    } else res.redirect("login");
+  });
 }
 
 export = {
-    loginPage,
-    setPasswordPage,
-    setPassword,
-    login,
-    logout,
+  loginPage,
+  setPasswordPage,
+  setPassword,
+  login,
+  logout,
 };
diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index 8930aa1ed9..f62ffc8d40 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -6,56 +6,55 @@ import utils = require("../utils");
 import sql = require("../sql");
 
 function getVerificationHash(password: crypto.BinaryLike) {
-    const salt = optionService.getOption("passwordVerificationSalt");
+  const salt = optionService.getOption("passwordVerificationSalt");
 
-    return getScryptHash(password, salt);
+  return getScryptHash(password, salt);
 }
 
 function getPasswordDerivedKey(password: crypto.BinaryLike) {
-    const salt = optionService.getOption("passwordDerivedKeySalt");
+  const salt = optionService.getOption("passwordDerivedKeySalt");
 
-    return getScryptHash(password, salt);
+  return getScryptHash(password, salt);
 }
 
-function getScryptHash(
-    password: crypto.BinaryLike,
-    salt: string | crypto.BinaryLike
-) {
-    const hashed = crypto.scryptSync(
-        password,
-        salt instanceof String ? utils.toBase64(salt.toString()) : salt,
-        32,
-        {
-            N: 16384,
-            r: 8,
-            p: 1,
-        }
-    );
-
-    return hashed;
+function getScryptHash(password: crypto.BinaryLike, salt: string | crypto.BinaryLike) {
+  const hashed = crypto.scryptSync(password, salt instanceof String ? utils.toBase64(salt.toString()) : salt, 32, {
+    N: 16384,
+    r: 8,
+    p: 1,
+  });
+
+  return hashed;
 }
 
-function getSubjectIdentifierVerificationHash(
-    password: crypto.BinaryLike,
-    salt: crypto.BinaryLike
-) {
-    // const salt = optionService.getOption('subjectIdentifierVerificationSalt');
+function getSubjectIdentifierVerificationHash(password: crypto.BinaryLike, salt: crypto.BinaryLike) {
+  // const salt = optionService.getOption('subjectIdentifierVerificationSalt');
 
-    return getScryptHash(password, salt);
+  return getScryptHash(password, salt);
 }
 
 function getSubjectIdentifierDerivedKey(subjectIdentifer: crypto.BinaryLike) {
-    // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
+  // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
+
+  const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
+  if (salt === undefined || salt === null) return undefined;
+
+  return getScryptHash(subjectIdentifer, utils.toBase64(salt.toString()));
+}
+
+function createSubjectIdentifierDerivedKey(subjectIdentifer: string | crypto.BinaryLike, verificationSalt: string | crypto.BinaryLike) {
+  // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
 
-    const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
-    if (salt === undefined || salt === null) return undefined;
+  //   const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
+  //   if (salt === undefined || salt === null) return undefined;
 
-    return getScryptHash(subjectIdentifer, utils.toBase64(salt.toString()));
+  return getScryptHash(subjectIdentifer, verificationSalt);
 }
 
 export = {
-    getVerificationHash,
-    getPasswordDerivedKey,
-    getSubjectIdentifierVerificationHash,
-    getSubjectIdentifierDerivedKey,
+  getVerificationHash,
+  getPasswordDerivedKey,
+  getSubjectIdentifierVerificationHash,
+  getSubjectIdentifierDerivedKey,
+  createSubjectIdentifierDerivedKey,
 };
diff --git a/src/services/encryption/open_id.ts b/src/services/encryption/open_id.ts
deleted file mode 100644
index 845f66e22d..0000000000
--- a/src/services/encryption/open_id.ts
+++ /dev/null
@@ -1,49 +0,0 @@
-"use strict";
-
-import sql = require("../sql");
-import optionService = require("../options");
-import myScryptService = require("./my_scrypt");
-import utils = require("../utils");
-import openIDEncryptionService = require("./open_id_encryption");
-import options = require("../options");
-
-function saveSubjectIdentifier(subjectIdentifier: string) {
-    const verificationSalt = utils.randomSecureToken(32);
-    const derivedKeySalt = utils.randomSecureToken(32);
-    const verificationHash = utils.toBase64(
-        myScryptService.getSubjectIdentifierVerificationHash(
-            subjectIdentifier,
-            verificationSalt
-        )
-    );
-    const userIDEncryptedDataKey = openIDEncryptionService.setDataKey(
-        subjectIdentifier,
-        utils.randomSecureToken(16)
-    );
-
-    if (userIDEncryptedDataKey === undefined || userIDEncryptedDataKey === null)
-        console.log("USERID ENCRYPTED DATA KEY NULL");
-
-    sql.replace("user_data", {
-        userIDVerificationHash: verificationHash,
-        userIDVerificationSalt: verificationSalt,
-        userIDDerivedKey: derivedKeySalt,
-        userIDEcnryptedDataKey: userIDEncryptedDataKey,
-        isSetup: "true",
-    });
-
-    return {
-        success: true,
-    };
-}
-
-function isSubjectIdentifierSaved() {
-    const value = sql.getValue("SELECT userIDEcnryptedDataKey FROM user_data");
-    if (value === undefined || value === null || value === "") return false;
-    return true;
-}
-
-export = {
-    saveSubjectIdentifier,
-    isSubjectIdentifierSaved,
-};
diff --git a/src/services/encryption/open_id_encryption.ts b/src/services/encryption/open_id_encryption.ts
index 2910acfe0c..4804974563 100644
--- a/src/services/encryption/open_id_encryption.ts
+++ b/src/services/encryption/open_id_encryption.ts
@@ -5,87 +5,97 @@ import dataEncryptionService = require("./data_encryption");
 import sql = require("../sql");
 import sqlInit = require("../sql_init");
 
+function saveSubjectIdentifier(subjectIdentifier: string) {
+  const verificationSalt = utils.randomSecureToken(32);
+  const derivedKeySalt = utils.randomSecureToken(32);
+  const verificationHash = utils.toBase64(myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier, verificationSalt));
+  const userIDEncryptedDataKey = setDataKey(subjectIdentifier, utils.randomSecureToken(16), derivedKeySalt);
+
+  if (userIDEncryptedDataKey === undefined || userIDEncryptedDataKey === null) console.log("USERID ENCRYPTED DATA KEY NULL");
+
+  sql.replace("user_data", {
+    userIDVerificationHash: verificationHash,
+    userIDVerificationSalt: verificationSalt,
+    userIDDerivedKey: derivedKeySalt,
+    userIDEcnryptedDataKey: userIDEncryptedDataKey,
+    isSetup: "true",
+  });
+
+  return {
+    success: true,
+  };
+}
+
+function isSubjectIdentifierSaved() {
+  const value = sql.getValue("SELECT userIDEcnryptedDataKey FROM user_data");
+  if (value === undefined || value === null || value === "") return false;
+  return true;
+}
+
+function isUserSaved() {
+  return sql.getValue("SELECT isSetup FROM user_data") == "true" ? true : false;
+}
+
 function verifyOpenIDSubjectIdentifier(subjectIdentifier: string) {
-    // Check to see if table exists
-    if (!sqlInit.isDbInitialized()) return undefined;
-
-    const data = sql.getValue("SELECT isSetup FROM user_data");
-    if (data !== "true") {
-        console.log("DATABASE NOT SETUP");
-        return undefined;
-    }
-
-    // if (!optionService.getOptionBool("userSubjectIdentifierSaved")) {
-    //     return false;
-    // }
-
-    console.log("DKDKDKDK");
-    const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
-    console.log(salt);
-    if (salt == undefined) return undefined;
-
-    const givenSubjectIdentifierHash = utils.toBase64(
-        myScryptService.getSubjectIdentifierVerificationHash(
-            subjectIdentifier,
-            utils.toBase64(salt.toString())
-        )
-    );
-
-    const hash = sql.getValue("SELECT userIDVerificationHash FROM user_data");
-    if (hash === undefined) return undefined;
-
-    const dbSubjectIdentifierHash = hash;
-
-    if (!hash) return false;
-
-    console.log("Matches: " + givenSubjectIdentifierHash === hash);
-    console.log(givenSubjectIdentifierHash);
-    console.log(hash);
-    return givenSubjectIdentifierHash === hash;
+  // Check to see if table exists
+  if (!sqlInit.isDbInitialized()) return undefined;
+
+  if (!isUserSaved()) {
+    console.log("DATABASE NOT SETUP");
+    return undefined;
+  }
+
+  const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
+  console.log(salt);
+  if (salt == undefined) return undefined;
+
+  const givenSubjectIdentifierHash = utils.toBase64(myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier, utils.toBase64(salt.toString())));
+
+  const hash = sql.getValue("SELECT userIDVerificationHash FROM user_data");
+  if (hash === undefined) return undefined;
+
+  const dbSubjectIdentifierHash = hash;
+
+  if (!hash) return false;
+
+  console.log("Matches: " + givenSubjectIdentifierHash === hash);
+  console.log(givenSubjectIdentifierHash);
+  console.log(hash);
+  return givenSubjectIdentifierHash === hash;
 }
 
-function setDataKey(
-    subjectIdentifier: string,
-    plainTextDataKey: string | Buffer
-) {
-    const subjectIdentifierDerivedKey =
-        myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
-
-    if (subjectIdentifierDerivedKey === undefined) {
-        console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
-        return undefined;
-    }
-    const newEncryptedDataKey = dataEncryptionService.encrypt(
-        subjectIdentifierDerivedKey,
-        plainTextDataKey
-    );
-
-    // optionService.setOption('subjectIdentifierEncryptedDataKey', newEncryptedDataKey);
-    return newEncryptedDataKey;
+function setDataKey(subjectIdentifier: string, plainTextDataKey: string | Buffer, salt: string) {
+  // Need to figure out which salt. Don't have the brain power for encryption today.
+  const subjectIdentifierDerivedKey = myScryptService.createSubjectIdentifierDerivedKey(subjectIdentifier, salt);
+
+  if (subjectIdentifierDerivedKey === undefined) {
+    console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
+    return undefined;
+  }
+  const newEncryptedDataKey = dataEncryptionService.encrypt(subjectIdentifierDerivedKey, plainTextDataKey);
+
+  // optionService.setOption('subjectIdentifierEncryptedDataKey', newEncryptedDataKey);
+  return newEncryptedDataKey;
 }
 
 function getDataKey(subjectIdentifier: string) {
-    const subjectIdentifierDerivedKey =
-        myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
-
-    const encryptedDataKey = optionService.getOption(
-        "subjectIdentifierEncryptedDataKey"
-    );
-
-    if (subjectIdentifierDerivedKey === undefined) {
-        console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
-        return undefined;
-    }
-    const decryptedDataKey = dataEncryptionService.decrypt(
-        subjectIdentifierDerivedKey,
-        encryptedDataKey
-    );
-
-    return decryptedDataKey;
+  const subjectIdentifierDerivedKey = myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
+
+  const encryptedDataKey = optionService.getOption("subjectIdentifierEncryptedDataKey");
+
+  if (subjectIdentifierDerivedKey === undefined) {
+    console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
+    return undefined;
+  }
+  const decryptedDataKey = dataEncryptionService.decrypt(subjectIdentifierDerivedKey, encryptedDataKey);
+
+  return decryptedDataKey;
 }
 
 export = {
-    verifyOpenIDSubjectIdentifier,
-    getDataKey,
-    setDataKey,
+  verifyOpenIDSubjectIdentifier,
+  getDataKey,
+  setDataKey,
+  saveSubjectIdentifier,
+  isSubjectIdentifierSaved,
 };
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index cd19f9b274..004a8efa5a 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -1,59 +1,58 @@
 import OpenIDError = require("../errors/open_id_error");
 import { NextFunction, Request, Response } from "express";
-import openIDService = require("./encryption/open_id");
+import openIDEncryption = require("./encryption/open_id_encryption");
 import sqlInit = require("./sql_init");
 import options = require("./options");
 import { Session, auth } from "express-openid-connect";
 import sql = require("./sql");
 
 function isOpenIDEnabled() {
-    return checkOpenIDRequirements();
+  return checkOpenIDRequirements();
+}
+
+function isUserSaved() {
+  return sql.getValue("SELECT isSetup FROM user_data") == "true" ? true : false;
 }
 
 function checkOpenIDRequirements() {
-    if (process.env.OAUTH_ENABLED === undefined) return false;
-    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
-
-    if (process.env.BASE_URL === undefined)
-        throw new OpenIDError("BASE_URL is undefined in .env!");
-    if (process.env.CLIENT_ID === undefined)
-        throw new OpenIDError("CLIENT_ID is undefined in .env!");
-    if (process.env.ISSUER_BASE_URL === undefined)
-        throw new OpenIDError("ISSUER_BASE_URL is undefined in .env!");
-    if (process.env.SECRET === undefined)
-        throw new OpenIDError("SECRET is undefined in .env!");
-    if (process.env.AUTH_0_LOGOUT === undefined)
-        throw new OpenIDError("AUTH_0_LOGOUT is undefined in .env!");
-
-    return true;
+  if (process.env.OAUTH_ENABLED === undefined) return false;
+  if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
+
+  if (process.env.BASE_URL === undefined) throw new OpenIDError("BASE_URL is undefined in .env!");
+  if (process.env.CLIENT_ID === undefined) throw new OpenIDError("CLIENT_ID is undefined in .env!");
+  if (process.env.ISSUER_BASE_URL === undefined) throw new OpenIDError("ISSUER_BASE_URL is undefined in .env!");
+  if (process.env.SECRET === undefined) throw new OpenIDError("SECRET is undefined in .env!");
+  if (process.env.AUTH_0_LOGOUT === undefined) throw new OpenIDError("AUTH_0_LOGOUT is undefined in .env!");
+
+  return true;
 }
 
 function enableOAuth() {
-    if (!getOauthEnv()) return { success: false, message: "OAuth Not Enabled" };
+  if (!getOauthEnv()) return { success: false, message: "OAuth Not Enabled" };
 
-    options.setOption("oAuthEnabled", true);
-    options.setOption("totpEnabled", false);
+  options.setOption("oAuthEnabled", true);
+  options.setOption("totpEnabled", false);
 
-    return { success: true, message: "OAuth Enabled" };
+  return { success: true, message: "OAuth Enabled" };
 }
 
 function disableOAuth() {
-    options.setOption("oAuthEnabled", false);
-    return { success: true, message: "OAuth Disabled" };
+  options.setOption("oAuthEnabled", false);
+  return { success: true, message: "OAuth Disabled" };
 }
 
 function getOauthEnv() {
-    if (process.env.OAUTH_ENABLED === undefined) return false;
-    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
+  if (process.env.OAUTH_ENABLED === undefined) return false;
+  if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
 
-    return true;
+  return true;
 }
 
 function getOAuthStatus() {
-    return {
-        success: true,
-        message: checkOpenIDRequirements(),
-    };
+  return {
+    success: true,
+    message: checkOpenIDRequirements(),
+  };
 }
 
 // function validateUser(userID: string) {
@@ -63,92 +62,91 @@ function getOAuthStatus() {
 // }
 
 function isTokenValid(req: Request, res: Response, next: NextFunction) {
-    const userStatus = openIDService.isSubjectIdentifierSaved();
-
-    if (req.oidc !== undefined) {
-        const result = req.oidc
-            .fetchUserInfo()
-            .then((result) => {
-                return {
-                    success: true,
-                    message: "Token is valid",
-                    user: userStatus,
-                };
-            })
-            .catch((result) => {
-                return {
-                    success: false,
-                    message: "Token is not valid",
-                    user: userStatus,
-                };
-            });
-        return result;
-    } else {
+  const userStatus = openIDEncryption.isSubjectIdentifierSaved();
+
+  if (req.oidc !== undefined) {
+    const result = req.oidc
+      .fetchUserInfo()
+      .then((result) => {
+        return {
+          success: true,
+          message: "Token is valid",
+          user: userStatus,
+        };
+      })
+      .catch((result) => {
         return {
-            success: false,
-            message: "Token not set up",
-            user: userStatus,
+          success: false,
+          message: "Token is not valid",
+          user: userStatus,
         };
-    }
+      });
+    return result;
+  } else {
+    return {
+      success: false,
+      message: "Token not set up",
+      user: userStatus,
+    };
+  }
 }
 
 function checkAuth0Logout() {
-    if (process.env.AUTH_0_LOGOUT === undefined) return false;
-    if (process.env.AUTH_0_LOGOUT.toLocaleLowerCase() === "true") return true;
-    return false;
+  if (process.env.AUTH_0_LOGOUT === undefined) return false;
+  if (process.env.AUTH_0_LOGOUT.toLocaleLowerCase() === "true") return true;
+  return false;
 }
 
 function generateOAuthConfig() {
-    const authRoutes = {
-        callback: "/callback",
-        login: "/authenticate",
-        postLogoutRedirect: "/login",
-        logout: "/logout",
-    };
-
-    const logoutParams = {
-        // end_session_endpoint: "/end-session/",
-    };
-
-    const authConfig = {
-        authRequired: true,
-        auth0Logout: checkAuth0Logout(),
-        baseURL: process.env.BASE_URL,
-        clientID: process.env.CLIENT_ID,
-        issuerBaseURL: process.env.ISSUER_BASE_URL,
-        secret: process.env.SECRET,
-        clientSecret: process.env.SECRET,
-        authorizationParams: {
-            response_type: "code",
-            scope: "openid profile email",
-        },
-        routes: authRoutes,
-        idpLogout: true,
-        logoutParams: logoutParams,
-        afterCallback: async (
-            req: Request,
-            res: Response,
-            session: Session
-        ) => {
-            if (sqlInit.isDbInitialized()) {
-                console.log("Saving USER ID");
-                openIDService.saveSubjectIdentifier(
-                    req.oidc.user?.sub.toString()
-                );
-            }
-            return session;
-        },
-    };
-    return authConfig;
+  const authRoutes = {
+    callback: "/callback",
+    login: "/authenticate",
+    postLogoutRedirect: "/login",
+    logout: "/logout",
+  };
+
+  const logoutParams = {
+    // end_session_endpoint: "/end-session/",
+  };
+
+  const authConfig = {
+    authRequired: true,
+    auth0Logout: checkAuth0Logout(),
+    baseURL: process.env.BASE_URL,
+    clientID: process.env.CLIENT_ID,
+    issuerBaseURL: process.env.ISSUER_BASE_URL,
+    secret: process.env.SECRET,
+    clientSecret: process.env.SECRET,
+    authorizationParams: {
+      response_type: "code",
+      scope: "openid profile email",
+    },
+    routes: authRoutes,
+    idpLogout: true,
+    logoutParams: logoutParams,
+    afterCallback: async (req: Request, res: Response, session: Session) => {
+      if (sqlInit.isDbInitialized()) {
+        console.log("Saving USER ID");
+        if (req.oidc.user === undefined) console.log("user invalid!");
+        else {
+          openIDEncryption.saveSubjectIdentifier(req.oidc.user.sub.toString());
+          console.log(req.oidc.user.sub);
+        }
+      }
+      return session;
+    },
+  };
+  return authConfig;
 }
 
 export = {
-    generateOAuthConfig,
-    getOAuthStatus,
-    enableOAuth,
-    disableOAuth,
-    isOpenIDEnabled,
-    checkOpenIDRequirements,
-    isTokenValid,
-    // validateUser,
+  generateOAuthConfig,
+  getOAuthStatus,
+  enableOAuth,
+  disableOAuth,
+  isOpenIDEnabled,
+  checkOpenIDRequirements,
+  isTokenValid,
+  isUserSaved,
+  // validateUser,
 };

From 0029ad94e826e66032e516c899d57bd8e2af45ac Mon Sep 17 00:00:00 2001
From: Chesspro13 <chesspro13@gmail.com>
Date: Wed, 12 Jun 2024 12:27:05 -0700
Subject: [PATCH 56/63] Working on decryption

---
 src/services/encryption/my_scrypt.ts          |  79 ++++---
 src/services/encryption/open_id_encryption.ts | 202 +++++++++++-------
 2 files changed, 176 insertions(+), 105 deletions(-)

diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index f62ffc8d40..2b412d5337 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -6,55 +6,74 @@ import utils = require("../utils");
 import sql = require("../sql");
 
 function getVerificationHash(password: crypto.BinaryLike) {
-  const salt = optionService.getOption("passwordVerificationSalt");
+    const salt = optionService.getOption("passwordVerificationSalt");
 
-  return getScryptHash(password, salt);
+    return getScryptHash(password, salt);
 }
 
 function getPasswordDerivedKey(password: crypto.BinaryLike) {
-  const salt = optionService.getOption("passwordDerivedKeySalt");
+    const salt = optionService.getOption("passwordDerivedKeySalt");
 
-  return getScryptHash(password, salt);
+    return getScryptHash(password, salt);
 }
 
-function getScryptHash(password: crypto.BinaryLike, salt: string | crypto.BinaryLike) {
-  const hashed = crypto.scryptSync(password, salt instanceof String ? utils.toBase64(salt.toString()) : salt, 32, {
-    N: 16384,
-    r: 8,
-    p: 1,
-  });
-
-  return hashed;
+function getScryptHash(
+    password: crypto.BinaryLike,
+    salt: string | crypto.BinaryLike
+) {
+    const hashed = crypto.scryptSync(
+        password,
+        salt instanceof String ? utils.toBase64(salt.toString()) : salt,
+        32,
+        {
+            N: 16384,
+            r: 8,
+            p: 1,
+        }
+    );
+
+    return hashed;
 }
 
-function getSubjectIdentifierVerificationHash(password: crypto.BinaryLike, salt: crypto.BinaryLike) {
-  // const salt = optionService.getOption('subjectIdentifierVerificationSalt');
-
-  return getScryptHash(password, salt);
+function getSubjectIdentifierVerificationHash(
+    guessedUserId: string | crypto.BinaryLike
+) {
+    // const salt = optionService.getOption('subjectIdentifierVerificationSalt');
+
+    const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
+    if (salt === undefined || salt === null) {
+        console.log("User salt undefined!");
+        return undefined;
+    }
+    console.log(guessedUserId, salt);
+    return getScryptHash(guessedUserId, utils.toBase64(salt.toString()));
 }
 
 function getSubjectIdentifierDerivedKey(subjectIdentifer: crypto.BinaryLike) {
-  // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
+    // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
 
-  const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
-  if (salt === undefined || salt === null) return undefined;
+    const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
+    if (salt === undefined || salt === null) return undefined;
 
-  return getScryptHash(subjectIdentifer, utils.toBase64(salt.toString()));
+    return getScryptHash(subjectIdentifer, utils.toBase64(salt.toString()));
 }
 
-function createSubjectIdentifierDerivedKey(subjectIdentifer: string | crypto.BinaryLike, verificationSalt: string | crypto.BinaryLike) {
-  // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
+function createSubjectIdentifierDerivedKey(
+    subjectIdentifer: string | crypto.BinaryLike,
+    verificationSalt: string | crypto.BinaryLike
+) {
+    // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
 
-  //   const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
-  //   if (salt === undefined || salt === null) return undefined;
+    //   const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
+    //   if (salt === undefined || salt === null) return undefined;
 
-  return getScryptHash(subjectIdentifer, verificationSalt);
+    return getScryptHash(subjectIdentifer, verificationSalt);
 }
 
 export = {
-  getVerificationHash,
-  getPasswordDerivedKey,
-  getSubjectIdentifierVerificationHash,
-  getSubjectIdentifierDerivedKey,
-  createSubjectIdentifierDerivedKey,
+    getVerificationHash,
+    getPasswordDerivedKey,
+    getSubjectIdentifierVerificationHash,
+    getSubjectIdentifierDerivedKey,
+    createSubjectIdentifierDerivedKey,
 };
diff --git a/src/services/encryption/open_id_encryption.ts b/src/services/encryption/open_id_encryption.ts
index 4804974563..b06ea8d628 100644
--- a/src/services/encryption/open_id_encryption.ts
+++ b/src/services/encryption/open_id_encryption.ts
@@ -6,96 +6,148 @@ import sql = require("../sql");
 import sqlInit = require("../sql_init");
 
 function saveSubjectIdentifier(subjectIdentifier: string) {
-  const verificationSalt = utils.randomSecureToken(32);
-  const derivedKeySalt = utils.randomSecureToken(32);
-  const verificationHash = utils.toBase64(myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier, verificationSalt));
-  const userIDEncryptedDataKey = setDataKey(subjectIdentifier, utils.randomSecureToken(16), derivedKeySalt);
-
-  if (userIDEncryptedDataKey === undefined || userIDEncryptedDataKey === null) console.log("USERID ENCRYPTED DATA KEY NULL");
-
-  sql.replace("user_data", {
-    userIDVerificationHash: verificationHash,
-    userIDVerificationSalt: verificationSalt,
-    userIDDerivedKey: derivedKeySalt,
-    userIDEcnryptedDataKey: userIDEncryptedDataKey,
-    isSetup: "true",
-  });
-
-  return {
-    success: true,
-  };
+    const verificationSalt = utils.randomSecureToken(32);
+    const derivedKeySalt = utils.randomSecureToken(32);
+
+    sql.replace("user_data", {
+        userIDVerificationSalt: verificationSalt,
+        userIDDerivedKeySalt: derivedKeySalt,
+    });
+
+    const verificationHash =
+        myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier);
+
+    const userIDEncryptedDataKey = setDataKey(
+        subjectIdentifier,
+        utils.randomSecureToken(16)
+    );
+
+    if (userIDEncryptedDataKey === undefined || userIDEncryptedDataKey === null)
+        console.log("USERID ENCRYPTED DATA KEY NULL");
+
+    console.log("Saving...");
+    const data = {
+        userIDVerificationHash: verificationHash,
+        userIDVerificationSalt: verificationSalt,
+        userIDDerivedKey: derivedKeySalt,
+        userIDEcnryptedDataKey: userIDEncryptedDataKey,
+        isSetup: "true",
+    };
+
+    console.log(data);
+    sql.replace("user_data", data);
+    console.log("Saved userID");
+    return {
+        success: true,
+    };
 }
 
 function isSubjectIdentifierSaved() {
-  const value = sql.getValue("SELECT userIDEcnryptedDataKey FROM user_data");
-  if (value === undefined || value === null || value === "") return false;
-  return true;
+    const value = sql.getValue("SELECT userIDEcnryptedDataKey FROM user_data");
+    if (value === undefined || value === null || value === "") return false;
+    return true;
 }
 
 function isUserSaved() {
-  return sql.getValue("SELECT isSetup FROM user_data") == "true" ? true : false;
+    return sql.getValue("SELECT isSetup FROM user_data") == "true"
+        ? true
+        : false;
 }
 
 function verifyOpenIDSubjectIdentifier(subjectIdentifier: string) {
-  // Check to see if table exists
-  if (!sqlInit.isDbInitialized()) return undefined;
-
-  if (!isUserSaved()) {
-    console.log("DATABASE NOT SETUP");
-    return undefined;
-  }
-
-  const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
-  console.log(salt);
-  if (salt == undefined) return undefined;
-
-  const givenSubjectIdentifierHash = utils.toBase64(myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier, utils.toBase64(salt.toString())));
-
-  const hash = sql.getValue("SELECT userIDVerificationHash FROM user_data");
-  if (hash === undefined) return undefined;
-
-  const dbSubjectIdentifierHash = hash;
-
-  if (!hash) return false;
-
-  console.log("Matches: " + givenSubjectIdentifierHash === hash);
-  console.log(givenSubjectIdentifierHash);
-  console.log(hash);
-  return givenSubjectIdentifierHash === hash;
+    console.log("Verifying UserID");
+    // Check to see if table exists
+    if (!sqlInit.isDbInitialized()) return undefined;
+
+    if (!isUserSaved()) {
+        console.log("DATABASE NOT SETUP");
+        return undefined;
+    }
+
+    const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
+    console.log("Salt: " + salt);
+    if (salt == undefined) {
+        console.log("Salt undefined");
+        return undefined;
+    }
+
+    const givenSubjectIdentifierHash =
+        myScryptService.getSubjectIdentifierVerificationHash(
+            utils.toBase64(subjectIdentifier)
+        );
+
+    console.log(
+        "Passed userid Hash: " + givenSubjectIdentifierHash?.toString("base64")
+    );
+
+    const hash = sql.getValue("SELECT userIDVerificationHash FROM user_data");
+    if (hash === undefined) {
+        console.log("verification hash undefined");
+        return undefined;
+    }
+    console.log("Saved userid Hash: " + hash);
+
+    const dbSubjectIdentifierHash = hash;
+
+    // if (!hash) return false;
+
+    console.log(givenSubjectIdentifierHash, hash);
+    console.log("Matches: " + givenSubjectIdentifierHash === hash);
+    console.log(givenSubjectIdentifierHash);
+    console.log("Hash 2: " + hash);
+    return givenSubjectIdentifierHash === hash;
 }
 
-function setDataKey(subjectIdentifier: string, plainTextDataKey: string | Buffer, salt: string) {
-  // Need to figure out which salt. Don't have the brain power for encryption today.
-  const subjectIdentifierDerivedKey = myScryptService.createSubjectIdentifierDerivedKey(subjectIdentifier, salt);
-
-  if (subjectIdentifierDerivedKey === undefined) {
-    console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
-    return undefined;
-  }
-  const newEncryptedDataKey = dataEncryptionService.encrypt(subjectIdentifierDerivedKey, plainTextDataKey);
-
-  // optionService.setOption('subjectIdentifierEncryptedDataKey', newEncryptedDataKey);
-  return newEncryptedDataKey;
+function setDataKey(
+    subjectIdentifier: string,
+    plainTextDataKey: string | Buffer
+) {
+    // Need to figure out which salt. Don't have the brain power for encryption today.
+    const subjectIdentifierDerivedKey =
+        myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
+
+    if (subjectIdentifierDerivedKey === undefined) {
+        console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
+        return undefined;
+    }
+    const newEncryptedDataKey = dataEncryptionService.encrypt(
+        subjectIdentifierDerivedKey,
+        plainTextDataKey
+    );
+
+    // optionService.setOption('subjectIdentifierEncryptedDataKey', newEncryptedDataKey);
+    return newEncryptedDataKey;
 }
 
 function getDataKey(subjectIdentifier: string) {
-  const subjectIdentifierDerivedKey = myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
-
-  const encryptedDataKey = optionService.getOption("subjectIdentifierEncryptedDataKey");
-
-  if (subjectIdentifierDerivedKey === undefined) {
-    console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
-    return undefined;
-  }
-  const decryptedDataKey = dataEncryptionService.decrypt(subjectIdentifierDerivedKey, encryptedDataKey);
-
-  return decryptedDataKey;
+    const subjectIdentifierDerivedKey =
+        myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
+
+    const encryptedDataKey = sql.getValue(
+        "SELECT userIDEcnryptedDataKey FROM user_data"
+    );
+
+    if (encryptedDataKey === undefined || encryptedDataKey === null) {
+        console.log("Encrypted data key empty!");
+        return undefined;
+    }
+
+    if (subjectIdentifierDerivedKey === undefined) {
+        console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
+        return undefined;
+    }
+    const decryptedDataKey = dataEncryptionService.decrypt(
+        subjectIdentifierDerivedKey,
+        encryptedDataKey.toString()
+    );
+
+    return decryptedDataKey;
 }
 
 export = {
-  verifyOpenIDSubjectIdentifier,
-  getDataKey,
-  setDataKey,
-  saveSubjectIdentifier,
-  isSubjectIdentifierSaved,
+    verifyOpenIDSubjectIdentifier,
+    getDataKey,
+    setDataKey,
+    saveSubjectIdentifier,
+    isSubjectIdentifierSaved,
 };

From c5200b8c3fd8524b79bed4fdf6c3fd0f9d77e4e1 Mon Sep 17 00:00:00 2001
From: Chesspro13 <chesspro13@gmail.com>
Date: Mon, 17 Jun 2024 16:00:26 -0700
Subject: [PATCH 57/63] Debugging SQL

---
 db/schema.sql                                 |  13 +-
 src/services/encryption/my_scrypt.ts          |  26 ++-
 src/services/encryption/open_id_encryption.ts |  87 +++++--
 src/services/open_id.ts                       | 219 ++++++++++--------
 4 files changed, 205 insertions(+), 140 deletions(-)

diff --git a/db/schema.sql b/db/schema.sql
index 964ffb61ec..8aee3071ee 100644
--- a/db/schema.sql
+++ b/db/schema.sql
@@ -64,11 +64,14 @@ CREATE TABLE IF NOT EXISTS "options"
 );
 CREATE TABLE IF NOT EXISTS "user_data"
 (
-    userIDEcnryptedDataKey TEXT not null,
-    userIDVerificationHash TEXT not null,
-    userIDVerificationSalt TEXT not null,
-    userIDDerivedKey TEXT not null,
-    isSetup TEXT DEFAULT "false"
+    tmpID INT,
+    userIDEcnryptedDataKey TEXT,
+    userIDVerificationHash TEXT,
+    salt TEXT,
+    derivedKey TEXT,
+    isSetup TEXT DEFAULT "false",
+    UNIQUE (tmpID),
+    PRIMARY KEY (tmpID)
 );
 CREATE TABLE IF NOT EXISTS "attributes"
 (
diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index 2b412d5337..ebf02f6996 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -36,23 +36,33 @@ function getScryptHash(
 }
 
 function getSubjectIdentifierVerificationHash(
-    guessedUserId: string | crypto.BinaryLike
+    guessedUserId: string | crypto.BinaryLike,
+    params?: { salt: string; derivedKey: string }
 ) {
     // const salt = optionService.getOption('subjectIdentifierVerificationSalt');
 
-    const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
+    if (params != null)
+        return getScryptHash(guessedUserId, utils.toBase64(params.salt));
+
+    const salt = sql.getValue("SELECT salt FROM user_data;");
     if (salt === undefined || salt === null) {
         console.log("User salt undefined!");
         return undefined;
     }
-    console.log(guessedUserId, salt);
-    return getScryptHash(guessedUserId, utils.toBase64(salt.toString()));
+    console.log(
+        "Guessed userID: " + guessedUserId,
+        "--Salt: " + utils.toBase64(salt.toString())
+    );
+    return getScryptHash(
+        guessedUserId,
+        utils.toBase64(salt.toString())
+    ).toString();
 }
 
 function getSubjectIdentifierDerivedKey(subjectIdentifer: crypto.BinaryLike) {
     // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
 
-    const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
+    const salt = sql.getValue("SELECT salt FROM user_data");
     if (salt === undefined || salt === null) return undefined;
 
     return getScryptHash(subjectIdentifer, utils.toBase64(salt.toString()));
@@ -60,14 +70,14 @@ function getSubjectIdentifierDerivedKey(subjectIdentifer: crypto.BinaryLike) {
 
 function createSubjectIdentifierDerivedKey(
     subjectIdentifer: string | crypto.BinaryLike,
-    verificationSalt: string | crypto.BinaryLike
+    salt: string | crypto.BinaryLike
 ) {
     // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
 
-    //   const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
+    //   const salt = sql.getValue("SELECT salt FROM user_data");
     //   if (salt === undefined || salt === null) return undefined;
 
-    return getScryptHash(subjectIdentifer, verificationSalt);
+    return getScryptHash(subjectIdentifer, salt);
 }
 
 export = {
diff --git a/src/services/encryption/open_id_encryption.ts b/src/services/encryption/open_id_encryption.ts
index b06ea8d628..038877174e 100644
--- a/src/services/encryption/open_id_encryption.ts
+++ b/src/services/encryption/open_id_encryption.ts
@@ -9,13 +9,25 @@ function saveSubjectIdentifier(subjectIdentifier: string) {
     const verificationSalt = utils.randomSecureToken(32);
     const derivedKeySalt = utils.randomSecureToken(32);
 
-    sql.replace("user_data", {
-        userIDVerificationSalt: verificationSalt,
-        userIDDerivedKeySalt: derivedKeySalt,
-    });
+    console.log("Cycle Start=============================");
+
+    const a = {
+        salt: verificationSalt,
+        derivedKey: derivedKeySalt,
+    };
 
     const verificationHash =
-        myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier);
+        myScryptService.getSubjectIdentifierVerificationHash(
+            subjectIdentifier,
+            a
+        );
+    if (verificationHash === undefined) {
+        console.log("Verification hash undefined!");
+        return undefined;
+    }
+
+    if (verificationHash !== undefined)
+        console.log("Ver type: " + utils.toBase64(verificationHash));
 
     const userIDEncryptedDataKey = setDataKey(
         subjectIdentifier,
@@ -25,46 +37,70 @@ function saveSubjectIdentifier(subjectIdentifier: string) {
     if (userIDEncryptedDataKey === undefined || userIDEncryptedDataKey === null)
         console.log("USERID ENCRYPTED DATA KEY NULL");
 
-    console.log("Saving...");
+    // console.log("Saving...");
     const data = {
-        userIDVerificationHash: verificationHash,
-        userIDVerificationSalt: verificationSalt,
-        userIDDerivedKey: derivedKeySalt,
+        tmpID: 0,
+        userIDVerificationHash: utils.toBase64(verificationHash),
+        salt: verificationSalt,
+        derivedKey: derivedKeySalt,
         userIDEcnryptedDataKey: userIDEncryptedDataKey,
         isSetup: "true",
     };
 
-    console.log(data);
-    sql.replace("user_data", data);
-    console.log("Saved userID");
-    return {
-        success: true,
-    };
+    // console.log("Row count: " + sql.getRowOrNull("user_data", 0));
+    // console.log(data);
+    sql.upsert("user_data", "tmpID", data);
+
+    // sql.replace("user_data", data);
+    // console.log("Saved userID");
+
+    // console.log("Current data: " + sql.getMap("user_data"));
+    return true;
 }
 
 function isSubjectIdentifierSaved() {
     const value = sql.getValue("SELECT userIDEcnryptedDataKey FROM user_data");
+    console.log("Val: " + value);
     if (value === undefined || value === null || value === "") return false;
     return true;
 }
 
 function isUserSaved() {
-    return sql.getValue("SELECT isSetup FROM user_data") == "true"
-        ? true
-        : false;
+    const all = sql.getRows("SELECT * FROM user_data;");
+    console.log("All: " + all);
+    all.forEach((a, b) => console.log(a, b));
+    // const value = sql.execute("SELECT userIDEcnryptedDataKey FROM user_data");
+    // console.log("Val: " + value);
+    const dbf = sql.getValue<string>("SELECT isSetup FROM user_data;");
+    console.log(
+        "IsUserSaved: " +
+            typeof dbf +
+            " - {" +
+            dbf +
+            "}" +
+            " - [" +
+            (dbf === "true" ? true : false) +
+            "]"
+    );
+    return dbf === "true" ? true : false;
 }
 
 function verifyOpenIDSubjectIdentifier(subjectIdentifier: string) {
-    console.log("Verifying UserID");
+    console.log(
+        "Verifying UserID+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
+    );
     // Check to see if table exists
-    if (!sqlInit.isDbInitialized()) return undefined;
+    if (!sqlInit.isDbInitialized()) {
+        console.log("Database not initialized!");
+        return undefined;
+    }
 
     if (!isUserSaved()) {
         console.log("DATABASE NOT SETUP");
         return undefined;
     }
 
-    const salt = sql.getValue("SELECT userIDVerificationSalt FROM user_data");
+    const salt = sql.getValue("SELECT salt FROM user_data;");
     console.log("Salt: " + salt);
     if (salt == undefined) {
         console.log("Salt undefined");
@@ -75,9 +111,13 @@ function verifyOpenIDSubjectIdentifier(subjectIdentifier: string) {
         myScryptService.getSubjectIdentifierVerificationHash(
             utils.toBase64(subjectIdentifier)
         );
+    if (givenSubjectIdentifierHash === undefined) {
+        console.log("Sub id hash undefined!");
+        return undefined;
+    }
 
     console.log(
-        "Passed userid Hash: " + givenSubjectIdentifierHash?.toString("base64")
+        "Passed userid Hash: " + utils.toBase64(givenSubjectIdentifierHash)
     );
 
     const hash = sql.getValue("SELECT userIDVerificationHash FROM user_data");
@@ -91,9 +131,8 @@ function verifyOpenIDSubjectIdentifier(subjectIdentifier: string) {
 
     // if (!hash) return false;
 
-    console.log(givenSubjectIdentifierHash, hash);
+    console.log("Given: " + utils.toBase64(givenSubjectIdentifierHash), hash);
     console.log("Matches: " + givenSubjectIdentifierHash === hash);
-    console.log(givenSubjectIdentifierHash);
     console.log("Hash 2: " + hash);
     return givenSubjectIdentifierHash === hash;
 }
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index 004a8efa5a..21904738f5 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -7,52 +7,59 @@ import { Session, auth } from "express-openid-connect";
 import sql = require("./sql");
 
 function isOpenIDEnabled() {
-  return checkOpenIDRequirements();
+    return checkOpenIDRequirements();
 }
 
 function isUserSaved() {
-  return sql.getValue("SELECT isSetup FROM user_data") == "true" ? true : false;
+    return sql.getValue("SELECT isSetup FROM user_data") == "true"
+        ? true
+        : false;
 }
 
 function checkOpenIDRequirements() {
-  if (process.env.OAUTH_ENABLED === undefined) return false;
-  if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
-
-  if (process.env.BASE_URL === undefined) throw new OpenIDError("BASE_URL is undefined in .env!");
-  if (process.env.CLIENT_ID === undefined) throw new OpenIDError("CLIENT_ID is undefined in .env!");
-  if (process.env.ISSUER_BASE_URL === undefined) throw new OpenIDError("ISSUER_BASE_URL is undefined in .env!");
-  if (process.env.SECRET === undefined) throw new OpenIDError("SECRET is undefined in .env!");
-  if (process.env.AUTH_0_LOGOUT === undefined) throw new OpenIDError("AUTH_0_LOGOUT is undefined in .env!");
-
-  return true;
+    if (process.env.OAUTH_ENABLED === undefined) return false;
+    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
+
+    if (process.env.BASE_URL === undefined)
+        throw new OpenIDError("BASE_URL is undefined in .env!");
+    if (process.env.CLIENT_ID === undefined)
+        throw new OpenIDError("CLIENT_ID is undefined in .env!");
+    if (process.env.ISSUER_BASE_URL === undefined)
+        throw new OpenIDError("ISSUER_BASE_URL is undefined in .env!");
+    if (process.env.SECRET === undefined)
+        throw new OpenIDError("SECRET is undefined in .env!");
+    if (process.env.AUTH_0_LOGOUT === undefined)
+        throw new OpenIDError("AUTH_0_LOGOUT is undefined in .env!");
+
+    return true;
 }
 
-function enableOAuth() {
-  if (!getOauthEnv()) return { success: false, message: "OAuth Not Enabled" };
+// function enableOAuth() {
+//   if (!getOauthEnv()) return { success: false, message: "OAuth Not Enabled" };
 
-  options.setOption("oAuthEnabled", true);
-  options.setOption("totpEnabled", false);
+//   options.setOption("oAuthEnabled", true);
+//   options.setOption("totpEnabled", false);
 
-  return { success: true, message: "OAuth Enabled" };
-}
+//   return { success: true, message: "OAuth Enabled" };
+// }
 
 function disableOAuth() {
-  options.setOption("oAuthEnabled", false);
-  return { success: true, message: "OAuth Disabled" };
+    options.setOption("oAuthEnabled", false);
+    return { success: true, message: "OAuth Disabled" };
 }
 
 function getOauthEnv() {
-  if (process.env.OAUTH_ENABLED === undefined) return false;
-  if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
+    if (process.env.OAUTH_ENABLED === undefined) return false;
+    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
 
-  return true;
+    return true;
 }
 
 function getOAuthStatus() {
-  return {
-    success: true,
-    message: checkOpenIDRequirements(),
-  };
+    return {
+        success: true,
+        message: checkOpenIDRequirements(),
+    };
 }
 
 // function validateUser(userID: string) {
@@ -62,91 +69,97 @@ function getOAuthStatus() {
 // }
 
 function isTokenValid(req: Request, res: Response, next: NextFunction) {
-  const userStatus = openIDEncryption.isSubjectIdentifierSaved();
-
-  if (req.oidc !== undefined) {
-    const result = req.oidc
-      .fetchUserInfo()
-      .then((result) => {
-        return {
-          success: true,
-          message: "Token is valid",
-          user: userStatus,
-        };
-      })
-      .catch((result) => {
+    const userStatus = openIDEncryption.isSubjectIdentifierSaved();
+
+    if (req.oidc !== undefined) {
+        const result = req.oidc
+            .fetchUserInfo()
+            .then((result) => {
+                return {
+                    success: true,
+                    message: "Token is valid",
+                    user: userStatus,
+                };
+            })
+            .catch((result) => {
+                return {
+                    success: false,
+                    message: "Token is not valid",
+                    user: userStatus,
+                };
+            });
+        return result;
+    } else {
         return {
-          success: false,
-          message: "Token is not valid",
-          user: userStatus,
+            success: false,
+            message: "Token not set up",
+            user: userStatus,
         };
-      });
-    return result;
-  } else {
-    return {
-      success: false,
-      message: "Token not set up",
-      user: userStatus,
-    };
-  }
+    }
 }
 
 function checkAuth0Logout() {
-  if (process.env.AUTH_0_LOGOUT === undefined) return false;
-  if (process.env.AUTH_0_LOGOUT.toLocaleLowerCase() === "true") return true;
-  return false;
+    if (process.env.AUTH_0_LOGOUT === undefined) return false;
+    if (process.env.AUTH_0_LOGOUT.toLocaleLowerCase() === "true") return true;
+    return false;
 }
 
 function generateOAuthConfig() {
-  const authRoutes = {
-    callback: "/callback",
-    login: "/authenticate",
-    postLogoutRedirect: "/login",
-    logout: "/logout",
-  };
-
-  const logoutParams = {
-    // end_session_endpoint: "/end-session/",
-  };
-
-  const authConfig = {
-    authRequired: true,
-    auth0Logout: checkAuth0Logout(),
-    baseURL: process.env.BASE_URL,
-    clientID: process.env.CLIENT_ID,
-    issuerBaseURL: process.env.ISSUER_BASE_URL,
-    secret: process.env.SECRET,
-    clientSecret: process.env.SECRET,
-    authorizationParams: {
-      response_type: "code",
-      scope: "openid profile email",
-    },
-    routes: authRoutes,
-    idpLogout: true,
-    logoutParams: logoutParams,
-    afterCallback: async (req: Request, res: Response, session: Session) => {
-      if (sqlInit.isDbInitialized()) {
-        console.log("Saving USER ID");
-        if (req.oidc.user === undefined) console.log("user invalid!");
-        else {
-          openIDEncryption.saveSubjectIdentifier(req.oidc.user.sub.toString());
-          console.log(req.oidc.user.sub);
-        }
-      }
-      return session;
-    },
-  };
-  return authConfig;
+    const authRoutes = {
+        callback: "/callback",
+        login: "/authenticate",
+        postLogoutRedirect: "/login",
+        logout: "/logout",
+    };
+
+    const logoutParams = {
+        // end_session_endpoint: "/end-session/",
+    };
+
+    const authConfig = {
+        authRequired: true,
+        auth0Logout: checkAuth0Logout(),
+        baseURL: process.env.BASE_URL,
+        clientID: process.env.CLIENT_ID,
+        issuerBaseURL: process.env.ISSUER_BASE_URL,
+        secret: process.env.SECRET,
+        clientSecret: process.env.SECRET,
+        authorizationParams: {
+            response_type: "code",
+            scope: "openid profile email",
+        },
+        routes: authRoutes,
+        idpLogout: true,
+        logoutParams: logoutParams,
+        afterCallback: async (
+            req: Request,
+            res: Response,
+            session: Session
+        ) => {
+            if (sqlInit.isDbInitialized()) {
+                console.log("Saving USER ID");
+                if (req.oidc.user === undefined) console.log("user invalid!");
+                else {
+                    openIDEncryption.saveSubjectIdentifier(
+                        req.oidc.user.sub.toString()
+                    );
+                    console.log("User ID: " + req.oidc.user.sub);
+                }
+            }
+            return session;
+        },
+    };
+    return authConfig;
 }
 
 export = {
-  generateOAuthConfig,
-  getOAuthStatus,
-  enableOAuth,
-  disableOAuth,
-  isOpenIDEnabled,
-  checkOpenIDRequirements,
-  isTokenValid,
-  isUserSaved,
-  // validateUser,
+    generateOAuthConfig,
+    getOAuthStatus,
+    // enableOAuth,
+    disableOAuth,
+    isOpenIDEnabled,
+    checkOpenIDRequirements,
+    isTokenValid,
+    isUserSaved,
+    // validateUser,
 };

From 16830d2df5392661c656efdc5bef2d1eb8505f2a Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Mon, 17 Jun 2024 17:17:03 -0700
Subject: [PATCH 58/63] OpenID 90% working.

---
 src/routes/login.ts                           |  20 +-
 src/services/encryption/my_scrypt.ts          |  90 +++---
 src/services/encryption/open_id_encryption.ts | 262 +++++++-----------
 src/services/open_id.ts                       | 217 ++++++---------
 4 files changed, 227 insertions(+), 362 deletions(-)

diff --git a/src/routes/login.ts b/src/routes/login.ts
index 87562433ba..cd78214c5c 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -15,14 +15,19 @@ import ValidationError = require("../errors/validation_error");
 import { Request, Response } from "express";
 import { AppRequest } from "./route-interface";
 import totp = require("../services/totp");
+import open_id = require("../services/open_id");
 
 function loginPage(req: Request, res: Response) {
-  res.render("login", {
-    failedAuth: false,
-    totpEnabled: optionService.getOptionBool("totpEnabled") && totp_secret.checkForTotSecret(),
-    assetPath: assetPath,
-    appPath: appPath,
-  });
+  if (open_id.isOpenIDEnabled()) {
+    res.redirect("/authenticate");
+  } else {
+    res.render("login", {
+      failedAuth: false,
+      totpEnabled: optionService.getOptionBool("totpEnabled") && totp_secret.checkForTotSecret(),
+      assetPath: assetPath,
+      appPath: appPath,
+    });
+  }
 }
 
 function setPasswordPage(req: Request, res: Response) {
@@ -133,8 +138,7 @@ function logout(req: AppRequest, res: Response) {
   req.session.regenerate(() => {
     req.session.loggedIn = false;
     if (openIDService.isOpenIDEnabled() && openIDEncryption.isSubjectIdentifierSaved()) {
-      console.log("CAN LOGOUT");
-      res.oidc.logout({});
+      res.oidc.logout({ returnTo: "/authenticate" });
     } else res.redirect("login");
   });
 }
diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index ebf02f6996..4eb2581069 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -6,84 +6,58 @@ import utils = require("../utils");
 import sql = require("../sql");
 
 function getVerificationHash(password: crypto.BinaryLike) {
-    const salt = optionService.getOption("passwordVerificationSalt");
+  const salt = optionService.getOption("passwordVerificationSalt");
 
-    return getScryptHash(password, salt);
+  return getScryptHash(password, salt);
 }
 
 function getPasswordDerivedKey(password: crypto.BinaryLike) {
-    const salt = optionService.getOption("passwordDerivedKeySalt");
+  const salt = optionService.getOption("passwordDerivedKeySalt");
 
-    return getScryptHash(password, salt);
+  return getScryptHash(password, salt);
 }
 
-function getScryptHash(
-    password: crypto.BinaryLike,
-    salt: string | crypto.BinaryLike
-) {
-    const hashed = crypto.scryptSync(
-        password,
-        salt instanceof String ? utils.toBase64(salt.toString()) : salt,
-        32,
-        {
-            N: 16384,
-            r: 8,
-            p: 1,
-        }
-    );
+function getScryptHash(password: crypto.BinaryLike, salt: string | crypto.BinaryLike) {
+  const hashed = crypto.scryptSync(password, salt instanceof String ? utils.toBase64(salt.toString()) : salt, 32, {
+    N: 16384,
+    r: 8,
+    p: 1,
+  });
 
-    return hashed;
+  return hashed;
 }
 
-function getSubjectIdentifierVerificationHash(
-    guessedUserId: string | crypto.BinaryLike,
-    params?: { salt: string; derivedKey: string }
-) {
-    // const salt = optionService.getOption('subjectIdentifierVerificationSalt');
+function getSubjectIdentifierVerificationHash(guessedUserId: string | crypto.BinaryLike, salt?: string) {
+  if (salt != null) return getScryptHash(guessedUserId, salt);
 
-    if (params != null)
-        return getScryptHash(guessedUserId, utils.toBase64(params.salt));
-
-    const salt = sql.getValue("SELECT salt FROM user_data;");
-    if (salt === undefined || salt === null) {
-        console.log("User salt undefined!");
-        return undefined;
-    }
-    console.log(
-        "Guessed userID: " + guessedUserId,
-        "--Salt: " + utils.toBase64(salt.toString())
-    );
-    return getScryptHash(
-        guessedUserId,
-        utils.toBase64(salt.toString())
-    ).toString();
+  const savedSalt = sql.getValue("SELECT salt FROM user_data;");
+  if (savedSalt === undefined || savedSalt === null) {
+    console.log("User salt undefined!");
+    return undefined;
+  }
+  return getScryptHash(guessedUserId, savedSalt.toString());
 }
 
 function getSubjectIdentifierDerivedKey(subjectIdentifer: crypto.BinaryLike) {
-    // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
-
-    const salt = sql.getValue("SELECT salt FROM user_data");
-    if (salt === undefined || salt === null) return undefined;
+  const salt = sql.getValue("SELECT salt FROM user_data;");
+  if (salt === undefined || salt === null) return undefined;
 
-    return getScryptHash(subjectIdentifer, utils.toBase64(salt.toString()));
+  return getScryptHash(subjectIdentifer, salt.toString());
 }
 
-function createSubjectIdentifierDerivedKey(
-    subjectIdentifer: string | crypto.BinaryLike,
-    salt: string | crypto.BinaryLike
-) {
-    // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
+function createSubjectIdentifierDerivedKey(subjectIdentifer: string | crypto.BinaryLike, salt: string | crypto.BinaryLike) {
+  // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
 
-    //   const salt = sql.getValue("SELECT salt FROM user_data");
-    //   if (salt === undefined || salt === null) return undefined;
+  //   const salt = sql.getValue("SELECT salt FROM user_data");
+  //   if (salt === undefined || salt === null) return undefined;
 
-    return getScryptHash(subjectIdentifer, salt);
+  return getScryptHash(subjectIdentifer, salt);
 }
 
 export = {
-    getVerificationHash,
-    getPasswordDerivedKey,
-    getSubjectIdentifierVerificationHash,
-    getSubjectIdentifierDerivedKey,
-    createSubjectIdentifierDerivedKey,
+  getVerificationHash,
+  getPasswordDerivedKey,
+  getSubjectIdentifierVerificationHash,
+  getSubjectIdentifierDerivedKey,
+  createSubjectIdentifierDerivedKey,
 };
diff --git a/src/services/encryption/open_id_encryption.ts b/src/services/encryption/open_id_encryption.ts
index 038877174e..603435bfe6 100644
--- a/src/services/encryption/open_id_encryption.ts
+++ b/src/services/encryption/open_id_encryption.ts
@@ -6,187 +6,117 @@ import sql = require("../sql");
 import sqlInit = require("../sql_init");
 
 function saveSubjectIdentifier(subjectIdentifier: string) {
-    const verificationSalt = utils.randomSecureToken(32);
-    const derivedKeySalt = utils.randomSecureToken(32);
-
-    console.log("Cycle Start=============================");
-
-    const a = {
-        salt: verificationSalt,
-        derivedKey: derivedKeySalt,
-    };
-
-    const verificationHash =
-        myScryptService.getSubjectIdentifierVerificationHash(
-            subjectIdentifier,
-            a
-        );
-    if (verificationHash === undefined) {
-        console.log("Verification hash undefined!");
-        return undefined;
-    }
-
-    if (verificationHash !== undefined)
-        console.log("Ver type: " + utils.toBase64(verificationHash));
-
-    const userIDEncryptedDataKey = setDataKey(
-        subjectIdentifier,
-        utils.randomSecureToken(16)
-    );
-
-    if (userIDEncryptedDataKey === undefined || userIDEncryptedDataKey === null)
-        console.log("USERID ENCRYPTED DATA KEY NULL");
-
-    // console.log("Saving...");
-    const data = {
-        tmpID: 0,
-        userIDVerificationHash: utils.toBase64(verificationHash),
-        salt: verificationSalt,
-        derivedKey: derivedKeySalt,
-        userIDEcnryptedDataKey: userIDEncryptedDataKey,
-        isSetup: "true",
-    };
-
-    // console.log("Row count: " + sql.getRowOrNull("user_data", 0));
-    // console.log(data);
-    sql.upsert("user_data", "tmpID", data);
-
-    // sql.replace("user_data", data);
-    // console.log("Saved userID");
-
-    // console.log("Current data: " + sql.getMap("user_data"));
-    return true;
+  if (isUserSaved()) return false;
+
+  const verificationSalt = utils.randomSecureToken(32);
+  const derivedKeySalt = utils.randomSecureToken(32);
+
+  const verificationHash = myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier, verificationSalt);
+  if (verificationHash === undefined) {
+    console.log("Verification hash undefined!");
+    return undefined;
+  }
+
+  const userIDEncryptedDataKey = setDataKey(subjectIdentifier, utils.randomSecureToken(16));
+
+  if (userIDEncryptedDataKey === undefined || userIDEncryptedDataKey === null) {
+    console.log("USERID ENCRYPTED DATA KEY NULL");
+    return undefined;
+  }
+
+  const data = {
+    tmpID: 0,
+    userIDVerificationHash: utils.toBase64(verificationHash),
+    salt: verificationSalt,
+    derivedKey: derivedKeySalt,
+    userIDEcnryptedDataKey: userIDEncryptedDataKey,
+    isSetup: "true",
+  };
+
+  console.log("Saved data: " + data);
+  sql.upsert("user_data", "tmpID", data);
+  return true;
 }
 
 function isSubjectIdentifierSaved() {
-    const value = sql.getValue("SELECT userIDEcnryptedDataKey FROM user_data");
-    console.log("Val: " + value);
-    if (value === undefined || value === null || value === "") return false;
-    return true;
+  const value = sql.getValue("SELECT userIDEcnryptedDataKey FROM user_data;");
+  if (value === undefined || value === null || value === "") return false;
+  return true;
 }
 
 function isUserSaved() {
-    const all = sql.getRows("SELECT * FROM user_data;");
-    console.log("All: " + all);
-    all.forEach((a, b) => console.log(a, b));
-    // const value = sql.execute("SELECT userIDEcnryptedDataKey FROM user_data");
-    // console.log("Val: " + value);
-    const dbf = sql.getValue<string>("SELECT isSetup FROM user_data;");
-    console.log(
-        "IsUserSaved: " +
-            typeof dbf +
-            " - {" +
-            dbf +
-            "}" +
-            " - [" +
-            (dbf === "true" ? true : false) +
-            "]"
-    );
-    return dbf === "true" ? true : false;
+  const isSaved = sql.getValue<string>("SELECT isSetup FROM user_data;");
+  return isSaved === "true" ? true : false;
 }
 
 function verifyOpenIDSubjectIdentifier(subjectIdentifier: string) {
-    console.log(
-        "Verifying UserID+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++"
-    );
-    // Check to see if table exists
-    if (!sqlInit.isDbInitialized()) {
-        console.log("Database not initialized!");
-        return undefined;
-    }
-
-    if (!isUserSaved()) {
-        console.log("DATABASE NOT SETUP");
-        return undefined;
-    }
-
-    const salt = sql.getValue("SELECT salt FROM user_data;");
-    console.log("Salt: " + salt);
-    if (salt == undefined) {
-        console.log("Salt undefined");
-        return undefined;
-    }
-
-    const givenSubjectIdentifierHash =
-        myScryptService.getSubjectIdentifierVerificationHash(
-            utils.toBase64(subjectIdentifier)
-        );
-    if (givenSubjectIdentifierHash === undefined) {
-        console.log("Sub id hash undefined!");
-        return undefined;
-    }
-
-    console.log(
-        "Passed userid Hash: " + utils.toBase64(givenSubjectIdentifierHash)
-    );
-
-    const hash = sql.getValue("SELECT userIDVerificationHash FROM user_data");
-    if (hash === undefined) {
-        console.log("verification hash undefined");
-        return undefined;
-    }
-    console.log("Saved userid Hash: " + hash);
-
-    const dbSubjectIdentifierHash = hash;
-
-    // if (!hash) return false;
-
-    console.log("Given: " + utils.toBase64(givenSubjectIdentifierHash), hash);
-    console.log("Matches: " + givenSubjectIdentifierHash === hash);
-    console.log("Hash 2: " + hash);
-    return givenSubjectIdentifierHash === hash;
+  if (!sqlInit.isDbInitialized()) {
+    console.log("Database not initialized!");
+    return undefined;
+  }
+
+  if (!isUserSaved()) {
+    console.log("DATABASE NOT SETUP");
+    return undefined;
+  }
+
+  const salt = sql.getValue("SELECT salt FROM user_data;");
+  if (salt == undefined) {
+    console.log("Salt undefined");
+    return undefined;
+  }
+
+  const givenHash = myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier)?.toString("base64");
+  if (givenHash === undefined) {
+    console.log("Sub id hash undefined!");
+    return undefined;
+  }
+
+  const savedHash = sql.getValue("SELECT userIDVerificationHash FROM user_data");
+  if (savedHash === undefined) {
+    console.log("verification hash undefined");
+    return undefined;
+  }
+
+  console.log("Matches: " + givenHash === savedHash);
+  return givenHash === savedHash;
 }
 
-function setDataKey(
-    subjectIdentifier: string,
-    plainTextDataKey: string | Buffer
-) {
-    // Need to figure out which salt. Don't have the brain power for encryption today.
-    const subjectIdentifierDerivedKey =
-        myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
-
-    if (subjectIdentifierDerivedKey === undefined) {
-        console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
-        return undefined;
-    }
-    const newEncryptedDataKey = dataEncryptionService.encrypt(
-        subjectIdentifierDerivedKey,
-        plainTextDataKey
-    );
-
-    // optionService.setOption('subjectIdentifierEncryptedDataKey', newEncryptedDataKey);
-    return newEncryptedDataKey;
+function setDataKey(subjectIdentifier: string, plainTextDataKey: string | Buffer) {
+  const subjectIdentifierDerivedKey = myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
+
+  if (subjectIdentifierDerivedKey === undefined) {
+    console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
+    return undefined;
+  }
+  const newEncryptedDataKey = dataEncryptionService.encrypt(subjectIdentifierDerivedKey, plainTextDataKey);
+
+  return newEncryptedDataKey;
 }
 
 function getDataKey(subjectIdentifier: string) {
-    const subjectIdentifierDerivedKey =
-        myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
-
-    const encryptedDataKey = sql.getValue(
-        "SELECT userIDEcnryptedDataKey FROM user_data"
-    );
-
-    if (encryptedDataKey === undefined || encryptedDataKey === null) {
-        console.log("Encrypted data key empty!");
-        return undefined;
-    }
-
-    if (subjectIdentifierDerivedKey === undefined) {
-        console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
-        return undefined;
-    }
-    const decryptedDataKey = dataEncryptionService.decrypt(
-        subjectIdentifierDerivedKey,
-        encryptedDataKey.toString()
-    );
-
-    return decryptedDataKey;
+  const subjectIdentifierDerivedKey = myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
+
+  const encryptedDataKey = sql.getValue("SELECT userIDEcnryptedDataKey FROM user_data");
+
+  if (encryptedDataKey === undefined || encryptedDataKey === null) {
+    console.log("Encrypted data key empty!");
+    return undefined;
+  }
+
+  if (subjectIdentifierDerivedKey === undefined) {
+    console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
+    return undefined;
+  }
+  const decryptedDataKey = dataEncryptionService.decrypt(subjectIdentifierDerivedKey, encryptedDataKey.toString());
+
+  return decryptedDataKey;
 }
 
 export = {
-    verifyOpenIDSubjectIdentifier,
-    getDataKey,
-    setDataKey,
-    saveSubjectIdentifier,
-    isSubjectIdentifierSaved,
+  verifyOpenIDSubjectIdentifier,
+  getDataKey,
+  setDataKey,
+  saveSubjectIdentifier,
+  isSubjectIdentifierSaved,
 };
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index 21904738f5..7d102b5089 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -7,159 +7,116 @@ import { Session, auth } from "express-openid-connect";
 import sql = require("./sql");
 
 function isOpenIDEnabled() {
-    return checkOpenIDRequirements();
+  return checkOpenIDRequirements();
 }
 
 function isUserSaved() {
-    return sql.getValue("SELECT isSetup FROM user_data") == "true"
-        ? true
-        : false;
+  const dbf = sql.getValue<string>("SELECT isSetup FROM user_data;");
+  return dbf === "true" ? true : false;
 }
 
 function checkOpenIDRequirements() {
-    if (process.env.OAUTH_ENABLED === undefined) return false;
-    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
-
-    if (process.env.BASE_URL === undefined)
-        throw new OpenIDError("BASE_URL is undefined in .env!");
-    if (process.env.CLIENT_ID === undefined)
-        throw new OpenIDError("CLIENT_ID is undefined in .env!");
-    if (process.env.ISSUER_BASE_URL === undefined)
-        throw new OpenIDError("ISSUER_BASE_URL is undefined in .env!");
-    if (process.env.SECRET === undefined)
-        throw new OpenIDError("SECRET is undefined in .env!");
-    if (process.env.AUTH_0_LOGOUT === undefined)
-        throw new OpenIDError("AUTH_0_LOGOUT is undefined in .env!");
-
-    return true;
-}
-
-// function enableOAuth() {
-//   if (!getOauthEnv()) return { success: false, message: "OAuth Not Enabled" };
-
-//   options.setOption("oAuthEnabled", true);
-//   options.setOption("totpEnabled", false);
-
-//   return { success: true, message: "OAuth Enabled" };
-// }
-
-function disableOAuth() {
-    options.setOption("oAuthEnabled", false);
-    return { success: true, message: "OAuth Disabled" };
-}
+  if (process.env.OAUTH_ENABLED === undefined) return false;
+  if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
 
-function getOauthEnv() {
-    if (process.env.OAUTH_ENABLED === undefined) return false;
-    if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
+  if (process.env.BASE_URL === undefined) throw new OpenIDError("BASE_URL is undefined in .env!");
+  if (process.env.CLIENT_ID === undefined) throw new OpenIDError("CLIENT_ID is undefined in .env!");
+  if (process.env.ISSUER_BASE_URL === undefined) throw new OpenIDError("ISSUER_BASE_URL is undefined in .env!");
+  if (process.env.SECRET === undefined) throw new OpenIDError("SECRET is undefined in .env!");
+  if (process.env.AUTH_0_LOGOUT === undefined) throw new OpenIDError("AUTH_0_LOGOUT is undefined in .env!");
 
-    return true;
+  return true;
 }
 
 function getOAuthStatus() {
-    return {
-        success: true,
-        message: checkOpenIDRequirements(),
-    };
+  return {
+    success: true,
+    message: checkOpenIDRequirements(),
+  };
 }
 
-// function validateUser(userID: string) {
-//     console.log("Checking to see if the user is valid :D");
-//     if (userID === sql.getValue("SELECT * FROM user_data")) return true;
-//     return false;
-// }
-
 function isTokenValid(req: Request, res: Response, next: NextFunction) {
-    const userStatus = openIDEncryption.isSubjectIdentifierSaved();
-
-    if (req.oidc !== undefined) {
-        const result = req.oidc
-            .fetchUserInfo()
-            .then((result) => {
-                return {
-                    success: true,
-                    message: "Token is valid",
-                    user: userStatus,
-                };
-            })
-            .catch((result) => {
-                return {
-                    success: false,
-                    message: "Token is not valid",
-                    user: userStatus,
-                };
-            });
-        return result;
-    } else {
+  const userStatus = openIDEncryption.isSubjectIdentifierSaved();
+
+  if (req.oidc !== undefined) {
+    const result = req.oidc
+      .fetchUserInfo()
+      .then((result) => {
         return {
-            success: false,
-            message: "Token not set up",
-            user: userStatus,
+          success: true,
+          message: "Token is valid",
+          user: userStatus,
         };
-    }
+      })
+      .catch((result) => {
+        return {
+          success: false,
+          message: "Token is not valid",
+          user: userStatus,
+        };
+      });
+    return result;
+  } else {
+    return {
+      success: false,
+      message: "Token not set up",
+      user: userStatus,
+    };
+  }
 }
 
 function checkAuth0Logout() {
-    if (process.env.AUTH_0_LOGOUT === undefined) return false;
-    if (process.env.AUTH_0_LOGOUT.toLocaleLowerCase() === "true") return true;
-    return false;
+  if (process.env.AUTH_0_LOGOUT === undefined) return false;
+  if (process.env.AUTH_0_LOGOUT.toLocaleLowerCase() === "true") return true;
+  return false;
 }
 
 function generateOAuthConfig() {
-    const authRoutes = {
-        callback: "/callback",
-        login: "/authenticate",
-        postLogoutRedirect: "/login",
-        logout: "/logout",
-    };
-
-    const logoutParams = {
-        // end_session_endpoint: "/end-session/",
-    };
-
-    const authConfig = {
-        authRequired: true,
-        auth0Logout: checkAuth0Logout(),
-        baseURL: process.env.BASE_URL,
-        clientID: process.env.CLIENT_ID,
-        issuerBaseURL: process.env.ISSUER_BASE_URL,
-        secret: process.env.SECRET,
-        clientSecret: process.env.SECRET,
-        authorizationParams: {
-            response_type: "code",
-            scope: "openid profile email",
-        },
-        routes: authRoutes,
-        idpLogout: true,
-        logoutParams: logoutParams,
-        afterCallback: async (
-            req: Request,
-            res: Response,
-            session: Session
-        ) => {
-            if (sqlInit.isDbInitialized()) {
-                console.log("Saving USER ID");
-                if (req.oidc.user === undefined) console.log("user invalid!");
-                else {
-                    openIDEncryption.saveSubjectIdentifier(
-                        req.oidc.user.sub.toString()
-                    );
-                    console.log("User ID: " + req.oidc.user.sub);
-                }
-            }
-            return session;
-        },
-    };
-    return authConfig;
+  const authRoutes = {
+    callback: "/callback",
+    login: "/authenticate",
+    postLogoutRedirect: "/login",
+    logout: "/logout",
+  };
+
+  const logoutParams = {
+    // end_session_endpoint: "/end-session/",
+  };
+
+  const authConfig = {
+    authRequired: true,
+    auth0Logout: checkAuth0Logout(),
+    baseURL: process.env.BASE_URL,
+    clientID: process.env.CLIENT_ID,
+    issuerBaseURL: process.env.ISSUER_BASE_URL,
+    secret: process.env.SECRET,
+    clientSecret: process.env.SECRET,
+    authorizationParams: {
+      response_type: "code",
+      scope: "openid profile email",
+    },
+    routes: authRoutes,
+    idpLogout: true,
+    logoutParams: logoutParams,
+    afterCallback: async (req: Request, res: Response, session: Session) => {
+      if (!sqlInit.isDbInitialized()) return session;
+
+      if (isUserSaved()) return session;
+
+      if (req.oidc.user === undefined) console.log("user invalid!");
+      else openIDEncryption.saveSubjectIdentifier(req.oidc.user.sub.toString());
+
+      return session;
+    },
+  };
+  return authConfig;
 }
 
 export = {
-    generateOAuthConfig,
-    getOAuthStatus,
-    // enableOAuth,
-    disableOAuth,
-    isOpenIDEnabled,
-    checkOpenIDRequirements,
-    isTokenValid,
-    isUserSaved,
-    // validateUser,
+  generateOAuthConfig,
+  getOAuthStatus,
+  isOpenIDEnabled,
+  checkOpenIDRequirements,
+  isTokenValid,
+  isUserSaved,
 };

From 3fdc6aeb409ba0f10721647f93bf0a164a182c15 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 11 Aug 2024 09:18:45 -0700
Subject: [PATCH 59/63] Fixed salt missing from table.

---
 src/services/encryption/my_scrypt.ts          | 39 +++++++++---
 src/services/encryption/open_id_encryption.ts | 61 ++++++++++++++++---
 2 files changed, 81 insertions(+), 19 deletions(-)

diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index 4eb2581069..eebdf7a772 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -17,17 +17,28 @@ function getPasswordDerivedKey(password: crypto.BinaryLike) {
   return getScryptHash(password, salt);
 }
 
-function getScryptHash(password: crypto.BinaryLike, salt: string | crypto.BinaryLike) {
-  const hashed = crypto.scryptSync(password, salt instanceof String ? utils.toBase64(salt.toString()) : salt, 32, {
-    N: 16384,
-    r: 8,
-    p: 1,
-  });
+function getScryptHash(
+  password: crypto.BinaryLike,
+  salt: string | crypto.BinaryLike
+) {
+  const hashed = crypto.scryptSync(
+    password,
+    salt instanceof String ? utils.toBase64(salt.toString()) : salt,
+    32,
+    {
+      N: 16384,
+      r: 8,
+      p: 1,
+    }
+  );
 
   return hashed;
 }
 
-function getSubjectIdentifierVerificationHash(guessedUserId: string | crypto.BinaryLike, salt?: string) {
+function getSubjectIdentifierVerificationHash(
+  guessedUserId: string | crypto.BinaryLike,
+  salt?: string
+) {
   if (salt != null) return getScryptHash(guessedUserId, salt);
 
   const savedSalt = sql.getValue("SELECT salt FROM user_data;");
@@ -38,14 +49,24 @@ function getSubjectIdentifierVerificationHash(guessedUserId: string | crypto.Bin
   return getScryptHash(guessedUserId, savedSalt.toString());
 }
 
-function getSubjectIdentifierDerivedKey(subjectIdentifer: crypto.BinaryLike) {
+function getSubjectIdentifierDerivedKey(
+  subjectIdentifer: crypto.BinaryLike,
+  givenSalt?: string
+) {
+  if (givenSalt !== undefined) {
+    return getScryptHash(subjectIdentifer, givenSalt.toString());
+  }
+
   const salt = sql.getValue("SELECT salt FROM user_data;");
   if (salt === undefined || salt === null) return undefined;
 
   return getScryptHash(subjectIdentifer, salt.toString());
 }
 
-function createSubjectIdentifierDerivedKey(subjectIdentifer: string | crypto.BinaryLike, salt: string | crypto.BinaryLike) {
+function createSubjectIdentifierDerivedKey(
+  subjectIdentifer: string | crypto.BinaryLike,
+  salt: string | crypto.BinaryLike
+) {
   // const salt = optionService.getOption("subjectIdentifierDerivedKeySalt");
 
   //   const salt = sql.getValue("SELECT salt FROM user_data");
diff --git a/src/services/encryption/open_id_encryption.ts b/src/services/encryption/open_id_encryption.ts
index 603435bfe6..b496568837 100644
--- a/src/services/encryption/open_id_encryption.ts
+++ b/src/services/encryption/open_id_encryption.ts
@@ -8,16 +8,37 @@ import sqlInit = require("../sql_init");
 function saveSubjectIdentifier(subjectIdentifier: string) {
   if (isUserSaved()) return false;
 
+  // Allows setup with existing instances of trilium
+  sql.execute(`
+    CREATE TABLE IF NOT EXISTS "user_data"
+    (
+        tmpID INT,
+        userIDEcnryptedDataKey TEXT,
+        userIDVerificationHash TEXT,
+        salt TEXT,
+        derivedKey TEXT,
+        isSetup TEXT DEFAULT "false",
+        UNIQUE (tmpID),
+        PRIMARY KEY (tmpID)
+    );`);
+
   const verificationSalt = utils.randomSecureToken(32);
   const derivedKeySalt = utils.randomSecureToken(32);
 
-  const verificationHash = myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier, verificationSalt);
+  const verificationHash = myScryptService.getSubjectIdentifierVerificationHash(
+    subjectIdentifier,
+    verificationSalt
+  );
   if (verificationHash === undefined) {
     console.log("Verification hash undefined!");
     return undefined;
   }
 
-  const userIDEncryptedDataKey = setDataKey(subjectIdentifier, utils.randomSecureToken(16));
+  const userIDEncryptedDataKey = setDataKey(
+    subjectIdentifier,
+    utils.randomSecureToken(16),
+    verificationSalt
+  );
 
   if (userIDEncryptedDataKey === undefined || userIDEncryptedDataKey === null) {
     console.log("USERID ENCRYPTED DATA KEY NULL");
@@ -66,13 +87,17 @@ function verifyOpenIDSubjectIdentifier(subjectIdentifier: string) {
     return undefined;
   }
 
-  const givenHash = myScryptService.getSubjectIdentifierVerificationHash(subjectIdentifier)?.toString("base64");
+  const givenHash = myScryptService
+    .getSubjectIdentifierVerificationHash(subjectIdentifier)
+    ?.toString("base64");
   if (givenHash === undefined) {
     console.log("Sub id hash undefined!");
     return undefined;
   }
 
-  const savedHash = sql.getValue("SELECT userIDVerificationHash FROM user_data");
+  const savedHash = sql.getValue(
+    "SELECT userIDVerificationHash FROM user_data"
+  );
   if (savedHash === undefined) {
     console.log("verification hash undefined");
     return undefined;
@@ -82,22 +107,35 @@ function verifyOpenIDSubjectIdentifier(subjectIdentifier: string) {
   return givenHash === savedHash;
 }
 
-function setDataKey(subjectIdentifier: string, plainTextDataKey: string | Buffer) {
-  const subjectIdentifierDerivedKey = myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
+function setDataKey(
+  subjectIdentifier: string,
+  plainTextDataKey: string | Buffer,
+  salt: string
+) {
+  console.log("Subject Identifier: " + subjectIdentifier);
+  const subjectIdentifierDerivedKey =
+    myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier, salt);
 
   if (subjectIdentifierDerivedKey === undefined) {
     console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
     return undefined;
   }
-  const newEncryptedDataKey = dataEncryptionService.encrypt(subjectIdentifierDerivedKey, plainTextDataKey);
+  const newEncryptedDataKey = dataEncryptionService.encrypt(
+    subjectIdentifierDerivedKey,
+    plainTextDataKey
+  );
 
   return newEncryptedDataKey;
 }
 
 function getDataKey(subjectIdentifier: string) {
-  const subjectIdentifierDerivedKey = myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
+  console.log("Subject Identifier: " + subjectIdentifier);
+  const subjectIdentifierDerivedKey =
+    myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier);
 
-  const encryptedDataKey = sql.getValue("SELECT userIDEcnryptedDataKey FROM user_data");
+  const encryptedDataKey = sql.getValue(
+    "SELECT userIDEcnryptedDataKey FROM user_data"
+  );
 
   if (encryptedDataKey === undefined || encryptedDataKey === null) {
     console.log("Encrypted data key empty!");
@@ -108,7 +146,10 @@ function getDataKey(subjectIdentifier: string) {
     console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY");
     return undefined;
   }
-  const decryptedDataKey = dataEncryptionService.decrypt(subjectIdentifierDerivedKey, encryptedDataKey.toString());
+  const decryptedDataKey = dataEncryptionService.decrypt(
+    subjectIdentifierDerivedKey,
+    encryptedDataKey.toString()
+  );
 
   return decryptedDataKey;
 }

From 6fe45a9f22dbd3be5e55353a3a0fa84b8a831ec3 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 11 Aug 2024 09:28:52 -0700
Subject: [PATCH 60/63] Fixed Logout Issue

---
 src/services/open_id.ts | 30 ++++++++++++++++++++++--------
 1 file changed, 22 insertions(+), 8 deletions(-)

diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index 7d102b5089..75d6ea0282 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -16,14 +16,28 @@ function isUserSaved() {
 }
 
 function checkOpenIDRequirements() {
-  if (process.env.OAUTH_ENABLED === undefined) return false;
-  if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") return false;
+  if (process.env.OAUTH_ENABLED === undefined) {
+    return false;
+  }
+  if (process.env.OAUTH_ENABLED.toLocaleLowerCase() !== "true") {
+    return false;
+  }
 
-  if (process.env.BASE_URL === undefined) throw new OpenIDError("BASE_URL is undefined in .env!");
-  if (process.env.CLIENT_ID === undefined) throw new OpenIDError("CLIENT_ID is undefined in .env!");
-  if (process.env.ISSUER_BASE_URL === undefined) throw new OpenIDError("ISSUER_BASE_URL is undefined in .env!");
-  if (process.env.SECRET === undefined) throw new OpenIDError("SECRET is undefined in .env!");
-  if (process.env.AUTH_0_LOGOUT === undefined) throw new OpenIDError("AUTH_0_LOGOUT is undefined in .env!");
+  if (process.env.BASE_URL === undefined) {
+    throw new OpenIDError("BASE_URL is undefined in .env!");
+  }
+  if (process.env.CLIENT_ID === undefined) {
+    throw new OpenIDError("CLIENT_ID is undefined in .env!");
+  }
+  if (process.env.ISSUER_BASE_URL === undefined) {
+    throw new OpenIDError("ISSUER_BASE_URL is undefined in .env!");
+  }
+  if (process.env.SECRET === undefined) {
+    throw new OpenIDError("SECRET is undefined in .env!");
+  }
+  if (process.env.AUTH_0_LOGOUT === undefined) {
+    throw new OpenIDError("AUTH_0_LOGOUT is undefined in .env!");
+  }
 
   return true;
 }
@@ -96,7 +110,7 @@ function generateOAuthConfig() {
       scope: "openid profile email",
     },
     routes: authRoutes,
-    idpLogout: true,
+    idpLogout: false,
     logoutParams: logoutParams,
     afterCallback: async (req: Request, res: Response, session: Session) => {
       if (!sqlInit.isDbInitialized()) return session;

From 8abdca916ec67e9d3faad78818ce4fe177da0223 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 11 Aug 2024 09:55:25 -0700
Subject: [PATCH 61/63] Untrack README.md

---
 README.md | 93 -------------------------------------------------------
 1 file changed, 93 deletions(-)
 delete mode 100644 README.md

diff --git a/README.md b/README.md
deleted file mode 100644
index f4898fe51c..0000000000
--- a/README.md
+++ /dev/null
@@ -1,93 +0,0 @@
-<!-- @format -->
-
-# Trilium Notes
-
-## Trilium is in maintenance mode - see details in https://github.com/zadam/trilium/issues/4620
-
-Preliminary disccusions on the successor organization are taking place in [Trilium Next discussions](https://github.com/orgs/TriliumNext/discussions).
-
-[![Join the chat at https://gitter.im/trilium-notes/Lobby](https://badges.gitter.im/trilium-notes/Lobby.svg)](https://gitter.im/trilium-notes/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) [English](https://github.com/zadam/trilium/blob/master/README.md) | [Chinese](https://github.com/zadam/trilium/blob/master/README-ZH_CN.md) | [Russian](https://github.com/zadam/trilium/blob/master/README.ru.md) | [Japanese](https://github.com/zadam/trilium/blob/master/README.ja.md) | [Italian](https://github.com/zadam/trilium/blob/master/README.it.md)
-
-Trilium Notes is a hierarchical note taking application with focus on building large personal knowledge bases.
-
-See [screenshots](https://github.com/zadam/trilium/wiki/Screenshot-tour) for quick overview:
-
-<a href="https://github.com/zadam/trilium/wiki/Screenshot-tour"><img src="https://raw.githubusercontent.com/wiki/zadam/trilium/images/screenshot.png" alt="Trilium Screenshot" width="1000"></a>
-
-Ukraine is currently defending itself from Russian aggression, please consider [donating to Ukrainian Army or humanitarian charities](https://standforukraine.com/).
-
-<p float="left">
-  <img src="https://upload.wikimedia.org/wikipedia/commons/4/49/Flag_of_Ukraine.svg" alt="drawing" width="400"/>
-  <img src="https://signmyrocket.com//uploads/2b2a523cd0c0e76cdbba95a89a9636b2_1676971281.jpg" alt="Trilium Notes supports Ukraine!" width="570"/>
-</p>
-
-## 🎁 Features
-
--   Notes can be arranged into arbitrarily deep tree. Single note can be placed into multiple places in the tree (see [cloning](https://github.com/zadam/trilium/wiki/Cloning-notes))
--   Rich WYSIWYG note editing including e.g. tables, images and [math](https://github.com/zadam/trilium/wiki/Text-notes#math-support) with markdown [autoformat](https://github.com/zadam/trilium/wiki/Text-notes#autoformat)
--   Support for editing [notes with source code](https://github.com/zadam/trilium/wiki/Code-notes), including syntax highlighting
--   Fast and easy [navigation between notes](https://github.com/zadam/trilium/wiki/Note-navigation), full text search and [note hoisting](https://github.com/zadam/trilium/wiki/Note-hoisting)
--   Seamless [note versioning](https://github.com/zadam/trilium/wiki/Note-revisions)
--   Note [attributes](https://github.com/zadam/trilium/wiki/Attributes) can be used for note organization, querying and advanced [scripting](https://github.com/zadam/trilium/wiki/Scripts)
--   [Synchronization](https://github.com/zadam/trilium/wiki/Synchronization) with self-hosted sync server
-    -   there's a [3rd party service for hosting synchronisation server](https://trilium.cc/paid-hosting)
--   [Sharing](https://github.com/zadam/trilium/wiki/Sharing) (publishing) notes to public internet
--   Strong [note encryption](https://github.com/zadam/trilium/wiki/Protected-notes) with per-note granularity
--   Sketching diagrams with built-in Excalidraw (note type "canvas")
--   [Relation maps](https://github.com/zadam/trilium/wiki/Relation-map) and [link maps](https://github.com/zadam/trilium/wiki/Link-map) for visualizing notes and their relations
--   [Scripting](https://github.com/zadam/trilium/wiki/Scripts) - see [Advanced showcases](https://github.com/zadam/trilium/wiki/Advanced-showcases)
--   [REST API](https://github.com/zadam/trilium/wiki/ETAPI) for automation
--   Scales well in both usability and performance upwards of 100 000 notes
--   Touch optimized [mobile frontend](https://github.com/zadam/trilium/wiki/Mobile-frontend) for smartphones and tablets
--   [Night theme](https://github.com/zadam/trilium/wiki/Themes)
--   [Evernote](https://github.com/zadam/trilium/wiki/Evernote-import) and [Markdown import & export](https://github.com/zadam/trilium/wiki/Markdown)
--   [Web Clipper](https://github.com/zadam/trilium/wiki/Web-clipper) for easy saving of web content
--   [Multi-Factor Authentication] to keep your notes safe
-
-Check out [awesome-trilium](https://github.com/Nriver/awesome-trilium) for 3rd party themes, scripts, plugins and more.
-
-## 🏗 Builds
-
-Trilium is provided as either desktop application (Linux and Windows) or web application hosted on your server (Linux). Mac OS desktop build is available, but it is [unsupported](https://github.com/zadam/trilium/wiki/FAQ#mac-os-support).
-
--   If you want to use Trilium on the desktop, download binary release for your platform from [latest release](https://github.com/zadam/trilium/releases/latest), unzip the package and run `trilium` executable.
--   If you want to install Trilium on server, follow [this page](https://github.com/zadam/trilium/wiki/Server-installation).
-    -   Currently only recent Chrome and Firefox are supported (tested) browsers.
-
-Trilium is also provided as a Flatpak:
-
-[<img width="240" src="https://flathub.org/assets/badges/flathub-badge-en.png">](https://flathub.org/apps/details/com.github.zadam.trilium)
-
-## 📝 Documentation
-
-[See wiki for complete list of documentation pages.](https://github.com/zadam/trilium/wiki/)
-
-You can also read [Patterns of personal knowledge base](https://github.com/zadam/trilium/wiki/Patterns-of-personal-knowledge-base) to get some inspiration on how you might use Trilium.
-
-## 💻 Contribute
-
-Use a browser based dev environment
-
-[![Open in Gitpod](https://gitpod.io/button/open-in-gitpod.svg)](https://gitpod.io/#https://github.com/zadam/trilium)
-
-Or clone locally and run
-
-```
-npm install
-npm run start-server
-```
-
-## 📢 Shoutouts
-
--   [CKEditor 5](https://github.com/ckeditor/ckeditor5) - best WYSIWYG editor on the market, very interactive and listening team
--   [FancyTree](https://github.com/mar10/fancytree) - very feature rich tree library without real competition. Trilium Notes would not be the same without it.
--   [CodeMirror](https://github.com/codemirror/CodeMirror) - code editor with support for huge amount of languages
--   [jsPlumb](https://github.com/jsplumb/jsplumb) - visual connectivity library without competition. Used in [relation maps](https://github.com/zadam/trilium/wiki/Relation-map) and [link maps](https://github.com/zadam/trilium/wiki/Link-map)
-
-## 🤝 Support
-
-You can support Trilium using GitHub Sponsors, [PayPal](https://paypal.me/za4am) or Bitcoin (bitcoin:bc1qv3svjn40v89mnkre5vyvs2xw6y8phaltl385d2).
-
-## 🔑 License
-
-This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

From 62f5298e399e694bbb5aaf22323c6ebe90c01d91 Mon Sep 17 00:00:00 2001
From: chesspro13 <chesspro13@gmail.com>
Date: Sun, 11 Aug 2024 10:12:17 -0700
Subject: [PATCH 62/63] Formatting Updates part 1

---
 .vscode/settings.json                         |   3 +-
 README.md                                     | 102 +++
 .../options/multi_factor_authentication.js    |  17 +-
 src/routes/api/totp.ts                        |  12 +-
 src/routes/login.ts                           |  68 +-
 src/routes/routes.ts                          | 598 +++++++++---------
 src/services/auth.ts                          |  68 +-
 7 files changed, 492 insertions(+), 376 deletions(-)
 create mode 100644 README.md

diff --git a/.vscode/settings.json b/.vscode/settings.json
index 98337b9030..b3c2231703 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -1,6 +1,5 @@
 {
-    "editor.formatOnSave": true,
-    
+    "editor.formatOnSave": false,
     "files.eol": "\n",
     "typescript.tsdk": "node_modules/typescript/lib"
 }
diff --git a/README.md b/README.md
new file mode 100644
index 0000000000..a79ba29435
--- /dev/null
+++ b/README.md
@@ -0,0 +1,102 @@
+# TriliumNext Notes
+
+[English](https://github.com/TriliumNext/Notes/blob/master/README.md) | [Chinese](https://github.com/TriliumNext/Notes/blob/master/README-ZH_CN.md) | [Russian](https://github.com/TriliumNext/Notes/blob/master/README.ru.md) | [Japanese](https://github.com/TriliumNext/Notes/blob/master/README.ja.md) | [Italian](https://github.com/TriliumNext/Notes/blob/master/README.it.md)
+
+TriliumNext Notes is an open-source, cross-platform hierarchical note taking application with focus on building large personal knowledge bases.
+
+See [screenshots](https://triliumnext.github.io/Docs/Wiki/screenshot-tour) for quick overview:
+
+<a href="https://triliumnext.github.io/Docs/Wiki/screenshot-tour"><img src="https://github.com/TriliumNext/Docs/blob/main/Wiki/images/screenshot.png?raw=true" alt="Trilium Screenshot" width="1000"></a>
+
+## ⚠️ Why TriliumNext?
+
+[The original Trilium project is in maintenance mode](https://github.com/zadam/trilium/issues/4620)
+
+## 💬 Discuss with us
+
+Feel free to join our official conversations. We would love to hear what features, suggestions, or issues you may have!
+
+- [Matrix](https://matrix.to/#/#triliumnext:matrix.org) (For synchronous discussions)
+  - The `General` Matrix room is also bridged to [XMPP](xmpp:discuss@trilium.thisgreat.party?join)
+- [Github Discussions](https://github.com/TriliumNext/Notes/discussions) (For Asynchronous discussions)
+- [Wiki](https://triliumnext.github.io/Docs/) (For common how-to questions and user guides)
+
+## 🎁 Features
+
+- Notes can be arranged into arbitrarily deep tree. Single note can be placed into multiple places in the tree (see [cloning](https://triliumnext.github.io/Docs/Wiki/cloning-notes)
+- Rich WYSIWYG note editing including e.g. tables, images and [math](https://triliumnext.github.io/Docs/Wiki/text-notes) with markdown [autoformat](https://triliumnext.github.io/Docs/Wiki/text-notes#autoformat)
+- Support for editing [notes with source code](https://triliumnext.github.io/Docs/Wiki/code-notes), including syntax highlighting
+- Fast and easy [navigation between notes](https://triliumnext.github.io/Docs/Wiki/note-navigation), full text search and [note hoisting](https://triliumnext.github.io/Docs/Wiki/note-hoisting)
+- Seamless [note versioning](https://triliumnext.github.io/Docs/Wiki/note-revisions)
+- Note [attributes](https://triliumnext.github.io/Docs/Wiki/attributes) can be used for note organization, querying and advanced [scripting](https://triliumnext.github.io/Docs/Wiki/scripts)
+- [Synchronization](https://triliumnext.github.io/Docs/Wiki/synchronization) with self-hosted sync server
+  - there's a [3rd party service for hosting synchronisation server](https://trilium.cc/paid-hosting)
+- [Sharing](https://triliumnext.github.io/Docs/Wiki/sharing) (publishing) notes to public internet
+- Strong [note encryption](https://triliumnext.github.io/Docs/Wiki/protected-notes) with per-note granularity
+- Sketching diagrams with built-in Excalidraw (note type "canvas")
+- [Relation maps](https://triliumnext.github.io/Docs/Wiki/relation-map) and [link maps](https://triliumnext.github.io/Docs/Wiki/link-map) for visualizing notes and their relations
+- [Scripting](https://triliumnext.github.io/Docs/Wiki/scripts) - see [Advanced showcases](https://triliumnext.github.io/Docs/Wiki/advanced-showcases)
+- [REST API](https://triliumnext.github.io/Docs/Wiki/etapi) for automation
+- Scales well in both usability and performance upwards of 100 000 notes
+- Touch optimized [mobile frontend](https://triliumnext.github.io/Docs/Wiki/mobile-frontend) for smartphones and tablets
+- [Night theme](https://triliumnext.github.io/Docs/Wiki/themes)
+- [Evernote](https://triliumnext.github.io/Docs/Wiki/evernote-import) and [Markdown import & export](https://triliumnext.github.io/Docs/Wiki/markdown)
+- [Web Clipper](https://triliumnext.github.io/Docs/Wiki/web-clipper) for easy saving of web content
+
+✨ Check out the following third-party resources/communities for more TriliumNext related goodies:
+
+- [awesome-trilium](https://github.com/Nriver/awesome-trilium) for 3rd party themes, scripts, plugins and more.
+- [TriliumRocks!](https://trilium.rocks/) for tutorials, guides, and much more.
+
+## 🏗 Installation
+
+### Desktop
+
+To use TriliumNext on your desktop machine (Linux, MacOS, and Windows) you have a few options:
+
+- Download the binary release for your platform from the [latest release page](https://github.com/TriliumNext/Notes/releases/latest), unzip the package and run the `trilium` executable.
+- Access TriliumNext via the web interface of a server installation (see below)
+  - Currently only the latest versions of Chrome & Firefox are supported (and tested).
+- (Coming Soon) TriliumNext will also be provided as a Flatpak
+
+### Mobile
+
+To use TriliumNext on a mobile device:
+
+- Use a mobile web browser to access the mobile interface of a server installation (see below)
+- Use of a mobile app is not yet supported ([see here](https://github.com/TriliumNext/Notes/issues/72)) to track mobile improvements.
+
+### Server
+
+To install TriliumNext on your own server (including via Docker from [Dockerhub](https://hub.docker.com/r/triliumnext/notes)) follow [the server installation docs](https://triliumnext.github.io/Docs/Wiki/server-installation).
+
+## 📝 Documentation
+
+[See wiki for complete list of documentation pages.](https://triliumnext.github.io/Docs)
+
+You can also read [Patterns of personal knowledge base](https://triliumnext.github.io/Docs/Wiki/patterns-of-personal-knowledge) to get some inspiration on how you might use TriliumNext.
+
+## 💻 Contribute
+
+Clone locally and run
+
+```
+npm install
+npm run start-server
+```
+
+## 👏 Shoutouts
+
+- [CKEditor 5](https://github.com/ckeditor/ckeditor5) - best WYSIWYG editor on the market, very interactive and listening team
+- [FancyTree](https://github.com/mar10/fancytree) - very feature rich tree library without real competition. TriliumNext Notes would not be the same without it.
+- [CodeMirror](https://github.com/codemirror/CodeMirror) - code editor with support for huge amount of languages
+- [jsPlumb](https://github.com/jsplumb/jsplumb) - visual connectivity library without competition. Used in [relation maps](https://triliumnext.github.io/Docs/Wiki/Relation-map) and [link maps](https://triliumnext.github.io/Docs/Wiki/Link-map)
+
+## 🤝 Support
+
+You can support the original Trilium developer using GitHub Sponsors, [PayPal](https://paypal.me/za4am) or Bitcoin (bitcoin:bc1qv3svjn40v89mnkre5vyvs2xw6y8phaltl385d2).
+Support for the TriliumNext organization will be possible in the near future.
+
+## 🔑 License
+
+This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
diff --git a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
index 815a8c6cac..b7925ded03 100644
--- a/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
+++ b/src/public/app/widgets/type_widgets/options/multi_factor_authentication.js
@@ -159,13 +159,22 @@ export default class MultiFactorAuthenticationOptions extends OptionsWidget {
   }
 
   async updateSecret() {
-    if (this.$totpEnabled.prop("checked")) server.post("totp/enable");
-    else server.post("totp/disable");
+    if (this.$totpEnabled.prop("checked")) {
+      server.post("totp/enable");
+
+    }
+    else {
+      server.post("totp/disable");
+    }
   }
 
   async updateOAuthStatus() {
-    if (this.$oAuthEnabledCheckbox.prop("checked")) server.post("oauth/enable");
-    else server.post("oauth/disable");
+    if (this.$oAuthEnabledCheckbox.prop("checked")){
+       server.post("oauth/enable");
+    }
+    else{ 
+      server.post("oauth/disable");
+    }
   }
 
   async setRecoveryKeys() {
diff --git a/src/routes/api/totp.ts b/src/routes/api/totp.ts
index 031d022192..0c1d227c1a 100644
--- a/src/routes/api/totp.ts
+++ b/src/routes/api/totp.ts
@@ -6,8 +6,12 @@ function generateTOTPSecret() {
 }
 
 function getTotpEnabled() {
-    if (process.env.TOTP_ENABLED === undefined) return false;
-    if (process.env.TOTP_ENABLED.toLocaleLowerCase() !== 'true') return false;
+    if (process.env.TOTP_ENABLED === undefined) {
+        return false;
+    }
+    if (process.env.TOTP_ENABLED.toLocaleLowerCase() !== 'true') {
+        return false;
+    }
 
     return true;
 }
@@ -18,7 +22,9 @@ function getTOTPStatus() {
 }
 
 function enableTOTP() {
-    if (!getTotpEnabled()) return {success: 'false'};
+    if (!getTotpEnabled()) {
+        return {success: 'false'};
+    }
 
     options.setOption('totpEnabled', true);
     options.setOption('oAuthEnabled', false);
diff --git a/src/routes/login.ts b/src/routes/login.ts
index cd78214c5c..c4d5b6fba8 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -1,29 +1,29 @@
-"use strict";
-
-import utils = require("../services/utils");
-import optionService = require("../services/options");
-import myScryptService = require("../services/encryption/my_scrypt");
-import log = require("../services/log");
-import passwordService = require("../services/encryption/password");
-import totp_secret = require("../services/totp");
-import recoveryCodeService = require("../services/encryption/recovery_codes");
-import openIDService = require("../services/open_id");
-import openIDEncryption = require("../services/encryption/open_id_encryption");
-import assetPath = require("../services/asset_path");
-import appPath = require("../services/app_path");
-import ValidationError = require("../errors/validation_error");
-import { Request, Response } from "express";
-import { AppRequest } from "./route-interface";
-import totp = require("../services/totp");
-import open_id = require("../services/open_id");
+'use strict';
+
+import utils = require('../services/utils');
+import optionService = require('../services/options');
+import myScryptService = require('../services/encryption/my_scrypt');
+import log = require('../services/log');
+import passwordService = require('../services/encryption/password');
+import totp_secret = require('../services/totp');
+import recoveryCodeService = require('../services/encryption/recovery_codes');
+import openIDService = require('../services/open_id');
+import openIDEncryption = require('../services/encryption/open_id_encryption');
+import assetPath = require('../services/asset_path');
+import appPath = require('../services/app_path');
+import ValidationError = require('../errors/validation_error');
+import { Request, Response } from 'express';
+import { AppRequest } from './route-interface';
+import totp = require('../services/totp');
+import open_id = require('../services/open_id');
 
 function loginPage(req: Request, res: Response) {
   if (open_id.isOpenIDEnabled()) {
-    res.redirect("/authenticate");
+    res.redirect('/authenticate');
   } else {
-    res.render("login", {
+    res.render('login', {
       failedAuth: false,
-      totpEnabled: optionService.getOptionBool("totpEnabled") && totp_secret.checkForTotSecret(),
+      totpEnabled: optionService.getOptionBool('totpEnabled') && totp_secret.checkForTotSecret(),
       assetPath: assetPath,
       appPath: appPath,
     });
@@ -31,7 +31,7 @@ function loginPage(req: Request, res: Response) {
 }
 
 function setPasswordPage(req: Request, res: Response) {
-  res.render("set_password", {
+  res.render('set_password', {
     error: false,
     assetPath: assetPath,
     appPath: appPath,
@@ -40,7 +40,7 @@ function setPasswordPage(req: Request, res: Response) {
 
 function setPassword(req: Request, res: Response) {
   if (passwordService.isPasswordSet()) {
-    throw new ValidationError("Password has been already set");
+    throw new ValidationError('Password has been already set');
   }
 
   let { password1, password2 } = req.body;
@@ -52,11 +52,11 @@ function setPassword(req: Request, res: Response) {
   if (password1 !== password2) {
     error = "Entered passwords don't match.";
   } else if (password1.length < 4) {
-    error = "Password must be at least 4 characters long.";
+    error = 'Password must be at least 4 characters long.';
   }
 
   if (error) {
-    res.render("set_password", {
+    res.render('set_password', {
       error,
       assetPath: assetPath,
     });
@@ -65,7 +65,7 @@ function setPassword(req: Request, res: Response) {
 
   passwordService.setPassword(password1);
 
-  res.redirect("login");
+  res.redirect('login');
 }
 
 function login(req: AppRequest, res: Response) {
@@ -78,7 +78,7 @@ function login(req: AppRequest, res: Response) {
       return;
     }
 
-    if (optionService.getOptionBool("totpEnabled") && totp_secret.checkForTotSecret())
+    if (optionService.getOptionBool('totpEnabled') && totp_secret.checkForTotSecret())
       if (!verifyTOTP(guessedTotp)) {
         sendLoginError(req, res);
         return;
@@ -94,13 +94,13 @@ function login(req: AppRequest, res: Response) {
       }
 
       req.session.loggedIn = true;
-      res.redirect(".");
+      res.redirect('.');
     });
   } else {
     // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
     log.info(`WARNING: Wrong password from ${req.ip}, rejecting.`);
 
-    res.status(401).render("login", {
+    res.status(401).render('login', {
       failedAuth: true,
       assetPath: assetPath,
     });
@@ -111,9 +111,9 @@ function sendLoginError(req: AppRequest, res: Response) {
   // note that logged IP address is usually meaningless since the traffic should come from a reverse proxy
   log.info(`WARNING: Wrong password or TOTP from ${req.ip}, rejecting.`);
 
-  res.status(401).render("login", {
+  res.status(401).render('login', {
     failedAuth: true,
-    totpEnabled: optionService.getOption("totpEnabled") && totp_secret.checkForTotSecret(),
+    totpEnabled: optionService.getOption('totpEnabled') && totp_secret.checkForTotSecret(),
     assetPath: assetPath,
   });
 }
@@ -127,7 +127,7 @@ function verifyTOTP(guessedToken: string) {
 }
 
 function verifyPassword(guessedPassword: string) {
-  const hashed_password = utils.fromBase64(optionService.getOption("passwordVerificationHash"));
+  const hashed_password = utils.fromBase64(optionService.getOption('passwordVerificationHash'));
 
   const guess_hashed = myScryptService.getVerificationHash(guessedPassword);
 
@@ -138,8 +138,8 @@ function logout(req: AppRequest, res: Response) {
   req.session.regenerate(() => {
     req.session.loggedIn = false;
     if (openIDService.isOpenIDEnabled() && openIDEncryption.isSubjectIdentifierSaved()) {
-      res.oidc.logout({ returnTo: "/authenticate" });
-    } else res.redirect("login");
+      res.oidc.logout({ returnTo: '/authenticate' });
+    } else res.redirect('login');
   });
 }
 
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 565aa87d45..03afd7787a 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -1,92 +1,92 @@
-"use strict";
+'use strict';
 
-import utils = require("../services/utils");
-import multer = require("multer");
-import log = require("../services/log");
-import express = require("express");
+import utils = require('../services/utils');
+import multer = require('multer');
+import log = require('../services/log');
+import express = require('express');
 const router = express.Router();
-import auth = require("../services/auth");
-import openID = require("../services/open_id");
-import totp = require("./api/totp");
-import recoveryCodes = require("./api/recovery_codes");
-import cls = require("../services/cls");
-import sql = require("../services/sql");
-import entityChangesService = require("../services/entity_changes");
-import csurf = require("csurf");
-import { createPartialContentHandler } from "express-partial-content";
-import rateLimit = require("express-rate-limit");
-import AbstractBeccaEntity = require("../becca/entities/abstract_becca_entity");
-import NotFoundError = require("../errors/not_found_error");
-import ValidationError = require("../errors/validation_error");
+import auth = require('../services/auth');
+import openID = require('../services/open_id');
+import totp = require('./api/totp');
+import recoveryCodes = require('./api/recovery_codes');
+import cls = require('../services/cls');
+import sql = require('../services/sql');
+import entityChangesService = require('../services/entity_changes');
+import csurf = require('csurf');
+import { createPartialContentHandler } from 'express-partial-content';
+import rateLimit = require('express-rate-limit');
+import AbstractBeccaEntity = require('../becca/entities/abstract_becca_entity');
+import NotFoundError = require('../errors/not_found_error');
+import ValidationError = require('../errors/validation_error');
 
 // page routes
-import setupRoute = require("./setup");
-import loginRoute = require("./login");
-import indexRoute = require("./index");
+import setupRoute = require('./setup');
+import loginRoute = require('./login');
+import indexRoute = require('./index');
 
 // API routes
-import treeApiRoute = require("./api/tree");
-import notesApiRoute = require("./api/notes");
-import branchesApiRoute = require("./api/branches");
-import attachmentsApiRoute = require("./api/attachments");
-import autocompleteApiRoute = require("./api/autocomplete");
-import cloningApiRoute = require("./api/cloning");
-import revisionsApiRoute = require("./api/revisions");
-import recentChangesApiRoute = require("./api/recent_changes");
-import optionsApiRoute = require("./api/options");
-import passwordApiRoute = require("./api/password");
-import syncApiRoute = require("./api/sync");
-import loginApiRoute = require("./api/login");
-import recentNotesRoute = require("./api/recent_notes");
-import appInfoRoute = require("./api/app_info");
-import exportRoute = require("./api/export");
-import importRoute = require("./api/import");
-import setupApiRoute = require("./api/setup");
-import sqlRoute = require("./api/sql");
-import databaseRoute = require("./api/database");
-import imageRoute = require("./api/image");
-import attributesRoute = require("./api/attributes");
-import scriptRoute = require("./api/script");
-import senderRoute = require("./api/sender");
-import filesRoute = require("./api/files");
-import searchRoute = require("./api/search");
-import bulkActionRoute = require("./api/bulk_action");
-import specialNotesRoute = require("./api/special_notes");
-import noteMapRoute = require("./api/note_map");
-import clipperRoute = require("./api/clipper");
-import similarNotesRoute = require("./api/similar_notes");
-import keysRoute = require("./api/keys");
-import backendLogRoute = require("./api/backend_log");
-import statsRoute = require("./api/stats");
-import fontsRoute = require("./api/fonts");
-import etapiTokensApiRoutes = require("./api/etapi_tokens");
-import relationMapApiRoute = require("./api/relation-map");
-import otherRoute = require("./api/other");
-import shareRoutes = require("../share/routes");
-
-import etapiAuthRoutes = require("../etapi/auth");
-import etapiAppInfoRoutes = require("../etapi/app_info");
-import etapiAttachmentRoutes = require("../etapi/attachments");
-import etapiAttributeRoutes = require("../etapi/attributes");
-import etapiBranchRoutes = require("../etapi/branches");
-import etapiNoteRoutes = require("../etapi/notes");
-import etapiSpecialNoteRoutes = require("../etapi/special_notes");
-import etapiSpecRoute = require("../etapi/spec");
-import etapiBackupRoute = require("../etapi/backup");
-import { AppRequest, AppRequestHandler } from "./route-interface";
+import treeApiRoute = require('./api/tree');
+import notesApiRoute = require('./api/notes');
+import branchesApiRoute = require('./api/branches');
+import attachmentsApiRoute = require('./api/attachments');
+import autocompleteApiRoute = require('./api/autocomplete');
+import cloningApiRoute = require('./api/cloning');
+import revisionsApiRoute = require('./api/revisions');
+import recentChangesApiRoute = require('./api/recent_changes');
+import optionsApiRoute = require('./api/options');
+import passwordApiRoute = require('./api/password');
+import syncApiRoute = require('./api/sync');
+import loginApiRoute = require('./api/login');
+import recentNotesRoute = require('./api/recent_notes');
+import appInfoRoute = require('./api/app_info');
+import exportRoute = require('./api/export');
+import importRoute = require('./api/import');
+import setupApiRoute = require('./api/setup');
+import sqlRoute = require('./api/sql');
+import databaseRoute = require('./api/database');
+import imageRoute = require('./api/image');
+import attributesRoute = require('./api/attributes');
+import scriptRoute = require('./api/script');
+import senderRoute = require('./api/sender');
+import filesRoute = require('./api/files');
+import searchRoute = require('./api/search');
+import bulkActionRoute = require('./api/bulk_action');
+import specialNotesRoute = require('./api/special_notes');
+import noteMapRoute = require('./api/note_map');
+import clipperRoute = require('./api/clipper');
+import similarNotesRoute = require('./api/similar_notes');
+import keysRoute = require('./api/keys');
+import backendLogRoute = require('./api/backend_log');
+import statsRoute = require('./api/stats');
+import fontsRoute = require('./api/fonts');
+import etapiTokensApiRoutes = require('./api/etapi_tokens');
+import relationMapApiRoute = require('./api/relation-map');
+import otherRoute = require('./api/other');
+import shareRoutes = require('../share/routes');
+
+import etapiAuthRoutes = require('../etapi/auth');
+import etapiAppInfoRoutes = require('../etapi/app_info');
+import etapiAttachmentRoutes = require('../etapi/attachments');
+import etapiAttributeRoutes = require('../etapi/attributes');
+import etapiBranchRoutes = require('../etapi/branches');
+import etapiNoteRoutes = require('../etapi/notes');
+import etapiSpecialNoteRoutes = require('../etapi/special_notes');
+import etapiSpecRoute = require('../etapi/spec');
+import etapiBackupRoute = require('../etapi/backup');
+import { AppRequest, AppRequestHandler } from './route-interface';
 
 const csrfMiddleware = csurf({
   cookie: {
-    path: "", // empty, so cookie is valid only for the current path
+    path: '', // empty, so cookie is valid only for the current path
   },
 });
 
 const MAX_ALLOWED_FILE_SIZE_MB = 250;
-const GET = "get",
-  PST = "post",
-  PUT = "put",
-  PATCH = "patch",
-  DEL = "delete";
+const GET = 'get',
+  PST = 'post',
+  PUT = 'put',
+  PATCH = 'patch',
+  DEL = 'delete';
 
 type ApiResultHandler = (
   req: express.Request,
@@ -96,14 +96,14 @@ type ApiResultHandler = (
 
 // TODO: Deduplicate with etapi_utils.ts afterwards.
 type HttpMethod =
-  | "all"
-  | "get"
-  | "post"
-  | "put"
-  | "delete"
-  | "patch"
-  | "options"
-  | "head";
+  | 'all'
+  | 'get'
+  | 'post'
+  | 'put'
+  | 'delete'
+  | 'patch'
+  | 'options'
+  | 'head';
 
 const uploadMiddleware = createUploadMiddleware();
 
@@ -113,9 +113,9 @@ const uploadMiddlewareWithErrorHandling = function (
   next: express.NextFunction
 ) {
   uploadMiddleware(req, res, function (err) {
-    if (err?.code === "LIMIT_FILE_SIZE") {
+    if (err?.code === 'LIMIT_FILE_SIZE') {
       res
-        .setHeader("Content-Type", "text/plain")
+        .setHeader('Content-Type', 'text/plain')
         .status(400)
         .send(
           `Cannot upload file because it excceeded max allowed file size of ${MAX_ALLOWED_FILE_SIZE_MB} MiB`
@@ -127,16 +127,16 @@ const uploadMiddlewareWithErrorHandling = function (
 };
 
 function register(app: express.Application) {
-  route(GET, "/", [auth.checkAuth, csrfMiddleware], indexRoute.index);
+  route(GET, '/', [auth.checkAuth, csrfMiddleware], indexRoute.index);
   route(
     GET,
-    "/login",
+    '/login',
     [auth.checkAppInitialized, auth.checkPasswordSet],
     loginRoute.loginPage
   );
   route(
     GET,
-    "/set-password",
+    '/set-password',
     [auth.checkAppInitialized, auth.checkPasswordNotSet],
     loginRoute.setPasswordPage
   );
@@ -147,90 +147,90 @@ function register(app: express.Application) {
     skipSuccessfulRequests: true, // successful auth to rate-limited ETAPI routes isn't counted. However, successful auth to /login is still counted!
   });
 
-  route(PST, "/login", [loginRateLimiter], loginRoute.login);
-  route(PST, "/logout", [csrfMiddleware, auth.checkAuth], loginRoute.logout);
+  route(PST, '/login', [loginRateLimiter], loginRoute.login);
+  route(PST, '/logout', [csrfMiddleware, auth.checkAuth], loginRoute.logout);
   route(
     PST,
-    "/set-password",
+    '/set-password',
     [auth.checkAppInitialized, auth.checkPasswordNotSet],
     loginRoute.setPassword
   );
-  route(GET, "/setup", [], setupRoute.setupPage);
+  route(GET, '/setup', [], setupRoute.setupPage);
 
-  apiRoute(GET, "/api/totp/generate", totp.generateSecret);
-  apiRoute(GET, "/api/totp/status", totp.getTOTPStatus);
-  apiRoute(PST, "/api/totp/enable", totp.enableTOTP);
-  apiRoute(PST, "/api/totp/disable", totp.disableTOTP);
-  apiRoute(GET, "/api/totp/get", totp.getSecret);
+  apiRoute(GET, '/api/totp/generate', totp.generateSecret);
+  apiRoute(GET, '/api/totp/status', totp.getTOTPStatus);
+  apiRoute(PST, '/api/totp/enable', totp.enableTOTP);
+  apiRoute(PST, '/api/totp/disable', totp.disableTOTP);
+  apiRoute(GET, '/api/totp/get', totp.getSecret);
 
-  apiRoute(GET, "/api/oauth/status", openID.getOAuthStatus);
-  apiRoute(GET, "/api/oauth/validate", openID.isTokenValid);
+  apiRoute(GET, '/api/oauth/status', openID.getOAuthStatus);
+  apiRoute(GET, '/api/oauth/validate', openID.isTokenValid);
 
-  apiRoute(PST, "/api/totp_recovery/set", recoveryCodes.setRecoveryCodes);
-  apiRoute(PST, "/api/totp_recovery/verify", recoveryCodes.veryifyRecoveryCode);
+  apiRoute(PST, '/api/totp_recovery/set', recoveryCodes.setRecoveryCodes);
+  apiRoute(PST, '/api/totp_recovery/verify', recoveryCodes.veryifyRecoveryCode);
   apiRoute(
     GET,
-    "/api/totp_recovery/generate",
+    '/api/totp_recovery/generate',
     recoveryCodes.generateRecoveryCodes
   );
   apiRoute(
     GET,
-    "/api/totp_recovery/enabled",
+    '/api/totp_recovery/enabled',
     recoveryCodes.checkForRecoveryKeys
   );
-  apiRoute(GET, "/api/totp_recovery/used", recoveryCodes.getUsedRecoveryCodes);
+  apiRoute(GET, '/api/totp_recovery/used', recoveryCodes.getUsedRecoveryCodes);
 
-  apiRoute(GET, "/api/tree", treeApiRoute.getTree);
-  apiRoute(PST, "/api/tree/load", treeApiRoute.load);
+  apiRoute(GET, '/api/tree', treeApiRoute.getTree);
+  apiRoute(PST, '/api/tree/load', treeApiRoute.load);
 
-  apiRoute(GET, "/api/notes/:noteId", notesApiRoute.getNote);
-  apiRoute(GET, "/api/notes/:noteId/blob", notesApiRoute.getNoteBlob);
-  apiRoute(GET, "/api/notes/:noteId/metadata", notesApiRoute.getNoteMetadata);
-  apiRoute(PUT, "/api/notes/:noteId/data", notesApiRoute.updateNoteData);
-  apiRoute(DEL, "/api/notes/:noteId", notesApiRoute.deleteNote);
-  apiRoute(PUT, "/api/notes/:noteId/undelete", notesApiRoute.undeleteNote);
-  apiRoute(PST, "/api/notes/:noteId/revision", notesApiRoute.forceSaveRevision);
-  apiRoute(PST, "/api/notes/:parentNoteId/children", notesApiRoute.createNote);
+  apiRoute(GET, '/api/notes/:noteId', notesApiRoute.getNote);
+  apiRoute(GET, '/api/notes/:noteId/blob', notesApiRoute.getNoteBlob);
+  apiRoute(GET, '/api/notes/:noteId/metadata', notesApiRoute.getNoteMetadata);
+  apiRoute(PUT, '/api/notes/:noteId/data', notesApiRoute.updateNoteData);
+  apiRoute(DEL, '/api/notes/:noteId', notesApiRoute.deleteNote);
+  apiRoute(PUT, '/api/notes/:noteId/undelete', notesApiRoute.undeleteNote);
+  apiRoute(PST, '/api/notes/:noteId/revision', notesApiRoute.forceSaveRevision);
+  apiRoute(PST, '/api/notes/:parentNoteId/children', notesApiRoute.createNote);
   apiRoute(
     PUT,
-    "/api/notes/:noteId/sort-children",
+    '/api/notes/:noteId/sort-children',
     notesApiRoute.sortChildNotes
   );
   apiRoute(
     PUT,
-    "/api/notes/:noteId/protect/:isProtected",
+    '/api/notes/:noteId/protect/:isProtected',
     notesApiRoute.protectNote
   );
-  apiRoute(PUT, "/api/notes/:noteId/type", notesApiRoute.setNoteTypeMime);
-  apiRoute(PUT, "/api/notes/:noteId/title", notesApiRoute.changeTitle);
+  apiRoute(PUT, '/api/notes/:noteId/type', notesApiRoute.setNoteTypeMime);
+  apiRoute(PUT, '/api/notes/:noteId/title', notesApiRoute.changeTitle);
   apiRoute(
     PST,
-    "/api/notes/:noteId/duplicate/:parentNoteId",
+    '/api/notes/:noteId/duplicate/:parentNoteId',
     notesApiRoute.duplicateSubtree
   );
   apiRoute(
     PUT,
-    "/api/notes/:noteId/clone-to-branch/:parentBranchId",
+    '/api/notes/:noteId/clone-to-branch/:parentBranchId',
     cloningApiRoute.cloneNoteToBranch
   );
   apiRoute(
     PUT,
-    "/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present",
+    '/api/notes/:noteId/toggle-in-parent/:parentNoteId/:present',
     cloningApiRoute.toggleNoteInParent
   );
   apiRoute(
     PUT,
-    "/api/notes/:noteId/clone-to-note/:parentNoteId",
+    '/api/notes/:noteId/clone-to-note/:parentNoteId',
     cloningApiRoute.cloneNoteToParentNote
   );
   apiRoute(
     PUT,
-    "/api/notes/:noteId/clone-after/:afterBranchId",
+    '/api/notes/:noteId/clone-after/:afterBranchId',
     cloningApiRoute.cloneNoteAfter
   );
   route(
     PUT,
-    "/api/notes/:noteId/file",
+    '/api/notes/:noteId/file',
     [
       auth.checkApiAuthOrElectron,
       uploadMiddlewareWithErrorHandling,
@@ -241,13 +241,13 @@ function register(app: express.Application) {
   );
   route(
     GET,
-    "/api/notes/:noteId/open",
+    '/api/notes/:noteId/open',
     [auth.checkApiAuthOrElectron],
     filesRoute.openFile
   );
   route(
     GET,
-    "/api/notes/:noteId/open-partial",
+    '/api/notes/:noteId/open-partial',
     [auth.checkApiAuthOrElectron],
     createPartialContentHandler(filesRoute.fileContentProvider, {
       debug: (string, extra) => {
@@ -257,78 +257,78 @@ function register(app: express.Application) {
   );
   route(
     GET,
-    "/api/notes/:noteId/download",
+    '/api/notes/:noteId/download',
     [auth.checkApiAuthOrElectron],
     filesRoute.downloadFile
   );
-  // this "hacky" path is used for easier referencing of CSS resources
+  // this 'hacky' path is used for easier referencing of CSS resources
   route(
     GET,
-    "/api/notes/download/:noteId",
+    '/api/notes/download/:noteId',
     [auth.checkApiAuthOrElectron],
     filesRoute.downloadFile
   );
   apiRoute(
     PST,
-    "/api/notes/:noteId/save-to-tmp-dir",
+    '/api/notes/:noteId/save-to-tmp-dir',
     filesRoute.saveNoteToTmpDir
   );
   apiRoute(
     PST,
-    "/api/notes/:noteId/upload-modified-file",
+    '/api/notes/:noteId/upload-modified-file',
     filesRoute.uploadModifiedFileToNote
   );
   apiRoute(
     PST,
-    "/api/notes/:noteId/convert-to-attachment",
+    '/api/notes/:noteId/convert-to-attachment',
     notesApiRoute.convertNoteToAttachment
   );
 
   apiRoute(
     PUT,
-    "/api/branches/:branchId/move-to/:parentBranchId",
+    '/api/branches/:branchId/move-to/:parentBranchId',
     branchesApiRoute.moveBranchToParent
   );
   apiRoute(
     PUT,
-    "/api/branches/:branchId/move-before/:beforeBranchId",
+    '/api/branches/:branchId/move-before/:beforeBranchId',
     branchesApiRoute.moveBranchBeforeNote
   );
   apiRoute(
     PUT,
-    "/api/branches/:branchId/move-after/:afterBranchId",
+    '/api/branches/:branchId/move-after/:afterBranchId',
     branchesApiRoute.moveBranchAfterNote
   );
   apiRoute(
     PUT,
-    "/api/branches/:branchId/expanded/:expanded",
+    '/api/branches/:branchId/expanded/:expanded',
     branchesApiRoute.setExpanded
   );
   apiRoute(
     PUT,
-    "/api/branches/:branchId/expanded-subtree/:expanded",
+    '/api/branches/:branchId/expanded-subtree/:expanded',
     branchesApiRoute.setExpandedForSubtree
   );
-  apiRoute(DEL, "/api/branches/:branchId", branchesApiRoute.deleteBranch);
+  apiRoute(DEL, '/api/branches/:branchId', branchesApiRoute.deleteBranch);
   apiRoute(
     PUT,
-    "/api/branches/:branchId/set-prefix",
+    '/api/branches/:branchId/set-prefix',
     branchesApiRoute.setPrefix
   );
 
   apiRoute(
     GET,
-    "/api/notes/:noteId/attachments",
+    '/api/notes/:noteId/attachments',
     attachmentsApiRoute.getAttachments
   );
   apiRoute(
     PST,
-    "/api/notes/:noteId/attachments",
+    '/api/notes/:noteId/attachments',
     attachmentsApiRoute.saveAttachment
   );
   route(
     PST,
-    "/api/notes/:noteId/attachments/upload",
+    '/api/notes/:noteId/attachments/upload',
     [
       auth.checkApiAuthOrElectron,
       uploadMiddlewareWithErrorHandling,
@@ -339,49 +339,49 @@ function register(app: express.Application) {
   );
   apiRoute(
     GET,
-    "/api/attachments/:attachmentId",
+    '/api/attachments/:attachmentId',
     attachmentsApiRoute.getAttachment
   );
   apiRoute(
     GET,
-    "/api/attachments/:attachmentId/all",
+    '/api/attachments/:attachmentId/all',
     attachmentsApiRoute.getAllAttachments
   );
   apiRoute(
     PST,
-    "/api/attachments/:attachmentId/convert-to-note",
+    '/api/attachments/:attachmentId/convert-to-note',
     attachmentsApiRoute.convertAttachmentToNote
   );
   apiRoute(
     DEL,
-    "/api/attachments/:attachmentId",
+    '/api/attachments/:attachmentId',
     attachmentsApiRoute.deleteAttachment
   );
   apiRoute(
     PUT,
-    "/api/attachments/:attachmentId/rename",
+    '/api/attachments/:attachmentId/rename',
     attachmentsApiRoute.renameAttachment
   );
   apiRoute(
     GET,
-    "/api/attachments/:attachmentId/blob",
+    '/api/attachments/:attachmentId/blob',
     attachmentsApiRoute.getAttachmentBlob
   );
   route(
     GET,
-    "/api/attachments/:attachmentId/image/:filename",
+    '/api/attachments/:attachmentId/image/:filename',
     [auth.checkApiAuthOrElectron],
     imageRoute.returnAttachedImage
   );
   route(
     GET,
-    "/api/attachments/:attachmentId/open",
+    '/api/attachments/:attachmentId/open',
     [auth.checkApiAuthOrElectron],
     filesRoute.openAttachment
   );
   route(
     GET,
-    "/api/attachments/:attachmentId/open-partial",
+    '/api/attachments/:attachmentId/open-partial',
     [auth.checkApiAuthOrElectron],
     createPartialContentHandler(filesRoute.attachmentContentProvider, {
       debug: (string, extra) => {
@@ -391,30 +391,30 @@ function register(app: express.Application) {
   );
   route(
     GET,
-    "/api/attachments/:attachmentId/download",
+    '/api/attachments/:attachmentId/download',
     [auth.checkApiAuthOrElectron],
     filesRoute.downloadAttachment
   );
-  // this "hacky" path is used for easier referencing of CSS resources
+  // this 'hacky' path is used for easier referencing of CSS resources
   route(
     GET,
-    "/api/attachments/download/:attachmentId",
+    '/api/attachments/download/:attachmentId',
     [auth.checkApiAuthOrElectron],
     filesRoute.downloadAttachment
   );
   apiRoute(
     PST,
-    "/api/attachments/:attachmentId/save-to-tmp-dir",
+    '/api/attachments/:attachmentId/save-to-tmp-dir',
     filesRoute.saveAttachmentToTmpDir
   );
   apiRoute(
     PST,
-    "/api/attachments/:attachmentId/upload-modified-file",
+    '/api/attachments/:attachmentId/upload-modified-file',
     filesRoute.uploadModifiedFileToAttachment
   );
   route(
     PUT,
-    "/api/attachments/:attachmentId/file",
+    '/api/attachments/:attachmentId/file',
     [
       auth.checkApiAuthOrElectron,
       uploadMiddlewareWithErrorHandling,
@@ -424,47 +424,47 @@ function register(app: express.Application) {
     apiResultHandler
   );
 
-  apiRoute(GET, "/api/notes/:noteId/revisions", revisionsApiRoute.getRevisions);
+  apiRoute(GET, '/api/notes/:noteId/revisions', revisionsApiRoute.getRevisions);
   apiRoute(
     DEL,
-    "/api/notes/:noteId/revisions",
+    '/api/notes/:noteId/revisions',
     revisionsApiRoute.eraseAllRevisions
   );
-  apiRoute(GET, "/api/revisions/:revisionId", revisionsApiRoute.getRevision);
+  apiRoute(GET, '/api/revisions/:revisionId', revisionsApiRoute.getRevision);
   apiRoute(
     GET,
-    "/api/revisions/:revisionId/blob",
+    '/api/revisions/:revisionId/blob',
     revisionsApiRoute.getRevisionBlob
   );
-  apiRoute(DEL, "/api/revisions/:revisionId", revisionsApiRoute.eraseRevision);
+  apiRoute(DEL, '/api/revisions/:revisionId', revisionsApiRoute.eraseRevision);
   apiRoute(
     PST,
-    "/api/revisions/:revisionId/restore",
+    '/api/revisions/:revisionId/restore',
     revisionsApiRoute.restoreRevision
   );
   route(
     GET,
-    "/api/revisions/:revisionId/image/:filename",
+    '/api/revisions/:revisionId/image/:filename',
     [auth.checkApiAuthOrElectron],
     imageRoute.returnImageFromRevision
   );
 
   route(
     GET,
-    "/api/revisions/:revisionId/download",
+    '/api/revisions/:revisionId/download',
     [auth.checkApiAuthOrElectron],
     revisionsApiRoute.downloadRevision
   );
 
   route(
     GET,
-    "/api/branches/:branchId/export/:type/:format/:version/:taskId",
+    '/api/branches/:branchId/export/:type/:format/:version/:taskId',
     [auth.checkApiAuthOrElectron],
     exportRoute.exportBranch
   );
   route(
     PST,
-    "/api/notes/:parentNoteId/notes-import",
+    '/api/notes/:parentNoteId/notes-import',
     [
       auth.checkApiAuthOrElectron,
       uploadMiddlewareWithErrorHandling,
@@ -475,7 +475,7 @@ function register(app: express.Application) {
   );
   route(
     PST,
-    "/api/notes/:parentNoteId/attachments-import",
+    '/api/notes/:parentNoteId/attachments-import',
     [
       auth.checkApiAuthOrElectron,
       uploadMiddlewareWithErrorHandling,
@@ -487,61 +487,61 @@ function register(app: express.Application) {
 
   apiRoute(
     GET,
-    "/api/notes/:noteId/attributes",
+    '/api/notes/:noteId/attributes',
     attributesRoute.getEffectiveNoteAttributes
   );
   apiRoute(
     PST,
-    "/api/notes/:noteId/attributes",
+    '/api/notes/:noteId/attributes',
     attributesRoute.addNoteAttribute
   );
   apiRoute(
     PUT,
-    "/api/notes/:noteId/attributes",
+    '/api/notes/:noteId/attributes',
     attributesRoute.updateNoteAttributes
   );
   apiRoute(
     PUT,
-    "/api/notes/:noteId/attribute",
+    '/api/notes/:noteId/attribute',
     attributesRoute.updateNoteAttribute
   );
   apiRoute(
     PUT,
-    "/api/notes/:noteId/set-attribute",
+    '/api/notes/:noteId/set-attribute',
     attributesRoute.setNoteAttribute
   );
   apiRoute(
     PUT,
-    "/api/notes/:noteId/relations/:name/to/:targetNoteId",
+    '/api/notes/:noteId/relations/:name/to/:targetNoteId',
     attributesRoute.createRelation
   );
   apiRoute(
     DEL,
-    "/api/notes/:noteId/relations/:name/to/:targetNoteId",
+    '/api/notes/:noteId/relations/:name/to/:targetNoteId',
     attributesRoute.deleteRelation
   );
   apiRoute(
     DEL,
-    "/api/notes/:noteId/attributes/:attributeId",
+    '/api/notes/:noteId/attributes/:attributeId',
     attributesRoute.deleteNoteAttribute
   );
-  apiRoute(GET, "/api/attribute-names", attributesRoute.getAttributeNames);
+  apiRoute(GET, '/api/attribute-names', attributesRoute.getAttributeNames);
   apiRoute(
     GET,
-    "/api/attribute-values/:attributeName",
+    '/api/attribute-values/:attributeName',
     attributesRoute.getValuesForAttribute
   );
 
-  // :filename is not used by trilium, but instead used for "save as" to assign a human-readable filename
+  // :filename is not used by trilium, but instead used for 'save as' to assign a human-readable filename
   route(
     GET,
-    "/api/images/:noteId/:filename",
+    '/api/images/:noteId/:filename',
     [auth.checkApiAuthOrElectron],
     imageRoute.returnImageFromNote
   );
   route(
     PUT,
-    "/api/images/:noteId",
+    '/api/images/:noteId',
     [
       auth.checkApiAuthOrElectron,
       uploadMiddlewareWithErrorHandling,
@@ -551,90 +551,90 @@ function register(app: express.Application) {
     apiResultHandler
   );
 
-  apiRoute(GET, "/api/options", optionsApiRoute.getOptions);
+  apiRoute(GET, '/api/options', optionsApiRoute.getOptions);
   // FIXME: possibly change to sending value in the body to avoid host of HTTP server issues with slashes
-  apiRoute(PUT, "/api/options/:name/:value*", optionsApiRoute.updateOption);
-  apiRoute(PUT, "/api/options", optionsApiRoute.updateOptions);
-  apiRoute(GET, "/api/options/user-themes", optionsApiRoute.getUserThemes);
+  apiRoute(PUT, '/api/options/:name/:value*', optionsApiRoute.updateOption);
+  apiRoute(PUT, '/api/options', optionsApiRoute.updateOptions);
+  apiRoute(GET, '/api/options/user-themes', optionsApiRoute.getUserThemes);
 
-  apiRoute(PST, "/api/password/change", passwordApiRoute.changePassword);
-  apiRoute(PST, "/api/password/reset", passwordApiRoute.resetPassword);
+  apiRoute(PST, '/api/password/change', passwordApiRoute.changePassword);
+  apiRoute(PST, '/api/password/reset', passwordApiRoute.resetPassword);
 
-  apiRoute(PST, "/api/sync/test", syncApiRoute.testSync);
-  apiRoute(PST, "/api/sync/now", syncApiRoute.syncNow);
+  apiRoute(PST, '/api/sync/test', syncApiRoute.testSync);
+  apiRoute(PST, '/api/sync/now', syncApiRoute.syncNow);
   apiRoute(
     PST,
-    "/api/sync/fill-entity-changes",
+    '/api/sync/fill-entity-changes',
     syncApiRoute.fillEntityChanges
   );
-  apiRoute(PST, "/api/sync/force-full-sync", syncApiRoute.forceFullSync);
+  apiRoute(PST, '/api/sync/force-full-sync', syncApiRoute.forceFullSync);
   route(
     GET,
-    "/api/sync/check",
+    '/api/sync/check',
     [auth.checkApiAuth],
     syncApiRoute.checkSync,
     apiResultHandler
   );
   route(
     GET,
-    "/api/sync/changed",
+    '/api/sync/changed',
     [auth.checkApiAuth],
     syncApiRoute.getChanged,
     apiResultHandler
   );
   route(
     PUT,
-    "/api/sync/update",
+    '/api/sync/update',
     [auth.checkApiAuth],
     syncApiRoute.update,
     apiResultHandler
   );
   route(
     PST,
-    "/api/sync/finished",
+    '/api/sync/finished',
     [auth.checkApiAuth],
     syncApiRoute.syncFinished,
     apiResultHandler
   );
   route(
     PST,
-    "/api/sync/check-entity-changes",
+    '/api/sync/check-entity-changes',
     [auth.checkApiAuth],
     syncApiRoute.checkEntityChanges,
     apiResultHandler
   );
   route(
     PST,
-    "/api/sync/queue-sector/:entityName/:sector",
+    '/api/sync/queue-sector/:entityName/:sector',
     [auth.checkApiAuth],
     syncApiRoute.queueSector,
     apiResultHandler
   );
-  route(GET, "/api/sync/stats", [], syncApiRoute.getStats, apiResultHandler);
+  route(GET, '/api/sync/stats', [], syncApiRoute.getStats, apiResultHandler);
 
-  apiRoute(PST, "/api/recent-notes", recentNotesRoute.addRecentNote);
-  apiRoute(GET, "/api/app-info", appInfoRoute.getAppInfo);
+  apiRoute(PST, '/api/recent-notes', recentNotesRoute.addRecentNote);
+  apiRoute(GET, '/api/app-info', appInfoRoute.getAppInfo);
 
   // docker health check
   route(
     GET,
-    "/api/health-check",
+    '/api/health-check',
     [],
-    () => ({ status: "ok" }),
+    () => ({ status: 'ok' }),
     apiResultHandler
   );
 
   // group of the services below are meant to be executed from the outside
   route(
     GET,
-    "/api/setup/status",
+    '/api/setup/status',
     [],
     setupApiRoute.getStatus,
     apiResultHandler
   );
   route(
     PST,
-    "/api/setup/new-document",
+    '/api/setup/new-document',
     [auth.checkAppNotInitialized],
     setupApiRoute.setupNewDocument,
     apiResultHandler,
@@ -642,7 +642,7 @@ function register(app: express.Application) {
   );
   route(
     PST,
-    "/api/setup/sync-from-server",
+    '/api/setup/sync-from-server',
     [auth.checkAppNotInitialized],
     setupApiRoute.setupSyncFromServer,
     apiResultHandler,
@@ -650,71 +650,71 @@ function register(app: express.Application) {
   );
   route(
     GET,
-    "/api/setup/sync-seed",
+    '/api/setup/sync-seed',
     [auth.checkCredentials],
     setupApiRoute.getSyncSeed,
     apiResultHandler
   );
   route(
     PST,
-    "/api/setup/sync-seed",
+    '/api/setup/sync-seed',
     [auth.checkAppNotInitialized],
     setupApiRoute.saveSyncSeed,
     apiResultHandler,
     false
   );
 
-  apiRoute(GET, "/api/autocomplete", autocompleteApiRoute.getAutocomplete);
-  apiRoute(GET, "/api/quick-search/:searchString", searchRoute.quickSearch);
-  apiRoute(GET, "/api/search-note/:noteId", searchRoute.searchFromNote);
+  apiRoute(GET, '/api/autocomplete', autocompleteApiRoute.getAutocomplete);
+  apiRoute(GET, '/api/quick-search/:searchString', searchRoute.quickSearch);
+  apiRoute(GET, '/api/search-note/:noteId', searchRoute.searchFromNote);
   apiRoute(
     PST,
-    "/api/search-and-execute-note/:noteId",
+    '/api/search-and-execute-note/:noteId',
     searchRoute.searchAndExecute
   );
-  apiRoute(PST, "/api/search-related", searchRoute.getRelatedNotes);
-  apiRoute(GET, "/api/search/:searchString", searchRoute.search);
-  apiRoute(GET, "/api/search-templates", searchRoute.searchTemplates);
+  apiRoute(PST, '/api/search-related', searchRoute.getRelatedNotes);
+  apiRoute(GET, '/api/search/:searchString', searchRoute.search);
+  apiRoute(GET, '/api/search-templates', searchRoute.searchTemplates);
 
-  apiRoute(PST, "/api/bulk-action/execute", bulkActionRoute.execute);
+  apiRoute(PST, '/api/bulk-action/execute', bulkActionRoute.execute);
   apiRoute(
     PST,
-    "/api/bulk-action/affected-notes",
+    '/api/bulk-action/affected-notes',
     bulkActionRoute.getAffectedNoteCount
   );
 
-  route(PST, "/api/login/sync", [], loginApiRoute.loginSync, apiResultHandler);
+  route(PST, '/api/login/sync', [], loginApiRoute.loginSync, apiResultHandler);
   // this is for entering protected mode so user has to be already logged-in (that's the reason we don't require username)
-  apiRoute(PST, "/api/login/protected", loginApiRoute.loginToProtectedSession);
+  apiRoute(PST, '/api/login/protected', loginApiRoute.loginToProtectedSession);
   apiRoute(
     PST,
-    "/api/login/protected/touch",
+    '/api/login/protected/touch',
     loginApiRoute.touchProtectedSession
   );
   apiRoute(
     PST,
-    "/api/logout/protected",
+    '/api/logout/protected',
     loginApiRoute.logoutFromProtectedSession
   );
 
   route(
     PST,
-    "/api/login/token",
+    '/api/login/token',
     [loginRateLimiter],
     loginApiRoute.token,
     apiResultHandler
   );
 
-  apiRoute(GET, "/api/etapi-tokens", etapiTokensApiRoutes.getTokens);
-  apiRoute(PST, "/api/etapi-tokens", etapiTokensApiRoutes.createToken);
+  apiRoute(GET, '/api/etapi-tokens', etapiTokensApiRoutes.getTokens);
+  apiRoute(PST, '/api/etapi-tokens', etapiTokensApiRoutes.createToken);
   apiRoute(
     PATCH,
-    "/api/etapi-tokens/:etapiTokenId",
+    '/api/etapi-tokens/:etapiTokenId',
     etapiTokensApiRoutes.patchToken
   );
   apiRoute(
     DEL,
-    "/api/etapi-tokens/:etapiTokenId",
+    '/api/etapi-tokens/:etapiTokenId',
     etapiTokensApiRoutes.deleteToken
   );
 
@@ -723,35 +723,35 @@ function register(app: express.Application) {
 
   route(
     GET,
-    "/api/clipper/handshake",
+    '/api/clipper/handshake',
     clipperMiddleware,
     clipperRoute.handshake,
     apiResultHandler
   );
   route(
     PST,
-    "/api/clipper/clippings",
+    '/api/clipper/clippings',
     clipperMiddleware,
     clipperRoute.addClipping,
     apiResultHandler
   );
   route(
     PST,
-    "/api/clipper/notes",
+    '/api/clipper/notes',
     clipperMiddleware,
     clipperRoute.createNote,
     apiResultHandler
   );
   route(
     PST,
-    "/api/clipper/open/:noteId",
+    '/api/clipper/open/:noteId',
     clipperMiddleware,
     clipperRoute.openNote,
     apiResultHandler
   );
   route(
     GET,
-    "/api/clipper/notes-by-url/:noteUrl",
+    '/api/clipper/notes-by-url/:noteUrl',
     clipperMiddleware,
     clipperRoute.findNotesByUrl,
     apiResultHandler
@@ -759,71 +759,71 @@ function register(app: express.Application) {
 
   apiRoute(
     GET,
-    "/api/special-notes/inbox/:date",
+    '/api/special-notes/inbox/:date',
     specialNotesRoute.getInboxNote
   );
-  apiRoute(GET, "/api/special-notes/days/:date", specialNotesRoute.getDayNote);
+  apiRoute(GET, '/api/special-notes/days/:date', specialNotesRoute.getDayNote);
   apiRoute(
     GET,
-    "/api/special-notes/weeks/:date",
+    '/api/special-notes/weeks/:date',
     specialNotesRoute.getWeekNote
   );
   apiRoute(
     GET,
-    "/api/special-notes/months/:month",
+    '/api/special-notes/months/:month',
     specialNotesRoute.getMonthNote
   );
   apiRoute(
     GET,
-    "/api/special-notes/years/:year",
+    '/api/special-notes/years/:year',
     specialNotesRoute.getYearNote
   );
   apiRoute(
     GET,
-    "/api/special-notes/notes-for-month/:month",
+    '/api/special-notes/notes-for-month/:month',
     specialNotesRoute.getDayNotesForMonth
   );
   apiRoute(
     PST,
-    "/api/special-notes/sql-console",
+    '/api/special-notes/sql-console',
     specialNotesRoute.createSqlConsole
   );
   apiRoute(
     PST,
-    "/api/special-notes/save-sql-console",
+    '/api/special-notes/save-sql-console',
     specialNotesRoute.saveSqlConsole
   );
   apiRoute(
     PST,
-    "/api/special-notes/search-note",
+    '/api/special-notes/search-note',
     specialNotesRoute.createSearchNote
   );
   apiRoute(
     PST,
-    "/api/special-notes/save-search-note",
+    '/api/special-notes/save-search-note',
     specialNotesRoute.saveSearchNote
   );
   apiRoute(
     PST,
-    "/api/special-notes/launchers/:noteId/reset",
+    '/api/special-notes/launchers/:noteId/reset',
     specialNotesRoute.resetLauncher
   );
   apiRoute(
     PST,
-    "/api/special-notes/launchers/:parentNoteId/:launcherType",
+    '/api/special-notes/launchers/:parentNoteId/:launcherType',
     specialNotesRoute.createLauncher
   );
   apiRoute(
     PUT,
-    "/api/special-notes/api-script-launcher",
+    '/api/special-notes/api-script-launcher',
     specialNotesRoute.createOrUpdateScriptLauncherFromApi
   );
 
-  apiRoute(GET, "/api/sql/schema", sqlRoute.getSchema);
-  apiRoute(PST, "/api/sql/execute/:noteId", sqlRoute.execute);
+  apiRoute(GET, '/api/sql/schema', sqlRoute.getSchema);
+  apiRoute(PST, '/api/sql/execute/:noteId', sqlRoute.execute);
   route(
     PST,
-    "/api/database/anonymize/:type",
+    '/api/database/anonymize/:type',
     [auth.checkApiAuthOrElectron, csrfMiddleware],
     databaseRoute.anonymize,
     apiResultHandler,
@@ -831,25 +831,25 @@ function register(app: express.Application) {
   );
   apiRoute(
     GET,
-    "/api/database/anonymized-databases",
+    '/api/database/anonymized-databases',
     databaseRoute.getExistingAnonymizedDatabases
   );
 
   // backup requires execution outside of transaction
   route(
     PST,
-    "/api/database/backup-database",
+    '/api/database/backup-database',
     [auth.checkApiAuthOrElectron, csrfMiddleware],
     databaseRoute.backupDatabase,
     apiResultHandler,
     false
   );
-  apiRoute(GET, "/api/database/backups", databaseRoute.getExistingBackups);
+  apiRoute(GET, '/api/database/backups', databaseRoute.getExistingBackups);
 
   // VACUUM requires execution outside of transaction
   route(
     PST,
-    "/api/database/vacuum-database",
+    '/api/database/vacuum-database',
     [auth.checkApiAuthOrElectron, csrfMiddleware],
     databaseRoute.vacuumDatabase,
     apiResultHandler,
@@ -858,115 +858,115 @@ function register(app: express.Application) {
 
   route(
     PST,
-    "/api/database/find-and-fix-consistency-issues",
+    '/api/database/find-and-fix-consistency-issues',
     [auth.checkApiAuthOrElectron, csrfMiddleware],
     databaseRoute.findAndFixConsistencyIssues,
     apiResultHandler,
     false
   );
 
-  apiRoute(GET, "/api/database/check-integrity", databaseRoute.checkIntegrity);
+  apiRoute(GET, '/api/database/check-integrity', databaseRoute.checkIntegrity);
 
   route(
     PST,
-    "/api/script/exec",
+    '/api/script/exec',
     [auth.checkApiAuth, csrfMiddleware],
     scriptRoute.exec,
     apiResultHandler,
     false
   );
 
-  apiRoute(PST, "/api/script/run/:noteId", scriptRoute.run);
-  apiRoute(GET, "/api/script/startup", scriptRoute.getStartupBundles);
-  apiRoute(GET, "/api/script/widgets", scriptRoute.getWidgetBundles);
-  apiRoute(PST, "/api/script/bundle/:noteId", scriptRoute.getBundle);
+  apiRoute(PST, '/api/script/run/:noteId', scriptRoute.run);
+  apiRoute(GET, '/api/script/startup', scriptRoute.getStartupBundles);
+  apiRoute(GET, '/api/script/widgets', scriptRoute.getWidgetBundles);
+  apiRoute(PST, '/api/script/bundle/:noteId', scriptRoute.getBundle);
   apiRoute(
     GET,
-    "/api/script/relation/:noteId/:relationName",
+    '/api/script/relation/:noteId/:relationName',
     scriptRoute.getRelationBundles
   );
 
   // no CSRF since this is called from android app
   route(
     PST,
-    "/api/sender/login",
+    '/api/sender/login',
     [loginRateLimiter],
     loginApiRoute.token,
     apiResultHandler
   );
   route(
     PST,
-    "/api/sender/image",
+    '/api/sender/image',
     [auth.checkEtapiToken, uploadMiddlewareWithErrorHandling],
     senderRoute.uploadImage,
     apiResultHandler
   );
   route(
     PST,
-    "/api/sender/note",
+    '/api/sender/note',
     [auth.checkEtapiToken],
     senderRoute.saveNote,
     apiResultHandler
   );
 
-  apiRoute(GET, "/api/keyboard-actions", keysRoute.getKeyboardActions);
+  apiRoute(GET, '/api/keyboard-actions', keysRoute.getKeyboardActions);
   apiRoute(
     GET,
-    "/api/keyboard-shortcuts-for-notes",
+    '/api/keyboard-shortcuts-for-notes',
     keysRoute.getShortcutsForNotes
   );
 
-  apiRoute(PST, "/api/relation-map", relationMapApiRoute.getRelationMap);
+  apiRoute(PST, '/api/relation-map', relationMapApiRoute.getRelationMap);
   apiRoute(
     PST,
-    "/api/notes/erase-deleted-notes-now",
+    '/api/notes/erase-deleted-notes-now',
     notesApiRoute.eraseDeletedNotesNow
   );
   apiRoute(
     PST,
-    "/api/notes/erase-unused-attachments-now",
+    '/api/notes/erase-unused-attachments-now',
     notesApiRoute.eraseUnusedAttachmentsNow
   );
   apiRoute(
     GET,
-    "/api/similar-notes/:noteId",
+    '/api/similar-notes/:noteId',
     similarNotesRoute.getSimilarNotes
   );
-  apiRoute(GET, "/api/backend-log", backendLogRoute.getBackendLog);
-  apiRoute(GET, "/api/stats/note-size/:noteId", statsRoute.getNoteSize);
-  apiRoute(GET, "/api/stats/subtree-size/:noteId", statsRoute.getSubtreeSize);
+  apiRoute(GET, '/api/backend-log', backendLogRoute.getBackendLog);
+  apiRoute(GET, '/api/stats/note-size/:noteId', statsRoute.getNoteSize);
+  apiRoute(GET, '/api/stats/subtree-size/:noteId', statsRoute.getSubtreeSize);
   apiRoute(
     PST,
-    "/api/delete-notes-preview",
+    '/api/delete-notes-preview',
     notesApiRoute.getDeleteNotesPreview
   );
   route(
     GET,
-    "/api/fonts",
+    '/api/fonts',
     [auth.checkApiAuthOrElectron],
     fontsRoute.getFontCss
   );
-  apiRoute(GET, "/api/other/icon-usage", otherRoute.getIconUsage);
-  apiRoute(PST, "/api/other/render-markdown", otherRoute.renderMarkdown);
+  apiRoute(GET, '/api/other/icon-usage', otherRoute.getIconUsage);
+  apiRoute(PST, '/api/other/render-markdown', otherRoute.renderMarkdown);
   apiRoute(
     GET,
-    "/api/recent-changes/:ancestorNoteId",
+    '/api/recent-changes/:ancestorNoteId',
     recentChangesApiRoute.getRecentChanges
   );
   apiRoute(
     GET,
-    "/api/edited-notes/:date",
+    '/api/edited-notes/:date',
     revisionsApiRoute.getEditedNotesOnDate
   );
 
-  apiRoute(PST, "/api/note-map/:noteId/tree", noteMapRoute.getTreeMap);
-  apiRoute(PST, "/api/note-map/:noteId/link", noteMapRoute.getLinkMap);
+  apiRoute(PST, '/api/note-map/:noteId/tree', noteMapRoute.getTreeMap);
+  apiRoute(PST, '/api/note-map/:noteId/link', noteMapRoute.getLinkMap);
   apiRoute(
     GET,
-    "/api/note-map/:noteId/backlink-count",
+    '/api/note-map/:noteId/backlink-count',
     noteMapRoute.getBacklinkCount
   );
-  apiRoute(GET, "/api/note-map/:noteId/backlinks", noteMapRoute.getBacklinks);
+  apiRoute(GET, '/api/note-map/:noteId/backlinks', noteMapRoute.getBacklinks);
 
   shareRoutes.register(router);
 
@@ -980,7 +980,7 @@ function register(app: express.Application) {
   etapiSpecRoute.register(router);
   etapiBackupRoute.register(router);
 
-  app.use("", router);
+  app.use('', router);
 }
 
 /** Handling common patterns. If entity is not caught, serialization to JSON will fail */
@@ -993,17 +993,17 @@ function convertEntitiesToPojo(result: unknown) {
         result[idx] = result[idx].getPojo();
       }
     }
-  } else if (result && typeof result === "object") {
-    if ("note" in result && result.note instanceof AbstractBeccaEntity) {
+  } else if (result && typeof result === 'object') {
+    if ('note' in result && result.note instanceof AbstractBeccaEntity) {
       result.note = result.note.getPojo();
     }
 
-    if ("branch" in result && result.branch instanceof AbstractBeccaEntity) {
+    if ('branch' in result && result.branch instanceof AbstractBeccaEntity) {
       result.branch = result.branch.getPojo();
     }
   }
 
-  if (result && typeof result === "object" && "executionResult" in result) {
+  if (result && typeof result === 'object' && 'executionResult' in result) {
     // from runOnBackend()
     result.executionResult = convertEntitiesToPojo(result.executionResult);
   }
@@ -1017,7 +1017,7 @@ function apiResultHandler(
   result: unknown
 ) {
   res.setHeader(
-    "trilium-max-entity-change-id",
+    'trilium-max-entity-change-id',
     entityChangesService.getMaxEntityChangeId()
   );
 
@@ -1041,16 +1041,16 @@ function apiResultHandler(
 
     return send(res, statusCode, response);
   } else if (result === undefined) {
-    return send(res, 204, "");
+    return send(res, 204, '');
   } else {
     return send(res, 200, result);
   }
 }
 
 function send(res: express.Response, statusCode: number, response: unknown) {
-  if (typeof response === "string") {
+  if (typeof response === 'string') {
     if (statusCode >= 400) {
-      res.setHeader("Content-Type", "text/plain");
+      res.setHeader('Content-Type', 'text/plain');
     }
 
     res.status(statusCode).send(response);
@@ -1059,7 +1059,7 @@ function send(res: express.Response, statusCode: number, response: unknown) {
   } else {
     const json = JSON.stringify(response);
 
-    res.setHeader("Content-Type", "application/json");
+    res.setHeader('Content-Type', 'application/json');
     res.status(statusCode).send(json);
 
     return json.length;
@@ -1103,14 +1103,14 @@ function route(
         cls.namespace.bindEmitter(res);
 
         const result = cls.init(() => {
-          cls.set("componentId", req.headers["trilium-component-id"]);
+          cls.set('componentId', req.headers['trilium-component-id']);
           cls.set(
-            "localNowDateTime",
-            req.headers["trilium-local-now-datetime"]
+            'localNowDateTime',
+            req.headers['trilium-local-now-datetime']
           );
           cls.set(
-            "hoistedNoteId",
-            req.headers["trilium-hoisted-note-id"] || "root"
+            'hoistedNoteId',
+            req.headers['trilium-hoisted-note-id'] || 'root'
           );
 
           const cb = () => routeHandler(req as AppRequest, res, next);
@@ -1181,8 +1181,8 @@ function createUploadMiddleware() {
     fileFilter: (req: express.Request, file, cb) => {
       // UTF-8 file names are not well decoded by multer/busboy, so we handle the conversion on our side.
       // See https://github.com/expressjs/multer/pull/1102.
-      file.originalname = Buffer.from(file.originalname, "latin1").toString(
-        "utf-8"
+      file.originalname = Buffer.from(file.originalname, 'latin1').toString(
+        'utf-8'
       );
       cb(null, true);
     },
@@ -1194,7 +1194,7 @@ function createUploadMiddleware() {
     };
   }
 
-  return multer(multerOptions).single("upload");
+  return multer(multerOptions).single('upload');
 }
 
 export = {
diff --git a/src/services/auth.ts b/src/services/auth.ts
index 7cd81c2bab..004e74801a 100644
--- a/src/services/auth.ts
+++ b/src/services/auth.ts
@@ -1,24 +1,24 @@
-"use strict";
-
-import etapiTokenService = require("./etapi_tokens");
-import log = require("./log");
-import sqlInit = require("./sql_init");
-import utils = require("./utils");
-import passwordEncryptionService = require("./encryption/password_encryption");
-import config = require("./config");
-import passwordService = require("./encryption/password");
-import type { NextFunction, Request, Response } from "express";
-import { AppRequest } from "../routes/route-interface";
-import openID = require("./open_id");
-import sql = require("./sql");
-import open_id_encryption = require("./encryption/open_id_encryption");
+'use strict';
+
+import etapiTokenService = require('./etapi_tokens');
+import log = require('./log');
+import sqlInit = require('./sql_init');
+import utils = require('./utils');
+import passwordEncryptionService = require('./encryption/password_encryption');
+import config = require('./config');
+import passwordService = require('./encryption/password');
+import type { NextFunction, Request, Response } from 'express';
+import { AppRequest } from '../routes/route-interface';
+import openID = require('./open_id');
+import sql = require('./sql');
+import open_id_encryption = require('./encryption/open_id_encryption');
 
 const noAuthentication =
     config.General && config.General.noAuthentication === true;
 
 function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
     if (!sqlInit.isDbInitialized()) {
-        res.redirect("setup");
+        res.redirect('setup');
     } else if (openID.checkOpenIDRequirements()) {
         if (
             req.oidc.isAuthenticated() &&
@@ -35,7 +35,7 @@ function checkAuth(req: AppRequest, res: Response, next: NextFunction) {
         !utils.isElectron() &&
         !noAuthentication
     ) {
-        res.redirect("login");
+        res.redirect('login');
     } else {
         next();
     }
@@ -49,7 +49,7 @@ function checkApiAuthOrElectron(
     next: NextFunction
 ) {
     if (!req.session.loggedIn && !utils.isElectron() && !noAuthentication) {
-        reject(req, res, "Logged in session not found");
+        reject(req, res, 'Logged in session not found');
     } else {
         next();
     }
@@ -57,7 +57,7 @@ function checkApiAuthOrElectron(
 
 function checkApiAuth(req: AppRequest, res: Response, next: NextFunction) {
     if (!req.session.loggedIn && !noAuthentication) {
-        reject(req, res, "Logged in session not found");
+        reject(req, res, 'Logged in session not found');
     } else {
         next();
     }
@@ -69,7 +69,7 @@ function checkAppInitialized(
     next: NextFunction
 ) {
     if (!sqlInit.isDbInitialized()) {
-        res.redirect("setup");
+        res.redirect('setup');
     } else {
         next();
     }
@@ -77,7 +77,7 @@ function checkAppInitialized(
 
 function checkPasswordSet(req: AppRequest, res: Response, next: NextFunction) {
     if (!utils.isElectron() && !passwordService.isPasswordSet()) {
-        res.redirect("set-password");
+        res.redirect('set-password');
     } else {
         next();
     }
@@ -89,7 +89,7 @@ function checkPasswordNotSet(
     next: NextFunction
 ) {
     if (!utils.isElectron() && passwordService.isPasswordSet()) {
-        res.redirect("login");
+        res.redirect('login');
     } else {
         next();
     }
@@ -101,7 +101,7 @@ function checkAppNotInitialized(
     next: NextFunction
 ) {
     if (sqlInit.isDbInitialized()) {
-        reject(req, res, "App already initialized.");
+        reject(req, res, 'App already initialized.');
     } else {
         next();
     }
@@ -111,43 +111,43 @@ function checkEtapiToken(req: AppRequest, res: Response, next: NextFunction) {
     if (etapiTokenService.isValidAuthHeader(req.headers.authorization)) {
         next();
     } else {
-        reject(req, res, "Token not found");
+        reject(req, res, 'Token not found');
     }
 }
 
 function reject(req: AppRequest, res: Response, message: string) {
     log.info(`${req.method} ${req.path} rejected with 401 ${message}`);
 
-    res.setHeader("Content-Type", "text/plain").status(401).send(message);
+    res.setHeader('Content-Type', 'text/plain').status(401).send(message);
 }
 
 function checkCredentials(req: AppRequest, res: Response, next: NextFunction) {
     if (!sqlInit.isDbInitialized()) {
-        res.setHeader("Content-Type", "text/plain")
+        res.setHeader('Content-Type', 'text/plain')
             .status(400)
-            .send("Database is not initialized yet.");
+            .send('Database is not initialized yet.');
         return;
     }
 
     if (!passwordService.isPasswordSet()) {
-        res.setHeader("Content-Type", "text/plain")
+        res.setHeader('Content-Type', 'text/plain')
             .status(400)
             .send(
-                "Password has not been set yet. Please set a password and repeat the action"
+                'Password has not been set yet. Please set a password and repeat the action'
             );
         return;
     }
 
-    const header = req.headers["trilium-cred"] || "";
-    const auth = Buffer.from(header, "base64").toString();
-    const colonIndex = auth.indexOf(":");
-    const password = colonIndex === -1 ? "" : auth.substr(colonIndex + 1);
+    const header = req.headers['trilium-cred'] || '';
+    const auth = Buffer.from(header, 'base64').toString();
+    const colonIndex = auth.indexOf(':');
+    const password = colonIndex === -1 ? '' : auth.substr(colonIndex + 1);
     // username is ignored
 
     if (!passwordEncryptionService.verifyPassword(password)) {
-        res.setHeader("Content-Type", "text/plain")
+        res.setHeader('Content-Type', 'text/plain')
             .status(401)
-            .send("Incorrect password");
+            .send('Incorrect password');
     } else {
         next();
     }

From fa885e7e7550d79c3b8dd487c9a71eccb3102e97 Mon Sep 17 00:00:00 2001
From: Chesspro13 <chesspro13@gmail.com>
Date: Thu, 15 Aug 2024 12:09:26 -0700
Subject: [PATCH 63/63] Merge Attempt 1

---
 .gitignore                                    |    11 +
 package-lock.json                             | 11666 ++--------------
 package.json                                  |     4 +-
 src/app.ts                                    |    40 +-
 .../widgets/type_widgets/content_widget.js    |     1 +
 src/routes/login.ts                           |    30 +-
 src/routes/routes.ts                          |    24 +-
 src/services/auth.ts                          |     8 +-
 src/services/encryption/my_scrypt.ts          |    10 +-
 src/services/open_id.ts                       |     2 +-
 src/services/options_init.ts                  |     1 +
 11 files changed, 1097 insertions(+), 10700 deletions(-)

diff --git a/.gitignore b/.gitignore
index 457353451c..d3b9c10367 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,3 +15,14 @@ data-test/
 tmp/
 .eslintcache
 .env
+
+out/
+
+images/app-icons/png/512x512.png
+images/app-icons/png/1024x1024.png
+images/app-icons/mac/*.png
+/test-results/
+/playwright-report/
+/blob-report/
+/playwright/.cache/
+/playwright/.auth/
\ No newline at end of file
diff --git a/package-lock.json b/package-lock.json
index 66bd027abf..3cab0ee204 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,7 +1,7 @@
 {
   "name": "trilium",
   "version": "0.63.5",
-  "lockfileVersion": 2,
+  "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
@@ -32,7 +32,8 @@
         "electron-dl": "3.5.2",
         "electron-window-state": "5.0.3",
         "escape-html": "1.0.3",
-        "express": "4.19.2",
+        "eslint": "^9.9.0",
+        "express": "^4.19.2",
         "express-openid-connect": "^2.17.1",
         "express-partial-content": "1.0.2",
         "express-rate-limit": "7.2.0",
@@ -61,9 +62,7 @@
         "node-abi": "3.56.0",
         "normalize-strings": "1.1.1",
         "open": "8.4.1",
-        "openid-client": "^5.6.5",
         "panzoom": "9.4.3",
-        "passport": "^0.7.0",
         "print-this": "2.0.0",
         "rand-token": "1.0.1",
         "react": "18.2.0",
@@ -77,10 +76,10 @@
         "semver": "7.6.0",
         "serve-favicon": "2.5.0",
         "session-file-store": "1.5.0",
-        "speakeasy": "^2.0.0",
         "split.js": "1.6.5",
         "stream-throttle": "0.1.3",
         "striptags": "3.2.0",
+        "time2fa": "^1.3.0",
         "tmp": "0.2.3",
         "tree-kill": "1.2.2",
         "turndown": "7.1.2",
@@ -222,12 +221,11 @@
       }
     },
     "node_modules/@electron/asar": {
-      "version": "3.2.2",
-      "resolved": "https://registry.npmjs.org/@electron/asar/-/asar-3.2.2.tgz",
-      "integrity": "sha512-32fMU68x8a6zvxtC1IC/BhPDKTh8rQjdmwEplj3CDpnkcwBzZVN9v/8cK0LJqQ0FOQQVZW8BWZ1S6UU53TYR4w==",
+      "version": "3.2.10",
+      "resolved": "https://registry.npmjs.org/@electron/asar/-/asar-3.2.10.tgz",
+      "integrity": "sha512-mvBSwIBUeiRscrCeJE1LwctAriBj65eUDm0Pc11iE5gRwzkmsdbS7FnZ1XUWjpSeQWL1L5g12Fc/SchPM9DUOw==",
       "dev": true,
       "dependencies": {
-        "chromium-pickle-js": "^0.2.0",
         "commander": "^5.0.0",
         "glob": "^7.1.6",
         "minimatch": "^3.0.4"
@@ -237,9 +235,6 @@
       },
       "engines": {
         "node": ">=10.12.0"
-      },
-      "optionalDependencies": {
-        "@types/glob": "^7.1.1"
       }
     },
     "node_modules/@electron/get": {
@@ -462,6 +457,101 @@
         "node": ">= 10.0.0"
       }
     },
+    "node_modules/@eslint-community/eslint-utils": {
+      "version": "4.4.0",
+      "resolved": "https://registry.npmjs.org/@eslint-community/eslint-utils/-/eslint-utils-4.4.0.tgz",
+      "integrity": "sha512-1/sA4dwrzBAyeUoQ6oxahHKmrZvsnLCg4RfxW3ZFGGmQkSNQPFNLV9CUEFQP1x9EYXHTo5p6xdhZM1Ne9p/AfA==",
+      "dependencies": {
+        "eslint-visitor-keys": "^3.3.0"
+      },
+      "engines": {
+        "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
+      },
+      "peerDependencies": {
+        "eslint": "^6.0.0 || ^7.0.0 || >=8.0.0"
+      }
+    },
+    "node_modules/@eslint-community/eslint-utils/node_modules/eslint-visitor-keys": {
+      "version": "3.4.3",
+      "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-3.4.3.tgz",
+      "integrity": "sha512-wpc+LXeiyiisxPlEkUzU6svyS1frIO3Mgxj1fdy7Pm8Ygzguax2N3Fa/D/ag1WqbOprdI+uY6wMUl8/a2G+iag==",
+      "engines": {
+        "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
+      },
+      "funding": {
+        "url": "https://opencollective.com/eslint"
+      }
+    },
+    "node_modules/@eslint-community/regexpp": {
+      "version": "4.11.0",
+      "resolved": "https://registry.npmjs.org/@eslint-community/regexpp/-/regexpp-4.11.0.tgz",
+      "integrity": "sha512-G/M/tIiMrTAxEWRfLfQJMmGNX28IxBg4PBz8XqQhqUHLFI6TL2htpIB1iQCj144V5ee/JaKyT9/WZ0MGZWfA7A==",
+      "engines": {
+        "node": "^12.0.0 || ^14.0.0 || >=16.0.0"
+      }
+    },
+    "node_modules/@eslint/config-array": {
+      "version": "0.17.1",
+      "resolved": "https://registry.npmjs.org/@eslint/config-array/-/config-array-0.17.1.tgz",
+      "integrity": "sha512-BlYOpej8AQ8Ev9xVqroV7a02JK3SkBAaN9GfMMH9W6Ch8FlQlkjGw4Ir7+FgYwfirivAf4t+GtzuAxqfukmISA==",
+      "dependencies": {
+        "@eslint/object-schema": "^2.1.4",
+        "debug": "^4.3.1",
+        "minimatch": "^3.1.2"
+      },
+      "engines": {
+        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+      }
+    },
+    "node_modules/@eslint/eslintrc": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-3.1.0.tgz",
+      "integrity": "sha512-4Bfj15dVJdoy3RfZmmo86RK1Fwzn6SstsvK9JS+BaVKqC6QQQQyXekNaC+g+LKNgkQ+2VhGAzm6hO40AhMR3zQ==",
+      "dependencies": {
+        "ajv": "^6.12.4",
+        "debug": "^4.3.2",
+        "espree": "^10.0.1",
+        "globals": "^14.0.0",
+        "ignore": "^5.2.0",
+        "import-fresh": "^3.2.1",
+        "js-yaml": "^4.1.0",
+        "minimatch": "^3.1.2",
+        "strip-json-comments": "^3.1.1"
+      },
+      "engines": {
+        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+      },
+      "funding": {
+        "url": "https://opencollective.com/eslint"
+      }
+    },
+    "node_modules/@eslint/eslintrc/node_modules/strip-json-comments": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz",
+      "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==",
+      "engines": {
+        "node": ">=8"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/@eslint/js": {
+      "version": "9.9.0",
+      "resolved": "https://registry.npmjs.org/@eslint/js/-/js-9.9.0.tgz",
+      "integrity": "sha512-hhetes6ZHP3BlXLxmd8K2SNgkhNSi+UcecbnwWKwpP7kyi/uC75DJ1lOOBO3xrC4jyojtGE3YxKZPHfk4yrgug==",
+      "engines": {
+        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+      }
+    },
+    "node_modules/@eslint/object-schema": {
+      "version": "2.1.4",
+      "resolved": "https://registry.npmjs.org/@eslint/object-schema/-/object-schema-2.1.4.tgz",
+      "integrity": "sha512-BsWiH1yFGjXXS2yvrf5LyuoSIIbPrGUWob917o+BTKuZ7qJdxX8aJLRxs1fS9n6r7vESrq1OUqb68dANcFXuQQ==",
+      "engines": {
+        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+      }
+    },
     "node_modules/@excalidraw/excalidraw": {
       "version": "0.17.3",
       "resolved": "https://registry.npmjs.org/@excalidraw/excalidraw/-/excalidraw-0.17.3.tgz",
@@ -490,6 +580,30 @@
         "@hapi/hoek": "^9.0.0"
       }
     },
+    "node_modules/@humanwhocodes/module-importer": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/@humanwhocodes/module-importer/-/module-importer-1.0.1.tgz",
+      "integrity": "sha512-bxveV4V8v5Yb4ncFTT3rPSgZBOpCkjfK0y4oVVVJwIuDVBRMDXrPyXRL988i5ap9m9bnyEEjWfm5WkBmtffLfA==",
+      "engines": {
+        "node": ">=12.22"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/nzakas"
+      }
+    },
+    "node_modules/@humanwhocodes/retry": {
+      "version": "0.3.0",
+      "resolved": "https://registry.npmjs.org/@humanwhocodes/retry/-/retry-0.3.0.tgz",
+      "integrity": "sha512-d2CGZR2o7fS6sWB7DG/3a95bGKQyHMACZ5aW8qGkkqQpUoZV6C0X7Pc7l4ZNMZkfNBf4VWNe9E1jRsf0G146Ew==",
+      "engines": {
+        "node": ">=18.18"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/nzakas"
+      }
+    },
     "node_modules/@isaacs/cliui": {
       "version": "8.0.2",
       "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz",
@@ -1076,6 +1190,38 @@
         "node": ">= 10.0.0"
       }
     },
+    "node_modules/@nodelib/fs.scandir": {
+      "version": "2.1.5",
+      "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz",
+      "integrity": "sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==",
+      "dependencies": {
+        "@nodelib/fs.stat": "2.0.5",
+        "run-parallel": "^1.1.9"
+      },
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/@nodelib/fs.stat": {
+      "version": "2.0.5",
+      "resolved": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz",
+      "integrity": "sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==",
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/@nodelib/fs.walk": {
+      "version": "1.2.8",
+      "resolved": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz",
+      "integrity": "sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==",
+      "dependencies": {
+        "@nodelib/fs.scandir": "2.1.5",
+        "fastq": "^1.6.0"
+      },
+      "engines": {
+        "node": ">= 8"
+      }
+    },
     "node_modules/@npmcli/fs": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-2.1.0.tgz",
@@ -1502,19 +1648,20 @@
       }
     },
     "node_modules/@types/linkify-it": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/@types/linkify-it/-/linkify-it-3.0.2.tgz",
-      "integrity": "sha512-HZQYqbiFVWufzCwexrvh694SOim8z2d+xJl5UNamcvQFejLY/2YUtzXHYi3cHdI7PMlS8ejH2slRAOJQ32aNbA==",
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/@types/linkify-it/-/linkify-it-5.0.0.tgz",
+      "integrity": "sha512-sVDA58zAw4eWAffKOaQH5/5j3XeayukzDk+ewSsnv3p4yJEZHCCzMDiZM8e0OUrRvmpGZ85jf4yDHkHsgBNr9Q==",
       "dev": true
     },
     "node_modules/@types/markdown-it": {
-      "version": "12.2.3",
-      "resolved": "https://registry.npmjs.org/@types/markdown-it/-/markdown-it-12.2.3.tgz",
-      "integrity": "sha512-GKMHFfv3458yYy+v/N8gjufHO6MSZKCOXpZc5GXIWWy8uldwfmPn98vp81gZ5f9SVw8YYBctgfJ22a2d7AOMeQ==",
+      "version": "14.1.2",
+      "resolved": "https://registry.npmjs.org/@types/markdown-it/-/markdown-it-14.1.2.tgz",
+      "integrity": "sha512-promo4eFwuiW+TfGxhi+0x3czqTYJkG8qB17ZUJiVF10Xm7NLVRSLUsfRTU/6h1e24VvRnXCx+hG7li58lkzog==",
       "dev": true,
+      "peer": true,
       "dependencies": {
-        "@types/linkify-it": "*",
-        "@types/mdurl": "*"
+        "@types/linkify-it": "^5",
+        "@types/mdurl": "^2"
       }
     },
     "node_modules/@types/mdast": {
@@ -1526,9 +1673,9 @@
       }
     },
     "node_modules/@types/mdurl": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/@types/mdurl/-/mdurl-1.0.2.tgz",
-      "integrity": "sha512-eC4U9MlIcu2q0KQmXszyn5Akca/0jrQmwDRgpAMJai7qBWq4amIQhZyNau4VYGtCeALvW1/NtjzJJ567aZxfKA==",
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/@types/mdurl/-/mdurl-2.0.0.tgz",
+      "integrity": "sha512-RGdgjQUZba5p6QEFAVx2OGb8rQDL/cPRG7GiedRzMcJ1tYnUANBncjbSB1NRGwbvjcPeikRABz2nshyPk1bhWg==",
       "dev": true
     },
     "node_modules/@types/mime": {
@@ -1564,9 +1711,9 @@
       }
     },
     "node_modules/@types/node": {
-      "version": "20.11.19",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.19.tgz",
-      "integrity": "sha512-7xMnVEcZFu0DikYjWOlRq7NTPETrm7teqUT2WkQjrTIkEgUyyGdWsj/Zg8bEJt5TNklzbPD1X3fqfsHw3SpapQ==",
+      "version": "20.14.15",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.14.15.tgz",
+      "integrity": "sha512-Fz1xDMCF/B00/tYSVMlmK7hVeLh7jE5f3B7X1/hmV0MJBwE27KlS7EvD/Yp+z1lm8mVhwV5w+n8jOZG8AfTlKw==",
       "dependencies": {
         "undici-types": "~5.26.4"
       }
@@ -1778,9 +1925,9 @@
       "integrity": "sha512-IfYcSBWE3hLpBg8+X2SEa8LVkJdJEkT2Ese2aaLs3ptGdVtABxndrMaxuFlQ1qdFf9Q5rDvDpxI3WwgvKFAsQA=="
     },
     "node_modules/@types/verror": {
-      "version": "1.10.9",
-      "resolved": "https://registry.npmjs.org/@types/verror/-/verror-1.10.9.tgz",
-      "integrity": "sha512-MLx9Z+9lGzwEuW16ubGeNkpBDE84RpB/NyGgg6z2BTpWzKkGU451cAY3UkUzZEp72RHF585oJ3V8JVNqIplcAQ==",
+      "version": "1.10.10",
+      "resolved": "https://registry.npmjs.org/@types/verror/-/verror-1.10.10.tgz",
+      "integrity": "sha512-l4MM0Jppn18hb9xmM6wwD1uTdShpf9Pn80aXTStnK1C94gtPvJcV2FrDmbOQUAQfJ1cKZHktkQUDwEqaAKXMMg==",
       "dev": true,
       "optional": true
     },
@@ -1812,9 +1959,9 @@
       }
     },
     "node_modules/@webassemblyjs/ast": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/ast/-/ast-1.11.6.tgz",
-      "integrity": "sha512-IN1xI7PwOvLPgjcf180gC1bqn3q/QaOCwYUahIOhbYUu8KA/3tw2RT/T0Gidi1l7Hhj5D/INhJxiICObqpMu4Q==",
+      "version": "1.12.1",
+      "resolved": "https://registry.npmjs.org/@webassemblyjs/ast/-/ast-1.12.1.tgz",
+      "integrity": "sha512-EKfMUOPRRUTy5UII4qJDGPpqfwjOmZ5jeGFwid9mnoqIFK+e0vqoi1qH56JpmZSzEL53jKnNzScdmftJyG5xWg==",
       "dev": true,
       "dependencies": {
         "@webassemblyjs/helper-numbers": "1.11.6",
@@ -1834,9 +1981,9 @@
       "dev": true
     },
     "node_modules/@webassemblyjs/helper-buffer": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-buffer/-/helper-buffer-1.11.6.tgz",
-      "integrity": "sha512-z3nFzdcp1mb8nEOFFk8DrYLpHvhKC3grJD2ardfKOzmbmJvEf/tPIqCY+sNcwZIY8ZD7IkB2l7/pqhUhqm7hLA==",
+      "version": "1.12.1",
+      "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-buffer/-/helper-buffer-1.12.1.tgz",
+      "integrity": "sha512-nzJwQw99DNDKr9BVCOZcLuJJUlqkJh+kVzVl6Fmq/tI5ZtEyWT1KZMyOXltXLZJmDtvLCDgwsyrkohEtopTXCw==",
       "dev": true
     },
     "node_modules/@webassemblyjs/helper-numbers": {
@@ -1857,15 +2004,15 @@
       "dev": true
     },
     "node_modules/@webassemblyjs/helper-wasm-section": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-wasm-section/-/helper-wasm-section-1.11.6.tgz",
-      "integrity": "sha512-LPpZbSOwTpEC2cgn4hTydySy1Ke+XEu+ETXuoyvuyezHO3Kjdu90KK95Sh9xTbmjrCsUwvWwCOQQNta37VrS9g==",
+      "version": "1.12.1",
+      "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-wasm-section/-/helper-wasm-section-1.12.1.tgz",
+      "integrity": "sha512-Jif4vfB6FJlUlSbgEMHUyk1j234GTNG9dBJ4XJdOySoj518Xj0oGsNi59cUQF4RRMS9ouBUxDDdyBVfPTypa5g==",
       "dev": true,
       "dependencies": {
-        "@webassemblyjs/ast": "1.11.6",
-        "@webassemblyjs/helper-buffer": "1.11.6",
+        "@webassemblyjs/ast": "1.12.1",
+        "@webassemblyjs/helper-buffer": "1.12.1",
         "@webassemblyjs/helper-wasm-bytecode": "1.11.6",
-        "@webassemblyjs/wasm-gen": "1.11.6"
+        "@webassemblyjs/wasm-gen": "1.12.1"
       }
     },
     "node_modules/@webassemblyjs/ieee754": {
@@ -1893,28 +2040,28 @@
       "dev": true
     },
     "node_modules/@webassemblyjs/wasm-edit": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-edit/-/wasm-edit-1.11.6.tgz",
-      "integrity": "sha512-Ybn2I6fnfIGuCR+Faaz7YcvtBKxvoLV3Lebn1tM4o/IAJzmi9AWYIPWpyBfU8cC+JxAO57bk4+zdsTjJR+VTOw==",
+      "version": "1.12.1",
+      "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-edit/-/wasm-edit-1.12.1.tgz",
+      "integrity": "sha512-1DuwbVvADvS5mGnXbE+c9NfA8QRcZ6iKquqjjmR10k6o+zzsRVesil54DKexiowcFCPdr/Q0qaMgB01+SQ1u6g==",
       "dev": true,
       "dependencies": {
-        "@webassemblyjs/ast": "1.11.6",
-        "@webassemblyjs/helper-buffer": "1.11.6",
+        "@webassemblyjs/ast": "1.12.1",
+        "@webassemblyjs/helper-buffer": "1.12.1",
         "@webassemblyjs/helper-wasm-bytecode": "1.11.6",
-        "@webassemblyjs/helper-wasm-section": "1.11.6",
-        "@webassemblyjs/wasm-gen": "1.11.6",
-        "@webassemblyjs/wasm-opt": "1.11.6",
-        "@webassemblyjs/wasm-parser": "1.11.6",
-        "@webassemblyjs/wast-printer": "1.11.6"
+        "@webassemblyjs/helper-wasm-section": "1.12.1",
+        "@webassemblyjs/wasm-gen": "1.12.1",
+        "@webassemblyjs/wasm-opt": "1.12.1",
+        "@webassemblyjs/wasm-parser": "1.12.1",
+        "@webassemblyjs/wast-printer": "1.12.1"
       }
     },
     "node_modules/@webassemblyjs/wasm-gen": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-gen/-/wasm-gen-1.11.6.tgz",
-      "integrity": "sha512-3XOqkZP/y6B4F0PBAXvI1/bky7GryoogUtfwExeP/v7Nzwo1QLcq5oQmpKlftZLbT+ERUOAZVQjuNVak6UXjPA==",
+      "version": "1.12.1",
+      "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-gen/-/wasm-gen-1.12.1.tgz",
+      "integrity": "sha512-TDq4Ojh9fcohAw6OIMXqiIcTq5KUXTGRkVxbSo1hQnSy6lAM5GSdfwWeSxpAo0YzgsgF182E/U0mDNhuA0tW7w==",
       "dev": true,
       "dependencies": {
-        "@webassemblyjs/ast": "1.11.6",
+        "@webassemblyjs/ast": "1.12.1",
         "@webassemblyjs/helper-wasm-bytecode": "1.11.6",
         "@webassemblyjs/ieee754": "1.11.6",
         "@webassemblyjs/leb128": "1.11.6",
@@ -1922,24 +2069,24 @@
       }
     },
     "node_modules/@webassemblyjs/wasm-opt": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-opt/-/wasm-opt-1.11.6.tgz",
-      "integrity": "sha512-cOrKuLRE7PCe6AsOVl7WasYf3wbSo4CeOk6PkrjS7g57MFfVUF9u6ysQBBODX0LdgSvQqRiGz3CXvIDKcPNy4g==",
+      "version": "1.12.1",
+      "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-opt/-/wasm-opt-1.12.1.tgz",
+      "integrity": "sha512-Jg99j/2gG2iaz3hijw857AVYekZe2SAskcqlWIZXjji5WStnOpVoat3gQfT/Q5tb2djnCjBtMocY/Su1GfxPBg==",
       "dev": true,
       "dependencies": {
-        "@webassemblyjs/ast": "1.11.6",
-        "@webassemblyjs/helper-buffer": "1.11.6",
-        "@webassemblyjs/wasm-gen": "1.11.6",
-        "@webassemblyjs/wasm-parser": "1.11.6"
+        "@webassemblyjs/ast": "1.12.1",
+        "@webassemblyjs/helper-buffer": "1.12.1",
+        "@webassemblyjs/wasm-gen": "1.12.1",
+        "@webassemblyjs/wasm-parser": "1.12.1"
       }
     },
     "node_modules/@webassemblyjs/wasm-parser": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-parser/-/wasm-parser-1.11.6.tgz",
-      "integrity": "sha512-6ZwPeGzMJM3Dqp3hCsLgESxBGtT/OeCvCZ4TA1JUPYgmhAx38tTPR9JaKy0S5H3evQpO/h2uWs2j6Yc/fjkpTQ==",
+      "version": "1.12.1",
+      "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-parser/-/wasm-parser-1.12.1.tgz",
+      "integrity": "sha512-xikIi7c2FHXysxXe3COrVUPSheuBtpcfhbpFj4gmu7KRLYOzANztwUU0IbsqvMqzuNK2+glRGWCEqZo1WCLyAQ==",
       "dev": true,
       "dependencies": {
-        "@webassemblyjs/ast": "1.11.6",
+        "@webassemblyjs/ast": "1.12.1",
         "@webassemblyjs/helper-api-error": "1.11.6",
         "@webassemblyjs/helper-wasm-bytecode": "1.11.6",
         "@webassemblyjs/ieee754": "1.11.6",
@@ -1948,12 +2095,12 @@
       }
     },
     "node_modules/@webassemblyjs/wast-printer": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/wast-printer/-/wast-printer-1.11.6.tgz",
-      "integrity": "sha512-JM7AhRcE+yW2GWYaKeHL5vt4xqee5N2WcezptmgyhNS+ScggqcT1OtXykhAb13Sn5Yas0j2uv9tHgrjwvzAP4A==",
+      "version": "1.12.1",
+      "resolved": "https://registry.npmjs.org/@webassemblyjs/wast-printer/-/wast-printer-1.12.1.tgz",
+      "integrity": "sha512-+X4WAlOisVWQMikjbcvY2e0rwPsKQ9F688lksZhBcPycBBuii3O7m8FACbDMWDojpAqvjIncrG8J0XHKyQfVeA==",
       "dev": true,
       "dependencies": {
-        "@webassemblyjs/ast": "1.11.6",
+        "@webassemblyjs/ast": "1.12.1",
         "@xtuc/long": "4.2.2"
       }
     },
@@ -2006,6 +2153,15 @@
         }
       }
     },
+    "node_modules/@xmldom/xmldom": {
+      "version": "0.8.10",
+      "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.10.tgz",
+      "integrity": "sha512-2WALfTl4xo2SkGCYRt6rDTFfk9R1czmBvUQy12gK2KuRKIpWEhcbbzy8EZXtz/jkRqHX8bFEc6FC1HjX4TUWYw==",
+      "dev": true,
+      "engines": {
+        "node": ">=10.0.0"
+      }
+    },
     "node_modules/@xtuc/ieee754": {
       "version": "1.2.0",
       "resolved": "https://registry.npmjs.org/@xtuc/ieee754/-/ieee754-1.2.0.tgz",
@@ -2062,10 +2218,9 @@
       }
     },
     "node_modules/acorn": {
-      "version": "8.10.0",
-      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.10.0.tgz",
-      "integrity": "sha512-F0SAmZ8iUtS//m8DmCTA0jlh6TDKkHQyK6xc6V4KDTyZKA9dnvX9/3sRTVQrWm79glUAZbnmmNcdYwUIHWVybw==",
-      "dev": true,
+      "version": "8.12.1",
+      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.12.1.tgz",
+      "integrity": "sha512-tcpGyI9zbizT9JbV6oYE477V6mTlXvvi0T0G3SNIYE2apm/G5huBa1+K89VGeovbg+jycCrfhl3ADxErOuO6Jg==",
       "bin": {
         "acorn": "bin/acorn"
       },
@@ -2082,6 +2237,14 @@
         "acorn": "^8"
       }
     },
+    "node_modules/acorn-jsx": {
+      "version": "5.3.2",
+      "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-5.3.2.tgz",
+      "integrity": "sha512-rq9s+JNhf0IChjtDXxllJ7g41oZk5SlXtp0LHwyA5cejwn7vKmKp4pPri6YEePv2PU65sAsegbXtIinmDFDXgQ==",
+      "peerDependencies": {
+        "acorn": "^6.0.0 || ^7.0.0 || ^8.0.0"
+      }
+    },
     "node_modules/acorn-walk": {
       "version": "8.3.2",
       "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.3.2.tgz",
@@ -2388,16 +2551,17 @@
       }
     },
     "node_modules/archiver-utils": {
-      "version": "5.0.1",
-      "resolved": "https://registry.npmjs.org/archiver-utils/-/archiver-utils-5.0.1.tgz",
-      "integrity": "sha512-MMAoLdMvT/nckofX1tCLrf7uJce4jTNkiT6smA2u57AOImc1nce7mR3EDujxL5yv6/MnILuQH4sAsPtDS8kTvg==",
+      "version": "5.0.2",
+      "resolved": "https://registry.npmjs.org/archiver-utils/-/archiver-utils-5.0.2.tgz",
+      "integrity": "sha512-wuLJMmIBQYCsGZgYLTy5FIB2pF6Lfb6cXMSF8Qywwk3t20zWnAi7zLcQFdKQmIB8wyZpY5ER38x08GbwtR2cLA==",
       "dependencies": {
         "glob": "^10.0.0",
         "graceful-fs": "^4.2.0",
+        "is-stream": "^2.0.1",
         "lazystream": "^1.0.0",
         "lodash": "^4.17.15",
         "normalize-path": "^3.0.0",
-        "readable-stream": "^3.6.0"
+        "readable-stream": "^4.0.0"
       },
       "engines": {
         "node": ">= 14"
@@ -2411,31 +2575,66 @@
         "balanced-match": "^1.0.0"
       }
     },
+    "node_modules/archiver-utils/node_modules/buffer": {
+      "version": "6.0.3",
+      "resolved": "https://registry.npmjs.org/buffer/-/buffer-6.0.3.tgz",
+      "integrity": "sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/feross"
+        },
+        {
+          "type": "patreon",
+          "url": "https://www.patreon.com/feross"
+        },
+        {
+          "type": "consulting",
+          "url": "https://feross.org/support"
+        }
+      ],
+      "dependencies": {
+        "base64-js": "^1.3.1",
+        "ieee754": "^1.2.1"
+      }
+    },
     "node_modules/archiver-utils/node_modules/glob": {
-      "version": "10.3.10",
-      "resolved": "https://registry.npmjs.org/glob/-/glob-10.3.10.tgz",
-      "integrity": "sha512-fa46+tv1Ak0UPK1TOy/pZrIybNNt4HCv7SDzwyfiOZkvZLEbjsZkJBPtDHVshZjbecAoAGSC20MjLDG/qr679g==",
+      "version": "10.4.5",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz",
+      "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==",
       "dependencies": {
         "foreground-child": "^3.1.0",
-        "jackspeak": "^2.3.5",
-        "minimatch": "^9.0.1",
-        "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0",
-        "path-scurry": "^1.10.1"
+        "jackspeak": "^3.1.2",
+        "minimatch": "^9.0.4",
+        "minipass": "^7.1.2",
+        "package-json-from-dist": "^1.0.0",
+        "path-scurry": "^1.11.1"
       },
       "bin": {
         "glob": "dist/esm/bin.mjs"
       },
-      "engines": {
-        "node": ">=16 || 14 >=14.17"
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/archiver-utils/node_modules/jackspeak": {
+      "version": "3.4.3",
+      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz",
+      "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==",
+      "dependencies": {
+        "@isaacs/cliui": "^8.0.2"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
+      },
+      "optionalDependencies": {
+        "@pkgjs/parseargs": "^0.11.0"
       }
     },
     "node_modules/archiver-utils/node_modules/minimatch": {
-      "version": "9.0.3",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz",
-      "integrity": "sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==",
+      "version": "9.0.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
+      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
       "dependencies": {
         "brace-expansion": "^2.0.1"
       },
@@ -2447,24 +2646,53 @@
       }
     },
     "node_modules/archiver-utils/node_modules/minipass": {
-      "version": "7.0.4",
-      "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz",
-      "integrity": "sha512-jYofLM5Dam9279rdkWzqHozUo4ybjdZmCsDHePy5V/PbBcVMiSZR97gmAy45aqi8CK1lG2ECd356FU86avfwUQ==",
+      "version": "7.1.2",
+      "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz",
+      "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==",
       "engines": {
         "node": ">=16 || 14 >=14.17"
       }
     },
     "node_modules/archiver-utils/node_modules/readable-stream": {
-      "version": "3.6.2",
-      "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
-      "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
+      "version": "4.5.2",
+      "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-4.5.2.tgz",
+      "integrity": "sha512-yjavECdqeZ3GLXNgRXgeQEdz9fvDDkNKyHnbHRFtOr7/LcfgBcmct7t/ET+HaCTqfh06OzoAxrkN/IfjJBVe+g==",
       "dependencies": {
-        "inherits": "^2.0.3",
-        "string_decoder": "^1.1.1",
-        "util-deprecate": "^1.0.1"
+        "abort-controller": "^3.0.0",
+        "buffer": "^6.0.3",
+        "events": "^3.3.0",
+        "process": "^0.11.10",
+        "string_decoder": "^1.3.0"
       },
       "engines": {
-        "node": ">= 6"
+        "node": "^12.22.0 || ^14.17.0 || >=16.0.0"
+      }
+    },
+    "node_modules/archiver-utils/node_modules/safe-buffer": {
+      "version": "5.2.1",
+      "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
+      "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/feross"
+        },
+        {
+          "type": "patreon",
+          "url": "https://www.patreon.com/feross"
+        },
+        {
+          "type": "consulting",
+          "url": "https://feross.org/support"
+        }
+      ]
+    },
+    "node_modules/archiver-utils/node_modules/string_decoder": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
+      "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==",
+      "dependencies": {
+        "safe-buffer": "~5.2.0"
       }
     },
     "node_modules/archiver/node_modules/buffer": {
@@ -2559,8 +2787,7 @@
     "node_modules/argparse": {
       "version": "2.0.1",
       "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz",
-      "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==",
-      "dev": true
+      "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q=="
     },
     "node_modules/array-flatten": {
       "version": "1.1.1",
@@ -2751,11 +2978,6 @@
       "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz",
       "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c="
     },
-    "node_modules/base32.js": {
-      "version": "0.0.1",
-      "resolved": "https://registry.npmjs.org/base32.js/-/base32.js-0.0.1.tgz",
-      "integrity": "sha512-EGHIRiegFa62/SsA1J+Xs2tIzludPdzM064N9wjbiEgHnGnJ1V0WEpA4pEwCYT5nDvZk3ubf0shqaCS7k6xeUQ=="
-    },
     "node_modules/base64-js": {
       "version": "1.5.1",
       "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz",
@@ -2999,11 +3221,11 @@
       }
     },
     "node_modules/braces": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz",
-      "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
+      "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
       "dependencies": {
-        "fill-range": "^7.0.1"
+        "fill-range": "^7.1.1"
       },
       "engines": {
         "node": ">=8"
@@ -3402,6 +3624,14 @@
         "url": "https://github.com/sponsors/ljharb"
       }
     },
+    "node_modules/callsites": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz",
+      "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==",
+      "engines": {
+        "node": ">=6"
+      }
+    },
     "node_modules/caniuse-lite": {
       "version": "1.0.30001594",
       "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001594.tgz",
@@ -3772,12 +4002,13 @@
       }
     },
     "node_modules/compress-commons": {
-      "version": "6.0.1",
-      "resolved": "https://registry.npmjs.org/compress-commons/-/compress-commons-6.0.1.tgz",
-      "integrity": "sha512-l7occIJn8YwlCEbWUCrG6gPms9qnJTCZSaznCa5HaV+yJMH4kM8BDc7q9NyoQuoiB2O6jKgTcTeY462qw6MyHw==",
+      "version": "6.0.2",
+      "resolved": "https://registry.npmjs.org/compress-commons/-/compress-commons-6.0.2.tgz",
+      "integrity": "sha512-6FqVXeETqWPoGcfzrXb37E50NP0LXT8kAMu5ooZayhWWdgEY4lBEEcbQNXtkuKQsGduxiIcI4gOTsxTmuq/bSg==",
       "dependencies": {
         "crc-32": "^1.2.0",
         "crc32-stream": "^6.0.0",
+        "is-stream": "^2.0.1",
         "normalize-path": "^3.0.0",
         "readable-stream": "^4.0.0"
       },
@@ -3933,31 +4164,44 @@
       }
     },
     "node_modules/config-file-ts/node_modules/glob": {
-      "version": "10.3.10",
-      "resolved": "https://registry.npmjs.org/glob/-/glob-10.3.10.tgz",
-      "integrity": "sha512-fa46+tv1Ak0UPK1TOy/pZrIybNNt4HCv7SDzwyfiOZkvZLEbjsZkJBPtDHVshZjbecAoAGSC20MjLDG/qr679g==",
+      "version": "10.4.5",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz",
+      "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==",
       "dev": true,
       "dependencies": {
         "foreground-child": "^3.1.0",
-        "jackspeak": "^2.3.5",
-        "minimatch": "^9.0.1",
-        "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0",
-        "path-scurry": "^1.10.1"
+        "jackspeak": "^3.1.2",
+        "minimatch": "^9.0.4",
+        "minipass": "^7.1.2",
+        "package-json-from-dist": "^1.0.0",
+        "path-scurry": "^1.11.1"
       },
       "bin": {
         "glob": "dist/esm/bin.mjs"
       },
-      "engines": {
-        "node": ">=16 || 14 >=14.17"
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/config-file-ts/node_modules/jackspeak": {
+      "version": "3.4.3",
+      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz",
+      "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==",
+      "dev": true,
+      "dependencies": {
+        "@isaacs/cliui": "^8.0.2"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
+      },
+      "optionalDependencies": {
+        "@pkgjs/parseargs": "^0.11.0"
       }
     },
     "node_modules/config-file-ts/node_modules/minimatch": {
-      "version": "9.0.3",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz",
-      "integrity": "sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==",
+      "version": "9.0.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
+      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
       "dev": true,
       "dependencies": {
         "brace-expansion": "^2.0.1"
@@ -3970,9 +4214,9 @@
       }
     },
     "node_modules/config-file-ts/node_modules/minipass": {
-      "version": "7.0.4",
-      "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz",
-      "integrity": "sha512-jYofLM5Dam9279rdkWzqHozUo4ybjdZmCsDHePy5V/PbBcVMiSZR97gmAy45aqi8CK1lG2ECd356FU86avfwUQ==",
+      "version": "7.1.2",
+      "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz",
+      "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==",
       "dev": true,
       "engines": {
         "node": ">=16 || 14 >=14.17"
@@ -4885,6 +5129,11 @@
         "node": ">=4.0.0"
       }
     },
+    "node_modules/deep-is": {
+      "version": "0.1.4",
+      "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.4.tgz",
+      "integrity": "sha512-oIPzksmTg4/MriiaYGO+okXDT7ztn/w3Eptv/+gSIdMdKsJo0u4CfYNFJPy+4SKMuCqGw2wxnA+URMg3t8a/bQ=="
+    },
     "node_modules/deepmerge": {
       "version": "4.2.2",
       "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.2.2.tgz",
@@ -5552,9 +5801,9 @@
       }
     },
     "node_modules/electron-builder/node_modules/universalify": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz",
-      "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==",
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
+      "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
       "dev": true,
       "engines": {
         "node": ">= 10.0.0"
@@ -5998,9 +6247,9 @@
       }
     },
     "node_modules/electron/node_modules/@types/node": {
-      "version": "18.19.17",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.17.tgz",
-      "integrity": "sha512-SzyGKgwPzuWp2SHhlpXKzCX0pIOfcI4V2eF37nNBJOhwlegQ83omtVQ1XxZpDE06V/d6AQvfQdPfnw0tRC//Ng==",
+      "version": "18.19.44",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.44.tgz",
+      "integrity": "sha512-ZsbGerYg72WMXUIE9fYxtvfzLEuq6q8mKERdWFnqTmOvudMxnz+CBNRoOwJ2kNpFOncrKjT1hZwxjlFgQ9qvQA==",
       "dependencies": {
         "undici-types": "~5.26.4"
       }
@@ -6049,9 +6298,9 @@
       }
     },
     "node_modules/enhanced-resolve": {
-      "version": "5.15.0",
-      "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.15.0.tgz",
-      "integrity": "sha512-LXYT42KJ7lpIKECr2mAXIaMldcNCh/7E0KBKOu4KSfkHmP+mZmSs+8V5gBAqisWBy0OO4W5Oyys0GO1Y8KtdKg==",
+      "version": "5.17.1",
+      "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.17.1.tgz",
+      "integrity": "sha512-LMHl3dXhTcfv8gM4kEzIUeTQ+7fpdA0l2tUf34BddXPkz2A5xJ5L/Pchd5BL6rdccM9QGvu0sWZzK1Z1t4wwyg==",
       "dev": true,
       "dependencies": {
         "graceful-fs": "^4.2.4",
@@ -6147,6 +6396,64 @@
         "node": ">=0.8.0"
       }
     },
+    "node_modules/eslint": {
+      "version": "9.9.0",
+      "resolved": "https://registry.npmjs.org/eslint/-/eslint-9.9.0.tgz",
+      "integrity": "sha512-JfiKJrbx0506OEerjK2Y1QlldtBxkAlLxT5OEcRF8uaQ86noDe2k31Vw9rnSWv+MXZHj7OOUV/dA0AhdLFcyvA==",
+      "dependencies": {
+        "@eslint-community/eslint-utils": "^4.2.0",
+        "@eslint-community/regexpp": "^4.11.0",
+        "@eslint/config-array": "^0.17.1",
+        "@eslint/eslintrc": "^3.1.0",
+        "@eslint/js": "9.9.0",
+        "@humanwhocodes/module-importer": "^1.0.1",
+        "@humanwhocodes/retry": "^0.3.0",
+        "@nodelib/fs.walk": "^1.2.8",
+        "ajv": "^6.12.4",
+        "chalk": "^4.0.0",
+        "cross-spawn": "^7.0.2",
+        "debug": "^4.3.2",
+        "escape-string-regexp": "^4.0.0",
+        "eslint-scope": "^8.0.2",
+        "eslint-visitor-keys": "^4.0.0",
+        "espree": "^10.1.0",
+        "esquery": "^1.5.0",
+        "esutils": "^2.0.2",
+        "fast-deep-equal": "^3.1.3",
+        "file-entry-cache": "^8.0.0",
+        "find-up": "^5.0.0",
+        "glob-parent": "^6.0.2",
+        "ignore": "^5.2.0",
+        "imurmurhash": "^0.1.4",
+        "is-glob": "^4.0.0",
+        "is-path-inside": "^3.0.3",
+        "json-stable-stringify-without-jsonify": "^1.0.1",
+        "levn": "^0.4.1",
+        "lodash.merge": "^4.6.2",
+        "minimatch": "^3.1.2",
+        "natural-compare": "^1.4.0",
+        "optionator": "^0.9.3",
+        "strip-ansi": "^6.0.1",
+        "text-table": "^0.2.0"
+      },
+      "bin": {
+        "eslint": "bin/eslint.js"
+      },
+      "engines": {
+        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+      },
+      "funding": {
+        "url": "https://eslint.org/donate"
+      },
+      "peerDependencies": {
+        "jiti": "*"
+      },
+      "peerDependenciesMeta": {
+        "jiti": {
+          "optional": true
+        }
+      }
+    },
     "node_modules/eslint-scope": {
       "version": "5.1.1",
       "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz",
@@ -6169,20 +6476,159 @@
         "node": ">=4.0"
       }
     },
-    "node_modules/esm": {
-      "version": "3.2.25",
-      "resolved": "https://registry.npmjs.org/esm/-/esm-3.2.25.tgz",
-      "integrity": "sha512-U1suiZ2oDVWv4zPO56S0NcR5QriEahGtdN2OR6FiOG4WJvcjBVFB0qI4+eKoWFH483PKGuLuu6V8Z4T5g63UVA==",
-      "dev": true,
+    "node_modules/eslint-visitor-keys": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-4.0.0.tgz",
+      "integrity": "sha512-OtIRv/2GyiF6o/d8K7MYKKbXrOUBIK6SfkIRM4Z0dY3w+LiQ0vy3F57m0Z71bjbyeiWFiHJ8brqnmE6H6/jEuw==",
+      "engines": {
+        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+      },
+      "funding": {
+        "url": "https://opencollective.com/eslint"
+      }
+    },
+    "node_modules/eslint/node_modules/escape-string-regexp": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz",
+      "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==",
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/eslint/node_modules/eslint-scope": {
+      "version": "8.0.2",
+      "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-8.0.2.tgz",
+      "integrity": "sha512-6E4xmrTw5wtxnLA5wYL3WDfhZ/1bUBGOXV0zQvVRDOtrR8D0p6W7fs3JweNYhwRYeGvd/1CKX2se0/2s7Q/nJA==",
+      "dependencies": {
+        "esrecurse": "^4.3.0",
+        "estraverse": "^5.2.0"
+      },
+      "engines": {
+        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+      },
+      "funding": {
+        "url": "https://opencollective.com/eslint"
+      }
+    },
+    "node_modules/eslint/node_modules/find-up": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/find-up/-/find-up-5.0.0.tgz",
+      "integrity": "sha512-78/PXT1wlLLDgTzDs7sjq9hzz0vXD+zn+7wypEe4fXQxCmdmqfGsEPQxmiCSQI3ajFV91bVSsvNtrJRiW6nGng==",
+      "dependencies": {
+        "locate-path": "^6.0.0",
+        "path-exists": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/eslint/node_modules/glob-parent": {
+      "version": "6.0.2",
+      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz",
+      "integrity": "sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==",
+      "dependencies": {
+        "is-glob": "^4.0.3"
+      },
+      "engines": {
+        "node": ">=10.13.0"
+      }
+    },
+    "node_modules/eslint/node_modules/locate-path": {
+      "version": "6.0.0",
+      "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-6.0.0.tgz",
+      "integrity": "sha512-iPZK6eYjbxRu3uB4/WZ3EsEIMJFMqAoopl3R+zuq0UjcAm/MO6KCweDgPfP3elTztoKP3KtnVHxTn2NHBSDVUw==",
+      "dependencies": {
+        "p-locate": "^5.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/eslint/node_modules/p-limit": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz",
+      "integrity": "sha512-TYOanM3wGwNGsZN2cVTYPArw454xnXj5qmWF1bEoAc4+cU/ol7GVh7odevjp1FNHduHc3KZMcFduxU5Xc6uJRQ==",
+      "dependencies": {
+        "yocto-queue": "^0.1.0"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/eslint/node_modules/p-locate": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-5.0.0.tgz",
+      "integrity": "sha512-LaNjtRWUBY++zB5nE/NwcaoMylSPk+S+ZHNB1TzdbMJMny6dynpAGt7X/tl/QYq3TIeE6nxHppbo2LGymrG5Pw==",
+      "dependencies": {
+        "p-limit": "^3.0.2"
+      },
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/eslint/node_modules/path-exists": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz",
+      "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==",
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/esm": {
+      "version": "3.2.25",
+      "resolved": "https://registry.npmjs.org/esm/-/esm-3.2.25.tgz",
+      "integrity": "sha512-U1suiZ2oDVWv4zPO56S0NcR5QriEahGtdN2OR6FiOG4WJvcjBVFB0qI4+eKoWFH483PKGuLuu6V8Z4T5g63UVA==",
+      "dev": true,
       "engines": {
         "node": ">=6"
       }
     },
+    "node_modules/espree": {
+      "version": "10.1.0",
+      "resolved": "https://registry.npmjs.org/espree/-/espree-10.1.0.tgz",
+      "integrity": "sha512-M1M6CpiE6ffoigIOWYO9UDP8TMUw9kqb21tf+08IgDYjCsOvCuDt4jQcZmoYxx+w7zlKw9/N0KXfto+I8/FrXA==",
+      "dependencies": {
+        "acorn": "^8.12.0",
+        "acorn-jsx": "^5.3.2",
+        "eslint-visitor-keys": "^4.0.0"
+      },
+      "engines": {
+        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
+      },
+      "funding": {
+        "url": "https://opencollective.com/eslint"
+      }
+    },
+    "node_modules/esquery": {
+      "version": "1.6.0",
+      "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.6.0.tgz",
+      "integrity": "sha512-ca9pw9fomFcKPvFLXhBKUK90ZvGibiGOvRJNbjljY7s7uq/5YO4BOzcYtJqExdx99rF6aAcnRxHmcUHcz6sQsg==",
+      "dependencies": {
+        "estraverse": "^5.1.0"
+      },
+      "engines": {
+        "node": ">=0.10"
+      }
+    },
     "node_modules/esrecurse": {
       "version": "4.3.0",
       "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz",
       "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==",
-      "dev": true,
       "dependencies": {
         "estraverse": "^5.2.0"
       },
@@ -6194,11 +6640,18 @@
       "version": "5.3.0",
       "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz",
       "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==",
-      "dev": true,
       "engines": {
         "node": ">=4.0"
       }
     },
+    "node_modules/esutils": {
+      "version": "2.0.3",
+      "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.3.tgz",
+      "integrity": "sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g==",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
     "node_modules/etag": {
       "version": "1.8.1",
       "resolved": "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz",
@@ -6613,6 +7066,11 @@
       "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.0.0.tgz",
       "integrity": "sha1-1RQsDK7msRifh9OnYREGT4bIu/I="
     },
+    "node_modules/fast-levenshtein": {
+      "version": "2.0.6",
+      "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz",
+      "integrity": "sha512-DCXu6Ifhqcks7TZKY3Hxp3y6qphY5SJZmrWMDrKcERSOXWQdMhU9Ig/PYrzyw/ul9jOIyh0N4M0tbC5hodg8dw=="
+    },
     "node_modules/fast-xml-parser": {
       "version": "3.21.1",
       "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.21.1.tgz",
@@ -6634,6 +7092,14 @@
       "integrity": "sha512-On2N+BpYJ15xIC974QNVuYGMOlEVt4s0EOI3wwMqOmK1fdDY+FN/zltPV8vosq4ad4c/gJ1KHScUn/6AWIgiow==",
       "dev": true
     },
+    "node_modules/fastq": {
+      "version": "1.17.1",
+      "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.17.1.tgz",
+      "integrity": "sha512-sRVD3lWVIXWg6By68ZN7vho9a1pQcN/WBFaAAsDDFzlJjvoGx0P8z7V1t72grFJfJhu3YPZBuu25f7Kaw2jN1w==",
+      "dependencies": {
+        "reusify": "^1.0.4"
+      }
+    },
     "node_modules/fd-slicer": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/fd-slicer/-/fd-slicer-1.1.0.tgz",
@@ -6642,6 +7108,17 @@
         "pend": "~1.2.0"
       }
     },
+    "node_modules/file-entry-cache": {
+      "version": "8.0.0",
+      "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-8.0.0.tgz",
+      "integrity": "sha512-XXTUwCvisa5oacNGRP9SfNtYBNAMi+RPwBFmblZEF7N7swHYQS6/Zfk7SRwx4D5j3CH211YNRco1DEMNVfZCnQ==",
+      "dependencies": {
+        "flat-cache": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=16.0.0"
+      }
+    },
     "node_modules/file-type": {
       "version": "16.5.4",
       "resolved": "https://registry.npmjs.org/file-type/-/file-type-16.5.4.tgz",
@@ -6717,9 +7194,9 @@
       }
     },
     "node_modules/fill-range": {
-      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
-      "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
+      "version": "7.1.1",
+      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
+      "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
       "dependencies": {
         "to-regex-range": "^5.0.1"
       },
@@ -6806,6 +7283,23 @@
         "node": ">=8"
       }
     },
+    "node_modules/flat-cache": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-4.0.1.tgz",
+      "integrity": "sha512-f7ccFPK3SXFHpx15UIGyRJ/FJQctuKZ0zVuN3frBo4HnK3cay9VEW0R6yPYFHC0AgqhukPzKjq22t5DmAyqGyw==",
+      "dependencies": {
+        "flatted": "^3.2.9",
+        "keyv": "^4.5.4"
+      },
+      "engines": {
+        "node": ">=16"
+      }
+    },
+    "node_modules/flatted": {
+      "version": "3.3.1",
+      "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.3.1.tgz",
+      "integrity": "sha512-X8cqMLLie7KsNUDSdzeN8FYK9rEt4Dt67OsG/DNGnYTSDBG4uFAJFBnUeiV+zCVAvwFy56IjM9sH51jVaEhNxw=="
+    },
     "node_modules/flora-colossus": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/flora-colossus/-/flora-colossus-2.0.0.tgz",
@@ -7015,19 +7509,6 @@
       "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=",
       "devOptional": true
     },
-    "node_modules/fsevents": {
-      "version": "2.3.3",
-      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz",
-      "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==",
-      "hasInstallScript": true,
-      "optional": true,
-      "os": [
-        "darwin"
-      ],
-      "engines": {
-        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
-      }
-    },
     "node_modules/function-bind": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz",
@@ -7258,6 +7739,17 @@
         "node": ">=10.0"
       }
     },
+    "node_modules/globals": {
+      "version": "14.0.0",
+      "resolved": "https://registry.npmjs.org/globals/-/globals-14.0.0.tgz",
+      "integrity": "sha512-oahGvuMGQlPw/ivIYBjVSrWAfWLBeku5tpPE2fOPLi+WHffIWbuh2tCjhyQhTBPMf5E9jDEH4FOmTYgYwbKwtQ==",
+      "engines": {
+        "node": ">=18"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
     "node_modules/globalthis": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/globalthis/-/globalthis-1.0.3.tgz",
@@ -7309,9 +7801,9 @@
       }
     },
     "node_modules/graceful-fs": {
-      "version": "4.2.9",
-      "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.9.tgz",
-      "integrity": "sha512-NtNxqUcXgpW2iMrfqSfR73Glt39K+BLwWsPs94yR63v45T0Wbej7eRmL5cWfwEgqXnmjQp3zaJTshdRW/qC2ZQ=="
+      "version": "4.2.11",
+      "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz",
+      "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ=="
     },
     "node_modules/har-schema": {
       "version": "2.0.0",
@@ -7664,6 +8156,14 @@
         }
       ]
     },
+    "node_modules/ignore": {
+      "version": "5.3.2",
+      "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.2.tgz",
+      "integrity": "sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g==",
+      "engines": {
+        "node": ">= 4"
+      }
+    },
     "node_modules/ignore-by-default": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/ignore-by-default/-/ignore-by-default-1.0.1.tgz",
@@ -7702,6 +8202,29 @@
         "node": ">=6"
       }
     },
+    "node_modules/import-fresh": {
+      "version": "3.3.0",
+      "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.0.tgz",
+      "integrity": "sha512-veYYhQa+D1QBKznvhUHxb8faxlrwUnxseDAbAp457E0wLNio2bOSKnjYDhMj+YiAq61xrMGhQk9iXVk5FzgQMw==",
+      "dependencies": {
+        "parent-module": "^1.0.0",
+        "resolve-from": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=6"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/import-fresh/node_modules/resolve-from": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz",
+      "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==",
+      "engines": {
+        "node": ">=4"
+      }
+    },
     "node_modules/import-local": {
       "version": "3.0.3",
       "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.0.3.tgz",
@@ -7933,6 +8456,14 @@
         "node": ">=0.12.0"
       }
     },
+    "node_modules/is-path-inside": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-3.0.3.tgz",
+      "integrity": "sha512-Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ==",
+      "engines": {
+        "node": ">=8"
+      }
+    },
     "node_modules/is-plain-obj": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-1.1.0.tgz",
@@ -7954,6 +8485,17 @@
       "resolved": "https://registry.npmjs.org/is-potential-custom-element-name/-/is-potential-custom-element-name-1.0.1.tgz",
       "integrity": "sha512-bCYeRA2rVibKZd+s2625gGnGF/t7DSqDs4dP7CrLA1m7jKWz6pps0LpYLJN8Q64HtmPKJ1hrN3nzPNKFEKOUiQ=="
     },
+    "node_modules/is-stream": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-2.0.1.tgz",
+      "integrity": "sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==",
+      "engines": {
+        "node": ">=8"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
     "node_modules/is-svg": {
       "version": "4.3.2",
       "resolved": "https://registry.npmjs.org/is-svg/-/is-svg-4.3.2.tgz",
@@ -8045,6 +8587,7 @@
       "version": "2.3.6",
       "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.3.6.tgz",
       "integrity": "sha512-N3yCS/NegsOBokc8GAdM8UcmfsKiSS8cipheD/nivzr700H+nsMOxJjQnvwOcRYVuFkdH0wGUvW2WbXGmrZGbQ==",
+      "dev": true,
       "dependencies": {
         "@isaacs/cliui": "^8.0.2"
       },
@@ -8206,14 +8749,6 @@
       "resolved": "https://registry.npmjs.org/joplin-turndown-plugin-gfm/-/joplin-turndown-plugin-gfm-1.0.12.tgz",
       "integrity": "sha512-qL4+1iycQjZ1fs8zk3jSRk7cg3ROBUHk7GKtiLAQLFzLPKErnILUvz5DLszSQvz3s1sTjPbywLDISVUtBY6HaA=="
     },
-    "node_modules/jose": {
-      "version": "4.15.5",
-      "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz",
-      "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg==",
-      "funding": {
-        "url": "https://github.com/sponsors/panva"
-      }
-    },
     "node_modules/jpeg-js": {
       "version": "0.4.4",
       "resolved": "https://registry.npmjs.org/jpeg-js/-/jpeg-js-0.4.4.tgz",
@@ -8238,7 +8773,6 @@
       "version": "4.1.0",
       "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz",
       "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==",
-      "dev": true,
       "dependencies": {
         "argparse": "^2.0.1"
       },
@@ -8289,12 +8823,31 @@
         "node": ">=12.0.0"
       }
     },
+    "node_modules/jsdoc/node_modules/@types/markdown-it": {
+      "version": "12.2.3",
+      "resolved": "https://registry.npmjs.org/@types/markdown-it/-/markdown-it-12.2.3.tgz",
+      "integrity": "sha512-GKMHFfv3458yYy+v/N8gjufHO6MSZKCOXpZc5GXIWWy8uldwfmPn98vp81gZ5f9SVw8YYBctgfJ22a2d7AOMeQ==",
+      "dev": true,
+      "dependencies": {
+        "@types/linkify-it": "*",
+        "@types/mdurl": "*"
+      }
+    },
     "node_modules/jsdoc/node_modules/bluebird": {
       "version": "3.7.2",
       "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.7.2.tgz",
       "integrity": "sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==",
       "dev": true
     },
+    "node_modules/jsdoc/node_modules/entities": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/entities/-/entities-2.1.0.tgz",
+      "integrity": "sha512-hCx1oky9PFrJ611mf0ifBLBRW8lUUVRlFolb5gWRfIELabBlbp9xZvrqZLZAs+NxFnbfQoeGd8wDkygjg7U85w==",
+      "dev": true,
+      "funding": {
+        "url": "https://github.com/fb55/entities?sponsor=1"
+      }
+    },
     "node_modules/jsdoc/node_modules/escape-string-regexp": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz",
@@ -8304,6 +8857,31 @@
         "node": ">=8"
       }
     },
+    "node_modules/jsdoc/node_modules/linkify-it": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/linkify-it/-/linkify-it-3.0.3.tgz",
+      "integrity": "sha512-ynTsyrFSdE5oZ/O9GEf00kPngmOfVwazR5GKDq6EYfhlpFug3J2zybX56a2PRRpc9P+FuSoGNAwjlbDs9jJBPQ==",
+      "dev": true,
+      "dependencies": {
+        "uc.micro": "^1.0.1"
+      }
+    },
+    "node_modules/jsdoc/node_modules/markdown-it": {
+      "version": "12.3.2",
+      "resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-12.3.2.tgz",
+      "integrity": "sha512-TchMembfxfNVpHkbtriWltGWc+m3xszaRD0CZup7GFFhzIgQqxIfn3eGj1yZpfuflzPvfkt611B2Q/Bsk1YnGg==",
+      "dev": true,
+      "dependencies": {
+        "argparse": "^2.0.1",
+        "entities": "~2.1.0",
+        "linkify-it": "^3.0.1",
+        "mdurl": "^1.0.1",
+        "uc.micro": "^1.0.5"
+      },
+      "bin": {
+        "markdown-it": "bin/markdown-it.js"
+      }
+    },
     "node_modules/jsdoc/node_modules/marked": {
       "version": "4.3.0",
       "resolved": "https://registry.npmjs.org/marked/-/marked-4.3.0.tgz",
@@ -8316,6 +8894,12 @@
         "node": ">= 12"
       }
     },
+    "node_modules/jsdoc/node_modules/mdurl": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/mdurl/-/mdurl-1.0.1.tgz",
+      "integrity": "sha512-/sKlQJCBYVY9Ers9hqzKou4H6V5UWc/M59TH2dvkt+84itfnq7uFOMLpOiOS4ujvHP4etln18fmIxA5R5fll0g==",
+      "dev": true
+    },
     "node_modules/jsdoc/node_modules/mkdirp": {
       "version": "1.0.4",
       "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz",
@@ -8340,6 +8924,12 @@
         "url": "https://github.com/sponsors/sindresorhus"
       }
     },
+    "node_modules/jsdoc/node_modules/uc.micro": {
+      "version": "1.0.6",
+      "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-1.0.6.tgz",
+      "integrity": "sha512-8Y75pvTYkLJW2hWQHXxoqRgV7qb9B+9vFEtidML+7koHUFapnVJAZ6cKs+Qjz5Aw3aZWHMC6u0wJE3At+nSGwA==",
+      "dev": true
+    },
     "node_modules/jsdom": {
       "version": "24.0.0",
       "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-24.0.0.tgz",
@@ -8435,6 +9025,11 @@
       "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz",
       "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg=="
     },
+    "node_modules/json-stable-stringify-without-jsonify": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz",
+      "integrity": "sha512-Bdboy+l7tA3OGW6FjyFHWkP5LuByj1Tk33Ljyq0axyzdk9//JSi2u3fP1QSmd1KNwq6VOKYGlAu87CisVir6Pw=="
+    },
     "node_modules/json-stringify-safe": {
       "version": "5.0.1",
       "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz",
@@ -8528,9 +9123,9 @@
       "integrity": "sha512-Nv+Kr33T0mEjxR500q+I6IWisOQ0lK1GGOncV0kWE6n4KFmpcu7RUX5/2B0EUtX51Cb0HjZ9VJsSY3u4cBa0kw=="
     },
     "node_modules/keyv": {
-      "version": "4.5.2",
-      "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.5.2.tgz",
-      "integrity": "sha512-5MHbFaKn8cNSmVW7BYnijeAVlE4cYA/SVkifVgrh7yotnfhKmjuXpDKjrABLnT0SfHWV21P8ow07OGfRrNDg8g==",
+      "version": "4.5.4",
+      "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.5.4.tgz",
+      "integrity": "sha512-oxVHkHR/EJf2CNXnWxRLW6mg7JyCCUcG0DtEGmL2ctUo1PNTin1PUil+r/+4r5MpVgC/fn1kjsx7mjSujKqIpw==",
       "dependencies": {
         "json-buffer": "3.0.1"
       }
@@ -8599,18 +9194,31 @@
         "node": ">= 0.6.3"
       }
     },
+    "node_modules/levn": {
+      "version": "0.4.1",
+      "resolved": "https://registry.npmjs.org/levn/-/levn-0.4.1.tgz",
+      "integrity": "sha512-+bT2uH4E5LGE7h/n3evcS/sQlJXCpIp6ym8OWJ5eV6+67Dsql/LaaT7qJBAt2rzfoa/5QBGBhxDix1dMt2kQKQ==",
+      "dependencies": {
+        "prelude-ls": "^1.2.1",
+        "type-check": "~0.4.0"
+      },
+      "engines": {
+        "node": ">= 0.8.0"
+      }
+    },
     "node_modules/limiter": {
       "version": "1.1.5",
       "resolved": "https://registry.npmjs.org/limiter/-/limiter-1.1.5.tgz",
       "integrity": "sha512-FWWMIEOxz3GwUI4Ts/IvgVy6LPvoMPgjMdQ185nN6psJyBJ4yOpzqm695/h5umdLJg2vW3GR5iG11MAkR2AzJA=="
     },
     "node_modules/linkify-it": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/linkify-it/-/linkify-it-3.0.3.tgz",
-      "integrity": "sha512-ynTsyrFSdE5oZ/O9GEf00kPngmOfVwazR5GKDq6EYfhlpFug3J2zybX56a2PRRpc9P+FuSoGNAwjlbDs9jJBPQ==",
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/linkify-it/-/linkify-it-5.0.0.tgz",
+      "integrity": "sha512-5aHCbzQRADcdP+ATqnDuhhJ/MRIqDkZX5pyjFHRRysS8vZ5AbqGEoFIb6pYHPZ+L/OC2Lc+xT8uHVVR5CAK/wQ==",
       "dev": true,
+      "peer": true,
       "dependencies": {
-        "uc.micro": "^1.0.1"
+        "uc.micro": "^2.0.0"
       }
     },
     "node_modules/load-bmfont": {
@@ -8709,6 +9317,11 @@
       "dev": true,
       "peer": true
     },
+    "node_modules/lodash.merge": {
+      "version": "4.6.2",
+      "resolved": "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz",
+      "integrity": "sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ=="
+    },
     "node_modules/lodash.union": {
       "version": "4.6.0",
       "resolved": "https://registry.npmjs.org/lodash.union/-/lodash.union-4.6.0.tgz",
@@ -8894,25 +9507,27 @@
       }
     },
     "node_modules/markdown-it": {
-      "version": "12.3.2",
-      "resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-12.3.2.tgz",
-      "integrity": "sha512-TchMembfxfNVpHkbtriWltGWc+m3xszaRD0CZup7GFFhzIgQqxIfn3eGj1yZpfuflzPvfkt611B2Q/Bsk1YnGg==",
+      "version": "14.1.0",
+      "resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-14.1.0.tgz",
+      "integrity": "sha512-a54IwgWPaeBCAAsv13YgmALOF1elABB08FxO9i+r4VFk5Vl4pKokRPeX8u5TCgSsPi6ec1otfLjdOpVcgbpshg==",
       "dev": true,
+      "peer": true,
       "dependencies": {
         "argparse": "^2.0.1",
-        "entities": "~2.1.0",
-        "linkify-it": "^3.0.1",
-        "mdurl": "^1.0.1",
-        "uc.micro": "^1.0.5"
+        "entities": "^4.4.0",
+        "linkify-it": "^5.0.0",
+        "mdurl": "^2.0.0",
+        "punycode.js": "^2.3.1",
+        "uc.micro": "^2.1.0"
       },
       "bin": {
-        "markdown-it": "bin/markdown-it.js"
+        "markdown-it": "bin/markdown-it.mjs"
       }
     },
     "node_modules/markdown-it-anchor": {
-      "version": "8.4.1",
-      "resolved": "https://registry.npmjs.org/markdown-it-anchor/-/markdown-it-anchor-8.4.1.tgz",
-      "integrity": "sha512-sLODeRetZ/61KkKLJElaU3NuU2z7MhXf12Ml1WJMSdwpngeofneCRF+JBbat8HiSqhniOMuTemXMrsI7hA6XyA==",
+      "version": "8.6.7",
+      "resolved": "https://registry.npmjs.org/markdown-it-anchor/-/markdown-it-anchor-8.6.7.tgz",
+      "integrity": "sha512-FlCHFwNnutLgVTflOYHPW2pPcl2AACqVzExlkGQNsi4CJgqOHN7YTgDd4LuhgN1BFO3TS0vLAruV1Td6dwWPJA==",
       "dev": true,
       "peerDependencies": {
         "@types/markdown-it": "*",
@@ -8920,10 +9535,14 @@
       }
     },
     "node_modules/markdown-it/node_modules/entities": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/entities/-/entities-2.1.0.tgz",
-      "integrity": "sha512-hCx1oky9PFrJ611mf0ifBLBRW8lUUVRlFolb5gWRfIELabBlbp9xZvrqZLZAs+NxFnbfQoeGd8wDkygjg7U85w==",
+      "version": "4.5.0",
+      "resolved": "https://registry.npmjs.org/entities/-/entities-4.5.0.tgz",
+      "integrity": "sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==",
       "dev": true,
+      "peer": true,
+      "engines": {
+        "node": ">=0.12"
+      },
       "funding": {
         "url": "https://github.com/fb55/entities?sponsor=1"
       }
@@ -8999,10 +9618,11 @@
       }
     },
     "node_modules/mdurl": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/mdurl/-/mdurl-1.0.1.tgz",
-      "integrity": "sha1-/oWy7HWlkDfyrf7BAP1sYBdhFS4=",
-      "dev": true
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/mdurl/-/mdurl-2.0.0.tgz",
+      "integrity": "sha512-Lf+9+2r+Tdp5wXDXC4PcIBjTDtq4UKjCPMQhKIuzpJNW0b96kVqSwW0bT7FhRSfmAiFYgP+SCRvdrDozfh0U5w==",
+      "dev": true,
+      "peer": true
     },
     "node_modules/media-typer": {
       "version": "0.3.0",
@@ -9563,9 +10183,9 @@
       }
     },
     "node_modules/minimist": {
-      "version": "1.2.7",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.7.tgz",
-      "integrity": "sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g==",
+      "version": "1.2.8",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz",
+      "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==",
       "funding": {
         "url": "https://github.com/sponsors/ljharb"
       }
@@ -9736,6 +10356,11 @@
       "resolved": "https://registry.npmjs.org/napi-build-utils/-/napi-build-utils-1.0.2.tgz",
       "integrity": "sha512-ONmRUqK7zj7DWX0D9ADe03wbwOBZxNAfF20PlGfCWQcD3+/MakShIHrMqx9YwPTfxDdF1zLeL+RGZiR9kGMLdg=="
     },
+    "node_modules/natural-compare": {
+      "version": "1.4.0",
+      "resolved": "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz",
+      "integrity": "sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw=="
+    },
     "node_modules/negotiator": {
       "version": "0.6.3",
       "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz",
@@ -10063,9 +10688,9 @@
       }
     },
     "node_modules/nwsapi": {
-      "version": "2.2.7",
-      "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.7.tgz",
-      "integrity": "sha512-ub5E4+FBPKwAZx0UwIQOjYWGHTEq5sPqHQNRN8Z9e4A7u3Tj1weLJsL59yH9vmvqEtBHaOmT6cYQKIZOxp35FQ=="
+      "version": "2.2.12",
+      "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.12.tgz",
+      "integrity": "sha512-qXDmcVlZV4XRtKFzddidpfVP4oMSGhga+xdMc25mv8kaLUHtgzCDhUxkrN8exkGdTlLNaXj7CV3GtON7zuGZ+w=="
     },
     "node_modules/oauth-sign": {
       "version": "0.9.0",
@@ -10187,18 +10812,20 @@
         "opencollective-postinstall": "index.js"
       }
     },
-    "node_modules/openid-client": {
-      "version": "5.6.5",
-      "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.6.5.tgz",
-      "integrity": "sha512-5P4qO9nGJzB5PI0LFlhj4Dzg3m4odt0qsJTfyEtZyOlkgpILwEioOhVVJOrS1iVH494S4Ee5OCjjg6Bf5WOj3w==",
+    "node_modules/optionator": {
+      "version": "0.9.4",
+      "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.9.4.tgz",
+      "integrity": "sha512-6IpQ7mKUxRcZNLIObR0hz7lxsapSSIYNZJwXPGeF0mTVqGKFIXj1DQcMoT22S3ROcLyY/rz0PWaWZ9ayWmad9g==",
       "dependencies": {
-        "jose": "^4.15.5",
-        "lru-cache": "^6.0.0",
-        "object-hash": "^2.2.0",
-        "oidc-token-hash": "^5.0.3"
+        "deep-is": "^0.1.3",
+        "fast-levenshtein": "^2.0.6",
+        "levn": "^0.4.1",
+        "prelude-ls": "^1.2.1",
+        "type-check": "^0.4.0",
+        "word-wrap": "^1.2.5"
       },
-      "funding": {
-        "url": "https://github.com/sponsors/panva"
+      "engines": {
+        "node": ">= 0.8.0"
       }
     },
     "node_modules/ora": {
@@ -10326,6 +10953,11 @@
         "node": ">=6"
       }
     },
+    "node_modules/package-json-from-dist": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/package-json-from-dist/-/package-json-from-dist-1.0.0.tgz",
+      "integrity": "sha512-dATvCeZN/8wQsGywez1mzHtTlP22H8OEfPrVMLNr4/eGa+ijtLn/6M5f0dY8UKNrC2O9UCU6SSoG3qRKnt7STw=="
+    },
     "node_modules/pako": {
       "version": "1.0.11",
       "resolved": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz",
@@ -10341,6 +10973,17 @@
         "wheel": "^1.0.0"
       }
     },
+    "node_modules/parent-module": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz",
+      "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==",
+      "dependencies": {
+        "callsites": "^3.0.0"
+      },
+      "engines": {
+        "node": ">=6"
+      }
+    },
     "node_modules/parse-author": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/parse-author/-/parse-author-2.0.0.tgz",
@@ -10427,31 +11070,6 @@
         "node": ">= 0.8"
       }
     },
-    "node_modules/passport": {
-      "version": "0.7.0",
-      "resolved": "https://registry.npmjs.org/passport/-/passport-0.7.0.tgz",
-      "integrity": "sha512-cPLl+qZpSc+ireUvt+IzqbED1cHHkDoVYMo30jbJIdOOjQ1MQYZBPiNvmi8UM6lJuOpTPXJGZQk0DtC4y61MYQ==",
-      "dependencies": {
-        "passport-strategy": "1.x.x",
-        "pause": "0.0.1",
-        "utils-merge": "^1.0.1"
-      },
-      "engines": {
-        "node": ">= 0.4.0"
-      },
-      "funding": {
-        "type": "github",
-        "url": "https://github.com/sponsors/jaredhanson"
-      }
-    },
-    "node_modules/passport-strategy": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz",
-      "integrity": "sha512-CB97UUvDKJde2V0KDWWB3lyf6PC3FaZP7YxZ2G8OAtn9p4HI9j9JLP9qjOGZFvyl8uwNT8qM+hGnz/n16NI7oA==",
-      "engines": {
-        "node": ">= 0.4.0"
-      }
-    },
     "node_modules/path-exists": {
       "version": "3.0.0",
       "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-3.0.0.tgz",
@@ -10485,27 +11103,24 @@
       "dev": true
     },
     "node_modules/path-scurry": {
-      "version": "1.10.1",
-      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.10.1.tgz",
-      "integrity": "sha512-MkhCqzzBEpPvxxQ71Md0b1Kk51W01lrYvlMzSUaIzNsODdd7mqhiimSZlr+VegAz5Z6Vzt9Xg2ttE//XBhH3EQ==",
+      "version": "1.11.1",
+      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.11.1.tgz",
+      "integrity": "sha512-Xa4Nw17FS9ApQFJ9umLiJS4orGjm7ZzwUrwamcGQuHSzDyth9boKDaycYdDcZDuqYATXw4HFXgaqWTctW/v1HA==",
       "dependencies": {
-        "lru-cache": "^9.1.1 || ^10.0.0",
+        "lru-cache": "^10.2.0",
         "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
       },
       "engines": {
-        "node": ">=16 || 14 >=14.17"
+        "node": ">=16 || 14 >=14.18"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
       }
     },
     "node_modules/path-scurry/node_modules/lru-cache": {
-      "version": "9.1.1",
-      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-9.1.1.tgz",
-      "integrity": "sha512-65/Jky17UwSb0BuB9V+MyDpsOtXKmYwzhyl+cOa9XUiI4uV2Ouy/2voFP3+al0BjZbJgMBD8FojMpAf+Z+qn4A==",
-      "engines": {
-        "node": "14 || >=16.14"
-      }
+      "version": "10.4.3",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-10.4.3.tgz",
+      "integrity": "sha512-JNAzZcXrCt42VGLuYz0zfAzDfAvJWW6AfYlDBQyDV5DClI2m5sAmK+OIO7s59XfsRsWHp02jAJrRadPRGTt6SQ=="
     },
     "node_modules/path-scurry/node_modules/minipass": {
       "version": "6.0.2",
@@ -10532,11 +11147,6 @@
         "node": ">=4"
       }
     },
-    "node_modules/pause": {
-      "version": "0.0.1",
-      "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz",
-      "integrity": "sha512-KG8UEiEVkR3wGEb4m5yZkVCzigAD+cVEJck2CzYZO37ZGJfctvVptVO192MwrtPhzONn6go8ylnOdMhKqi4nfg=="
-    },
     "node_modules/peek-readable": {
       "version": "4.1.0",
       "resolved": "https://registry.npmjs.org/peek-readable/-/peek-readable-4.1.0.tgz",
@@ -10622,25 +11232,26 @@
       }
     },
     "node_modules/plist": {
-      "version": "3.0.5",
-      "resolved": "https://registry.npmjs.org/plist/-/plist-3.0.5.tgz",
-      "integrity": "sha512-83vX4eYdQp3vP9SxuYgEM/G/pJQqLUz/V/xzPrzruLs7fz7jxGQ1msZ/mg1nwZxUSuOp4sb+/bEIbRrbzZRxDA==",
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/plist/-/plist-3.1.0.tgz",
+      "integrity": "sha512-uysumyrvkUX0rX/dEVqt8gC3sTBzd4zoWfLeS29nb53imdaXVvLINYXTI2GNqzaMuvacNx4uJQ8+b3zXR0pkgQ==",
       "dev": true,
       "dependencies": {
+        "@xmldom/xmldom": "^0.8.8",
         "base64-js": "^1.5.1",
-        "xmlbuilder": "^9.0.7"
+        "xmlbuilder": "^15.1.1"
       },
       "engines": {
-        "node": ">=6"
+        "node": ">=10.4.0"
       }
     },
     "node_modules/plist/node_modules/xmlbuilder": {
-      "version": "9.0.7",
-      "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-9.0.7.tgz",
-      "integrity": "sha1-Ey7mPS7FVlxVfiD0wi35rKaGsQ0=",
+      "version": "15.1.1",
+      "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-15.1.1.tgz",
+      "integrity": "sha512-yMqGBqtXyeN1e3TGYvgNgDVZ3j84W4cwkOXQswghol6APgZWaff9lnbvN7MHYJOiXsvGPXtjTYJEiC9J2wv9Eg==",
       "dev": true,
       "engines": {
-        "node": ">=4.0"
+        "node": ">=8.0"
       }
     },
     "node_modules/plumb": {
@@ -10708,6 +11319,14 @@
         "node": ">=10"
       }
     },
+    "node_modules/prelude-ls": {
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.2.1.tgz",
+      "integrity": "sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g==",
+      "engines": {
+        "node": ">= 0.8.0"
+      }
+    },
     "node_modules/print-this": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/print-this/-/print-this-2.0.0.tgz",
@@ -10813,6 +11432,16 @@
         "node": ">=6"
       }
     },
+    "node_modules/punycode.js": {
+      "version": "2.3.1",
+      "resolved": "https://registry.npmjs.org/punycode.js/-/punycode.js-2.3.1.tgz",
+      "integrity": "sha512-uxFIHU0YlHYhDQtV4R9J6a52SLx28BCjT+4ieh7IGbgwVJWO+km431c4yRlREUAsAmt/uMjQUyQHNEPf0M39CA==",
+      "dev": true,
+      "peer": true,
+      "engines": {
+        "node": ">=6"
+      }
+    },
     "node_modules/pupa": {
       "version": "2.1.1",
       "resolved": "https://registry.npmjs.org/pupa/-/pupa-2.1.1.tgz",
@@ -10843,6 +11472,25 @@
       "resolved": "https://registry.npmjs.org/querystringify/-/querystringify-2.2.0.tgz",
       "integrity": "sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ=="
     },
+    "node_modules/queue-microtask": {
+      "version": "1.2.3",
+      "resolved": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz",
+      "integrity": "sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/feross"
+        },
+        {
+          "type": "patreon",
+          "url": "https://www.patreon.com/feross"
+        },
+        {
+          "type": "consulting",
+          "url": "https://feross.org/support"
+        }
+      ]
+    },
     "node_modules/queue-tick": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/queue-tick/-/queue-tick-1.0.1.tgz",
@@ -11351,6 +11999,15 @@
         "node": ">= 4"
       }
     },
+    "node_modules/reusify": {
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz",
+      "integrity": "sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==",
+      "engines": {
+        "iojs": ">=1.0.0",
+        "node": ">=0.10.0"
+      }
+    },
     "node_modules/rimraf": {
       "version": "5.0.5",
       "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.5.tgz",
@@ -11377,30 +12034,42 @@
       }
     },
     "node_modules/rimraf/node_modules/glob": {
-      "version": "10.3.10",
-      "resolved": "https://registry.npmjs.org/glob/-/glob-10.3.10.tgz",
-      "integrity": "sha512-fa46+tv1Ak0UPK1TOy/pZrIybNNt4HCv7SDzwyfiOZkvZLEbjsZkJBPtDHVshZjbecAoAGSC20MjLDG/qr679g==",
+      "version": "10.4.5",
+      "resolved": "https://registry.npmjs.org/glob/-/glob-10.4.5.tgz",
+      "integrity": "sha512-7Bv8RF0k6xjo7d4A/PxYLbUCfb6c+Vpd2/mB2yRDlew7Jb5hEXiCD9ibfO7wpk8i4sevK6DFny9h7EYbM3/sHg==",
       "dependencies": {
         "foreground-child": "^3.1.0",
-        "jackspeak": "^2.3.5",
-        "minimatch": "^9.0.1",
-        "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0",
-        "path-scurry": "^1.10.1"
+        "jackspeak": "^3.1.2",
+        "minimatch": "^9.0.4",
+        "minipass": "^7.1.2",
+        "package-json-from-dist": "^1.0.0",
+        "path-scurry": "^1.11.1"
       },
       "bin": {
         "glob": "dist/esm/bin.mjs"
       },
-      "engines": {
-        "node": ">=16 || 14 >=14.17"
+      "funding": {
+        "url": "https://github.com/sponsors/isaacs"
+      }
+    },
+    "node_modules/rimraf/node_modules/jackspeak": {
+      "version": "3.4.3",
+      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-3.4.3.tgz",
+      "integrity": "sha512-OGlZQpz2yfahA/Rd1Y8Cd9SIEsqvXkLVoSw/cgwhnhFMDbsQFeZYoJJ7bIZBS9BcamUW96asq/npPWugM+RQBw==",
+      "dependencies": {
+        "@isaacs/cliui": "^8.0.2"
       },
       "funding": {
         "url": "https://github.com/sponsors/isaacs"
+      },
+      "optionalDependencies": {
+        "@pkgjs/parseargs": "^0.11.0"
       }
     },
     "node_modules/rimraf/node_modules/minimatch": {
-      "version": "9.0.3",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz",
-      "integrity": "sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==",
+      "version": "9.0.5",
+      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.5.tgz",
+      "integrity": "sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==",
       "dependencies": {
         "brace-expansion": "^2.0.1"
       },
@@ -11412,9 +12081,9 @@
       }
     },
     "node_modules/rimraf/node_modules/minipass": {
-      "version": "7.0.4",
-      "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz",
-      "integrity": "sha512-jYofLM5Dam9279rdkWzqHozUo4ybjdZmCsDHePy5V/PbBcVMiSZR97gmAy45aqi8CK1lG2ECd356FU86avfwUQ==",
+      "version": "7.1.2",
+      "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.1.2.tgz",
+      "integrity": "sha512-qOOzS1cBTWYF4BH8fVePDBOO9iptMnGUEZwNc/cMWnTV2nVLZ7VoNWEPHkYczZA0pdoA7dl6e7FL659nX9S2aw==",
       "engines": {
         "node": ">=16 || 14 >=14.17"
       }
@@ -11451,6 +12120,28 @@
       "resolved": "https://registry.npmjs.org/rrweb-cssom/-/rrweb-cssom-0.6.0.tgz",
       "integrity": "sha512-APM0Gt1KoXBz0iIkkdB/kfvGOwC4UuJFeG/c+yV7wSc7q96cG/kJ0HiYCnzivD9SB53cLV1MlHFNfOuPaadYSw=="
     },
+    "node_modules/run-parallel": {
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz",
+      "integrity": "sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/feross"
+        },
+        {
+          "type": "patreon",
+          "url": "https://www.patreon.com/feross"
+        },
+        {
+          "type": "consulting",
+          "url": "https://feross.org/support"
+        }
+      ],
+      "dependencies": {
+        "queue-microtask": "^1.2.2"
+      }
+    },
     "node_modules/rw": {
       "version": "1.3.3",
       "resolved": "https://registry.npmjs.org/rw/-/rw-1.3.3.tgz",
@@ -11603,9 +12294,9 @@
       }
     },
     "node_modules/scheduler": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.23.0.tgz",
-      "integrity": "sha512-CtuThmgHNg7zIZWAXi3AsyIzA3n4xx7aNyjwC2VJldO2LMVDhFK+63xGqq6CsJH4rTAt6/M+N4GhZiDYPx9eUw==",
+      "version": "0.23.2",
+      "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.23.2.tgz",
+      "integrity": "sha512-UOShsPwz7NrMUqhR6t0hWjFduvOzbtv7toDH1/hIrfRNIDBnnBWd0CwJTGvTpngVlmwGCdP9/Zl/tVrDqcuYzQ==",
       "dependencies": {
         "loose-envify": "^1.1.0"
       }
@@ -12065,17 +12756,6 @@
       "integrity": "sha512-oie3/+gKf7QtpitB0LYLETe+k8SifzsX4KixvpOsbI6S0kRiRQ5MKOio8eMSAKQ17N06+wdEOXRiId+zOxo0hA==",
       "dev": true
     },
-    "node_modules/speakeasy": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/speakeasy/-/speakeasy-2.0.0.tgz",
-      "integrity": "sha512-lW2A2s5LKi8rwu77ewisuUOtlCydF/hmQSOJjpTqTj1gZLkNgTaYnyvfxy2WBr4T/h+9c4g8HIITfj83OkFQFw==",
-      "dependencies": {
-        "base32.js": "0.0.1"
-      },
-      "engines": {
-        "node": ">= 0.10.0"
-      }
-    },
     "node_modules/split.js": {
       "version": "1.6.5",
       "resolved": "https://registry.npmjs.org/split.js/-/split.js-1.6.5.tgz",
@@ -12537,6 +13217,16 @@
       "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==",
       "dev": true
     },
+    "node_modules/text-table": {
+      "version": "0.2.0",
+      "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz",
+      "integrity": "sha512-N+8UisAXDGk8PFXP4HAzVR9nbfmVJ3zYLAWiTIoqC5v5isinhr+r5uaO8+7r3BMfuNIufIsA7RdpVgacC2cSpw=="
+    },
+    "node_modules/time2fa": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/time2fa/-/time2fa-1.3.0.tgz",
+      "integrity": "sha512-gwwawXyW9UalZy+HhsQFLL70MLjvzohXqpbE4EYLVeRxrnUkSvKCiR9uxtpo0bQp8i+McDrMCFqHyblv6XbCNQ=="
+    },
     "node_modules/timm": {
       "version": "1.7.1",
       "resolved": "https://registry.npmjs.org/timm/-/timm-1.7.1.tgz",
@@ -12643,9 +13333,9 @@
       }
     },
     "node_modules/tough-cookie": {
-      "version": "4.1.3",
-      "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-4.1.3.tgz",
-      "integrity": "sha512-aX/y5pVRkfRnfmuX+OdbSdXvPe6ieKX/G2s7e98f4poJHnqH3281gDPm/metm6E/WRamfx7WC4HUqkWHfQHprw==",
+      "version": "4.1.4",
+      "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-4.1.4.tgz",
+      "integrity": "sha512-Loo5UUvLD9ScZ6jh8beX1T6sO1w2/MpCRpEP7V280GKMVUQ0Jzar2U3UJPsrdbziLEMMhu3Ujnq//rhiFuIeag==",
       "dependencies": {
         "psl": "^1.1.33",
         "punycode": "^2.1.1",
@@ -12800,6 +13490,17 @@
       "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz",
       "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q="
     },
+    "node_modules/type-check": {
+      "version": "0.4.0",
+      "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.4.0.tgz",
+      "integrity": "sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==",
+      "dependencies": {
+        "prelude-ls": "^1.2.1"
+      },
+      "engines": {
+        "node": ">= 0.8.0"
+      }
+    },
     "node_modules/type-fest": {
       "version": "0.13.1",
       "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.13.1.tgz",
@@ -12851,10 +13552,11 @@
       }
     },
     "node_modules/uc.micro": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-1.0.6.tgz",
-      "integrity": "sha512-8Y75pvTYkLJW2hWQHXxoqRgV7qb9B+9vFEtidML+7koHUFapnVJAZ6cKs+Qjz5Aw3aZWHMC6u0wJE3At+nSGwA==",
-      "dev": true
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-2.1.0.tgz",
+      "integrity": "sha512-ARDJmphmdvUk6Glw7y9DQ2bFkKBHwQHLi2lsaH6PPmz/Ka9sFOBsBluozhDltWmnv9u/cF6Rt87znRTPV+yp/A==",
+      "dev": true,
+      "peer": true
     },
     "node_modules/uid-safe": {
       "version": "2.1.5",
@@ -13127,9 +13829,9 @@
       }
     },
     "node_modules/watchpack": {
-      "version": "2.4.0",
-      "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.4.0.tgz",
-      "integrity": "sha512-Lcvm7MGST/4fup+ifyKi2hjyIAwcdI4HRgtvTpIUxBRhB+RFtUh8XtDOxUfctVCnhVi+QQj49i91OyvzkJl6cg==",
+      "version": "2.4.2",
+      "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.4.2.tgz",
+      "integrity": "sha512-TnbFSbcOCcDgjZ4piURLCbJ3nJhznVh9kw6F6iokjiFPl8ONxe9A6nMDVXDiNbrSfLILs6vB07F7wLBrwPYzJw==",
       "dev": true,
       "dependencies": {
         "glob-to-regexp": "^0.4.1",
@@ -13358,7 +14060,6 @@
       "version": "1.2.5",
       "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.5.tgz",
       "integrity": "sha512-BN22B5eaMMI9UMtjrGd5g5eCYPpCPDUy0FJXbYsaT5zYxjFOckS53SQDE3pWkVoWpHXVb3BrYcEN4Twa55B5cA==",
-      "optional": true,
       "engines": {
         "node": ">=0.10.0"
       }
@@ -13645,13 +14346,24 @@
         "node": ">=6"
       }
     },
+    "node_modules/yocto-queue": {
+      "version": "0.1.0",
+      "resolved": "https://registry.npmjs.org/yocto-queue/-/yocto-queue-0.1.0.tgz",
+      "integrity": "sha512-rVksvsnNCdJ/ohGc6xgPwyN8eheCxsiLM8mxuE/t/mOVqJewPuO1miLpTHQiRgTKCLexL4MeAFVagts7HmNZ2Q==",
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
     "node_modules/zip-stream": {
-      "version": "6.0.0",
-      "resolved": "https://registry.npmjs.org/zip-stream/-/zip-stream-6.0.0.tgz",
-      "integrity": "sha512-X0WFquRRDtL9HR9hc1OrabOP/VKJEX7gAr2geayt3b7dLgXgSXI6ucC4CphLQP/aQt2GyHIYgmXxtC+dVdghAQ==",
+      "version": "6.0.1",
+      "resolved": "https://registry.npmjs.org/zip-stream/-/zip-stream-6.0.1.tgz",
+      "integrity": "sha512-zK7YHHz4ZXpW89AHXUPbQVGKI7uvkd3hzusTdotCg1UxyaVtg0zFJSTfW/Dq5f7OBBVnq6cZIaC8Ti4hb6dtCA==",
       "dependencies": {
         "archiver-utils": "^5.0.0",
-        "compress-commons": "^6.0.0",
+        "compress-commons": "^6.0.2",
         "readable-stream": "^4.0.0"
       },
       "engines": {
@@ -13723,10343 +14435,5 @@
         "safe-buffer": "~5.2.0"
       }
     }
-  },
-  "dependencies": {
-    "@babel/parser": {
-      "version": "7.21.4",
-      "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.21.4.tgz",
-      "integrity": "sha512-alVJj7k7zIxqBZ7BTRhz0IqJFxW1VJbm6N8JbcYhQ186df9ZBPbZBmWSqAMXwHGsCJdYks7z/voa3ibiS5bCIw==",
-      "dev": true
-    },
-    "@babel/runtime": {
-      "version": "7.23.4",
-      "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.23.4.tgz",
-      "integrity": "sha512-2Yv65nlWnWlSpe3fXEyX5i7fx5kIKo4Qbcj+hMO0odwaneFjfXw5fdum+4yL20O0QiaHpia0cYQ9xpNMqrBwHg==",
-      "requires": {
-        "regenerator-runtime": "^0.14.0"
-      },
-      "dependencies": {
-        "regenerator-runtime": {
-          "version": "0.14.0",
-          "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.14.0.tgz",
-          "integrity": "sha512-srw17NI0TUWHuGa5CFGGmhfNIeja30WMBfbslPNhf6JrqQlLN5gcrvig1oqPxiVaXb0oW0XRKtH6Nngs5lKCIA=="
-        }
-      }
-    },
-    "@braintree/sanitize-url": {
-      "version": "6.0.4",
-      "resolved": "https://registry.npmjs.org/@braintree/sanitize-url/-/sanitize-url-6.0.4.tgz",
-      "integrity": "sha512-s3jaWicZd0pkP0jf5ysyHUI/RE7MHos6qlToFcGWXVp+ykHOy77OUMrfbgJ9it2C5bow7OIQwYYaHjk9XlBQ2A=="
-    },
-    "@cspotcode/source-map-support": {
-      "version": "0.8.1",
-      "resolved": "https://registry.npmjs.org/@cspotcode/source-map-support/-/source-map-support-0.8.1.tgz",
-      "integrity": "sha512-IchNf6dN4tHoMFIn/7OE8LWZ19Y6q/67Bmf6vnGREv8RSbBVb9LPJxEcnwrcwX6ixSvaiGoomAUvu4YSxXrVgw==",
-      "dev": true,
-      "requires": {
-        "@jridgewell/trace-mapping": "0.3.9"
-      },
-      "dependencies": {
-        "@jridgewell/trace-mapping": {
-          "version": "0.3.9",
-          "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.9.tgz",
-          "integrity": "sha512-3Belt6tdc8bPgAtbcmdtNJlirVoTmEb5e2gC94PnkwEW9jI6CAHUeoG85tjWP5WquqfavoMtMwiG4P926ZKKuQ==",
-          "dev": true,
-          "requires": {
-            "@jridgewell/resolve-uri": "^3.0.3",
-            "@jridgewell/sourcemap-codec": "^1.4.10"
-          }
-        }
-      }
-    },
-    "@develar/schema-utils": {
-      "version": "2.6.5",
-      "resolved": "https://registry.npmjs.org/@develar/schema-utils/-/schema-utils-2.6.5.tgz",
-      "integrity": "sha512-0cp4PsWQ/9avqTVMCtZ+GirikIA36ikvjtHweU4/j8yLtgObI0+JUPhYFScgwlteveGB1rt3Cm8UhN04XayDig==",
-      "dev": true,
-      "requires": {
-        "ajv": "^6.12.0",
-        "ajv-keywords": "^3.4.1"
-      }
-    },
-    "@discoveryjs/json-ext": {
-      "version": "0.5.5",
-      "resolved": "https://registry.npmjs.org/@discoveryjs/json-ext/-/json-ext-0.5.5.tgz",
-      "integrity": "sha512-6nFkfkmSeV/rqSaS4oWHgmpnYw194f6hmWF5is6b0J1naJZoiD0NTc9AiUwPHvWsowkjuHErCZT1wa0jg+BLIA==",
-      "dev": true
-    },
-    "@electron/asar": {
-      "version": "3.2.2",
-      "resolved": "https://registry.npmjs.org/@electron/asar/-/asar-3.2.2.tgz",
-      "integrity": "sha512-32fMU68x8a6zvxtC1IC/BhPDKTh8rQjdmwEplj3CDpnkcwBzZVN9v/8cK0LJqQ0FOQQVZW8BWZ1S6UU53TYR4w==",
-      "dev": true,
-      "requires": {
-        "@types/glob": "^7.1.1",
-        "chromium-pickle-js": "^0.2.0",
-        "commander": "^5.0.0",
-        "glob": "^7.1.6",
-        "minimatch": "^3.0.4"
-      }
-    },
-    "@electron/get": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/@electron/get/-/get-2.0.2.tgz",
-      "integrity": "sha512-eFZVFoRXb3GFGd7Ak7W4+6jBl9wBtiZ4AaYOse97ej6mKj5tkyO0dUnUChs1IhJZtx1BENo4/p4WUTXpi6vT+g==",
-      "requires": {
-        "debug": "^4.1.1",
-        "env-paths": "^2.2.0",
-        "fs-extra": "^8.1.0",
-        "global-agent": "^3.0.0",
-        "got": "^11.8.5",
-        "progress": "^2.0.3",
-        "semver": "^6.2.0",
-        "sumchecker": "^3.0.1"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "8.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz",
-          "integrity": "sha512-yhlQgA6mnOJUKOsRUFsgJdQCvkKhcz8tlZG5HBQfReYZy46OwLcY+Zia0mtdHsOo9y/hP+CxMN0TU9QxoOtG4g==",
-          "requires": {
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^4.0.0",
-            "universalify": "^0.1.0"
-          }
-        },
-        "semver": {
-          "version": "6.3.1",
-          "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz",
-          "integrity": "sha512-BR7VvDCVHO+q2xBEWskxS6DJE1qRnb7DxzUrogb71CWoSficBxYsiAGd+Kl0mmq/MprG9yArRkyrQxTO6XjMzA=="
-        }
-      }
-    },
-    "@electron/notarize": {
-      "version": "1.2.3",
-      "resolved": "https://registry.npmjs.org/@electron/notarize/-/notarize-1.2.3.tgz",
-      "integrity": "sha512-9oRzT56rKh5bspk3KpAVF8lPKHYQrBnRwcgiOeR0hdilVEQmszDaAu0IPCPrwwzJN0ugNs0rRboTreHMt/6mBQ==",
-      "dev": true,
-      "requires": {
-        "debug": "^4.1.1",
-        "fs-extra": "^9.0.1"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "9.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
-          "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
-          "dev": true,
-          "requires": {
-            "at-least-node": "^1.0.0",
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz",
-          "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==",
-          "dev": true
-        }
-      }
-    },
-    "@electron/osx-sign": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/@electron/osx-sign/-/osx-sign-1.0.5.tgz",
-      "integrity": "sha512-k9ZzUQtamSoweGQDV2jILiRIHUu7lYlJ3c6IEmjv1hC17rclE+eb9U+f6UFlOOETo0JzY1HNlXy4YOlCvl+Lww==",
-      "dev": true,
-      "requires": {
-        "compare-version": "^0.1.2",
-        "debug": "^4.3.4",
-        "fs-extra": "^10.0.0",
-        "isbinaryfile": "^4.0.8",
-        "minimist": "^1.2.6",
-        "plist": "^3.0.5"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "10.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
-          "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "isbinaryfile": {
-          "version": "4.0.10",
-          "resolved": "https://registry.npmjs.org/isbinaryfile/-/isbinaryfile-4.0.10.tgz",
-          "integrity": "sha512-iHrqe5shvBUcFbmZq9zOQHBoeOhZJu6RQGrDpBgenUm/Am+F3JM2MgQj+rK3Z601fzrL5gLZWtAPH2OBaSVcyw==",
-          "dev": true
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz",
-          "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==",
-          "dev": true
-        }
-      }
-    },
-    "@electron/remote": {
-      "version": "2.1.2",
-      "resolved": "https://registry.npmjs.org/@electron/remote/-/remote-2.1.2.tgz",
-      "integrity": "sha512-EPwNx+nhdrTBxyCqXt/pftoQg/ybtWDW3DUWHafejvnB1ZGGfMpv6e15D8KeempocjXe78T7WreyGGb3mlZxdA==",
-      "requires": {}
-    },
-    "@electron/universal": {
-      "version": "1.5.1",
-      "resolved": "https://registry.npmjs.org/@electron/universal/-/universal-1.5.1.tgz",
-      "integrity": "sha512-kbgXxyEauPJiQQUNG2VgUeyfQNFk6hBF11ISN2PNI6agUgPl55pv4eQmaqHzTAzchBvqZ2tQuRVaPStGf0mxGw==",
-      "dev": true,
-      "requires": {
-        "@electron/asar": "^3.2.1",
-        "@malept/cross-spawn-promise": "^1.1.0",
-        "debug": "^4.3.1",
-        "dir-compare": "^3.0.0",
-        "fs-extra": "^9.0.1",
-        "minimatch": "^3.0.4",
-        "plist": "^3.0.4"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "9.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
-          "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
-          "dev": true,
-          "requires": {
-            "at-least-node": "^1.0.0",
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz",
-          "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==",
-          "dev": true
-        }
-      }
-    },
-    "@excalidraw/excalidraw": {
-      "version": "0.17.3",
-      "resolved": "https://registry.npmjs.org/@excalidraw/excalidraw/-/excalidraw-0.17.3.tgz",
-      "integrity": "sha512-t+0sR30AboKcINt0WUJmSAC1cJy6npO37j/zONvuWvSh6XDOGoL1E0L+WYKJMBzp4wnOQhRIghQJmdfktQlO8w==",
-      "requires": {}
-    },
-    "@gar/promisify": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/@gar/promisify/-/promisify-1.1.3.tgz",
-      "integrity": "sha512-k2Ty1JcVojjJFwrg/ThKi2ujJ7XNLYaFGNB/bWT9wGR+oSMJHMa5w+CUq6p/pVrKeNNgA7pCqEcjSnHVoqJQFw==",
-      "dev": true
-    },
-    "@hapi/hoek": {
-      "version": "9.3.0",
-      "resolved": "https://registry.npmjs.org/@hapi/hoek/-/hoek-9.3.0.tgz",
-      "integrity": "sha512-/c6rf4UJlmHlC9b5BaNvzAcFv7HZ2QHaV0D4/HNlBdvFnvQq8RI4kYdhyPCl7Xj+oWvTWQ8ujhqS53LIgAe6KQ=="
-    },
-    "@hapi/topo": {
-      "version": "5.1.0",
-      "resolved": "https://registry.npmjs.org/@hapi/topo/-/topo-5.1.0.tgz",
-      "integrity": "sha512-foQZKJig7Ob0BMAYBfcJk8d77QtOe7Wo4ox7ff1lQYoNNAb6jwcY1ncdoy2e9wQZzvNy7ODZCYJkK8kzmcAnAg==",
-      "requires": {
-        "@hapi/hoek": "^9.0.0"
-      }
-    },
-    "@isaacs/cliui": {
-      "version": "8.0.2",
-      "resolved": "https://registry.npmjs.org/@isaacs/cliui/-/cliui-8.0.2.tgz",
-      "integrity": "sha512-O8jcjabXaleOG9DQ0+ARXWZBTfnP4WNAqzuiJK7ll44AmxGKv/J2M4TPjxjY3znBCfvBXFzucm1twdyFybFqEA==",
-      "requires": {
-        "string-width": "^5.1.2",
-        "string-width-cjs": "npm:string-width@^4.2.0",
-        "strip-ansi": "^7.0.1",
-        "strip-ansi-cjs": "npm:strip-ansi@^6.0.1",
-        "wrap-ansi": "^8.1.0",
-        "wrap-ansi-cjs": "npm:wrap-ansi@^7.0.0"
-      },
-      "dependencies": {
-        "ansi-regex": {
-          "version": "6.0.1",
-          "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.0.1.tgz",
-          "integrity": "sha512-n5M855fKb2SsfMIiFFoVrABHJC8QtHwVx+mHWP3QcEqBHYienj5dHSgjbxtC0WEZXYt4wcD6zrQElDPhFuZgfA=="
-        },
-        "emoji-regex": {
-          "version": "9.2.2",
-          "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz",
-          "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg=="
-        },
-        "string-width": {
-          "version": "5.1.2",
-          "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz",
-          "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==",
-          "requires": {
-            "eastasianwidth": "^0.2.0",
-            "emoji-regex": "^9.2.2",
-            "strip-ansi": "^7.0.1"
-          }
-        },
-        "strip-ansi": {
-          "version": "7.0.1",
-          "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.0.1.tgz",
-          "integrity": "sha512-cXNxvT8dFNRVfhVME3JAe98mkXDYN2O1l7jmcwMnOslDeESg1rF/OZMtK0nRAhiari1unG5cD4jG3rapUAkLbw==",
-          "requires": {
-            "ansi-regex": "^6.0.1"
-          }
-        }
-      }
-    },
-    "@jimp/bmp": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/bmp/-/bmp-0.22.12.tgz",
-      "integrity": "sha512-aeI64HD0npropd+AR76MCcvvRaa+Qck6loCOS03CkkxGHN5/r336qTM5HPUdHKMDOGzqknuVPA8+kK1t03z12g==",
-      "requires": {
-        "@jimp/utils": "^0.22.12",
-        "bmp-js": "^0.1.0"
-      }
-    },
-    "@jimp/core": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/core/-/core-0.22.12.tgz",
-      "integrity": "sha512-l0RR0dOPyzMKfjUW1uebzueFEDtCOj9fN6pyTYWWOM/VS4BciXQ1VVrJs8pO3kycGYZxncRKhCoygbNr8eEZQA==",
-      "requires": {
-        "@jimp/utils": "^0.22.12",
-        "any-base": "^1.1.0",
-        "buffer": "^5.2.0",
-        "exif-parser": "^0.1.12",
-        "file-type": "^16.5.4",
-        "isomorphic-fetch": "^3.0.0",
-        "pixelmatch": "^4.0.2",
-        "tinycolor2": "^1.6.0"
-      }
-    },
-    "@jimp/custom": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/custom/-/custom-0.22.12.tgz",
-      "integrity": "sha512-xcmww1O/JFP2MrlGUMd3Q78S3Qu6W3mYTXYuIqFq33EorgYHV/HqymHfXy9GjiCJ7OI+7lWx6nYFOzU7M4rd1Q==",
-      "requires": {
-        "@jimp/core": "^0.22.12"
-      }
-    },
-    "@jimp/gif": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/gif/-/gif-0.22.12.tgz",
-      "integrity": "sha512-y6BFTJgch9mbor2H234VSjd9iwAhaNf/t3US5qpYIs0TSbAvM02Fbc28IaDETj9+4YB4676sz4RcN/zwhfu1pg==",
-      "requires": {
-        "@jimp/utils": "^0.22.12",
-        "gifwrap": "^0.10.1",
-        "omggif": "^1.0.9"
-      }
-    },
-    "@jimp/jpeg": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/jpeg/-/jpeg-0.22.12.tgz",
-      "integrity": "sha512-Rq26XC/uQWaQKyb/5lksCTCxXhtY01NJeBN+dQv5yNYedN0i7iYu+fXEoRsfaJ8xZzjoANH8sns7rVP4GE7d/Q==",
-      "requires": {
-        "@jimp/utils": "^0.22.12",
-        "jpeg-js": "^0.4.4"
-      }
-    },
-    "@jimp/plugin-blit": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-blit/-/plugin-blit-0.22.12.tgz",
-      "integrity": "sha512-xslz2ZoFZOPLY8EZ4dC29m168BtDx95D6K80TzgUi8gqT7LY6CsajWO0FAxDwHz6h0eomHMfyGX0stspBrTKnQ==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-blur": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-blur/-/plugin-blur-0.22.12.tgz",
-      "integrity": "sha512-S0vJADTuh1Q9F+cXAwFPlrKWzDj2F9t/9JAbUvaaDuivpyWuImEKXVz5PUZw2NbpuSHjwssbTpOZ8F13iJX4uw==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-circle": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-circle/-/plugin-circle-0.22.12.tgz",
-      "integrity": "sha512-SWVXx1yiuj5jZtMijqUfvVOJBwOifFn0918ou4ftoHgegc5aHWW5dZbYPjvC9fLpvz7oSlptNl2Sxr1zwofjTg==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-color": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-color/-/plugin-color-0.22.12.tgz",
-      "integrity": "sha512-xImhTE5BpS8xa+mAN6j4sMRWaUgUDLoaGHhJhpC+r7SKKErYDR0WQV4yCE4gP+N0gozD0F3Ka1LUSaMXrn7ZIA==",
-      "requires": {
-        "@jimp/utils": "^0.22.12",
-        "tinycolor2": "^1.6.0"
-      }
-    },
-    "@jimp/plugin-contain": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-contain/-/plugin-contain-0.22.12.tgz",
-      "integrity": "sha512-Eo3DmfixJw3N79lWk8q/0SDYbqmKt1xSTJ69yy8XLYQj9svoBbyRpSnHR+n9hOw5pKXytHwUW6nU4u1wegHNoQ==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-cover": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-cover/-/plugin-cover-0.22.12.tgz",
-      "integrity": "sha512-z0w/1xH/v/knZkpTNx+E8a7fnasQ2wHG5ze6y5oL2dhH1UufNua8gLQXlv8/W56+4nJ1brhSd233HBJCo01BXA==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-crop": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-crop/-/plugin-crop-0.22.12.tgz",
-      "integrity": "sha512-FNuUN0OVzRCozx8XSgP9MyLGMxNHHJMFt+LJuFjn1mu3k0VQxrzqbN06yIl46TVejhyAhcq5gLzqmSCHvlcBVw==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-displace": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-displace/-/plugin-displace-0.22.12.tgz",
-      "integrity": "sha512-qpRM8JRicxfK6aPPqKZA6+GzBwUIitiHaZw0QrJ64Ygd3+AsTc7BXr+37k2x7QcyCvmKXY4haUrSIsBug4S3CA==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-dither": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-dither/-/plugin-dither-0.22.12.tgz",
-      "integrity": "sha512-jYgGdSdSKl1UUEanX8A85v4+QUm+PE8vHFwlamaKk89s+PXQe7eVE3eNeSZX4inCq63EHL7cX580dMqkoC3ZLw==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-fisheye": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-fisheye/-/plugin-fisheye-0.22.12.tgz",
-      "integrity": "sha512-LGuUTsFg+fOp6KBKrmLkX4LfyCy8IIsROwoUvsUPKzutSqMJnsm3JGDW2eOmWIS/jJpPaeaishjlxvczjgII+Q==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-flip": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-flip/-/plugin-flip-0.22.12.tgz",
-      "integrity": "sha512-m251Rop7GN8W0Yo/rF9LWk6kNclngyjIJs/VXHToGQ6EGveOSTSQaX2Isi9f9lCDLxt+inBIb7nlaLLxnvHX8Q==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-gaussian": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-gaussian/-/plugin-gaussian-0.22.12.tgz",
-      "integrity": "sha512-sBfbzoOmJ6FczfG2PquiK84NtVGeScw97JsCC3rpQv1PHVWyW+uqWFF53+n3c8Y0P2HWlUjflEla2h/vWShvhg==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-invert": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-invert/-/plugin-invert-0.22.12.tgz",
-      "integrity": "sha512-N+6rwxdB+7OCR6PYijaA/iizXXodpxOGvT/smd/lxeXsZ/empHmFFFJ/FaXcYh19Tm04dGDaXcNF/dN5nm6+xQ==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-mask": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-mask/-/plugin-mask-0.22.12.tgz",
-      "integrity": "sha512-4AWZg+DomtpUA099jRV8IEZUfn1wLv6+nem4NRJC7L/82vxzLCgXKTxvNvBcNmJjT9yS1LAAmiJGdWKXG63/NA==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-normalize": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-normalize/-/plugin-normalize-0.22.12.tgz",
-      "integrity": "sha512-0So0rexQivnWgnhacX4cfkM2223YdExnJTTy6d06WbkfZk5alHUx8MM3yEzwoCN0ErO7oyqEWRnEkGC+As1FtA==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-print": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-print/-/plugin-print-0.22.12.tgz",
-      "integrity": "sha512-c7TnhHlxm87DJeSnwr/XOLjJU/whoiKYY7r21SbuJ5nuH+7a78EW1teOaj5gEr2wYEd7QtkFqGlmyGXY/YclyQ==",
-      "requires": {
-        "@jimp/utils": "^0.22.12",
-        "load-bmfont": "^1.4.1"
-      }
-    },
-    "@jimp/plugin-resize": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-resize/-/plugin-resize-0.22.12.tgz",
-      "integrity": "sha512-3NyTPlPbTnGKDIbaBgQ3HbE6wXbAlFfxHVERmrbqAi8R3r6fQPxpCauA8UVDnieg5eo04D0T8nnnNIX//i/sXg==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-rotate": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-rotate/-/plugin-rotate-0.22.12.tgz",
-      "integrity": "sha512-9YNEt7BPAFfTls2FGfKBVgwwLUuKqy+E8bDGGEsOqHtbuhbshVGxN2WMZaD4gh5IDWvR+emmmPPWGgaYNYt1gA==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-scale": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-scale/-/plugin-scale-0.22.12.tgz",
-      "integrity": "sha512-dghs92qM6MhHj0HrV2qAwKPMklQtjNpoYgAB94ysYpsXslhRTiPisueSIELRwZGEr0J0VUxpUY7HgJwlSIgGZw==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-shadow": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-shadow/-/plugin-shadow-0.22.12.tgz",
-      "integrity": "sha512-FX8mTJuCt7/3zXVoeD/qHlm4YH2bVqBuWQHXSuBK054e7wFRnRnbSLPUqAwSeYP3lWqpuQzJtgiiBxV3+WWwTg==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugin-threshold": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugin-threshold/-/plugin-threshold-0.22.12.tgz",
-      "integrity": "sha512-4x5GrQr1a/9L0paBC/MZZJjjgjxLYrqSmWd+e+QfAEPvmRxdRoQ5uKEuNgXnm9/weHQBTnQBQsOY2iFja+XGAw==",
-      "requires": {
-        "@jimp/utils": "^0.22.12"
-      }
-    },
-    "@jimp/plugins": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/plugins/-/plugins-0.22.12.tgz",
-      "integrity": "sha512-yBJ8vQrDkBbTgQZLty9k4+KtUQdRjsIDJSPjuI21YdVeqZxYywifHl4/XWILoTZsjTUASQcGoH0TuC0N7xm3ww==",
-      "requires": {
-        "@jimp/plugin-blit": "^0.22.12",
-        "@jimp/plugin-blur": "^0.22.12",
-        "@jimp/plugin-circle": "^0.22.12",
-        "@jimp/plugin-color": "^0.22.12",
-        "@jimp/plugin-contain": "^0.22.12",
-        "@jimp/plugin-cover": "^0.22.12",
-        "@jimp/plugin-crop": "^0.22.12",
-        "@jimp/plugin-displace": "^0.22.12",
-        "@jimp/plugin-dither": "^0.22.12",
-        "@jimp/plugin-fisheye": "^0.22.12",
-        "@jimp/plugin-flip": "^0.22.12",
-        "@jimp/plugin-gaussian": "^0.22.12",
-        "@jimp/plugin-invert": "^0.22.12",
-        "@jimp/plugin-mask": "^0.22.12",
-        "@jimp/plugin-normalize": "^0.22.12",
-        "@jimp/plugin-print": "^0.22.12",
-        "@jimp/plugin-resize": "^0.22.12",
-        "@jimp/plugin-rotate": "^0.22.12",
-        "@jimp/plugin-scale": "^0.22.12",
-        "@jimp/plugin-shadow": "^0.22.12",
-        "@jimp/plugin-threshold": "^0.22.12",
-        "timm": "^1.6.1"
-      }
-    },
-    "@jimp/png": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/png/-/png-0.22.12.tgz",
-      "integrity": "sha512-Mrp6dr3UTn+aLK8ty/dSKELz+Otdz1v4aAXzV5q53UDD2rbB5joKVJ/ChY310B+eRzNxIovbUF1KVrUsYdE8Hg==",
-      "requires": {
-        "@jimp/utils": "^0.22.12",
-        "pngjs": "^6.0.0"
-      }
-    },
-    "@jimp/tiff": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/tiff/-/tiff-0.22.12.tgz",
-      "integrity": "sha512-E1LtMh4RyJsoCAfAkBRVSYyZDTtLq9p9LUiiYP0vPtXyxX4BiYBUYihTLSBlCQg5nF2e4OpQg7SPrLdJ66u7jg==",
-      "requires": {
-        "utif2": "^4.0.1"
-      }
-    },
-    "@jimp/types": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/types/-/types-0.22.12.tgz",
-      "integrity": "sha512-wwKYzRdElE1MBXFREvCto5s699izFHNVvALUv79GXNbsOVqlwlOxlWJ8DuyOGIXoLP4JW/m30YyuTtfUJgMRMA==",
-      "requires": {
-        "@jimp/bmp": "^0.22.12",
-        "@jimp/gif": "^0.22.12",
-        "@jimp/jpeg": "^0.22.12",
-        "@jimp/png": "^0.22.12",
-        "@jimp/tiff": "^0.22.12",
-        "timm": "^1.6.1"
-      }
-    },
-    "@jimp/utils": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/@jimp/utils/-/utils-0.22.12.tgz",
-      "integrity": "sha512-yJ5cWUknGnilBq97ZXOyOS0HhsHOyAyjHwYfHxGbSyMTohgQI6sVyE8KPgDwH8HHW/nMKXk8TrSwAE71zt716Q==",
-      "requires": {
-        "regenerator-runtime": "^0.13.3"
-      }
-    },
-    "@jridgewell/gen-mapping": {
-      "version": "0.3.5",
-      "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.5.tgz",
-      "integrity": "sha512-IzL8ZoEDIBRWEzlCcRhOaCupYyN5gdIK+Q6fbFdPDg6HqX6jpkItn7DFIpW9LQzXG6Df9sA7+OKnq0qlz/GaQg==",
-      "dev": true,
-      "requires": {
-        "@jridgewell/set-array": "^1.2.1",
-        "@jridgewell/sourcemap-codec": "^1.4.10",
-        "@jridgewell/trace-mapping": "^0.3.24"
-      }
-    },
-    "@jridgewell/resolve-uri": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz",
-      "integrity": "sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==",
-      "dev": true
-    },
-    "@jridgewell/set-array": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/@jridgewell/set-array/-/set-array-1.2.1.tgz",
-      "integrity": "sha512-R8gLRTZeyp03ymzP/6Lil/28tGeGEzhx1q2k703KGWRAI1VdvPIXdG70VJc2pAMw3NA6JKL5hhFu1sJX0Mnn/A==",
-      "dev": true
-    },
-    "@jridgewell/source-map": {
-      "version": "0.3.5",
-      "resolved": "https://registry.npmjs.org/@jridgewell/source-map/-/source-map-0.3.5.tgz",
-      "integrity": "sha512-UTYAUj/wviwdsMfzoSJspJxbkH5o1snzwX0//0ENX1u/55kkZZkcTZP6u9bwKGkv+dkk9at4m1Cpt0uY80kcpQ==",
-      "dev": true,
-      "requires": {
-        "@jridgewell/gen-mapping": "^0.3.0",
-        "@jridgewell/trace-mapping": "^0.3.9"
-      }
-    },
-    "@jridgewell/sourcemap-codec": {
-      "version": "1.4.15",
-      "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz",
-      "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==",
-      "dev": true
-    },
-    "@jridgewell/trace-mapping": {
-      "version": "0.3.25",
-      "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.25.tgz",
-      "integrity": "sha512-vNk6aEwybGtawWmy/PzwnGDOjCkLWSD2wqvjGGAgOAwCGWySYXfYoxt00IJkTF+8Lb57DwOb3Aa0o9CApepiYQ==",
-      "dev": true,
-      "requires": {
-        "@jridgewell/resolve-uri": "^3.1.0",
-        "@jridgewell/sourcemap-codec": "^1.4.14"
-      }
-    },
-    "@jsdoc/salty": {
-      "version": "0.2.1",
-      "resolved": "https://registry.npmjs.org/@jsdoc/salty/-/salty-0.2.1.tgz",
-      "integrity": "sha512-JXwylDNSHa549N9uceDYu8D4GMXwSo3H8CCPYEQqxhhHpxD28+lRl2b3bS/caaPj5w1YD3SWtrficJNTnUjGpg==",
-      "dev": true,
-      "requires": {
-        "lodash": "^4.17.21"
-      }
-    },
-    "@malept/cross-spawn-promise": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/@malept/cross-spawn-promise/-/cross-spawn-promise-1.1.0.tgz",
-      "integrity": "sha512-GeIK5rfU1Yd7BZJQPTGZMMmcZy5nhRToPXZcjaDwQDRSewdhp648GT2E4dh+L7+Io7AOW6WQ+GR44QSzja4qxg==",
-      "devOptional": true,
-      "requires": {
-        "cross-spawn": "^7.0.1"
-      }
-    },
-    "@malept/flatpak-bundler": {
-      "version": "0.4.0",
-      "resolved": "https://registry.npmjs.org/@malept/flatpak-bundler/-/flatpak-bundler-0.4.0.tgz",
-      "integrity": "sha512-9QOtNffcOF/c1seMCDnjckb3R9WHcG34tky+FHpNKKCW0wc/scYLwMtO+ptyGUfMW0/b/n4qRiALlaFHc9Oj7Q==",
-      "dev": true,
-      "requires": {
-        "debug": "^4.1.1",
-        "fs-extra": "^9.0.0",
-        "lodash": "^4.17.15",
-        "tmp-promise": "^3.0.2"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "9.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
-          "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
-          "dev": true,
-          "requires": {
-            "at-least-node": "^1.0.0",
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
-          "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
-          "dev": true
-        }
-      }
-    },
-    "@npmcli/fs": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/@npmcli/fs/-/fs-2.1.0.tgz",
-      "integrity": "sha512-DmfBvNXGaetMxj9LTp8NAN9vEidXURrf5ZTslQzEAi/6GbW+4yjaLFQc6Tue5cpZ9Frlk4OBo/Snf1Bh/S7qTQ==",
-      "dev": true,
-      "requires": {
-        "@gar/promisify": "^1.1.3",
-        "semver": "^7.3.5"
-      }
-    },
-    "@npmcli/move-file": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/@npmcli/move-file/-/move-file-2.0.0.tgz",
-      "integrity": "sha512-UR6D5f4KEGWJV6BGPH3Qb2EtgH+t+1XQ1Tt85c7qicN6cezzuHPdZwwAxqZr4JLtnQu0LZsTza/5gmNmSl8XLg==",
-      "dev": true,
-      "requires": {
-        "mkdirp": "^1.0.4",
-        "rimraf": "^3.0.2"
-      },
-      "dependencies": {
-        "mkdirp": {
-          "version": "1.0.4",
-          "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz",
-          "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==",
-          "dev": true
-        },
-        "rimraf": {
-          "version": "3.0.2",
-          "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz",
-          "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==",
-          "dev": true,
-          "requires": {
-            "glob": "^7.1.3"
-          }
-        }
-      }
-    },
-    "@panva/asn1.js": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@panva/asn1.js/-/asn1.js-1.0.0.tgz",
-      "integrity": "sha512-UdkG3mLEqXgnlKsWanWcgb6dOjUzJ+XC5f+aWw30qrtjxeNUSfKX1cd5FBzOaXQumoe9nIqeZUvrRJS03HCCtw=="
-    },
-    "@pkgjs/parseargs": {
-      "version": "0.11.0",
-      "resolved": "https://registry.npmjs.org/@pkgjs/parseargs/-/parseargs-0.11.0.tgz",
-      "integrity": "sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==",
-      "optional": true
-    },
-    "@sideway/address": {
-      "version": "4.1.5",
-      "resolved": "https://registry.npmjs.org/@sideway/address/-/address-4.1.5.tgz",
-      "integrity": "sha512-IqO/DUQHUkPeixNQ8n0JA6102hT9CmaljNTPmQ1u8MEhBo/R4Q8eKLN/vGZxuebwOroDB4cbpjheD4+/sKFK4Q==",
-      "requires": {
-        "@hapi/hoek": "^9.0.0"
-      }
-    },
-    "@sideway/formula": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/@sideway/formula/-/formula-3.0.1.tgz",
-      "integrity": "sha512-/poHZJJVjx3L+zVD6g9KgHfYnb443oi7wLu/XKojDviHy6HOEOA6z1Trk5aR1dGcmPenJEgb2sK2I80LeS3MIg=="
-    },
-    "@sideway/pinpoint": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/@sideway/pinpoint/-/pinpoint-2.0.0.tgz",
-      "integrity": "sha512-RNiOoTPkptFtSVzQevY/yWtZwf/RxyVnPy/OcA9HBM3MlGDnBEYL5B41H0MTn0Uec8Hi+2qUtTfG2WWZBmMejQ=="
-    },
-    "@sindresorhus/is": {
-      "version": "4.6.0",
-      "resolved": "https://registry.npmjs.org/@sindresorhus/is/-/is-4.6.0.tgz",
-      "integrity": "sha512-t09vSN3MdfsyCHoFcTRCH/iUtG7OJ0CsjzB8cjAmKc/va/kIgeDI/TxsigdncE/4be734m0cvIYwNaV4i2XqAw=="
-    },
-    "@szmarczak/http-timer": {
-      "version": "4.0.6",
-      "resolved": "https://registry.npmjs.org/@szmarczak/http-timer/-/http-timer-4.0.6.tgz",
-      "integrity": "sha512-4BAffykYOgO+5nzBWYwE3W90sBgLJoUPRWWcL8wlyiM8IB8ipJz3UMJ9KXQd1RKQXpKp8Tutn80HZtWsu2u76w==",
-      "requires": {
-        "defer-to-connect": "^2.0.0"
-      }
-    },
-    "@tokenizer/token": {
-      "version": "0.3.0",
-      "resolved": "https://registry.npmjs.org/@tokenizer/token/-/token-0.3.0.tgz",
-      "integrity": "sha512-OvjF+z51L3ov0OyAU0duzsYuvO01PH7x4t6DJx+guahgTnBHkhJdG7soQeTSFLWN3efnHyibZ4Z8l2EuWwJN3A=="
-    },
-    "@tootallnate/once": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/@tootallnate/once/-/once-2.0.0.tgz",
-      "integrity": "sha512-XCuKFP5PS55gnMVu3dty8KPatLqUoy/ZYzDzAGCQ8JNFCkLXzmI7vNHCR+XpbZaMWQK/vQubr7PkYq8g470J/A==",
-      "dev": true
-    },
-    "@tsconfig/node10": {
-      "version": "1.0.9",
-      "resolved": "https://registry.npmjs.org/@tsconfig/node10/-/node10-1.0.9.tgz",
-      "integrity": "sha512-jNsYVVxU8v5g43Erja32laIDHXeoNvFEpX33OK4d6hljo3jDhCBDhx5dhCCTMWUojscpAagGiRkBKxpdl9fxqA==",
-      "dev": true
-    },
-    "@tsconfig/node12": {
-      "version": "1.0.11",
-      "resolved": "https://registry.npmjs.org/@tsconfig/node12/-/node12-1.0.11.tgz",
-      "integrity": "sha512-cqefuRsh12pWyGsIoBKJA9luFu3mRxCA+ORZvA4ktLSzIuCUtWVxGIuXigEwO5/ywWFMZ2QEGKWvkZG1zDMTag==",
-      "dev": true
-    },
-    "@tsconfig/node14": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/@tsconfig/node14/-/node14-1.0.3.tgz",
-      "integrity": "sha512-ysT8mhdixWK6Hw3i1V2AeRqZ5WfXg1G43mqoYlM2nc6388Fq5jcXyr5mRsqViLx/GJYdoL0bfXD8nmF+Zn/Iow==",
-      "dev": true
-    },
-    "@tsconfig/node16": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/@tsconfig/node16/-/node16-1.0.4.tgz",
-      "integrity": "sha512-vxhUy4J8lyeyinH7Azl1pdd43GJhZH/tP2weN8TntQblOY+A0XbT8DJk1/oCPuOOyg/Ja757rG0CgHcWC8OfMA==",
-      "dev": true
-    },
-    "@tweenjs/tween.js": {
-      "version": "21.0.0",
-      "resolved": "https://registry.npmjs.org/@tweenjs/tween.js/-/tween.js-21.0.0.tgz",
-      "integrity": "sha512-qVfOiFh0U8ZSkLgA6tf7kj2MciqRbSCWaJZRwftVO7UbtVDNsZAXpWXqvCDtIefvjC83UJB+vHTDOGm5ibXjEA=="
-    },
-    "@types/archiver": {
-      "version": "6.0.2",
-      "resolved": "https://registry.npmjs.org/@types/archiver/-/archiver-6.0.2.tgz",
-      "integrity": "sha512-KmROQqbQzKGuaAbmK+ZcytkJ51+YqDa7NmbXjmtC5YBLSyQYo21YaUnQ3HbaPFKL1ooo6RQ6OPYPIDyxfpDDXw==",
-      "dev": true,
-      "requires": {
-        "@types/readdir-glob": "*"
-      }
-    },
-    "@types/better-sqlite3": {
-      "version": "7.6.9",
-      "resolved": "https://registry.npmjs.org/@types/better-sqlite3/-/better-sqlite3-7.6.9.tgz",
-      "integrity": "sha512-FvktcujPDj9XKMJQWFcl2vVl7OdRIqsSRX9b0acWwTmwLK9CF2eqo/FRcmMLNpugKoX/avA6pb7TorDLmpgTnQ==",
-      "dev": true,
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@types/body-parser": {
-      "version": "1.19.5",
-      "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.5.tgz",
-      "integrity": "sha512-fB3Zu92ucau0iQ0JMCFQE7b/dv8Ot07NI3KaZIkIUNXq82k4eBAqUaneXfleGY9JWskeS9y+u0nXMyspcuQrCg==",
-      "dev": true,
-      "requires": {
-        "@types/connect": "*",
-        "@types/node": "*"
-      }
-    },
-    "@types/cacheable-request": {
-      "version": "6.0.2",
-      "resolved": "https://registry.npmjs.org/@types/cacheable-request/-/cacheable-request-6.0.2.tgz",
-      "integrity": "sha512-B3xVo+dlKM6nnKTcmm5ZtY/OL8bOAOd2Olee9M1zft65ox50OzjEHW91sDiU9j6cvW8Ejg1/Qkf4xd2kugApUA==",
-      "requires": {
-        "@types/http-cache-semantics": "*",
-        "@types/keyv": "*",
-        "@types/node": "*",
-        "@types/responselike": "*"
-      }
-    },
-    "@types/cls-hooked": {
-      "version": "4.3.8",
-      "resolved": "https://registry.npmjs.org/@types/cls-hooked/-/cls-hooked-4.3.8.tgz",
-      "integrity": "sha512-tf/7H883gFA6MPlWI15EQtfNZ+oPL0gLKkOlx9UHFrun1fC/FkuyNBpTKq1B5E3T4fbvjId6WifHUdSGsMMuPg==",
-      "dev": true,
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@types/compression": {
-      "version": "1.7.5",
-      "resolved": "https://registry.npmjs.org/@types/compression/-/compression-1.7.5.tgz",
-      "integrity": "sha512-AAQvK5pxMpaT+nDvhHrsBhLSYG5yQdtkaJE1WYieSNY2mVFKAgmU4ks65rkZD5oqnGCFLyQpUr1CqI4DmUMyDg==",
-      "dev": true,
-      "requires": {
-        "@types/express": "*"
-      }
-    },
-    "@types/connect": {
-      "version": "3.4.38",
-      "resolved": "https://registry.npmjs.org/@types/connect/-/connect-3.4.38.tgz",
-      "integrity": "sha512-K6uROf1LD88uDQqJCktA4yzL1YYAK6NgfsI0v/mTgyPKWsX1CnJ0XPSDhViejru1GcRkLWb8RlzFYJRqGUbaug==",
-      "dev": true,
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@types/cookie-parser": {
-      "version": "1.4.7",
-      "resolved": "https://registry.npmjs.org/@types/cookie-parser/-/cookie-parser-1.4.7.tgz",
-      "integrity": "sha512-Fvuyi354Z+uayxzIGCwYTayFKocfV7TuDYZClCdIP9ckhvAu/ixDtCB6qx2TT0FKjPLf1f3P/J1rgf6lPs64mw==",
-      "dev": true,
-      "requires": {
-        "@types/express": "*"
-      }
-    },
-    "@types/csurf": {
-      "version": "1.11.5",
-      "resolved": "https://registry.npmjs.org/@types/csurf/-/csurf-1.11.5.tgz",
-      "integrity": "sha512-5rw87+5YGixyL2W8wblSUl5DSZi5YOlXE6Awwn2ofLvqKr/1LruKffrQipeJKUX44VaxKj8m5es3vfhltJTOoA==",
-      "dev": true,
-      "requires": {
-        "@types/express-serve-static-core": "*"
-      }
-    },
-    "@types/d3-scale": {
-      "version": "4.0.8",
-      "resolved": "https://registry.npmjs.org/@types/d3-scale/-/d3-scale-4.0.8.tgz",
-      "integrity": "sha512-gkK1VVTr5iNiYJ7vWDI+yUFFlszhNMtVeneJ6lUTKPjprsvLLI9/tgEGiXJOnlINJA8FyA88gfnQsHbybVZrYQ==",
-      "requires": {
-        "@types/d3-time": "*"
-      }
-    },
-    "@types/d3-scale-chromatic": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@types/d3-scale-chromatic/-/d3-scale-chromatic-3.0.3.tgz",
-      "integrity": "sha512-laXM4+1o5ImZv3RpFAsTRn3TEkzqkytiOY0Dz0sq5cnd1dtNlk6sHLon4OvqaiJb28T0S/TdsBI3Sjsy+keJrw=="
-    },
-    "@types/d3-time": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@types/d3-time/-/d3-time-3.0.3.tgz",
-      "integrity": "sha512-2p6olUZ4w3s+07q3Tm2dbiMZy5pCDfYwtLXXHUnVzXgQlZ/OyPtUz6OL382BkOuGlLXqfT+wqv8Fw2v8/0geBw=="
-    },
-    "@types/debug": {
-      "version": "4.1.9",
-      "resolved": "https://registry.npmjs.org/@types/debug/-/debug-4.1.9.tgz",
-      "integrity": "sha512-8Hz50m2eoS56ldRlepxSBa6PWEVCtzUo/92HgLc2qTMnotJNIm7xP+UZhyWoYsyOdd5dxZ+NZLb24rsKyFs2ow==",
-      "requires": {
-        "@types/ms": "*"
-      }
-    },
-    "@types/ejs": {
-      "version": "3.1.5",
-      "resolved": "https://registry.npmjs.org/@types/ejs/-/ejs-3.1.5.tgz",
-      "integrity": "sha512-nv+GSx77ZtXiJzwKdsASqi+YQ5Z7vwHsTP0JY2SiQgjGckkBRKZnk8nIM+7oUZ1VCtuTz0+By4qVR7fqzp/Dfg==",
-      "dev": true
-    },
-    "@types/escape-html": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/@types/escape-html/-/escape-html-1.0.4.tgz",
-      "integrity": "sha512-qZ72SFTgUAZ5a7Tj6kf2SHLetiH5S6f8G5frB2SPQ3EyF02kxdyBFf4Tz4banE3xCgGnKgWLt//a6VuYHKYJTg==",
-      "dev": true
-    },
-    "@types/eslint": {
-      "version": "8.4.1",
-      "resolved": "https://registry.npmjs.org/@types/eslint/-/eslint-8.4.1.tgz",
-      "integrity": "sha512-GE44+DNEyxxh2Kc6ro/VkIj+9ma0pO0bwv9+uHSyBrikYOHr8zYcdPvnBOp1aw8s+CjRvuSx7CyWqRrNFQ59mA==",
-      "dev": true,
-      "requires": {
-        "@types/estree": "*",
-        "@types/json-schema": "*"
-      }
-    },
-    "@types/eslint-scope": {
-      "version": "3.7.3",
-      "resolved": "https://registry.npmjs.org/@types/eslint-scope/-/eslint-scope-3.7.3.tgz",
-      "integrity": "sha512-PB3ldyrcnAicT35TWPs5IcwKD8S333HMaa2VVv4+wdvebJkjWuW/xESoB8IwRcog8HYVYamb1g/R31Qv5Bx03g==",
-      "dev": true,
-      "requires": {
-        "@types/eslint": "*",
-        "@types/estree": "*"
-      }
-    },
-    "@types/estree": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.5.tgz",
-      "integrity": "sha512-/kYRxGDLWzHOB7q+wtSUQlFrtcdUccpfy+X+9iMBpHK8QLLhx2wIPYuS5DYtR9Wa/YlZAbIovy7qVdB1Aq6Lyw==",
-      "dev": true
-    },
-    "@types/express": {
-      "version": "4.17.21",
-      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.21.tgz",
-      "integrity": "sha512-ejlPM315qwLpaQlQDTjPdsUFSc6ZsP4AN6AlWnogPjQ7CVi7PYF3YVz+CY3jE2pwYf7E/7HlDAN0rV2GxTG0HQ==",
-      "dev": true,
-      "requires": {
-        "@types/body-parser": "*",
-        "@types/express-serve-static-core": "^4.17.33",
-        "@types/qs": "*",
-        "@types/serve-static": "*"
-      }
-    },
-    "@types/express-serve-static-core": {
-      "version": "4.17.43",
-      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.43.tgz",
-      "integrity": "sha512-oaYtiBirUOPQGSWNGPWnzyAFJ0BP3cwvN4oWZQY+zUBwpVIGsKUkpBpSztp74drYcjavs7SKFZ4DX1V2QeN8rg==",
-      "dev": true,
-      "requires": {
-        "@types/node": "*",
-        "@types/qs": "*",
-        "@types/range-parser": "*",
-        "@types/send": "*"
-      }
-    },
-    "@types/express-session": {
-      "version": "1.18.0",
-      "resolved": "https://registry.npmjs.org/@types/express-session/-/express-session-1.18.0.tgz",
-      "integrity": "sha512-27JdDRgor6PoYlURY+Y5kCakqp5ulC0kmf7y+QwaY+hv9jEFuQOThgkjyA53RP3jmKuBsH5GR6qEfFmvb8mwOA==",
-      "dev": true,
-      "requires": {
-        "@types/express": "*"
-      }
-    },
-    "@types/fs-extra": {
-      "version": "9.0.13",
-      "resolved": "https://registry.npmjs.org/@types/fs-extra/-/fs-extra-9.0.13.tgz",
-      "integrity": "sha512-nEnwB++1u5lVDM2UI4c1+5R+FYaKfaAzS4OococimjVm3nQw3TuzH5UNsocrcTBbhnerblyHj4A49qXbIiZdpA==",
-      "devOptional": true,
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@types/glob": {
-      "version": "7.1.3",
-      "resolved": "https://registry.npmjs.org/@types/glob/-/glob-7.1.3.tgz",
-      "integrity": "sha512-SEYeGAIQIQX8NN6LDKprLjbrd5dARM5EXsd8GI/A5l0apYI1fGMWgPHSe4ZKL4eozlAyI+doUE9XbYS4xCkQ1w==",
-      "optional": true,
-      "requires": {
-        "@types/minimatch": "*",
-        "@types/node": "*"
-      }
-    },
-    "@types/html": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/@types/html/-/html-1.0.4.tgz",
-      "integrity": "sha512-Wb1ymSAftCLxhc3D6vS0Ike/0xg7W6c+DQxAkerU6pD7C8CMzTYwvrwnlcrTfsVO/nMelB9KOKIT7+N5lOeQUg==",
-      "dev": true
-    },
-    "@types/http-cache-semantics": {
-      "version": "4.0.1",
-      "resolved": "https://registry.npmjs.org/@types/http-cache-semantics/-/http-cache-semantics-4.0.1.tgz",
-      "integrity": "sha512-SZs7ekbP8CN0txVG2xVRH6EgKmEm31BOxA07vkFaETzZz1xh+cbt8BcI0slpymvwhx5dlFnQG2rTlPVQn+iRPQ=="
-    },
-    "@types/http-errors": {
-      "version": "2.0.4",
-      "resolved": "https://registry.npmjs.org/@types/http-errors/-/http-errors-2.0.4.tgz",
-      "integrity": "sha512-D0CFMMtydbJAegzOyHjtiKPLlvnm3iTZyZRSZoLq2mRhDdmLfIWOCYPfQJ4cu2erKghU++QvjcUjp/5h7hESpA==",
-      "dev": true
-    },
-    "@types/ini": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/@types/ini/-/ini-4.1.0.tgz",
-      "integrity": "sha512-mTehMtc+xtnWBBvqizcqYCktKDBH2WChvx1GU3Sfe4PysFDXiNe+1YwtpVX1MDtCa4NQrSPw2+3HmvXHY3gt1w==",
-      "dev": true
-    },
-    "@types/jsdom": {
-      "version": "21.1.6",
-      "resolved": "https://registry.npmjs.org/@types/jsdom/-/jsdom-21.1.6.tgz",
-      "integrity": "sha512-/7kkMsC+/kMs7gAYmmBR9P0vGTnOoLhQhyhQJSlXGI5bzTHp6xdo0TtKWQAsz6pmSAeVqKSbqeyP6hytqr9FDw==",
-      "dev": true,
-      "requires": {
-        "@types/node": "*",
-        "@types/tough-cookie": "*",
-        "parse5": "^7.0.0"
-      },
-      "dependencies": {
-        "entities": {
-          "version": "4.5.0",
-          "resolved": "https://registry.npmjs.org/entities/-/entities-4.5.0.tgz",
-          "integrity": "sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==",
-          "dev": true
-        },
-        "parse5": {
-          "version": "7.1.2",
-          "resolved": "https://registry.npmjs.org/parse5/-/parse5-7.1.2.tgz",
-          "integrity": "sha512-Czj1WaSVpaoj0wbhMzLmWD69anp2WH7FXMB9n1Sy8/ZFF9jolSQVMu1Ij5WIyGmcBmhk7EOndpO4mIpihVqAXw==",
-          "dev": true,
-          "requires": {
-            "entities": "^4.4.0"
-          }
-        }
-      }
-    },
-    "@types/json-schema": {
-      "version": "7.0.9",
-      "resolved": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.9.tgz",
-      "integrity": "sha512-qcUXuemtEu+E5wZSJHNxUXeCZhAfXKQ41D+duX+VYPde7xyEVZci+/oXKJL13tnRs9lR2pr4fod59GT6/X1/yQ==",
-      "dev": true
-    },
-    "@types/keyv": {
-      "version": "3.1.3",
-      "resolved": "https://registry.npmjs.org/@types/keyv/-/keyv-3.1.3.tgz",
-      "integrity": "sha512-FXCJgyyN3ivVgRoml4h94G/p3kY+u/B86La+QptcqJaWtBWtmc6TtkNfS40n9bIvyLteHh7zXOtgbobORKPbDg==",
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@types/linkify-it": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/@types/linkify-it/-/linkify-it-3.0.2.tgz",
-      "integrity": "sha512-HZQYqbiFVWufzCwexrvh694SOim8z2d+xJl5UNamcvQFejLY/2YUtzXHYi3cHdI7PMlS8ejH2slRAOJQ32aNbA==",
-      "dev": true
-    },
-    "@types/markdown-it": {
-      "version": "12.2.3",
-      "resolved": "https://registry.npmjs.org/@types/markdown-it/-/markdown-it-12.2.3.tgz",
-      "integrity": "sha512-GKMHFfv3458yYy+v/N8gjufHO6MSZKCOXpZc5GXIWWy8uldwfmPn98vp81gZ5f9SVw8YYBctgfJ22a2d7AOMeQ==",
-      "dev": true,
-      "requires": {
-        "@types/linkify-it": "*",
-        "@types/mdurl": "*"
-      }
-    },
-    "@types/mdast": {
-      "version": "3.0.15",
-      "resolved": "https://registry.npmjs.org/@types/mdast/-/mdast-3.0.15.tgz",
-      "integrity": "sha512-LnwD+mUEfxWMa1QpDraczIn6k0Ee3SMicuYSSzS6ZYl2gKS09EClnJYGd8Du6rfc5r/GZEk5o1mRb8TaTj03sQ==",
-      "requires": {
-        "@types/unist": "^2"
-      }
-    },
-    "@types/mdurl": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/@types/mdurl/-/mdurl-1.0.2.tgz",
-      "integrity": "sha512-eC4U9MlIcu2q0KQmXszyn5Akca/0jrQmwDRgpAMJai7qBWq4amIQhZyNau4VYGtCeALvW1/NtjzJJ567aZxfKA==",
-      "dev": true
-    },
-    "@types/mime": {
-      "version": "1.3.5",
-      "resolved": "https://registry.npmjs.org/@types/mime/-/mime-1.3.5.tgz",
-      "integrity": "sha512-/pyBZWSLD2n0dcHE3hq8s8ZvcETHtEuF+3E7XVt0Ig2nvsVQXdghHVcEkIWjy9A0wKfTn97a/PSDYohKIlnP/w==",
-      "dev": true
-    },
-    "@types/mime-types": {
-      "version": "2.1.4",
-      "resolved": "https://registry.npmjs.org/@types/mime-types/-/mime-types-2.1.4.tgz",
-      "integrity": "sha512-lfU4b34HOri+kAY5UheuFMWPDOI+OPceBSHZKp69gEyTL/mmJ4cnU6Y/rlme3UL3GyOn6Y42hyIEw0/q8sWx5w==",
-      "dev": true
-    },
-    "@types/minimatch": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/@types/minimatch/-/minimatch-3.0.3.tgz",
-      "integrity": "sha512-tHq6qdbT9U1IRSGf14CL0pUlULksvY9OZ+5eEgl1N7t+OA3tGvNpxJCzuKQlsNgCVwbAs670L1vcVQi8j9HjnA==",
-      "optional": true
-    },
-    "@types/ms": {
-      "version": "0.7.32",
-      "resolved": "https://registry.npmjs.org/@types/ms/-/ms-0.7.32.tgz",
-      "integrity": "sha512-xPSg0jm4mqgEkNhowKgZFBNtwoEwF6gJ4Dhww+GFpm3IgtNseHQZ5IqdNwnquZEoANxyDAKDRAdVo4Z72VvD/g=="
-    },
-    "@types/multer": {
-      "version": "1.4.11",
-      "resolved": "https://registry.npmjs.org/@types/multer/-/multer-1.4.11.tgz",
-      "integrity": "sha512-svK240gr6LVWvv3YGyhLlA+6LRRWA4mnGIU7RcNmgjBYFl6665wcXrRfxGp5tEPVHUNm5FMcmq7too9bxCwX/w==",
-      "dev": true,
-      "requires": {
-        "@types/express": "*"
-      }
-    },
-    "@types/node": {
-      "version": "20.11.19",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.19.tgz",
-      "integrity": "sha512-7xMnVEcZFu0DikYjWOlRq7NTPETrm7teqUT2WkQjrTIkEgUyyGdWsj/Zg8bEJt5TNklzbPD1X3fqfsHw3SpapQ==",
-      "requires": {
-        "undici-types": "~5.26.4"
-      }
-    },
-    "@types/plist": {
-      "version": "3.0.5",
-      "resolved": "https://registry.npmjs.org/@types/plist/-/plist-3.0.5.tgz",
-      "integrity": "sha512-E6OCaRmAe4WDmWNsL/9RMqdkkzDCY1etutkflWk4c+AcjDU07Pcz1fQwTX0TQz+Pxqn9i4L1TU3UFpjnrcDgxA==",
-      "dev": true,
-      "optional": true,
-      "requires": {
-        "@types/node": "*",
-        "xmlbuilder": ">=11.0.1"
-      }
-    },
-    "@types/qs": {
-      "version": "6.9.11",
-      "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.11.tgz",
-      "integrity": "sha512-oGk0gmhnEJK4Yyk+oI7EfXsLayXatCWPHary1MtcmbAifkobT9cM9yutG/hZKIseOU0MqbIwQ/u2nn/Gb+ltuQ==",
-      "dev": true
-    },
-    "@types/range-parser": {
-      "version": "1.2.7",
-      "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.7.tgz",
-      "integrity": "sha512-hKormJbkJqzQGhziax5PItDUTMAM9uE2XXQmM37dyd4hVM+5aVl7oVxMVUiVQn2oCQFN/LKCZdvSM0pFRqbSmQ==",
-      "dev": true
-    },
-    "@types/readdir-glob": {
-      "version": "1.1.5",
-      "resolved": "https://registry.npmjs.org/@types/readdir-glob/-/readdir-glob-1.1.5.tgz",
-      "integrity": "sha512-raiuEPUYqXu+nvtY2Pe8s8FEmZ3x5yAH4VkLdihcPdalvsHltomrRC9BzuStrJ9yk06470hS0Crw0f1pXqD+Hg==",
-      "dev": true,
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@types/responselike": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/@types/responselike/-/responselike-1.0.0.tgz",
-      "integrity": "sha512-85Y2BjiufFzaMIlvJDvTTB8Fxl2xfLo4HgmHzVBz08w4wDePCTjYw66PdrolO0kzli3yam/YCgRufyo1DdQVTA==",
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@types/safe-compare": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/@types/safe-compare/-/safe-compare-1.1.2.tgz",
-      "integrity": "sha512-kK/IM1+pvwCMom+Kezt/UlP8LMEwm8rP6UgGbRc6zUnhU/csoBQ5rWgmD2CJuHxiMiX+H1VqPGpo0kDluJGXYA==",
-      "dev": true
-    },
-    "@types/sanitize-html": {
-      "version": "2.11.0",
-      "resolved": "https://registry.npmjs.org/@types/sanitize-html/-/sanitize-html-2.11.0.tgz",
-      "integrity": "sha512-7oxPGNQHXLHE48r/r/qjn7q0hlrs3kL7oZnGj0Wf/h9tj/6ibFyRkNbsDxaBBZ4XUZ0Dx5LGCyDJ04ytSofacQ==",
-      "dev": true,
-      "requires": {
-        "htmlparser2": "^8.0.0"
-      },
-      "dependencies": {
-        "dom-serializer": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-2.0.0.tgz",
-          "integrity": "sha512-wIkAryiqt/nV5EQKqQpo3SToSOV9J0DnbJqwK7Wv/Trc92zIAYZ4FlMu+JPFW1DfGFt81ZTCGgDEabffXeLyJg==",
-          "dev": true,
-          "requires": {
-            "domelementtype": "^2.3.0",
-            "domhandler": "^5.0.2",
-            "entities": "^4.2.0"
-          }
-        },
-        "domhandler": {
-          "version": "5.0.3",
-          "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-5.0.3.tgz",
-          "integrity": "sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w==",
-          "dev": true,
-          "requires": {
-            "domelementtype": "^2.3.0"
-          }
-        },
-        "domutils": {
-          "version": "3.1.0",
-          "resolved": "https://registry.npmjs.org/domutils/-/domutils-3.1.0.tgz",
-          "integrity": "sha512-H78uMmQtI2AhgDJjWeQmHwJJ2bLPD3GMmO7Zja/ZZh84wkm+4ut+IUnUdRa8uCGX88DiVx1j6FRe1XfxEgjEZA==",
-          "dev": true,
-          "requires": {
-            "dom-serializer": "^2.0.0",
-            "domelementtype": "^2.3.0",
-            "domhandler": "^5.0.3"
-          }
-        },
-        "entities": {
-          "version": "4.5.0",
-          "resolved": "https://registry.npmjs.org/entities/-/entities-4.5.0.tgz",
-          "integrity": "sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==",
-          "dev": true
-        },
-        "htmlparser2": {
-          "version": "8.0.2",
-          "resolved": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-8.0.2.tgz",
-          "integrity": "sha512-GYdjWKDkbRLkZ5geuHs5NY1puJ+PXwP7+fHPRz06Eirsb9ugf6d8kkXav6ADhcODhFFPMIXyxkxSuMf3D6NCFA==",
-          "dev": true,
-          "requires": {
-            "domelementtype": "^2.3.0",
-            "domhandler": "^5.0.3",
-            "domutils": "^3.0.1",
-            "entities": "^4.4.0"
-          }
-        }
-      }
-    },
-    "@types/sax": {
-      "version": "1.2.7",
-      "resolved": "https://registry.npmjs.org/@types/sax/-/sax-1.2.7.tgz",
-      "integrity": "sha512-rO73L89PJxeYM3s3pPPjiPgVVcymqU490g0YO5n5By0k2Erzj6tay/4lr1CHAAU4JyOWd1rpQ8bCf6cZfHU96A==",
-      "dev": true,
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@types/semver": {
-      "version": "7.5.8",
-      "resolved": "https://registry.npmjs.org/@types/semver/-/semver-7.5.8.tgz",
-      "integrity": "sha512-I8EUhyrgfLrcTkzV3TSsGyl1tSuPrEDzr0yd5m90UgNxQkyDXULk3b6MlQqTCpZpNtWe1K0hzclnZkTcLBe2UQ==",
-      "dev": true
-    },
-    "@types/send": {
-      "version": "0.17.4",
-      "resolved": "https://registry.npmjs.org/@types/send/-/send-0.17.4.tgz",
-      "integrity": "sha512-x2EM6TJOybec7c52BX0ZspPodMsQUd5L6PRwOunVyVUhXiBSKf3AezDL8Dgvgt5o0UfKNfuA0eMLr2wLT4AiBA==",
-      "dev": true,
-      "requires": {
-        "@types/mime": "^1",
-        "@types/node": "*"
-      }
-    },
-    "@types/serve-favicon": {
-      "version": "2.5.7",
-      "resolved": "https://registry.npmjs.org/@types/serve-favicon/-/serve-favicon-2.5.7.tgz",
-      "integrity": "sha512-z9TNUQXdQ+W/OJMP1e3KOYUZ99qJS4+ZfFOIrPGImcayqKoyifbJSEFkVq1MCKBbqjMZpjPj3B5ilrQAR2+TOw==",
-      "dev": true,
-      "requires": {
-        "@types/express": "*"
-      }
-    },
-    "@types/serve-static": {
-      "version": "1.15.5",
-      "resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.15.5.tgz",
-      "integrity": "sha512-PDRk21MnK70hja/YF8AHfC7yIsiQHn1rcXx7ijCFBX/k+XQJhQT/gw3xekXKJvx+5SXaMMS8oqQy09Mzvz2TuQ==",
-      "dev": true,
-      "requires": {
-        "@types/http-errors": "*",
-        "@types/mime": "*",
-        "@types/node": "*"
-      }
-    },
-    "@types/stream-throttle": {
-      "version": "0.1.4",
-      "resolved": "https://registry.npmjs.org/@types/stream-throttle/-/stream-throttle-0.1.4.tgz",
-      "integrity": "sha512-VxXIHGjVuK8tYsVm60rIQMmF/0xguCeen5OmK5S4Y6K64A+z+y4/GI6anRnVzaUZaJB9Ah9IfbDcO0o1gZCc/w==",
-      "dev": true,
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@types/tmp": {
-      "version": "0.2.6",
-      "resolved": "https://registry.npmjs.org/@types/tmp/-/tmp-0.2.6.tgz",
-      "integrity": "sha512-chhaNf2oKHlRkDGt+tiKE2Z5aJ6qalm7Z9rlLdBwmOiAAf09YQvvoLXjWK4HWPF1xU/fqvMgfNfpVoBscA/tKA==",
-      "dev": true
-    },
-    "@types/tough-cookie": {
-      "version": "4.0.5",
-      "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.5.tgz",
-      "integrity": "sha512-/Ad8+nIOV7Rl++6f1BdKxFSMgmoqEoYbHRpPcx3JEfv8VRsQe9Z4mCXeJBzxs7mbHY/XOZZuXlRNfhpVPbs6ZA==",
-      "dev": true
-    },
-    "@types/turndown": {
-      "version": "5.0.4",
-      "resolved": "https://registry.npmjs.org/@types/turndown/-/turndown-5.0.4.tgz",
-      "integrity": "sha512-28GI33lCCkU4SGH1GvjDhFgOVr+Tym4PXGBIU1buJUa6xQolniPArtUT+kv42RR2N9MsMLInkr904Aq+ESHBJg==",
-      "dev": true
-    },
-    "@types/unist": {
-      "version": "2.0.10",
-      "resolved": "https://registry.npmjs.org/@types/unist/-/unist-2.0.10.tgz",
-      "integrity": "sha512-IfYcSBWE3hLpBg8+X2SEa8LVkJdJEkT2Ese2aaLs3ptGdVtABxndrMaxuFlQ1qdFf9Q5rDvDpxI3WwgvKFAsQA=="
-    },
-    "@types/verror": {
-      "version": "1.10.9",
-      "resolved": "https://registry.npmjs.org/@types/verror/-/verror-1.10.9.tgz",
-      "integrity": "sha512-MLx9Z+9lGzwEuW16ubGeNkpBDE84RpB/NyGgg6z2BTpWzKkGU451cAY3UkUzZEp72RHF585oJ3V8JVNqIplcAQ==",
-      "dev": true,
-      "optional": true
-    },
-    "@types/ws": {
-      "version": "8.5.10",
-      "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.10.tgz",
-      "integrity": "sha512-vmQSUcfalpIq0R9q7uTo2lXs6eGIpt9wtnLdMv9LVpIjCA/+ufZRozlVoVelIYixx1ugCBKDhn89vnsEGOCx9A==",
-      "dev": true,
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@types/xml2js": {
-      "version": "0.4.14",
-      "resolved": "https://registry.npmjs.org/@types/xml2js/-/xml2js-0.4.14.tgz",
-      "integrity": "sha512-4YnrRemBShWRO2QjvUin8ESA41rH+9nQGLUGZV/1IDhi3SL9OhdpNC/MrulTWuptXKwhx/aDxE7toV0f/ypIXQ==",
-      "dev": true,
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@types/yauzl": {
-      "version": "2.9.2",
-      "resolved": "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.9.2.tgz",
-      "integrity": "sha512-8uALY5LTvSuHgloDVUvWP3pIauILm+8/0pDMokuDYIoNsOkSwd5AiHBTSEJjKTDcZr5z8UpgOWZkxBF4iJftoA==",
-      "optional": true,
-      "requires": {
-        "@types/node": "*"
-      }
-    },
-    "@webassemblyjs/ast": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/ast/-/ast-1.11.6.tgz",
-      "integrity": "sha512-IN1xI7PwOvLPgjcf180gC1bqn3q/QaOCwYUahIOhbYUu8KA/3tw2RT/T0Gidi1l7Hhj5D/INhJxiICObqpMu4Q==",
-      "dev": true,
-      "requires": {
-        "@webassemblyjs/helper-numbers": "1.11.6",
-        "@webassemblyjs/helper-wasm-bytecode": "1.11.6"
-      }
-    },
-    "@webassemblyjs/floating-point-hex-parser": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/floating-point-hex-parser/-/floating-point-hex-parser-1.11.6.tgz",
-      "integrity": "sha512-ejAj9hfRJ2XMsNHk/v6Fu2dGS+i4UaXBXGemOfQ/JfQ6mdQg/WXtwleQRLLS4OvfDhv8rYnVwH27YJLMyYsxhw==",
-      "dev": true
-    },
-    "@webassemblyjs/helper-api-error": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-api-error/-/helper-api-error-1.11.6.tgz",
-      "integrity": "sha512-o0YkoP4pVu4rN8aTJgAyj9hC2Sv5UlkzCHhxqWj8butaLvnpdc2jOwh4ewE6CX0txSfLn/UYaV/pheS2Txg//Q==",
-      "dev": true
-    },
-    "@webassemblyjs/helper-buffer": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-buffer/-/helper-buffer-1.11.6.tgz",
-      "integrity": "sha512-z3nFzdcp1mb8nEOFFk8DrYLpHvhKC3grJD2ardfKOzmbmJvEf/tPIqCY+sNcwZIY8ZD7IkB2l7/pqhUhqm7hLA==",
-      "dev": true
-    },
-    "@webassemblyjs/helper-numbers": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-numbers/-/helper-numbers-1.11.6.tgz",
-      "integrity": "sha512-vUIhZ8LZoIWHBohiEObxVm6hwP034jwmc9kuq5GdHZH0wiLVLIPcMCdpJzG4C11cHoQ25TFIQj9kaVADVX7N3g==",
-      "dev": true,
-      "requires": {
-        "@webassemblyjs/floating-point-hex-parser": "1.11.6",
-        "@webassemblyjs/helper-api-error": "1.11.6",
-        "@xtuc/long": "4.2.2"
-      }
-    },
-    "@webassemblyjs/helper-wasm-bytecode": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-wasm-bytecode/-/helper-wasm-bytecode-1.11.6.tgz",
-      "integrity": "sha512-sFFHKwcmBprO9e7Icf0+gddyWYDViL8bpPjJJl0WHxCdETktXdmtWLGVzoHbqUcY4Be1LkNfwTmXOJUFZYSJdA==",
-      "dev": true
-    },
-    "@webassemblyjs/helper-wasm-section": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/helper-wasm-section/-/helper-wasm-section-1.11.6.tgz",
-      "integrity": "sha512-LPpZbSOwTpEC2cgn4hTydySy1Ke+XEu+ETXuoyvuyezHO3Kjdu90KK95Sh9xTbmjrCsUwvWwCOQQNta37VrS9g==",
-      "dev": true,
-      "requires": {
-        "@webassemblyjs/ast": "1.11.6",
-        "@webassemblyjs/helper-buffer": "1.11.6",
-        "@webassemblyjs/helper-wasm-bytecode": "1.11.6",
-        "@webassemblyjs/wasm-gen": "1.11.6"
-      }
-    },
-    "@webassemblyjs/ieee754": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/ieee754/-/ieee754-1.11.6.tgz",
-      "integrity": "sha512-LM4p2csPNvbij6U1f19v6WR56QZ8JcHg3QIJTlSwzFcmx6WSORicYj6I63f9yU1kEUtrpG+kjkiIAkevHpDXrg==",
-      "dev": true,
-      "requires": {
-        "@xtuc/ieee754": "^1.2.0"
-      }
-    },
-    "@webassemblyjs/leb128": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/leb128/-/leb128-1.11.6.tgz",
-      "integrity": "sha512-m7a0FhE67DQXgouf1tbN5XQcdWoNgaAuoULHIfGFIEVKA6tu/edls6XnIlkmS6FrXAquJRPni3ZZKjw6FSPjPQ==",
-      "dev": true,
-      "requires": {
-        "@xtuc/long": "4.2.2"
-      }
-    },
-    "@webassemblyjs/utf8": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/utf8/-/utf8-1.11.6.tgz",
-      "integrity": "sha512-vtXf2wTQ3+up9Zsg8sa2yWiQpzSsMyXj0qViVP6xKGCUT8p8YJ6HqI7l5eCnWx1T/FYdsv07HQs2wTFbbof/RA==",
-      "dev": true
-    },
-    "@webassemblyjs/wasm-edit": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-edit/-/wasm-edit-1.11.6.tgz",
-      "integrity": "sha512-Ybn2I6fnfIGuCR+Faaz7YcvtBKxvoLV3Lebn1tM4o/IAJzmi9AWYIPWpyBfU8cC+JxAO57bk4+zdsTjJR+VTOw==",
-      "dev": true,
-      "requires": {
-        "@webassemblyjs/ast": "1.11.6",
-        "@webassemblyjs/helper-buffer": "1.11.6",
-        "@webassemblyjs/helper-wasm-bytecode": "1.11.6",
-        "@webassemblyjs/helper-wasm-section": "1.11.6",
-        "@webassemblyjs/wasm-gen": "1.11.6",
-        "@webassemblyjs/wasm-opt": "1.11.6",
-        "@webassemblyjs/wasm-parser": "1.11.6",
-        "@webassemblyjs/wast-printer": "1.11.6"
-      }
-    },
-    "@webassemblyjs/wasm-gen": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-gen/-/wasm-gen-1.11.6.tgz",
-      "integrity": "sha512-3XOqkZP/y6B4F0PBAXvI1/bky7GryoogUtfwExeP/v7Nzwo1QLcq5oQmpKlftZLbT+ERUOAZVQjuNVak6UXjPA==",
-      "dev": true,
-      "requires": {
-        "@webassemblyjs/ast": "1.11.6",
-        "@webassemblyjs/helper-wasm-bytecode": "1.11.6",
-        "@webassemblyjs/ieee754": "1.11.6",
-        "@webassemblyjs/leb128": "1.11.6",
-        "@webassemblyjs/utf8": "1.11.6"
-      }
-    },
-    "@webassemblyjs/wasm-opt": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-opt/-/wasm-opt-1.11.6.tgz",
-      "integrity": "sha512-cOrKuLRE7PCe6AsOVl7WasYf3wbSo4CeOk6PkrjS7g57MFfVUF9u6ysQBBODX0LdgSvQqRiGz3CXvIDKcPNy4g==",
-      "dev": true,
-      "requires": {
-        "@webassemblyjs/ast": "1.11.6",
-        "@webassemblyjs/helper-buffer": "1.11.6",
-        "@webassemblyjs/wasm-gen": "1.11.6",
-        "@webassemblyjs/wasm-parser": "1.11.6"
-      }
-    },
-    "@webassemblyjs/wasm-parser": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/wasm-parser/-/wasm-parser-1.11.6.tgz",
-      "integrity": "sha512-6ZwPeGzMJM3Dqp3hCsLgESxBGtT/OeCvCZ4TA1JUPYgmhAx38tTPR9JaKy0S5H3evQpO/h2uWs2j6Yc/fjkpTQ==",
-      "dev": true,
-      "requires": {
-        "@webassemblyjs/ast": "1.11.6",
-        "@webassemblyjs/helper-api-error": "1.11.6",
-        "@webassemblyjs/helper-wasm-bytecode": "1.11.6",
-        "@webassemblyjs/ieee754": "1.11.6",
-        "@webassemblyjs/leb128": "1.11.6",
-        "@webassemblyjs/utf8": "1.11.6"
-      }
-    },
-    "@webassemblyjs/wast-printer": {
-      "version": "1.11.6",
-      "resolved": "https://registry.npmjs.org/@webassemblyjs/wast-printer/-/wast-printer-1.11.6.tgz",
-      "integrity": "sha512-JM7AhRcE+yW2GWYaKeHL5vt4xqee5N2WcezptmgyhNS+ScggqcT1OtXykhAb13Sn5Yas0j2uv9tHgrjwvzAP4A==",
-      "dev": true,
-      "requires": {
-        "@webassemblyjs/ast": "1.11.6",
-        "@xtuc/long": "4.2.2"
-      }
-    },
-    "@webcomponents/webcomponentsjs": {
-      "version": "2.8.0",
-      "resolved": "https://registry.npmjs.org/@webcomponents/webcomponentsjs/-/webcomponentsjs-2.8.0.tgz",
-      "integrity": "sha512-loGD63sacRzOzSJgQnB9ZAhaQGkN7wl2Zuw7tsphI5Isa0irijrRo6EnJii/GgjGefIFO8AIO7UivzRhFaEk9w=="
-    },
-    "@webpack-cli/configtest": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/@webpack-cli/configtest/-/configtest-2.1.1.tgz",
-      "integrity": "sha512-wy0mglZpDSiSS0XHrVR+BAdId2+yxPSoJW8fsna3ZpYSlufjvxnP4YbKTCBZnNIcGN4r6ZPXV55X4mYExOfLmw==",
-      "dev": true,
-      "requires": {}
-    },
-    "@webpack-cli/info": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/@webpack-cli/info/-/info-2.0.2.tgz",
-      "integrity": "sha512-zLHQdI/Qs1UyT5UBdWNqsARasIA+AaF8t+4u2aS2nEpBQh2mWIVb8qAklq0eUENnC5mOItrIB4LiS9xMtph18A==",
-      "dev": true,
-      "requires": {}
-    },
-    "@webpack-cli/serve": {
-      "version": "2.0.5",
-      "resolved": "https://registry.npmjs.org/@webpack-cli/serve/-/serve-2.0.5.tgz",
-      "integrity": "sha512-lqaoKnRYBdo1UgDX8uF24AfGMifWK19TxPmM5FHc2vAGxrJ/qtyUyFBWoY1tISZdelsQ5fBcOusifo5o5wSJxQ==",
-      "dev": true,
-      "requires": {}
-    },
-    "@xtuc/ieee754": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/@xtuc/ieee754/-/ieee754-1.2.0.tgz",
-      "integrity": "sha512-DX8nKgqcGwsc0eJSqYt5lwP4DH5FlHnmuWWBRy7X0NcaGR0ZtuyeESgMwTYVEtxmsNGY+qit4QYT/MIYTOTPeA==",
-      "dev": true
-    },
-    "@xtuc/long": {
-      "version": "4.2.2",
-      "resolved": "https://registry.npmjs.org/@xtuc/long/-/long-4.2.2.tgz",
-      "integrity": "sha512-NuHqBY1PB/D8xU6s/thBgOAiAP7HOYDQ32+BFZILJ8ivkUkAHQnWfn6WhL79Owj1qmUnoN/YPhktdIoucipkAQ==",
-      "dev": true
-    },
-    "7zip-bin": {
-      "version": "5.2.0",
-      "resolved": "https://registry.npmjs.org/7zip-bin/-/7zip-bin-5.2.0.tgz",
-      "integrity": "sha512-ukTPVhqG4jNzMro2qA9HSCSSVJN3aN7tlb+hfqYCt3ER0yWroeA2VR38MNrOHLQ/cVj+DaIMad0kFCtWWowh/A==",
-      "dev": true
-    },
-    "abbrev": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz",
-      "integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==",
-      "dev": true
-    },
-    "abort-controller": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/abort-controller/-/abort-controller-3.0.0.tgz",
-      "integrity": "sha512-h8lQ8tacZYnR3vNQTgibj+tODHI5/+l06Au2Pcriv/Gmet0eaj4TwWH41sO9wnHDiQsEj19q0drzdWdeAHtweg==",
-      "requires": {
-        "event-target-shim": "^5.0.0"
-      }
-    },
-    "accepts": {
-      "version": "1.3.8",
-      "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.8.tgz",
-      "integrity": "sha512-PYAthTa2m2VKxuvSD3DPC/Gy+U+sOA1LAuT8mkmRuvw+NACSaeXEQ+NHcVF7rONl6qcaxV3Uuemwawk+7+SJLw==",
-      "requires": {
-        "mime-types": "~2.1.34",
-        "negotiator": "0.6.3"
-      }
-    },
-    "accessor-fn": {
-      "version": "1.5.0",
-      "resolved": "https://registry.npmjs.org/accessor-fn/-/accessor-fn-1.5.0.tgz",
-      "integrity": "sha512-dml7D96DY/K5lt4Ra2jMnpL9Bhw5HEGws4p1OAIxFFj9Utd/RxNfEO3T3f0QIWFNwQU7gNxH9snUfqF/zNkP/w=="
-    },
-    "acorn": {
-      "version": "8.10.0",
-      "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.10.0.tgz",
-      "integrity": "sha512-F0SAmZ8iUtS//m8DmCTA0jlh6TDKkHQyK6xc6V4KDTyZKA9dnvX9/3sRTVQrWm79glUAZbnmmNcdYwUIHWVybw==",
-      "dev": true
-    },
-    "acorn-import-assertions": {
-      "version": "1.9.0",
-      "resolved": "https://registry.npmjs.org/acorn-import-assertions/-/acorn-import-assertions-1.9.0.tgz",
-      "integrity": "sha512-cmMwop9x+8KFhxvKrKfPYmN6/pKTYYHBqLa0DfvVZcKMJWNyWLnaqND7dx/qn66R7ewM1UX5XMaDVP5wlVTaVA==",
-      "dev": true,
-      "requires": {}
-    },
-    "acorn-walk": {
-      "version": "8.3.2",
-      "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.3.2.tgz",
-      "integrity": "sha512-cjkyv4OtNCIeqhHrfS81QWXoCBPExR/J62oyEqepVw8WaQeSqpW2uhuLPh1m9eWhDuOo/jUXVTlifvesOWp/4A==",
-      "dev": true
-    },
-    "agent-base": {
-      "version": "6.0.2",
-      "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-6.0.2.tgz",
-      "integrity": "sha512-RZNwNclF7+MS/8bDg70amg32dyeZGZxiDuQmZxKLAlQjr3jGyLx+4Kkk58UO7D2QdgFIQCovuSuZESne6RG6XQ==",
-      "dev": true,
-      "requires": {
-        "debug": "4"
-      }
-    },
-    "agentkeepalive": {
-      "version": "4.2.1",
-      "resolved": "https://registry.npmjs.org/agentkeepalive/-/agentkeepalive-4.2.1.tgz",
-      "integrity": "sha512-Zn4cw2NEqd+9fiSVWMscnjyQ1a8Yfoc5oBajLeo5w+YBHgDUcEBY2hS4YpTz6iN5f/2zQiktcuM6tS8x1p9dpA==",
-      "dev": true,
-      "requires": {
-        "debug": "^4.1.0",
-        "depd": "^1.1.2",
-        "humanize-ms": "^1.2.1"
-      }
-    },
-    "aggregate-error": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz",
-      "integrity": "sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==",
-      "requires": {
-        "clean-stack": "^2.0.0",
-        "indent-string": "^4.0.0"
-      }
-    },
-    "ajv": {
-      "version": "6.12.6",
-      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
-      "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
-      "requires": {
-        "fast-deep-equal": "^3.1.1",
-        "fast-json-stable-stringify": "^2.0.0",
-        "json-schema-traverse": "^0.4.1",
-        "uri-js": "^4.2.2"
-      }
-    },
-    "ajv-keywords": {
-      "version": "3.5.2",
-      "resolved": "https://registry.npmjs.org/ajv-keywords/-/ajv-keywords-3.5.2.tgz",
-      "integrity": "sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ==",
-      "dev": true,
-      "requires": {}
-    },
-    "amator": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/amator/-/amator-1.1.0.tgz",
-      "integrity": "sha512-V5+aH8pe+Z3u/UG3L3pG3BaFQGXAyXHVQDroRwjPHdh08bcUEchAVsU1MCuJSCaU5o60wTK6KaE6te5memzgYw==",
-      "requires": {
-        "bezier-easing": "^2.0.3"
-      }
-    },
-    "ansi-regex": {
-      "version": "5.0.1",
-      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.1.tgz",
-      "integrity": "sha512-quJQXlTSUGL2LH9SUXo8VwsY4soanhgo6LNSm84E1LBcE8s3O0wpdiRzyR9z/ZZJMlMWv37qOOb9pdJlMUEKFQ=="
-    },
-    "ansi-styles": {
-      "version": "4.3.0",
-      "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-4.3.0.tgz",
-      "integrity": "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==",
-      "requires": {
-        "color-convert": "^2.0.1"
-      }
-    },
-    "any-base": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/any-base/-/any-base-1.1.0.tgz",
-      "integrity": "sha512-uMgjozySS8adZZYePpaWs8cxB9/kdzmpX6SgJZ+wbz1K5eYk5QMYDVJaZKhxyIHUdnnJkfR7SVgStgH7LkGUyg=="
-    },
-    "anymatch": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.2.tgz",
-      "integrity": "sha512-P43ePfOAIupkguHUycrc4qJ9kz8ZiuOUijaETwX7THt0Y/GNK7v0aa8rY816xWjZ7rJdA5XdMcpVFTKMq+RvWg==",
-      "requires": {
-        "normalize-path": "^3.0.0",
-        "picomatch": "^2.0.4"
-      }
-    },
-    "app-builder-bin": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/app-builder-bin/-/app-builder-bin-4.0.0.tgz",
-      "integrity": "sha512-xwdG0FJPQMe0M0UA4Tz0zEB8rBJTRA5a476ZawAqiBkMv16GRK5xpXThOjMaEOFnZ6zabejjG4J3da0SXG63KA==",
-      "dev": true
-    },
-    "app-builder-lib": {
-      "version": "24.13.3",
-      "resolved": "https://registry.npmjs.org/app-builder-lib/-/app-builder-lib-24.13.3.tgz",
-      "integrity": "sha512-FAzX6IBit2POXYGnTCT8YHFO/lr5AapAII6zzhQO3Rw4cEDOgK+t1xhLc5tNcKlicTHlo9zxIwnYCX9X2DLkig==",
-      "dev": true,
-      "requires": {
-        "@develar/schema-utils": "~2.6.5",
-        "@electron/notarize": "2.2.1",
-        "@electron/osx-sign": "1.0.5",
-        "@electron/universal": "1.5.1",
-        "@malept/flatpak-bundler": "^0.4.0",
-        "@types/fs-extra": "9.0.13",
-        "async-exit-hook": "^2.0.1",
-        "bluebird-lst": "^1.0.9",
-        "builder-util": "24.13.1",
-        "builder-util-runtime": "9.2.4",
-        "chromium-pickle-js": "^0.2.0",
-        "debug": "^4.3.4",
-        "ejs": "^3.1.8",
-        "electron-publish": "24.13.1",
-        "form-data": "^4.0.0",
-        "fs-extra": "^10.1.0",
-        "hosted-git-info": "^4.1.0",
-        "is-ci": "^3.0.0",
-        "isbinaryfile": "^5.0.0",
-        "js-yaml": "^4.1.0",
-        "lazy-val": "^1.0.5",
-        "minimatch": "^5.1.1",
-        "read-config-file": "6.3.2",
-        "sanitize-filename": "^1.6.3",
-        "semver": "^7.3.8",
-        "tar": "^6.1.12",
-        "temp-file": "^3.4.0"
-      },
-      "dependencies": {
-        "@electron/notarize": {
-          "version": "2.2.1",
-          "resolved": "https://registry.npmjs.org/@electron/notarize/-/notarize-2.2.1.tgz",
-          "integrity": "sha512-aL+bFMIkpR0cmmj5Zgy0LMKEpgy43/hw5zadEArgmAMWWlKc5buwFvFT9G/o/YJkvXAJm5q3iuTuLaiaXW39sg==",
-          "dev": true,
-          "requires": {
-            "debug": "^4.1.1",
-            "fs-extra": "^9.0.1",
-            "promise-retry": "^2.0.1"
-          },
-          "dependencies": {
-            "fs-extra": {
-              "version": "9.1.0",
-              "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
-              "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
-              "dev": true,
-              "requires": {
-                "at-least-node": "^1.0.0",
-                "graceful-fs": "^4.2.0",
-                "jsonfile": "^6.0.1",
-                "universalify": "^2.0.0"
-              }
-            }
-          }
-        },
-        "brace-expansion": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-          "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
-          "dev": true,
-          "requires": {
-            "balanced-match": "^1.0.0"
-          }
-        },
-        "form-data": {
-          "version": "4.0.0",
-          "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz",
-          "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==",
-          "dev": true,
-          "requires": {
-            "asynckit": "^0.4.0",
-            "combined-stream": "^1.0.8",
-            "mime-types": "^2.1.12"
-          }
-        },
-        "fs-extra": {
-          "version": "10.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
-          "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "hosted-git-info": {
-          "version": "4.1.0",
-          "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-4.1.0.tgz",
-          "integrity": "sha512-kyCuEOWjJqZuDbRHzL8V93NzQhwIB71oFWSyzVo+KPZI+pnQPPxucdkrOZvkLRnrf5URsQM+IJ09Dw29cRALIA==",
-          "dev": true,
-          "requires": {
-            "lru-cache": "^6.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "minimatch": {
-          "version": "5.1.6",
-          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
-          "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
-          "dev": true,
-          "requires": {
-            "brace-expansion": "^2.0.1"
-          }
-        },
-        "universalify": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
-          "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
-          "dev": true
-        }
-      }
-    },
-    "append-field": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/append-field/-/append-field-1.0.0.tgz",
-      "integrity": "sha1-HjRA6RXwsSA9I3SOeO3XubW0PlY="
-    },
-    "aproba": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/aproba/-/aproba-1.2.0.tgz",
-      "integrity": "sha512-Y9J6ZjXtoYh8RnXVCMOU/ttDmk1aBjunq9vO0ta5x85WDQiQfUF9sIPBITdbiiIVcBo03Hi3jMxigBtsddlXRw==",
-      "dev": true
-    },
-    "archiver": {
-      "version": "7.0.0",
-      "resolved": "https://registry.npmjs.org/archiver/-/archiver-7.0.0.tgz",
-      "integrity": "sha512-R9HM9egs8FfktSqUqyjlKmvF4U+CWNqm/2tlROV+lOFg79MLdT67ae1l3hU47pGy8twSXxHoiefMCh43w0BriQ==",
-      "requires": {
-        "archiver-utils": "^5.0.0",
-        "async": "^3.2.4",
-        "buffer-crc32": "^1.0.0",
-        "readable-stream": "^4.0.0",
-        "readdir-glob": "^1.1.2",
-        "tar-stream": "^3.0.0",
-        "zip-stream": "^6.0.0"
-      },
-      "dependencies": {
-        "buffer": {
-          "version": "6.0.3",
-          "resolved": "https://registry.npmjs.org/buffer/-/buffer-6.0.3.tgz",
-          "integrity": "sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==",
-          "requires": {
-            "base64-js": "^1.3.1",
-            "ieee754": "^1.2.1"
-          }
-        },
-        "buffer-crc32": {
-          "version": "1.0.0",
-          "resolved": "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-1.0.0.tgz",
-          "integrity": "sha512-Db1SbgBS/fg/392AblrMJk97KggmvYhr4pB5ZIMTWtaivCPMWLkmb7m21cJvpvgK+J3nsU2CmmixNBZx4vFj/w=="
-        },
-        "readable-stream": {
-          "version": "4.5.2",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-4.5.2.tgz",
-          "integrity": "sha512-yjavECdqeZ3GLXNgRXgeQEdz9fvDDkNKyHnbHRFtOr7/LcfgBcmct7t/ET+HaCTqfh06OzoAxrkN/IfjJBVe+g==",
-          "requires": {
-            "abort-controller": "^3.0.0",
-            "buffer": "^6.0.3",
-            "events": "^3.3.0",
-            "process": "^0.11.10",
-            "string_decoder": "^1.3.0"
-          }
-        },
-        "safe-buffer": {
-          "version": "5.2.1",
-          "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
-          "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ=="
-        },
-        "string_decoder": {
-          "version": "1.3.0",
-          "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
-          "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==",
-          "requires": {
-            "safe-buffer": "~5.2.0"
-          }
-        },
-        "tar-stream": {
-          "version": "3.1.6",
-          "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-3.1.6.tgz",
-          "integrity": "sha512-B/UyjYwPpMBv+PaFSWAmtYjwdrlEaZQEhMIBFNC5oEG8lpiW8XjcSdmEaClj28ArfKScKHs2nshz3k2le6crsg==",
-          "requires": {
-            "b4a": "^1.6.4",
-            "fast-fifo": "^1.2.0",
-            "streamx": "^2.15.0"
-          }
-        }
-      }
-    },
-    "archiver-utils": {
-      "version": "5.0.1",
-      "resolved": "https://registry.npmjs.org/archiver-utils/-/archiver-utils-5.0.1.tgz",
-      "integrity": "sha512-MMAoLdMvT/nckofX1tCLrf7uJce4jTNkiT6smA2u57AOImc1nce7mR3EDujxL5yv6/MnILuQH4sAsPtDS8kTvg==",
-      "requires": {
-        "glob": "^10.0.0",
-        "graceful-fs": "^4.2.0",
-        "lazystream": "^1.0.0",
-        "lodash": "^4.17.15",
-        "normalize-path": "^3.0.0",
-        "readable-stream": "^3.6.0"
-      },
-      "dependencies": {
-        "brace-expansion": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-          "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
-          "requires": {
-            "balanced-match": "^1.0.0"
-          }
-        },
-        "glob": {
-          "version": "10.3.10",
-          "resolved": "https://registry.npmjs.org/glob/-/glob-10.3.10.tgz",
-          "integrity": "sha512-fa46+tv1Ak0UPK1TOy/pZrIybNNt4HCv7SDzwyfiOZkvZLEbjsZkJBPtDHVshZjbecAoAGSC20MjLDG/qr679g==",
-          "requires": {
-            "foreground-child": "^3.1.0",
-            "jackspeak": "^2.3.5",
-            "minimatch": "^9.0.1",
-            "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0",
-            "path-scurry": "^1.10.1"
-          }
-        },
-        "minimatch": {
-          "version": "9.0.3",
-          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz",
-          "integrity": "sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==",
-          "requires": {
-            "brace-expansion": "^2.0.1"
-          }
-        },
-        "minipass": {
-          "version": "7.0.4",
-          "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz",
-          "integrity": "sha512-jYofLM5Dam9279rdkWzqHozUo4ybjdZmCsDHePy5V/PbBcVMiSZR97gmAy45aqi8CK1lG2ECd356FU86avfwUQ=="
-        },
-        "readable-stream": {
-          "version": "3.6.2",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
-          "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
-          "requires": {
-            "inherits": "^2.0.3",
-            "string_decoder": "^1.1.1",
-            "util-deprecate": "^1.0.1"
-          }
-        }
-      }
-    },
-    "arg": {
-      "version": "4.1.3",
-      "resolved": "https://registry.npmjs.org/arg/-/arg-4.1.3.tgz",
-      "integrity": "sha512-58S9QDqG0Xx27YwPSt9fJxivjYl432YCwfDMfZ+71RAqUrZef7LrKQZ3LHLOwCS4FLNBplP533Zx895SeOCHvA==",
-      "dev": true
-    },
-    "argparse": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/argparse/-/argparse-2.0.1.tgz",
-      "integrity": "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==",
-      "dev": true
-    },
-    "array-flatten": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz",
-      "integrity": "sha1-ml9pkFGx5wczKPKgCJaLZOopVdI="
-    },
-    "asar": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/asar/-/asar-3.1.0.tgz",
-      "integrity": "sha512-vyxPxP5arcAqN4F/ebHd/HhwnAiZtwhglvdmc7BR2f0ywbVNTOpSeyhLDbGXtE/y58hv1oC75TaNIXutnsOZsQ==",
-      "optional": true,
-      "requires": {
-        "@types/glob": "^7.1.1",
-        "chromium-pickle-js": "^0.2.0",
-        "commander": "^5.0.0",
-        "glob": "^7.1.6",
-        "minimatch": "^3.0.4"
-      }
-    },
-    "asn1": {
-      "version": "0.2.4",
-      "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz",
-      "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==",
-      "requires": {
-        "safer-buffer": "~2.1.0"
-      }
-    },
-    "asn1.js": {
-      "version": "5.4.1",
-      "resolved": "https://registry.npmjs.org/asn1.js/-/asn1.js-5.4.1.tgz",
-      "integrity": "sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==",
-      "requires": {
-        "bn.js": "^4.0.0",
-        "inherits": "^2.0.1",
-        "minimalistic-assert": "^1.0.0",
-        "safer-buffer": "^2.1.0"
-      }
-    },
-    "asn1.js-rfc2560": {
-      "version": "5.0.1",
-      "resolved": "https://registry.npmjs.org/asn1.js-rfc2560/-/asn1.js-rfc2560-5.0.1.tgz",
-      "integrity": "sha512-1PrVg6kuBziDN3PGFmRk3QrjpKvP9h/Hv5yMrFZvC1kpzP6dQRzf5BpKstANqHBkaOUmTpakJWhicTATOA/SbA==",
-      "requires": {
-        "asn1.js-rfc5280": "^3.0.0"
-      }
-    },
-    "asn1.js-rfc5280": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/asn1.js-rfc5280/-/asn1.js-rfc5280-3.0.0.tgz",
-      "integrity": "sha512-Y2LZPOWeZ6qehv698ZgOGGCZXBQShObWnGthTrIFlIQjuV1gg2B8QOhWFRExq/MR1VnPpIIe7P9vX2vElxv+Pg==",
-      "requires": {
-        "asn1.js": "^5.0.0"
-      }
-    },
-    "assert-plus": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz",
-      "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU="
-    },
-    "astral-regex": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/astral-regex/-/astral-regex-2.0.0.tgz",
-      "integrity": "sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ==",
-      "dev": true,
-      "optional": true
-    },
-    "async": {
-      "version": "3.2.4",
-      "resolved": "https://registry.npmjs.org/async/-/async-3.2.4.tgz",
-      "integrity": "sha512-iAB+JbDEGXhyIUavoDl9WP/Jj106Kz9DEn1DPgYw5ruDn0e3Wgi3sKFm55sASdGBNOQB8F59d9qQ7deqrHA8wQ=="
-    },
-    "async-exit-hook": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/async-exit-hook/-/async-exit-hook-2.0.1.tgz",
-      "integrity": "sha512-NW2cX8m1Q7KPA7a5M2ULQeZ2wR5qI5PAbw5L0UOMxdioVk9PMZ0h1TmyZEkPYrCvYjDlFICusOu1dlEKAAeXBw==",
-      "dev": true
-    },
-    "async-hook-jl": {
-      "version": "1.7.6",
-      "resolved": "https://registry.npmjs.org/async-hook-jl/-/async-hook-jl-1.7.6.tgz",
-      "integrity": "sha512-gFaHkFfSxTjvoxDMYqDuGHlcRyUuamF8s+ZTtJdDzqjws4mCt7v0vuV79/E2Wr2/riMQgtG4/yUtXWs1gZ7JMg==",
-      "requires": {
-        "stack-chain": "^1.3.7"
-      }
-    },
-    "async-mutex": {
-      "version": "0.4.1",
-      "resolved": "https://registry.npmjs.org/async-mutex/-/async-mutex-0.4.1.tgz",
-      "integrity": "sha512-WfoBo4E/TbCX1G95XTjbWTE3X2XLG0m1Xbv2cwOtuPdyH9CZvnaA5nCt1ucjaKEgW2A5IF71hxrRhr83Je5xjA==",
-      "requires": {
-        "tslib": "^2.4.0"
-      }
-    },
-    "asynckit": {
-      "version": "0.4.0",
-      "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
-      "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k="
-    },
-    "at-least-node": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/at-least-node/-/at-least-node-1.0.0.tgz",
-      "integrity": "sha512-+q/t7Ekv1EDY2l6Gda6LLiX14rU9TV20Wa3ofeQmwPFZbOMo9DXrLbOjFaaclkXKWidIaopwAObQDqwWtGUjqg==",
-      "devOptional": true
-    },
-    "author-regex": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/author-regex/-/author-regex-1.0.0.tgz",
-      "integrity": "sha1-0IiFvmubv5Q5/gh8dihyRfCoFFA=",
-      "devOptional": true
-    },
-    "aws-sign2": {
-      "version": "0.7.0",
-      "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz",
-      "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg="
-    },
-    "aws4": {
-      "version": "1.8.0",
-      "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.8.0.tgz",
-      "integrity": "sha512-ReZxvNHIOv88FlT7rxcXIIC0fPt4KZqZbOlivyWtXLt8ESx84zd3kMC6iK5jVeS2qt+g7ftS7ye4fi06X5rtRQ=="
-    },
-    "axios": {
-      "version": "1.6.7",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.7.tgz",
-      "integrity": "sha512-/hDJGff6/c7u0hDkvkGxR/oy6CbCs8ziCsC7SqmhjfozqiJGc8Z11wrv9z9lYfY4K8l+H9TpjcMDX0xOZmx+RA==",
-      "requires": {
-        "follow-redirects": "^1.15.4",
-        "form-data": "^4.0.0",
-        "proxy-from-env": "^1.1.0"
-      },
-      "dependencies": {
-        "form-data": {
-          "version": "4.0.0",
-          "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz",
-          "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==",
-          "requires": {
-            "asynckit": "^0.4.0",
-            "combined-stream": "^1.0.8",
-            "mime-types": "^2.1.12"
-          }
-        }
-      }
-    },
-    "b4a": {
-      "version": "1.6.4",
-      "resolved": "https://registry.npmjs.org/b4a/-/b4a-1.6.4.tgz",
-      "integrity": "sha512-fpWrvyVHEKyeEvbKZTVOeZF3VSKKWtJxFIxX/jaVPf+cLbGUSitjb49pHLqPV2BUNNZ0LcoeEGfE/YCpyDYHIw=="
-    },
-    "bagpipe": {
-      "version": "0.3.5",
-      "resolved": "https://registry.npmjs.org/bagpipe/-/bagpipe-0.3.5.tgz",
-      "integrity": "sha1-40HRZPyyTN8E6n4Ft2XsEMiupqE="
-    },
-    "balanced-match": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz",
-      "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c="
-    },
-    "base32.js": {
-      "version": "0.0.1",
-      "resolved": "https://registry.npmjs.org/base32.js/-/base32.js-0.0.1.tgz",
-      "integrity": "sha512-EGHIRiegFa62/SsA1J+Xs2tIzludPdzM064N9wjbiEgHnGnJ1V0WEpA4pEwCYT5nDvZk3ubf0shqaCS7k6xeUQ=="
-    },
-    "base64-js": {
-      "version": "1.5.1",
-      "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz",
-      "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA=="
-    },
-    "base64url": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/base64url/-/base64url-3.0.1.tgz",
-      "integrity": "sha512-ir1UPr3dkwexU7FdV8qBBbNDRUhMmIekYMFZfi+C/sLNnRESKPl23nB9b2pltqfOQNnGzsDdId90AEtG5tCx4A=="
-    },
-    "bcrypt-pbkdf": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz",
-      "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=",
-      "requires": {
-        "tweetnacl": "^0.14.3"
-      }
-    },
-    "better-sqlite3": {
-      "version": "8.4.0",
-      "resolved": "https://registry.npmjs.org/better-sqlite3/-/better-sqlite3-8.4.0.tgz",
-      "integrity": "sha512-NmsNW1CQvqMszu/CFAJ3pLct6NEFlNfuGM6vw72KHkjOD1UDnL96XNN1BMQc1hiHo8vE2GbOWQYIpZ+YM5wrZw==",
-      "requires": {
-        "bindings": "^1.5.0",
-        "prebuild-install": "^7.1.0"
-      }
-    },
-    "bezier-easing": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/bezier-easing/-/bezier-easing-2.1.0.tgz",
-      "integrity": "sha512-gbIqZ/eslnUFC1tjEvtz0sgx+xTK20wDnYMIA27VA04R7w6xxXQPZDbibjA9DTWZRA2CXtwHykkVzlCaAJAZig=="
-    },
-    "bezier-js": {
-      "version": "6.1.4",
-      "resolved": "https://registry.npmjs.org/bezier-js/-/bezier-js-6.1.4.tgz",
-      "integrity": "sha512-PA0FW9ZpcHbojUCMu28z9Vg/fNkwTj5YhusSAjHHDfHDGLxJ6YUKrAN2vk1fP2MMOxVw4Oko16FMlRGVBGqLKg=="
-    },
-    "binary-extensions": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.2.0.tgz",
-      "integrity": "sha512-jDctJ/IVQbZoJykoeHbhXpOlNBqGNcwXJKJog42E5HDPUwQTSdjCHdihjj0DlnheQ7blbT6dHOafNAiS8ooQKA=="
-    },
-    "bindings": {
-      "version": "1.5.0",
-      "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz",
-      "integrity": "sha512-p2q/t/mhvuOj/UeLlV6566GD/guowlr0hHxClI0W9m7MWYkL1F0hLo+0Aexs9HSPCtR1SXQ0TD3MMKrXZajbiQ==",
-      "requires": {
-        "file-uri-to-path": "1.0.0"
-      }
-    },
-    "bl": {
-      "version": "4.0.3",
-      "resolved": "https://registry.npmjs.org/bl/-/bl-4.0.3.tgz",
-      "integrity": "sha512-fs4G6/Hu4/EE+F75J8DuN/0IpQqNjAdC7aEQv7Qt8MHGUH7Ckv2MwTEEeN9QehD0pfIDkMI1bkHYkKy7xHyKIg==",
-      "requires": {
-        "buffer": "^5.5.0",
-        "inherits": "^2.0.4",
-        "readable-stream": "^3.4.0"
-      },
-      "dependencies": {
-        "readable-stream": {
-          "version": "3.6.0",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz",
-          "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==",
-          "requires": {
-            "inherits": "^2.0.3",
-            "string_decoder": "^1.1.1",
-            "util-deprecate": "^1.0.1"
-          }
-        }
-      }
-    },
-    "bluebird": {
-      "version": "3.7.0",
-      "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.7.0.tgz",
-      "integrity": "sha512-aBQ1FxIa7kSWCcmKHlcHFlT2jt6J/l4FzC7KcPELkOJOsPOb/bccdhmIrKDfXhwFrmc7vDoDrrepFvGqjyXGJg==",
-      "dev": true
-    },
-    "bluebird-lst": {
-      "version": "1.0.9",
-      "resolved": "https://registry.npmjs.org/bluebird-lst/-/bluebird-lst-1.0.9.tgz",
-      "integrity": "sha512-7B1Rtx82hjnSD4PGLAjVWeYH3tHAcVUmChh85a3lltKQm6FresXh9ErQo6oAv6CqxttczC3/kEg8SY5NluPuUw==",
-      "dev": true,
-      "requires": {
-        "bluebird": "^3.5.5"
-      }
-    },
-    "bmp-js": {
-      "version": "0.1.0",
-      "resolved": "https://registry.npmjs.org/bmp-js/-/bmp-js-0.1.0.tgz",
-      "integrity": "sha512-vHdS19CnY3hwiNdkaqk93DvjVLfbEcI8mys4UjuWrlX1haDmroo8o4xCzh4wD6DGV6HxRCyauwhHRqMTfERtjw=="
-    },
-    "bn.js": {
-      "version": "4.11.9",
-      "resolved": "https://registry.npmjs.org/bn.js/-/bn.js-4.11.9.tgz",
-      "integrity": "sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw=="
-    },
-    "body-parser": {
-      "version": "1.20.2",
-      "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.20.2.tgz",
-      "integrity": "sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==",
-      "requires": {
-        "bytes": "3.1.2",
-        "content-type": "~1.0.5",
-        "debug": "2.6.9",
-        "depd": "2.0.0",
-        "destroy": "1.2.0",
-        "http-errors": "2.0.0",
-        "iconv-lite": "0.4.24",
-        "on-finished": "2.4.1",
-        "qs": "6.11.0",
-        "raw-body": "2.5.2",
-        "type-is": "~1.6.18",
-        "unpipe": "1.0.0"
-      },
-      "dependencies": {
-        "debug": {
-          "version": "2.6.9",
-          "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
-          "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
-          "requires": {
-            "ms": "2.0.0"
-          }
-        },
-        "depd": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
-          "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
-        },
-        "iconv-lite": {
-          "version": "0.4.24",
-          "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz",
-          "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==",
-          "requires": {
-            "safer-buffer": ">= 2.1.2 < 3"
-          }
-        }
-      }
-    },
-    "boolbase": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/boolbase/-/boolbase-1.0.0.tgz",
-      "integrity": "sha1-aN/1++YMUes3cl6p4+0xDcwed24="
-    },
-    "boolean": {
-      "version": "3.2.0",
-      "resolved": "https://registry.npmjs.org/boolean/-/boolean-3.2.0.tgz",
-      "integrity": "sha512-d0II/GO9uf9lfUHH2BQsjxzRJZBdsjgsBiW4BvhWk/3qoKwQFjIDVN19PfX8F2D/r9PCMTtLWjYVCFrpeYUzsw==",
-      "optional": true
-    },
-    "boxicons": {
-      "version": "2.1.4",
-      "resolved": "https://registry.npmjs.org/boxicons/-/boxicons-2.1.4.tgz",
-      "integrity": "sha512-BvJNfYfnE4g9WQ7GL91fftxMOTwAleWlPFwvQJPYb/Ju7aLjlQ/Eu55AH9JLNk/OR82z+ZSq4TbKzbV/e5Rr0A==",
-      "requires": {
-        "@webcomponents/webcomponentsjs": "^2.0.2",
-        "prop-types": "^15.6.0",
-        "react": "^16.0.0",
-        "react-dom": "^16.0.0",
-        "react-interactive": "^0.8.1",
-        "react-router-dom": "^4.2.2"
-      },
-      "dependencies": {
-        "react": {
-          "version": "16.14.0",
-          "resolved": "https://registry.npmjs.org/react/-/react-16.14.0.tgz",
-          "integrity": "sha512-0X2CImDkJGApiAlcf0ODKIneSwBPhqJawOa5wCtKbu7ZECrmS26NvtSILynQ66cgkT/RJ4LidJOc3bUESwmU8g==",
-          "requires": {
-            "loose-envify": "^1.1.0",
-            "object-assign": "^4.1.1",
-            "prop-types": "^15.6.2"
-          }
-        },
-        "react-dom": {
-          "version": "16.14.0",
-          "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-16.14.0.tgz",
-          "integrity": "sha512-1gCeQXDLoIqMgqD3IO2Ah9bnf0w9kzhwN5q4FGnHZ67hBm9yePzB5JJAIQCc8x3pFnNlwFq4RidZggNAAkzWWw==",
-          "requires": {
-            "loose-envify": "^1.1.0",
-            "object-assign": "^4.1.1",
-            "prop-types": "^15.6.2",
-            "scheduler": "^0.19.1"
-          }
-        },
-        "scheduler": {
-          "version": "0.19.1",
-          "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.19.1.tgz",
-          "integrity": "sha512-n/zwRWRYSUj0/3g/otKDRPMh6qv2SYMWNq85IEa8iZyAv8od9zDYpGSnpBEjNgcMNq6Scbu5KfIPxNF72R/2EA==",
-          "requires": {
-            "loose-envify": "^1.1.0",
-            "object-assign": "^4.1.1"
-          }
-        }
-      }
-    },
-    "brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-      "requires": {
-        "balanced-match": "^1.0.0",
-        "concat-map": "0.0.1"
-      }
-    },
-    "braces": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz",
-      "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==",
-      "requires": {
-        "fill-range": "^7.0.1"
-      }
-    },
-    "browserslist": {
-      "version": "4.23.0",
-      "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.23.0.tgz",
-      "integrity": "sha512-QW8HiM1shhT2GuzkvklfjcKDiWFXHOeFCIA/huJPwHsslwcydgk7X+z2zXpEijP98UCY7HbubZt5J2Zgvf0CaQ==",
-      "dev": true,
-      "requires": {
-        "caniuse-lite": "^1.0.30001587",
-        "electron-to-chromium": "^1.4.668",
-        "node-releases": "^2.0.14",
-        "update-browserslist-db": "^1.0.13"
-      }
-    },
-    "buffer": {
-      "version": "5.6.0",
-      "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.6.0.tgz",
-      "integrity": "sha512-/gDYp/UtU0eA1ys8bOs9J6a+E/KWIY+DZ+Q2WESNUA0jFRsJOc0SNUO6xJ5SGA1xueg3NL65W6s+NY5l9cunuw==",
-      "requires": {
-        "base64-js": "^1.0.2",
-        "ieee754": "^1.1.4"
-      }
-    },
-    "buffer-alloc": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/buffer-alloc/-/buffer-alloc-1.2.0.tgz",
-      "integrity": "sha512-CFsHQgjtW1UChdXgbyJGtnm+O/uLQeZdtbDo8mfUgYXCHSM1wgrVxXm6bSyrUuErEb+4sYVGCzASBRot7zyrow==",
-      "requires": {
-        "buffer-alloc-unsafe": "^1.1.0",
-        "buffer-fill": "^1.0.0"
-      }
-    },
-    "buffer-alloc-unsafe": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/buffer-alloc-unsafe/-/buffer-alloc-unsafe-1.1.0.tgz",
-      "integrity": "sha512-TEM2iMIEQdJ2yjPJoSIsldnleVaAk1oW3DBVUykyOLsEsFmEc9kn+SFFPz+gl54KQNxlDnAwCXosOS9Okx2xAg=="
-    },
-    "buffer-crc32": {
-      "version": "0.2.13",
-      "resolved": "https://registry.npmjs.org/buffer-crc32/-/buffer-crc32-0.2.13.tgz",
-      "integrity": "sha1-DTM+PwDqxQqhRUq9MO+MKl2ackI="
-    },
-    "buffer-equal": {
-      "version": "0.0.1",
-      "resolved": "https://registry.npmjs.org/buffer-equal/-/buffer-equal-0.0.1.tgz",
-      "integrity": "sha512-RgSV6InVQ9ODPdLWJ5UAqBqJBOg370Nz6ZQtRzpt6nUjc8v0St97uJ4PYC6NztqIScrAXafKM3mZPMygSe1ggA=="
-    },
-    "buffer-fill": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/buffer-fill/-/buffer-fill-1.0.0.tgz",
-      "integrity": "sha1-+PeLdniYiO858gXNY39o5wISKyw="
-    },
-    "buffer-from": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz",
-      "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A=="
-    },
-    "builder-util": {
-      "version": "24.13.1",
-      "resolved": "https://registry.npmjs.org/builder-util/-/builder-util-24.13.1.tgz",
-      "integrity": "sha512-NhbCSIntruNDTOVI9fdXz0dihaqX2YuE1D6zZMrwiErzH4ELZHE6mdiB40wEgZNprDia+FghRFgKoAqMZRRjSA==",
-      "dev": true,
-      "requires": {
-        "@types/debug": "^4.1.6",
-        "7zip-bin": "~5.2.0",
-        "app-builder-bin": "4.0.0",
-        "bluebird-lst": "^1.0.9",
-        "builder-util-runtime": "9.2.4",
-        "chalk": "^4.1.2",
-        "cross-spawn": "^7.0.3",
-        "debug": "^4.3.4",
-        "fs-extra": "^10.1.0",
-        "http-proxy-agent": "^5.0.0",
-        "https-proxy-agent": "^5.0.1",
-        "is-ci": "^3.0.0",
-        "js-yaml": "^4.1.0",
-        "source-map-support": "^0.5.19",
-        "stat-mode": "^1.0.0",
-        "temp-file": "^3.4.0"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "10.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
-          "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "http-proxy-agent": {
-          "version": "5.0.0",
-          "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-5.0.0.tgz",
-          "integrity": "sha512-n2hY8YdoRE1i7r6M0w9DIw5GgZN0G25P8zLCRQ8rjXtTU3vsNFBI/vWK/UIeE6g5MUUz6avwAPXmL6Fy9D/90w==",
-          "dev": true,
-          "requires": {
-            "@tootallnate/once": "2",
-            "agent-base": "6",
-            "debug": "4"
-          }
-        },
-        "https-proxy-agent": {
-          "version": "5.0.1",
-          "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz",
-          "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==",
-          "dev": true,
-          "requires": {
-            "agent-base": "6",
-            "debug": "4"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
-          "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
-          "dev": true
-        }
-      }
-    },
-    "builder-util-runtime": {
-      "version": "9.2.4",
-      "resolved": "https://registry.npmjs.org/builder-util-runtime/-/builder-util-runtime-9.2.4.tgz",
-      "integrity": "sha512-upp+biKpN/XZMLim7aguUyW8s0FUpDvOtK6sbanMFDAMBzpHDqdhgVYm6zc9HJ6nWo7u2Lxk60i2M6Jd3aiNrA==",
-      "dev": true,
-      "requires": {
-        "debug": "^4.3.4",
-        "sax": "^1.2.4"
-      }
-    },
-    "busboy": {
-      "version": "1.6.0",
-      "resolved": "https://registry.npmjs.org/busboy/-/busboy-1.6.0.tgz",
-      "integrity": "sha512-8SFQbg/0hQ9xy3UNTB0YEnsNBbWfhf7RtnzpL7TkBiTBRfrQ9Fxcnz7VJsleJpyp6rVLvXiuORqjlHi5q+PYuA==",
-      "requires": {
-        "streamsearch": "^1.1.0"
-      }
-    },
-    "bytes": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.2.tgz",
-      "integrity": "sha512-/Nf7TyzTx6S3yRJObOAV7956r8cr2+Oj8AC5dt8wSP3BQAoeX58NoHyCU8P8zGkNXStjTSi6fzO6F0pBdcYbEg=="
-    },
-    "cacache": {
-      "version": "16.1.1",
-      "resolved": "https://registry.npmjs.org/cacache/-/cacache-16.1.1.tgz",
-      "integrity": "sha512-VDKN+LHyCQXaaYZ7rA/qtkURU+/yYhviUdvqEv2LT6QPZU8jpyzEkEVAcKlKLt5dJ5BRp11ym8lo3NKLluEPLg==",
-      "dev": true,
-      "requires": {
-        "@npmcli/fs": "^2.1.0",
-        "@npmcli/move-file": "^2.0.0",
-        "chownr": "^2.0.0",
-        "fs-minipass": "^2.1.0",
-        "glob": "^8.0.1",
-        "infer-owner": "^1.0.4",
-        "lru-cache": "^7.7.1",
-        "minipass": "^3.1.6",
-        "minipass-collect": "^1.0.2",
-        "minipass-flush": "^1.0.5",
-        "minipass-pipeline": "^1.2.4",
-        "mkdirp": "^1.0.4",
-        "p-map": "^4.0.0",
-        "promise-inflight": "^1.0.1",
-        "rimraf": "^3.0.2",
-        "ssri": "^9.0.0",
-        "tar": "^6.1.11",
-        "unique-filename": "^1.1.1"
-      },
-      "dependencies": {
-        "brace-expansion": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-          "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
-          "dev": true,
-          "requires": {
-            "balanced-match": "^1.0.0"
-          }
-        },
-        "chownr": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz",
-          "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==",
-          "dev": true
-        },
-        "glob": {
-          "version": "8.0.3",
-          "resolved": "https://registry.npmjs.org/glob/-/glob-8.0.3.tgz",
-          "integrity": "sha512-ull455NHSHI/Y1FqGaaYFaLGkNMMJbavMrEGFXG/PGrg6y7sutWHUHrz6gy6WEBH6akM1M414dWKCNs+IhKdiQ==",
-          "dev": true,
-          "requires": {
-            "fs.realpath": "^1.0.0",
-            "inflight": "^1.0.4",
-            "inherits": "2",
-            "minimatch": "^5.0.1",
-            "once": "^1.3.0"
-          }
-        },
-        "lru-cache": {
-          "version": "7.13.1",
-          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.13.1.tgz",
-          "integrity": "sha512-CHqbAq7NFlW3RSnoWXLJBxCWaZVBrfa9UEHId2M3AW8iEBurbqduNexEUCGc3SHc6iCYXNJCDi903LajSVAEPQ==",
-          "dev": true
-        },
-        "minimatch": {
-          "version": "5.1.0",
-          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.0.tgz",
-          "integrity": "sha512-9TPBGGak4nHfGZsPBohm9AWg6NoT7QTCehS3BIJABslyZbzxfV78QM2Y6+i741OPZIafFAaiiEMh5OyIrJPgtg==",
-          "dev": true,
-          "requires": {
-            "brace-expansion": "^2.0.1"
-          }
-        },
-        "mkdirp": {
-          "version": "1.0.4",
-          "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz",
-          "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==",
-          "dev": true
-        },
-        "rimraf": {
-          "version": "3.0.2",
-          "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz",
-          "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==",
-          "dev": true,
-          "requires": {
-            "glob": "^7.1.3"
-          },
-          "dependencies": {
-            "brace-expansion": {
-              "version": "1.1.11",
-              "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-              "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-              "dev": true,
-              "requires": {
-                "balanced-match": "^1.0.0",
-                "concat-map": "0.0.1"
-              }
-            },
-            "glob": {
-              "version": "7.2.3",
-              "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
-              "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
-              "dev": true,
-              "requires": {
-                "fs.realpath": "^1.0.0",
-                "inflight": "^1.0.4",
-                "inherits": "2",
-                "minimatch": "^3.1.1",
-                "once": "^1.3.0",
-                "path-is-absolute": "^1.0.0"
-              }
-            },
-            "minimatch": {
-              "version": "3.1.2",
-              "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
-              "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
-              "dev": true,
-              "requires": {
-                "brace-expansion": "^1.1.7"
-              }
-            }
-          }
-        }
-      }
-    },
-    "cacheable-lookup": {
-      "version": "5.0.4",
-      "resolved": "https://registry.npmjs.org/cacheable-lookup/-/cacheable-lookup-5.0.4.tgz",
-      "integrity": "sha512-2/kNscPhpcxrOigMZzbiWF7dz8ilhb/nIHU3EyZiXWXpeq/au8qJ8VhdftMkty3n7Gj6HIGalQG8oiBNB3AJgA=="
-    },
-    "cacheable-request": {
-      "version": "7.0.2",
-      "resolved": "https://registry.npmjs.org/cacheable-request/-/cacheable-request-7.0.2.tgz",
-      "integrity": "sha512-pouW8/FmiPQbuGpkXQ9BAPv/Mo5xDGANgSNXzTzJ8DrKGuXOssM4wIQRjfanNRh3Yu5cfYPvcorqbhg2KIJtew==",
-      "requires": {
-        "clone-response": "^1.0.2",
-        "get-stream": "^5.1.0",
-        "http-cache-semantics": "^4.0.0",
-        "keyv": "^4.0.0",
-        "lowercase-keys": "^2.0.0",
-        "normalize-url": "^6.0.1",
-        "responselike": "^2.0.0"
-      }
-    },
-    "call-bind": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.5.tgz",
-      "integrity": "sha512-C3nQxfFZxFRVoJoGKKI8y3MOEo129NQ+FgQ08iye+Mk4zNZZGdjfs06bVTr+DBSlA66Q2VEcMki/cUCP4SercQ==",
-      "requires": {
-        "function-bind": "^1.1.2",
-        "get-intrinsic": "^1.2.1",
-        "set-function-length": "^1.1.1"
-      }
-    },
-    "caniuse-lite": {
-      "version": "1.0.30001594",
-      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001594.tgz",
-      "integrity": "sha512-VblSX6nYqyJVs8DKFMldE2IVCJjZ225LW00ydtUWwh5hk9IfkTOffO6r8gJNsH0qqqeAF8KrbMYA2VEwTlGW5g==",
-      "dev": true
-    },
-    "canvas-color-tracker": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/canvas-color-tracker/-/canvas-color-tracker-1.2.1.tgz",
-      "integrity": "sha512-i5clg2pEdaWqHuEM/B74NZNLkHh5+OkXbA/T4iaBiaNDagkOCXkLNrhqUfdUugsRwuaNRU20e/OygzxWRor3yg==",
-      "requires": {
-        "tinycolor2": "^1.6.0"
-      }
-    },
-    "caseless": {
-      "version": "0.12.0",
-      "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz",
-      "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw="
-    },
-    "catharsis": {
-      "version": "0.9.0",
-      "resolved": "https://registry.npmjs.org/catharsis/-/catharsis-0.9.0.tgz",
-      "integrity": "sha512-prMTQVpcns/tzFgFVkVp6ak6RykZyWb3gu8ckUpd6YkTlacOd3DXGJjIpD4Q6zJirizvaiAjSSHlOsA+6sNh2A==",
-      "dev": true,
-      "requires": {
-        "lodash": "^4.17.15"
-      }
-    },
-    "chalk": {
-      "version": "4.1.2",
-      "resolved": "https://registry.npmjs.org/chalk/-/chalk-4.1.2.tgz",
-      "integrity": "sha512-oKnbhFyRIXpUuez8iBMmyEa4nbj4IOQyuhc/wy9kY7/WVPcwIO9VA668Pu8RkO7+0G76SLROeyw9CpQ061i4mA==",
-      "requires": {
-        "ansi-styles": "^4.1.0",
-        "supports-color": "^7.1.0"
-      }
-    },
-    "character-entities": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/character-entities/-/character-entities-2.0.2.tgz",
-      "integrity": "sha512-shx7oQ0Awen/BRIdkjkvz54PnEEI/EjwXDSIZp86/KKdbafHh1Df/RYGBhn4hbe2+uKC9FnT5UCEdyPz3ai9hQ=="
-    },
-    "cheerio": {
-      "version": "1.0.0-rc.10",
-      "resolved": "https://registry.npmjs.org/cheerio/-/cheerio-1.0.0-rc.10.tgz",
-      "integrity": "sha512-g0J0q/O6mW8z5zxQ3A8E8J1hUgp4SMOvEoW/x84OwyHKe/Zccz83PVT4y5Crcr530FV6NgmKI1qvGTKVl9XXVw==",
-      "requires": {
-        "cheerio-select": "^1.5.0",
-        "dom-serializer": "^1.3.2",
-        "domhandler": "^4.2.0",
-        "htmlparser2": "^6.1.0",
-        "parse5": "^6.0.1",
-        "parse5-htmlparser2-tree-adapter": "^6.0.1",
-        "tslib": "^2.2.0"
-      }
-    },
-    "cheerio-select": {
-      "version": "1.5.0",
-      "resolved": "https://registry.npmjs.org/cheerio-select/-/cheerio-select-1.5.0.tgz",
-      "integrity": "sha512-qocaHPv5ypefh6YNxvnbABM07KMxExbtbfuJoIie3iZXX1ERwYmJcIiRrr9H05ucQP1k28dav8rpdDgjQd8drg==",
-      "requires": {
-        "css-select": "^4.1.3",
-        "css-what": "^5.0.1",
-        "domelementtype": "^2.2.0",
-        "domhandler": "^4.2.0",
-        "domutils": "^2.7.0"
-      }
-    },
-    "chokidar": {
-      "version": "3.6.0",
-      "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.6.0.tgz",
-      "integrity": "sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==",
-      "requires": {
-        "anymatch": "~3.1.2",
-        "braces": "~3.0.2",
-        "fsevents": "~2.3.2",
-        "glob-parent": "~5.1.2",
-        "is-binary-path": "~2.1.0",
-        "is-glob": "~4.0.1",
-        "normalize-path": "~3.0.0",
-        "readdirp": "~3.6.0"
-      }
-    },
-    "chownr": {
-      "version": "1.1.4",
-      "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.4.tgz",
-      "integrity": "sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg=="
-    },
-    "chrome-trace-event": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/chrome-trace-event/-/chrome-trace-event-1.0.3.tgz",
-      "integrity": "sha512-p3KULyQg4S7NIHixdwbGX+nFHkoBiA4YQmyWtjb8XngSKV124nJmRysgAeujbUVb15vh+RvFUfCPqU7rXk+hZg==",
-      "dev": true
-    },
-    "chromium-pickle-js": {
-      "version": "0.2.0",
-      "resolved": "https://registry.npmjs.org/chromium-pickle-js/-/chromium-pickle-js-0.2.0.tgz",
-      "integrity": "sha1-BKEGZywYsIWrd02YPfo+oTjyIgU=",
-      "devOptional": true
-    },
-    "ci-info": {
-      "version": "3.9.0",
-      "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-3.9.0.tgz",
-      "integrity": "sha512-NIxF55hv4nSqQswkAeiOi1r83xy8JldOFDTWiug55KBu9Jnblncd2U6ViHmYgHf01TPZS77NJBhBMKdWj9HQMQ==",
-      "dev": true
-    },
-    "clean-stack": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-2.2.0.tgz",
-      "integrity": "sha512-4diC9HaTE+KRAMWhDhrGOECgWZxoevMc5TlkObMqNSsVU62PYzXZ/SMTjzyGAFF1YusgxGcSWTEXBhp0CPwQ1A=="
-    },
-    "cli-cursor": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-3.1.0.tgz",
-      "integrity": "sha512-I/zHAwsKf9FqGoXM4WWRACob9+SNukZTd94DWF57E4toouRulbCxcUh6RKUEOQlYTHJnzkPMySvPNaaSLNfLZw==",
-      "dev": true,
-      "requires": {
-        "restore-cursor": "^3.1.0"
-      }
-    },
-    "cli-spinners": {
-      "version": "2.6.1",
-      "resolved": "https://registry.npmjs.org/cli-spinners/-/cli-spinners-2.6.1.tgz",
-      "integrity": "sha512-x/5fWmGMnbKQAaNwN+UZlV79qBLM9JFnJuJ03gIi5whrob0xV0ofNVHy9DhwGdsMJQc2OKv0oGmLzvaqvAVv+g==",
-      "dev": true
-    },
-    "cli-truncate": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/cli-truncate/-/cli-truncate-2.1.0.tgz",
-      "integrity": "sha512-n8fOixwDD6b/ObinzTrp1ZKFzbgvKZvuz/TvejnLn1aQfC6r52XEx85FmuC+3HI+JM7coBRXUvNqEU2PHVrHpg==",
-      "dev": true,
-      "optional": true,
-      "requires": {
-        "slice-ansi": "^3.0.0",
-        "string-width": "^4.2.0"
-      }
-    },
-    "cliui": {
-      "version": "7.0.4",
-      "resolved": "https://registry.npmjs.org/cliui/-/cliui-7.0.4.tgz",
-      "integrity": "sha512-OcRE68cOsVMXp1Yvonl/fzkQOyjLSu/8bhPDfQt0e0/Eb283TKP20Fs2MqoPsr9SwA595rRCA+QMzYc9nBP+JQ==",
-      "optional": true,
-      "requires": {
-        "string-width": "^4.2.0",
-        "strip-ansi": "^6.0.0",
-        "wrap-ansi": "^7.0.0"
-      },
-      "dependencies": {
-        "wrap-ansi": {
-          "version": "7.0.0",
-          "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz",
-          "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==",
-          "optional": true,
-          "requires": {
-            "ansi-styles": "^4.0.0",
-            "string-width": "^4.1.0",
-            "strip-ansi": "^6.0.0"
-          }
-        }
-      }
-    },
-    "clone": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/clone/-/clone-1.0.4.tgz",
-      "integrity": "sha1-2jCcwmPfFZlMaIypAheco8fNfH4=",
-      "dev": true
-    },
-    "clone-deep": {
-      "version": "4.0.1",
-      "resolved": "https://registry.npmjs.org/clone-deep/-/clone-deep-4.0.1.tgz",
-      "integrity": "sha512-neHB9xuzh/wk0dIHweyAXv2aPGZIVk3pLMe+/RNzINf17fe0OG96QroktYAUm7SM1PBnzTabaLboqqxDyMU+SQ==",
-      "dev": true,
-      "requires": {
-        "is-plain-object": "^2.0.4",
-        "kind-of": "^6.0.2",
-        "shallow-clone": "^3.0.0"
-      },
-      "dependencies": {
-        "is-plain-object": {
-          "version": "2.0.4",
-          "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz",
-          "integrity": "sha512-h5PpgXkWitc38BBMYawTYMWJHFZJVnBquFE57xFpjB8pJFiF6gZ+bU+WyI/yqXiFR5mdLsgYNaPe8uao6Uv9Og==",
-          "dev": true,
-          "requires": {
-            "isobject": "^3.0.1"
-          }
-        }
-      }
-    },
-    "clone-response": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/clone-response/-/clone-response-1.0.3.tgz",
-      "integrity": "sha512-ROoL94jJH2dUVML2Y/5PEDNaSHgeOdSDicUyS7izcF63G6sTc/FTjLub4b8Il9S8S0beOfYt0TaA5qvFK+w0wA==",
-      "requires": {
-        "mimic-response": "^1.0.0"
-      }
-    },
-    "cls-hooked": {
-      "version": "4.2.2",
-      "resolved": "https://registry.npmjs.org/cls-hooked/-/cls-hooked-4.2.2.tgz",
-      "integrity": "sha512-J4Xj5f5wq/4jAvcdgoGsL3G103BtWpZrMo8NEinRltN+xpTZdI+M38pyQqhuFU/P792xkMFvnKSf+Lm81U1bxw==",
-      "requires": {
-        "async-hook-jl": "^1.7.6",
-        "emitter-listener": "^1.0.1",
-        "semver": "^5.4.1"
-      },
-      "dependencies": {
-        "semver": {
-          "version": "5.7.2",
-          "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz",
-          "integrity": "sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g=="
-        }
-      }
-    },
-    "color-convert": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
-      "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==",
-      "requires": {
-        "color-name": "~1.1.4"
-      }
-    },
-    "color-name": {
-      "version": "1.1.4",
-      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
-      "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA=="
-    },
-    "color-support": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/color-support/-/color-support-1.1.3.tgz",
-      "integrity": "sha512-qiBjkpbMLO/HL68y+lh4q0/O1MZFj2RX6X/KmMa3+gJD3z+WwI1ZzDHysvqHGS3mP6mznPckpXmw1nI9cJjyRg==",
-      "dev": true
-    },
-    "colorette": {
-      "version": "2.0.20",
-      "resolved": "https://registry.npmjs.org/colorette/-/colorette-2.0.20.tgz",
-      "integrity": "sha512-IfEDxwoWIjkeXL1eXcDiow4UbKjhLdq6/EuSVR9GMN7KVH3r9gQ83e73hsz1Nd1T3ijd5xv1wcWRYO+D6kCI2w==",
-      "dev": true
-    },
-    "combined-stream": {
-      "version": "1.0.8",
-      "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz",
-      "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==",
-      "requires": {
-        "delayed-stream": "~1.0.0"
-      }
-    },
-    "commander": {
-      "version": "5.1.0",
-      "resolved": "https://registry.npmjs.org/commander/-/commander-5.1.0.tgz",
-      "integrity": "sha512-P0CysNDQ7rtVw4QIQtm+MRxV66vKFSvlsQvGYXZWR3qFU0jlMKHZZZgw8e+8DSah4UDKMqnknRDQz+xuQXQ/Zg==",
-      "devOptional": true
-    },
-    "compare-version": {
-      "version": "0.1.2",
-      "resolved": "https://registry.npmjs.org/compare-version/-/compare-version-0.1.2.tgz",
-      "integrity": "sha512-pJDh5/4wrEnXX/VWRZvruAGHkzKdr46z11OlTPN+VrATlWWhSKewNCJ1futCO5C7eJB3nPMFZA1LeYtcFboZ2A==",
-      "dev": true
-    },
-    "compress-commons": {
-      "version": "6.0.1",
-      "resolved": "https://registry.npmjs.org/compress-commons/-/compress-commons-6.0.1.tgz",
-      "integrity": "sha512-l7occIJn8YwlCEbWUCrG6gPms9qnJTCZSaznCa5HaV+yJMH4kM8BDc7q9NyoQuoiB2O6jKgTcTeY462qw6MyHw==",
-      "requires": {
-        "crc-32": "^1.2.0",
-        "crc32-stream": "^6.0.0",
-        "normalize-path": "^3.0.0",
-        "readable-stream": "^4.0.0"
-      },
-      "dependencies": {
-        "buffer": {
-          "version": "6.0.3",
-          "resolved": "https://registry.npmjs.org/buffer/-/buffer-6.0.3.tgz",
-          "integrity": "sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==",
-          "requires": {
-            "base64-js": "^1.3.1",
-            "ieee754": "^1.2.1"
-          }
-        },
-        "readable-stream": {
-          "version": "4.5.2",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-4.5.2.tgz",
-          "integrity": "sha512-yjavECdqeZ3GLXNgRXgeQEdz9fvDDkNKyHnbHRFtOr7/LcfgBcmct7t/ET+HaCTqfh06OzoAxrkN/IfjJBVe+g==",
-          "requires": {
-            "abort-controller": "^3.0.0",
-            "buffer": "^6.0.3",
-            "events": "^3.3.0",
-            "process": "^0.11.10",
-            "string_decoder": "^1.3.0"
-          }
-        },
-        "safe-buffer": {
-          "version": "5.2.1",
-          "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
-          "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ=="
-        },
-        "string_decoder": {
-          "version": "1.3.0",
-          "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
-          "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==",
-          "requires": {
-            "safe-buffer": "~5.2.0"
-          }
-        }
-      }
-    },
-    "compressible": {
-      "version": "2.0.18",
-      "resolved": "https://registry.npmjs.org/compressible/-/compressible-2.0.18.tgz",
-      "integrity": "sha512-AF3r7P5dWxL8MxyITRMlORQNaOA2IkAFaTr4k7BUumjPtRpGDTZpl0Pb1XCO6JeDCBdp126Cgs9sMxqSjgYyRg==",
-      "requires": {
-        "mime-db": ">= 1.43.0 < 2"
-      }
-    },
-    "compression": {
-      "version": "1.7.4",
-      "resolved": "https://registry.npmjs.org/compression/-/compression-1.7.4.tgz",
-      "integrity": "sha512-jaSIDzP9pZVS4ZfQ+TzvtiWhdpFhE2RDHz8QJkpX9SIpLq88VueF5jJw6t+6CUQcAoA6t+x89MLrWAqpfDE8iQ==",
-      "requires": {
-        "accepts": "~1.3.5",
-        "bytes": "3.0.0",
-        "compressible": "~2.0.16",
-        "debug": "2.6.9",
-        "on-headers": "~1.0.2",
-        "safe-buffer": "5.1.2",
-        "vary": "~1.1.2"
-      },
-      "dependencies": {
-        "bytes": {
-          "version": "3.0.0",
-          "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.0.0.tgz",
-          "integrity": "sha512-pMhOfFDPiv9t5jjIXkHosWmkSyQbvsgEVNkz0ERHbuLh2T/7j4Mqqpz523Fe8MVY89KC6Sh/QfS2sM+SjgFDcw=="
-        },
-        "debug": {
-          "version": "2.6.9",
-          "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
-          "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
-          "requires": {
-            "ms": "2.0.0"
-          }
-        }
-      }
-    },
-    "concat-map": {
-      "version": "0.0.1",
-      "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
-      "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s="
-    },
-    "concat-stream": {
-      "version": "1.6.2",
-      "resolved": "https://registry.npmjs.org/concat-stream/-/concat-stream-1.6.2.tgz",
-      "integrity": "sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw==",
-      "requires": {
-        "buffer-from": "^1.0.0",
-        "inherits": "^2.0.3",
-        "readable-stream": "^2.2.2",
-        "typedarray": "^0.0.6"
-      }
-    },
-    "config-file-ts": {
-      "version": "0.2.6",
-      "resolved": "https://registry.npmjs.org/config-file-ts/-/config-file-ts-0.2.6.tgz",
-      "integrity": "sha512-6boGVaglwblBgJqGyxm4+xCmEGcWgnWHSWHY5jad58awQhB6gftq0G8HbzU39YqCIYHMLAiL1yjwiZ36m/CL8w==",
-      "dev": true,
-      "requires": {
-        "glob": "^10.3.10",
-        "typescript": "^5.3.3"
-      },
-      "dependencies": {
-        "brace-expansion": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-          "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
-          "dev": true,
-          "requires": {
-            "balanced-match": "^1.0.0"
-          }
-        },
-        "glob": {
-          "version": "10.3.10",
-          "resolved": "https://registry.npmjs.org/glob/-/glob-10.3.10.tgz",
-          "integrity": "sha512-fa46+tv1Ak0UPK1TOy/pZrIybNNt4HCv7SDzwyfiOZkvZLEbjsZkJBPtDHVshZjbecAoAGSC20MjLDG/qr679g==",
-          "dev": true,
-          "requires": {
-            "foreground-child": "^3.1.0",
-            "jackspeak": "^2.3.5",
-            "minimatch": "^9.0.1",
-            "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0",
-            "path-scurry": "^1.10.1"
-          }
-        },
-        "minimatch": {
-          "version": "9.0.3",
-          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz",
-          "integrity": "sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==",
-          "dev": true,
-          "requires": {
-            "brace-expansion": "^2.0.1"
-          }
-        },
-        "minipass": {
-          "version": "7.0.4",
-          "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz",
-          "integrity": "sha512-jYofLM5Dam9279rdkWzqHozUo4ybjdZmCsDHePy5V/PbBcVMiSZR97gmAy45aqi8CK1lG2ECd356FU86avfwUQ==",
-          "dev": true
-        }
-      }
-    },
-    "console-control-strings": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz",
-      "integrity": "sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4=",
-      "dev": true
-    },
-    "content-disposition": {
-      "version": "0.5.4",
-      "resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.4.tgz",
-      "integrity": "sha512-FveZTNuGw04cxlAiWbzi6zTAL/lhehaWbTtgluJh4/E95DqMwTmha3KZN1aAWA8cFIhHzMZUvLevkw5Rqk+tSQ==",
-      "requires": {
-        "safe-buffer": "5.2.1"
-      },
-      "dependencies": {
-        "safe-buffer": {
-          "version": "5.2.1",
-          "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
-          "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ=="
-        }
-      }
-    },
-    "content-type": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.5.tgz",
-      "integrity": "sha512-nTjqfcBFEipKdXCv4YDQWCfmcLZKm81ldF0pAopTvyrFGVbcR6P/VAAd5G7N+0tTr8QqiU0tFadD6FK4NtJwOA=="
-    },
-    "cookie": {
-      "version": "0.4.0",
-      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.0.tgz",
-      "integrity": "sha512-+Hp8fLp57wnUSt0tY0tHEXh4voZRDnoIrZPqlo3DPiI4y9lwg/jqx+1Om94/W6ZaPDOUbnjOt/99w66zk+l1Xg=="
-    },
-    "cookie-parser": {
-      "version": "1.4.6",
-      "resolved": "https://registry.npmjs.org/cookie-parser/-/cookie-parser-1.4.6.tgz",
-      "integrity": "sha512-z3IzaNjdwUC2olLIB5/ITd0/setiaFMLYiZJle7xg5Fe9KWAceil7xszYfHHBtDFYLSgJduS2Ty0P1uJdPDJeA==",
-      "requires": {
-        "cookie": "0.4.1",
-        "cookie-signature": "1.0.6"
-      },
-      "dependencies": {
-        "cookie": {
-          "version": "0.4.1",
-          "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.4.1.tgz",
-          "integrity": "sha512-ZwrFkGJxUR3EIoXtO+yVE69Eb7KlixbaeAWfBQB9vVsNn/o+Yw69gBWSSDK825hQNdN+wF8zELf3dFNl/kxkUA=="
-        }
-      }
-    },
-    "cookie-signature": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz",
-      "integrity": "sha1-4wOogrNCzD7oylE6eZmXNNqzriw="
-    },
-    "core-util-is": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz",
-      "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac="
-    },
-    "cose-base": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/cose-base/-/cose-base-1.0.3.tgz",
-      "integrity": "sha512-s9whTXInMSgAp/NVXVNuVxVKzGH2qck3aQlVHxDCdAEPgtMKwc4Wq6/QKhgdEdgbLSi9rBTAcPoRa6JpiG4ksg==",
-      "requires": {
-        "layout-base": "^1.0.0"
-      }
-    },
-    "crc": {
-      "version": "3.8.0",
-      "resolved": "https://registry.npmjs.org/crc/-/crc-3.8.0.tgz",
-      "integrity": "sha512-iX3mfgcTMIq3ZKLIsVFAbv7+Mc10kxabAGQb8HvjA1o3T1PIYprbakQ65d3I+2HGHt6nSKkM9PYjgoJO2KcFBQ==",
-      "dev": true,
-      "optional": true,
-      "requires": {
-        "buffer": "^5.1.0"
-      }
-    },
-    "crc-32": {
-      "version": "1.2.2",
-      "resolved": "https://registry.npmjs.org/crc-32/-/crc-32-1.2.2.tgz",
-      "integrity": "sha512-ROmzCKrTnOwybPcJApAA6WBWij23HVfGVNKqqrZpuyZOHqK2CwHSvpGuyt/UNNvaIjEd8X5IFGp4Mh+Ie1IHJQ=="
-    },
-    "crc32-stream": {
-      "version": "6.0.0",
-      "resolved": "https://registry.npmjs.org/crc32-stream/-/crc32-stream-6.0.0.tgz",
-      "integrity": "sha512-piICUB6ei4IlTv1+653yq5+KoqfBYmj9bw6LqXoOneTMDXk5nM1qt12mFW1caG3LlJXEKW1Bp0WggEmIfQB34g==",
-      "requires": {
-        "crc-32": "^1.2.0",
-        "readable-stream": "^4.0.0"
-      },
-      "dependencies": {
-        "buffer": {
-          "version": "6.0.3",
-          "resolved": "https://registry.npmjs.org/buffer/-/buffer-6.0.3.tgz",
-          "integrity": "sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==",
-          "requires": {
-            "base64-js": "^1.3.1",
-            "ieee754": "^1.2.1"
-          }
-        },
-        "readable-stream": {
-          "version": "4.5.2",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-4.5.2.tgz",
-          "integrity": "sha512-yjavECdqeZ3GLXNgRXgeQEdz9fvDDkNKyHnbHRFtOr7/LcfgBcmct7t/ET+HaCTqfh06OzoAxrkN/IfjJBVe+g==",
-          "requires": {
-            "abort-controller": "^3.0.0",
-            "buffer": "^6.0.3",
-            "events": "^3.3.0",
-            "process": "^0.11.10",
-            "string_decoder": "^1.3.0"
-          }
-        },
-        "safe-buffer": {
-          "version": "5.2.1",
-          "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
-          "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ=="
-        },
-        "string_decoder": {
-          "version": "1.3.0",
-          "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
-          "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==",
-          "requires": {
-            "safe-buffer": "~5.2.0"
-          }
-        }
-      }
-    },
-    "create-require": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/create-require/-/create-require-1.1.1.tgz",
-      "integrity": "sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==",
-      "dev": true
-    },
-    "cross-env": {
-      "version": "7.0.3",
-      "resolved": "https://registry.npmjs.org/cross-env/-/cross-env-7.0.3.tgz",
-      "integrity": "sha512-+/HKd6EgcQCJGh2PSjZuUitQBQynKor4wrFbRg4DtAgS1aWO+gU52xpH7M9ScGgXSYmAVS9bIJ8EzuaGw0oNAw==",
-      "dev": true,
-      "requires": {
-        "cross-spawn": "^7.0.1"
-      }
-    },
-    "cross-spawn": {
-      "version": "7.0.3",
-      "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
-      "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==",
-      "requires": {
-        "path-key": "^3.1.0",
-        "shebang-command": "^2.0.0",
-        "which": "^2.0.1"
-      }
-    },
-    "cross-spawn-windows-exe": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/cross-spawn-windows-exe/-/cross-spawn-windows-exe-1.1.0.tgz",
-      "integrity": "sha512-mLcudzsdGnF1sN2f9760Tbc8x64WaS2FD4VWk4zbk9rNl/b2jzy57zbPJ0uYRgrdc9wsXE2iEM9fu0iYDTGllA==",
-      "dev": true,
-      "requires": {
-        "@malept/cross-spawn-promise": "^1.1.0",
-        "is-wsl": "^2.2.0",
-        "which": "^2.0.2"
-      }
-    },
-    "csrf": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/csrf/-/csrf-3.1.0.tgz",
-      "integrity": "sha512-uTqEnCvWRk042asU6JtapDTcJeeailFy4ydOQS28bj1hcLnYRiqi8SsD2jS412AY1I/4qdOwWZun774iqywf9w==",
-      "requires": {
-        "rndm": "1.2.0",
-        "tsscmp": "1.0.6",
-        "uid-safe": "2.1.5"
-      }
-    },
-    "css-select": {
-      "version": "4.1.3",
-      "resolved": "https://registry.npmjs.org/css-select/-/css-select-4.1.3.tgz",
-      "integrity": "sha512-gT3wBNd9Nj49rAbmtFHj1cljIAOLYSX1nZ8CB7TBO3INYckygm5B7LISU/szY//YmdiSLbJvDLOx9VnMVpMBxA==",
-      "requires": {
-        "boolbase": "^1.0.0",
-        "css-what": "^5.0.0",
-        "domhandler": "^4.2.0",
-        "domutils": "^2.6.0",
-        "nth-check": "^2.0.0"
-      }
-    },
-    "css-what": {
-      "version": "5.1.0",
-      "resolved": "https://registry.npmjs.org/css-what/-/css-what-5.1.0.tgz",
-      "integrity": "sha512-arSMRWIIFY0hV8pIxZMEfmMI47Wj3R/aWpZDDxWYCPEiOMv6tfOrnpDtgxBYPEQD4V0Y/958+1TdC3iWTFcUPw=="
-    },
-    "cssstyle": {
-      "version": "4.0.1",
-      "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-4.0.1.tgz",
-      "integrity": "sha512-8ZYiJ3A/3OkDd093CBT/0UKDWry7ak4BdPTFP2+QEP7cmhouyq/Up709ASSj2cK02BbZiMgk7kYjZNS4QP5qrQ==",
-      "requires": {
-        "rrweb-cssom": "^0.6.0"
-      }
-    },
-    "csurf": {
-      "version": "1.11.0",
-      "resolved": "https://registry.npmjs.org/csurf/-/csurf-1.11.0.tgz",
-      "integrity": "sha512-UCtehyEExKTxgiu8UHdGvHj4tnpE/Qctue03Giq5gPgMQ9cg/ciod5blZQ5a4uCEenNQjxyGuzygLdKUmee/bQ==",
-      "requires": {
-        "cookie": "0.4.0",
-        "cookie-signature": "1.0.6",
-        "csrf": "3.1.0",
-        "http-errors": "~1.7.3"
-      },
-      "dependencies": {
-        "http-errors": {
-          "version": "1.7.3",
-          "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.3.tgz",
-          "integrity": "sha512-ZTTX0MWrsQ2ZAhA1cejAwDLycFsd7I7nVtnkT3Ol0aqodaKW+0CTZDQ1uBv5whptCnc8e8HeRRJxRs0kmm/Qfw==",
-          "requires": {
-            "depd": "~1.1.2",
-            "inherits": "2.0.4",
-            "setprototypeof": "1.1.1",
-            "statuses": ">= 1.5.0 < 2",
-            "toidentifier": "1.0.0"
-          }
-        }
-      }
-    },
-    "cytoscape": {
-      "version": "3.28.1",
-      "resolved": "https://registry.npmjs.org/cytoscape/-/cytoscape-3.28.1.tgz",
-      "integrity": "sha512-xyItz4O/4zp9/239wCcH8ZcFuuZooEeF8KHRmzjDfGdXsj3OG9MFSMA0pJE0uX3uCN/ygof6hHf4L7lst+JaDg==",
-      "requires": {
-        "heap": "^0.2.6",
-        "lodash": "^4.17.21"
-      }
-    },
-    "cytoscape-cose-bilkent": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/cytoscape-cose-bilkent/-/cytoscape-cose-bilkent-4.1.0.tgz",
-      "integrity": "sha512-wgQlVIUJF13Quxiv5e1gstZ08rnZj2XaLHGoFMYXz7SkNfCDOOteKBE6SYRfA9WxxI/iBc3ajfDoc6hb/MRAHQ==",
-      "requires": {
-        "cose-base": "^1.0.0"
-      }
-    },
-    "d3": {
-      "version": "7.8.5",
-      "resolved": "https://registry.npmjs.org/d3/-/d3-7.8.5.tgz",
-      "integrity": "sha512-JgoahDG51ncUfJu6wX/1vWQEqOflgXyl4MaHqlcSruTez7yhaRKR9i8VjjcQGeS2en/jnFivXuaIMnseMMt0XA==",
-      "requires": {
-        "d3-array": "3",
-        "d3-axis": "3",
-        "d3-brush": "3",
-        "d3-chord": "3",
-        "d3-color": "3",
-        "d3-contour": "4",
-        "d3-delaunay": "6",
-        "d3-dispatch": "3",
-        "d3-drag": "3",
-        "d3-dsv": "3",
-        "d3-ease": "3",
-        "d3-fetch": "3",
-        "d3-force": "3",
-        "d3-format": "3",
-        "d3-geo": "3",
-        "d3-hierarchy": "3",
-        "d3-interpolate": "3",
-        "d3-path": "3",
-        "d3-polygon": "3",
-        "d3-quadtree": "3",
-        "d3-random": "3",
-        "d3-scale": "4",
-        "d3-scale-chromatic": "3",
-        "d3-selection": "3",
-        "d3-shape": "3",
-        "d3-time": "3",
-        "d3-time-format": "4",
-        "d3-timer": "3",
-        "d3-transition": "3",
-        "d3-zoom": "3"
-      }
-    },
-    "d3-array": {
-      "version": "3.2.4",
-      "resolved": "https://registry.npmjs.org/d3-array/-/d3-array-3.2.4.tgz",
-      "integrity": "sha512-tdQAmyA18i4J7wprpYq8ClcxZy3SC31QMeByyCFyRt7BVHdREQZ5lpzoe5mFEYZUWe+oq8HBvk9JjpibyEV4Jg==",
-      "requires": {
-        "internmap": "1 - 2"
-      }
-    },
-    "d3-axis": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/d3-axis/-/d3-axis-3.0.0.tgz",
-      "integrity": "sha512-IH5tgjV4jE/GhHkRV0HiVYPDtvfjHQlQfJHs0usq7M30XcSBvOotpmH1IgkcXsO/5gEQZD43B//fc7SRT5S+xw=="
-    },
-    "d3-binarytree": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/d3-binarytree/-/d3-binarytree-1.0.2.tgz",
-      "integrity": "sha512-cElUNH+sHu95L04m92pG73t2MEJXKu+GeKUN1TJkFsu93E5W8E9Sc3kHEGJKgenGvj19m6upSn2EunvMgMD2Yw=="
-    },
-    "d3-brush": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/d3-brush/-/d3-brush-3.0.0.tgz",
-      "integrity": "sha512-ALnjWlVYkXsVIGlOsuWH1+3udkYFI48Ljihfnh8FZPF2QS9o+PzGLBslO0PjzVoHLZ2KCVgAM8NVkXPJB2aNnQ==",
-      "requires": {
-        "d3-dispatch": "1 - 3",
-        "d3-drag": "2 - 3",
-        "d3-interpolate": "1 - 3",
-        "d3-selection": "3",
-        "d3-transition": "3"
-      }
-    },
-    "d3-chord": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/d3-chord/-/d3-chord-3.0.1.tgz",
-      "integrity": "sha512-VE5S6TNa+j8msksl7HwjxMHDM2yNK3XCkusIlpX5kwauBfXuyLAtNg9jCp/iHH61tgI4sb6R/EIMWCqEIdjT/g==",
-      "requires": {
-        "d3-path": "1 - 3"
-      }
-    },
-    "d3-color": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/d3-color/-/d3-color-3.1.0.tgz",
-      "integrity": "sha512-zg/chbXyeBtMQ1LbD/WSoW2DpC3I0mpmPdW+ynRTj/x2DAWYrIY7qeZIHidozwV24m4iavr15lNwIwLxRmOxhA=="
-    },
-    "d3-contour": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/d3-contour/-/d3-contour-4.0.2.tgz",
-      "integrity": "sha512-4EzFTRIikzs47RGmdxbeUvLWtGedDUNkTcmzoeyg4sP/dvCexO47AaQL7VKy/gul85TOxw+IBgA8US2xwbToNA==",
-      "requires": {
-        "d3-array": "^3.2.0"
-      }
-    },
-    "d3-delaunay": {
-      "version": "6.0.4",
-      "resolved": "https://registry.npmjs.org/d3-delaunay/-/d3-delaunay-6.0.4.tgz",
-      "integrity": "sha512-mdjtIZ1XLAM8bm/hx3WwjfHt6Sggek7qH043O8KEjDXN40xi3vx/6pYSVTwLjEgiXQTbvaouWKynLBiUZ6SK6A==",
-      "requires": {
-        "delaunator": "5"
-      }
-    },
-    "d3-dispatch": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/d3-dispatch/-/d3-dispatch-3.0.1.tgz",
-      "integrity": "sha512-rzUyPU/S7rwUflMyLc1ETDeBj0NRuHKKAcvukozwhshr6g6c5d8zh4c2gQjY2bZ0dXeGLWc1PF174P2tVvKhfg=="
-    },
-    "d3-drag": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/d3-drag/-/d3-drag-3.0.0.tgz",
-      "integrity": "sha512-pWbUJLdETVA8lQNJecMxoXfH6x+mO2UQo8rSmZ+QqxcbyA3hfeprFgIT//HW2nlHChWeIIMwS2Fq+gEARkhTkg==",
-      "requires": {
-        "d3-dispatch": "1 - 3",
-        "d3-selection": "3"
-      }
-    },
-    "d3-dsv": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/d3-dsv/-/d3-dsv-3.0.1.tgz",
-      "integrity": "sha512-UG6OvdI5afDIFP9w4G0mNq50dSOsXHJaRE8arAS5o9ApWnIElp8GZw1Dun8vP8OyHOZ/QJUKUJwxiiCCnUwm+Q==",
-      "requires": {
-        "commander": "7",
-        "iconv-lite": "0.6",
-        "rw": "1"
-      },
-      "dependencies": {
-        "commander": {
-          "version": "7.2.0",
-          "resolved": "https://registry.npmjs.org/commander/-/commander-7.2.0.tgz",
-          "integrity": "sha512-QrWXB+ZQSVPmIWIhtEO9H+gwHaMGYiF5ChvoJ+K9ZGHG/sVsa6yiesAD1GC/x46sET00Xlwo1u49RVVVzvcSkw=="
-        }
-      }
-    },
-    "d3-ease": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/d3-ease/-/d3-ease-3.0.1.tgz",
-      "integrity": "sha512-wR/XK3D3XcLIZwpbvQwQ5fK+8Ykds1ip7A2Txe0yxncXSdq1L9skcG7blcedkOX+ZcgxGAmLX1FrRGbADwzi0w=="
-    },
-    "d3-fetch": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/d3-fetch/-/d3-fetch-3.0.1.tgz",
-      "integrity": "sha512-kpkQIM20n3oLVBKGg6oHrUchHM3xODkTzjMoj7aWQFq5QEM+R6E4WkzT5+tojDY7yjez8KgCBRoj4aEr99Fdqw==",
-      "requires": {
-        "d3-dsv": "1 - 3"
-      }
-    },
-    "d3-force": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/d3-force/-/d3-force-3.0.0.tgz",
-      "integrity": "sha512-zxV/SsA+U4yte8051P4ECydjD/S+qeYtnaIyAs9tgHCqfguma/aAQDjo85A9Z6EKhBirHRJHXIgJUlffT4wdLg==",
-      "requires": {
-        "d3-dispatch": "1 - 3",
-        "d3-quadtree": "1 - 3",
-        "d3-timer": "1 - 3"
-      }
-    },
-    "d3-force-3d": {
-      "version": "3.0.5",
-      "resolved": "https://registry.npmjs.org/d3-force-3d/-/d3-force-3d-3.0.5.tgz",
-      "integrity": "sha512-tdwhAhoTYZY/a6eo9nR7HP3xSW/C6XvJTbeRpR92nlPzH6OiE+4MliN9feuSFd0tPtEUo+191qOhCTWx3NYifg==",
-      "requires": {
-        "d3-binarytree": "1",
-        "d3-dispatch": "1 - 3",
-        "d3-octree": "1",
-        "d3-quadtree": "1 - 3",
-        "d3-timer": "1 - 3"
-      }
-    },
-    "d3-format": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/d3-format/-/d3-format-3.1.0.tgz",
-      "integrity": "sha512-YyUI6AEuY/Wpt8KWLgZHsIU86atmikuoOmCfommt0LYHiQSPjvX2AcFc38PX0CBpr2RCyZhjex+NS/LPOv6YqA=="
-    },
-    "d3-geo": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/d3-geo/-/d3-geo-3.1.0.tgz",
-      "integrity": "sha512-JEo5HxXDdDYXCaWdwLRt79y7giK8SbhZJbFWXqbRTolCHFI5jRqteLzCsq51NKbUoX0PjBVSohxrx+NoOUujYA==",
-      "requires": {
-        "d3-array": "2.5.0 - 3"
-      }
-    },
-    "d3-hierarchy": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/d3-hierarchy/-/d3-hierarchy-3.1.2.tgz",
-      "integrity": "sha512-FX/9frcub54beBdugHjDCdikxThEqjnR93Qt7PvQTOHxyiNCAlvMrHhclk3cD5VeAaq9fxmfRp+CnWw9rEMBuA=="
-    },
-    "d3-interpolate": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/d3-interpolate/-/d3-interpolate-3.0.1.tgz",
-      "integrity": "sha512-3bYs1rOD33uo8aqJfKP3JWPAibgw8Zm2+L9vBKEHJ2Rg+viTR7o5Mmv5mZcieN+FRYaAOWX5SJATX6k1PWz72g==",
-      "requires": {
-        "d3-color": "1 - 3"
-      }
-    },
-    "d3-octree": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/d3-octree/-/d3-octree-1.0.2.tgz",
-      "integrity": "sha512-Qxg4oirJrNXauiuC94uKMbgxwnhdda9xRLl9ihq45srlJ4Ga3CSgqGcAL8iW7N5CIv4Oz8x3E734ulxyvHPvwA=="
-    },
-    "d3-path": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/d3-path/-/d3-path-3.1.0.tgz",
-      "integrity": "sha512-p3KP5HCf/bvjBSSKuXid6Zqijx7wIfNW+J/maPs+iwR35at5JCbLUT0LzF1cnjbCHWhqzQTIN2Jpe8pRebIEFQ=="
-    },
-    "d3-polygon": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/d3-polygon/-/d3-polygon-3.0.1.tgz",
-      "integrity": "sha512-3vbA7vXYwfe1SYhED++fPUQlWSYTTGmFmQiany/gdbiWgU/iEyQzyymwL9SkJjFFuCS4902BSzewVGsHHmHtXg=="
-    },
-    "d3-quadtree": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/d3-quadtree/-/d3-quadtree-3.0.1.tgz",
-      "integrity": "sha512-04xDrxQTDTCFwP5H6hRhsRcb9xxv2RzkcsygFzmkSIOJy3PeRJP7sNk3VRIbKXcog561P9oU0/rVH6vDROAgUw=="
-    },
-    "d3-random": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/d3-random/-/d3-random-3.0.1.tgz",
-      "integrity": "sha512-FXMe9GfxTxqd5D6jFsQ+DJ8BJS4E/fT5mqqdjovykEB2oFbTMDVdg1MGFxfQW+FBOGoB++k8swBrgwSHT1cUXQ=="
-    },
-    "d3-sankey": {
-      "version": "0.12.3",
-      "resolved": "https://registry.npmjs.org/d3-sankey/-/d3-sankey-0.12.3.tgz",
-      "integrity": "sha512-nQhsBRmM19Ax5xEIPLMY9ZmJ/cDvd1BG3UVvt5h3WRxKg5zGRbvnteTyWAbzeSvlh3tW7ZEmq4VwR5mB3tutmQ==",
-      "requires": {
-        "d3-array": "1 - 2",
-        "d3-shape": "^1.2.0"
-      },
-      "dependencies": {
-        "d3-array": {
-          "version": "2.12.1",
-          "resolved": "https://registry.npmjs.org/d3-array/-/d3-array-2.12.1.tgz",
-          "integrity": "sha512-B0ErZK/66mHtEsR1TkPEEkwdy+WDesimkM5gpZr5Dsg54BiTA5RXtYW5qTLIAcekaS9xfZrzBLF/OAkB3Qn1YQ==",
-          "requires": {
-            "internmap": "^1.0.0"
-          }
-        },
-        "d3-path": {
-          "version": "1.0.9",
-          "resolved": "https://registry.npmjs.org/d3-path/-/d3-path-1.0.9.tgz",
-          "integrity": "sha512-VLaYcn81dtHVTjEHd8B+pbe9yHWpXKZUC87PzoFmsFrJqgFwDe/qxfp5MlfsfM1V5E/iVt0MmEbWQ7FVIXh/bg=="
-        },
-        "d3-shape": {
-          "version": "1.3.7",
-          "resolved": "https://registry.npmjs.org/d3-shape/-/d3-shape-1.3.7.tgz",
-          "integrity": "sha512-EUkvKjqPFUAZyOlhY5gzCxCeI0Aep04LwIRpsZ/mLFelJiUfnK56jo5JMDSE7yyP2kLSb6LtF+S5chMk7uqPqw==",
-          "requires": {
-            "d3-path": "1"
-          }
-        },
-        "internmap": {
-          "version": "1.0.1",
-          "resolved": "https://registry.npmjs.org/internmap/-/internmap-1.0.1.tgz",
-          "integrity": "sha512-lDB5YccMydFBtasVtxnZ3MRBHuaoE8GKsppq+EchKL2U4nK/DmEpPHNH8MZe5HkMtpSiTSOZwfN0tzYjO/lJEw=="
-        }
-      }
-    },
-    "d3-scale": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/d3-scale/-/d3-scale-4.0.2.tgz",
-      "integrity": "sha512-GZW464g1SH7ag3Y7hXjf8RoUuAFIqklOAq3MRl4OaWabTFJY9PN/E1YklhXLh+OQ3fM9yS2nOkCoS+WLZ6kvxQ==",
-      "requires": {
-        "d3-array": "2.10.0 - 3",
-        "d3-format": "1 - 3",
-        "d3-interpolate": "1.2.0 - 3",
-        "d3-time": "2.1.1 - 3",
-        "d3-time-format": "2 - 4"
-      }
-    },
-    "d3-scale-chromatic": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/d3-scale-chromatic/-/d3-scale-chromatic-3.0.0.tgz",
-      "integrity": "sha512-Lx9thtxAKrO2Pq6OO2Ua474opeziKr279P/TKZsMAhYyNDD3EnCffdbgeSYN5O7m2ByQsxtuP2CSDczNUIZ22g==",
-      "requires": {
-        "d3-color": "1 - 3",
-        "d3-interpolate": "1 - 3"
-      }
-    },
-    "d3-selection": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/d3-selection/-/d3-selection-3.0.0.tgz",
-      "integrity": "sha512-fmTRWbNMmsmWq6xJV8D19U/gw/bwrHfNXxrIN+HfZgnzqTHp9jOmKMhsTUjXOJnZOdZY9Q28y4yebKzqDKlxlQ=="
-    },
-    "d3-shape": {
-      "version": "3.2.0",
-      "resolved": "https://registry.npmjs.org/d3-shape/-/d3-shape-3.2.0.tgz",
-      "integrity": "sha512-SaLBuwGm3MOViRq2ABk3eLoxwZELpH6zhl3FbAoJ7Vm1gofKx6El1Ib5z23NUEhF9AsGl7y+dzLe5Cw2AArGTA==",
-      "requires": {
-        "d3-path": "^3.1.0"
-      }
-    },
-    "d3-time": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/d3-time/-/d3-time-3.1.0.tgz",
-      "integrity": "sha512-VqKjzBLejbSMT4IgbmVgDjpkYrNWUYJnbCGo874u7MMKIWsILRX+OpX/gTk8MqjpT1A/c6HY2dCA77ZN0lkQ2Q==",
-      "requires": {
-        "d3-array": "2 - 3"
-      }
-    },
-    "d3-time-format": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/d3-time-format/-/d3-time-format-4.1.0.tgz",
-      "integrity": "sha512-dJxPBlzC7NugB2PDLwo9Q8JiTR3M3e4/XANkreKSUxF8vvXKqm1Yfq4Q5dl8budlunRVlUUaDUgFt7eA8D6NLg==",
-      "requires": {
-        "d3-time": "1 - 3"
-      }
-    },
-    "d3-timer": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/d3-timer/-/d3-timer-3.0.1.tgz",
-      "integrity": "sha512-ndfJ/JxxMd3nw31uyKoY2naivF+r29V+Lc0svZxe1JvvIRmi8hUsrMvdOwgS1o6uBHmiz91geQ0ylPP0aj1VUA=="
-    },
-    "d3-transition": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/d3-transition/-/d3-transition-3.0.1.tgz",
-      "integrity": "sha512-ApKvfjsSR6tg06xrL434C0WydLr7JewBB3V+/39RMHsaXTOG0zmt/OAXeng5M5LBm0ojmxJrpomQVZ1aPvBL4w==",
-      "requires": {
-        "d3-color": "1 - 3",
-        "d3-dispatch": "1 - 3",
-        "d3-ease": "1 - 3",
-        "d3-interpolate": "1 - 3",
-        "d3-timer": "1 - 3"
-      }
-    },
-    "d3-zoom": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/d3-zoom/-/d3-zoom-3.0.0.tgz",
-      "integrity": "sha512-b8AmV3kfQaqWAuacbPuNbL6vahnOJflOhexLzMMNLga62+/nh0JzvJ0aO/5a5MVgUFGS7Hu1P9P03o3fJkDCyw==",
-      "requires": {
-        "d3-dispatch": "1 - 3",
-        "d3-drag": "2 - 3",
-        "d3-interpolate": "1 - 3",
-        "d3-selection": "2 - 3",
-        "d3-transition": "2 - 3"
-      }
-    },
-    "dagre-d3-es": {
-      "version": "7.0.10",
-      "resolved": "https://registry.npmjs.org/dagre-d3-es/-/dagre-d3-es-7.0.10.tgz",
-      "integrity": "sha512-qTCQmEhcynucuaZgY5/+ti3X/rnszKZhEQH/ZdWdtP1tA/y3VoHJzcVrO9pjjJCNpigfscAtoUB5ONcd2wNn0A==",
-      "requires": {
-        "d3": "^7.8.2",
-        "lodash-es": "^4.17.21"
-      }
-    },
-    "dashdash": {
-      "version": "1.14.1",
-      "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz",
-      "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=",
-      "requires": {
-        "assert-plus": "^1.0.0"
-      }
-    },
-    "data-urls": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/data-urls/-/data-urls-5.0.0.tgz",
-      "integrity": "sha512-ZYP5VBHshaDAiVZxjbRVcFJpc+4xGgT0bK3vzy1HLN8jTO975HEbuYzZJcHoQEY5K1a0z8YayJkyVETa08eNTg==",
-      "requires": {
-        "whatwg-mimetype": "^4.0.0",
-        "whatwg-url": "^14.0.0"
-      }
-    },
-    "dayjs": {
-      "version": "1.11.10",
-      "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.10.tgz",
-      "integrity": "sha512-vjAczensTgRcqDERK0SR2XMwsF/tSvnvlv6VcF2GIhg6Sx4yOIt/irsr1RDJsKiIyBzJDpCoXiWWq28MqH2cnQ=="
-    },
-    "dayjs-plugin-utc": {
-      "version": "0.1.2",
-      "resolved": "https://registry.npmjs.org/dayjs-plugin-utc/-/dayjs-plugin-utc-0.1.2.tgz",
-      "integrity": "sha512-ExERH5o3oo6jFOdkvMP3gytTCQ9Ksi5PtylclJWghr7k7m3o2U5QrwtdiJkOxLOH4ghr0EKhpqGefzGz1VvVJg=="
-    },
-    "debounce": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/debounce/-/debounce-1.2.1.tgz",
-      "integrity": "sha512-XRRe6Glud4rd/ZGQfiV1ruXSfbvfJedlV9Y6zOlP+2K04vBYiJEte6stfFkCP03aMnY5tsipamumUjL14fofug=="
-    },
-    "debug": {
-      "version": "4.3.4",
-      "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz",
-      "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==",
-      "requires": {
-        "ms": "2.1.2"
-      },
-      "dependencies": {
-        "ms": {
-          "version": "2.1.2",
-          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
-          "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
-        }
-      }
-    },
-    "decimal.js": {
-      "version": "10.4.3",
-      "resolved": "https://registry.npmjs.org/decimal.js/-/decimal.js-10.4.3.tgz",
-      "integrity": "sha512-VBBaLc1MgL5XpzgIP7ny5Z6Nx3UrRkIViUkPUdtl9aya5amy3De1gsUUSB1g3+3sExYNjCAsAznmukyxCb1GRA=="
-    },
-    "decode-named-character-reference": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/decode-named-character-reference/-/decode-named-character-reference-1.0.2.tgz",
-      "integrity": "sha512-O8x12RzrUF8xyVcY0KJowWsmaJxQbmy0/EtnNtHRpsOcT7dFk5W598coHqBVpmWo1oQQfsCqfCmkZN5DJrZVdg==",
-      "requires": {
-        "character-entities": "^2.0.0"
-      }
-    },
-    "decompress-response": {
-      "version": "6.0.0",
-      "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-6.0.0.tgz",
-      "integrity": "sha512-aW35yZM6Bb/4oJlZncMH2LCoZtJXTRxES17vE3hoRiowU2kWHaJKFkSBDnDR+cm9J+9QhXmREyIfv0pji9ejCQ==",
-      "requires": {
-        "mimic-response": "^3.1.0"
-      },
-      "dependencies": {
-        "mimic-response": {
-          "version": "3.1.0",
-          "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-3.1.0.tgz",
-          "integrity": "sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ=="
-        }
-      }
-    },
-    "deep-extend": {
-      "version": "0.6.0",
-      "resolved": "https://registry.npmjs.org/deep-extend/-/deep-extend-0.6.0.tgz",
-      "integrity": "sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA=="
-    },
-    "deepmerge": {
-      "version": "4.2.2",
-      "resolved": "https://registry.npmjs.org/deepmerge/-/deepmerge-4.2.2.tgz",
-      "integrity": "sha512-FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg=="
-    },
-    "defaults": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/defaults/-/defaults-1.0.3.tgz",
-      "integrity": "sha1-xlYFHpgX2f8I7YgUd/P+QBnz730=",
-      "dev": true,
-      "requires": {
-        "clone": "^1.0.2"
-      }
-    },
-    "defer-to-connect": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/defer-to-connect/-/defer-to-connect-2.0.1.tgz",
-      "integrity": "sha512-4tvttepXG1VaYGrRibk5EwJd1t4udunSOVMdLSAL6mId1ix438oPwPZMALY41FCijukO1L0twNcGsdzS7dHgDg=="
-    },
-    "define-data-property": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.1.tgz",
-      "integrity": "sha512-E7uGkTzkk1d0ByLeSc6ZsFS79Axg+m1P/VsgYsxHgiuc3tFSj+MjMIwe90FC4lOAZzNBdY7kkO2P2wKdsQ1vgQ==",
-      "requires": {
-        "get-intrinsic": "^1.2.1",
-        "gopd": "^1.0.1",
-        "has-property-descriptors": "^1.0.0"
-      }
-    },
-    "define-lazy-prop": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/define-lazy-prop/-/define-lazy-prop-2.0.0.tgz",
-      "integrity": "sha512-Ds09qNh8yw3khSjiJjiUInaGX9xlqZDY7JVryGxdxV7NPeuqQfplOpQ66yJFZut3jLa5zOwkXw1g9EI2uKh4Og=="
-    },
-    "define-properties": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.2.0.tgz",
-      "integrity": "sha512-xvqAVKGfT1+UAvPwKTVw/njhdQ8ZhXK4lI0bCIuCMrp2up9nPnaDftrLtmpTazqd1o+UY4zgzU+avtMbDP+ldA==",
-      "optional": true,
-      "requires": {
-        "has-property-descriptors": "^1.0.0",
-        "object-keys": "^1.1.1"
-      }
-    },
-    "delaunator": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/delaunator/-/delaunator-5.0.0.tgz",
-      "integrity": "sha512-AyLvtyJdbv/U1GkiS6gUUzclRoAY4Gs75qkMygJJhU75LW4DNuSF2RMzpxs9jw9Oz1BobHjTdkG3zdP55VxAqw==",
-      "requires": {
-        "robust-predicates": "^3.0.0"
-      }
-    },
-    "delayed-stream": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
-      "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk="
-    },
-    "delegates": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/delegates/-/delegates-1.0.0.tgz",
-      "integrity": "sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o=",
-      "dev": true
-    },
-    "depd": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/depd/-/depd-1.1.2.tgz",
-      "integrity": "sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak="
-    },
-    "dequal": {
-      "version": "2.0.3",
-      "resolved": "https://registry.npmjs.org/dequal/-/dequal-2.0.3.tgz",
-      "integrity": "sha512-0je+qPKHEMohvfRTCEo3CrPG6cAzAYgmzKyxRiYSSDkS6eGJdyVJm7WaYA5ECaAD9wLB2T4EEeymA5aFVcYXCA=="
-    },
-    "destroy": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.2.0.tgz",
-      "integrity": "sha512-2sJGJTaXIIaR1w4iJSNoN0hnMY7Gpc/n8D4qSCJw8QqFWXf7cuAgnEHxBpweaVcPevC2l3KpjYCx3NypQQgaJg=="
-    },
-    "detect-hover": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/detect-hover/-/detect-hover-1.0.3.tgz",
-      "integrity": "sha512-HtLoY+tClgYucJNiovNICGWFp9nOGVmHY44s7L62iPqORXM9vujeWFaVcqtA7XRvp/2Y+4RBUfHbDKFGN+xxZQ=="
-    },
-    "detect-it": {
-      "version": "3.0.7",
-      "resolved": "https://registry.npmjs.org/detect-it/-/detect-it-3.0.7.tgz",
-      "integrity": "sha512-RxpgcdbatUX6epJE09K16iJqF7x6iEcEdoL18FR2zpBO4JhnL7aMOAUoUEyexdtbWOSfTmoDWmeD6mwRBQyRXg==",
-      "requires": {
-        "detect-hover": "^1.0.3",
-        "detect-passive-events": "^1.0.5",
-        "detect-pointer": "^1.0.3",
-        "detect-touch-events": "^2.0.2"
-      }
-    },
-    "detect-libc": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-2.0.1.tgz",
-      "integrity": "sha512-463v3ZeIrcWtdgIg6vI6XUncguvr2TnGl4SzDXinkt9mSLpBJKXT3mW6xT3VQdDN11+WVs29pgvivTc4Lp8v+w=="
-    },
-    "detect-node": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/detect-node/-/detect-node-2.1.0.tgz",
-      "integrity": "sha512-T0NIuQpnTvFDATNuHN5roPwSBG83rFsuO+MXXH9/3N1eFbn4wcPjttvjMLEPWJ0RGUYgQE7cGgS3tNxbqCGM7g==",
-      "optional": true
-    },
-    "detect-passive-events": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/detect-passive-events/-/detect-passive-events-1.0.5.tgz",
-      "integrity": "sha512-foW7Q35wwOCxVzW0xLf5XeB5Fhe7oyRgvkBYdiP9IWgLMzjqUqTvsJv9ymuEWGjY6AoDXD3OC294+Z9iuOw0QA=="
-    },
-    "detect-pointer": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/detect-pointer/-/detect-pointer-1.0.3.tgz",
-      "integrity": "sha512-d0o/Puo3fiGSCXy6H039h9Kwz+mmYCGKZ/qtPFnpN3WfsumjC1C9b5KKvRu+aYnfdI8peqN/iAe7dPd85qIt2g=="
-    },
-    "detect-touch-events": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/detect-touch-events/-/detect-touch-events-2.0.2.tgz",
-      "integrity": "sha512-g8GWBkJLiIDRJfRXEdrd1wMXpNyGId2DkbfuwFahSb4OCvn717hyRJtAcEDISfp3zkwEhZ4Y4woHPA6DeyB3Fw=="
-    },
-    "diff": {
-      "version": "5.1.0",
-      "resolved": "https://registry.npmjs.org/diff/-/diff-5.1.0.tgz",
-      "integrity": "sha512-D+mk+qE8VC/PAUrlAU34N+VfXev0ghe5ywmpqrawphmVZc1bEfn56uo9qpyGp1p4xpzOHkSW4ztBd6L7Xx4ACw=="
-    },
-    "dir-compare": {
-      "version": "3.3.0",
-      "resolved": "https://registry.npmjs.org/dir-compare/-/dir-compare-3.3.0.tgz",
-      "integrity": "sha512-J7/et3WlGUCxjdnD3HAAzQ6nsnc0WL6DD7WcwJb7c39iH1+AWfg+9OqzJNaI6PkBwBvm1mhZNL9iY/nRiZXlPg==",
-      "dev": true,
-      "requires": {
-        "buffer-equal": "^1.0.0",
-        "minimatch": "^3.0.4"
-      },
-      "dependencies": {
-        "buffer-equal": {
-          "version": "1.0.1",
-          "resolved": "https://registry.npmjs.org/buffer-equal/-/buffer-equal-1.0.1.tgz",
-          "integrity": "sha512-QoV3ptgEaQpvVwbXdSO39iqPQTCxSF7A5U99AxbHYqUdCizL/lH2Z0A2y6nbZucxMEOtNyZfG2s6gsVugGpKkg==",
-          "dev": true
-        }
-      }
-    },
-    "dmg-builder": {
-      "version": "24.13.3",
-      "resolved": "https://registry.npmjs.org/dmg-builder/-/dmg-builder-24.13.3.tgz",
-      "integrity": "sha512-rcJUkMfnJpfCboZoOOPf4L29TRtEieHNOeAbYPWPxlaBw/Z1RKrRA86dOI9rwaI4tQSc/RD82zTNHprfUHXsoQ==",
-      "dev": true,
-      "requires": {
-        "app-builder-lib": "24.13.3",
-        "builder-util": "24.13.1",
-        "builder-util-runtime": "9.2.4",
-        "dmg-license": "^1.0.11",
-        "fs-extra": "^10.1.0",
-        "iconv-lite": "^0.6.2",
-        "js-yaml": "^4.1.0"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "10.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
-          "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
-          "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
-          "dev": true
-        }
-      }
-    },
-    "dmg-license": {
-      "version": "1.0.11",
-      "resolved": "https://registry.npmjs.org/dmg-license/-/dmg-license-1.0.11.tgz",
-      "integrity": "sha512-ZdzmqwKmECOWJpqefloC5OJy1+WZBBse5+MR88z9g9Zn4VY+WYUkAyojmhzJckH5YbbZGcYIuGAkY5/Ys5OM2Q==",
-      "dev": true,
-      "optional": true,
-      "requires": {
-        "@types/plist": "^3.0.1",
-        "@types/verror": "^1.10.3",
-        "ajv": "^6.10.0",
-        "crc": "^3.8.0",
-        "iconv-corefoundation": "^1.1.7",
-        "plist": "^3.0.4",
-        "smart-buffer": "^4.0.2",
-        "verror": "^1.10.0"
-      }
-    },
-    "dom-serializer": {
-      "version": "1.3.2",
-      "resolved": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-1.3.2.tgz",
-      "integrity": "sha512-5c54Bk5Dw4qAxNOI1pFEizPSjVsx5+bpJKmL2kPn8JhBUq2q09tTCa3mjijun2NfK78NMouDYNMBkOrPZiS+ig==",
-      "requires": {
-        "domelementtype": "^2.0.1",
-        "domhandler": "^4.2.0",
-        "entities": "^2.0.0"
-      }
-    },
-    "dom-walk": {
-      "version": "0.1.2",
-      "resolved": "https://registry.npmjs.org/dom-walk/-/dom-walk-0.1.2.tgz",
-      "integrity": "sha512-6QvTW9mrGeIegrFXdtQi9pk7O/nSK6lSdXW2eqUspN5LWD7UTji2Fqw5V2YLjBpHEoU9Xl/eUWNpDeZvoyOv2w=="
-    },
-    "domelementtype": {
-      "version": "2.3.0",
-      "resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-2.3.0.tgz",
-      "integrity": "sha512-OLETBj6w0OsagBwdXnPdN0cnMfF9opN69co+7ZrbfPGrdpPVNBUj02spi6B1N7wChLQiPn4CSH/zJvXw56gmHw=="
-    },
-    "domhandler": {
-      "version": "4.2.2",
-      "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-4.2.2.tgz",
-      "integrity": "sha512-PzE9aBMsdZO8TK4BnuJwH0QT41wgMbRzuZrHUcpYncEjmQazq8QEaBWgLG7ZyC/DAZKEgglpIA6j4Qn/HmxS3w==",
-      "requires": {
-        "domelementtype": "^2.2.0"
-      }
-    },
-    "domino": {
-      "version": "2.1.6",
-      "resolved": "https://registry.npmjs.org/domino/-/domino-2.1.6.tgz",
-      "integrity": "sha512-3VdM/SXBZX2omc9JF9nOPCtDaYQ67BGp5CoLpIQlO2KCAPETs8TcDHacF26jXadGbvUteZzRTeos2fhID5+ucQ=="
-    },
-    "dompurify": {
-      "version": "3.0.6",
-      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.0.6.tgz",
-      "integrity": "sha512-ilkD8YEnnGh1zJ240uJsW7AzE+2qpbOUYjacomn3AvJ6J4JhKGSZ2nh4wUIXPZrEPppaCLx5jFe8T89Rk8tQ7w=="
-    },
-    "domutils": {
-      "version": "2.8.0",
-      "resolved": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz",
-      "integrity": "sha512-w96Cjofp72M5IIhpjgobBimYEfoPjx1Vx0BSX9P30WBdZW2WIKU0T1Bd0kz2eNZ9ikjKgHbEyKx8BB6H1L3h3A==",
-      "requires": {
-        "dom-serializer": "^1.0.1",
-        "domelementtype": "^2.2.0",
-        "domhandler": "^4.2.0"
-      }
-    },
-    "dotenv": {
-      "version": "16.4.5",
-      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.4.5.tgz",
-      "integrity": "sha512-ZmdL2rui+eB2YwhsWzjInR8LldtZHGDoQ1ugH85ppHKwpUHL7j7rN0Ti9NCnGiQbhaZ11FpR+7ao1dNsmduNUg=="
-    },
-    "dotenv-expand": {
-      "version": "5.1.0",
-      "resolved": "https://registry.npmjs.org/dotenv-expand/-/dotenv-expand-5.1.0.tgz",
-      "integrity": "sha512-YXQl1DSa4/PQyRfgrv6aoNjhasp/p4qs9FjJ4q4cQk+8m4r6k4ZSiEyytKG8f8W9gi8WsQtIObNmKd+tMzNTmA==",
-      "dev": true
-    },
-    "eastasianwidth": {
-      "version": "0.2.0",
-      "resolved": "https://registry.npmjs.org/eastasianwidth/-/eastasianwidth-0.2.0.tgz",
-      "integrity": "sha512-I88TYZWc9XiYHRQ4/3c5rjjfgkjhLyW2luGIheGERbNQ6OY7yTybanSpDXZa8y7VUP9YmDcYa+eyq4ca7iLqWA=="
-    },
-    "ecc-jsbn": {
-      "version": "0.1.2",
-      "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz",
-      "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=",
-      "requires": {
-        "jsbn": "~0.1.0",
-        "safer-buffer": "^2.1.0"
-      }
-    },
-    "ee-first": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz",
-      "integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0="
-    },
-    "ejs": {
-      "version": "3.1.9",
-      "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.9.tgz",
-      "integrity": "sha512-rC+QVNMJWv+MtPgkt0y+0rVEIdbtxVADApW9JXrUVlzHetgcyczP/E7DJmWJ4fJCZF2cPcBk0laWO9ZHMG3DmQ==",
-      "requires": {
-        "jake": "^10.8.5"
-      }
-    },
-    "electron": {
-      "version": "25.9.8",
-      "resolved": "https://registry.npmjs.org/electron/-/electron-25.9.8.tgz",
-      "integrity": "sha512-PGgp6PH46QVENHuAHc2NT1Su8Q1qov7qIl2jI5tsDpTibwV2zD8539AeWBQySeBU4dhbj9onIl7+1bXQ0wefBg==",
-      "requires": {
-        "@electron/get": "^2.0.0",
-        "@types/node": "^18.11.18",
-        "extract-zip": "^2.0.1"
-      },
-      "dependencies": {
-        "@types/node": {
-          "version": "18.19.17",
-          "resolved": "https://registry.npmjs.org/@types/node/-/node-18.19.17.tgz",
-          "integrity": "sha512-SzyGKgwPzuWp2SHhlpXKzCX0pIOfcI4V2eF37nNBJOhwlegQ83omtVQ1XxZpDE06V/d6AQvfQdPfnw0tRC//Ng==",
-          "requires": {
-            "undici-types": "~5.26.4"
-          }
-        }
-      }
-    },
-    "electron-builder": {
-      "version": "24.13.3",
-      "resolved": "https://registry.npmjs.org/electron-builder/-/electron-builder-24.13.3.tgz",
-      "integrity": "sha512-yZSgVHft5dNVlo31qmJAe4BVKQfFdwpRw7sFp1iQglDRCDD6r22zfRJuZlhtB5gp9FHUxCMEoWGq10SkCnMAIg==",
-      "dev": true,
-      "requires": {
-        "app-builder-lib": "24.13.3",
-        "builder-util": "24.13.1",
-        "builder-util-runtime": "9.2.4",
-        "chalk": "^4.1.2",
-        "dmg-builder": "24.13.3",
-        "fs-extra": "^10.1.0",
-        "is-ci": "^3.0.0",
-        "lazy-val": "^1.0.5",
-        "read-config-file": "6.3.2",
-        "simple-update-notifier": "2.0.0",
-        "yargs": "^17.6.2"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "10.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
-          "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz",
-          "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==",
-          "dev": true
-        }
-      }
-    },
-    "electron-builder-squirrel-windows": {
-      "version": "24.13.3",
-      "resolved": "https://registry.npmjs.org/electron-builder-squirrel-windows/-/electron-builder-squirrel-windows-24.13.3.tgz",
-      "integrity": "sha512-oHkV0iogWfyK+ah9ZIvMDpei1m9ZRpdXcvde1wTpra2U8AFDNNpqJdnin5z+PM1GbQ5BoaKCWas2HSjtR0HwMg==",
-      "dev": true,
-      "peer": true,
-      "requires": {
-        "app-builder-lib": "24.13.3",
-        "archiver": "^5.3.1",
-        "builder-util": "24.13.1",
-        "fs-extra": "^10.1.0"
-      },
-      "dependencies": {
-        "archiver": {
-          "version": "5.3.2",
-          "resolved": "https://registry.npmjs.org/archiver/-/archiver-5.3.2.tgz",
-          "integrity": "sha512-+25nxyyznAXF7Nef3y0EbBeqmGZgeN/BxHX29Rs39djAfaFalmQ89SE6CWyDCHzGL0yt/ycBtNOmGTW0FyGWNw==",
-          "dev": true,
-          "peer": true,
-          "requires": {
-            "archiver-utils": "^2.1.0",
-            "async": "^3.2.4",
-            "buffer-crc32": "^0.2.1",
-            "readable-stream": "^3.6.0",
-            "readdir-glob": "^1.1.2",
-            "tar-stream": "^2.2.0",
-            "zip-stream": "^4.1.0"
-          },
-          "dependencies": {
-            "readable-stream": {
-              "version": "3.6.2",
-              "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
-              "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
-              "dev": true,
-              "peer": true,
-              "requires": {
-                "inherits": "^2.0.3",
-                "string_decoder": "^1.1.1",
-                "util-deprecate": "^1.0.1"
-              }
-            }
-          }
-        },
-        "archiver-utils": {
-          "version": "2.1.0",
-          "resolved": "https://registry.npmjs.org/archiver-utils/-/archiver-utils-2.1.0.tgz",
-          "integrity": "sha512-bEL/yUb/fNNiNTuUz979Z0Yg5L+LzLxGJz8x79lYmR54fmTIb6ob/hNQgkQnIUDWIFjZVQwl9Xs356I6BAMHfw==",
-          "dev": true,
-          "peer": true,
-          "requires": {
-            "glob": "^7.1.4",
-            "graceful-fs": "^4.2.0",
-            "lazystream": "^1.0.0",
-            "lodash.defaults": "^4.2.0",
-            "lodash.difference": "^4.5.0",
-            "lodash.flatten": "^4.4.0",
-            "lodash.isplainobject": "^4.0.6",
-            "lodash.union": "^4.6.0",
-            "normalize-path": "^3.0.0",
-            "readable-stream": "^2.0.0"
-          }
-        },
-        "compress-commons": {
-          "version": "4.1.2",
-          "resolved": "https://registry.npmjs.org/compress-commons/-/compress-commons-4.1.2.tgz",
-          "integrity": "sha512-D3uMHtGc/fcO1Gt1/L7i1e33VOvD4A9hfQLP+6ewd+BvG/gQ84Yh4oftEhAdjSMgBgwGL+jsppT7JYNpo6MHHg==",
-          "dev": true,
-          "peer": true,
-          "requires": {
-            "buffer-crc32": "^0.2.13",
-            "crc32-stream": "^4.0.2",
-            "normalize-path": "^3.0.0",
-            "readable-stream": "^3.6.0"
-          },
-          "dependencies": {
-            "readable-stream": {
-              "version": "3.6.2",
-              "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
-              "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
-              "dev": true,
-              "peer": true,
-              "requires": {
-                "inherits": "^2.0.3",
-                "string_decoder": "^1.1.1",
-                "util-deprecate": "^1.0.1"
-              }
-            }
-          }
-        },
-        "crc32-stream": {
-          "version": "4.0.3",
-          "resolved": "https://registry.npmjs.org/crc32-stream/-/crc32-stream-4.0.3.tgz",
-          "integrity": "sha512-NT7w2JVU7DFroFdYkeq8cywxrgjPHWkdX1wjpRQXPX5Asews3tA+Ght6lddQO5Mkumffp3X7GEqku3epj2toIw==",
-          "dev": true,
-          "peer": true,
-          "requires": {
-            "crc-32": "^1.2.0",
-            "readable-stream": "^3.4.0"
-          },
-          "dependencies": {
-            "readable-stream": {
-              "version": "3.6.2",
-              "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
-              "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
-              "dev": true,
-              "peer": true,
-              "requires": {
-                "inherits": "^2.0.3",
-                "string_decoder": "^1.1.1",
-                "util-deprecate": "^1.0.1"
-              }
-            }
-          }
-        },
-        "fs-extra": {
-          "version": "10.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
-          "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
-          "dev": true,
-          "peer": true,
-          "requires": {
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "peer": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
-          "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
-          "dev": true,
-          "peer": true
-        },
-        "zip-stream": {
-          "version": "4.1.1",
-          "resolved": "https://registry.npmjs.org/zip-stream/-/zip-stream-4.1.1.tgz",
-          "integrity": "sha512-9qv4rlDiopXg4E69k+vMHjNN63YFMe9sZMrdlvKnCjlCRWeCBswPPMPUfx+ipsAWq1LXHe70RcbaHdJJpS6hyQ==",
-          "dev": true,
-          "peer": true,
-          "requires": {
-            "archiver-utils": "^3.0.4",
-            "compress-commons": "^4.1.2",
-            "readable-stream": "^3.6.0"
-          },
-          "dependencies": {
-            "archiver-utils": {
-              "version": "3.0.4",
-              "resolved": "https://registry.npmjs.org/archiver-utils/-/archiver-utils-3.0.4.tgz",
-              "integrity": "sha512-KVgf4XQVrTjhyWmx6cte4RxonPLR9onExufI1jhvw/MQ4BB6IsZD5gT8Lq+u/+pRkWna/6JoHpiQioaqFP5Rzw==",
-              "dev": true,
-              "peer": true,
-              "requires": {
-                "glob": "^7.2.3",
-                "graceful-fs": "^4.2.0",
-                "lazystream": "^1.0.0",
-                "lodash.defaults": "^4.2.0",
-                "lodash.difference": "^4.5.0",
-                "lodash.flatten": "^4.4.0",
-                "lodash.isplainobject": "^4.0.6",
-                "lodash.union": "^4.6.0",
-                "normalize-path": "^3.0.0",
-                "readable-stream": "^3.6.0"
-              }
-            },
-            "readable-stream": {
-              "version": "3.6.2",
-              "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
-              "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
-              "dev": true,
-              "peer": true,
-              "requires": {
-                "inherits": "^2.0.3",
-                "string_decoder": "^1.1.1",
-                "util-deprecate": "^1.0.1"
-              }
-            }
-          }
-        }
-      }
-    },
-    "electron-debug": {
-      "version": "3.2.0",
-      "resolved": "https://registry.npmjs.org/electron-debug/-/electron-debug-3.2.0.tgz",
-      "integrity": "sha512-7xZh+LfUvJ52M9rn6N+tPuDw6oRAjxUj9SoxAZfJ0hVCXhZCsdkrSt7TgXOiWiEOBgEV8qwUIO/ScxllsPS7ow==",
-      "requires": {
-        "electron-is-dev": "^1.1.0",
-        "electron-localshortcut": "^3.1.0"
-      }
-    },
-    "electron-dl": {
-      "version": "3.5.2",
-      "resolved": "https://registry.npmjs.org/electron-dl/-/electron-dl-3.5.2.tgz",
-      "integrity": "sha512-i104cl+u8yJ0lhpRAtUWfeGuWuL1PL6TBiw2gLf0MMIBjfgE485Ags2mcySx4uWU9P9uj/vsD3jd7X+w1lzZxw==",
-      "requires": {
-        "ext-name": "^5.0.0",
-        "pupa": "^2.0.1",
-        "unused-filename": "^2.1.0"
-      }
-    },
-    "electron-installer-common": {
-      "version": "0.10.3",
-      "resolved": "https://registry.npmjs.org/electron-installer-common/-/electron-installer-common-0.10.3.tgz",
-      "integrity": "sha512-mYbP+6i+nHMIm0WZHXgGdmmXMe+KXncl6jZYQNcCF9C1WsNA9C5SZ2VP4TLQMSIoFO+X4ugkMEA5uld1bmyEvA==",
-      "optional": true,
-      "requires": {
-        "@malept/cross-spawn-promise": "^1.0.0",
-        "@types/fs-extra": "^9.0.1",
-        "asar": "^3.0.0",
-        "debug": "^4.1.1",
-        "fs-extra": "^9.0.0",
-        "glob": "^7.1.4",
-        "lodash": "^4.17.15",
-        "parse-author": "^2.0.0",
-        "semver": "^7.1.1",
-        "tmp-promise": "^3.0.2"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "9.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
-          "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
-          "optional": true,
-          "requires": {
-            "at-least-node": "^1.0.0",
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "optional": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz",
-          "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==",
-          "optional": true
-        }
-      }
-    },
-    "electron-installer-debian": {
-      "version": "3.2.0",
-      "resolved": "https://registry.npmjs.org/electron-installer-debian/-/electron-installer-debian-3.2.0.tgz",
-      "integrity": "sha512-58ZrlJ1HQY80VucsEIG9tQ//HrTlG6sfofA3nRGr6TmkX661uJyu4cMPPh6kXW+aHdq/7+q25KyQhDrXvRL7jw==",
-      "optional": true,
-      "requires": {
-        "@malept/cross-spawn-promise": "^1.0.0",
-        "debug": "^4.1.1",
-        "electron-installer-common": "^0.10.2",
-        "fs-extra": "^9.0.0",
-        "get-folder-size": "^2.0.1",
-        "lodash": "^4.17.4",
-        "word-wrap": "^1.2.3",
-        "yargs": "^16.0.2"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "9.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-9.1.0.tgz",
-          "integrity": "sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ==",
-          "optional": true,
-          "requires": {
-            "at-least-node": "^1.0.0",
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "optional": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz",
-          "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==",
-          "optional": true
-        },
-        "yargs": {
-          "version": "16.2.0",
-          "resolved": "https://registry.npmjs.org/yargs/-/yargs-16.2.0.tgz",
-          "integrity": "sha512-D1mvvtDG0L5ft/jGWkLpG1+m0eQxOfaBvTNELraWj22wSVUMWxZUvYgJYcKh6jGGIkJFhH4IZPQhR4TKpc8mBw==",
-          "optional": true,
-          "requires": {
-            "cliui": "^7.0.2",
-            "escalade": "^3.1.1",
-            "get-caller-file": "^2.0.5",
-            "require-directory": "^2.1.1",
-            "string-width": "^4.2.0",
-            "y18n": "^5.0.5",
-            "yargs-parser": "^20.2.2"
-          }
-        },
-        "yargs-parser": {
-          "version": "20.2.9",
-          "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-20.2.9.tgz",
-          "integrity": "sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w==",
-          "optional": true
-        }
-      }
-    },
-    "electron-is-accelerator": {
-      "version": "0.1.2",
-      "resolved": "https://registry.npmjs.org/electron-is-accelerator/-/electron-is-accelerator-0.1.2.tgz",
-      "integrity": "sha1-UJ5RDCala1Xhf4Y6SwThEYRqsns="
-    },
-    "electron-is-dev": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/electron-is-dev/-/electron-is-dev-1.2.0.tgz",
-      "integrity": "sha512-R1oD5gMBPS7PVU8gJwH6CtT0e6VSoD0+SzSnYpNm+dBkcijgA+K7VAMHDfnRq/lkKPZArpzplTW6jfiMYosdzw=="
-    },
-    "electron-localshortcut": {
-      "version": "3.2.1",
-      "resolved": "https://registry.npmjs.org/electron-localshortcut/-/electron-localshortcut-3.2.1.tgz",
-      "integrity": "sha512-DWvhKv36GsdXKnaFFhEiK8kZZA+24/yFLgtTwJJHc7AFgDjNRIBJZ/jq62Y/dWv9E4ypYwrVWN2bVrCYw1uv7Q==",
-      "requires": {
-        "debug": "^4.0.1",
-        "electron-is-accelerator": "^0.1.0",
-        "keyboardevent-from-electron-accelerator": "^2.0.0",
-        "keyboardevents-areequal": "^0.2.1"
-      }
-    },
-    "electron-packager": {
-      "version": "17.1.2",
-      "resolved": "https://registry.npmjs.org/electron-packager/-/electron-packager-17.1.2.tgz",
-      "integrity": "sha512-XofXdikjYI7MVBcnXeoOvRR+yFFFHOLs3J7PF5KYQweigtgLshcH4W660PsvHr4lYZ03JBpLyEcUB8DzHZ+BNw==",
-      "dev": true,
-      "requires": {
-        "@electron/asar": "^3.2.1",
-        "@electron/get": "^2.0.0",
-        "@electron/notarize": "^1.2.3",
-        "@electron/osx-sign": "^1.0.5",
-        "@electron/universal": "^1.3.2",
-        "cross-spawn-windows-exe": "^1.2.0",
-        "debug": "^4.0.1",
-        "extract-zip": "^2.0.0",
-        "filenamify": "^4.1.0",
-        "fs-extra": "^11.1.0",
-        "galactus": "^1.0.0",
-        "get-package-info": "^1.0.0",
-        "junk": "^3.1.0",
-        "parse-author": "^2.0.0",
-        "plist": "^3.0.0",
-        "rcedit": "^3.0.1",
-        "resolve": "^1.1.6",
-        "semver": "^7.1.3",
-        "yargs-parser": "^21.1.1"
-      },
-      "dependencies": {
-        "cross-spawn-windows-exe": {
-          "version": "1.2.0",
-          "resolved": "https://registry.npmjs.org/cross-spawn-windows-exe/-/cross-spawn-windows-exe-1.2.0.tgz",
-          "integrity": "sha512-mkLtJJcYbDCxEG7Js6eUnUNndWjyUZwJ3H7bErmmtOYU/Zb99DyUkpamuIZE0b3bhmJyZ7D90uS6f+CGxRRjOw==",
-          "dev": true,
-          "requires": {
-            "@malept/cross-spawn-promise": "^1.1.0",
-            "is-wsl": "^2.2.0",
-            "which": "^2.0.2"
-          }
-        },
-        "rcedit": {
-          "version": "3.1.0",
-          "resolved": "https://registry.npmjs.org/rcedit/-/rcedit-3.1.0.tgz",
-          "integrity": "sha512-WRlRdY1qZbu1L11DklT07KuHfRk42l0NFFJdaExELEu4fEQ982bP5Z6OWGPj/wLLIuKRQDCxZJGAwoFsxhZhNA==",
-          "dev": true,
-          "requires": {
-            "cross-spawn-windows-exe": "^1.1.0"
-          }
-        }
-      }
-    },
-    "electron-publish": {
-      "version": "24.13.1",
-      "resolved": "https://registry.npmjs.org/electron-publish/-/electron-publish-24.13.1.tgz",
-      "integrity": "sha512-2ZgdEqJ8e9D17Hwp5LEq5mLQPjqU3lv/IALvgp+4W8VeNhryfGhYEQC/PgDPMrnWUp+l60Ou5SJLsu+k4mhQ8A==",
-      "dev": true,
-      "requires": {
-        "@types/fs-extra": "^9.0.11",
-        "builder-util": "24.13.1",
-        "builder-util-runtime": "9.2.4",
-        "chalk": "^4.1.2",
-        "fs-extra": "^10.1.0",
-        "lazy-val": "^1.0.5",
-        "mime": "^2.5.2"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "10.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
-          "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "mime": {
-          "version": "2.6.0",
-          "resolved": "https://registry.npmjs.org/mime/-/mime-2.6.0.tgz",
-          "integrity": "sha512-USPkMeET31rOMiarsBNIHZKLGgvKc/LrjofAnBlOttf5ajRvqiRA8QsenbcooctK6d6Ts6aqZXBA+XbkKthiQg==",
-          "dev": true
-        },
-        "universalify": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
-          "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
-          "dev": true
-        }
-      }
-    },
-    "electron-rebuild": {
-      "version": "3.2.9",
-      "resolved": "https://registry.npmjs.org/electron-rebuild/-/electron-rebuild-3.2.9.tgz",
-      "integrity": "sha512-FkEZNFViUem3P0RLYbZkUjC8LUFIK+wKq09GHoOITSJjfDAVQv964hwaNseTTWt58sITQX3/5fHNYcTefqaCWw==",
-      "dev": true,
-      "requires": {
-        "@malept/cross-spawn-promise": "^2.0.0",
-        "chalk": "^4.0.0",
-        "debug": "^4.1.1",
-        "detect-libc": "^2.0.1",
-        "fs-extra": "^10.0.0",
-        "got": "^11.7.0",
-        "lzma-native": "^8.0.5",
-        "node-abi": "^3.0.0",
-        "node-api-version": "^0.1.4",
-        "node-gyp": "^9.0.0",
-        "ora": "^5.1.0",
-        "semver": "^7.3.5",
-        "tar": "^6.0.5",
-        "yargs": "^17.0.1"
-      },
-      "dependencies": {
-        "@malept/cross-spawn-promise": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/@malept/cross-spawn-promise/-/cross-spawn-promise-2.0.0.tgz",
-          "integrity": "sha512-1DpKU0Z5ThltBwjNySMC14g0CkbyhCaz9FkhxqNsZI6uAPJXFS8cMXlBKo26FJ8ZuW6S9GCMcR9IO5k2X5/9Fg==",
-          "dev": true,
-          "requires": {
-            "cross-spawn": "^7.0.1"
-          }
-        },
-        "fs-extra": {
-          "version": "10.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
-          "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz",
-          "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==",
-          "dev": true
-        }
-      }
-    },
-    "electron-to-chromium": {
-      "version": "1.4.693",
-      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.4.693.tgz",
-      "integrity": "sha512-/if4Ueg0GUQlhCrW2ZlXwDAm40ipuKo+OgeHInlL8sbjt+hzISxZK949fZeJaVsheamrzANXvw1zQTvbxTvSHw==",
-      "dev": true
-    },
-    "electron-window-state": {
-      "version": "5.0.3",
-      "resolved": "https://registry.npmjs.org/electron-window-state/-/electron-window-state-5.0.3.tgz",
-      "integrity": "sha512-1mNTwCfkolXl3kMf50yW3vE2lZj0y92P/HYWFBrb+v2S/pCka5mdwN3cagKm458A7NjndSwijynXgcLWRodsVg==",
-      "requires": {
-        "jsonfile": "^4.0.0",
-        "mkdirp": "^0.5.1"
-      }
-    },
-    "elkjs": {
-      "version": "0.9.2",
-      "resolved": "https://registry.npmjs.org/elkjs/-/elkjs-0.9.2.tgz",
-      "integrity": "sha512-2Y/RaA1pdgSHpY0YG4TYuYCD2wh97CRvu22eLG3Kz0pgQ/6KbIFTxsTnDc4MH/6hFlg2L/9qXrDMG0nMjP63iw=="
-    },
-    "emitter-listener": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/emitter-listener/-/emitter-listener-1.1.2.tgz",
-      "integrity": "sha512-Bt1sBAGFHY9DKY+4/2cV6izcKJUf5T7/gkdmkxzX/qv9CcGH8xSwVRW5mtX03SWJtRTWSOpzCuWN9rBFYZepZQ==",
-      "requires": {
-        "shimmer": "^1.2.0"
-      }
-    },
-    "emoji-regex": {
-      "version": "8.0.0",
-      "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz",
-      "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A=="
-    },
-    "encodeurl": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/encodeurl/-/encodeurl-1.0.2.tgz",
-      "integrity": "sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k="
-    },
-    "encoding": {
-      "version": "0.1.13",
-      "resolved": "https://registry.npmjs.org/encoding/-/encoding-0.1.13.tgz",
-      "integrity": "sha512-ETBauow1T35Y/WZMkio9jiM0Z5xjHHmJ4XmjZOq1l/dXz3lr2sRn87nJy20RupqSh1F2m3HHPSp8ShIPQJrJ3A==",
-      "optional": true,
-      "requires": {
-        "iconv-lite": "^0.6.2"
-      }
-    },
-    "end-of-stream": {
-      "version": "1.4.4",
-      "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz",
-      "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==",
-      "requires": {
-        "once": "^1.4.0"
-      }
-    },
-    "enhanced-resolve": {
-      "version": "5.15.0",
-      "resolved": "https://registry.npmjs.org/enhanced-resolve/-/enhanced-resolve-5.15.0.tgz",
-      "integrity": "sha512-LXYT42KJ7lpIKECr2mAXIaMldcNCh/7E0KBKOu4KSfkHmP+mZmSs+8V5gBAqisWBy0OO4W5Oyys0GO1Y8KtdKg==",
-      "dev": true,
-      "requires": {
-        "graceful-fs": "^4.2.4",
-        "tapable": "^2.2.0"
-      }
-    },
-    "entities": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/entities/-/entities-2.2.0.tgz",
-      "integrity": "sha512-p92if5Nz619I0w+akJrLZH0MX0Pb5DX39XOwQTtXSdQQOaYH03S1uIQp4mhOZtAXrxq4ViO67YTiLBo2638o9A=="
-    },
-    "env-paths": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmjs.org/env-paths/-/env-paths-2.2.1.tgz",
-      "integrity": "sha512-+h1lkLKhZMTYjog1VEpJNG7NZJWcuc2DDk/qsqSTRRCOXiLjeQ1d1/udrUGhqMxUgAlwKNZ0cf2uqan5GLuS2A=="
-    },
-    "envinfo": {
-      "version": "7.8.1",
-      "resolved": "https://registry.npmjs.org/envinfo/-/envinfo-7.8.1.tgz",
-      "integrity": "sha512-/o+BXHmB7ocbHEAs6F2EnG0ogybVVUdkRunTT2glZU9XAaGmhqskrvKwqXuDfNjEO0LZKWdejEEpnq8aM0tOaw==",
-      "dev": true
-    },
-    "err-code": {
-      "version": "2.0.3",
-      "resolved": "https://registry.npmjs.org/err-code/-/err-code-2.0.3.tgz",
-      "integrity": "sha512-2bmlRpNKBxT/CRmPOlyISQpNj+qSeYvcym/uT0Jx2bMOlKLtSy1ZmLuVxSEKKyor/N5yhvp/ZiG1oE3DEYMSFA==",
-      "dev": true
-    },
-    "error-ex": {
-      "version": "1.3.2",
-      "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz",
-      "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==",
-      "dev": true,
-      "requires": {
-        "is-arrayish": "^0.2.1"
-      }
-    },
-    "es-module-lexer": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/es-module-lexer/-/es-module-lexer-1.2.1.tgz",
-      "integrity": "sha512-9978wrXM50Y4rTMmW5kXIC09ZdXQZqkE4mxhwkd8VbzsGkXGPgV4zWuqQJgCEzYngdo2dYDa0l8xhX4fkSwJSg==",
-      "dev": true
-    },
-    "es6-error": {
-      "version": "4.1.1",
-      "resolved": "https://registry.npmjs.org/es6-error/-/es6-error-4.1.1.tgz",
-      "integrity": "sha512-Um/+FxMr9CISWh0bi5Zv0iOD+4cFh5qLeks1qhAopKVAJw3drgKbKySikp7wGhDL0HPeaja0P5ULZrxLkniUVg==",
-      "optional": true
-    },
-    "escalade": {
-      "version": "3.1.1",
-      "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz",
-      "integrity": "sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==",
-      "devOptional": true
-    },
-    "escape-goat": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/escape-goat/-/escape-goat-2.1.1.tgz",
-      "integrity": "sha512-8/uIhbG12Csjy2JEW7D9pHbreaVaS/OpN3ycnyvElTdwM5n6GY6W6e2IPemfvGZeUMqZ9A/3GqIZMgKnBhAw/Q=="
-    },
-    "escape-html": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz",
-      "integrity": "sha512-NiSupZ4OeuGwr68lGIeym/ksIZMJodUGOSCZ/FSnTxcrekbvqrgdUxlJOMpijaKZVjAJrWrGs/6Jy8OMuyj9ow=="
-    },
-    "escape-string-regexp": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
-      "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=",
-      "dev": true
-    },
-    "eslint-scope": {
-      "version": "5.1.1",
-      "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-5.1.1.tgz",
-      "integrity": "sha512-2NxwbF/hZ0KpepYN0cNbo+FN6XoK7GaHlQhgx/hIZl6Va0bF45RQOOwhLIy8lQDbuCiadSLCBnH2CFYquit5bw==",
-      "dev": true,
-      "requires": {
-        "esrecurse": "^4.3.0",
-        "estraverse": "^4.1.1"
-      },
-      "dependencies": {
-        "estraverse": {
-          "version": "4.3.0",
-          "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.3.0.tgz",
-          "integrity": "sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==",
-          "dev": true
-        }
-      }
-    },
-    "esm": {
-      "version": "3.2.25",
-      "resolved": "https://registry.npmjs.org/esm/-/esm-3.2.25.tgz",
-      "integrity": "sha512-U1suiZ2oDVWv4zPO56S0NcR5QriEahGtdN2OR6FiOG4WJvcjBVFB0qI4+eKoWFH483PKGuLuu6V8Z4T5g63UVA==",
-      "dev": true
-    },
-    "esrecurse": {
-      "version": "4.3.0",
-      "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.3.0.tgz",
-      "integrity": "sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==",
-      "dev": true,
-      "requires": {
-        "estraverse": "^5.2.0"
-      }
-    },
-    "estraverse": {
-      "version": "5.3.0",
-      "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-5.3.0.tgz",
-      "integrity": "sha512-MMdARuVEQziNTeJD8DgMqmhwR11BRQ/cBP+pLtYdSTnf3MIO8fFeiINEbX36ZdNlfU/7A9f3gUw49B3oQsvwBA==",
-      "dev": true
-    },
-    "etag": {
-      "version": "1.8.1",
-      "resolved": "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz",
-      "integrity": "sha1-Qa4u62XvpiJorr/qg6x9eSmbCIc="
-    },
-    "event-target-shim": {
-      "version": "5.0.1",
-      "resolved": "https://registry.npmjs.org/event-target-shim/-/event-target-shim-5.0.1.tgz",
-      "integrity": "sha512-i/2XbnSz/uxRCU6+NdVJgKWDTM427+MqYbkQzD321DuCQJUqOuJKIA0IM2+W2xtYHdKOmZ4dR6fExsd4SXL+WQ=="
-    },
-    "events": {
-      "version": "3.3.0",
-      "resolved": "https://registry.npmjs.org/events/-/events-3.3.0.tgz",
-      "integrity": "sha512-mQw+2fkQbALzQ7V0MY0IqdnXNOeTtP4r0lN9z7AAawCXgqea7bDii20AYrIBrFd/Hx0M2Ocz6S111CaFkUcb0Q=="
-    },
-    "exif-parser": {
-      "version": "0.1.12",
-      "resolved": "https://registry.npmjs.org/exif-parser/-/exif-parser-0.1.12.tgz",
-      "integrity": "sha512-c2bQfLNbMzLPmzQuOr8fy0csy84WmwnER81W88DzTp9CYNPJ6yzOj2EZAh9pywYpqHnshVLHQJ8WzldAyfY+Iw=="
-    },
-    "expand-template": {
-      "version": "2.0.3",
-      "resolved": "https://registry.npmjs.org/expand-template/-/expand-template-2.0.3.tgz",
-      "integrity": "sha512-XYfuKMvj4O35f/pOXLObndIRvyQ+/+6AhODh+OKWj9S9498pHHn/IMszH+gt0fBCRWMNfk1ZSp5x3AifmnI2vg=="
-    },
-    "express": {
-      "version": "4.19.2",
-      "resolved": "https://registry.npmjs.org/express/-/express-4.19.2.tgz",
-      "integrity": "sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==",
-      "requires": {
-        "accepts": "~1.3.8",
-        "array-flatten": "1.1.1",
-        "body-parser": "1.20.2",
-        "content-disposition": "0.5.4",
-        "content-type": "~1.0.4",
-        "cookie": "0.6.0",
-        "cookie-signature": "1.0.6",
-        "debug": "2.6.9",
-        "depd": "2.0.0",
-        "encodeurl": "~1.0.2",
-        "escape-html": "~1.0.3",
-        "etag": "~1.8.1",
-        "finalhandler": "1.2.0",
-        "fresh": "0.5.2",
-        "http-errors": "2.0.0",
-        "merge-descriptors": "1.0.1",
-        "methods": "~1.1.2",
-        "on-finished": "2.4.1",
-        "parseurl": "~1.3.3",
-        "path-to-regexp": "0.1.7",
-        "proxy-addr": "~2.0.7",
-        "qs": "6.11.0",
-        "range-parser": "~1.2.1",
-        "safe-buffer": "5.2.1",
-        "send": "0.18.0",
-        "serve-static": "1.15.0",
-        "setprototypeof": "1.2.0",
-        "statuses": "2.0.1",
-        "type-is": "~1.6.18",
-        "utils-merge": "1.0.1",
-        "vary": "~1.1.2"
-      },
-      "dependencies": {
-        "cookie": {
-          "version": "0.6.0",
-          "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
-          "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw=="
-        },
-        "debug": {
-          "version": "2.6.9",
-          "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
-          "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
-          "requires": {
-            "ms": "2.0.0"
-          }
-        },
-        "depd": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
-          "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
-        },
-        "safe-buffer": {
-          "version": "5.2.1",
-          "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
-          "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ=="
-        },
-        "setprototypeof": {
-          "version": "1.2.0",
-          "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz",
-          "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw=="
-        },
-        "statuses": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz",
-          "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ=="
-        }
-      }
-    },
-    "express-openid-connect": {
-      "version": "2.17.1",
-      "resolved": "https://registry.npmjs.org/express-openid-connect/-/express-openid-connect-2.17.1.tgz",
-      "integrity": "sha512-5pVK6PNV09x6UN29R9Mer0XF3hwQq2HxiFsjZvLuIQ9ezeTUGbqrefzBOpzciz1S/1WWVaVPDIcj4EBpD8WB3Q==",
-      "requires": {
-        "base64url": "^3.0.1",
-        "clone": "^2.1.2",
-        "cookie": "^0.5.0",
-        "debug": "^4.3.4",
-        "futoin-hkdf": "^1.5.1",
-        "http-errors": "^1.8.1",
-        "joi": "^17.7.0",
-        "jose": "^2.0.6",
-        "on-headers": "^1.0.2",
-        "openid-client": "^4.9.1",
-        "url-join": "^4.0.1"
-      },
-      "dependencies": {
-        "clone": {
-          "version": "2.1.2",
-          "resolved": "https://registry.npmjs.org/clone/-/clone-2.1.2.tgz",
-          "integrity": "sha512-3Pe/CF1Nn94hyhIYpjtiLhdCoEoz0DqQ+988E9gmeEdQZlojxnOb74wctFyuwWQHzqyf9X7C7MG8juUpqBJT8w=="
-        },
-        "cookie": {
-          "version": "0.5.0",
-          "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.5.0.tgz",
-          "integrity": "sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw=="
-        },
-        "http-errors": {
-          "version": "1.8.1",
-          "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.8.1.tgz",
-          "integrity": "sha512-Kpk9Sm7NmI+RHhnj6OIWDI1d6fIoFAtFt9RLaTMRlg/8w49juAStsrBgp0Dp4OdxdVbRIeKhtCUvoi/RuAhO4g==",
-          "requires": {
-            "depd": "~1.1.2",
-            "inherits": "2.0.4",
-            "setprototypeof": "1.2.0",
-            "statuses": ">= 1.5.0 < 2",
-            "toidentifier": "1.0.1"
-          }
-        },
-        "jose": {
-          "version": "2.0.7",
-          "resolved": "https://registry.npmjs.org/jose/-/jose-2.0.7.tgz",
-          "integrity": "sha512-5hFWIigKqC+e/lRyQhfnirrAqUdIPMB7SJRqflJaO29dW7q5DFvH1XCSTmv6PQ6pb++0k6MJlLRoS0Wv4s38Wg==",
-          "requires": {
-            "@panva/asn1.js": "^1.0.0"
-          }
-        },
-        "openid-client": {
-          "version": "4.9.1",
-          "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-4.9.1.tgz",
-          "integrity": "sha512-DYUF07AHjI3QDKqKbn2F7RqozT4hyi4JvmpodLrq0HHoNP7t/AjeG/uqiBK1/N2PZSAQEThVjDLHSmJN4iqu/w==",
-          "requires": {
-            "aggregate-error": "^3.1.0",
-            "got": "^11.8.0",
-            "jose": "^2.0.5",
-            "lru-cache": "^6.0.0",
-            "make-error": "^1.3.6",
-            "object-hash": "^2.0.1",
-            "oidc-token-hash": "^5.0.1"
-          }
-        },
-        "setprototypeof": {
-          "version": "1.2.0",
-          "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz",
-          "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw=="
-        },
-        "toidentifier": {
-          "version": "1.0.1",
-          "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz",
-          "integrity": "sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA=="
-        }
-      }
-    },
-    "express-partial-content": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/express-partial-content/-/express-partial-content-1.0.2.tgz",
-      "integrity": "sha512-o1JrraDGpMFaPtkuvtZ4cIBC/xuJn90KBGlxRrm3FxcfER1bPaBnBsTnypF65p+CMTXul2KrZodb3Vv3MScB4A==",
-      "requires": {}
-    },
-    "express-rate-limit": {
-      "version": "7.2.0",
-      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.2.0.tgz",
-      "integrity": "sha512-T7nul1t4TNyfZMJ7pKRKkdeVJWa2CqB8NA1P8BwYaoDI5QSBZARv5oMS43J7b7I5P+4asjVXjb7ONuwDKucahg==",
-      "requires": {}
-    },
-    "express-session": {
-      "version": "1.18.0",
-      "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.18.0.tgz",
-      "integrity": "sha512-m93QLWr0ju+rOwApSsyso838LQwgfs44QtOP/WBiwtAgPIo/SAh1a5c6nn2BR6mFNZehTpqKDESzP+fRHVbxwQ==",
-      "requires": {
-        "cookie": "0.6.0",
-        "cookie-signature": "1.0.7",
-        "debug": "2.6.9",
-        "depd": "~2.0.0",
-        "on-headers": "~1.0.2",
-        "parseurl": "~1.3.3",
-        "safe-buffer": "5.2.1",
-        "uid-safe": "~2.1.5"
-      },
-      "dependencies": {
-        "cookie": {
-          "version": "0.6.0",
-          "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.6.0.tgz",
-          "integrity": "sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw=="
-        },
-        "cookie-signature": {
-          "version": "1.0.7",
-          "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.7.tgz",
-          "integrity": "sha512-NXdYc3dLr47pBkpUCHtKSwIOQXLVn8dZEuywboCOJY/osA0wFSLlSawr3KN8qXJEyX66FcONTH8EIlVuK0yyFA=="
-        },
-        "debug": {
-          "version": "2.6.9",
-          "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
-          "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
-          "requires": {
-            "ms": "2.0.0"
-          }
-        },
-        "depd": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
-          "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
-        },
-        "safe-buffer": {
-          "version": "5.2.1",
-          "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
-          "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ=="
-        }
-      }
-    },
-    "ext-list": {
-      "version": "2.2.2",
-      "resolved": "https://registry.npmjs.org/ext-list/-/ext-list-2.2.2.tgz",
-      "integrity": "sha512-u+SQgsubraE6zItfVA0tBuCBhfU9ogSRnsvygI7wht9TS510oLkBRXBsqopeUG/GBOIQyKZO9wjTqIu/sf5zFA==",
-      "requires": {
-        "mime-db": "^1.28.0"
-      }
-    },
-    "ext-name": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/ext-name/-/ext-name-5.0.0.tgz",
-      "integrity": "sha512-yblEwXAbGv1VQDmow7s38W77hzAgJAO50ztBLMcUyUBfxv1HC+LGwtiEN+Co6LtlqT/5uwVOxsD4TNIilWhwdQ==",
-      "requires": {
-        "ext-list": "^2.0.0",
-        "sort-keys-length": "^1.0.0"
-      }
-    },
-    "extend": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz",
-      "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g=="
-    },
-    "extend-shallow": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-2.0.1.tgz",
-      "integrity": "sha1-Ua99YUrZqfYQ6huvu5idaxxWiQ8=",
-      "requires": {
-        "is-extendable": "^0.1.0"
-      }
-    },
-    "extract-zip": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/extract-zip/-/extract-zip-2.0.1.tgz",
-      "integrity": "sha512-GDhU9ntwuKyGXdZBUgTIe+vXnWj0fppUEtMDL0+idd5Sta8TGpHssn/eusA9mrPr9qNDym6SxAYZjNvCn/9RBg==",
-      "requires": {
-        "@types/yauzl": "^2.9.1",
-        "debug": "^4.1.1",
-        "get-stream": "^5.1.0",
-        "yauzl": "^2.10.0"
-      },
-      "dependencies": {
-        "yauzl": {
-          "version": "2.10.0",
-          "resolved": "https://registry.npmjs.org/yauzl/-/yauzl-2.10.0.tgz",
-          "integrity": "sha512-p4a9I6X6nu6IhoGmBqAcbJy1mlC4j27vEPZX9F4L4/vZT3Lyq1VkFHw/V/PUcB9Buo+DG3iHkT0x3Qya58zc3g==",
-          "requires": {
-            "buffer-crc32": "~0.2.3",
-            "fd-slicer": "~1.1.0"
-          }
-        }
-      }
-    },
-    "extsprintf": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz",
-      "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU="
-    },
-    "fast-deep-equal": {
-      "version": "3.1.3",
-      "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
-      "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q=="
-    },
-    "fast-fifo": {
-      "version": "1.3.2",
-      "resolved": "https://registry.npmjs.org/fast-fifo/-/fast-fifo-1.3.2.tgz",
-      "integrity": "sha512-/d9sfos4yxzpwkDkuN7k2SqFKtYNmCTzgfEpz82x34IM9/zc8KGxQoXg1liNC/izpRM/MBdt44Nmx41ZWqk+FQ=="
-    },
-    "fast-json-stable-stringify": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.0.0.tgz",
-      "integrity": "sha1-1RQsDK7msRifh9OnYREGT4bIu/I="
-    },
-    "fast-xml-parser": {
-      "version": "3.21.1",
-      "resolved": "https://registry.npmjs.org/fast-xml-parser/-/fast-xml-parser-3.21.1.tgz",
-      "integrity": "sha512-FTFVjYoBOZTJekiUsawGsSYV9QL0A+zDYCRj7y34IO6Jg+2IMYEtQa+bbictpdpV8dHxXywqU7C0gRDEOFtBFg==",
-      "requires": {
-        "strnum": "^1.0.4"
-      }
-    },
-    "fastest-levenshtein": {
-      "version": "1.0.12",
-      "resolved": "https://registry.npmjs.org/fastest-levenshtein/-/fastest-levenshtein-1.0.12.tgz",
-      "integrity": "sha512-On2N+BpYJ15xIC974QNVuYGMOlEVt4s0EOI3wwMqOmK1fdDY+FN/zltPV8vosq4ad4c/gJ1KHScUn/6AWIgiow==",
-      "dev": true
-    },
-    "fd-slicer": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/fd-slicer/-/fd-slicer-1.1.0.tgz",
-      "integrity": "sha512-cE1qsB/VwyQozZ+q1dGxR8LBYNZeofhEdUNGSMbQD3Gw2lAzX9Zb3uIU6Ebc/Fmyjo9AWWfnn0AUCHqtevs/8g==",
-      "requires": {
-        "pend": "~1.2.0"
-      }
-    },
-    "file-type": {
-      "version": "16.5.4",
-      "resolved": "https://registry.npmjs.org/file-type/-/file-type-16.5.4.tgz",
-      "integrity": "sha512-/yFHK0aGjFEgDJjEKP0pWCplsPFPhwyfwevf/pVxiN0tmE4L9LmwWxWukdJSHdoCli4VgQLehjJtwQBnqmsKcw==",
-      "requires": {
-        "readable-web-to-node-stream": "^3.0.0",
-        "strtok3": "^6.2.4",
-        "token-types": "^4.1.1"
-      }
-    },
-    "file-uri-to-path": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz",
-      "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw=="
-    },
-    "filelist": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.4.tgz",
-      "integrity": "sha512-w1cEuf3S+DrLCQL7ET6kz+gmlJdbq9J7yXCSjK/OZCPA+qEN1WyF4ZAf0YYJa4/shHJra2t/d/r8SV4Ji+x+8Q==",
-      "requires": {
-        "minimatch": "^5.0.1"
-      },
-      "dependencies": {
-        "brace-expansion": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-          "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
-          "requires": {
-            "balanced-match": "^1.0.0"
-          }
-        },
-        "minimatch": {
-          "version": "5.0.1",
-          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.0.1.tgz",
-          "integrity": "sha512-nLDxIFRyhDblz3qMuq+SoRZED4+miJ/G+tdDrjkkkRnjAsBexeGpgjLEQ0blJy7rHhR2b93rhQY4SvyWu9v03g==",
-          "requires": {
-            "brace-expansion": "^2.0.1"
-          }
-        }
-      }
-    },
-    "filename-reserved-regex": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/filename-reserved-regex/-/filename-reserved-regex-2.0.0.tgz",
-      "integrity": "sha1-q/c9+rc10EVECr/qLZHzieu/oik=",
-      "dev": true
-    },
-    "filenamify": {
-      "version": "4.3.0",
-      "resolved": "https://registry.npmjs.org/filenamify/-/filenamify-4.3.0.tgz",
-      "integrity": "sha512-hcFKyUG57yWGAzu1CMt/dPzYZuv+jAJUT85bL8mrXvNe6hWj6yEHEc4EdcgiA6Z3oi1/9wXJdZPXF2dZNgwgOg==",
-      "dev": true,
-      "requires": {
-        "filename-reserved-regex": "^2.0.0",
-        "strip-outer": "^1.0.1",
-        "trim-repeated": "^1.0.0"
-      }
-    },
-    "fill-range": {
-      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
-      "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==",
-      "requires": {
-        "to-regex-range": "^5.0.1"
-      }
-    },
-    "finalhandler": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.2.0.tgz",
-      "integrity": "sha512-5uXcUVftlQMFnWC9qu/svkWv3GTd2PfUhK/3PLkYNAe7FbqJMt3515HaxE6eRL74GdsriiwujiawdaB1BpEISg==",
-      "requires": {
-        "debug": "2.6.9",
-        "encodeurl": "~1.0.2",
-        "escape-html": "~1.0.3",
-        "on-finished": "2.4.1",
-        "parseurl": "~1.3.3",
-        "statuses": "2.0.1",
-        "unpipe": "~1.0.0"
-      },
-      "dependencies": {
-        "debug": {
-          "version": "2.6.9",
-          "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
-          "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
-          "requires": {
-            "ms": "2.0.0"
-          }
-        },
-        "statuses": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz",
-          "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ=="
-        }
-      }
-    },
-    "find-up": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz",
-      "integrity": "sha512-PpOwAdQ/YlXQ2vj8a3h8IipDuYRi3wceVQQGYWxNINccq40Anw7BlsEXCMbt1Zt+OLA6Fq9suIpIWD0OsnISlw==",
-      "dev": true,
-      "requires": {
-        "locate-path": "^5.0.0",
-        "path-exists": "^4.0.0"
-      },
-      "dependencies": {
-        "locate-path": {
-          "version": "5.0.0",
-          "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-5.0.0.tgz",
-          "integrity": "sha512-t7hw9pI+WvuwNJXwk5zVHpyhIqzg2qTlklJOf0mVxGSbe3Fp2VieZcduNYjaLDoy6p9uGpQEGWG87WpMKlNq8g==",
-          "dev": true,
-          "requires": {
-            "p-locate": "^4.1.0"
-          }
-        },
-        "p-locate": {
-          "version": "4.1.0",
-          "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-4.1.0.tgz",
-          "integrity": "sha512-R79ZZ/0wAxKGu3oYMlz8jy/kbhsNrS7SKZ7PxEHBgJ5+F2mtFW2fK2cOtBh1cHYkQsbzFV7I+EoRKe6Yt0oK7A==",
-          "dev": true,
-          "requires": {
-            "p-limit": "^2.2.0"
-          }
-        },
-        "path-exists": {
-          "version": "4.0.0",
-          "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz",
-          "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w==",
-          "dev": true
-        }
-      }
-    },
-    "flora-colossus": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/flora-colossus/-/flora-colossus-2.0.0.tgz",
-      "integrity": "sha512-dz4HxH6pOvbUzZpZ/yXhafjbR2I8cenK5xL0KtBFb7U2ADsR+OwXifnxZjij/pZWF775uSCMzWVd+jDik2H2IA==",
-      "dev": true,
-      "requires": {
-        "debug": "^4.3.4",
-        "fs-extra": "^10.1.0"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "10.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
-          "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz",
-          "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==",
-          "dev": true
-        }
-      }
-    },
-    "follow-redirects": {
-      "version": "1.15.6",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.15.6.tgz",
-      "integrity": "sha512-wWN62YITEaOpSK584EZXJafH1AGpO8RVgElfkuXbTOrPX4fIfOyEpW/CsiNd8JdYrAoOvafRTOEnvsO++qCqFA=="
-    },
-    "force-graph": {
-      "version": "1.43.5",
-      "resolved": "https://registry.npmjs.org/force-graph/-/force-graph-1.43.5.tgz",
-      "integrity": "sha512-HveLELh9yhZXO/QOfaFS38vlwJZ/3sKu+jarfXzRmbmihSOH/BbRWnUvmg8wLFiYy6h4HlH4lkRfZRccHYmXgA==",
-      "requires": {
-        "@tweenjs/tween.js": "18 - 23",
-        "accessor-fn": "1",
-        "bezier-js": "3 - 6",
-        "canvas-color-tracker": "1",
-        "d3-array": "1 - 3",
-        "d3-drag": "2 - 3",
-        "d3-force-3d": "2 - 3",
-        "d3-scale": "1 - 4",
-        "d3-scale-chromatic": "1 - 3",
-        "d3-selection": "2 - 3",
-        "d3-zoom": "2 - 3",
-        "index-array-by": "1",
-        "kapsule": "^1.14",
-        "lodash-es": "4"
-      }
-    },
-    "foreground-child": {
-      "version": "3.1.1",
-      "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.1.1.tgz",
-      "integrity": "sha512-TMKDUnIte6bfb5nWv7V/caI169OHgvwjb7V4WkeUvbQQdjr5rWKqHFiKWb/fcOwB+CzBT+qbWjvj+DVwRskpIg==",
-      "requires": {
-        "cross-spawn": "^7.0.0",
-        "signal-exit": "^4.0.1"
-      },
-      "dependencies": {
-        "signal-exit": {
-          "version": "4.0.2",
-          "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-4.0.2.tgz",
-          "integrity": "sha512-MY2/qGx4enyjprQnFaZsHib3Yadh3IXyV2C321GY0pjGfVBu4un0uDJkwgdxqO+Rdx8JMT8IfJIRwbYVz3Ob3Q=="
-        }
-      }
-    },
-    "forever-agent": {
-      "version": "0.6.1",
-      "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz",
-      "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE="
-    },
-    "form-data": {
-      "version": "2.3.3",
-      "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz",
-      "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==",
-      "requires": {
-        "asynckit": "^0.4.0",
-        "combined-stream": "^1.0.6",
-        "mime-types": "^2.1.12"
-      }
-    },
-    "forwarded": {
-      "version": "0.2.0",
-      "resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.2.0.tgz",
-      "integrity": "sha512-buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow=="
-    },
-    "fresh": {
-      "version": "0.5.2",
-      "resolved": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz",
-      "integrity": "sha1-PYyt2Q2XZWn6g1qx+OSyOhBWBac="
-    },
-    "fs-constants": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/fs-constants/-/fs-constants-1.0.0.tgz",
-      "integrity": "sha512-y6OAwoSIf7FyjMIv94u+b5rdheZEjzR63GTyZJm5qh4Bi+2YgwLCcI/fPFZkL5PSixOt6ZNKm+w+Hfp/Bciwow=="
-    },
-    "fs-extra": {
-      "version": "11.2.0",
-      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-11.2.0.tgz",
-      "integrity": "sha512-PmDi3uwK5nFuXh7XDTlVnS17xJS7vW36is2+w3xcv8SVxiB4NyATf4ctkVY5bkSjX0Y4nbvZCq1/EjtEyr9ktw==",
-      "requires": {
-        "graceful-fs": "^4.2.0",
-        "jsonfile": "^6.0.1",
-        "universalify": "^2.0.0"
-      },
-      "dependencies": {
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz",
-          "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ=="
-        }
-      }
-    },
-    "fs-minipass": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/fs-minipass/-/fs-minipass-2.1.0.tgz",
-      "integrity": "sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==",
-      "dev": true,
-      "requires": {
-        "minipass": "^3.0.0"
-      }
-    },
-    "fs.realpath": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz",
-      "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=",
-      "devOptional": true
-    },
-    "fsevents": {
-      "version": "2.3.3",
-      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz",
-      "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==",
-      "optional": true
-    },
-    "function-bind": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz",
-      "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA=="
-    },
-    "futoin-hkdf": {
-      "version": "1.5.3",
-      "resolved": "https://registry.npmjs.org/futoin-hkdf/-/futoin-hkdf-1.5.3.tgz",
-      "integrity": "sha512-SewY5KdMpaoCeh7jachEWFsh1nNlaDjNHZXWqL5IGwtpEYHTgkr2+AMCgNwKWkcc0wpSYrZfR7he4WdmHFtDxQ=="
-    },
-    "galactus": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/galactus/-/galactus-1.0.0.tgz",
-      "integrity": "sha512-R1fam6D4CyKQGNlvJne4dkNF+PvUUl7TAJInvTGa9fti9qAv95quQz29GXapA4d8Ec266mJJxFVh82M4GIIGDQ==",
-      "dev": true,
-      "requires": {
-        "debug": "^4.3.4",
-        "flora-colossus": "^2.0.0",
-        "fs-extra": "^10.1.0"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "10.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
-          "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.0.tgz",
-          "integrity": "sha512-hAZsKq7Yy11Zu1DE0OzWjw7nnLZmJZYTDZZyEFHZdUhV8FkH5MCfoU1XMaxXovpyW5nq5scPqq0ZDP9Zyl04oQ==",
-          "dev": true
-        }
-      }
-    },
-    "gar": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/gar/-/gar-1.0.4.tgz",
-      "integrity": "sha512-w4n9cPWyP7aHxKxYHFQMegj7WIAsL/YX/C4Bs5Rr8s1H9M1rNtRWRsw+ovYMkXDQ5S4ZbYHsHAPmevPjPgw44w==",
-      "optional": true
-    },
-    "get-caller-file": {
-      "version": "2.0.5",
-      "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-2.0.5.tgz",
-      "integrity": "sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==",
-      "devOptional": true
-    },
-    "get-folder-size": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/get-folder-size/-/get-folder-size-2.0.1.tgz",
-      "integrity": "sha512-+CEb+GDCM7tkOS2wdMKTn9vU7DgnKUTuDlehkNJKNSovdCOVxs14OfKCk4cvSaR3za4gj+OBdl9opPN9xrJ0zA==",
-      "optional": true,
-      "requires": {
-        "gar": "^1.0.4",
-        "tiny-each-async": "2.0.3"
-      }
-    },
-    "get-intrinsic": {
-      "version": "1.2.2",
-      "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.2.tgz",
-      "integrity": "sha512-0gSo4ml/0j98Y3lngkFEot/zhiCeWsbYIlZ+uZOVgzLyLaUw7wxUL+nCTP0XJvJg1AXulJRI3UJi8GsbDuxdGA==",
-      "requires": {
-        "function-bind": "^1.1.2",
-        "has-proto": "^1.0.1",
-        "has-symbols": "^1.0.3",
-        "hasown": "^2.0.0"
-      }
-    },
-    "get-package-info": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/get-package-info/-/get-package-info-1.0.0.tgz",
-      "integrity": "sha1-ZDJ5ZWPigRPNlHTbvQAFKYWkmZw=",
-      "dev": true,
-      "requires": {
-        "bluebird": "^3.1.1",
-        "debug": "^2.2.0",
-        "lodash.get": "^4.0.0",
-        "read-pkg-up": "^2.0.0"
-      },
-      "dependencies": {
-        "debug": {
-          "version": "2.6.9",
-          "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
-          "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
-          "dev": true,
-          "requires": {
-            "ms": "2.0.0"
-          }
-        }
-      }
-    },
-    "get-stream": {
-      "version": "5.2.0",
-      "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-5.2.0.tgz",
-      "integrity": "sha512-nBF+F1rAZVCu/p7rjzgA+Yb4lfYXrpl7a6VmJrU8wF9I1CKvP/QwPNZHnOlwbTkY6dvtFIzFMSyQXbLoTQPRpA==",
-      "requires": {
-        "pump": "^3.0.0"
-      }
-    },
-    "getpass": {
-      "version": "0.1.7",
-      "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz",
-      "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=",
-      "requires": {
-        "assert-plus": "^1.0.0"
-      }
-    },
-    "gifwrap": {
-      "version": "0.10.1",
-      "resolved": "https://registry.npmjs.org/gifwrap/-/gifwrap-0.10.1.tgz",
-      "integrity": "sha512-2760b1vpJHNmLzZ/ubTtNnEx5WApN/PYWJvXvgS+tL1egTTthayFYIQQNi136FLEDcN/IyEY2EcGpIITD6eYUw==",
-      "requires": {
-        "image-q": "^4.0.0",
-        "omggif": "^1.0.10"
-      }
-    },
-    "github-from-package": {
-      "version": "0.0.0",
-      "resolved": "https://registry.npmjs.org/github-from-package/-/github-from-package-0.0.0.tgz",
-      "integrity": "sha512-SyHy3T1v2NUXn29OsWdxmK6RwHD+vkj3v8en8AOBZ1wBQ/hCAQ5bAQTD02kW4W9tUp/3Qh6J8r9EvntiyCmOOw=="
-    },
-    "glob": {
-      "version": "7.2.3",
-      "resolved": "https://registry.npmjs.org/glob/-/glob-7.2.3.tgz",
-      "integrity": "sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==",
-      "devOptional": true,
-      "requires": {
-        "fs.realpath": "^1.0.0",
-        "inflight": "^1.0.4",
-        "inherits": "2",
-        "minimatch": "^3.1.1",
-        "once": "^1.3.0",
-        "path-is-absolute": "^1.0.0"
-      }
-    },
-    "glob-parent": {
-      "version": "5.1.2",
-      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
-      "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
-      "requires": {
-        "is-glob": "^4.0.1"
-      }
-    },
-    "glob-to-regexp": {
-      "version": "0.4.1",
-      "resolved": "https://registry.npmjs.org/glob-to-regexp/-/glob-to-regexp-0.4.1.tgz",
-      "integrity": "sha512-lkX1HJXwyMcprw/5YUZc2s7DrpAiHB21/V+E1rHUrVNokkvB6bqMzT0VfV6/86ZNabt1k14YOIaT7nDvOX3Iiw==",
-      "dev": true
-    },
-    "global": {
-      "version": "4.4.0",
-      "resolved": "https://registry.npmjs.org/global/-/global-4.4.0.tgz",
-      "integrity": "sha512-wv/LAoHdRE3BeTGz53FAamhGlPLhlssK45usmGFThIi4XqnBmjKQ16u+RNbP7WvigRZDxUsM0J3gcQ5yicaL0w==",
-      "requires": {
-        "min-document": "^2.19.0",
-        "process": "^0.11.10"
-      }
-    },
-    "global-agent": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/global-agent/-/global-agent-3.0.0.tgz",
-      "integrity": "sha512-PT6XReJ+D07JvGoxQMkT6qji/jVNfX/h364XHZOWeRzy64sSFr+xJ5OX7LI3b4MPQzdL4H8Y8M0xzPpsVMwA8Q==",
-      "optional": true,
-      "requires": {
-        "boolean": "^3.0.1",
-        "es6-error": "^4.1.1",
-        "matcher": "^3.0.0",
-        "roarr": "^2.15.3",
-        "semver": "^7.3.2",
-        "serialize-error": "^7.0.1"
-      }
-    },
-    "globalthis": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/globalthis/-/globalthis-1.0.3.tgz",
-      "integrity": "sha512-sFdI5LyBiNTHjRd7cGPWapiHWMOXKyuBNX/cWJ3NfzrZQVa8GI/8cofCl74AOVqq9W5kNmguTIzJ/1s2gyI9wA==",
-      "optional": true,
-      "requires": {
-        "define-properties": "^1.1.3"
-      }
-    },
-    "gopd": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz",
-      "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==",
-      "requires": {
-        "get-intrinsic": "^1.1.3"
-      }
-    },
-    "got": {
-      "version": "11.8.6",
-      "resolved": "https://registry.npmjs.org/got/-/got-11.8.6.tgz",
-      "integrity": "sha512-6tfZ91bOr7bOXnK7PRDCGBLa1H4U080YHNaAQ2KsMGlLEzRbk44nsZF2E1IeRc3vtJHPVbKCYgdFbaGO2ljd8g==",
-      "requires": {
-        "@sindresorhus/is": "^4.0.0",
-        "@szmarczak/http-timer": "^4.0.5",
-        "@types/cacheable-request": "^6.0.1",
-        "@types/responselike": "^1.0.0",
-        "cacheable-lookup": "^5.0.3",
-        "cacheable-request": "^7.0.2",
-        "decompress-response": "^6.0.0",
-        "http2-wrapper": "^1.0.0-beta.5.2",
-        "lowercase-keys": "^2.0.0",
-        "p-cancelable": "^2.0.0",
-        "responselike": "^2.0.0"
-      }
-    },
-    "graceful-fs": {
-      "version": "4.2.9",
-      "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.9.tgz",
-      "integrity": "sha512-NtNxqUcXgpW2iMrfqSfR73Glt39K+BLwWsPs94yR63v45T0Wbej7eRmL5cWfwEgqXnmjQp3zaJTshdRW/qC2ZQ=="
-    },
-    "har-schema": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz",
-      "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI="
-    },
-    "har-validator": {
-      "version": "5.1.3",
-      "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz",
-      "integrity": "sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==",
-      "requires": {
-        "ajv": "^6.5.5",
-        "har-schema": "^2.0.0"
-      }
-    },
-    "has-flag": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-4.0.0.tgz",
-      "integrity": "sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ=="
-    },
-    "has-property-descriptors": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.0.tgz",
-      "integrity": "sha512-62DVLZGoiEBDHQyqG4w9xCuZ7eJEwNmJRWw2VY84Oedb7WFcA27fiEVe8oUQx9hAUJ4ekurquucTGwsyO1XGdQ==",
-      "requires": {
-        "get-intrinsic": "^1.1.1"
-      }
-    },
-    "has-proto": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.1.tgz",
-      "integrity": "sha512-7qE+iP+O+bgF9clE5+UoBFzE65mlBiVj3tKCrlNQ0Ogwm0BjpT/gK4SlLYDMybDh5I3TCTKnPPa0oMG7JDYrhg=="
-    },
-    "has-symbols": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz",
-      "integrity": "sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A=="
-    },
-    "has-unicode": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/has-unicode/-/has-unicode-2.0.1.tgz",
-      "integrity": "sha1-4Ob+aijPUROIVeCG0Wkedx3iqLk=",
-      "dev": true
-    },
-    "hasown": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.0.tgz",
-      "integrity": "sha512-vUptKVTpIJhcczKBbgnS+RtcuYMB8+oNzPK2/Hp3hanz8JmpATdmmgLgSaadVREkDm+e2giHwY3ZRkyjSIDDFA==",
-      "requires": {
-        "function-bind": "^1.1.2"
-      }
-    },
-    "he": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/he/-/he-1.2.0.tgz",
-      "integrity": "sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw=="
-    },
-    "heap": {
-      "version": "0.2.7",
-      "resolved": "https://registry.npmjs.org/heap/-/heap-0.2.7.tgz",
-      "integrity": "sha512-2bsegYkkHO+h/9MGbn6KWcE45cHZgPANo5LXF7EvWdT0yT2EguSVO1nDgU5c8+ZOPwp2vMNa7YFsJhVcDR9Sdg=="
-    },
-    "helmet": {
-      "version": "7.1.0",
-      "resolved": "https://registry.npmjs.org/helmet/-/helmet-7.1.0.tgz",
-      "integrity": "sha512-g+HZqgfbpXdCkme/Cd/mZkV0aV3BZZZSugecH03kl38m/Kmdx8jKjBikpDj2cr+Iynv4KpYEviojNdTJActJAg=="
-    },
-    "history": {
-      "version": "4.10.1",
-      "resolved": "https://registry.npmjs.org/history/-/history-4.10.1.tgz",
-      "integrity": "sha512-36nwAD620w12kuzPAsyINPWJqlNbij+hpK1k9XRloDtym8mxzGYl2c17LnV6IAGB2Dmg4tEa7G7DlawS0+qjew==",
-      "requires": {
-        "@babel/runtime": "^7.1.2",
-        "loose-envify": "^1.2.0",
-        "resolve-pathname": "^3.0.0",
-        "tiny-invariant": "^1.0.2",
-        "tiny-warning": "^1.0.0",
-        "value-equal": "^1.0.1"
-      }
-    },
-    "hoist-non-react-statics": {
-      "version": "2.5.5",
-      "resolved": "https://registry.npmjs.org/hoist-non-react-statics/-/hoist-non-react-statics-2.5.5.tgz",
-      "integrity": "sha512-rqcy4pJo55FTTLWt+bU8ukscqHeE/e9KWvsOW2b/a3afxQZhwkQdT1rPPCJ0rYXdj4vNcasY8zHTH+jF/qStxw=="
-    },
-    "hosted-git-info": {
-      "version": "2.8.9",
-      "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.9.tgz",
-      "integrity": "sha512-mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw==",
-      "dev": true
-    },
-    "html": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/html/-/html-1.0.0.tgz",
-      "integrity": "sha1-pUT6nqVJK/s6LMqCEKEL57WvH2E=",
-      "requires": {
-        "concat-stream": "^1.4.7"
-      }
-    },
-    "html-encoding-sniffer": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/html-encoding-sniffer/-/html-encoding-sniffer-4.0.0.tgz",
-      "integrity": "sha512-Y22oTqIU4uuPgEemfz7NDJz6OeKf12Lsu+QC+s3BVpda64lTiMYCyGwg5ki4vFxkMwQdeZDl2adZoqUgdFuTgQ==",
-      "requires": {
-        "whatwg-encoding": "^3.1.1"
-      }
-    },
-    "html2plaintext": {
-      "version": "2.1.4",
-      "resolved": "https://registry.npmjs.org/html2plaintext/-/html2plaintext-2.1.4.tgz",
-      "integrity": "sha512-kigGyxhh85E5SgKd3ilyKy9VTUgMTsEn3ex4cZcXBX47cACAWHgmOPbSVd05msM6RpOi5o+2nWrK5OhAQQWEsg==",
-      "requires": {
-        "cheerio": "1.0.0-rc.10",
-        "he": "1.2.0",
-        "plumb": "0.1.0"
-      }
-    },
-    "htmlparser2": {
-      "version": "6.1.0",
-      "resolved": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-6.1.0.tgz",
-      "integrity": "sha512-gyyPk6rgonLFEDGoeRgQNaEUvdJ4ktTmmUh/h2t7s+M8oPpIPxgNACWa+6ESR57kXstwqPiCut0V8NRpcwgU7A==",
-      "requires": {
-        "domelementtype": "^2.0.1",
-        "domhandler": "^4.0.0",
-        "domutils": "^2.5.2",
-        "entities": "^2.0.0"
-      }
-    },
-    "http-cache-semantics": {
-      "version": "4.1.1",
-      "resolved": "https://registry.npmjs.org/http-cache-semantics/-/http-cache-semantics-4.1.1.tgz",
-      "integrity": "sha512-er295DKPVsV82j5kw1Gjt+ADA/XYHsajl82cGNQG2eyoPkvgUhX+nDIyelzhIWbbsXP39EHcI6l5tYs2FYqYXQ=="
-    },
-    "http-errors": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-2.0.0.tgz",
-      "integrity": "sha512-FtwrG/euBzaEjYeRqOgly7G0qviiXoJWnvEH2Z1plBdXgbyjv34pHTSb9zoeHMyDy33+DWy5Wt9Wo+TURtOYSQ==",
-      "requires": {
-        "depd": "2.0.0",
-        "inherits": "2.0.4",
-        "setprototypeof": "1.2.0",
-        "statuses": "2.0.1",
-        "toidentifier": "1.0.1"
-      },
-      "dependencies": {
-        "depd": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
-          "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
-        },
-        "setprototypeof": {
-          "version": "1.2.0",
-          "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.2.0.tgz",
-          "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw=="
-        },
-        "statuses": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz",
-          "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ=="
-        },
-        "toidentifier": {
-          "version": "1.0.1",
-          "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz",
-          "integrity": "sha512-o5sSPKEkg/DIQNmH43V0/uerLrpzVedkUh8tGNvaeXpfpuwjKenlSox/2O/BTlZUtEe+JG7s5YhEz608PlAHRA=="
-        }
-      }
-    },
-    "http-proxy-agent": {
-      "version": "7.0.2",
-      "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-7.0.2.tgz",
-      "integrity": "sha512-T1gkAiYYDWYx3V5Bmyu7HcfcvL7mUrTWiM6yOfa3PIphViJ/gFPbvidQ+veqSOHci/PxBcDabeUNCzpOODJZig==",
-      "requires": {
-        "agent-base": "^7.1.0",
-        "debug": "^4.3.4"
-      },
-      "dependencies": {
-        "agent-base": {
-          "version": "7.1.0",
-          "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.0.tgz",
-          "integrity": "sha512-o/zjMZRhJxny7OyEF+Op8X+efiELC7k7yOjMzgfzVqOzXqkBkWI79YoTdOtsuWd5BWhAGAuOY/Xa6xpiaWXiNg==",
-          "requires": {
-            "debug": "^4.3.4"
-          }
-        }
-      }
-    },
-    "http-signature": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz",
-      "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=",
-      "requires": {
-        "assert-plus": "^1.0.0",
-        "jsprim": "^1.2.2",
-        "sshpk": "^1.7.0"
-      }
-    },
-    "http2-wrapper": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/http2-wrapper/-/http2-wrapper-1.0.3.tgz",
-      "integrity": "sha512-V+23sDMr12Wnz7iTcDeJr3O6AIxlnvT/bmaAAAP/Xda35C90p9599p0F1eHR/N1KILWSoWVAiOMFjBBXaXSMxg==",
-      "requires": {
-        "quick-lru": "^5.1.1",
-        "resolve-alpn": "^1.0.0"
-      }
-    },
-    "https-proxy-agent": {
-      "version": "7.0.4",
-      "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-7.0.4.tgz",
-      "integrity": "sha512-wlwpilI7YdjSkWaQ/7omYBMTliDcmCN8OLihO6I9B86g06lMyAoqgoDpV0XqoaPOKj+0DIdAvnsWfyAAhmimcg==",
-      "requires": {
-        "agent-base": "^7.0.2",
-        "debug": "4"
-      },
-      "dependencies": {
-        "agent-base": {
-          "version": "7.1.0",
-          "resolved": "https://registry.npmjs.org/agent-base/-/agent-base-7.1.0.tgz",
-          "integrity": "sha512-o/zjMZRhJxny7OyEF+Op8X+efiELC7k7yOjMzgfzVqOzXqkBkWI79YoTdOtsuWd5BWhAGAuOY/Xa6xpiaWXiNg==",
-          "requires": {
-            "debug": "^4.3.4"
-          }
-        }
-      }
-    },
-    "humanize-ms": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/humanize-ms/-/humanize-ms-1.2.1.tgz",
-      "integrity": "sha512-Fl70vYtsAFb/C06PTS9dZBo7ihau+Tu/DNCk/OyHhea07S+aeMWpFFkUaXRa8fI+ScZbEI8dfSxwY7gxZ9SAVQ==",
-      "dev": true,
-      "requires": {
-        "ms": "^2.0.0"
-      }
-    },
-    "iconv-corefoundation": {
-      "version": "1.1.7",
-      "resolved": "https://registry.npmjs.org/iconv-corefoundation/-/iconv-corefoundation-1.1.7.tgz",
-      "integrity": "sha512-T10qvkw0zz4wnm560lOEg0PovVqUXuOFhhHAkixw8/sycy7TJt7v/RrkEKEQnAw2viPSJu6iAkErxnzR0g8PpQ==",
-      "dev": true,
-      "optional": true,
-      "requires": {
-        "cli-truncate": "^2.1.0",
-        "node-addon-api": "^1.6.3"
-      }
-    },
-    "iconv-lite": {
-      "version": "0.6.3",
-      "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.3.tgz",
-      "integrity": "sha512-4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw==",
-      "requires": {
-        "safer-buffer": ">= 2.1.2 < 3.0.0"
-      }
-    },
-    "ieee754": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz",
-      "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA=="
-    },
-    "ignore-by-default": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/ignore-by-default/-/ignore-by-default-1.0.1.tgz",
-      "integrity": "sha512-Ius2VYcGNk7T90CppJqcIkS5ooHUZyIQK+ClZfMfMNFEF9VSE73Fq+906u/CWu92x4gzZMWOwfFYckPObzdEbA==",
-      "dev": true
-    },
-    "image-q": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/image-q/-/image-q-4.0.0.tgz",
-      "integrity": "sha512-PfJGVgIfKQJuq3s0tTDOKtztksibuUEbJQIYT3by6wctQo+Rdlh7ef4evJ5NCdxY4CfMbvFkocEwbl4BF8RlJw==",
-      "requires": {
-        "@types/node": "16.9.1"
-      },
-      "dependencies": {
-        "@types/node": {
-          "version": "16.9.1",
-          "resolved": "https://registry.npmjs.org/@types/node/-/node-16.9.1.tgz",
-          "integrity": "sha512-QpLcX9ZSsq3YYUUnD3nFDY8H7wctAhQj/TFKL8Ya8v5fMm3CFXxo8zStsLAl780ltoYoo1WvKUVGBQK+1ifr7g=="
-        }
-      }
-    },
-    "image-type": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/image-type/-/image-type-4.1.0.tgz",
-      "integrity": "sha512-CFJMJ8QK8lJvRlTCEgarL4ro6hfDQKif2HjSvYCdQZESaIPV4v9imrf7BQHK+sQeTeNeMpWciR9hyC/g8ybXEg==",
-      "requires": {
-        "file-type": "^10.10.0"
-      },
-      "dependencies": {
-        "file-type": {
-          "version": "10.11.0",
-          "resolved": "https://registry.npmjs.org/file-type/-/file-type-10.11.0.tgz",
-          "integrity": "sha512-uzk64HRpUZyTGZtVuvrjP0FYxzQrBf4rojot6J65YMEbwBLB0CWm0CLojVpwpmFmxcE/lkvYICgfcGozbBq6rw=="
-        }
-      }
-    },
-    "import-local": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/import-local/-/import-local-3.0.3.tgz",
-      "integrity": "sha512-bE9iaUY3CXH8Cwfan/abDKAxe1KGT9kyGsBPqf6DMK/z0a2OzAsrukeYNgIH6cH5Xr452jb1TUL8rSfCLjZ9uA==",
-      "dev": true,
-      "requires": {
-        "pkg-dir": "^4.2.0",
-        "resolve-cwd": "^3.0.0"
-      }
-    },
-    "imurmurhash": {
-      "version": "0.1.4",
-      "resolved": "https://registry.npmjs.org/imurmurhash/-/imurmurhash-0.1.4.tgz",
-      "integrity": "sha1-khi5srkoojixPcT7a21XbyMUU+o="
-    },
-    "indent-string": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz",
-      "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg=="
-    },
-    "index-array-by": {
-      "version": "1.4.1",
-      "resolved": "https://registry.npmjs.org/index-array-by/-/index-array-by-1.4.1.tgz",
-      "integrity": "sha512-Zu6THdrxQdyTuT2uA5FjUoBEsFHPzHcPIj18FszN6yXKHxSfGcR4TPLabfuT//E25q1Igyx9xta2WMvD/x9P/g=="
-    },
-    "infer-owner": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/infer-owner/-/infer-owner-1.0.4.tgz",
-      "integrity": "sha512-IClj+Xz94+d7irH5qRyfJonOdfTzuDaifE6ZPWfx0N0+/ATZCbuTPq2prFl526urkQd90WyUKIh1DfBQ2hMz9A==",
-      "dev": true
-    },
-    "inflight": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz",
-      "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=",
-      "devOptional": true,
-      "requires": {
-        "once": "^1.3.0",
-        "wrappy": "1"
-      }
-    },
-    "inherits": {
-      "version": "2.0.4",
-      "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
-      "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ=="
-    },
-    "ini": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/ini/-/ini-3.0.1.tgz",
-      "integrity": "sha512-it4HyVAUTKBc6m8e1iXWvXSTdndF7HbdN713+kvLrymxTaU4AUBWrJ4vEooP+V7fexnVD3LKcBshjGGPefSMUQ=="
-    },
-    "internmap": {
-      "version": "2.0.3",
-      "resolved": "https://registry.npmjs.org/internmap/-/internmap-2.0.3.tgz",
-      "integrity": "sha512-5Hh7Y1wQbvY5ooGgPbDaL5iYLAPzMTUrjMulskHLH6wnv/A+1q5rgEaiuqEjB+oxGXIVZs1FF+R/KPN3ZSQYYg=="
-    },
-    "interpret": {
-      "version": "3.1.1",
-      "resolved": "https://registry.npmjs.org/interpret/-/interpret-3.1.1.tgz",
-      "integrity": "sha512-6xwYfHbajpoF0xLW+iwLkhwgvLoZDfjYfoFNu8ftMoXINzwuymNLd9u/KmwtdT2GbR+/Cz66otEGEVVUHX9QLQ==",
-      "dev": true
-    },
-    "invariant": {
-      "version": "2.2.4",
-      "resolved": "https://registry.npmjs.org/invariant/-/invariant-2.2.4.tgz",
-      "integrity": "sha512-phJfQVBuaJM5raOpJjSfkiD6BpbCE4Ns//LaXl6wGYtUBY83nWS6Rf9tXm2e8VaK60JEjYldbPif/A2B1C2gNA==",
-      "requires": {
-        "loose-envify": "^1.0.0"
-      }
-    },
-    "ip": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/ip/-/ip-2.0.1.tgz",
-      "integrity": "sha512-lJUL9imLTNi1ZfXT+DU6rBBdbiKGBuay9B6xGSPVjUeQwaH1RIGqef8RZkUtHioLmSNpPR5M4HVKJGm1j8FWVQ==",
-      "dev": true
-    },
-    "ipaddr.js": {
-      "version": "1.9.1",
-      "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
-      "integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g=="
-    },
-    "is-animated": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/is-animated/-/is-animated-2.0.2.tgz",
-      "integrity": "sha512-+Hi3UdXHV/3ZgxdO9Ik45ciNhDlYrDOIdGz7Cj7ybddWnYBi4kwBuGMn79Xa2Js4VldgX5e3943Djsr/KYSPbA=="
-    },
-    "is-arrayish": {
-      "version": "0.2.1",
-      "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz",
-      "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=",
-      "dev": true
-    },
-    "is-binary-path": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz",
-      "integrity": "sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==",
-      "requires": {
-        "binary-extensions": "^2.0.0"
-      }
-    },
-    "is-ci": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-3.0.1.tgz",
-      "integrity": "sha512-ZYvCgrefwqoQ6yTyYUbQu64HsITZ3NfKX1lzaEYdkTDcfKzzCI/wthRRYKkdjHKFVgNiXKAKm65Zo1pk2as/QQ==",
-      "dev": true,
-      "requires": {
-        "ci-info": "^3.2.0"
-      }
-    },
-    "is-core-module": {
-      "version": "2.13.1",
-      "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.13.1.tgz",
-      "integrity": "sha512-hHrIjvZsftOsvKSn2TRYl63zvxsgE0K+0mYMoH6gD4omR5IWB2KynivBQczo3+wF1cCkjzvptnI9Q0sPU66ilw==",
-      "dev": true,
-      "requires": {
-        "hasown": "^2.0.0"
-      }
-    },
-    "is-docker": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/is-docker/-/is-docker-2.1.1.tgz",
-      "integrity": "sha512-ZOoqiXfEwtGknTiuDEy8pN2CfE3TxMHprvNer1mXiqwkOT77Rw3YVrUQ52EqAOU3QAWDQ+bQdx7HJzrv7LS2Hw=="
-    },
-    "is-extendable": {
-      "version": "0.1.1",
-      "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz",
-      "integrity": "sha1-YrEQ4omkcUGOPsNqYX1HLjAd/Ik="
-    },
-    "is-extglob": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz",
-      "integrity": "sha1-qIwCU1eR8C7TfHahueqXc8gz+MI="
-    },
-    "is-fullwidth-code-point": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz",
-      "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg=="
-    },
-    "is-function": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/is-function/-/is-function-1.0.2.tgz",
-      "integrity": "sha512-lw7DUp0aWXYg+CBCN+JKkcE0Q2RayZnSvnZBlwgxHBQhqt5pZNVy4Ri7H9GmmXkdu7LUthszM+Tor1u/2iBcpQ=="
-    },
-    "is-glob": {
-      "version": "4.0.3",
-      "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz",
-      "integrity": "sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==",
-      "requires": {
-        "is-extglob": "^2.1.1"
-      }
-    },
-    "is-interactive": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/is-interactive/-/is-interactive-1.0.0.tgz",
-      "integrity": "sha512-2HvIEKRoqS62guEC+qBjpvRubdX910WCMuJTZ+I9yvqKU2/12eSL549HMwtabb4oupdj2sMP50k+XJfB/8JE6w==",
-      "dev": true
-    },
-    "is-lambda": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/is-lambda/-/is-lambda-1.0.1.tgz",
-      "integrity": "sha512-z7CMFGNrENq5iFB9Bqo64Xk6Y9sg+epq1myIcdHaGnbMTYOxvzsEtdYqQUylB7LxfkvgrrjP32T6Ywciio9UIQ==",
-      "dev": true
-    },
-    "is-number": {
-      "version": "7.0.0",
-      "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz",
-      "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng=="
-    },
-    "is-plain-obj": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/is-plain-obj/-/is-plain-obj-1.1.0.tgz",
-      "integrity": "sha1-caUMhCnfync8kqOQpKA7OfzVHT4="
-    },
-    "is-plain-object": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-5.0.0.tgz",
-      "integrity": "sha512-VRSzKkbMm5jMDoKLbltAkFQ5Qr7VDiTFGXxYFXXowVj387GeGNOCsOH6Msy00SGZ3Fp84b1Naa1psqgcCIEP5Q=="
-    },
-    "is-potential-custom-element-name": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/is-potential-custom-element-name/-/is-potential-custom-element-name-1.0.1.tgz",
-      "integrity": "sha512-bCYeRA2rVibKZd+s2625gGnGF/t7DSqDs4dP7CrLA1m7jKWz6pps0LpYLJN8Q64HtmPKJ1hrN3nzPNKFEKOUiQ=="
-    },
-    "is-svg": {
-      "version": "4.3.2",
-      "resolved": "https://registry.npmjs.org/is-svg/-/is-svg-4.3.2.tgz",
-      "integrity": "sha512-mM90duy00JGMyjqIVHu9gNTjywdZV+8qNasX8cm/EEYZ53PHDgajvbBwNVvty5dwSAxLUD3p3bdo+7sR/UMrpw==",
-      "requires": {
-        "fast-xml-parser": "^3.19.0"
-      }
-    },
-    "is-typedarray": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz",
-      "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo="
-    },
-    "is-unicode-supported": {
-      "version": "0.1.0",
-      "resolved": "https://registry.npmjs.org/is-unicode-supported/-/is-unicode-supported-0.1.0.tgz",
-      "integrity": "sha512-knxG2q4UC3u8stRGyAVJCOdxFmv5DZiRcdlIaAQXAbSfJya+OhopNotLQrstBhququ4ZpuKbDc/8S6mgXgPFPw==",
-      "dev": true
-    },
-    "is-wsl": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/is-wsl/-/is-wsl-2.2.0.tgz",
-      "integrity": "sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww==",
-      "requires": {
-        "is-docker": "^2.0.0"
-      }
-    },
-    "isarray": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
-      "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE="
-    },
-    "isbinaryfile": {
-      "version": "5.0.2",
-      "resolved": "https://registry.npmjs.org/isbinaryfile/-/isbinaryfile-5.0.2.tgz",
-      "integrity": "sha512-GvcjojwonMjWbTkfMpnVHVqXW/wKMYDfEpY94/8zy8HFMOqb/VL6oeONq9v87q4ttVlaTLnGXnJD4B5B1OTGIg==",
-      "dev": true
-    },
-    "isexe": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/ie/-/isexe-2.0.0.tgz",
-      "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA="
-    },
-    "isobject": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/isobject/-/isobject-3.0.1.tgz",
-      "integrity": "sha1-TkMekrEalzFjaqH5yNHMvP2reN8=",
-      "dev": true
-    },
-    "isomorphic-fetch": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/isomorphic-fetch/-/isomorphic-fetch-3.0.0.tgz",
-      "integrity": "sha512-qvUtwJ3j6qwsF3jLxkZ72qCgjMysPzDfeV240JHiGZsANBYd+EEuu35v7dfrJ9Up0Ak07D7GGSkGhCHTqg/5wA==",
-      "requires": {
-        "node-fetch": "^2.6.1",
-        "whatwg-fetch": "^3.4.1"
-      }
-    },
-    "isstream": {
-      "version": "0.1.2",
-      "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz",
-      "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo="
-    },
-    "jackspeak": {
-      "version": "2.3.6",
-      "resolved": "https://registry.npmjs.org/jackspeak/-/jackspeak-2.3.6.tgz",
-      "integrity": "sha512-N3yCS/NegsOBokc8GAdM8UcmfsKiSS8cipheD/nivzr700H+nsMOxJjQnvwOcRYVuFkdH0wGUvW2WbXGmrZGbQ==",
-      "requires": {
-        "@isaacs/cliui": "^8.0.2",
-        "@pkgjs/parseargs": "^0.11.0"
-      }
-    },
-    "jake": {
-      "version": "10.8.5",
-      "resolved": "https://registry.npmjs.org/jake/-/jake-10.8.5.tgz",
-      "integrity": "sha512-sVpxYeuAhWt0OTWITwT98oyV0GsXyMlXCF+3L1SuafBVUIr/uILGRB+NqwkzhgXKvoJpDIpQvqkUALgdmQsQxw==",
-      "requires": {
-        "async": "^3.2.3",
-        "chalk": "^4.0.2",
-        "filelist": "^1.0.1",
-        "minimatch": "^3.0.4"
-      }
-    },
-    "jasmine": {
-      "version": "5.1.0",
-      "resolved": "https://registry.npmjs.org/jasmine/-/jasmine-5.1.0.tgz",
-      "integrity": "sha512-prmJlC1dbLhti4nE4XAPDWmfJesYO15sjGXVp7Cs7Ym5I9Xtwa/hUHxxJXjnpfLO72+ySttA0Ztf8g/RiVnUKw==",
-      "dev": true,
-      "requires": {
-        "glob": "^10.2.2",
-        "jasmine-core": "~5.1.0"
-      },
-      "dependencies": {
-        "brace-expansion": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-          "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
-          "dev": true,
-          "requires": {
-            "balanced-match": "^1.0.0"
-          }
-        },
-        "glob": {
-          "version": "10.2.7",
-          "resolved": "https://registry.npmjs.org/glob/-/glob-10.2.7.tgz",
-          "integrity": "sha512-jTKehsravOJo8IJxUGfZILnkvVJM/MOfHRs8QcXolVef2zNI9Tqyy5+SeuOAZd3upViEZQLyFpQhYiHLrMUNmA==",
-          "dev": true,
-          "requires": {
-            "foreground-child": "^3.1.0",
-            "jackspeak": "^2.0.3",
-            "minimatch": "^9.0.1",
-            "minipass": "^5.0.0 || ^6.0.2",
-            "path-scurry": "^1.7.0"
-          }
-        },
-        "minimatch": {
-          "version": "9.0.1",
-          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.1.tgz",
-          "integrity": "sha512-0jWhJpD/MdhPXwPuiRkCbfYfSKp2qnn2eOc279qI7f+osl/l+prKSrvhg157zSYvx/1nmgn2NqdT6k2Z7zSH9w==",
-          "dev": true,
-          "requires": {
-            "brace-expansion": "^2.0.1"
-          }
-        },
-        "minipass": {
-          "version": "6.0.2",
-          "resolved": "https://registry.npmjs.org/minipass/-/minipass-6.0.2.tgz",
-          "integrity": "sha512-MzWSV5nYVT7mVyWCwn2o7JH13w2TBRmmSqSRCKzTw+lmft9X4z+3wjvs06Tzijo5z4W/kahUCDpRXTF+ZrmF/w==",
-          "dev": true
-        }
-      }
-    },
-    "jasmine-core": {
-      "version": "5.1.0",
-      "resolved": "https://registry.npmjs.org/jasmine-core/-/jasmine-core-5.1.0.tgz",
-      "integrity": "sha512-bFMMwpKuTZXCuGd51yClFobw5SOtad1kmdWnYO8dNwYV8i01Xj0C2+nyQpSKl1EKxiPfyd1ZgBl/rsusL3aS6w==",
-      "dev": true
-    },
-    "jest-worker": {
-      "version": "27.5.1",
-      "resolved": "https://registry.npmjs.org/jest-worker/-/jest-worker-27.5.1.tgz",
-      "integrity": "sha512-7vuh85V5cdDofPyxn58nrPjBktZo0u9x1g8WtjQol+jZDaE+fhN+cIvTj11GndBnMnyfrUOG1sZQxCdjKh+DKg==",
-      "dev": true,
-      "requires": {
-        "@types/node": "*",
-        "merge-stream": "^2.0.0",
-        "supports-color": "^8.0.0"
-      },
-      "dependencies": {
-        "supports-color": {
-          "version": "8.1.1",
-          "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-8.1.1.tgz",
-          "integrity": "sha512-MpUEN2OodtUzxvKQl72cUF7RQ5EiHsGvSsVG0ia9c5RbWGL2CI4C7EpPS8UTBIplnlzZiNuV56w+FuNxy3ty2Q==",
-          "dev": true,
-          "requires": {
-            "has-flag": "^4.0.0"
-          }
-        }
-      }
-    },
-    "jimp": {
-      "version": "0.22.12",
-      "resolved": "https://registry.npmjs.org/jimp/-/jimp-0.22.12.tgz",
-      "integrity": "sha512-R5jZaYDnfkxKJy1dwLpj/7cvyjxiclxU3F4TrI/J4j2rS0niq6YDUMoPn5hs8GDpO+OZGo7Ky057CRtWesyhfg==",
-      "requires": {
-        "@jimp/custom": "^0.22.12",
-        "@jimp/plugins": "^0.22.12",
-        "@jimp/types": "^0.22.12",
-        "regenerator-runtime": "^0.13.3"
-      }
-    },
-    "joi": {
-      "version": "17.13.1",
-      "resolved": "https://registry.npmjs.org/joi/-/joi-17.13.1.tgz",
-      "integrity": "sha512-vaBlIKCyo4FCUtCm7Eu4QZd/q02bWcxfUO6YSXAZOWF6gzcLBeba8kwotUdYJjDLW8Cz8RywsSOqiNJZW0mNvg==",
-      "requires": {
-        "@hapi/hoek": "^9.3.0",
-        "@hapi/topo": "^5.1.0",
-        "@sideway/address": "^4.1.5",
-        "@sideway/formula": "^3.0.1",
-        "@sideway/pinpoint": "^2.0.0"
-      }
-    },
-    "joplin-turndown-plugin-gfm": {
-      "version": "1.0.12",
-      "resolved": "https://registry.npmjs.org/joplin-turndown-plugin-gfm/-/joplin-turndown-plugin-gfm-1.0.12.tgz",
-      "integrity": "sha512-qL4+1iycQjZ1fs8zk3jSRk7cg3ROBUHk7GKtiLAQLFzLPKErnILUvz5DLszSQvz3s1sTjPbywLDISVUtBY6HaA=="
-    },
-    "jose": {
-      "version": "4.15.5",
-      "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.5.tgz",
-      "integrity": "sha512-jc7BFxgKPKi94uOvEmzlSWFFe2+vASyXaKUpdQKatWAESU2MWjDfFf0fdfc83CDKcA5QecabZeNLyfhe3yKNkg=="
-    },
-    "jpeg-js": {
-      "version": "0.4.4",
-      "resolved": "https://registry.npmjs.org/jpeg-js/-/jpeg-js-0.4.4.tgz",
-      "integrity": "sha512-WZzeDOEtTOBK4Mdsar0IqEU5sMr3vSV2RqkAIzUEV2BHnUfKGyswWFPFwK5EeDo93K3FohSHbLAjj0s1Wzd+dg=="
-    },
-    "jquery": {
-      "version": "3.7.1",
-      "resolved": "https://registry.npmjs.org/jquery/-/jquery-3.7.1.tgz",
-      "integrity": "sha512-m4avr8yL8kmFN8psrbFFFmB/If14iN5o9nw/NgnnM+kybDJpRsAynV2BsfpTYrTRysYUdADVD7CkUUizgkpLfg=="
-    },
-    "jquery-hotkeys": {
-      "version": "0.2.2",
-      "resolved": "https://registry.npmjs.org/jquery-hotkeys/-/jquery-hotkeys-0.2.2.tgz",
-      "integrity": "sha512-1LWIp+1ZQUluPsWEJ4Ett0CRfgGsGRGU7wTlj1TBBq0hWl7fLYxl/DyARku0fz9x8lIYi6v5VXJwZx8cpJmdpQ=="
-    },
-    "js-tokens": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
-      "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ=="
-    },
-    "js-yaml": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz",
-      "integrity": "sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==",
-      "dev": true,
-      "requires": {
-        "argparse": "^2.0.1"
-      }
-    },
-    "js2xmlparser": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/js2xmlparser/-/js2xmlparser-4.0.2.tgz",
-      "integrity": "sha512-6n4D8gLlLf1n5mNLQPRfViYzu9RATblzPEtm1SthMX1Pjao0r9YI9nw7ZIfRxQMERS87mcswrg+r/OYrPRX6jA==",
-      "dev": true,
-      "requires": {
-        "xmlcreate": "^2.0.4"
-      }
-    },
-    "jsbn": {
-      "version": "0.1.1",
-      "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz",
-      "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM="
-    },
-    "jsdoc": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/jsdoc/-/jsdoc-4.0.2.tgz",
-      "integrity": "sha512-e8cIg2z62InH7azBBi3EsSEqrKx+nUtAS5bBcYTSpZFA+vhNPyhv8PTFZ0WsjOPDj04/dOLlm08EDcQJDqaGQg==",
-      "dev": true,
-      "requires": {
-        "@babel/parser": "^7.20.15",
-        "@jsdoc/salty": "^0.2.1",
-        "@types/markdown-it": "^12.2.3",
-        "bluebird": "^3.7.2",
-        "catharsis": "^0.9.0",
-        "escape-string-regexp": "^2.0.0",
-        "js2xmlparser": "^4.0.2",
-        "klaw": "^3.0.0",
-        "markdown-it": "^12.3.2",
-        "markdown-it-anchor": "^8.4.1",
-        "marked": "^4.0.10",
-        "mkdirp": "^1.0.4",
-        "requizzle": "^0.2.3",
-        "strip-json-comments": "^3.1.0",
-        "underscore": "~1.13.2"
-      },
-      "dependencies": {
-        "bluebird": {
-          "version": "3.7.2",
-          "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.7.2.tgz",
-          "integrity": "sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==",
-          "dev": true
-        },
-        "escape-string-regexp": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-2.0.0.tgz",
-          "integrity": "sha512-UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w==",
-          "dev": true
-        },
-        "marked": {
-          "version": "4.3.0",
-          "resolved": "https://registry.npmjs.org/marked/-/marked-4.3.0.tgz",
-          "integrity": "sha512-PRsaiG84bK+AMvxziE/lCFss8juXjNaWzVbN5tXAm4XjeaS9NAHhop+PjQxz2A9h8Q4M/xGmzP8vqNwy6JeK0A==",
-          "dev": true
-        },
-        "mkdirp": {
-          "version": "1.0.4",
-          "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz",
-          "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==",
-          "dev": true
-        },
-        "strip-json-comments": {
-          "version": "3.1.1",
-          "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-3.1.1.tgz",
-          "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig==",
-          "dev": true
-        }
-      }
-    },
-    "jsdom": {
-      "version": "24.0.0",
-      "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-24.0.0.tgz",
-      "integrity": "sha512-UDS2NayCvmXSXVP6mpTj+73JnNQadZlr9N68189xib2tx5Mls7swlTNao26IoHv46BZJFvXygyRtyXd1feAk1A==",
-      "requires": {
-        "cssstyle": "^4.0.1",
-        "data-urls": "^5.0.0",
-        "decimal.js": "^10.4.3",
-        "form-data": "^4.0.0",
-        "html-encoding-sniffer": "^4.0.0",
-        "http-proxy-agent": "^7.0.0",
-        "https-proxy-agent": "^7.0.2",
-        "is-potential-custom-element-name": "^1.0.1",
-        "nwsapi": "^2.2.7",
-        "parse5": "^7.1.2",
-        "rrweb-cssom": "^0.6.0",
-        "saxes": "^6.0.0",
-        "symbol-tree": "^3.2.4",
-        "tough-cookie": "^4.1.3",
-        "w3c-xmlserializer": "^5.0.0",
-        "webidl-conversions": "^7.0.0",
-        "whatwg-encoding": "^3.1.1",
-        "whatwg-mimetype": "^4.0.0",
-        "whatwg-url": "^14.0.0",
-        "ws": "^8.16.0",
-        "xml-name-validator": "^5.0.0"
-      },
-      "dependencies": {
-        "entities": {
-          "version": "4.4.0",
-          "resolved": "https://registry.npmjs.org/entities/-/entities-4.4.0.tgz",
-          "integrity": "sha512-oYp7156SP8LkeGD0GF85ad1X9Ai79WtRsZ2gxJqtBuzH+98YUV6jkHEKlZkMbcrjJjIVJNIDP/3WL9wQkoPbWA=="
-        },
-        "form-data": {
-          "version": "4.0.0",
-          "resolved": "https://registry.npmjs.org/form-data/-/form-data-4.0.0.tgz",
-          "integrity": "sha512-ETEklSGi5t0QMZuiXoA/Q6vcnxcLQP5vdugSpuAyi6SVGi2clPPp+xgEhuMaHC+zGgn31Kd235W35f7Hykkaww==",
-          "requires": {
-            "asynckit": "^0.4.0",
-            "combined-stream": "^1.0.8",
-            "mime-types": "^2.1.12"
-          }
-        },
-        "parse5": {
-          "version": "7.1.2",
-          "resolved": "https://registry.npmjs.org/parse5/-/parse5-7.1.2.tgz",
-          "integrity": "sha512-Czj1WaSVpaoj0wbhMzLmWD69anp2WH7FXMB9n1Sy8/ZFF9jolSQVMu1Ij5WIyGmcBmhk7EOndpO4mIpihVqAXw==",
-          "requires": {
-            "entities": "^4.4.0"
-          }
-        }
-      }
-    },
-    "json-buffer": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz",
-      "integrity": "sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ=="
-    },
-    "json-parse-even-better-errors": {
-      "version": "2.3.1",
-      "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz",
-      "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==",
-      "dev": true
-    },
-    "json-schema": {
-      "version": "0.4.0",
-      "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.4.0.tgz",
-      "integrity": "sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA=="
-    },
-    "json-schema-traverse": {
-      "version": "0.4.1",
-      "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz",
-      "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg=="
-    },
-    "json-stringify-safe": {
-      "version": "5.0.1",
-      "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz",
-      "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus="
-    },
-    "json5": {
-      "version": "2.2.3",
-      "resolved": "https://registry.npmjs.org/json5/-/json5-2.2.3.tgz",
-      "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==",
-      "dev": true
-    },
-    "jsonfile": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz",
-      "integrity": "sha1-h3Gq4HmbZAdrdmQPygWPnBDjPss=",
-      "requires": {
-        "graceful-fs": "^4.1.6"
-      }
-    },
-    "jsprim": {
-      "version": "1.4.2",
-      "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.2.tgz",
-      "integrity": "sha512-P2bSOMAc/ciLz6DzgjVlGJP9+BrJWu5UDGK70C2iweC5QBIeFf0ZXRvGjEj2uYgrY2MkAAhsSWHDWlFtEroZWw==",
-      "requires": {
-        "assert-plus": "1.0.0",
-        "extsprintf": "1.3.0",
-        "json-schema": "0.4.0",
-        "verror": "1.10.0"
-      }
-    },
-    "junk": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/junk/-/junk-3.1.0.tgz",
-      "integrity": "sha512-pBxcB3LFc8QVgdggvZWyeys+hnrNWg4OcZIU/1X59k5jQdLBlCsYGRQaz234SqoRLTCgMH00fY0xRJH+F9METQ==",
-      "dev": true
-    },
-    "kapsule": {
-      "version": "1.14.5",
-      "resolved": "https://registry.npmjs.org/kapsule/-/kapsule-1.14.5.tgz",
-      "integrity": "sha512-H0iSpTynUzZw3tgraDmReprpFRmH5oP5GPmaNsurSwLx2H5iCpOMIkp5q+sfhB4Tz/UJd1E1IbEE9Z6ksnJ6RA==",
-      "requires": {
-        "lodash-es": "4"
-      }
-    },
-    "katex": {
-      "version": "0.16.9",
-      "resolved": "https://registry.npmjs.org/katex/-/katex-0.16.9.tgz",
-      "integrity": "sha512-fsSYjWS0EEOwvy81j3vRA8TEAhQhKiqO+FQaKWp0m39qwOzHVBgAUBIXWj1pB+O2W3fIpNa6Y9KSKCVbfPhyAQ==",
-      "requires": {
-        "commander": "^8.3.0"
-      },
-      "dependencies": {
-        "commander": {
-          "version": "8.3.0",
-          "resolved": "https://registry.npmjs.org/commander/-/commander-8.3.0.tgz",
-          "integrity": "sha512-OkTL9umf+He2DZkUq8f8J9of7yL6RJKI24dVITBmNfZBmri9zYZQrKkuXiKhyfPSu8tUhnVBB1iKXevvnlR4Ww=="
-        }
-      }
-    },
-    "keyboardevent-from-electron-accelerator": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/keyboardevent-from-electron-accelerator/-/keyboardevent-from-electron-accelerator-2.0.0.tgz",
-      "integrity": "sha512-iQcmNA0M4ETMNi0kG/q0h/43wZk7rMeKYrXP7sqKIJbHkTU8Koowgzv+ieR/vWJbOwxx5nDC3UnudZ0aLSu4VA=="
-    },
-    "keyboardevents-areequal": {
-      "version": "0.2.2",
-      "resolved": "https://registry.npmjs.org/keyboardevents-areequal/-/keyboardevents-areequal-0.2.2.tgz",
-      "integrity": "sha512-Nv+Kr33T0mEjxR500q+I6IWisOQ0lK1GGOncV0kWE6n4KFmpcu7RUX5/2B0EUtX51Cb0HjZ9VJsSY3u4cBa0kw=="
-    },
-    "keyv": {
-      "version": "4.5.2",
-      "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.5.2.tgz",
-      "integrity": "sha512-5MHbFaKn8cNSmVW7BYnijeAVlE4cYA/SVkifVgrh7yotnfhKmjuXpDKjrABLnT0SfHWV21P8ow07OGfRrNDg8g==",
-      "requires": {
-        "json-buffer": "3.0.1"
-      }
-    },
-    "khroma": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/khroma/-/khroma-2.1.0.tgz",
-      "integrity": "sha512-Ls993zuzfayK269Svk9hzpeGUKob/sIgZzyHYdjQoAdQetRKpOLj+k/QQQ/6Qi0Yz65mlROrfd+Ev+1+7dz9Kw=="
-    },
-    "kind-of": {
-      "version": "6.0.3",
-      "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.3.tgz",
-      "integrity": "sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==",
-      "dev": true
-    },
-    "klaw": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/klaw/-/klaw-3.0.0.tgz",
-      "integrity": "sha512-0Fo5oir+O9jnXu5EefYbVK+mHMBeEVEy2cmctR1O1NECcCkPRreJKrS6Qt/j3KC2C148Dfo9i3pCmCMsdqGr0g==",
-      "dev": true,
-      "requires": {
-        "graceful-fs": "^4.1.9"
-      }
-    },
-    "kleur": {
-      "version": "4.1.5",
-      "resolved": "https://registry.npmjs.org/kleur/-/kleur-4.1.5.tgz",
-      "integrity": "sha512-o+NO+8WrRiQEE4/7nwRJhN1HWpVmJm511pBHUxPLtp0BUISzlBplORYSmTclCnJvQq2tKu/sgl3xVpkc7ZWuQQ=="
-    },
-    "kruptein": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmjs.org/kruptein/-/kruptein-2.2.1.tgz",
-      "integrity": "sha512-eT168L5ZN3Qu6VvFQSNuImysxriKj+u0OAOw7b8+a99xayPxUKwGfZF2hjIdgWuBt9/n7SSmLs5mGwJa76rNtA==",
-      "requires": {
-        "asn1.js-rfc2560": "^5.0.1"
-      }
-    },
-    "layout-base": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/layout-base/-/layout-base-1.0.2.tgz",
-      "integrity": "sha512-8h2oVEZNktL4BH2JCOI90iD1yXwL6iNW7KcCKT2QZgQJR2vbqDsldCTPRU9NifTCqHZci57XvQQ15YTu+sTYPg=="
-    },
-    "lazy-val": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/lazy-val/-/lazy-val-1.0.5.tgz",
-      "integrity": "sha512-0/BnGCCfyUMkBpeDgWihanIAF9JmZhHBgUhEqzvf+adhNGLoP6TaiI5oF8oyb3I45P+PcnrqihSf01M0l0G5+Q==",
-      "dev": true
-    },
-    "lazystream": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/lazystream/-/lazystream-1.0.1.tgz",
-      "integrity": "sha512-b94GiNHQNy6JNTrt5w6zNyffMrNkXZb3KTkCZJb2V1xaEGCk093vkZ2jk3tpaeP33/OiXC+WvK9AxUebnf5nbw==",
-      "requires": {
-        "readable-stream": "^2.0.5"
-      }
-    },
-    "limiter": {
-      "version": "1.1.5",
-      "resolved": "https://registry.npmjs.org/limiter/-/limiter-1.1.5.tgz",
-      "integrity": "sha512-FWWMIEOxz3GwUI4Ts/IvgVy6LPvoMPgjMdQ185nN6psJyBJ4yOpzqm695/h5umdLJg2vW3GR5iG11MAkR2AzJA=="
-    },
-    "linkify-it": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/linkify-it/-/linkify-it-3.0.3.tgz",
-      "integrity": "sha512-ynTsyrFSdE5oZ/O9GEf00kPngmOfVwazR5GKDq6EYfhlpFug3J2zybX56a2PRRpc9P+FuSoGNAwjlbDs9jJBPQ==",
-      "dev": true,
-      "requires": {
-        "uc.micro": "^1.0.1"
-      }
-    },
-    "load-bmfont": {
-      "version": "1.4.1",
-      "resolved": "https://registry.npmjs.org/load-bmfont/-/load-bmfont-1.4.1.tgz",
-      "integrity": "sha512-8UyQoYmdRDy81Brz6aLAUhfZLwr5zV0L3taTQ4hju7m6biuwiWiJXjPhBJxbUQJA8PrkvJ/7Enqmwk2sM14soA==",
-      "requires": {
-        "buffer-equal": "0.0.1",
-        "mime": "^1.3.4",
-        "parse-bmfont-ascii": "^1.0.3",
-        "parse-bmfont-binary": "^1.0.5",
-        "parse-bmfont-xml": "^1.1.4",
-        "phin": "^2.9.1",
-        "xhr": "^2.0.1",
-        "xtend": "^4.0.0"
-      }
-    },
-    "load-json-file": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/load-json-file/-/load-json-file-2.0.0.tgz",
-      "integrity": "sha1-eUfkIUmvgNaWy/eXvKq8/h/inKg=",
-      "dev": true,
-      "requires": {
-        "graceful-fs": "^4.1.2",
-        "parse-json": "^2.2.0",
-        "pify": "^2.0.0",
-        "strip-bom": "^3.0.0"
-      }
-    },
-    "loader-runner": {
-      "version": "4.2.0",
-      "resolved": "https://registry.npmjs.org/loader-runner/-/loader-runner-4.2.0.tgz",
-      "integrity": "sha512-92+huvxMvYlMzMt0iIOukcwYBFpkYJdpl2xsZ7LrlayO7E8SOv+JJUEK17B/dJIHAOLMfh2dZZ/Y18WgmGtYNw==",
-      "dev": true
-    },
-    "locate-path": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/locate-path/-/locate-path-2.0.0.tgz",
-      "integrity": "sha1-K1aLJl7slExtnA3pw9u7ygNUzY4=",
-      "dev": true,
-      "requires": {
-        "p-locate": "^2.0.0",
-        "path-exists": "^3.0.0"
-      }
-    },
-    "lodash": {
-      "version": "4.17.21",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
-      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg=="
-    },
-    "lodash-es": {
-      "version": "4.17.21",
-      "resolved": "https://registry.npmjs.org/lodash-es/-/lodash-es-4.17.21.tgz",
-      "integrity": "sha512-mKnC+QJ9pWVzv+C4/U3rRsHapFfHvQFoFB92e52xeyGMcX6/OlIl78je1u8vePzYZSkkogMPJ2yjxxsb89cxyw=="
-    },
-    "lodash.defaults": {
-      "version": "4.2.0",
-      "resolved": "https://registry.npmjs.org/lodash.defaults/-/lodash.defaults-4.2.0.tgz",
-      "integrity": "sha512-qjxPLHd3r5DnsdGacqOMU6pb/avJzdh9tFX2ymgoZE27BmjXrNy/y4LoaiTeAb+O3gL8AfpJGtqfX/ae2leYYQ==",
-      "dev": true,
-      "peer": true
-    },
-    "lodash.difference": {
-      "version": "4.5.0",
-      "resolved": "https://registry.npmjs.org/lodash.difference/-/lodash.difference-4.5.0.tgz",
-      "integrity": "sha512-dS2j+W26TQ7taQBGN8Lbbq04ssV3emRw4NY58WErlTO29pIqS0HmoT5aJ9+TUQ1N3G+JOZSji4eugsWwGp9yPA==",
-      "dev": true,
-      "peer": true
-    },
-    "lodash.flatten": {
-      "version": "4.4.0",
-      "resolved": "https://registry.npmjs.org/lodash.flatten/-/lodash.flatten-4.4.0.tgz",
-      "integrity": "sha512-C5N2Z3DgnnKr0LOpv/hKCgKdb7ZZwafIrsesve6lmzvZIRZRGaZ/l6Q8+2W7NaT+ZwO3fFlSCzCzrDCFdJfZ4g==",
-      "dev": true,
-      "peer": true
-    },
-    "lodash.get": {
-      "version": "4.4.2",
-      "resolved": "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz",
-      "integrity": "sha1-LRd/ZS+jHpObRDjVNBSZ36OCXpk=",
-      "dev": true
-    },
-    "lodash.isplainobject": {
-      "version": "4.0.6",
-      "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz",
-      "integrity": "sha512-oSXzaWypCMHkPC3NvBEaPHf0KsA5mvPrOPgQWDsbg8n7orZ290M0BmC/jgRZ4vcJ6DTAhjrsSYgdsW/F+MFOBA==",
-      "dev": true,
-      "peer": true
-    },
-    "lodash.union": {
-      "version": "4.6.0",
-      "resolved": "https://registry.npmjs.org/lodash.union/-/lodash.union-4.6.0.tgz",
-      "integrity": "sha512-c4pB2CdGrGdjMKYLA+XiRDO7Y0PRQbm/Gzg8qMj+QH+pFVAoTp5sBpO0odL3FjoPCGjK96p6qsP+yQoiLoOBcw==",
-      "dev": true,
-      "peer": true
-    },
-    "log-symbols": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-4.1.0.tgz",
-      "integrity": "sha512-8XPvpAA8uyhfteu8pIvQxpJZ7SYYdpUivZpGy6sFsBuKRY/7rQGavedeB8aK+Zkyq6upMFVL/9AW6vOYzfRyLg==",
-      "dev": true,
-      "requires": {
-        "chalk": "^4.1.0",
-        "is-unicode-supported": "^0.1.0"
-      }
-    },
-    "loose-envify": {
-      "version": "1.4.0",
-      "resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.4.0.tgz",
-      "integrity": "sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q==",
-      "requires": {
-        "js-tokens": "^3.0.0 || ^4.0.0"
-      }
-    },
-    "lorem-ipsum": {
-      "version": "2.0.8",
-      "resolved": "https://registry.npmjs.org/lorem-ipsum/-/lorem-ipsum-2.0.8.tgz",
-      "integrity": "sha512-5RIwHuCb979RASgCJH0VKERn9cQo/+NcAi2BMe9ddj+gp7hujl6BI+qdOG4nVsLDpwWEJwTVYXNKP6BGgbcoGA==",
-      "dev": true,
-      "requires": {
-        "commander": "^9.3.0"
-      },
-      "dependencies": {
-        "commander": {
-          "version": "9.3.0",
-          "resolved": "https://registry.npmjs.org/commander/-/commander-9.3.0.tgz",
-          "integrity": "sha512-hv95iU5uXPbK83mjrJKuZyFM/LBAoCV/XhVGkS5Je6tl7sxr6A0ITMw5WoRV46/UaJ46Nllm3Xt7IaJhXTIkzw==",
-          "dev": true
-        }
-      }
-    },
-    "lowercase-keys": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-2.0.0.tgz",
-      "integrity": "sha512-tqNXrS78oMOE73NMxK4EMLQsQowWf8jKooH9g7xPavRT706R6bkQJ6DY2Te7QukaZsulxa30wQ7bk0pm4XiHmA=="
-    },
-    "lru-cache": {
-      "version": "6.0.0",
-      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz",
-      "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==",
-      "requires": {
-        "yallist": "^4.0.0"
-      }
-    },
-    "lzma-native": {
-      "version": "8.0.5",
-      "resolved": "https://registry.npmjs.org/lzma-native/-/lzma-native-8.0.5.tgz",
-      "integrity": "sha512-lEkBBmePuYBycdlK8ul/sKQuZW47FMxAdjeTgDZLY4duX5Q067JJLUueyzN0wCAw6t2Y6YXCcAqHA5A1jQ9ttQ==",
-      "dev": true,
-      "requires": {
-        "node-addon-api": "^3.1.0",
-        "node-gyp-build": "^4.2.1",
-        "readable-stream": "^3.6.0"
-      },
-      "dependencies": {
-        "node-addon-api": {
-          "version": "3.2.1",
-          "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-3.2.1.tgz",
-          "integrity": "sha512-mmcei9JghVNDYydghQmeDX8KoAm0FAiYyIcUt/N4nhyAipB17pllZQDOJD2fotxABnt4Mdz+dKTO7eftLg4d0A==",
-          "dev": true
-        },
-        "readable-stream": {
-          "version": "3.6.0",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz",
-          "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==",
-          "dev": true,
-          "requires": {
-            "inherits": "^2.0.3",
-            "string_decoder": "^1.1.1",
-            "util-deprecate": "^1.0.1"
-          }
-        }
-      }
-    },
-    "make-error": {
-      "version": "1.3.6",
-      "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz",
-      "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw=="
-    },
-    "make-fetch-happen": {
-      "version": "10.2.0",
-      "resolved": "https://registry.npmjs.org/make-fetch-happen/-/make-fetch-happen-10.2.0.tgz",
-      "integrity": "sha512-OnEfCLofQVJ5zgKwGk55GaqosqKjaR6khQlJY3dBAA+hM25Bc5CmX5rKUfVut+rYA3uidA7zb7AvcglU87rPRg==",
-      "dev": true,
-      "requires": {
-        "agentkeepalive": "^4.2.1",
-        "cacache": "^16.1.0",
-        "http-cache-semantics": "^4.1.0",
-        "http-proxy-agent": "^5.0.0",
-        "https-proxy-agent": "^5.0.0",
-        "is-lambda": "^1.0.1",
-        "lru-cache": "^7.7.1",
-        "minipass": "^3.1.6",
-        "minipass-collect": "^1.0.2",
-        "minipass-fetch": "^2.0.3",
-        "minipass-flush": "^1.0.5",
-        "minipass-pipeline": "^1.2.4",
-        "negotiator": "^0.6.3",
-        "promise-retry": "^2.0.1",
-        "socks-proxy-agent": "^7.0.0",
-        "ssri": "^9.0.0"
-      },
-      "dependencies": {
-        "http-proxy-agent": {
-          "version": "5.0.0",
-          "resolved": "https://registry.npmjs.org/http-proxy-agent/-/http-proxy-agent-5.0.0.tgz",
-          "integrity": "sha512-n2hY8YdoRE1i7r6M0w9DIw5GgZN0G25P8zLCRQ8rjXtTU3vsNFBI/vWK/UIeE6g5MUUz6avwAPXmL6Fy9D/90w==",
-          "dev": true,
-          "requires": {
-            "@tootallnate/once": "2",
-            "agent-base": "6",
-            "debug": "4"
-          }
-        },
-        "https-proxy-agent": {
-          "version": "5.0.1",
-          "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz",
-          "integrity": "sha512-dFcAjpTQFgoLMzC2VwU+C/CbS7uRL0lWmxDITmqm7C+7F0Odmj6s9l6alZc6AELXhrnggM2CeWSXHGOdX2YtwA==",
-          "dev": true,
-          "requires": {
-            "agent-base": "6",
-            "debug": "4"
-          }
-        },
-        "lru-cache": {
-          "version": "7.13.1",
-          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.13.1.tgz",
-          "integrity": "sha512-CHqbAq7NFlW3RSnoWXLJBxCWaZVBrfa9UEHId2M3AW8iEBurbqduNexEUCGc3SHc6iCYXNJCDi903LajSVAEPQ==",
-          "dev": true
-        }
-      }
-    },
-    "markdown-it": {
-      "version": "12.3.2",
-      "resolved": "https://registry.npmjs.org/markdown-it/-/markdown-it-12.3.2.tgz",
-      "integrity": "sha512-TchMembfxfNVpHkbtriWltGWc+m3xszaRD0CZup7GFFhzIgQqxIfn3eGj1yZpfuflzPvfkt611B2Q/Bsk1YnGg==",
-      "dev": true,
-      "requires": {
-        "argparse": "^2.0.1",
-        "entities": "~2.1.0",
-        "linkify-it": "^3.0.1",
-        "mdurl": "^1.0.1",
-        "uc.micro": "^1.0.5"
-      },
-      "dependencies": {
-        "entities": {
-          "version": "2.1.0",
-          "resolved": "https://registry.npmjs.org/entities/-/entities-2.1.0.tgz",
-          "integrity": "sha512-hCx1oky9PFrJ611mf0ifBLBRW8lUUVRlFolb5gWRfIELabBlbp9xZvrqZLZAs+NxFnbfQoeGd8wDkygjg7U85w==",
-          "dev": true
-        }
-      }
-    },
-    "markdown-it-anchor": {
-      "version": "8.4.1",
-      "resolved": "https://registry.npmjs.org/markdown-it-anchor/-/markdown-it-anchor-8.4.1.tgz",
-      "integrity": "sha512-sLODeRetZ/61KkKLJElaU3NuU2z7MhXf12Ml1WJMSdwpngeofneCRF+JBbat8HiSqhniOMuTemXMrsI7hA6XyA==",
-      "dev": true,
-      "requires": {}
-    },
-    "marked": {
-      "version": "12.0.0",
-      "resolved": "https://registry.npmjs.org/marked/-/marked-12.0.0.tgz",
-      "integrity": "sha512-Vkwtq9rLqXryZnWaQc86+FHLC6tr/fycMfYAhiOIXkrNmeGAyhSxjqu0Rs1i0bBqw5u0S7+lV9fdH2ZSVaoa0w=="
-    },
-    "matcher": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/matcher/-/matcher-3.0.0.tgz",
-      "integrity": "sha512-OkeDaAZ/bQCxeFAozM55PKcKU0yJMPGifLwV4Qgjitu+5MoAfSQN4lsLJeXZ1b8w0x+/Emda6MZgXS1jvsapng==",
-      "optional": true,
-      "requires": {
-        "escape-string-regexp": "^4.0.0"
-      },
-      "dependencies": {
-        "escape-string-regexp": {
-          "version": "4.0.0",
-          "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz",
-          "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==",
-          "optional": true
-        }
-      }
-    },
-    "mdast-util-from-markdown": {
-      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/mdast-util-from-markdown/-/mdast-util-from-markdown-1.3.1.tgz",
-      "integrity": "sha512-4xTO/M8c82qBcnQc1tgpNtubGUW/Y1tBQ1B0i5CtSoelOLKFYlElIr3bvgREYYO5iRqbMY1YuqZng0GVOI8Qww==",
-      "requires": {
-        "@types/mdast": "^3.0.0",
-        "@types/unist": "^2.0.0",
-        "decode-named-character-reference": "^1.0.0",
-        "mdast-util-to-string": "^3.1.0",
-        "micromark": "^3.0.0",
-        "micromark-util-decode-numeric-character-reference": "^1.0.0",
-        "micromark-util-decode-string": "^1.0.0",
-        "micromark-util-normalize-identifier": "^1.0.0",
-        "micromark-util-symbol": "^1.0.0",
-        "micromark-util-types": "^1.0.0",
-        "unist-util-stringify-position": "^3.0.0",
-        "uvu": "^0.5.0"
-      }
-    },
-    "mdast-util-to-string": {
-      "version": "3.2.0",
-      "resolved": "https://registry.npmjs.org/mdast-util-to-string/-/mdast-util-to-string-3.2.0.tgz",
-      "integrity": "sha512-V4Zn/ncyN1QNSqSBxTrMOLpjr+IKdHl2v3KVLoWmDPscP4r9GcCi71gjgvUV1SFSKh92AjAG4peFuBl2/YgCJg==",
-      "requires": {
-        "@types/mdast": "^3.0.0"
-      }
-    },
-    "mdurl": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/mdurl/-/mdurl-1.0.1.tgz",
-      "integrity": "sha1-/oWy7HWlkDfyrf7BAP1sYBdhFS4=",
-      "dev": true
-    },
-    "media-typer": {
-      "version": "0.3.0",
-      "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz",
-      "integrity": "sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g="
-    },
-    "merge-descriptors": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/merge-descriptors/-/merge-descriptors-1.0.1.tgz",
-      "integrity": "sha1-sAqqVW3YtEVoFQ7J0blT8/kMu2E="
-    },
-    "merge-stream": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/merge-stream/-/merge-stream-2.0.0.tgz",
-      "integrity": "sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==",
-      "dev": true
-    },
-    "mermaid": {
-      "version": "10.9.0",
-      "resolved": "https://registry.npmjs.org/mermaid/-/mermaid-10.9.0.tgz",
-      "integrity": "sha512-swZju0hFox/B/qoLKK0rOxxgh8Cf7rJSfAUc1u8fezVihYMvrJAS45GzAxTVf4Q+xn9uMgitBcmWk7nWGXOs/g==",
-      "requires": {
-        "@braintree/sanitize-url": "^6.0.1",
-        "@types/d3-scale": "^4.0.3",
-        "@types/d3-scale-chromatic": "^3.0.0",
-        "cytoscape": "^3.28.1",
-        "cytoscape-cose-bilkent": "^4.1.0",
-        "d3": "^7.4.0",
-        "d3-sankey": "^0.12.3",
-        "dagre-d3-es": "7.0.10",
-        "dayjs": "^1.11.7",
-        "dompurify": "^3.0.5",
-        "elkjs": "^0.9.0",
-        "katex": "^0.16.9",
-        "khroma": "^2.0.0",
-        "lodash-es": "^4.17.21",
-        "mdast-util-from-markdown": "^1.3.0",
-        "non-layered-tidy-tree-layout": "^2.0.2",
-        "stylis": "^4.1.3",
-        "ts-dedent": "^2.2.0",
-        "uuid": "^9.0.0",
-        "web-worker": "^1.2.0"
-      },
-      "dependencies": {
-        "uuid": {
-          "version": "9.0.1",
-          "resolved": "https://registry.npmjs.org/uuid/-/uuid-9.0.1.tgz",
-          "integrity": "sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA=="
-        }
-      }
-    },
-    "methods": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz",
-      "integrity": "sha1-VSmk1nZUE07cxSZmVoNbD4Ua/O4="
-    },
-    "micromark": {
-      "version": "3.2.0",
-      "resolved": "https://registry.npmjs.org/micromark/-/micromark-3.2.0.tgz",
-      "integrity": "sha512-uD66tJj54JLYq0De10AhWycZWGQNUvDI55xPgk2sQM5kn1JYlhbCMTtEeT27+vAhW2FBQxLlOmS3pmA7/2z4aA==",
-      "requires": {
-        "@types/debug": "^4.0.0",
-        "debug": "^4.0.0",
-        "decode-named-character-reference": "^1.0.0",
-        "micromark-core-commonmark": "^1.0.1",
-        "micromark-factory-space": "^1.0.0",
-        "micromark-util-character": "^1.0.0",
-        "micromark-util-chunked": "^1.0.0",
-        "micromark-util-combine-extensions": "^1.0.0",
-        "micromark-util-decode-numeric-character-reference": "^1.0.0",
-        "micromark-util-encode": "^1.0.0",
-        "micromark-util-normalize-identifier": "^1.0.0",
-        "micromark-util-resolve-all": "^1.0.0",
-        "micromark-util-sanitize-uri": "^1.0.0",
-        "micromark-util-subtokenize": "^1.0.0",
-        "micromark-util-symbol": "^1.0.0",
-        "micromark-util-types": "^1.0.1",
-        "uvu": "^0.5.0"
-      }
-    },
-    "micromark-core-commonmark": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-core-commonmark/-/micromark-core-commonmark-1.1.0.tgz",
-      "integrity": "sha512-BgHO1aRbolh2hcrzL2d1La37V0Aoz73ymF8rAcKnohLy93titmv62E0gP8Hrx9PKcKrqCZ1BbLGbP3bEhoXYlw==",
-      "requires": {
-        "decode-named-character-reference": "^1.0.0",
-        "micromark-factory-destination": "^1.0.0",
-        "micromark-factory-label": "^1.0.0",
-        "micromark-factory-space": "^1.0.0",
-        "micromark-factory-title": "^1.0.0",
-        "micromark-factory-whitespace": "^1.0.0",
-        "micromark-util-character": "^1.0.0",
-        "micromark-util-chunked": "^1.0.0",
-        "micromark-util-classify-character": "^1.0.0",
-        "micromark-util-html-tag-name": "^1.0.0",
-        "micromark-util-normalize-identifier": "^1.0.0",
-        "micromark-util-resolve-all": "^1.0.0",
-        "micromark-util-subtokenize": "^1.0.0",
-        "micromark-util-symbol": "^1.0.0",
-        "micromark-util-types": "^1.0.1",
-        "uvu": "^0.5.0"
-      }
-    },
-    "micromark-factory-destination": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-factory-destination/-/micromark-factory-destination-1.1.0.tgz",
-      "integrity": "sha512-XaNDROBgx9SgSChd69pjiGKbV+nfHGDPVYFs5dOoDd7ZnMAE+Cuu91BCpsY8RT2NP9vo/B8pds2VQNCLiu0zhg==",
-      "requires": {
-        "micromark-util-character": "^1.0.0",
-        "micromark-util-symbol": "^1.0.0",
-        "micromark-util-types": "^1.0.0"
-      }
-    },
-    "micromark-factory-label": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-factory-label/-/micromark-factory-label-1.1.0.tgz",
-      "integrity": "sha512-OLtyez4vZo/1NjxGhcpDSbHQ+m0IIGnT8BoPamh+7jVlzLJBH98zzuCoUeMxvM6WsNeh8wx8cKvqLiPHEACn0w==",
-      "requires": {
-        "micromark-util-character": "^1.0.0",
-        "micromark-util-symbol": "^1.0.0",
-        "micromark-util-types": "^1.0.0",
-        "uvu": "^0.5.0"
-      }
-    },
-    "micromark-factory-space": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-factory-space/-/micromark-factory-space-1.1.0.tgz",
-      "integrity": "sha512-cRzEj7c0OL4Mw2v6nwzttyOZe8XY/Z8G0rzmWQZTBi/jjwyw/U4uqKtUORXQrR5bAZZnbTI/feRV/R7hc4jQYQ==",
-      "requires": {
-        "micromark-util-character": "^1.0.0",
-        "micromark-util-types": "^1.0.0"
-      }
-    },
-    "micromark-factory-title": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-factory-title/-/micromark-factory-title-1.1.0.tgz",
-      "integrity": "sha512-J7n9R3vMmgjDOCY8NPw55jiyaQnH5kBdV2/UXCtZIpnHH3P6nHUKaH7XXEYuWwx/xUJcawa8plLBEjMPU24HzQ==",
-      "requires": {
-        "micromark-factory-space": "^1.0.0",
-        "micromark-util-character": "^1.0.0",
-        "micromark-util-symbol": "^1.0.0",
-        "micromark-util-types": "^1.0.0"
-      }
-    },
-    "micromark-factory-whitespace": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-factory-whitespace/-/micromark-factory-whitespace-1.1.0.tgz",
-      "integrity": "sha512-v2WlmiymVSp5oMg+1Q0N1Lxmt6pMhIHD457whWM7/GUlEks1hI9xj5w3zbc4uuMKXGisksZk8DzP2UyGbGqNsQ==",
-      "requires": {
-        "micromark-factory-space": "^1.0.0",
-        "micromark-util-character": "^1.0.0",
-        "micromark-util-symbol": "^1.0.0",
-        "micromark-util-types": "^1.0.0"
-      }
-    },
-    "micromark-util-character": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-character/-/micromark-util-character-1.2.0.tgz",
-      "integrity": "sha512-lXraTwcX3yH/vMDaFWCQJP1uIszLVebzUa3ZHdrgxr7KEU/9mL4mVgCpGbyhvNLNlauROiNUq7WN5u7ndbY6xg==",
-      "requires": {
-        "micromark-util-symbol": "^1.0.0",
-        "micromark-util-types": "^1.0.0"
-      }
-    },
-    "micromark-util-chunked": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-chunked/-/micromark-util-chunked-1.1.0.tgz",
-      "integrity": "sha512-Ye01HXpkZPNcV6FiyoW2fGZDUw4Yc7vT0E9Sad83+bEDiCJ1uXu0S3mr8WLpsz3HaG3x2q0HM6CTuPdcZcluFQ==",
-      "requires": {
-        "micromark-util-symbol": "^1.0.0"
-      }
-    },
-    "micromark-util-classify-character": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-classify-character/-/micromark-util-classify-character-1.1.0.tgz",
-      "integrity": "sha512-SL0wLxtKSnklKSUplok1WQFoGhUdWYKggKUiqhX+Swala+BtptGCu5iPRc+xvzJ4PXE/hwM3FNXsfEVgoZsWbw==",
-      "requires": {
-        "micromark-util-character": "^1.0.0",
-        "micromark-util-symbol": "^1.0.0",
-        "micromark-util-types": "^1.0.0"
-      }
-    },
-    "micromark-util-combine-extensions": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-combine-extensions/-/micromark-util-combine-extensions-1.1.0.tgz",
-      "integrity": "sha512-Q20sp4mfNf9yEqDL50WwuWZHUrCO4fEyeDCnMGmG5Pr0Cz15Uo7KBs6jq+dq0EgX4DPwwrh9m0X+zPV1ypFvUA==",
-      "requires": {
-        "micromark-util-chunked": "^1.0.0",
-        "micromark-util-types": "^1.0.0"
-      }
-    },
-    "micromark-util-decode-numeric-character-reference": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-decode-numeric-character-reference/-/micromark-util-decode-numeric-character-reference-1.1.0.tgz",
-      "integrity": "sha512-m9V0ExGv0jB1OT21mrWcuf4QhP46pH1KkfWy9ZEezqHKAxkj4mPCy3nIH1rkbdMlChLHX531eOrymlwyZIf2iw==",
-      "requires": {
-        "micromark-util-symbol": "^1.0.0"
-      }
-    },
-    "micromark-util-decode-string": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-decode-string/-/micromark-util-decode-string-1.1.0.tgz",
-      "integrity": "sha512-YphLGCK8gM1tG1bd54azwyrQRjCFcmgj2S2GoJDNnh4vYtnL38JS8M4gpxzOPNyHdNEpheyWXCTnnTDY3N+NVQ==",
-      "requires": {
-        "decode-named-character-reference": "^1.0.0",
-        "micromark-util-character": "^1.0.0",
-        "micromark-util-decode-numeric-character-reference": "^1.0.0",
-        "micromark-util-symbol": "^1.0.0"
-      }
-    },
-    "micromark-util-encode": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-encode/-/micromark-util-encode-1.1.0.tgz",
-      "integrity": "sha512-EuEzTWSTAj9PA5GOAs992GzNh2dGQO52UvAbtSOMvXTxv3Criqb6IOzJUBCmEqrrXSblJIJBbFFv6zPxpreiJw=="
-    },
-    "micromark-util-html-tag-name": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-html-tag-name/-/micromark-util-html-tag-name-1.2.0.tgz",
-      "integrity": "sha512-VTQzcuQgFUD7yYztuQFKXT49KghjtETQ+Wv/zUjGSGBioZnkA4P1XXZPT1FHeJA6RwRXSF47yvJ1tsJdoxwO+Q=="
-    },
-    "micromark-util-normalize-identifier": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-normalize-identifier/-/micromark-util-normalize-identifier-1.1.0.tgz",
-      "integrity": "sha512-N+w5vhqrBihhjdpM8+5Xsxy71QWqGn7HYNUvch71iV2PM7+E3uWGox1Qp90loa1ephtCxG2ftRV/Conitc6P2Q==",
-      "requires": {
-        "micromark-util-symbol": "^1.0.0"
-      }
-    },
-    "micromark-util-resolve-all": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-resolve-all/-/micromark-util-resolve-all-1.1.0.tgz",
-      "integrity": "sha512-b/G6BTMSg+bX+xVCshPTPyAu2tmA0E4X98NSR7eIbeC6ycCqCeE7wjfDIgzEbkzdEVJXRtOG4FbEm/uGbCRouA==",
-      "requires": {
-        "micromark-util-types": "^1.0.0"
-      }
-    },
-    "micromark-util-sanitize-uri": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-sanitize-uri/-/micromark-util-sanitize-uri-1.2.0.tgz",
-      "integrity": "sha512-QO4GXv0XZfWey4pYFndLUKEAktKkG5kZTdUNaTAkzbuJxn2tNBOr+QtxR2XpWaMhbImT2dPzyLrPXLlPhph34A==",
-      "requires": {
-        "micromark-util-character": "^1.0.0",
-        "micromark-util-encode": "^1.0.0",
-        "micromark-util-symbol": "^1.0.0"
-      }
-    },
-    "micromark-util-subtokenize": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-subtokenize/-/micromark-util-subtokenize-1.1.0.tgz",
-      "integrity": "sha512-kUQHyzRoxvZO2PuLzMt2P/dwVsTiivCK8icYTeR+3WgbuPqfHgPPy7nFKbeqRivBvn/3N3GBiNC+JRTMSxEC7A==",
-      "requires": {
-        "micromark-util-chunked": "^1.0.0",
-        "micromark-util-symbol": "^1.0.0",
-        "micromark-util-types": "^1.0.0",
-        "uvu": "^0.5.0"
-      }
-    },
-    "micromark-util-symbol": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-symbol/-/micromark-util-symbol-1.1.0.tgz",
-      "integrity": "sha512-uEjpEYY6KMs1g7QfJ2eX1SQEV+ZT4rUD3UcF6l57acZvLNK7PBZL+ty82Z1qhK1/yXIY4bdx04FKMgR0g4IAag=="
-    },
-    "micromark-util-types": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/micromark-util-types/-/micromark-util-types-1.1.0.tgz",
-      "integrity": "sha512-ukRBgie8TIAcacscVHSiddHjO4k/q3pnedmzMQ4iwDcK0FtFCohKOlFbaOL/mPgfnPsL3C1ZyxJa4sbWrBl3jg=="
-    },
-    "mime": {
-      "version": "1.6.0",
-      "resolved": "https://registry.npmjs.org/mime/-/mime-1.6.0.tgz",
-      "integrity": "sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg=="
-    },
-    "mime-db": {
-      "version": "1.52.0",
-      "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.52.0.tgz",
-      "integrity": "sha512-sPU4uV7dYlvtWJxwwxHD0PuihVNiE7TyAbQ5SWxDCB9mUYvOgroQOwYQQOKPJ8CIbE+1ETVlOoK1UC2nU3gYvg=="
-    },
-    "mime-types": {
-      "version": "2.1.35",
-      "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.35.tgz",
-      "integrity": "sha512-ZDY+bPm5zTTF+YpCrAU9nK0UgICYPT0QtT1NZWFv4s++TNkcgVaT0g6+4R2uI4MjQjzysHB1zxuWL50hzaeXiw==",
-      "requires": {
-        "mime-db": "1.52.0"
-      }
-    },
-    "mimic-fn": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz",
-      "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==",
-      "dev": true
-    },
-    "mimic-response": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-1.0.1.tgz",
-      "integrity": "sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ=="
-    },
-    "min-document": {
-      "version": "2.19.0",
-      "resolved": "https://registry.npmjs.org/min-document/-/min-document-2.19.0.tgz",
-      "integrity": "sha512-9Wy1B3m3f66bPPmU5hdA4DR4PB2OfDU/+GS3yAB7IQozE3tqXaVv2zOjgla7MEGSRv95+ILmOuvhLkOK6wJtCQ==",
-      "requires": {
-        "dom-walk": "^0.1.0"
-      }
-    },
-    "minimalistic-assert": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz",
-      "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A=="
-    },
-    "minimatch": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
-      "integrity": "sha512-J7p63hRiAjw1NDEww1W7i37+ByIrOWO5XQQAzZ3VOcL0PNybwpfmV/N05zFAzwQ9USyEcX6t3UO+K5aqBQOIHw==",
-      "requires": {
-        "brace-expansion": "^1.1.7"
-      }
-    },
-    "minimist": {
-      "version": "1.2.7",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.7.tgz",
-      "integrity": "sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g=="
-    },
-    "minipass": {
-      "version": "3.3.4",
-      "resolved": "https://registry.npmjs.org/minipass/-/minipass-3.3.4.tgz",
-      "integrity": "sha512-I9WPbWHCGu8W+6k1ZiGpPu0GkoKBeorkfKNuAFBNS1HNFJvke82sxvI5bzcCNpWPorkOO5QQ+zomzzwRxejXiw==",
-      "dev": true,
-      "requires": {
-        "yallist": "^4.0.0"
-      }
-    },
-    "minipass-collect": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/minipass-collect/-/minipass-collect-1.0.2.tgz",
-      "integrity": "sha512-6T6lH0H8OG9kITm/Jm6tdooIbogG9e0tLgpY6mphXSm/A9u8Nq1ryBG+Qspiub9LjWlBPsPS3tWQ/Botq4FdxA==",
-      "dev": true,
-      "requires": {
-        "minipass": "^3.0.0"
-      }
-    },
-    "minipass-fetch": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/minipass-fetch/-/minipass-fetch-2.1.0.tgz",
-      "integrity": "sha512-H9U4UVBGXEyyWJnqYDCLp1PwD8XIkJ4akNHp1aGVI+2Ym7wQMlxDKi4IB4JbmyU+pl9pEs/cVrK6cOuvmbK4Sg==",
-      "dev": true,
-      "requires": {
-        "encoding": "^0.1.13",
-        "minipass": "^3.1.6",
-        "minipass-sized": "^1.0.3",
-        "minizlib": "^2.1.2"
-      }
-    },
-    "minipass-flush": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/minipass-flush/-/minipass-flush-1.0.5.tgz",
-      "integrity": "sha512-JmQSYYpPUqX5Jyn1mXaRwOda1uQ8HP5KAT/oDSLCzt1BYRhQU0/hDtsB1ufZfEEzMZ9aAVmsBw8+FWsIXlClWw==",
-      "dev": true,
-      "requires": {
-        "minipass": "^3.0.0"
-      }
-    },
-    "minipass-pipeline": {
-      "version": "1.2.4",
-      "resolved": "https://registry.npmjs.org/minipass-pipeline/-/minipass-pipeline-1.2.4.tgz",
-      "integrity": "sha512-xuIq7cIOt09RPRJ19gdi4b+RiNvDFYe5JH+ggNvBqGqpQXcru3PcRmOZuHBKWK1Txf9+cQ+HMVN4d6z46LZP7A==",
-      "dev": true,
-      "requires": {
-        "minipass": "^3.0.0"
-      }
-    },
-    "minipass-sized": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/minipass-sized/-/minipass-sized-1.0.3.tgz",
-      "integrity": "sha512-MbkQQ2CTiBMlA2Dm/5cY+9SWFEN8pzzOXi6rlM5Xxq0Yqbda5ZQy9sU75a673FE9ZK0Zsbr6Y5iP6u9nktfg2g==",
-      "dev": true,
-      "requires": {
-        "minipass": "^3.0.0"
-      }
-    },
-    "minizlib": {
-      "version": "2.1.2",
-      "resolved": "https://registry.npmjs.org/minizlib/-/minizlib-2.1.2.tgz",
-      "integrity": "sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==",
-      "dev": true,
-      "requires": {
-        "minipass": "^3.0.0",
-        "yallist": "^4.0.0"
-      }
-    },
-    "mkdirp": {
-      "version": "0.5.5",
-      "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.5.tgz",
-      "integrity": "sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==",
-      "requires": {
-        "minimist": "^1.2.5"
-      }
-    },
-    "mkdirp-classic": {
-      "version": "0.5.3",
-      "resolved": "https://registry.npmjs.org/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz",
-      "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A=="
-    },
-    "modify-filename": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/modify-filename/-/modify-filename-1.1.0.tgz",
-      "integrity": "sha1-mi3sg4Bvuy2XXyK+7IWcoms5OqE="
-    },
-    "mri": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/mri/-/mri-1.2.0.tgz",
-      "integrity": "sha512-tzzskb3bG8LvYGFF/mDTpq3jpI6Q9wc3LEmBaghu+DdCssd1FakN7Bc0hVNmEyGq1bq3RgfkCb3cmQLpNPOroA=="
-    },
-    "ms": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
-      "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g="
-    },
-    "multer": {
-      "version": "1.4.5-lts.1",
-      "resolved": "https://registry.npmjs.org/multer/-/multer-1.4.5-lts.1.tgz",
-      "integrity": "sha512-ywPWvcDMeH+z9gQq5qYHCCy+ethsk4goepZ45GLD63fOu0YcNecQxi64nDs3qluZB+murG3/D4dJ7+dGctcCQQ==",
-      "requires": {
-        "append-field": "^1.0.0",
-        "busboy": "^1.0.0",
-        "concat-stream": "^1.5.2",
-        "mkdirp": "^0.5.4",
-        "object-assign": "^4.1.1",
-        "type-is": "^1.6.4",
-        "xtend": "^4.0.0"
-      }
-    },
-    "nanoid": {
-      "version": "3.3.7",
-      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz",
-      "integrity": "sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g=="
-    },
-    "napi-build-utils": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/napi-build-utils/-/napi-build-utils-1.0.2.tgz",
-      "integrity": "sha512-ONmRUqK7zj7DWX0D9ADe03wbwOBZxNAfF20PlGfCWQcD3+/MakShIHrMqx9YwPTfxDdF1zLeL+RGZiR9kGMLdg=="
-    },
-    "negotiator": {
-      "version": "0.6.3",
-      "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.3.tgz",
-      "integrity": "sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg=="
-    },
-    "neo-async": {
-      "version": "2.6.2",
-      "resolved": "https://registry.npmjs.org/neo-async/-/neo-async-2.6.2.tgz",
-      "integrity": "sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==",
-      "dev": true
-    },
-    "ngraph.events": {
-      "version": "1.2.2",
-      "resolved": "https://registry.npmjs.org/ngraph.events/-/ngraph.events-1.2.2.tgz",
-      "integrity": "sha512-JsUbEOzANskax+WSYiAPETemLWYXmixuPAlmZmhIbIj6FH/WDgEGCGnRwUQBK0GjOnVm8Ui+e5IJ+5VZ4e32eQ=="
-    },
-    "node-abi": {
-      "version": "3.56.0",
-      "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-3.56.0.tgz",
-      "integrity": "sha512-fZjdhDOeRcaS+rcpve7XuwHBmktS1nS1gzgghwKUQQ8nTy2FdSDr6ZT8k6YhvlJeHmmQMYiT/IH9hfco5zeW2Q==",
-      "requires": {
-        "semver": "^7.3.5"
-      }
-    },
-    "node-addon-api": {
-      "version": "1.7.2",
-      "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-1.7.2.tgz",
-      "integrity": "sha512-ibPK3iA+vaY1eEjESkQkM0BbCqFOaZMiXRTtdB0u7b4djtY6JnsjvPdUHVMg6xQt3B8fpTTWHI9A+ADjM9frzg==",
-      "dev": true,
-      "optional": true
-    },
-    "node-api-version": {
-      "version": "0.1.4",
-      "resolved": "https://registry.npmjs.org/node-api-version/-/node-api-version-0.1.4.tgz",
-      "integrity": "sha512-KGXihXdUChwJAOHO53bv9/vXcLmdUsZ6jIptbvYvkpKfth+r7jw44JkVxQFA3kX5nQjzjmGu1uAu/xNNLNlI5g==",
-      "dev": true,
-      "requires": {
-        "semver": "^7.3.5"
-      }
-    },
-    "node-fetch": {
-      "version": "2.7.0",
-      "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.7.0.tgz",
-      "integrity": "sha512-c4FRfUm/dbcWZ7U+1Wq0AwCyFL+3nt2bEw05wfxSz+DWpWsitgmSgYmy2dQdWyKC1694ELPqMs/YzUSNozLt8A==",
-      "requires": {
-        "whatwg-url": "^5.0.0"
-      },
-      "dependencies": {
-        "tr46": {
-          "version": "0.0.3",
-          "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz",
-          "integrity": "sha512-N3WMsuqV66lT30CrXNbEjx4GEwlow3v6rr4mCcv6prnfwhS01rkgyFdjPNBYd9br7LpXV1+Emh01fHnq2Gdgrw=="
-        },
-        "webidl-conversions": {
-          "version": "3.0.1",
-          "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
-          "integrity": "sha512-2JAn3z8AR6rjK8Sm8orRC0h/bcl/DqL7tRPdGZ4I1CjdF+EaMLmYxBHyXuKL849eucPFhvBoxMsflfOb8kxaeQ=="
-        },
-        "whatwg-url": {
-          "version": "5.0.0",
-          "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-5.0.0.tgz",
-          "integrity": "sha512-saE57nupxk6v3HY35+jzBwYa0rKSy0XR8JSxZPwgLr7ys0IBzhGviA1/TUGJLmSVqs8pb9AnvICXEuOHLprYTw==",
-          "requires": {
-            "tr46": "~0.0.3",
-            "webidl-conversions": "^3.0.0"
-          }
-        }
-      }
-    },
-    "node-gyp": {
-      "version": "9.1.0",
-      "resolved": "https://registry.npmjs.org/node-gyp/-/node-gyp-9.1.0.tgz",
-      "integrity": "sha512-HkmN0ZpQJU7FLbJauJTHkHlSVAXlNGDAzH/VYFZGDOnFyn/Na3GlNJfkudmufOdS6/jNFhy88ObzL7ERz9es1g==",
-      "dev": true,
-      "requires": {
-        "env-paths": "^2.2.0",
-        "glob": "^7.1.4",
-        "graceful-fs": "^4.2.6",
-        "make-fetch-happen": "^10.0.3",
-        "nopt": "^5.0.0",
-        "npmlog": "^6.0.0",
-        "rimraf": "^3.0.2",
-        "semver": "^7.3.5",
-        "tar": "^6.1.2",
-        "which": "^2.0.2"
-      },
-      "dependencies": {
-        "are-we-there-yet": {
-          "version": "3.0.0",
-          "resolved": "https://registry.npmjs.org/are-we-there-yet/-/are-we-there-yet-3.0.0.tgz",
-          "integrity": "sha512-0GWpv50YSOcLXaN6/FAKY3vfRbllXWV2xvfA/oKJF8pzFhWXPV+yjhJXDBbjscDYowv7Yw1A3uigpzn5iEGTyw==",
-          "dev": true,
-          "requires": {
-            "delegates": "^1.0.0",
-            "readable-stream": "^3.6.0"
-          }
-        },
-        "gauge": {
-          "version": "4.0.4",
-          "resolved": "https://registry.npmjs.org/gauge/-/gauge-4.0.4.tgz",
-          "integrity": "sha512-f9m+BEN5jkg6a0fZjleidjN51VE1X+mPFQ2DJ0uv1V39oCLCbsGe6yjbBnp7eK7z/+GAon99a3nHuqbuuthyPg==",
-          "dev": true,
-          "requires": {
-            "aproba": "^1.0.3 || ^2.0.0",
-            "color-support": "^1.1.3",
-            "console-control-strings": "^1.1.0",
-            "has-unicode": "^2.0.1",
-            "signal-exit": "^3.0.7",
-            "string-width": "^4.2.3",
-            "strip-ansi": "^6.0.1",
-            "wide-align": "^1.1.5"
-          }
-        },
-        "npmlog": {
-          "version": "6.0.2",
-          "resolved": "https://registry.npmjs.org/npmlog/-/npmlog-6.0.2.tgz",
-          "integrity": "sha512-/vBvz5Jfr9dT/aFWd0FIRf+T/Q2WBsLENygUaFUqstqsycmZAP/t5BvFJTK0viFmSUxiUKTUplWy5vt+rvKIxg==",
-          "dev": true,
-          "requires": {
-            "are-we-there-yet": "^3.0.0",
-            "console-control-strings": "^1.1.0",
-            "gauge": "^4.0.3",
-            "set-blocking": "^2.0.0"
-          }
-        },
-        "readable-stream": {
-          "version": "3.6.0",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz",
-          "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==",
-          "dev": true,
-          "requires": {
-            "inherits": "^2.0.3",
-            "string_decoder": "^1.1.1",
-            "util-deprecate": "^1.0.1"
-          }
-        },
-        "rimraf": {
-          "version": "3.0.2",
-          "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz",
-          "integrity": "sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==",
-          "dev": true,
-          "requires": {
-            "glob": "^7.1.3"
-          }
-        }
-      }
-    },
-    "node-gyp-build": {
-      "version": "4.3.0",
-      "resolved": "https://registry.npmjs.org/node-gyp-build/-/node-gyp-build-4.3.0.tgz",
-      "integrity": "sha512-iWjXZvmboq0ja1pUGULQBexmxq8CV4xBhX7VDOTbL7ZR4FOowwY/VOtRxBN/yKxmdGoIp4j5ysNT4u3S2pDQ3Q==",
-      "dev": true
-    },
-    "node-releases": {
-      "version": "2.0.14",
-      "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.14.tgz",
-      "integrity": "sha512-y10wOWt8yZpqXmOgRo77WaHEmhYQYGNA6y421PKsKYWEK8aW+cqAphborZDhqfyKrbZEN92CN1X2KbafY2s7Yw==",
-      "dev": true
-    },
-    "nodemon": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/nodemon/-/nodemon-3.1.0.tgz",
-      "integrity": "sha512-xqlktYlDMCepBJd43ZQhjWwMw2obW/JRvkrLxq5RCNcuDDX1DbcPT+qT1IlIIdf+DhnWs90JpTMe+Y5KxOchvA==",
-      "dev": true,
-      "requires": {
-        "chokidar": "^3.5.2",
-        "debug": "^4",
-        "ignore-by-default": "^1.0.1",
-        "minimatch": "^3.1.2",
-        "pstree.remy": "^1.1.8",
-        "semver": "^7.5.3",
-        "simple-update-notifier": "^2.0.0",
-        "supports-color": "^5.5.0",
-        "touch": "^3.1.0",
-        "undefsafe": "^2.0.5"
-      },
-      "dependencies": {
-        "has-flag": {
-          "version": "3.0.0",
-          "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
-          "integrity": "sha512-sKJf1+ceQBr4SMkvQnBDNDtf4TXpVhVGateu0t918bl30FnbE2m4vNLX+VWe/dpjlb+HugGYzW7uQXH98HPEYw==",
-          "dev": true
-        },
-        "supports-color": {
-          "version": "5.5.0",
-          "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
-          "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==",
-          "dev": true,
-          "requires": {
-            "has-flag": "^3.0.0"
-          }
-        }
-      }
-    },
-    "non-layered-tidy-tree-layout": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/non-layered-tidy-tree-layout/-/non-layered-tidy-tree-layout-2.0.2.tgz",
-      "integrity": "sha512-gkXMxRzUH+PB0ax9dUN0yYF0S25BqeAYqhgMaLUFmpXLEk7Fcu8f4emJuOAY0V8kjDICxROIKsTAKsV/v355xw=="
-    },
-    "nopt": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/nopt/-/nopt-5.0.0.tgz",
-      "integrity": "sha512-Tbj67rffqceeLpcRXrT7vKAN8CwfPeIBgM7E6iBkmKLV7bEMwpGgYLGv0jACUsECaa/vuxP0IjEont6umdMgtQ==",
-      "dev": true,
-      "requires": {
-        "abbrev": "1"
-      }
-    },
-    "normalize-package-data": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.5.0.tgz",
-      "integrity": "sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA==",
-      "dev": true,
-      "requires": {
-        "hosted-git-info": "^2.1.4",
-        "resolve": "^1.10.0",
-        "semver": "2 || 3 || 4 || 5",
-        "validate-npm-package-license": "^3.0.1"
-      },
-      "dependencies": {
-        "semver": {
-          "version": "5.7.2",
-          "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.2.tgz",
-          "integrity": "sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g==",
-          "dev": true
-        }
-      }
-    },
-    "normalize-path": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz",
-      "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA=="
-    },
-    "normalize-strings": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/normalize-strings/-/normalize-strings-1.1.1.tgz",
-      "integrity": "sha512-fARPRdTwmrQDLYhmeh7j/eZwrCP6WzxD6uKOdK/hT/uKACAE9AG2Bc2dgqOZLkfmmctHpfcJ9w3AQnfLgg3GYg=="
-    },
-    "normalize-url": {
-      "version": "6.1.0",
-      "resolved": "https://registry.npmjs.org/normalize-url/-/normalize-url-6.1.0.tgz",
-      "integrity": "sha512-DlL+XwOy3NxAQ8xuC0okPgK46iuVNAK01YN7RueYBqqFeGsBjV9XmCAzAdgt+667bCl5kPh9EqKKDwnaPG1I7A=="
-    },
-    "nth-check": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/nth-check/-/nth-check-2.0.1.tgz",
-      "integrity": "sha512-it1vE95zF6dTT9lBsYbxvqh0Soy4SPowchj0UBGj/V6cTPnXXtQOPUbhZ6CmGzAD/rW22LQK6E96pcdJXk4A4w==",
-      "requires": {
-        "boolbase": "^1.0.0"
-      }
-    },
-    "nwsapi": {
-      "version": "2.2.7",
-      "resolved": "https://registry.npmjs.org/nwsapi/-/nwsapi-2.2.7.tgz",
-      "integrity": "sha512-ub5E4+FBPKwAZx0UwIQOjYWGHTEq5sPqHQNRN8Z9e4A7u3Tj1weLJsL59yH9vmvqEtBHaOmT6cYQKIZOxp35FQ=="
-    },
-    "oauth-sign": {
-      "version": "0.9.0",
-      "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz",
-      "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ=="
-    },
-    "object-assign": {
-      "version": "4.1.1",
-      "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
-      "integrity": "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM="
-    },
-    "object-hash": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz",
-      "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw=="
-    },
-    "object-inspect": {
-      "version": "1.13.1",
-      "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.13.1.tgz",
-      "integrity": "sha512-5qoj1RUiKOMsCCNLV1CBiPYE10sziTsnmNxkAI/rZhiD63CF7IqdFGC/XzjWjpSgLf0LxXX3bDFIh0E18f6UhQ=="
-    },
-    "object-keys": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/object-keys/-/object-keys-1.1.1.tgz",
-      "integrity": "sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==",
-      "optional": true
-    },
-    "oidc-token-hash": {
-      "version": "5.0.3",
-      "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.0.3.tgz",
-      "integrity": "sha512-IF4PcGgzAr6XXSff26Sk/+P4KZFJVuHAJZj3wgO3vX2bMdNVp/QXTP3P7CEm9V1IdG8lDLY3HhiqpsE/nOwpPw=="
-    },
-    "omggif": {
-      "version": "1.0.10",
-      "resolved": "https://registry.npmjs.org/omggif/-/omggif-1.0.10.tgz",
-      "integrity": "sha512-LMJTtvgc/nugXj0Vcrrs68Mn2D1r0zf630VNtqtpI1FEO7e+O9FP4gqs9AcnBaSEeoHIPm28u6qgPR0oyEpGSw=="
-    },
-    "on-finished": {
-      "version": "2.4.1",
-      "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.4.1.tgz",
-      "integrity": "sha512-oVlzkg3ENAhCk2zdv7IJwd/QUD4z2RxRwpkcGY8psCVcCYZNq4wYnVWALHM+brtuJjePWiYF/ClmuDr8Ch5+kg==",
-      "requires": {
-        "ee-first": "1.1.1"
-      }
-    },
-    "on-headers": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/on-headers/-/on-headers-1.0.2.tgz",
-      "integrity": "sha512-pZAE+FJLoyITytdqK0U5s+FIpjN0JP3OzFi/u8Rx+EV5/W+JTWGXG8xFzevE7AjBfDqHv/8vL8qQsIhHnqRkrA=="
-    },
-    "once": {
-      "version": "1.4.0",
-      "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
-      "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=",
-      "requires": {
-        "wrappy": "1"
-      }
-    },
-    "onetime": {
-      "version": "5.1.2",
-      "resolved": "https://registry.npmjs.org/onetime/-/onetime-5.1.2.tgz",
-      "integrity": "sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==",
-      "dev": true,
-      "requires": {
-        "mimic-fn": "^2.1.0"
-      }
-    },
-    "open": {
-      "version": "8.4.1",
-      "resolved": "https://registry.npmjs.org/open/-/open-8.4.1.tgz",
-      "integrity": "sha512-/4b7qZNhv6Uhd7jjnREh1NjnPxlTq+XNWPG88Ydkj5AILcA5m3ajvcg57pB24EQjKv0dK62XnDqk9c/hkIG5Kg==",
-      "requires": {
-        "define-lazy-prop": "^2.0.0",
-        "is-docker": "^2.1.1",
-        "is-wsl": "^2.2.0"
-      }
-    },
-    "opencollective-postinstall": {
-      "version": "2.0.3",
-      "resolved": "https://registry.npmjs.org/opencollective-postinstall/-/opencollective-postinstall-2.0.3.tgz",
-      "integrity": "sha512-8AV/sCtuzUeTo8gQK5qDZzARrulB3egtLzFgteqB2tcT4Mw7B8Kt7JcDHmltjz6FOAHsvTevk70gZEbhM4ZS9Q=="
-    },
-    "openid-client": {
-      "version": "5.6.5",
-      "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.6.5.tgz",
-      "integrity": "sha512-5P4qO9nGJzB5PI0LFlhj4Dzg3m4odt0qsJTfyEtZyOlkgpILwEioOhVVJOrS1iVH494S4Ee5OCjjg6Bf5WOj3w==",
-      "requires": {
-        "jose": "^4.15.5",
-        "lru-cache": "^6.0.0",
-        "object-hash": "^2.2.0",
-        "oidc-token-hash": "^5.0.3"
-      }
-    },
-    "ora": {
-      "version": "5.4.1",
-      "resolved": "https://registry.npmjs.org/ora/-/ora-5.4.1.tgz",
-      "integrity": "sha512-5b6Y85tPxZZ7QytO+BQzysW31HJku27cRIlkbAXaNx+BdcVi+LlRFmVXzeF6a7JCwJpyw5c4b+YSVImQIrBpuQ==",
-      "dev": true,
-      "requires": {
-        "bl": "^4.1.0",
-        "chalk": "^4.1.0",
-        "cli-cursor": "^3.1.0",
-        "cli-spinners": "^2.5.0",
-        "is-interactive": "^1.0.0",
-        "is-unicode-supported": "^0.1.0",
-        "log-symbols": "^4.1.0",
-        "strip-ansi": "^6.0.0",
-        "wcwidth": "^1.0.1"
-      },
-      "dependencies": {
-        "bl": {
-          "version": "4.1.0",
-          "resolved": "https://registry.npmjs.org/bl/-/bl-4.1.0.tgz",
-          "integrity": "sha512-1W07cM9gS6DcLperZfFSj+bWLtaPGSOHWhPiGzXmvVJbRLdG82sH/Kn8EtW1VqWVA54AKf2h5k5BbnIbwF3h6w==",
-          "dev": true,
-          "requires": {
-            "buffer": "^5.5.0",
-            "inherits": "^2.0.4",
-            "readable-stream": "^3.4.0"
-          }
-        },
-        "readable-stream": {
-          "version": "3.6.0",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz",
-          "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==",
-          "dev": true,
-          "requires": {
-            "inherits": "^2.0.3",
-            "string_decoder": "^1.1.1",
-            "util-deprecate": "^1.0.1"
-          }
-        }
-      }
-    },
-    "p-cancelable": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/p-cancelable/-/p-cancelable-2.1.1.tgz",
-      "integrity": "sha512-BZOr3nRQHOntUjTrH8+Lh54smKHoHyur8We1V8DSMVrl5A2malOOwuJRnKRDjSnkoeBh4at6BwEnb5I7Jl31wg=="
-    },
-    "p-limit": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.2.1.tgz",
-      "integrity": "sha512-85Tk+90UCVWvbDavCLKPOLC9vvY8OwEX/RtKF+/1OADJMVlFfEHOiMTPVyxg7mk/dKa+ipdHm0OUkTvCpMTuwg==",
-      "dev": true,
-      "requires": {
-        "p-try": "^2.0.0"
-      }
-    },
-    "p-locate": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/p-locate/-/p-locate-2.0.0.tgz",
-      "integrity": "sha1-IKAQOyIqcMj9OcwuWAaA893l7EM=",
-      "dev": true,
-      "requires": {
-        "p-limit": "^1.1.0"
-      },
-      "dependencies": {
-        "p-limit": {
-          "version": "1.3.0",
-          "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-1.3.0.tgz",
-          "integrity": "sha512-vvcXsLAJ9Dr5rQOPk7toZQZJApBl2K4J6dANSsEuh6QI41JYcsS/qhTGa9ErIUUgK3WNQoJYvylxvjqmiqEA9Q==",
-          "dev": true,
-          "requires": {
-            "p-try": "^1.0.0"
-          }
-        },
-        "p-try": {
-          "version": "1.0.0",
-          "resolved": "https://registry.npmjs.org/p-try/-/p-try-1.0.0.tgz",
-          "integrity": "sha1-y8ec26+P1CKOE/Yh8rGiN8GyB7M=",
-          "dev": true
-        }
-      }
-    },
-    "p-map": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/p-map/-/p-map-4.0.0.tgz",
-      "integrity": "sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==",
-      "dev": true,
-      "requires": {
-        "aggregate-error": "^3.0.0"
-      }
-    },
-    "p-try": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/p-try/-/p-try-2.2.0.tgz",
-      "integrity": "sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==",
-      "dev": true
-    },
-    "pako": {
-      "version": "1.0.11",
-      "resolved": "https://registry.npmjs.org/pako/-/pako-1.0.11.tgz",
-      "integrity": "sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw=="
-    },
-    "panzoom": {
-      "version": "9.4.3",
-      "resolved": "https://registry.npmjs.org/panzoom/-/panzoom-9.4.3.tgz",
-      "integrity": "sha512-xaxCpElcRbQsUtIdwlrZA90P90+BHip4Vda2BC8MEb4tkI05PmR6cKECdqUCZ85ZvBHjpI9htJrZBxV5Gp/q/w==",
-      "requires": {
-        "amator": "^1.1.0",
-        "ngraph.events": "^1.2.2",
-        "wheel": "^1.0.0"
-      }
-    },
-    "parse-author": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/parse-author/-/parse-author-2.0.0.tgz",
-      "integrity": "sha1-00YL8d3Q367tQtp1QkLmX7aEqB8=",
-      "devOptional": true,
-      "requires": {
-        "author-regex": "^1.0.0"
-      }
-    },
-    "parse-bmfont-ascii": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/parse-bmfont-ascii/-/parse-bmfont-ascii-1.0.6.tgz",
-      "integrity": "sha512-U4RrVsUFCleIOBsIGYOMKjn9PavsGOXxbvYGtMOEfnId0SVNsgehXh1DxUdVPLoxd5mvcEtvmKs2Mmf0Mpa1ZA=="
-    },
-    "parse-bmfont-binary": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/parse-bmfont-binary/-/parse-bmfont-binary-1.0.6.tgz",
-      "integrity": "sha512-GxmsRea0wdGdYthjuUeWTMWPqm2+FAd4GI8vCvhgJsFnoGhTrLhXDDupwTo7rXVAgaLIGoVHDZS9p/5XbSqeWA=="
-    },
-    "parse-bmfont-xml": {
-      "version": "1.1.6",
-      "resolved": "https://registry.npmjs.org/parse-bmfont-xml/-/parse-bmfont-xml-1.1.6.tgz",
-      "integrity": "sha512-0cEliVMZEhrFDwMh4SxIyVJpqYoOWDJ9P895tFuS+XuNzI5UBmBk5U5O4KuJdTnZpSBI4LFA2+ZiJaiwfSwlMA==",
-      "requires": {
-        "xml-parse-from-string": "^1.0.0",
-        "xml2js": "^0.5.0"
-      },
-      "dependencies": {
-        "xml2js": {
-          "version": "0.5.0",
-          "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.5.0.tgz",
-          "integrity": "sha512-drPFnkQJik/O+uPKpqSgr22mpuFHqKdbS835iAQrUC73L2F5WkboIRd63ai/2Yg6I1jzifPFKH2NTK+cfglkIA==",
-          "requires": {
-            "sax": ">=0.6.0",
-            "xmlbuilder": "~11.0.0"
-          }
-        }
-      }
-    },
-    "parse-headers": {
-      "version": "2.0.5",
-      "resolved": "https://registry.npmjs.org/parse-headers/-/parse-headers-2.0.5.tgz",
-      "integrity": "sha512-ft3iAoLOB/MlwbNXgzy43SWGP6sQki2jQvAyBg/zDFAgr9bfNWZIUj42Kw2eJIl8kEi4PbgE6U1Zau/HwI75HA=="
-    },
-    "parse-json": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz",
-      "integrity": "sha1-9ID0BDTvgHQfhGkJn43qGPVaTck=",
-      "dev": true,
-      "requires": {
-        "error-ex": "^1.2.0"
-      }
-    },
-    "parse-srcset": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/parse-srcset/-/parse-srcset-1.0.2.tgz",
-      "integrity": "sha1-8r0iH2zJcKk42IVWq8WJyqqiveE="
-    },
-    "parse5": {
-      "version": "6.0.1",
-      "resolved": "https://registry.npmjs.org/parse5/-/parse5-6.0.1.tgz",
-      "integrity": "sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw=="
-    },
-    "parse5-htmlparser2-tree-adapter": {
-      "version": "6.0.1",
-      "resolved": "https://registry.npmjs.org/parse5-htmlparser2-tree-adapter/-/parse5-htmlparser2-tree-adapter-6.0.1.tgz",
-      "integrity": "sha512-qPuWvbLgvDGilKc5BoicRovlT4MtYT6JfJyBOMDsKoiT+GiuP5qyrPCnR9HcPECIJJmZh5jRndyNThnhhb/vlA==",
-      "requires": {
-        "parse5": "^6.0.1"
-      }
-    },
-    "parseurl": {
-      "version": "1.3.3",
-      "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz",
-      "integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ=="
-    },
-    "passport": {
-      "version": "0.7.0",
-      "resolved": "https://registry.npmjs.org/passport/-/passport-0.7.0.tgz",
-      "integrity": "sha512-cPLl+qZpSc+ireUvt+IzqbED1cHHkDoVYMo30jbJIdOOjQ1MQYZBPiNvmi8UM6lJuOpTPXJGZQk0DtC4y61MYQ==",
-      "requires": {
-        "passport-strategy": "1.x.x",
-        "pause": "0.0.1",
-        "utils-merge": "^1.0.1"
-      }
-    },
-    "passport-strategy": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz",
-      "integrity": "sha512-CB97UUvDKJde2V0KDWWB3lyf6PC3FaZP7YxZ2G8OAtn9p4HI9j9JLP9qjOGZFvyl8uwNT8qM+hGnz/n16NI7oA=="
-    },
-    "path-exists": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-3.0.0.tgz",
-      "integrity": "sha1-zg6+ql94yxiSXqfYENe1mwEP1RU=",
-      "dev": true
-    },
-    "path-is-absolute": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
-      "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=",
-      "devOptional": true
-    },
-    "path-key": {
-      "version": "3.1.1",
-      "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz",
-      "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q=="
-    },
-    "path-parse": {
-      "version": "1.0.7",
-      "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz",
-      "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==",
-      "dev": true
-    },
-    "path-scurry": {
-      "version": "1.10.1",
-      "resolved": "https://registry.npmjs.org/path-scurry/-/path-scurry-1.10.1.tgz",
-      "integrity": "sha512-MkhCqzzBEpPvxxQ71Md0b1Kk51W01lrYvlMzSUaIzNsODdd7mqhiimSZlr+VegAz5Z6Vzt9Xg2ttE//XBhH3EQ==",
-      "requires": {
-        "lru-cache": "^9.1.1 || ^10.0.0",
-        "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0"
-      },
-      "dependencies": {
-        "lru-cache": {
-          "version": "9.1.1",
-          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-9.1.1.tgz",
-          "integrity": "sha512-65/Jky17UwSb0BuB9V+MyDpsOtXKmYwzhyl+cOa9XUiI4uV2Ouy/2voFP3+al0BjZbJgMBD8FojMpAf+Z+qn4A=="
-        },
-        "minipass": {
-          "version": "6.0.2",
-          "resolved": "https://registry.npmjs.org/minipass/-/minipass-6.0.2.tgz",
-          "integrity": "sha512-MzWSV5nYVT7mVyWCwn2o7JH13w2TBRmmSqSRCKzTw+lmft9X4z+3wjvs06Tzijo5z4W/kahUCDpRXTF+ZrmF/w=="
-        }
-      }
-    },
-    "path-to-regexp": {
-      "version": "0.1.7",
-      "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz",
-      "integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w="
-    },
-    "path-type": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/path-type/-/path-type-2.0.0.tgz",
-      "integrity": "sha1-8BLMuEFbcJb8LaoQVMPXI4lZTHM=",
-      "dev": true,
-      "requires": {
-        "pify": "^2.0.0"
-      }
-    },
-    "pause": {
-      "version": "0.0.1",
-      "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz",
-      "integrity": "sha512-KG8UEiEVkR3wGEb4m5yZkVCzigAD+cVEJck2CzYZO37ZGJfctvVptVO192MwrtPhzONn6go8ylnOdMhKqi4nfg=="
-    },
-    "peek-readable": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/peek-readable/-/peek-readable-4.1.0.tgz",
-      "integrity": "sha512-ZI3LnwUv5nOGbQzD9c2iDG6toheuXSZP5esSHBjopsXH4dg19soufvpUGA3uohi5anFtGb2lhAVdHzH6R/Evvg=="
-    },
-    "pend": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/pend/-/pend-1.2.0.tgz",
-      "integrity": "sha512-F3asv42UuXchdzt+xXqfW1OGlVBe+mxa2mqI0pg5yAHZPvFmY3Y6drSf/GQ1A86WgWEN9Kzh/WrgKa6iGcHXLg=="
-    },
-    "performance-now": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz",
-      "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns="
-    },
-    "phin": {
-      "version": "2.9.3",
-      "resolved": "https://registry.npmjs.org/phin/-/phin-2.9.3.tgz",
-      "integrity": "sha512-CzFr90qM24ju5f88quFC/6qohjC144rehe5n6DH900lgXmUe86+xCKc10ev56gRKC4/BkHUoG4uSiQgBiIXwDA=="
-    },
-    "picocolors": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.0.tgz",
-      "integrity": "sha512-1fygroTLlHu66zi26VoTDv8yRgm0Fccecssto+MhsZ0D/DGW2sm8E8AjW7NU5VVTRt5GxbeZ5qBuJr+HyLYkjQ=="
-    },
-    "picomatch": {
-      "version": "2.3.1",
-      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
-      "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA=="
-    },
-    "pify": {
-      "version": "2.3.0",
-      "resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
-      "integrity": "sha1-7RQaasBDqEnqWISY59yosVMw6Qw=",
-      "dev": true
-    },
-    "pixelmatch": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/pixelmatch/-/pixelmatch-4.0.2.tgz",
-      "integrity": "sha512-J8B6xqiO37sU/gkcMglv6h5Jbd9xNER7aHzpfRdNmV4IbQBzBpe4l9XmbG+xPF/znacgu2jfEw+wHffaq/YkXA==",
-      "requires": {
-        "pngjs": "^3.0.0"
-      },
-      "dependencies": {
-        "pngjs": {
-          "version": "3.4.0",
-          "resolved": "https://registry.npmjs.org/pngjs/-/pngjs-3.4.0.tgz",
-          "integrity": "sha512-NCrCHhWmnQklfH4MtJMRjZ2a8c80qXeMlQMv2uVp9ISJMTt562SbGd6n2oq0PaPgKm7Z6pL9E2UlLIhC+SHL3w=="
-        }
-      }
-    },
-    "pkg-dir": {
-      "version": "4.2.0",
-      "resolved": "https://registry.npmjs.org/pkg-dir/-/pkg-dir-4.2.0.tgz",
-      "integrity": "sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==",
-      "dev": true,
-      "requires": {
-        "find-up": "^4.0.0"
-      }
-    },
-    "plist": {
-      "version": "3.0.5",
-      "resolved": "https://registry.npmjs.org/plist/-/plist-3.0.5.tgz",
-      "integrity": "sha512-83vX4eYdQp3vP9SxuYgEM/G/pJQqLUz/V/xzPrzruLs7fz7jxGQ1msZ/mg1nwZxUSuOp4sb+/bEIbRrbzZRxDA==",
-      "dev": true,
-      "requires": {
-        "base64-js": "^1.5.1",
-        "xmlbuilder": "^9.0.7"
-      },
-      "dependencies": {
-        "xmlbuilder": {
-          "version": "9.0.7",
-          "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-9.0.7.tgz",
-          "integrity": "sha1-Ey7mPS7FVlxVfiD0wi35rKaGsQ0=",
-          "dev": true
-        }
-      }
-    },
-    "plumb": {
-      "version": "0.1.0",
-      "resolved": "https://registry.npmjs.org/plumb/-/plumb-0.1.0.tgz",
-      "integrity": "sha1-TFd5ClCWkoMv2/EN+t3XlIxctXQ="
-    },
-    "pngjs": {
-      "version": "6.0.0",
-      "resolved": "https://registry.npmjs.org/pngjs/-/pngjs-6.0.0.tgz",
-      "integrity": "sha512-TRzzuFRRmEoSW/p1KVAmiOgPco2Irlah+bGFCeNfJXxxYGwSw7YwAOAcd7X28K/m5bjBWKsC29KyoMfHbypayg=="
-    },
-    "postcss": {
-      "version": "8.4.38",
-      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.38.tgz",
-      "integrity": "sha512-Wglpdk03BSfXkHoQa3b/oulrotAkwrlLDRSOb9D0bN86FdRyE9lppSp33aHNPgBa0JKCoB+drFLZkQoRRYae5A==",
-      "requires": {
-        "nanoid": "^3.3.7",
-        "picocolors": "^1.0.0",
-        "source-map-js": "^1.2.0"
-      }
-    },
-    "prebuild-install": {
-      "version": "7.1.1",
-      "resolved": "https://registry.npmjs.org/prebuild-install/-/prebuild-install-7.1.1.tgz",
-      "integrity": "sha512-jAXscXWMcCK8GgCoHOfIr0ODh5ai8mj63L2nWrjuAgXE6tDyYGnx4/8o/rCgU+B4JSyZBKbeZqzhtwtC3ovxjw==",
-      "requires": {
-        "detect-libc": "^2.0.0",
-        "expand-template": "^2.0.3",
-        "github-from-package": "0.0.0",
-        "minimist": "^1.2.3",
-        "mkdirp-classic": "^0.5.3",
-        "napi-build-utils": "^1.0.1",
-        "node-abi": "^3.3.0",
-        "pump": "^3.0.0",
-        "rc": "^1.2.7",
-        "simple-get": "^4.0.0",
-        "tar-fs": "^2.0.0",
-        "tunnel-agent": "^0.6.0"
-      }
-    },
-    "print-this": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/print-this/-/print-this-2.0.0.tgz",
-      "integrity": "sha512-/v1/tXs4BQGpEF7OYKe05h4xiQR09Q4HgASL28pngx6aedCQaB1OlHs8t9RDVgUayXHDWHG9V5EBjPlXb46k4w==",
-      "requires": {
-        "jquery": ">=1.11",
-        "opencollective-postinstall": "^2.0.2"
-      }
-    },
-    "process": {
-      "version": "0.11.10",
-      "resolved": "https://registry.npmjs.org/process/-/process-0.11.10.tgz",
-      "integrity": "sha512-cdGef/drWFoydD1JsMzuFf8100nZl+GT+yacc2bEced5f9Rjk4z+WtFUTBu9PhOi9j/jfmBPu0mMEY4wIdAF8A=="
-    },
-    "process-nextick-args": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz",
-      "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag=="
-    },
-    "progress": {
-      "version": "2.0.3",
-      "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz",
-      "integrity": "sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA=="
-    },
-    "promise-inflight": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/promise-inflight/-/promise-inflight-1.0.1.tgz",
-      "integrity": "sha512-6zWPyEOFaQBJYcGMHBKTKJ3u6TBsnMFOIZSa6ce1e/ZrrsOlnHRHbabMjLiBYKp+n44X9eUI6VUPaukCXHuG4g==",
-      "dev": true
-    },
-    "promise-retry": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/promise-retry/-/promise-retry-2.0.1.tgz",
-      "integrity": "sha512-y+WKFlBR8BGXnsNlIHFGPZmyDf3DFMoLhaflAnyZgV6rG6xu+JwesTo2Q9R6XwYmtmwAFCkAk3e35jEdoeh/3g==",
-      "dev": true,
-      "requires": {
-        "err-code": "^2.0.2",
-        "retry": "^0.12.0"
-      }
-    },
-    "prop-types": {
-      "version": "15.8.1",
-      "resolved": "https://registry.npmjs.org/prop-types/-/prop-types-15.8.1.tgz",
-      "integrity": "sha512-oj87CgZICdulUohogVAR7AjlC0327U4el4L6eAvOqCeudMDVU0NThNaV+b9Df4dXgSP1gXMTnPdhfe/2qDH5cg==",
-      "requires": {
-        "loose-envify": "^1.4.0",
-        "object-assign": "^4.1.1",
-        "react-is": "^16.13.1"
-      }
-    },
-    "proxy-addr": {
-      "version": "2.0.7",
-      "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.7.tgz",
-      "integrity": "sha512-llQsMLSUDUPT44jdrU/O37qlnifitDP+ZwrmmZcoSKyLKvtZxpyV0n2/bD/N4tBAAZ/gJEdZU7KMraoK1+XYAg==",
-      "requires": {
-        "forwarded": "0.2.0",
-        "ipaddr.js": "1.9.1"
-      }
-    },
-    "proxy-from-env": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
-      "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg=="
-    },
-    "psl": {
-      "version": "1.4.0",
-      "resolved": "https://registry.npmjs.org/psl/-/psl-1.4.0.tgz",
-      "integrity": "sha512-HZzqCGPecFLyoRj5HLfuDSKYTJkAfB5thKBIkRHtGjWwY7p1dAyveIbXIq4tO0KYfDF2tHqPUgY9SDnGm00uFw=="
-    },
-    "pstree.remy": {
-      "version": "1.1.8",
-      "resolved": "https://registry.npmjs.org/pstree.remy/-/pstree.remy-1.1.8.tgz",
-      "integrity": "sha512-77DZwxQmxKnu3aR542U+X8FypNzbfJ+C5XQDk3uWjWxn6151aIMGthWYRXTqT1E5oJvg+ljaa2OJi+VfvCOQ8w==",
-      "dev": true
-    },
-    "pump": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz",
-      "integrity": "sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==",
-      "requires": {
-        "end-of-stream": "^1.1.0",
-        "once": "^1.3.1"
-      }
-    },
-    "punycode": {
-      "version": "2.3.1",
-      "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.3.1.tgz",
-      "integrity": "sha512-vYt7UD1U9Wg6138shLtLOvdAu+8DsC/ilFtEVHcH+wydcSpNE20AfSOduf6MkRFahL5FY7X1oU7nKVZFtfq8Fg=="
-    },
-    "pupa": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/pupa/-/pupa-2.1.1.tgz",
-      "integrity": "sha512-l1jNAspIBSFqbT+y+5FosojNpVpF94nlI+wDUpqP9enwOTfHx9f0gh5nB96vl+6yTpsJsypeNrwfzPrKuHB41A==",
-      "requires": {
-        "escape-goat": "^2.0.0"
-      }
-    },
-    "qs": {
-      "version": "6.11.0",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.11.0.tgz",
-      "integrity": "sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==",
-      "requires": {
-        "side-channel": "^1.0.4"
-      }
-    },
-    "querystringify": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/querystringify/-/querystringify-2.2.0.tgz",
-      "integrity": "sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ=="
-    },
-    "queue-tick": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/queue-tick/-/queue-tick-1.0.1.tgz",
-      "integrity": "sha512-kJt5qhMxoszgU/62PLP1CJytzd2NKetjSRnyuj31fDd3Rlcz3fzlFdFLD1SItunPwyqEOkca6GbV612BWfaBag=="
-    },
-    "quick-lru": {
-      "version": "5.1.1",
-      "resolved": "https://registry.npmjs.org/quick-lru/-/quick-lru-5.1.1.tgz",
-      "integrity": "sha512-WuyALRjWPDGtt/wzJiadO5AXY+8hZ80hVpe6MyivgraREW751X3SbhRvG3eLKOYN+8VEvqLcf3wdnt44Z4S4SA=="
-    },
-    "rand-token": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/rand-token/-/rand-token-1.0.1.tgz",
-      "integrity": "sha512-Zri5SfJmEzBJ3IexFdigvPSCamslJ7UjLkUn0tlgH7COJvaUr5V7FyUYgKifEMTw7gFO8ZLcWjcU+kq8akipzg=="
-    },
-    "random-bytes": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/random-bytes/-/random-bytes-1.0.0.tgz",
-      "integrity": "sha1-T2ih3Arli9P7lYSMMDJNt11kNgs="
-    },
-    "randombytes": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz",
-      "integrity": "sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==",
-      "dev": true,
-      "requires": {
-        "safe-buffer": "^5.1.0"
-      }
-    },
-    "range-parser": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz",
-      "integrity": "sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg=="
-    },
-    "raw-body": {
-      "version": "2.5.2",
-      "resolved": "https://registry.npmjs.org/raw-body/-/raw-body-2.5.2.tgz",
-      "integrity": "sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==",
-      "requires": {
-        "bytes": "3.1.2",
-        "http-errors": "2.0.0",
-        "iconv-lite": "0.4.24",
-        "unpipe": "1.0.0"
-      },
-      "dependencies": {
-        "iconv-lite": {
-          "version": "0.4.24",
-          "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz",
-          "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==",
-          "requires": {
-            "safer-buffer": ">= 2.1.2 < 3"
-          }
-        }
-      }
-    },
-    "rc": {
-      "version": "1.2.8",
-      "resolved": "https://registry.npmjs.org/rc/-/rc-1.2.8.tgz",
-      "integrity": "sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==",
-      "requires": {
-        "deep-extend": "^0.6.0",
-        "ini": "~1.3.0",
-        "minimist": "^1.2.0",
-        "strip-json-comments": "~2.0.1"
-      },
-      "dependencies": {
-        "ini": {
-          "version": "1.3.8",
-          "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.8.tgz",
-          "integrity": "sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew=="
-        }
-      }
-    },
-    "rcedit": {
-      "version": "4.0.1",
-      "resolved": "https://registry.npmjs.org/rcedit/-/rcedit-4.0.1.tgz",
-      "integrity": "sha512-bZdaQi34krFWhrDn+O53ccBDw0MkAT2Vhu75SqhtvhQu4OPyFM4RoVheyYiVQYdjhUi6EJMVWQ0tR6bCIYVkUg==",
-      "dev": true,
-      "requires": {
-        "cross-spawn-windows-exe": "^1.1.0"
-      }
-    },
-    "react": {
-      "version": "18.2.0",
-      "resolved": "https://registry.npmjs.org/react/-/react-18.2.0.tgz",
-      "integrity": "sha512-/3IjMdb2L9QbBdWiW5e3P2/npwMBaU9mHCSCUzNln0ZCYbcfTsGbTJrU/kGemdH2IWmB2ioZ+zkxtmq6g09fGQ==",
-      "requires": {
-        "loose-envify": "^1.1.0"
-      }
-    },
-    "react-dom": {
-      "version": "18.2.0",
-      "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-18.2.0.tgz",
-      "integrity": "sha512-6IMTriUmvsjHUjNtEDudZfuDQUoWXVxKHhlEGSk81n4YFS+r/Kl99wXiwlVXtPBtJenozv2P+hxDsw9eA7Xo6g==",
-      "requires": {
-        "loose-envify": "^1.1.0",
-        "scheduler": "^0.23.0"
-      }
-    },
-    "react-interactive": {
-      "version": "0.8.3",
-      "resolved": "https://registry.npmjs.org/react-interactive/-/react-interactive-0.8.3.tgz",
-      "integrity": "sha512-mmRvA9aKP7zu9kVfP1AX1egX8tFlnE3DDXq92z0JTZezfOpmeQBzr77O1+mTV54OOmn+M2t6c5kFD5VnuFoM7A==",
-      "requires": {
-        "detect-it": "^3.0.3",
-        "object-assign": "^4.1.1",
-        "prop-types": "^15.6.0"
-      }
-    },
-    "react-is": {
-      "version": "16.13.1",
-      "resolved": "https://registry.npmjs.org/react-is/-/react-is-16.13.1.tgz",
-      "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ=="
-    },
-    "react-router": {
-      "version": "4.3.1",
-      "resolved": "https://registry.npmjs.org/react-router/-/react-router-4.3.1.tgz",
-      "integrity": "sha512-yrvL8AogDh2X42Dt9iknk4wF4V8bWREPirFfS9gLU1huk6qK41sg7Z/1S81jjTrGHxa3B8R3J6xIkDAA6CVarg==",
-      "requires": {
-        "history": "^4.7.2",
-        "hoist-non-react-statics": "^2.5.0",
-        "invariant": "^2.2.4",
-        "loose-envify": "^1.3.1",
-        "path-to-regexp": "^1.7.0",
-        "prop-types": "^15.6.1",
-        "warning": "^4.0.1"
-      },
-      "dependencies": {
-        "isarray": {
-          "version": "0.0.1",
-          "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz",
-          "integrity": "sha512-D2S+3GLxWH+uhrNEcoh/fnmYeP8E8/zHl644d/jdA0g2uyXvy3sb0qxotE+ne0LtccHknQzWwZEzhak7oJ0COQ=="
-        },
-        "path-to-regexp": {
-          "version": "1.8.0",
-          "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-1.8.0.tgz",
-          "integrity": "sha512-n43JRhlUKUAlibEJhPeir1ncUID16QnEjNpwzNdO3Lm4ywrBpBZ5oLD0I6br9evr1Y9JTqwRtAh7JLoOzAQdVA==",
-          "requires": {
-            "isarray": "0.0.1"
-          }
-        }
-      }
-    },
-    "react-router-dom": {
-      "version": "4.3.1",
-      "resolved": "https://registry.npmjs.org/react-router-dom/-/react-router-dom-4.3.1.tgz",
-      "integrity": "sha512-c/MlywfxDdCp7EnB7YfPMOfMD3tOtIjrQlj/CKfNMBxdmpJP8xcz5P/UAFn3JbnQCNUxsHyVVqllF9LhgVyFCA==",
-      "requires": {
-        "history": "^4.7.2",
-        "invariant": "^2.2.4",
-        "loose-envify": "^1.3.1",
-        "prop-types": "^15.6.1",
-        "react-router": "^4.3.1",
-        "warning": "^4.0.1"
-      }
-    },
-    "read-config-file": {
-      "version": "6.3.2",
-      "resolved": "https://registry.npmjs.org/read-config-file/-/read-config-file-6.3.2.tgz",
-      "integrity": "sha512-M80lpCjnE6Wt6zb98DoW8WHR09nzMSpu8XHtPkiTHrJ5Az9CybfeQhTJ8D7saeBHpGhLPIVyA8lcL6ZmdKwY6Q==",
-      "dev": true,
-      "requires": {
-        "config-file-ts": "^0.2.4",
-        "dotenv": "^9.0.2",
-        "dotenv-expand": "^5.1.0",
-        "js-yaml": "^4.1.0",
-        "json5": "^2.2.0",
-        "lazy-val": "^1.0.4"
-      },
-      "dependencies": {
-        "dotenv": {
-          "version": "9.0.2",
-          "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-9.0.2.tgz",
-          "integrity": "sha512-I9OvvrHp4pIARv4+x9iuewrWycX6CcZtoAu1XrzPxc5UygMJXJZYmBsynku8IkrJwgypE5DGNjDPmPRhDCptUg==",
-          "dev": true
-        }
-      }
-    },
-    "read-pkg": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-2.0.0.tgz",
-      "integrity": "sha1-jvHAYjxqbbDcZxPEv6xGMysjaPg=",
-      "dev": true,
-      "requires": {
-        "load-json-file": "^2.0.0",
-        "normalize-package-data": "^2.3.2",
-        "path-type": "^2.0.0"
-      }
-    },
-    "read-pkg-up": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-2.0.0.tgz",
-      "integrity": "sha1-a3KoBImE4MQeeVEP1en6mbO1Sb4=",
-      "dev": true,
-      "requires": {
-        "find-up": "^2.0.0",
-        "read-pkg": "^2.0.0"
-      },
-      "dependencies": {
-        "find-up": {
-          "version": "2.1.0",
-          "resolved": "https://registry.npmjs.org/find-up/-/find-up-2.1.0.tgz",
-          "integrity": "sha1-RdG35QbHF93UgndaK3eSCjwMV6c=",
-          "dev": true,
-          "requires": {
-            "locate-path": "^2.0.0"
-          }
-        }
-      }
-    },
-    "readable-stream": {
-      "version": "2.3.6",
-      "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.6.tgz",
-      "integrity": "sha512-tQtKA9WIAhBF3+VLAseyMqZeBjW0AHJoxOtYqSUZNJxauErmLbVm2FW1y+J/YA9dUrAC39ITejlZWhVIwawkKw==",
-      "requires": {
-        "core-util-is": "~1.0.0",
-        "inherits": "~2.0.3",
-        "isarray": "~1.0.0",
-        "process-nextick-args": "~2.0.0",
-        "safe-buffer": "~5.1.1",
-        "string_decoder": "~1.1.1",
-        "util-deprecate": "~1.0.1"
-      }
-    },
-    "readable-web-to-node-stream": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/readable-web-to-node-stream/-/readable-web-to-node-stream-3.0.2.tgz",
-      "integrity": "sha512-ePeK6cc1EcKLEhJFt/AebMCLL+GgSKhuygrZ/GLaKZYEecIgIECf4UaUuaByiGtzckwR4ain9VzUh95T1exYGw==",
-      "requires": {
-        "readable-stream": "^3.6.0"
-      },
-      "dependencies": {
-        "readable-stream": {
-          "version": "3.6.2",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.2.tgz",
-          "integrity": "sha512-9u/sniCrY3D5WdsERHzHE4G2YCXqoG5FTHUiCC4SIbr6XcLZBY05ya9EKjYek9O5xOAwjGq+1JdGBAS7Q9ScoA==",
-          "requires": {
-            "inherits": "^2.0.3",
-            "string_decoder": "^1.1.1",
-            "util-deprecate": "^1.0.1"
-          }
-        }
-      }
-    },
-    "readdir-glob": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/readdir-glob/-/readdir-glob-1.1.3.tgz",
-      "integrity": "sha512-v05I2k7xN8zXvPD9N+z/uhXPaj0sUFCe2rcWZIpBsqxfP7xXFQ0tipAd/wjj1YxWyWtUS5IDJpOG82JKt2EAVA==",
-      "requires": {
-        "minimatch": "^5.1.0"
-      },
-      "dependencies": {
-        "brace-expansion": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-          "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
-          "requires": {
-            "balanced-match": "^1.0.0"
-          }
-        },
-        "minimatch": {
-          "version": "5.1.6",
-          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-5.1.6.tgz",
-          "integrity": "sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==",
-          "requires": {
-            "brace-expansion": "^2.0.1"
-          }
-        }
-      }
-    },
-    "readdirp": {
-      "version": "3.6.0",
-      "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-3.6.0.tgz",
-      "integrity": "sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==",
-      "requires": {
-        "picomatch": "^2.2.1"
-      }
-    },
-    "rechoir": {
-      "version": "0.8.0",
-      "resolved": "https://registry.npmjs.org/rechoir/-/rechoir-0.8.0.tgz",
-      "integrity": "sha512-/vxpCXddiX8NGfGO/mTafwjq4aFa/71pvamip0++IQk3zG8cbCj0fifNPrjjF1XMXUne91jL9OoxmdykoEtifQ==",
-      "dev": true,
-      "requires": {
-        "resolve": "^1.20.0"
-      }
-    },
-    "regenerator-runtime": {
-      "version": "0.13.11",
-      "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.11.tgz",
-      "integrity": "sha512-kY1AZVr2Ra+t+piVaJ4gxaFaReZVH40AKNo7UCX6W+dEwBo/2oZJzqfuN1qLq1oL45o56cPaTXELwrTh8Fpggg=="
-    },
-    "request": {
-      "version": "2.88.2",
-      "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz",
-      "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==",
-      "requires": {
-        "aws-sign2": "~0.7.0",
-        "aws4": "^1.8.0",
-        "caseless": "~0.12.0",
-        "combined-stream": "~1.0.6",
-        "extend": "~3.0.2",
-        "forever-agent": "~0.6.1",
-        "form-data": "~2.3.2",
-        "har-validator": "~5.1.3",
-        "http-signature": "~1.2.0",
-        "is-typedarray": "~1.0.0",
-        "isstream": "~0.1.2",
-        "json-stringify-safe": "~5.0.1",
-        "mime-types": "~2.1.19",
-        "oauth-sign": "~0.9.0",
-        "performance-now": "^2.1.0",
-        "qs": "~6.5.2",
-        "safe-buffer": "^5.1.2",
-        "tough-cookie": "~2.5.0",
-        "tunnel-agent": "^0.6.0",
-        "uuid": "^3.3.2"
-      },
-      "dependencies": {
-        "qs": {
-          "version": "6.5.3",
-          "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.3.tgz",
-          "integrity": "sha512-qxXIEh4pCGfHICj1mAJQ2/2XVZkjCDTcEgfoSQxc/fYivUZxTkk7L3bDBJSoNrEzXI17oUO5Dp07ktqE5KzczA=="
-        },
-        "tough-cookie": {
-          "version": "2.5.0",
-          "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz",
-          "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==",
-          "requires": {
-            "psl": "^1.1.28",
-            "punycode": "^2.1.1"
-          }
-        }
-      }
-    },
-    "require-directory": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz",
-      "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=",
-      "devOptional": true
-    },
-    "requires-port": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/requires-port/-/requires-port-1.0.0.tgz",
-      "integrity": "sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ=="
-    },
-    "requizzle": {
-      "version": "0.2.3",
-      "resolved": "https://registry.npmjs.org/requizzle/-/requizzle-0.2.3.tgz",
-      "integrity": "sha512-YanoyJjykPxGHii0fZP0uUPEXpvqfBDxWV7s6GKAiiOsiqhX6vHNyW3Qzdmqp/iq/ExbhaGbVrjB4ruEVSM4GQ==",
-      "dev": true,
-      "requires": {
-        "lodash": "^4.17.14"
-      }
-    },
-    "resolve": {
-      "version": "1.22.8",
-      "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz",
-      "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==",
-      "dev": true,
-      "requires": {
-        "is-core-module": "^2.13.0",
-        "path-parse": "^1.0.7",
-        "supports-preserve-symlinks-flag": "^1.0.0"
-      }
-    },
-    "resolve-alpn": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/resolve-alpn/-/resolve-alpn-1.2.1.tgz",
-      "integrity": "sha512-0a1F4l73/ZFZOakJnQ3FvkJ2+gSTQWz/r2KE5OdDY0TxPm5h4GkqkWWfM47T7HsbnOtcJVEF4epCVy6u7Q3K+g=="
-    },
-    "resolve-cwd": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/resolve-cwd/-/resolve-cwd-3.0.0.tgz",
-      "integrity": "sha512-OrZaX2Mb+rJCpH/6CpSqt9xFVpN++x01XnN2ie9g6P5/3xelLAkXWVADpdz1IHD/KFfEXyE6V0U01OQ3UO2rEg==",
-      "dev": true,
-      "requires": {
-        "resolve-from": "^5.0.0"
-      }
-    },
-    "resolve-from": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-5.0.0.tgz",
-      "integrity": "sha512-qYg9KP24dD5qka9J47d0aVky0N+b4fTU89LN9iDnjB5waksiC49rvMB0PrUJQGoTmH50XPiqOvAjDfaijGxYZw==",
-      "dev": true
-    },
-    "resolve-pathname": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/resolve-pathname/-/resolve-pathname-3.0.0.tgz",
-      "integrity": "sha512-C7rARubxI8bXFNB/hqcp/4iUeIXJhJZvFPFPiSPRnhU5UPxzMFIl+2E6yY6c4k9giDJAhtV+enfA+G89N6Csng=="
-    },
-    "responselike": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/responselike/-/responselike-2.0.1.tgz",
-      "integrity": "sha512-4gl03wn3hj1HP3yzgdI7d3lCkF95F21Pz4BPGvKHinyQzALR5CapwC8yIi0Rh58DEMQ/SguC03wFj2k0M/mHhw==",
-      "requires": {
-        "lowercase-keys": "^2.0.0"
-      }
-    },
-    "restore-cursor": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-3.1.0.tgz",
-      "integrity": "sha512-l+sSefzHpj5qimhFSE5a8nufZYAM3sBSVMAPtYkmC+4EH2anSGaEMXSD0izRQbu9nfyQ9y5JrVmp7E8oZrUjvA==",
-      "dev": true,
-      "requires": {
-        "onetime": "^5.1.0",
-        "signal-exit": "^3.0.2"
-      }
-    },
-    "retry": {
-      "version": "0.12.0",
-      "resolved": "https://registry.npmjs.org/retry/-/retry-0.12.0.tgz",
-      "integrity": "sha1-G0KmJmoh8HQh0bC1S33BZ7AcATs="
-    },
-    "rimraf": {
-      "version": "5.0.5",
-      "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-5.0.5.tgz",
-      "integrity": "sha512-CqDakW+hMe/Bz202FPEymy68P+G50RfMQK+Qo5YUqc9SPipvbGjCGKd0RSKEelbsfQuw3g5NZDSrlZZAJurH1A==",
-      "requires": {
-        "glob": "^10.3.7"
-      },
-      "dependencies": {
-        "brace-expansion": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-          "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
-          "requires": {
-            "balanced-match": "^1.0.0"
-          }
-        },
-        "glob": {
-          "version": "10.3.10",
-          "resolved": "https://registry.npmjs.org/glob/-/glob-10.3.10.tgz",
-          "integrity": "sha512-fa46+tv1Ak0UPK1TOy/pZrIybNNt4HCv7SDzwyfiOZkvZLEbjsZkJBPtDHVshZjbecAoAGSC20MjLDG/qr679g==",
-          "requires": {
-            "foreground-child": "^3.1.0",
-            "jackspeak": "^2.3.5",
-            "minimatch": "^9.0.1",
-            "minipass": "^5.0.0 || ^6.0.2 || ^7.0.0",
-            "path-scurry": "^1.10.1"
-          }
-        },
-        "minimatch": {
-          "version": "9.0.3",
-          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-9.0.3.tgz",
-          "integrity": "sha512-RHiac9mvaRw0x3AYRgDC1CxAP7HTcNrrECeA8YYJeWnpo+2Q5CegtZjaotWTWxDG3UeGA1coE05iH1mPjT/2mg==",
-          "requires": {
-            "brace-expansion": "^2.0.1"
-          }
-        },
-        "minipass": {
-          "version": "7.0.4",
-          "resolved": "https://registry.npmjs.org/minipass/-/minipass-7.0.4.tgz",
-          "integrity": "sha512-jYofLM5Dam9279rdkWzqHozUo4ybjdZmCsDHePy5V/PbBcVMiSZR97gmAy45aqi8CK1lG2ECd356FU86avfwUQ=="
-        }
-      }
-    },
-    "rndm": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/rndm/-/rndm-1.2.0.tgz",
-      "integrity": "sha1-8z/pz7Urv9UgqhgyO8ZdsRCht2w="
-    },
-    "roarr": {
-      "version": "2.15.4",
-      "resolved": "https://registry.npmjs.org/roarr/-/roarr-2.15.4.tgz",
-      "integrity": "sha512-CHhPh+UNHD2GTXNYhPWLnU8ONHdI+5DI+4EYIAOaiD63rHeYlZvyh8P+in5999TTSFgUYuKUAjzRI4mdh/p+2A==",
-      "optional": true,
-      "requires": {
-        "boolean": "^3.0.1",
-        "detect-node": "^2.0.4",
-        "globalthis": "^1.0.1",
-        "json-stringify-safe": "^5.0.1",
-        "semver-compare": "^1.0.0",
-        "sprintf-js": "^1.1.2"
-      }
-    },
-    "robust-predicates": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/robust-predicates/-/robust-predicates-3.0.2.tgz",
-      "integrity": "sha512-IXgzBWvWQwE6PrDI05OvmXUIruQTcoMDzRsOd5CDvHCVLcLHMTSYvOK5Cm46kWqlV3yAbuSpBZdJ5oP5OUoStg=="
-    },
-    "rrweb-cssom": {
-      "version": "0.6.0",
-      "resolved": "https://registry.npmjs.org/rrweb-cssom/-/rrweb-cssom-0.6.0.tgz",
-      "integrity": "sha512-APM0Gt1KoXBz0iIkkdB/kfvGOwC4UuJFeG/c+yV7wSc7q96cG/kJ0HiYCnzivD9SB53cLV1MlHFNfOuPaadYSw=="
-    },
-    "rw": {
-      "version": "1.3.3",
-      "resolved": "https://registry.npmjs.org/rw/-/rw-1.3.3.tgz",
-      "integrity": "sha512-PdhdWy89SiZogBLaw42zdeqtRJ//zFd2PgQavcICDUgJT5oW10QCRKbJ6bg4r0/UY2M6BWd5tkxuGFRvCkgfHQ=="
-    },
-    "sade": {
-      "version": "1.8.1",
-      "resolved": "https://registry.npmjs.org/sade/-/sade-1.8.1.tgz",
-      "integrity": "sha512-xal3CZX1Xlo/k4ApwCFrHVACi9fBqJ7V+mwhBsuf/1IOKbBy098Fex+Wa/5QMubw09pSZ/u8EY8PWgevJsXp1A==",
-      "requires": {
-        "mri": "^1.1.0"
-      }
-    },
-    "safe-buffer": {
-      "version": "5.1.2",
-      "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
-      "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
-    },
-    "safe-compare": {
-      "version": "1.1.4",
-      "resolved": "https://registry.npmjs.org/safe-compare/-/safe-compare-1.1.4.tgz",
-      "integrity": "sha512-b9wZ986HHCo/HbKrRpBJb2kqXMK9CEWIE1egeEvZsYn69ay3kdfl9nG3RyOcR+jInTDf7a86WQ1d4VJX7goSSQ==",
-      "requires": {
-        "buffer-alloc": "^1.2.0"
-      }
-    },
-    "safer-buffer": {
-      "version": "2.1.2",
-      "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
-      "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
-    },
-    "sanitize-filename": {
-      "version": "1.6.3",
-      "resolved": "https://registry.npmjs.org/sanitize-filename/-/sanitize-filename-1.6.3.tgz",
-      "integrity": "sha512-y/52Mcy7aw3gRm7IrcGDFx/bCk4AhRh2eI9luHOQM86nZsqwiRkkq2GekHXBBD+SmPidc8i2PqtYZl+pWJ8Oeg==",
-      "requires": {
-        "truncate-utf8-bytes": "^1.0.0"
-      }
-    },
-    "sanitize-html": {
-      "version": "2.12.1",
-      "resolved": "https://registry.npmjs.org/sanitize-html/-/sanitize-html-2.12.1.tgz",
-      "integrity": "sha512-Plh+JAn0UVDpBRP/xEjsk+xDCoOvMBwQUf/K+/cBAVuTbtX8bj2VB7S1sL1dssVpykqp0/KPSesHrqXtokVBpA==",
-      "requires": {
-        "deepmerge": "^4.2.2",
-        "escape-string-regexp": "^4.0.0",
-        "htmlparser2": "^8.0.0",
-        "is-plain-object": "^5.0.0",
-        "parse-srcset": "^1.0.2",
-        "postcss": "^8.3.11"
-      },
-      "dependencies": {
-        "dom-serializer": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-2.0.0.tgz",
-          "integrity": "sha512-wIkAryiqt/nV5EQKqQpo3SToSOV9J0DnbJqwK7Wv/Trc92zIAYZ4FlMu+JPFW1DfGFt81ZTCGgDEabffXeLyJg==",
-          "requires": {
-            "domelementtype": "^2.3.0",
-            "domhandler": "^5.0.2",
-            "entities": "^4.2.0"
-          }
-        },
-        "domhandler": {
-          "version": "5.0.3",
-          "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-5.0.3.tgz",
-          "integrity": "sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w==",
-          "requires": {
-            "domelementtype": "^2.3.0"
-          }
-        },
-        "domutils": {
-          "version": "3.0.1",
-          "resolved": "https://registry.npmjs.org/domutils/-/domutils-3.0.1.tgz",
-          "integrity": "sha512-z08c1l761iKhDFtfXO04C7kTdPBLi41zwOZl00WS8b5eiaebNpY00HKbztwBq+e3vyqWNwWF3mP9YLUeqIrF+Q==",
-          "requires": {
-            "dom-serializer": "^2.0.0",
-            "domelementtype": "^2.3.0",
-            "domhandler": "^5.0.1"
-          }
-        },
-        "entities": {
-          "version": "4.4.0",
-          "resolved": "https://registry.npmjs.org/entities/-/entities-4.4.0.tgz",
-          "integrity": "sha512-oYp7156SP8LkeGD0GF85ad1X9Ai79WtRsZ2gxJqtBuzH+98YUV6jkHEKlZkMbcrjJjIVJNIDP/3WL9wQkoPbWA=="
-        },
-        "escape-string-regexp": {
-          "version": "4.0.0",
-          "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz",
-          "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA=="
-        },
-        "htmlparser2": {
-          "version": "8.0.1",
-          "resolved": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-8.0.1.tgz",
-          "integrity": "sha512-4lVbmc1diZC7GUJQtRQ5yBAeUCL1exyMwmForWkRLnwyzWBFxN633SALPMGYaWZvKe9j1pRZJpauvmxENSp/EA==",
-          "requires": {
-            "domelementtype": "^2.3.0",
-            "domhandler": "^5.0.2",
-            "domutils": "^3.0.1",
-            "entities": "^4.3.0"
-          }
-        }
-      }
-    },
-    "sax": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/sax/-/sax-1.3.0.tgz",
-      "integrity": "sha512-0s+oAmw9zLl1V1cS9BtZN7JAd0cW5e0QH4W3LWEK6a4LaLEA2OTpGYWDY+6XasBLtz6wkm3u1xRw95mRuJ59WA=="
-    },
-    "saxes": {
-      "version": "6.0.0",
-      "resolved": "https://registry.npmjs.org/saxes/-/saxes-6.0.0.tgz",
-      "integrity": "sha512-xAg7SOnEhrm5zI3puOOKyy1OMcMlIJZYNJY7xLBwSze0UjhPLnWfj2GF2EpT0jmzaJKIWKHLsaSSajf35bcYnA==",
-      "requires": {
-        "xmlchars": "^2.2.0"
-      }
-    },
-    "scheduler": {
-      "version": "0.23.0",
-      "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.23.0.tgz",
-      "integrity": "sha512-CtuThmgHNg7zIZWAXi3AsyIzA3n4xx7aNyjwC2VJldO2LMVDhFK+63xGqq6CsJH4rTAt6/M+N4GhZiDYPx9eUw==",
-      "requires": {
-        "loose-envify": "^1.1.0"
-      }
-    },
-    "schema-utils": {
-      "version": "3.3.0",
-      "resolved": "https://registry.npmjs.org/schema-utils/-/schema-utils-3.3.0.tgz",
-      "integrity": "sha512-pN/yOAvcC+5rQ5nERGuwrjLlYvLTbCibnZ1I7B1LaiAz9BRBlE9GMgE/eqV30P7aJQUf7Ddimy/RsbYO/GrVGg==",
-      "dev": true,
-      "requires": {
-        "@types/json-schema": "^7.0.8",
-        "ajv": "^6.12.5",
-        "ajv-keywords": "^3.5.2"
-      }
-    },
-    "semver": {
-      "version": "7.6.0",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.0.tgz",
-      "integrity": "sha512-EnwXhrlwXMk9gKu5/flx5sv/an57AkRplG3hTK68W7FRDN+k+OWBj65M7719OkA82XLBxrcX0KSHj+X5COhOVg==",
-      "requires": {
-        "lru-cache": "^6.0.0"
-      }
-    },
-    "semver-compare": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/semver-compare/-/semver-compare-1.0.0.tgz",
-      "integrity": "sha512-YM3/ITh2MJ5MtzaM429anh+x2jiLVjqILF4m4oyQB18W7Ggea7BfqdH/wGMK7dDiMghv/6WG7znWMwUDzJiXow==",
-      "optional": true
-    },
-    "send": {
-      "version": "0.18.0",
-      "resolved": "https://registry.npmjs.org/send/-/send-0.18.0.tgz",
-      "integrity": "sha512-qqWzuOjSFOuqPjFe4NOsMLafToQQwBSOEpS+FwEt3A2V3vKubTquT3vmLTQpFgMXp8AlFWFuP1qKaJZOtPpVXg==",
-      "requires": {
-        "debug": "2.6.9",
-        "depd": "2.0.0",
-        "destroy": "1.2.0",
-        "encodeurl": "~1.0.2",
-        "escape-html": "~1.0.3",
-        "etag": "~1.8.1",
-        "fresh": "0.5.2",
-        "http-errors": "2.0.0",
-        "mime": "1.6.0",
-        "ms": "2.1.3",
-        "on-finished": "2.4.1",
-        "range-parser": "~1.2.1",
-        "statuses": "2.0.1"
-      },
-      "dependencies": {
-        "debug": {
-          "version": "2.6.9",
-          "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
-          "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
-          "requires": {
-            "ms": "2.0.0"
-          },
-          "dependencies": {
-            "ms": {
-              "version": "2.0.0",
-              "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
-              "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g="
-            }
-          }
-        },
-        "depd": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
-          "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
-        },
-        "ms": {
-          "version": "2.1.3",
-          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.3.tgz",
-          "integrity": "sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA=="
-        },
-        "statuses": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz",
-          "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ=="
-        }
-      }
-    },
-    "serialize-error": {
-      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/serialize-error/-/serialize-error-7.0.1.tgz",
-      "integrity": "sha512-8I8TjW5KMOKsZQTvoxjuSIa7foAwPWGOts+6o7sgjz41/qMD9VQHEDxi6PBvK2l0MXUmqZyNpUK+T2tQaaElvw==",
-      "optional": true,
-      "requires": {
-        "type-fest": "^0.13.1"
-      }
-    },
-    "serialize-javascript": {
-      "version": "6.0.2",
-      "resolved": "https://registry.npmjs.org/serialize-javascript/-/serialize-javascript-6.0.2.tgz",
-      "integrity": "sha512-Saa1xPByTTq2gdeFZYLLo+RFE35NHZkAbqZeWNd3BpzppeVisAqpDjcp8dyf6uIvEqJRd46jemmyA4iFIeVk8g==",
-      "dev": true,
-      "requires": {
-        "randombytes": "^2.1.0"
-      }
-    },
-    "serve-favicon": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/serve-favicon/-/serve-favicon-2.5.0.tgz",
-      "integrity": "sha1-k10kDN/g9YBTB/3+ln2IlCosvPA=",
-      "requires": {
-        "etag": "~1.8.1",
-        "fresh": "0.5.2",
-        "ms": "2.1.1",
-        "parseurl": "~1.3.2",
-        "safe-buffer": "5.1.1"
-      },
-      "dependencies": {
-        "ms": {
-          "version": "2.1.1",
-          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz",
-          "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg=="
-        },
-        "safe-buffer": {
-          "version": "5.1.1",
-          "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.1.tgz",
-          "integrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg=="
-        }
-      }
-    },
-    "serve-static": {
-      "version": "1.15.0",
-      "resolved": "https://registry.npmjs.org/serve-static/-/serve-static-1.15.0.tgz",
-      "integrity": "sha512-XGuRDNjXUijsUL0vl6nSD7cwURuzEgglbOaFuZM9g3kwDXOWVTck0jLzjPzGD+TazWbboZYu52/9/XPdUgne9g==",
-      "requires": {
-        "encodeurl": "~1.0.2",
-        "escape-html": "~1.0.3",
-        "parseurl": "~1.3.3",
-        "send": "0.18.0"
-      }
-    },
-    "session-file-store": {
-      "version": "1.5.0",
-      "resolved": "https://registry.npmjs.org/session-file-store/-/session-file-store-1.5.0.tgz",
-      "integrity": "sha512-60IZaJNzyu2tIeHutkYE8RiXVx3KRvacOxfLr2Mj92SIsRIroDsH0IlUUR6fJAjoTW4RQISbaOApa2IZpIwFdQ==",
-      "requires": {
-        "bagpipe": "^0.3.5",
-        "fs-extra": "^8.0.1",
-        "kruptein": "^2.0.4",
-        "object-assign": "^4.1.1",
-        "retry": "^0.12.0",
-        "write-file-atomic": "3.0.3"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "8.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz",
-          "integrity": "sha512-yhlQgA6mnOJUKOsRUFsgJdQCvkKhcz8tlZG5HBQfReYZy46OwLcY+Zia0mtdHsOo9y/hP+CxMN0TU9QxoOtG4g==",
-          "requires": {
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^4.0.0",
-            "universalify": "^0.1.0"
-          }
-        }
-      }
-    },
-    "set-blocking": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz",
-      "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc=",
-      "dev": true
-    },
-    "set-function-length": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.1.1.tgz",
-      "integrity": "sha512-VoaqjbBJKiWtg4yRcKBQ7g7wnGnLV3M8oLvVWwOk2PdYY6PEFegR1vezXR0tw6fZGF9csVakIRjrJiy2veSBFQ==",
-      "requires": {
-        "define-data-property": "^1.1.1",
-        "get-intrinsic": "^1.2.1",
-        "gopd": "^1.0.1",
-        "has-property-descriptors": "^1.0.0"
-      }
-    },
-    "setprototypeof": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/setprototypeof/-/setprototypeof-1.1.1.tgz",
-      "integrity": "sha512-JvdAWfbXeIGaZ9cILp38HntZSFSo3mWg6xGcJJsd+d4aRMOqauag1C63dJfDw7OaMYwEbHMOxEZ1lqVRYP2OAw=="
-    },
-    "shallow-clone": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/shallow-clone/-/shallow-clone-3.0.1.tgz",
-      "integrity": "sha512-/6KqX+GVUdqPuPPd2LxDDxzX6CAbjJehAAOKlNpqqUpAqPM6HeL8f+o3a+JsyGjn2lv0WY8UsTgUJjU9Ok55NA==",
-      "dev": true,
-      "requires": {
-        "kind-of": "^6.0.2"
-      }
-    },
-    "shebang-command": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz",
-      "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==",
-      "requires": {
-        "shebang-regex": "^3.0.0"
-      }
-    },
-    "shebang-regex": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz",
-      "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A=="
-    },
-    "shimmer": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/shimmer/-/shimmer-1.2.1.tgz",
-      "integrity": "sha512-sQTKC1Re/rM6XyFM6fIAGHRPVGvyXfgzIDvzoq608vM+jeyVD0Tu1E6Np0Kc2zAIFWIj963V2800iF/9LPieQw=="
-    },
-    "side-channel": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/side-channel/-/side-channel-1.0.4.tgz",
-      "integrity": "sha512-q5XPytqFEIKHkGdiMIrY10mvLRvnQh42/+GoBlFW3b2LXLE2xxJpZFdm94we0BaoV3RwJyGqg5wS7epxTv0Zvw==",
-      "requires": {
-        "call-bind": "^1.0.0",
-        "get-intrinsic": "^1.0.2",
-        "object-inspect": "^1.9.0"
-      }
-    },
-    "signal-exit": {
-      "version": "3.0.7",
-      "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.7.tgz",
-      "integrity": "sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ=="
-    },
-    "simple-concat": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/simple-concat/-/simple-concat-1.0.1.tgz",
-      "integrity": "sha512-cSFtAPtRhljv69IK0hTVZQ+OfE9nePi/rtJmw5UjHeVyVroEqJXP1sFztKUy1qU+xvz3u/sfYJLa947b7nAN2Q=="
-    },
-    "simple-get": {
-      "version": "4.0.1",
-      "resolved": "https://registry.npmjs.org/simple-get/-/simple-get-4.0.1.tgz",
-      "integrity": "sha512-brv7p5WgH0jmQJr1ZDDfKDOSeWWg+OVypG99A/5vYGPqJ6pxiaHLy8nxtFjBA7oMa01ebA9gfh1uMCFqOuXxvA==",
-      "requires": {
-        "decompress-response": "^6.0.0",
-        "once": "^1.3.1",
-        "simple-concat": "^1.0.0"
-      }
-    },
-    "simple-update-notifier": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/simple-update-notifier/-/simple-update-notifier-2.0.0.tgz",
-      "integrity": "sha512-a2B9Y0KlNXl9u/vsW6sTIu9vGEpfKu2wRV6l1H3XEas/0gUIzGzBoP/IouTcUQbm9JWZLH3COxyn03TYlFax6w==",
-      "dev": true,
-      "requires": {
-        "semver": "^7.5.3"
-      }
-    },
-    "slice-ansi": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-3.0.0.tgz",
-      "integrity": "sha512-pSyv7bSTC7ig9Dcgbw9AuRNUb5k5V6oDudjZoMBSr13qpLBG7tB+zgCkARjq7xIUgdz5P1Qe8u+rSGdouOOIyQ==",
-      "dev": true,
-      "optional": true,
-      "requires": {
-        "ansi-styles": "^4.0.0",
-        "astral-regex": "^2.0.0",
-        "is-fullwidth-code-point": "^3.0.0"
-      }
-    },
-    "smart-buffer": {
-      "version": "4.2.0",
-      "resolved": "https://registry.npmjs.org/smart-buffer/-/smart-buffer-4.2.0.tgz",
-      "integrity": "sha512-94hK0Hh8rPqQl2xXc3HsaBoOXKV20MToPkcXvwbISWLEs+64sBq5kFgn2kJDHb1Pry9yrP0dxrCI9RRci7RXKg==",
-      "dev": true
-    },
-    "socks": {
-      "version": "2.7.0",
-      "resolved": "https://registry.npmjs.org/socks/-/socks-2.7.0.tgz",
-      "integrity": "sha512-scnOe9y4VuiNUULJN72GrM26BNOjVsfPXI+j+98PkyEfsIXroa5ofyjT+FzGvn/xHs73U2JtoBYAVx9Hl4quSA==",
-      "dev": true,
-      "requires": {
-        "ip": "^2.0.0",
-        "smart-buffer": "^4.2.0"
-      }
-    },
-    "socks-proxy-agent": {
-      "version": "7.0.0",
-      "resolved": "https://registry.npmjs.org/socks-proxy-agent/-/socks-proxy-agent-7.0.0.tgz",
-      "integrity": "sha512-Fgl0YPZ902wEsAyiQ+idGd1A7rSFx/ayC1CQVMw5P+EQx2V0SgpGtf6OKFhVjPflPUl9YMmEOnmfjCdMUsygww==",
-      "dev": true,
-      "requires": {
-        "agent-base": "^6.0.2",
-        "debug": "^4.3.3",
-        "socks": "^2.6.2"
-      }
-    },
-    "sort-keys": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/sort-keys/-/sort-keys-1.1.2.tgz",
-      "integrity": "sha1-RBttTTRnmPG05J6JIK37oOVD+a0=",
-      "requires": {
-        "is-plain-obj": "^1.0.0"
-      }
-    },
-    "sort-keys-length": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/sort-keys-length/-/sort-keys-length-1.0.1.tgz",
-      "integrity": "sha1-nLb09OnkgVWmqgZx7dM2/xR5oYg=",
-      "requires": {
-        "sort-keys": "^1.0.0"
-      }
-    },
-    "source-map": {
-      "version": "0.6.1",
-      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
-      "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
-      "dev": true
-    },
-    "source-map-js": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.0.tgz",
-      "integrity": "sha512-itJW8lvSA0TXEphiRoawsCksnlf8SyvmFzIhltqAHluXd88pkCd+cXJVHTDwdCr0IzwptSm035IHQktUu1QUMg=="
-    },
-    "source-map-support": {
-      "version": "0.5.21",
-      "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.21.tgz",
-      "integrity": "sha512-uBHU3L3czsIyYXKX88fdrGovxdSCoTGDRZ6SYXtSRxLZUzHg5P/66Ht6uoUlHu9EZod+inXhKo3qQgwXUT/y1w==",
-      "dev": true,
-      "requires": {
-        "buffer-from": "^1.0.0",
-        "source-map": "^0.6.0"
-      }
-    },
-    "spdx-correct": {
-      "version": "3.1.1",
-      "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.1.1.tgz",
-      "integrity": "sha512-cOYcUWwhCuHCXi49RhFRCyJEK3iPj1Ziz9DpViV3tbZOwXD49QzIN3MpOLJNxh2qwq2lJJZaKMVw9qNi4jTC0w==",
-      "dev": true,
-      "requires": {
-        "spdx-expression-parse": "^3.0.0",
-        "spdx-license-ids": "^3.0.0"
-      }
-    },
-    "spdx-exceptions": {
-      "version": "2.3.0",
-      "resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz",
-      "integrity": "sha512-/tTrYOC7PPI1nUAgx34hUpqXuyJG+DTHJTnIULG4rDygi4xu/tfgmq1e1cIRwRzwZgo4NLySi+ricLkZkw4i5A==",
-      "dev": true
-    },
-    "spdx-expression-parse": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz",
-      "integrity": "sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==",
-      "dev": true,
-      "requires": {
-        "spdx-exceptions": "^2.1.0",
-        "spdx-license-ids": "^3.0.0"
-      }
-    },
-    "spdx-license-ids": {
-      "version": "3.0.10",
-      "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.10.tgz",
-      "integrity": "sha512-oie3/+gKf7QtpitB0LYLETe+k8SifzsX4KixvpOsbI6S0kRiRQ5MKOio8eMSAKQ17N06+wdEOXRiId+zOxo0hA==",
-      "dev": true
-    },
-    "speakeasy": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/speakeasy/-/speakeasy-2.0.0.tgz",
-      "integrity": "sha512-lW2A2s5LKi8rwu77ewisuUOtlCydF/hmQSOJjpTqTj1gZLkNgTaYnyvfxy2WBr4T/h+9c4g8HIITfj83OkFQFw==",
-      "requires": {
-        "base32.js": "0.0.1"
-      }
-    },
-    "split.js": {
-      "version": "1.6.5",
-      "resolved": "https://registry.npmjs.org/split.js/-/split.js-1.6.5.tgz",
-      "integrity": "sha512-mPTnGCiS/RiuTNsVhCm9De9cCAUsrNFFviRbADdKiiV+Kk8HKp/0fWu7Kr8pi3/yBmsqLFHuXGT9UUZ+CNLwFw=="
-    },
-    "sprintf-js": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.2.tgz",
-      "integrity": "sha512-VE0SOVEHCk7Qc8ulkWw3ntAzXuqf7S2lvwQaDLRnUeIEaKNQJzV6BwmLKhOqT61aGhfUMrXeaBk+oDGCzvhcug==",
-      "optional": true
-    },
-    "sshpk": {
-      "version": "1.16.1",
-      "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz",
-      "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==",
-      "requires": {
-        "asn1": "~0.2.3",
-        "assert-plus": "^1.0.0",
-        "bcrypt-pbkdf": "^1.0.0",
-        "dashdash": "^1.12.0",
-        "ecc-jsbn": "~0.1.1",
-        "getpass": "^0.1.1",
-        "jsbn": "~0.1.0",
-        "safer-buffer": "^2.0.2",
-        "tweetnacl": "~0.14.0"
-      }
-    },
-    "ssri": {
-      "version": "9.0.1",
-      "resolved": "https://registry.npmjs.org/ssri/-/ssri-9.0.1.tgz",
-      "integrity": "sha512-o57Wcn66jMQvfHG1FlYbWeZWW/dHZhJXjpIcTfXldXEk5nz5lStPo3mK0OJQfGR3RbZUlbISexbljkJzuEj/8Q==",
-      "dev": true,
-      "requires": {
-        "minipass": "^3.1.1"
-      }
-    },
-    "stack-chain": {
-      "version": "1.3.7",
-      "resolved": "https://registry.npmjs.org/stack-chain/-/stack-chain-1.3.7.tgz",
-      "integrity": "sha1-0ZLJ/06moiyUxN1FkXHj8AzqEoU="
-    },
-    "stat-mode": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/stat-mode/-/stat-mode-1.0.0.tgz",
-      "integrity": "sha512-jH9EhtKIjuXZ2cWxmXS8ZP80XyC3iasQxMDV8jzhNJpfDb7VbQLVW4Wvsxz9QZvzV+G4YoSfBUVKDOyxLzi/sg==",
-      "dev": true
-    },
-    "statuses": {
-      "version": "1.5.0",
-      "resolved": "https://registry.npmjs.org/statuses/-/statuses-1.5.0.tgz",
-      "integrity": "sha1-Fhx9rBd2Wf2YEfQ3cfqZOBR4Yow="
-    },
-    "stream-throttle": {
-      "version": "0.1.3",
-      "resolved": "https://registry.npmjs.org/stream-throttle/-/stream-throttle-0.1.3.tgz",
-      "integrity": "sha1-rdV8jXzHOoFjDTHNVdOWHPr7qcM=",
-      "requires": {
-        "commander": "^2.2.0",
-        "limiter": "^1.0.5"
-      },
-      "dependencies": {
-        "commander": {
-          "version": "2.20.3",
-          "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz",
-          "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ=="
-        }
-      }
-    },
-    "streamsearch": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-1.1.0.tgz",
-      "integrity": "sha512-Mcc5wHehp9aXz1ax6bZUyY5afg9u2rv5cqQI3mRrYkGC8rW2hM02jWuwjtL++LS5qinSyhj2QfLyNsuc+VsExg=="
-    },
-    "streamx": {
-      "version": "2.15.1",
-      "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.15.1.tgz",
-      "integrity": "sha512-fQMzy2O/Q47rgwErk/eGeLu/roaFWV0jVsogDmrszM9uIw8L5OA+t+V93MgYlufNptfjmYR1tOMWhei/Eh7TQA==",
-      "requires": {
-        "fast-fifo": "^1.1.0",
-        "queue-tick": "^1.0.1"
-      }
-    },
-    "string_decoder": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
-      "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
-      "requires": {
-        "safe-buffer": "~5.1.0"
-      }
-    },
-    "string-width": {
-      "version": "4.2.3",
-      "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz",
-      "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==",
-      "requires": {
-        "emoji-regex": "^8.0.0",
-        "is-fullwidth-code-point": "^3.0.0",
-        "strip-ansi": "^6.0.1"
-      }
-    },
-    "string-width-cjs": {
-      "version": "npm:string-width@4.2.3",
-      "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz",
-      "integrity": "sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g==",
-      "requires": {
-        "emoji-regex": "^8.0.0",
-        "is-fullwidth-code-point": "^3.0.0",
-        "strip-ansi": "^6.0.1"
-      }
-    },
-    "strip-ansi": {
-      "version": "6.0.1",
-      "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
-      "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
-      "requires": {
-        "ansi-regex": "^5.0.1"
-      }
-    },
-    "strip-ansi-cjs": {
-      "version": "npm:strip-ansi@6.0.1",
-      "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.1.tgz",
-      "integrity": "sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==",
-      "requires": {
-        "ansi-regex": "^5.0.1"
-      }
-    },
-    "strip-bom": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-3.0.0.tgz",
-      "integrity": "sha1-IzTBjpx1n3vdVv3vfprj1YjmjtM=",
-      "dev": true
-    },
-    "strip-json-comments": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-2.0.1.tgz",
-      "integrity": "sha1-PFMZQukIwml8DsNEhYwobHygpgo="
-    },
-    "strip-outer": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/strip-outer/-/strip-outer-1.0.1.tgz",
-      "integrity": "sha512-k55yxKHwaXnpYGsOzg4Vl8+tDrWylxDEpknGjhTiZB8dFRU5rTo9CAzeycivxV3s+zlTKwrs6WxMxR95n26kwg==",
-      "dev": true,
-      "requires": {
-        "escape-string-regexp": "^1.0.2"
-      }
-    },
-    "striptags": {
-      "version": "3.2.0",
-      "resolved": "https://registry.npmjs.org/striptags/-/striptags-3.2.0.tgz",
-      "integrity": "sha512-g45ZOGzHDMe2bdYMdIvdAfCQkCTDMGBazSw1ypMowwGIee7ZQ5dU0rBJ8Jqgl+jAKIv4dbeE1jscZq9wid1Tkw=="
-    },
-    "strnum": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/strnum/-/strnum-1.0.4.tgz",
-      "integrity": "sha512-lMzNMfDpaQOLt4B2mEbfzYS0+T7dvCXeojnlGf6f1AygvWDMcWyXYaLbyICfjVu29sErR8fnRagQfBW/N/hGgw=="
-    },
-    "strtok3": {
-      "version": "6.3.0",
-      "resolved": "https://registry.npmjs.org/strtok3/-/strtok3-6.3.0.tgz",
-      "integrity": "sha512-fZtbhtvI9I48xDSywd/somNqgUHl2L2cstmXCCif0itOf96jeW18MBSyrLuNicYQVkvpOxkZtkzujiTJ9LW5Jw==",
-      "requires": {
-        "@tokenizer/token": "^0.3.0",
-        "peek-readable": "^4.1.0"
-      }
-    },
-    "stylis": {
-      "version": "4.3.0",
-      "resolved": "https://registry.npmjs.org/stylis/-/stylis-4.3.0.tgz",
-      "integrity": "sha512-E87pIogpwUsUwXw7dNyU4QDjdgVMy52m+XEOPEKUn161cCzWjjhPSQhByfd1CcNvrOLnXQ6OnnZDwnJrz/Z4YQ=="
-    },
-    "sumchecker": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/sumchecker/-/sumchecker-3.0.1.tgz",
-      "integrity": "sha512-MvjXzkz/BOfyVDkG0oFOtBxHX2u3gKbMHIF/dXblZsgD3BWOFLmHovIpZY7BykJdAjcqRCBi1WYBNdEC9yI7vg==",
-      "requires": {
-        "debug": "^4.1.0"
-      }
-    },
-    "supports-color": {
-      "version": "7.2.0",
-      "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-7.2.0.tgz",
-      "integrity": "sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==",
-      "requires": {
-        "has-flag": "^4.0.0"
-      }
-    },
-    "supports-preserve-symlinks-flag": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz",
-      "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==",
-      "dev": true
-    },
-    "symbol-tree": {
-      "version": "3.2.4",
-      "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.4.tgz",
-      "integrity": "sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw=="
-    },
-    "tapable": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmjs.org/tapable/-/tapable-2.2.1.tgz",
-      "integrity": "sha512-GNzQvQTOIP6RyTfE2Qxb8ZVlNmw0n88vp1szwWRimP02mnTsx3Wtn5qRdqY9w2XduFNUgvOwhNnQsjwCp+kqaQ==",
-      "dev": true
-    },
-    "tar": {
-      "version": "6.2.1",
-      "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz",
-      "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==",
-      "dev": true,
-      "requires": {
-        "chownr": "^2.0.0",
-        "fs-minipass": "^2.0.0",
-        "minipass": "^5.0.0",
-        "minizlib": "^2.1.1",
-        "mkdirp": "^1.0.3",
-        "yallist": "^4.0.0"
-      },
-      "dependencies": {
-        "chownr": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/chownr/-/chownr-2.0.0.tgz",
-          "integrity": "sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==",
-          "dev": true
-        },
-        "minipass": {
-          "version": "5.0.0",
-          "resolved": "https://registry.npmjs.org/minipass/-/minipass-5.0.0.tgz",
-          "integrity": "sha512-3FnjYuehv9k6ovOEbyOswadCDPX1piCfhV8ncmYtHOjuPwylVWsghTLo7rabjC3Rx5xD4HDx8Wm1xnMF7S5qFQ==",
-          "dev": true
-        },
-        "mkdirp": {
-          "version": "1.0.4",
-          "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-1.0.4.tgz",
-          "integrity": "sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==",
-          "dev": true
-        }
-      }
-    },
-    "tar-fs": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/tar-fs/-/tar-fs-2.1.1.tgz",
-      "integrity": "sha512-V0r2Y9scmbDRLCNex/+hYzvp/zyYjvFbHPNgVTKfQvVrb6guiE/fxP+XblDNR011utopbkex2nM4dHNV6GDsng==",
-      "requires": {
-        "chownr": "^1.1.1",
-        "mkdirp-classic": "^0.5.2",
-        "pump": "^3.0.0",
-        "tar-stream": "^2.1.4"
-      }
-    },
-    "tar-stream": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/tar-stream/-/tar-stream-2.2.0.tgz",
-      "integrity": "sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ==",
-      "requires": {
-        "bl": "^4.0.3",
-        "end-of-stream": "^1.4.1",
-        "fs-constants": "^1.0.0",
-        "inherits": "^2.0.3",
-        "readable-stream": "^3.1.1"
-      },
-      "dependencies": {
-        "readable-stream": {
-          "version": "3.6.0",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz",
-          "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==",
-          "requires": {
-            "inherits": "^2.0.3",
-            "string_decoder": "^1.1.1",
-            "util-deprecate": "^1.0.1"
-          }
-        }
-      }
-    },
-    "temp-file": {
-      "version": "3.4.0",
-      "resolved": "https://registry.npmjs.org/temp-file/-/temp-file-3.4.0.tgz",
-      "integrity": "sha512-C5tjlC/HCtVUOi3KWVokd4vHVViOmGjtLwIh4MuzPo/nMYTV/p1urt3RnMz2IWXDdKEGJH3k5+KPxtqRsUYGtg==",
-      "dev": true,
-      "requires": {
-        "async-exit-hook": "^2.0.1",
-        "fs-extra": "^10.0.0"
-      },
-      "dependencies": {
-        "fs-extra": {
-          "version": "10.1.0",
-          "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-10.1.0.tgz",
-          "integrity": "sha512-oRXApq54ETRj4eMiFzGnHWGy+zo5raudjuxN0b8H7s/RU2oW0Wvsx9O0ACRN/kRq9E8Vu/ReskGB5o3ji+FzHQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.2.0",
-            "jsonfile": "^6.0.1",
-            "universalify": "^2.0.0"
-          }
-        },
-        "jsonfile": {
-          "version": "6.1.0",
-          "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-6.1.0.tgz",
-          "integrity": "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ==",
-          "dev": true,
-          "requires": {
-            "graceful-fs": "^4.1.6",
-            "universalify": "^2.0.0"
-          }
-        },
-        "universalify": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-2.0.1.tgz",
-          "integrity": "sha512-gptHNQghINnc/vTGIk0SOFGFNXw7JVrlRUtConJRlvaw6DuX0wO5Jeko9sWrMBhh+PsYAZ7oXAiOnf/UKogyiw==",
-          "dev": true
-        }
-      }
-    },
-    "terser": {
-      "version": "5.28.1",
-      "resolved": "https://registry.npmjs.org/terser/-/terser-5.28.1.tgz",
-      "integrity": "sha512-wM+bZp54v/E9eRRGXb5ZFDvinrJIOaTapx3WUokyVGZu5ucVCK55zEgGd5Dl2fSr3jUo5sDiERErUWLY6QPFyA==",
-      "dev": true,
-      "requires": {
-        "@jridgewell/source-map": "^0.3.3",
-        "acorn": "^8.8.2",
-        "commander": "^2.20.0",
-        "source-map-support": "~0.5.20"
-      },
-      "dependencies": {
-        "commander": {
-          "version": "2.20.3",
-          "resolved": "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz",
-          "integrity": "sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ==",
-          "dev": true
-        }
-      }
-    },
-    "terser-webpack-plugin": {
-      "version": "5.3.10",
-      "resolved": "https://registry.npmjs.org/terser-webpack-plugin/-/terser-webpack-plugin-5.3.10.tgz",
-      "integrity": "sha512-BKFPWlPDndPs+NGGCr1U59t0XScL5317Y0UReNrHaw9/FwhPENlq6bfgs+4yPfyP51vqC1bQ4rp1EfXW5ZSH9w==",
-      "dev": true,
-      "requires": {
-        "@jridgewell/trace-mapping": "^0.3.20",
-        "jest-worker": "^27.4.5",
-        "schema-utils": "^3.1.1",
-        "serialize-javascript": "^6.0.1",
-        "terser": "^5.26.0"
-      }
-    },
-    "timm": {
-      "version": "1.7.1",
-      "resolved": "https://registry.npmjs.org/timm/-/timm-1.7.1.tgz",
-      "integrity": "sha512-IjZc9KIotudix8bMaBW6QvMuq64BrJWFs1+4V0lXwWGQZwH+LnX87doAYhem4caOEusRP9/g6jVDQmZ8XOk1nw=="
-    },
-    "tiny-each-async": {
-      "version": "2.0.3",
-      "resolved": "https://registry.npmjs.org/tiny-each-async/-/tiny-each-async-2.0.3.tgz",
-      "integrity": "sha1-jru/1tYpXxNwAD+7NxYq/loKUdE=",
-      "optional": true
-    },
-    "tiny-invariant": {
-      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/tiny-invariant/-/tiny-invariant-1.3.1.tgz",
-      "integrity": "sha512-AD5ih2NlSssTCwsMznbvwMZpJ1cbhkGd2uueNxzv2jDlEeZdU04JQfRnggJQ8DrcVBGjAsCKwFBbDlVNtEMlzw=="
-    },
-    "tiny-warning": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/tiny-warning/-/tiny-warning-1.0.3.tgz",
-      "integrity": "sha512-lBN9zLN/oAf68o3zNXYrdCt1kP8WsiGW8Oo2ka41b2IM5JL/S1CTyX1rW0mb/zSuJun0ZUrDxx4sqvYS2FWzPA=="
-    },
-    "tinycolor2": {
-      "version": "1.6.0",
-      "resolved": "https://registry.npmjs.org/tinycolor2/-/tinycolor2-1.6.0.tgz",
-      "integrity": "sha512-XPaBkWQJdsf3pLKJV9p4qN/S+fm2Oj8AIPo1BTUhg5oxkvm9+SVEGFdhyOz7tTdUTfvxMiAs4sp6/eZO2Ew+pw=="
-    },
-    "tmp": {
-      "version": "0.2.3",
-      "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.3.tgz",
-      "integrity": "sha512-nZD7m9iCPC5g0pYmcaxogYKggSfLsdxl8of3Q/oIbqCqLLIO9IAF0GWjX1z9NZRHPiXv8Wex4yDCaZsgEw0Y8w=="
-    },
-    "tmp-promise": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/tmp-promise/-/tmp-promise-3.0.2.tgz",
-      "integrity": "sha512-OyCLAKU1HzBjL6Ev3gxUeraJNlbNingmi8IrHHEsYH8LTmEuhvYfqvhn2F/je+mjf4N58UmZ96OMEy1JanSCpA==",
-      "devOptional": true,
-      "requires": {
-        "tmp": "^0.2.0"
-      }
-    },
-    "to-regex-range": {
-      "version": "5.0.1",
-      "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz",
-      "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==",
-      "requires": {
-        "is-number": "^7.0.0"
-      }
-    },
-    "toidentifier": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.0.tgz",
-      "integrity": "sha512-yaOH/Pk/VEhBWWTlhI+qXxDFXlejDGcQipMlyxda9nthulaxLZUNcUqFxokp0vcYnvteJln5FNQDRrxj3YcbVw=="
-    },
-    "token-types": {
-      "version": "4.2.1",
-      "resolved": "https://registry.npmjs.org/token-types/-/token-types-4.2.1.tgz",
-      "integrity": "sha512-6udB24Q737UD/SDsKAHI9FCRP7Bqc9D/MQUV02ORQg5iskjtLJlZJNdN4kKtcdtwCeWIwIHDGaUsTsCCAa8sFQ==",
-      "requires": {
-        "@tokenizer/token": "^0.3.0",
-        "ieee754": "^1.2.1"
-      }
-    },
-    "touch": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/touch/-/touch-3.1.0.tgz",
-      "integrity": "sha512-WBx8Uy5TLtOSRtIq+M03/sKDrXCLHxwDcquSP2c43Le03/9serjQBIztjRz6FkJez9D/hleyAXTBGLwwZUw9lA==",
-      "dev": true,
-      "requires": {
-        "nopt": "~1.0.10"
-      },
-      "dependencies": {
-        "nopt": {
-          "version": "1.0.10",
-          "resolved": "https://registry.npmjs.org/nopt/-/nopt-1.0.10.tgz",
-          "integrity": "sha512-NWmpvLSqUrgrAC9HCuxEvb+PSloHpqVu+FqcO4eeF2h5qYRhA7ev6KvelyQAKtegUbC6RypJnlEOhd8vloNKYg==",
-          "dev": true,
-          "requires": {
-            "abbrev": "1"
-          }
-        }
-      }
-    },
-    "tough-cookie": {
-      "version": "4.1.3",
-      "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-4.1.3.tgz",
-      "integrity": "sha512-aX/y5pVRkfRnfmuX+OdbSdXvPe6ieKX/G2s7e98f4poJHnqH3281gDPm/metm6E/WRamfx7WC4HUqkWHfQHprw==",
-      "requires": {
-        "psl": "^1.1.33",
-        "punycode": "^2.1.1",
-        "universalify": "^0.2.0",
-        "url-parse": "^1.5.3"
-      },
-      "dependencies": {
-        "universalify": {
-          "version": "0.2.0",
-          "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.2.0.tgz",
-          "integrity": "sha512-CJ1QgKmNg3CwvAv/kOFmtnEN05f0D/cn9QntgNOQlQF9dgvVTHj3t+8JPdjqawCHk7V/KA+fbUqzZ9XWhcqPUg=="
-        }
-      }
-    },
-    "tr46": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/tr46/-/tr46-5.0.0.tgz",
-      "integrity": "sha512-tk2G5R2KRwBd+ZN0zaEXpmzdKyOYksXwywulIX95MBODjSzMIuQnQ3m8JxgbhnL1LeVo7lqQKsYa1O3Htl7K5g==",
-      "requires": {
-        "punycode": "^2.3.1"
-      }
-    },
-    "tree-kill": {
-      "version": "1.2.2",
-      "resolved": "https://registry.npmjs.org/tree-kill/-/tree-kill-1.2.2.tgz",
-      "integrity": "sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A=="
-    },
-    "trim-repeated": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/trim-repeated/-/trim-repeated-1.0.0.tgz",
-      "integrity": "sha1-42RqLqTokTEr9+rObPsFOAvAHCE=",
-      "dev": true,
-      "requires": {
-        "escape-string-regexp": "^1.0.2"
-      }
-    },
-    "truncate-utf8-bytes": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/truncate-utf8-bytes/-/truncate-utf8-bytes-1.0.2.tgz",
-      "integrity": "sha1-QFkjkJWS1W94pYGENLC3hInKXys=",
-      "requires": {
-        "utf8-byte-length": "^1.0.1"
-      }
-    },
-    "ts-dedent": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/ts-dedent/-/ts-dedent-2.2.0.tgz",
-      "integrity": "sha512-q5W7tVM71e2xjHZTlgfTDoPF/SmqKG5hddq9SzR49CH2hayqRKJtQ4mtRlSxKaJlR/+9rEM+mnBHf7I2/BQcpQ=="
-    },
-    "ts-node": {
-      "version": "10.9.2",
-      "resolved": "https://registry.npmjs.org/ts-node/-/ts-node-10.9.2.tgz",
-      "integrity": "sha512-f0FFpIdcHgn8zcPSbf1dRevwt047YMnaiJM3u2w2RewrB+fob/zePZcrOyQoLMMO7aBIddLcQIEK5dYjkLnGrQ==",
-      "dev": true,
-      "requires": {
-        "@cspotcode/source-map-support": "^0.8.0",
-        "@tsconfig/node10": "^1.0.7",
-        "@tsconfig/node12": "^1.0.7",
-        "@tsconfig/node14": "^1.0.0",
-        "@tsconfig/node16": "^1.0.2",
-        "acorn": "^8.4.1",
-        "acorn-walk": "^8.1.1",
-        "arg": "^4.1.0",
-        "create-require": "^1.1.0",
-        "diff": "^4.0.1",
-        "make-error": "^1.1.1",
-        "v8-compile-cache-lib": "^3.0.1",
-        "yn": "3.1.1"
-      },
-      "dependencies": {
-        "diff": {
-          "version": "4.0.2",
-          "resolved": "https://registry.npmjs.org/diff/-/diff-4.0.2.tgz",
-          "integrity": "sha512-58lmxKSA4BNyLz+HHMUzlOEpg09FV+ev6ZMe3vJihgdxzgcwZ8VoEEPmALCZG9LmqfVoNMMKpttIYTVG6uDY7A==",
-          "dev": true
-        }
-      }
-    },
-    "tslib": {
-      "version": "2.6.2",
-      "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.2.tgz",
-      "integrity": "sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q=="
-    },
-    "tsscmp": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/tsscmp/-/tsscmp-1.0.6.tgz",
-      "integrity": "sha512-LxhtAkPDTkVCMQjt2h6eBVY28KCjikZqZfMcC15YBeNjkgUpdCfBu5HoiOTDu86v6smE8yOjyEktJ8hlbANHQA=="
-    },
-    "tunnel-agent": {
-      "version": "0.6.0",
-      "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz",
-      "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=",
-      "requires": {
-        "safe-buffer": "^5.0.1"
-      }
-    },
-    "turndown": {
-      "version": "7.1.2",
-      "resolved": "https://registry.npmjs.org/turndown/-/turndown-7.1.2.tgz",
-      "integrity": "sha512-ntI9R7fcUKjqBP6QU8rBK2Ehyt8LAzt3UBT9JR9tgo6GtuKvyUzpayWmeMKJw1DPdXzktvtIT8m2mVXz+bL/Qg==",
-      "requires": {
-        "domino": "^2.1.6"
-      }
-    },
-    "tweetnacl": {
-      "version": "0.14.5",
-      "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz",
-      "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q="
-    },
-    "type-fest": {
-      "version": "0.13.1",
-      "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.13.1.tgz",
-      "integrity": "sha512-34R7HTnG0XIJcBSn5XhDd7nNFPRcXYRZrBB2O2jdKqYODldSzBAqzsWoZYYvduky73toYS/ESqxPvkDf/F0XMg==",
-      "optional": true
-    },
-    "type-is": {
-      "version": "1.6.18",
-      "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz",
-      "integrity": "sha512-TkRKr9sUTxEH8MdfuCSP7VizJyzRNMjj2J2do2Jr3Kym598JVdEksuzPQCnlFPW4ky9Q+iA+ma9BGm06XQBy8g==",
-      "requires": {
-        "media-typer": "0.3.0",
-        "mime-types": "~2.1.24"
-      }
-    },
-    "typedarray": {
-      "version": "0.0.6",
-      "resolved": "https://registry.npmjs.org/typedarray/-/typedarray-0.0.6.tgz",
-      "integrity": "sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c="
-    },
-    "typedarray-to-buffer": {
-      "version": "3.1.5",
-      "resolved": "https://registry.npmjs.org/typedarray-to-buffer/-/typedarray-to-buffer-3.1.5.tgz",
-      "integrity": "sha512-zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q==",
-      "requires": {
-        "is-typedarray": "^1.0.0"
-      }
-    },
-    "typescript": {
-      "version": "5.3.3",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.3.3.tgz",
-      "integrity": "sha512-pXWcraxM0uxAS+tN0AG/BF2TyqmHO014Z070UsJ+pFvYuRSq8KH8DmWpnbXe0pEPDHXZV3FcAbJkijJ5oNEnWw==",
-      "dev": true
-    },
-    "uc.micro": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-1.0.6.tgz",
-      "integrity": "sha512-8Y75pvTYkLJW2hWQHXxoqRgV7qb9B+9vFEtidML+7koHUFapnVJAZ6cKs+Qjz5Aw3aZWHMC6u0wJE3At+nSGwA==",
-      "dev": true
-    },
-    "uid-safe": {
-      "version": "2.1.5",
-      "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz",
-      "integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==",
-      "requires": {
-        "random-bytes": "~1.0.0"
-      }
-    },
-    "undefsafe": {
-      "version": "2.0.5",
-      "resolved": "https://registry.npmjs.org/undefsafe/-/undefsafe-2.0.5.tgz",
-      "integrity": "sha512-WxONCrssBM8TSPRqN5EmsjVrsv4A8X12J4ArBiiayv3DyyG3ZlIg6yysuuSYdZsVz3TKcTg2fd//Ujd4CHV1iA==",
-      "dev": true
-    },
-    "underscore": {
-      "version": "1.13.2",
-      "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.2.tgz",
-      "integrity": "sha512-ekY1NhRzq0B08g4bGuX4wd2jZx5GnKz6mKSqFL4nqBlfyMGiG10gDFhDTMEfYmDL6Jy0FUIZp7wiRB+0BP7J2g==",
-      "dev": true
-    },
-    "undici-types": {
-      "version": "5.26.5",
-      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
-      "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA=="
-    },
-    "unescape": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/unescape/-/unescape-1.0.1.tgz",
-      "integrity": "sha512-O0+af1Gs50lyH1nUu3ZyYS1cRh01Q/kUKatTOkSs7jukXE6/NebucDVxyiDsA9AQ4JC1V1jUH9EO8JX2nMDgGQ==",
-      "requires": {
-        "extend-shallow": "^2.0.1"
-      }
-    },
-    "unique-filename": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/unique-filename/-/unique-filename-1.1.1.tgz",
-      "integrity": "sha512-Vmp0jIp2ln35UTXuryvjzkjGdRyf9b2lTXuSYUiPmzRcl3FDtYqAwOnTJkAngD9SWhnoJzDbTKwaOrZ+STtxNQ==",
-      "dev": true,
-      "requires": {
-        "unique-slug": "^2.0.0"
-      }
-    },
-    "unique-slug": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/unique-slug/-/unique-slug-2.0.2.tgz",
-      "integrity": "sha512-zoWr9ObaxALD3DOPfjPSqxt4fnZiWblxHIgeWqW8x7UqDzEtHEQLzji2cuJYQFCU6KmoJikOYAZlrTHHebjx2w==",
-      "dev": true,
-      "requires": {
-        "imurmurhash": "^0.1.4"
-      }
-    },
-    "unist-util-stringify-position": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/unist-util-stringify-position/-/unist-util-stringify-position-3.0.3.tgz",
-      "integrity": "sha512-k5GzIBZ/QatR8N5X2y+drfpWG8IDBzdnVj6OInRNWm1oXrzydiaAT2OQiA8DPRRZyAKb9b6I2a6PxYklZD0gKg==",
-      "requires": {
-        "@types/unist": "^2.0.0"
-      }
-    },
-    "universalify": {
-      "version": "0.1.2",
-      "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz",
-      "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg=="
-    },
-    "unpipe": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz",
-      "integrity": "sha1-sr9O6FFKrmFltIF4KdIbLvSZBOw="
-    },
-    "unused-filename": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/unused-filename/-/unused-filename-2.1.0.tgz",
-      "integrity": "sha512-BMiNwJbuWmqCpAM1FqxCTD7lXF97AvfQC8Kr/DIeA6VtvhJaMDupZ82+inbjl5yVP44PcxOuCSxye1QMS0wZyg==",
-      "requires": {
-        "modify-filename": "^1.1.0",
-        "path-exists": "^4.0.0"
-      },
-      "dependencies": {
-        "path-exists": {
-          "version": "4.0.0",
-          "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-4.0.0.tgz",
-          "integrity": "sha512-ak9Qy5Q7jYb2Wwcey5Fpvg2KoAc/ZIhLSLOSBmRmygPsGwkVVt0fZa0qrtMz+m6tJTAHfZQ8FnmB4MG4LWy7/w=="
-        }
-      }
-    },
-    "update-browserslist-db": {
-      "version": "1.0.13",
-      "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.0.13.tgz",
-      "integrity": "sha512-xebP81SNcPuNpPP3uzeW1NYXxI3rxyJzF3pD6sH4jE7o/IX+WtSpwnVU+qIsDPyk0d3hmFQ7mjqc6AtV604hbg==",
-      "dev": true,
-      "requires": {
-        "escalade": "^3.1.1",
-        "picocolors": "^1.0.0"
-      }
-    },
-    "uri-js": {
-      "version": "4.2.2",
-      "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz",
-      "integrity": "sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==",
-      "requires": {
-        "punycode": "^2.1.0"
-      }
-    },
-    "url-join": {
-      "version": "4.0.1",
-      "resolved": "https://registry.npmjs.org/url-join/-/url-join-4.0.1.tgz",
-      "integrity": "sha512-jk1+QP6ZJqyOiuEI9AEWQfju/nB2Pw466kbA0LEZljHwKeMgd9WrAEgEGxjPDD2+TNbbb37rTyhEfrCXfuKXnA=="
-    },
-    "url-parse": {
-      "version": "1.5.10",
-      "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.5.10.tgz",
-      "integrity": "sha512-WypcfiRhfeUP9vvF0j6rw0J3hrWrw6iZv3+22h6iRMJ/8z1Tj6XfLP4DsUix5MhMPnXpiHDoKyoZ/bdCkwBCiQ==",
-      "requires": {
-        "querystringify": "^2.1.1",
-        "requires-port": "^1.0.0"
-      }
-    },
-    "utf8-byte-length": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/utf8-byte-length/-/utf8-byte-length-1.0.4.tgz",
-      "integrity": "sha1-9F8VDExm7uloGGUFq5P8u4rWv2E="
-    },
-    "utif2": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/utif2/-/utif2-4.1.0.tgz",
-      "integrity": "sha512-+oknB9FHrJ7oW7A2WZYajOcv4FcDR4CfoGB0dPNfxbi4GO05RRnFmt5oa23+9w32EanrYcSJWspUiJkLMs+37w==",
-      "requires": {
-        "pako": "^1.0.11"
-      }
-    },
-    "util-deprecate": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz",
-      "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8="
-    },
-    "utils-merge": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz",
-      "integrity": "sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM="
-    },
-    "uuid": {
-      "version": "3.3.3",
-      "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.3.tgz",
-      "integrity": "sha512-pW0No1RGHgzlpHJO1nsVrHKpOEIxkGg1xB+v0ZmdNH5OAeAwzAVrCnI2/6Mtx+Uys6iaylxa+D3g4j63IKKjSQ=="
-    },
-    "uvu": {
-      "version": "0.5.6",
-      "resolved": "https://registry.npmjs.org/uvu/-/uvu-0.5.6.tgz",
-      "integrity": "sha512-+g8ENReyr8YsOc6fv/NVJs2vFdHBnBNdfE49rshrTzDWOlUx4Gq7KOS2GD8eqhy2j+Ejq29+SbKH8yjkAqXqoA==",
-      "requires": {
-        "dequal": "^2.0.0",
-        "diff": "^5.0.0",
-        "kleur": "^4.0.3",
-        "sade": "^1.7.3"
-      }
-    },
-    "v8-compile-cache-lib": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz",
-      "integrity": "sha512-wa7YjyUGfNZngI/vtK0UHAN+lgDCxBPCylVXGp0zu59Fz5aiGtNXaq3DhIov063MorB+VfufLh3JlF2KdTK3xg==",
-      "dev": true
-    },
-    "validate-npm-package-license": {
-      "version": "3.0.4",
-      "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz",
-      "integrity": "sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew==",
-      "dev": true,
-      "requires": {
-        "spdx-correct": "^3.0.0",
-        "spdx-expression-parse": "^3.0.0"
-      }
-    },
-    "value-equal": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/value-equal/-/value-equal-1.0.1.tgz",
-      "integrity": "sha512-NOJ6JZCAWr0zlxZt+xqCHNTEKOsrks2HQd4MqhP1qy4z1SkbEP467eNx6TgDKXMvUOb+OENfJCZwM+16n7fRfw=="
-    },
-    "vary": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
-      "integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw="
-    },
-    "verror": {
-      "version": "1.10.0",
-      "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz",
-      "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=",
-      "requires": {
-        "assert-plus": "^1.0.0",
-        "core-util-is": "1.0.2",
-        "extsprintf": "^1.2.0"
-      }
-    },
-    "w3c-xmlserializer": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/w3c-xmlserializer/-/w3c-xmlserializer-5.0.0.tgz",
-      "integrity": "sha512-o8qghlI8NZHU1lLPrpi2+Uq7abh4GGPpYANlalzWxyWteJOCsr/P+oPBA49TOLu5FTZO4d3F9MnWJfiMo4BkmA==",
-      "requires": {
-        "xml-name-validator": "^5.0.0"
-      }
-    },
-    "warning": {
-      "version": "4.0.3",
-      "resolved": "https://registry.npmjs.org/warning/-/warning-4.0.3.tgz",
-      "integrity": "sha512-rpJyN222KWIvHJ/F53XSZv0Zl/accqHR8et1kpaMTD/fLCRxtV8iX8czMzY7sVZupTI3zcUTg8eycS2kNF9l6w==",
-      "requires": {
-        "loose-envify": "^1.0.0"
-      }
-    },
-    "watchpack": {
-      "version": "2.4.0",
-      "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.4.0.tgz",
-      "integrity": "sha512-Lcvm7MGST/4fup+ifyKi2hjyIAwcdI4HRgtvTpIUxBRhB+RFtUh8XtDOxUfctVCnhVi+QQj49i91OyvzkJl6cg==",
-      "dev": true,
-      "requires": {
-        "glob-to-regexp": "^0.4.1",
-        "graceful-fs": "^4.1.2"
-      }
-    },
-    "wcwidth": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/wcwidth/-/wcwidth-1.0.1.tgz",
-      "integrity": "sha1-8LDc+RW8X/FSivrbLA4XtTLaL+g=",
-      "dev": true,
-      "requires": {
-        "defaults": "^1.0.3"
-      }
-    },
-    "web-worker": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/web-worker/-/web-worker-1.2.0.tgz",
-      "integrity": "sha512-PgF341avzqyx60neE9DD+XS26MMNMoUQRz9NOZwW32nPQrF6p77f1htcnjBSEV8BGMKZ16choqUG4hyI0Hx7mA=="
-    },
-    "webidl-conversions": {
-      "version": "7.0.0",
-      "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-7.0.0.tgz",
-      "integrity": "sha512-VwddBukDzu71offAQR975unBIGqfKZpM+8ZX6ySk8nYhVoo5CYaZyzt3YBvYtRtO+aoGlqxPg/B87NGVZ/fu6g=="
-    },
-    "webpack": {
-      "version": "5.90.3",
-      "resolved": "https://registry.npmjs.org/webpack/-/webpack-5.90.3.tgz",
-      "integrity": "sha512-h6uDYlWCctQRuXBs1oYpVe6sFcWedl0dpcVaTf/YF67J9bKvwJajFulMVSYKHrksMB3I/pIagRzDxwxkebuzKA==",
-      "dev": true,
-      "requires": {
-        "@types/eslint-scope": "^3.7.3",
-        "@types/estree": "^1.0.5",
-        "@webassemblyjs/ast": "^1.11.5",
-        "@webassemblyjs/wasm-edit": "^1.11.5",
-        "@webassemblyjs/wasm-parser": "^1.11.5",
-        "acorn": "^8.7.1",
-        "acorn-import-assertions": "^1.9.0",
-        "browserslist": "^4.21.10",
-        "chrome-trace-event": "^1.0.2",
-        "enhanced-resolve": "^5.15.0",
-        "es-module-lexer": "^1.2.1",
-        "eslint-scope": "5.1.1",
-        "events": "^3.2.0",
-        "glob-to-regexp": "^0.4.1",
-        "graceful-fs": "^4.2.9",
-        "json-parse-even-better-errors": "^2.3.1",
-        "loader-runner": "^4.2.0",
-        "mime-types": "^2.1.27",
-        "neo-async": "^2.6.2",
-        "schema-utils": "^3.2.0",
-        "tapable": "^2.1.1",
-        "terser-webpack-plugin": "^5.3.10",
-        "watchpack": "^2.4.0",
-        "webpack-sources": "^3.2.3"
-      }
-    },
-    "webpack-cli": {
-      "version": "5.1.4",
-      "resolved": "https://registry.npmjs.org/webpack-cli/-/webpack-cli-5.1.4.tgz",
-      "integrity": "sha512-pIDJHIEI9LR0yxHXQ+Qh95k2EvXpWzZ5l+d+jIo+RdSm9MiHfzazIxwwni/p7+x4eJZuvG1AJwgC4TNQ7NRgsg==",
-      "dev": true,
-      "requires": {
-        "@discoveryjs/json-ext": "^0.5.0",
-        "@webpack-cli/configtest": "^2.1.1",
-        "@webpack-cli/info": "^2.0.2",
-        "@webpack-cli/serve": "^2.0.5",
-        "colorette": "^2.0.14",
-        "commander": "^10.0.1",
-        "cross-spawn": "^7.0.3",
-        "envinfo": "^7.7.3",
-        "fastest-levenshtein": "^1.0.12",
-        "import-local": "^3.0.2",
-        "interpret": "^3.1.1",
-        "rechoir": "^0.8.0",
-        "webpack-merge": "^5.7.3"
-      },
-      "dependencies": {
-        "commander": {
-          "version": "10.0.1",
-          "resolved": "https://registry.npmjs.org/commander/-/commander-10.0.1.tgz",
-          "integrity": "sha512-y4Mg2tXshplEbSGzx7amzPwKKOCGuoSRP/CjEdwwk0FOGlUbq6lKuoyDZTNZkmxHdJtp54hdfY/JUrdL7Xfdug==",
-          "dev": true
-        }
-      }
-    },
-    "webpack-merge": {
-      "version": "5.8.0",
-      "resolved": "https://registry.npmjs.org/webpack-merge/-/webpack-merge-5.8.0.tgz",
-      "integrity": "sha512-/SaI7xY0831XwP6kzuwhKWVKDP9t1QY1h65lAFLbZqMPIuYcD9QAW4u9STIbU9kaJbPBB/geU/gLr1wDjOhQ+Q==",
-      "dev": true,
-      "requires": {
-        "clone-deep": "^4.0.1",
-        "wildcard": "^2.0.0"
-      }
-    },
-    "webpack-sources": {
-      "version": "3.2.3",
-      "resolved": "https://registry.npmjs.org/webpack-sources/-/webpack-sources-3.2.3.tgz",
-      "integrity": "sha512-/DyMEOrDgLKKIG0fmvtz+4dUX/3Ghozwgm6iPp8KRhvn+eQf9+Q7GWxVNMk3+uCPWfdXYC4ExGBckIXdFEfH1w==",
-      "dev": true
-    },
-    "whatwg-encoding": {
-      "version": "3.1.1",
-      "resolved": "https://registry.npmjs.org/whatwg-encoding/-/whatwg-encoding-3.1.1.tgz",
-      "integrity": "sha512-6qN4hJdMwfYBtE3YBTTHhoeuUrDBPZmbQaxWAqSALV/MeEnR5z1xd8UKud2RAkFoPkmB+hli1TZSnyi84xz1vQ==",
-      "requires": {
-        "iconv-lite": "0.6.3"
-      }
-    },
-    "whatwg-fetch": {
-      "version": "3.6.20",
-      "resolved": "https://registry.npmjs.org/whatwg-fetch/-/whatwg-fetch-3.6.20.tgz",
-      "integrity": "sha512-EqhiFU6daOA8kpjOWTL0olhVOF3i7OrFzSYiGsEMB8GcXS+RrzauAERX65xMeNWVqxA6HXH2m69Z9LaKKdisfg=="
-    },
-    "whatwg-mimetype": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/whatwg-mimetype/-/whatwg-mimetype-4.0.0.tgz",
-      "integrity": "sha512-QaKxh0eNIi2mE9p2vEdzfagOKHCcj1pJ56EEHGQOVxp8r9/iszLUUV7v89x9O1p/T+NlTM5W7jW6+cz4Fq1YVg=="
-    },
-    "whatwg-url": {
-      "version": "14.0.0",
-      "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-14.0.0.tgz",
-      "integrity": "sha512-1lfMEm2IEr7RIV+f4lUNPOqfFL+pO+Xw3fJSqmjX9AbXcXcYOkCe1P6+9VBZB6n94af16NfZf+sSk0JCBZC9aw==",
-      "requires": {
-        "tr46": "^5.0.0",
-        "webidl-conversions": "^7.0.0"
-      }
-    },
-    "wheel": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/wheel/-/wheel-1.0.0.tgz",
-      "integrity": "sha512-XiCMHibOiqalCQ+BaNSwRoZ9FDTAvOsXxGHXChBugewDj7HC8VBIER71dEOiRH1fSdLbRCQzngKTSiZ06ZQzeA=="
-    },
-    "which": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz",
-      "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==",
-      "requires": {
-        "isexe": "^2.0.0"
-      }
-    },
-    "wide-align": {
-      "version": "1.1.5",
-      "resolved": "https://registry.npmjs.org/wide-align/-/wide-align-1.1.5.tgz",
-      "integrity": "sha512-eDMORYaPNZ4sQIuuYPDHdQvf4gyCF9rEEV/yPxGfwPkRodwEgiMUUXTx/dex+Me0wxx53S+NgUHaP7y3MGlDmg==",
-      "dev": true,
-      "requires": {
-        "string-width": "^1.0.2 || 2 || 3 || 4"
-      }
-    },
-    "wildcard": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/wildcard/-/wildcard-2.0.0.tgz",
-      "integrity": "sha512-JcKqAHLPxcdb9KM49dufGXn2x3ssnfjbcaQdLlfZsL9rH9wgDQjUtDxbo8NE0F6SFvydeu1VhZe7hZuHsB2/pw==",
-      "dev": true
-    },
-    "word-wrap": {
-      "version": "1.2.5",
-      "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.5.tgz",
-      "integrity": "sha512-BN22B5eaMMI9UMtjrGd5g5eCYPpCPDUy0FJXbYsaT5zYxjFOckS53SQDE3pWkVoWpHXVb3BrYcEN4Twa55B5cA==",
-      "optional": true
-    },
-    "wrap-ansi": {
-      "version": "8.1.0",
-      "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-8.1.0.tgz",
-      "integrity": "sha512-si7QWI6zUMq56bESFvagtmzMdGOtoxfR+Sez11Mobfc7tm+VkUckk9bW2UeffTGVUbOksxmSw0AA2gs8g71NCQ==",
-      "requires": {
-        "ansi-styles": "^6.1.0",
-        "string-width": "^5.0.1",
-        "strip-ansi": "^7.0.1"
-      },
-      "dependencies": {
-        "ansi-regex": {
-          "version": "6.0.1",
-          "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-6.0.1.tgz",
-          "integrity": "sha512-n5M855fKb2SsfMIiFFoVrABHJC8QtHwVx+mHWP3QcEqBHYienj5dHSgjbxtC0WEZXYt4wcD6zrQElDPhFuZgfA=="
-        },
-        "ansi-styles": {
-          "version": "6.2.1",
-          "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-6.2.1.tgz",
-          "integrity": "sha512-bN798gFfQX+viw3R7yrGWRqnrN2oRkEkUjjl4JNn4E8GxxbjtG3FbrEIIY3l8/hrwUwIeCZvi4QuOTP4MErVug=="
-        },
-        "emoji-regex": {
-          "version": "9.2.2",
-          "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-9.2.2.tgz",
-          "integrity": "sha512-L18DaJsXSUk2+42pv8mLs5jJT2hqFkFE4j21wOmgbUqsZ2hL72NsUU785g9RXgo3s0ZNgVl42TiHp3ZtOv/Vyg=="
-        },
-        "string-width": {
-          "version": "5.1.2",
-          "resolved": "https://registry.npmjs.org/string-width/-/string-width-5.1.2.tgz",
-          "integrity": "sha512-HnLOCR3vjcY8beoNLtcjZ5/nxn2afmME6lhrDrebokqMap+XbeW8n9TXpPDOqdGK5qcI3oT0GKTW6wC7EMiVqA==",
-          "requires": {
-            "eastasianwidth": "^0.2.0",
-            "emoji-regex": "^9.2.2",
-            "strip-ansi": "^7.0.1"
-          }
-        },
-        "strip-ansi": {
-          "version": "7.1.0",
-          "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-7.1.0.tgz",
-          "integrity": "sha512-iq6eVVI64nQQTRYq2KtEg2d2uU7LElhTJwsH4YzIHZshxlgZms/wIc4VoDQTlG/IvVIrBKG06CrZnp0qv7hkcQ==",
-          "requires": {
-            "ansi-regex": "^6.0.1"
-          }
-        }
-      }
-    },
-    "wrap-ansi-cjs": {
-      "version": "npm:wrap-ansi@7.0.0",
-      "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz",
-      "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==",
-      "requires": {
-        "ansi-styles": "^4.0.0",
-        "string-width": "^4.1.0",
-        "strip-ansi": "^6.0.0"
-      }
-    },
-    "wrappy": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
-      "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8="
-    },
-    "write-file-atomic": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-3.0.3.tgz",
-      "integrity": "sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q==",
-      "requires": {
-        "imurmurhash": "^0.1.4",
-        "is-typedarray": "^1.0.0",
-        "signal-exit": "^3.0.2",
-        "typedarray-to-buffer": "^3.1.5"
-      }
-    },
-    "ws": {
-      "version": "8.16.0",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-8.16.0.tgz",
-      "integrity": "sha512-HS0c//TP7Ina87TfiPUz1rQzMhHrl/SG2guqRcTOIUYD2q8uhUdNHZYJUaQ8aTGPzCh+c6oawMKW35nFl1dxyQ==",
-      "requires": {}
-    },
-    "xhr": {
-      "version": "2.6.0",
-      "resolved": "https://registry.npmjs.org/xhr/-/xhr-2.6.0.tgz",
-      "integrity": "sha512-/eCGLb5rxjx5e3mF1A7s+pLlR6CGyqWN91fv1JgER5mVWg1MZmlhBvy9kjcsOdRk8RrIujotWyJamfyrp+WIcA==",
-      "requires": {
-        "global": "~4.4.0",
-        "is-function": "^1.0.1",
-        "parse-headers": "^2.0.0",
-        "xtend": "^4.0.0"
-      }
-    },
-    "xml-name-validator": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-5.0.0.tgz",
-      "integrity": "sha512-EvGK8EJ3DhaHfbRlETOWAS5pO9MZITeauHKJyb8wyajUfQUenkIg2MvLDTZ4T/TgIcm3HU0TFBgWWboAZ30UHg=="
-    },
-    "xml-parse-from-string": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/xml-parse-from-string/-/xml-parse-from-string-1.0.1.tgz",
-      "integrity": "sha512-ErcKwJTF54uRzzNMXq2X5sMIy88zJvfN2DmdoQvy7PAFJ+tPRU6ydWuOKNMyfmOjdyBQTFREi60s0Y0SyI0G0g=="
-    },
-    "xml2js": {
-      "version": "0.6.2",
-      "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.6.2.tgz",
-      "integrity": "sha512-T4rieHaC1EXcES0Kxxj4JWgaUQHDk+qwHcYOCFHfiwKz7tOVPLq7Hjq9dM1WCMhylqMEfP7hMcOIChvotiZegA==",
-      "requires": {
-        "sax": ">=0.6.0",
-        "xmlbuilder": "~11.0.0"
-      }
-    },
-    "xmlbuilder": {
-      "version": "11.0.1",
-      "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-11.0.1.tgz",
-      "integrity": "sha512-fDlsI/kFEx7gLvbecc0/ohLG50fugQp8ryHzMTuW9vSa1GJ0XYWKnhsUx7oie3G98+r56aTQIUB4kht42R3JvA=="
-    },
-    "xmlchars": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/xmlchars/-/xmlchars-2.2.0.tgz",
-      "integrity": "sha512-JZnDKK8B0RCDw84FNdDAIpZK+JuJw+s7Lz8nksI7SIuU3UXJJslUthsi+uWBUYOwPFwW7W7PRLRfUKpxjtjFCw=="
-    },
-    "xmlcreate": {
-      "version": "2.0.4",
-      "resolved": "https://registry.npmjs.org/xmlcreate/-/xmlcreate-2.0.4.tgz",
-      "integrity": "sha512-nquOebG4sngPmGPICTS5EnxqhKbCmz5Ox5hsszI2T6U5qdrJizBc+0ilYSEjTSzU0yZcmvppztXe/5Al5fUwdg==",
-      "dev": true
-    },
-    "xtend": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz",
-      "integrity": "sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ=="
-    },
-    "y18n": {
-      "version": "5.0.8",
-      "resolved": "https://registry.npmjs.org/y18n/-/y18n-5.0.8.tgz",
-      "integrity": "sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA==",
-      "devOptional": true
-    },
-    "yallist": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
-      "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A=="
-    },
-    "yargs": {
-      "version": "17.7.2",
-      "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz",
-      "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==",
-      "dev": true,
-      "requires": {
-        "cliui": "^8.0.1",
-        "escalade": "^3.1.1",
-        "get-caller-file": "^2.0.5",
-        "require-directory": "^2.1.1",
-        "string-width": "^4.2.3",
-        "y18n": "^5.0.5",
-        "yargs-parser": "^21.1.1"
-      },
-      "dependencies": {
-        "cliui": {
-          "version": "8.0.1",
-          "resolved": "https://registry.npmjs.org/cliui/-/cliui-8.0.1.tgz",
-          "integrity": "sha512-BSeNnyus75C4//NQ9gQt1/csTXyo/8Sb+afLAkzAptFuMsod9HFokGNudZpi/oQV73hnVK+sR+5PVRMd+Dr7YQ==",
-          "dev": true,
-          "requires": {
-            "string-width": "^4.2.0",
-            "strip-ansi": "^6.0.1",
-            "wrap-ansi": "^7.0.0"
-          }
-        },
-        "wrap-ansi": {
-          "version": "7.0.0",
-          "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-7.0.0.tgz",
-          "integrity": "sha512-YVGIj2kamLSTxw6NsZjoBxfSwsn0ycdesmc4p+Q21c5zPuZ1pl+NfxVdxPtdHvmNVOQ6XSYG4AUtyt/Fi7D16Q==",
-          "dev": true,
-          "requires": {
-            "ansi-styles": "^4.0.0",
-            "string-width": "^4.1.0",
-            "strip-ansi": "^6.0.0"
-          }
-        }
-      }
-    },
-    "yargs-parser": {
-      "version": "21.1.1",
-      "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-21.1.1.tgz",
-      "integrity": "sha512-tVpsJW7DdjecAiFpbIB1e3qxIQsE6NoPc5/eTdrbbIC4h0LVsWhnoa3g+m2HclBIujHzsxZ4VJVA+GUuc2/LBw==",
-      "dev": true
-    },
-    "yauzl": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/yauzl/-/yauzl-3.1.2.tgz",
-      "integrity": "sha512-621iCPgEG1wXViDZS/L3h9F8TgrdQV1eayJlJ8j5A2SZg8OdY/1DLf+VxNeD+q5QbMFEAbjjR8nITj7g4nKa0Q==",
-      "requires": {
-        "buffer-crc32": "~0.2.3",
-        "pend": "~1.2.0"
-      }
-    },
-    "yn": {
-      "version": "3.1.1",
-      "resolved": "https://registry.npmjs.org/yn/-/yn-3.1.1.tgz",
-      "integrity": "sha512-Ux4ygGWsu2c7isFWe8Yu1YluJmqVhxqK2cLXNQA5AcC3QfbGNpM7fu0Y8b/z16pXLnFxZYvWhd3fhBY9DLmC6Q==",
-      "dev": true
-    },
-    "zip-stream": {
-      "version": "6.0.0",
-      "resolved": "https://registry.npmjs.org/zip-stream/-/zip-stream-6.0.0.tgz",
-      "integrity": "sha512-X0WFquRRDtL9HR9hc1OrabOP/VKJEX7gAr2geayt3b7dLgXgSXI6ucC4CphLQP/aQt2GyHIYgmXxtC+dVdghAQ==",
-      "requires": {
-        "archiver-utils": "^5.0.0",
-        "compress-commons": "^6.0.0",
-        "readable-stream": "^4.0.0"
-      },
-      "dependencies": {
-        "buffer": {
-          "version": "6.0.3",
-          "resolved": "https://registry.npmjs.org/buffer/-/buffer-6.0.3.tgz",
-          "integrity": "sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==",
-          "requires": {
-            "base64-js": "^1.3.1",
-            "ieee754": "^1.2.1"
-          }
-        },
-        "readable-stream": {
-          "version": "4.5.2",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-4.5.2.tgz",
-          "integrity": "sha512-yjavECdqeZ3GLXNgRXgeQEdz9fvDDkNKyHnbHRFtOr7/LcfgBcmct7t/ET+HaCTqfh06OzoAxrkN/IfjJBVe+g==",
-          "requires": {
-            "abort-controller": "^3.0.0",
-            "buffer": "^6.0.3",
-            "events": "^3.3.0",
-            "process": "^0.11.10",
-            "string_decoder": "^1.3.0"
-          }
-        },
-        "safe-buffer": {
-          "version": "5.2.1",
-          "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.1.tgz",
-          "integrity": "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ=="
-        },
-        "string_decoder": {
-          "version": "1.3.0",
-          "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz",
-          "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==",
-          "requires": {
-            "safe-buffer": "~5.2.0"
-          }
-        }
-      }
-    }
   }
 }
diff --git a/package.json b/package.json
index 310a1651d2..bdfc704de5 100644
--- a/package.json
+++ b/package.json
@@ -53,11 +53,13 @@
     "debounce": "1.2.1",
     "dotenv": "^16.4.5",
     "ejs": "3.1.9",
+    "dotenv": "^16.4.5",
     "electron-debug": "3.2.0",
     "electron-dl": "3.5.2",
     "electron-window-state": "5.0.3",
     "escape-html": "1.0.3",
-    "express": "4.19.2",
+    "eslint": "^9.9.0",
+    "express": "^4.19.2",
     "express-openid-connect": "^2.17.1",
     "express-partial-content": "1.0.2",
     "express-rate-limit": "7.2.0",
diff --git a/src/app.ts b/src/app.ts
index 7479795478..0a7630ee32 100644
--- a/src/app.ts
+++ b/src/app.ts
@@ -1,16 +1,24 @@
-import express = require('express');
-import path = require('path');
-import favicon = require('serve-favicon');
-import cookieParser = require('cookie-parser');
-import helmet = require('helmet');
-import compression = require('compression');
-import sessionParser = require('./routes/session_parser');
-import utils = require('./services/utils');
-import oidc = require('express-openid-connect');
-import openID = require('./services/open_id');
+import express from "express";
+import path from "path";
+import favicon from "serve-favicon";
+import cookieParser from "cookie-parser";
+import helmet from "helmet";
+import compression from "compression";
+import { fileURLToPath } from "url";
+import { dirname } from "path";
+import sessionParser from "./routes/session_parser.js";
+import utils from "./services/utils.js";
+import assets from "./routes/assets.js";
+import routes from "./routes/routes.js";
+import custom from "./routes/custom.js";
+import error_handlers from "./routes/error_handlers.js";
+import { startScheduledCleanup } from "./services/erase.js";
+import sql_init from "./services/sql_init.js";
+import oidc from 'express-openid-connect';
+import openID from './services/open_id.js';
 
-require('./services/handlers');
-require('./becca/becca_loader');
+await import('./services/handlers.js');
+await import('./becca/becca_loader.js');
 require('dotenv').config();
 
 const app = express();
@@ -43,10 +51,10 @@ app.use(favicon(`${__dirname}/../images/app-icons/win/icon.ico`));
 if (openID.checkOpenIDRequirements()) 
     app.use(oidc.auth(openID.generateOAuthConfig()));
 
-require('./routes/assets').register(app);
-require('./routes/routes').register(app);
-require('./routes/custom').register(app);
-require('./routes/error_handlers').register(app);
+assets.register(app);
+routes.register(app);
+custom.register(app);
+error_handlers.register(app);
 
 // triggers sync timer
 require('./services/sync');
diff --git a/src/public/app/widgets/type_widgets/content_widget.js b/src/public/app/widgets/type_widgets/content_widget.js
index d21fe91973..3ea36a0ffa 100644
--- a/src/public/app/widgets/type_widgets/content_widget.js
+++ b/src/public/app/widgets/type_widgets/content_widget.js
@@ -32,6 +32,7 @@ import DatabaseAnonymizationOptions from "./options/advanced/database_anonymizat
 import BackendLogWidget from "./content/backend_log.js";
 import AttachmentErasureTimeoutOptions from "./options/other/attachment_erasure_timeout.js";
 import RibbonOptions from "./options/appearance/ribbon.js";
+import LocalizationOptions from "./options/appearance/i18n.js";
 import MultiFactorAuthenticationOptions from './options/multi_factor_authentication.js';
 
 const TPL = `<div class="note-detail-content-widget note-detail-printable">
diff --git a/src/routes/login.ts b/src/routes/login.ts
index c4d5b6fba8..53008cca79 100644
--- a/src/routes/login.ts
+++ b/src/routes/login.ts
@@ -1,21 +1,21 @@
 'use strict';
 
-import utils = require('../services/utils');
-import optionService = require('../services/options');
-import myScryptService = require('../services/encryption/my_scrypt');
-import log = require('../services/log');
-import passwordService = require('../services/encryption/password');
-import totp_secret = require('../services/totp');
-import recoveryCodeService = require('../services/encryption/recovery_codes');
-import openIDService = require('../services/open_id');
-import openIDEncryption = require('../services/encryption/open_id_encryption');
-import assetPath = require('../services/asset_path');
-import appPath = require('../services/app_path');
-import ValidationError = require('../errors/validation_error');
+import utils from "../services/utils.js";
+import optionService from "../services/options.js";
+import myScryptService from "../services/encryption/my_scrypt.js";
+import log from "../services/log.js";
+import passwordService from "../services/encryption/password.js";
+import totp_secret from '../services/totp.js';
+import recoveryCodeService from '../services/encryption/recovery_codes.js';
+import openIDService from '../services/open_id.js';
+import openIDEncryption from '../services/encryption/open_id_encryption.js';
+import assetPath from "../services/asset_path.js";
+import appPath from "../services/app_path.js";
+import ValidationError from "../errors/validation_error.js";
 import { Request, Response } from 'express';
-import { AppRequest } from './route-interface';
-import totp = require('../services/totp');
-import open_id = require('../services/open_id');
+import { AppRequest } from './route-interface.js';
+import totp  from '../services/totp.js';
+import open_id  from '../services/open_id.js';
 
 function loginPage(req: Request, res: Response) {
   if (open_id.isOpenIDEnabled()) {
diff --git a/src/routes/routes.ts b/src/routes/routes.ts
index 03afd7787a..e9fd71523c 100644
--- a/src/routes/routes.ts
+++ b/src/routes/routes.ts
@@ -5,19 +5,19 @@ import multer = require('multer');
 import log = require('../services/log');
 import express = require('express');
 const router = express.Router();
-import auth = require('../services/auth');
-import openID = require('../services/open_id');
-import totp = require('./api/totp');
-import recoveryCodes = require('./api/recovery_codes');
-import cls = require('../services/cls');
-import sql = require('../services/sql');
-import entityChangesService = require('../services/entity_changes');
-import csurf = require('csurf');
+import auth from "../services/auth.js";
+import openID from '../services/open_id.js';
+import totp from './api/totp.js';
+import recoveryCodes from './api/recovery_codes.js';
+import cls from "../services/cls.js";
+import sql from "../services/sql.js";
+import entityChangesService from "../services/entity_changes.js";
+import csurf from "csurf";
 import { createPartialContentHandler } from 'express-partial-content';
-import rateLimit = require('express-rate-limit');
-import AbstractBeccaEntity = require('../becca/entities/abstract_becca_entity');
-import NotFoundError = require('../errors/not_found_error');
-import ValidationError = require('../errors/validation_error');
+import rateLimit from 'express-rate-limit';
+import AbstractBeccaEntity from "../becca/entities/abstract_becca_entity.js";
+import NotFoundError from "../errors/not_found_error.js";
+import ValidationError from "../errors/validation_error.js";
 
 // page routes
 import setupRoute = require('./setup');
diff --git a/src/services/auth.ts b/src/services/auth.ts
index 004e74801a..c63b89a29b 100644
--- a/src/services/auth.ts
+++ b/src/services/auth.ts
@@ -8,10 +8,10 @@ import passwordEncryptionService = require('./encryption/password_encryption');
 import config = require('./config');
 import passwordService = require('./encryption/password');
 import type { NextFunction, Request, Response } from 'express';
-import { AppRequest } from '../routes/route-interface';
-import openID = require('./open_id');
-import sql = require('./sql');
-import open_id_encryption = require('./encryption/open_id_encryption');
+import { AppRequest } from '../routes/route-interface.js';
+import openID from './open_id.js';
+import sql from './sql.js';
+import open_id_encryption from './encryption/open_id_encryption.js';
 
 const noAuthentication =
     config.General && config.General.noAuthentication === true;
diff --git a/src/services/encryption/my_scrypt.ts b/src/services/encryption/my_scrypt.ts
index eebdf7a772..899553e165 100644
--- a/src/services/encryption/my_scrypt.ts
+++ b/src/services/encryption/my_scrypt.ts
@@ -1,9 +1,9 @@
 "use strict";
 
-import optionService = require("../options");
-import crypto = require("crypto");
-import utils = require("../utils");
-import sql = require("../sql");
+import optionService from "../options.js";
+import crypto from "crypto";
+import optionService from "../options.js";
+import crypto from "crypto";
 
 function getVerificationHash(password: crypto.BinaryLike) {
   const salt = optionService.getOption("passwordVerificationSalt");
@@ -75,7 +75,7 @@ function createSubjectIdentifierDerivedKey(
   return getScryptHash(subjectIdentifer, salt);
 }
 
-export = {
+export default {
   getVerificationHash,
   getPasswordDerivedKey,
   getSubjectIdentifierVerificationHash,
diff --git a/src/services/open_id.ts b/src/services/open_id.ts
index 75d6ea0282..0c77e672c6 100644
--- a/src/services/open_id.ts
+++ b/src/services/open_id.ts
@@ -126,7 +126,7 @@ function generateOAuthConfig() {
   return authConfig;
 }
 
-export = {
+export default {
   generateOAuthConfig,
   getOAuthStatus,
   isOpenIDEnabled,
diff --git a/src/services/options_init.ts b/src/services/options_init.ts
index 13edf36d33..3b50f3f4d8 100644
--- a/src/services/options_init.ts
+++ b/src/services/options_init.ts
@@ -97,6 +97,7 @@ const defaultOptions = [
     { name: 'customSearchEngineUrl', value: 'https://duckduckgo.com/?q={keyword}', isSynced: true },
     { name: 'promotedAttributesOpenInRibbon', value: 'true', isSynced: true },
     { name: 'editedNotesOpenInRibbon', value: 'true', isSynced: true },
+    { name: 'locale', value: 'en', isSynced: true },
     { name: 'totpEnabled', value: 'false', isSynced: true},
     { name: 'encryptedRecoveryCodes', value: 'false', isSynced: true},
     { name: 'userSubjectIdentifierSaved', value: 'false', isSynced: true},