accounts: add "not results found" screen

accounts: fix search button (again)
admin: improve searchboxes appearance
2026-03-18 21:50:33 +01:00 · 2023-10-14 13:07:30 +01:00 · 2023-10-14 12:52:10 +01:00 · 2023-10-14 12:46:39 +01:00 · 2023-10-14 12:33:48 +01:00 · 2023-10-13 19:07:41 +01:00
235 changed files with 11598 additions and 3304 deletions
--- a/.drone.yml
+++ b/.drone.yml
@@ -18,6 +18,8 @@ steps:
              from_secret: BUILDRONE_KEY
          GITHUB_TOKEN:
              from_secret: github_token
+          JFA_GO_BUILT_BY:
+              from_secret: BUILT_BY
      commands:
        - curl -sL https://git.io/goreleaser > ../goreleaser
        - chmod +x ../goreleaser
@@ -26,6 +28,7 @@ steps:
        - pip3 install requests
        - bash -c 'sftp -P 2022 -i /id_rsa -o StrictHostKeyChecking=no root@161.97.102.153:/repo/incoming <<< $"put dist/*.deb"'
        - bash -c 'ssh -i /id_rsa root@161.97.102.153 -p 2022 "repo-process-deb trusty"'
+          bash -c 'ssh -i /id_rsa root@161.97.102.153 -p 2022 "rm /repo/incoming/*.deb"'
        - bash -c 'python3 ../upload.py https://builds.hrfee.pw hrfee jfa-go --tag internal=true'
 volumes:
    - name: ssh_key
@@ -85,7 +88,7 @@ steps:
      commands:
        - curl -sL https://git.io/goreleaser > goreleaser
        - chmod +x goreleaser
-        - ./scripts/version.sh ./goreleaser --snapshot --skip-publish --rm-dist
+        - ./scripts/version.sh ./goreleaser --snapshot --skip-publish --clean
        - wget https://builds.hrfee.pw/upload.py
        - pip3 install requests
        - bash -c 'sftp -i /id_rsa2 -o StrictHostKeyChecking=no root@161.97.102.153:/mnt/redoc <<< $"put docs/swagger.json jfa-go.json"'
@@ -93,10 +96,14 @@ steps:
          # - bash -c 'ssh -i /id_rsa root@161.97.102.153 -p 2022 "reprepro -Vb /repo remove trusty-unstable jfa-go"'
          # - bash -c 'ssh -i /id_rsa root@161.97.102.153 -p 2022 "reprepro -Vb /repo remove trusty-unstable jfa-go-tray"'
        - bash -c 'ssh -i /id_rsa root@161.97.102.153 -p 2022 "repo-process-deb trusty"'
+          bash -c 'ssh -i /id_rsa root@161.97.102.153 -p 2022 "rm /repo/incoming/*.deb"'
        - bash -c 'python3 upload.py https://builds.hrfee.pw hrfee jfa-go --upload ./dist/*.zip ./dist/*.rpm ./dist/*.apk --tag internal-git=true'
      environment:
          BUILDRONE_KEY:
              from_secret: BUILDRONE_KEY
+          JFA_GO_BUILT_BY:
+              from_secret: BUILT_BY
+          JFA_GO_SNAPSHOT: y

 volumes:
    - name: ssh_key
@@ -163,7 +170,7 @@ steps:
      commands:
        - curl -sL https://git.io/goreleaser > goreleaser
        - chmod +x goreleaser
-        - ./scripts/version.sh ./goreleaser --snapshot --skip-publish --rm-dist
+        - ./scripts/version.sh ./goreleaser --snapshot --skip-publish --clean

 trigger:
    event:
--- a/.gitignore
+++ b/.gitignore
@@ -21,3 +21,7 @@ cl.md
 mautrix/
 tempts/
 matacc.txt
+scripts/langmover/lang
+scripts/langmover/lang2
+scripts/langmover/out
+tinyproxy.conf
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -8,11 +8,10 @@ before:
  hooks:
    - go mod download
    - rm -rf data/web
-    - mkdir -p data
-    - cp -r static data/web
+    - mkdir -p data/web/css
+    - bash -c 'cp -r static/* data/web/'
    - npm install
    - npm install esbuild
-    - mkdir -p data/web/css
    - cp node_modules/remixicon/fonts/remixicon.css node_modules/remixicon/fonts/remixicon.woff2 data/web/css/
    - cp -r html data/
    - node scripts/missing-colors.js html data/html
@@ -26,13 +25,16 @@ before:
    - cp -r ts tempts
    - scripts/dark-variant.sh tempts
    - scripts/dark-variant.sh tempts/modules
-    - npx esbuild --bundle tempts/admin.ts --outfile=./data/web/js/admin.js --minify
-    - npx esbuild --bundle tempts/pwr.ts --outfile=./data/web/js/pwr.js --minify
-    - npx esbuild --bundle tempts/form.ts --outfile=./data/web/js/form.js --minify
-    - npx esbuild --bundle tempts/setup.ts --outfile=./data/web/js/setup.js --minify
-    - npx esbuild --bundle tempts/crash.ts --outfile=./data/crash.js --minify
+    - mkdir -p data/web/js
+    - npx esbuild --target=es6 --bundle tempts/admin.ts {{.Env.JFA_GO_SOURCEMAP}} --outfile=./data/web/js/admin.js {{.Env.JFA_GO_MINIFY}}
+    - npx esbuild --target=es6 --bundle tempts/user.ts {{.Env.JFA_GO_SOURCEMAP}} --outfile=./data/web/js/user.js {{.Env.JFA_GO_MINIFY}}
+    - npx esbuild --target=es6 --bundle tempts/pwr.ts {{.Env.JFA_GO_SOURCEMAP}} --outfile=./data/web/js/pwr.js {{.Env.JFA_GO_MINIFY}}
+    - npx esbuild --target=es6 --bundle tempts/form.ts {{.Env.JFA_GO_SOURCEMAP}} --outfile=./data/web/js/form.js {{.Env.JFA_GO_MINIFY}}
+    - npx esbuild --target=es6 --bundle tempts/setup.ts {{.Env.JFA_GO_SOURCEMAP}} --outfile=./data/web/js/setup.js {{.Env.JFA_GO_MINIFY}}
+    - npx esbuild --target=es6 --bundle tempts/crash.ts {{.Env.JFA_GO_SOURCEMAP}} --outfile=./data/crash.js {{.Env.JFA_GO_MINIFY}}
+    - bash -c "{{.Env.JFA_GO_COPYTS}}"
    - rm -r tempts
-    - npx esbuild --bundle css/base.css --outfile=./data/web/css/bundle.css --external:remixicon.css --minify
+    - npx esbuild --bundle css/base.css --outfile=./data/web/css/bundle.css --external:remixicon.css --external:../fonts/hanken* --minify
    - cp html/crash.html data/
    - npx tailwindcss -i data/web/css/bundle.css -o data/bundle.css --content "html/crash.html"
    - node scripts/inline.js root data data/crash.html data/crash.html
@@ -48,7 +50,7 @@ builds:
      env:
        - CGO_ENABLED=0
      ldflags:
-        - -s -w -X main.version={{.Env.JFA_GO_VERSION}} -X main.commit={{.ShortCommit}} -X main.updater=binary -X main.cssVersion={{.Env.JFA_GO_CSS_VERSION}}
+        - -X main.version={{.Env.JFA_GO_VERSION}} -X main.commit={{.ShortCommit}} -X main.updater=binary {{.Env.JFA_GO_STRIP}} -X main.cssVersion={{.Env.JFA_GO_CSS_VERSION}} -X main.buildTimeUnix={{.Env.JFA_GO_BUILD_TIME}} -X main.builtBy="{{.Env.JFA_GO_BUILT_BY}}"
      goos:
        - linux
        - darwin
@@ -65,7 +67,7 @@ builds:
      flags:
        - -tags=tray
      ldflags:
-        - -s -w -X main.version={{.Env.JFA_GO_VERSION}} -X main.commit={{.ShortCommit}} -X main.updater=binary -X main.cssVersion={{.Env.JFA_GO_CSS_VERSION}} -H=windowsgui
+        - -X main.version={{.Env.JFA_GO_VERSION}} -X main.commit={{.ShortCommit}} -X main.updater=binary {{.Env.JFA_GO_STRIP}} -X main.cssVersion={{.Env.JFA_GO_CSS_VERSION}} -X main.buildTimeUnix={{.Env.JFA_GO_BUILD_TIME}} -X main.builtBy="{{.Env.JFA_GO_BUILT_BY}}" -H=windowsgui
      goos:
        - windows
      goarch:
@@ -77,7 +79,7 @@ builds:
      flags:
        - -tags=tray
      ldflags:
-        - -s -w -X main.version={{.Env.JFA_GO_VERSION}} -X main.commit={{.ShortCommit}} -X main.updater=binary -X main.cssVersion={{.Env.JFA_GO_CSS_VERSION}}
+        - -X main.version={{.Env.JFA_GO_VERSION}} -X main.commit={{.ShortCommit}} -X main.updater=binary {{.Env.JFA_GO_STRIP}} -X main.cssVersion={{.Env.JFA_GO_CSS_VERSION}} -X main.buildTimeUnix={{.Env.JFA_GO_BUILD_TIME}} -X main.builtBy="{{.Env.JFA_GO_BUILT_BY}}"
      goos:
        - linux
      goarch:
@@ -87,32 +89,32 @@ archives:
    builds:
        - windows-tray
    format: zip
-    name_template: "{{ .ProjectName }}_{{ .Version }}_TrayIcon_{{ .Os }}_{{ .Arch }}"
-    replacements:
-        darwin: macOS
-        linux: Linux
-        windows: Windows
-        amd64: x86_64
+    name_template: >-
+      {{ .ProjectName }}_{{ .Version }}_TrayIcon_
+      {{- if eq .Os "darwin" }}macOS
+      {{- else }}{{- title .Os }}{{ end }}_
+      {{- if eq .Arch "amd64" }}x86_64
+      {{- else }}{{ .Arch }}{{ end }}
  - id: linux-tray
    builds:
        - linux-tray
    format: zip
-    name_template: "{{ .ProjectName }}_{{ .Version }}_TrayIcon_{{ .Os }}_{{ .Arch }}"
-    replacements:
-        darwin: macOS
-        linux: Linux
-        windows: Windows
-        amd64: x86_64
+    name_template: >-
+      {{ .ProjectName }}_{{ .Version }}_TrayIcon_
+      {{- if eq .Os "darwin" }}macOS
+      {{- else }}{{- title .Os }}{{ end }}_
+      {{- if eq .Arch "amd64" }}x86_64
+      {{- else }}{{ .Arch }}{{ end }}
  - id: notray
    builds:
        - notray
    format: zip
-    name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
-    replacements:
-        darwin: macOS
-        linux: Linux
-        windows: Windows
-        amd64: x86_64
+    name_template: >-
+      {{ .ProjectName }}_{{ .Version }}_
+      {{- if eq .Os "darwin" }}macOS
+      {{- else }}{{- title .Os }}{{ end }}_
+      {{- if eq .Arch "amd64" }}x86_64
+      {{- else }}{{ .Arch }}{{ end }}
 checksum:
    name_template: 'checksums.txt'
 snapshot:
@@ -167,10 +169,10 @@ nfpms:
            replaces:
                - jfa-go
            dependencies:
-                - libappindicator3-1
+                - libayatana-appindicator
        rpm:
            dependencies:
                - libappindicator-gtk3
        apk:
            dependencies:
-                - libappindicator
+                - libayatana-appindicator
--- a/36
+++ b/36
@@ -11,9 +11,10 @@ CSSVERSION ?= v3
 VERSION ?= $(shell git describe --exact-match HEAD 2> /dev/null || echo vgit)
 VERSION := $(shell echo $(VERSION) | sed 's/v//g')
 COMMIT ?= $(shell git rev-parse --short HEAD || echo unknown)
+BUILDTIME ?= $(shell date +%s)

 UPDATER ?= off
-LDFLAGS := -X main.version=$(VERSION) -X main.commit=$(COMMIT) -X main.cssVersion=$(CSSVERSION)
+LDFLAGS := -X main.version=$(VERSION) -X main.commit=$(COMMIT) -X main.cssVersion=$(CSSVERSION) -X main.buildTimeUnix=$(BUILDTIME) $(if $(BUILTBY),-X 'main.builtBy=$(BUILTBY)',)
 ifeq ($(UPDATER), on)
 	LDFLAGS := $(LDFLAGS) -X main.updater=binary
 else ifneq ($(UPDATER), off)
@@ -74,14 +75,28 @@ else
 	RACEDETECTOR :=
 endif

+ifeq (, $(shell which esbuild))
+	ESBUILDINSTALL := go install github.com/evanw/esbuild/cmd/esbuild@latest
+else
+	ESBUILDINSTALL :=
+endif
+
+ifeq ($(GOESBUILD), on)
+	NPMIGNOREOPTIONAL := --no-optional
+	NPMOPTS := $(NPMIGNOREOPTIONAL); $(ESBUILDINSTALL)
+else
+	NPMOPTS :=
+endif
+
+ifeq (, $(shell which swag))
+	SWAGINSTALL := $(GOBINARY) install github.com/swaggo/swag/cmd/swag@latest
+else
+	SWAGINSTALL :=
+endif
+
 npm:
 	$(info installing npm dependencies)
-	npm install
-	@if [ "$(GOESBUILD)" = "off" ]; then\
-		npm install esbuild;\
-	else\
-		go install github.com/evanw/esbuild/cmd/esbuild@latest;\
-	fi
+	npm install $(NPMOPTS)

 configuration:
 	$(info Fixing config-base)
@@ -104,6 +119,7 @@ typescript:
 	$(info compiling typescript)
 	mkdir -p $(DATA)/web/js
 	$(ESBUILD) --target=es6 --bundle tempts/admin.ts $(SOURCEMAP) --outfile=./$(DATA)/web/js/admin.js --minify
+	$(ESBUILD) --target=es6 --bundle tempts/user.ts $(SOURCEMAP) --outfile=./$(DATA)/web/js/user.js --minify
 	$(ESBUILD) --target=es6 --bundle tempts/pwr.ts $(SOURCEMAP) --outfile=./$(DATA)/web/js/pwr.js --minify
 	$(ESBUILD) --target=es6 --bundle tempts/form.ts $(SOURCEMAP) --outfile=./$(DATA)/web/js/form.js --minify
 	$(ESBUILD) --target=es6 --bundle tempts/setup.ts $(SOURCEMAP) --outfile=./$(DATA)/web/js/setup.js --minify
@@ -111,7 +127,7 @@ typescript:
 	$(COPYTS)

 swagger:
-	$(GOBINARY) install github.com/swaggo/swag/cmd/swag@latest
+	$(SWAGINSTALL)
 	swag init -g main.go

 compile:
@@ -129,7 +145,7 @@ bundle-css:
 	$(info copying fonts)
 	cp -r node_modules/remixicon/fonts/remixicon.css node_modules/remixicon/fonts/remixicon.woff2 $(DATA)/web/css/
 	$(info bundling css)
-	$(ESBUILD) --bundle css/base.css --outfile=$(DATA)/web/css/bundle.css --external:remixicon.css --minify
+	$(ESBUILD) --bundle css/base.css --outfile=$(DATA)/web/css/bundle.css --external:remixicon.css --external:../fonts/hanken* --minify
 	npx tailwindcss -i $(DATA)/web/css/bundle.css -o $(DATA)/web/css/bundle.css $(TAILWIND)
 	# npx postcss -o $(DATA)/web/css/bundle.css $(DATA)/web/css/bundle.css

@@ -177,4 +193,6 @@ clean:
 	-rm docs/docs.go docs/swagger.json docs/swagger.yaml
 	go clean

+quick: configuration typescript variants-html bundle-css inline-css copy compile
+
 all: configuration npm email typescript variants-html bundle-css inline-css swagger copy compile
--- a/README.md
+++ b/README.md
@@ -9,15 +9,14 @@
 ##### [docker](#docker) | [debian/ubuntu](#debian) | [arch (aur)](#aur) | [other platforms](#other-platforms)

 ---
+##  Project Status: Active-ish
+Studies mean I can't work on this project a lot outside of breaks, however I hope i'll be able to fit in general support and things like bug fixes into my time. New features and such will likely come in short bursts throughout the year (if they do at all).

-## Project Status
-Due to studies and general lack of enthusiasm for work on this project, new features are unlikely, and while occasionally I might fix a bug or two, I won't be supporting the project a lot. 
-
-#### Does it still work?
-jfa-go still appears to work on the latest version of Jellyfin (10.8.9), and unless any large architectural changes occur to it, functionality should still remain. 
+#### Does/Will it still work?
+jfa-go currently works on Jellyfin 10.8.9, the latest version. I should be able to maintain compatability in the future, unless any big changes occur.

 #### Alternatives
-None of these have been tested by myself, but I have seen them mentioned quite frequently.
+If you want a bit more of a guarantee of support, I've seen these projects mentioned although haven't tried them myself.

 * [Wizarr](https://github.com/Wizarrrr/wizarr) focuses on invites, and also includes some Discord & Ombi integration.
 * [Jellyseerr](https://github.com/Fallenbagel/jellyseerr) is a fork of Overseerr, which can manage users and mainly acts as an Ombi alternative.
@@ -39,9 +38,12 @@ a rewrite of [jellyfin-accounts](https://github.com/hrfee/jellyfin-accounts) (or
 * 🔗 Ombi Integration: Automatically creates Ombi accounts for new users using their email address and login details, and your own defined set of permissions.
 * Account management: Apply settings to your users individually or en masse, and delete users, optionally sending them an email notification with a reason.
 * Telegram/Discord/Matrix Integration: Verify users via a chat bot, and send Password Resets, Announcements, etc. through it.
+* "My Account" Page: Allows users to reset their password, manage contact details, view their account expiry date, and send referrals. Custom messages can be added, with markdown.
+* Referrals: Users can be given special invites to send to their friends and families.
 * 📨 Email storage: Add your existing users email addresses through the UI, and jfa-go will ask new users for them on account creation.
    * Email addresses can optionally be used instead of usernames
 * 🔑 Password resets: When users forget their passwords and request a change in Jellyfin, jfa-go reads the PIN from the created file and sends it straight to them via email/telegram.
+  * Can also be done through the "My Account" page if enabled.
 * Admin Notifications: Get notified when someone creates an account, or an invite expires.
 * 📣 Announcements: Bulk message your users with announcements about your server.
 * Authentication via Jellyfin: Instead of using separate credentials for jfa-go and Jellyfin, jfa-go can use it as the authentication provider.
@@ -53,13 +55,10 @@ a rewrite of [jellyfin-accounts](https://github.com/hrfee/jellyfin-accounts) (or

 #### Interface
 <p align="center">
-    <img src="images/demo.gif" width="100%"></img>
-</p>
-
-<p align="center">
-    <img src="images/invites.png" width="31%" style="margin-left: 1.5%;" alt="Invites tab"></img>
-    <img src="images/accounts.png" width="31%" style="margin-right: 1.5%;" alt="Accounts tab"></img> 
-    <img src="images/create.png" width="31%" style="margin-right: 1.5%;" alt="Accounts creation"></img> 
+    <img src="images/invites.png" width="47%" style="margin-left: 1.5%;" align="top" alt="Invites tab"></img>
+    <img src="images/create.png" width="47%" style="margin-right: 1.5%;" align="top" alt="Accounts creation"></img> 
+    <img src="images/myaccount.png" width="47%" style="margin-left: 1.5%; margin-top: 1rem;" align="top" alt="My Account Page"></img>
+    <img src="images/accounts.png" width="47%" style="margin-right: 1.5%; margin-top: 1rem;" align="top" alt="Accounts tab"></img> 
 </p>

 #### Install
@@ -176,3 +175,4 @@ For translations, use the weblate instance [here](https://weblate.jfa-go.com/eng
 Big thanks to those who sponsor me. You can see them below:

 [<img src="https://sponsors-endpoint.hrfee.pw/sponsor/avatar/0" width="35">](https://sponsors-endpoint.hrfee.pw/sponsor/profile/0)
+[<img src="https://sponsors-endpoint.hrfee.pw/sponsor/avatar/1" width="35">](https://sponsors-endpoint.hrfee.pw/sponsor/profile/0)
--- a/api-invites.go
+++ b/api-invites.go
@@ -10,21 +10,52 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/itchyny/timefmt-go"
 	"github.com/lithammer/shortuuid/v3"
+	"github.com/timshannon/badgerhold/v4"
 )

+const (
+	CAPTCHA_VALIDITY = 20 * 60 // Seconds
+)
+
+// GenerateInviteCode generates an invite code in the correct format.
+func GenerateInviteCode() string {
+	// make sure code doesn't begin with number
+	inviteCode := shortuuid.New()
+	_, err := strconv.Atoi(string(inviteCode[0]))
+	for err == nil {
+		inviteCode = shortuuid.New()
+		_, err = strconv.Atoi(string(inviteCode[0]))
+	}
+	return inviteCode
+}
+
 func (app *appContext) checkInvites() {
 	currentTime := time.Now()
-	app.storage.loadInvites()
-	changed := false
-	for code, data := range app.storage.invites {
+	for _, data := range app.storage.GetInvites() {
+		captchas := data.Captchas
+		captchasExpired := false
+		for key, capt := range data.Captchas {
+			if time.Now().After(capt.Generated.Add(CAPTCHA_VALIDITY * time.Second)) {
+				delete(captchas, key)
+				captchasExpired = true
+			}
+		}
+		if captchasExpired {
+			data.Captchas = captchas
+			app.storage.SetInvitesKey(data.Code, data)
+		}
+
+		if data.IsReferral {
+			continue
+		}
 		expiry := data.ValidTill
 		if !currentTime.After(expiry) {
 			continue
 		}
-		app.debug.Printf("Housekeeping: Deleting old invite %s", code)
+		app.debug.Printf("Housekeeping: Deleting old invite %s", data.Code)
 		notify := data.Notify
 		if emailEnabled && app.config.Section("notifications").Key("enabled").MustBool(false) && len(notify) != 0 {
-			app.debug.Printf("%s: Expiry notification", code)
+			app.debug.Printf("%s: Expiry notification", data.Code)
 			var wait sync.WaitGroup
 			for address, settings := range notify {
 				if !settings["notify-expiry"] {
@@ -33,9 +64,9 @@ func (app *appContext) checkInvites() {
 				wait.Add(1)
 				go func(addr string) {
 					defer wait.Done()
-					msg, err := app.email.constructExpiry(code, data, app, false)
+					msg, err := app.email.constructExpiry(data.Code, data, app, false)
 					if err != nil {
-						app.err.Printf("%s: Failed to construct expiry notification: %v", code, err)
+						app.err.Printf("%s: Failed to construct expiry notification: %v", data.Code, err)
 					} else {
 						// Check whether notify "address" is an email address of Jellyfin ID
 						if strings.Contains(addr, "@") {
@@ -44,7 +75,7 @@ func (app *appContext) checkInvites() {
 							err = app.sendByID(msg, addr)
 						}
 						if err != nil {
-							app.err.Printf("%s: Failed to send expiry notification: %v", code, err)
+							app.err.Printf("%s: Failed to send expiry notification: %v", data.Code, err)
 						} else {
 							app.info.Printf("Sent expiry notification to %s", addr)
 						}
@@ -53,19 +84,13 @@ func (app *appContext) checkInvites() {
 			}
 			wait.Wait()
 		}
-		changed = true
-		delete(app.storage.invites, code)
-	}
-	if changed {
-		app.storage.storeInvites()
+		app.storage.DeleteInvitesKey(data.Code)
 	}
 }

 func (app *appContext) checkInvite(code string, used bool, username string) bool {
 	currentTime := time.Now()
-	app.storage.loadInvites()
-	changed := false
-	inv, match := app.storage.invites[code]
+	inv, match := app.storage.GetInvitesKey(code)
 	if !match {
 		return false
 	}
@@ -103,28 +128,23 @@ func (app *appContext) checkInvite(code string, used bool, username string) bool
 			}
 			wait.Wait()
 		}
-		changed = true
 		match = false
-		delete(app.storage.invites, code)
+		app.storage.DeleteInvitesKey(code)
 	} else if used {
-		changed = true
 		del := false
 		newInv := inv
 		if newInv.RemainingUses == 1 {
 			del = true
-			delete(app.storage.invites, code)
+			app.storage.DeleteInvitesKey(code)
 		} else if newInv.RemainingUses != 0 {
 			// 0 means infinite i guess?
 			newInv.RemainingUses--
 		}
 		newInv.UsedBy = append(newInv.UsedBy, []string{username, strconv.FormatInt(currentTime.Unix(), 10)})
 		if !del {
-			app.storage.invites[code] = newInv
+			app.storage.SetInvitesKey(code, newInv)
 		}
 	}
-	if changed {
-		app.storage.storeInvites()
-	}
 	return match
 }

@@ -138,22 +158,18 @@ func (app *appContext) checkInvite(code string, used bool, username string) bool
 func (app *appContext) GenerateInvite(gc *gin.Context) {
 	var req generateInviteDTO
 	app.debug.Println("Generating new invite")
-	app.storage.loadInvites()
 	gc.BindJSON(&req)
 	currentTime := time.Now()
 	validTill := currentTime.AddDate(0, req.Months, req.Days)
 	validTill = validTill.Add(time.Hour*time.Duration(req.Hours) + time.Minute*time.Duration(req.Minutes))
-	// make sure code doesn't begin with number
-	inviteCode := shortuuid.New()
-	_, err := strconv.Atoi(string(inviteCode[0]))
-	for err == nil {
-		inviteCode = shortuuid.New()
-		_, err = strconv.Atoi(string(inviteCode[0]))
-	}
 	var invite Invite
+	invite.Code = GenerateInviteCode()
 	if req.Label != "" {
 		invite.Label = req.Label
 	}
+	if req.UserLabel != "" {
+		invite.UserLabel = req.UserLabel
+	}
 	invite.Created = currentTime
 	if req.MultipleUses {
 		if req.NoLimit {
@@ -175,7 +191,7 @@ func (app *appContext) GenerateInvite(gc *gin.Context) {
 	if req.SendTo != "" && app.config.Section("invite_emails").Key("enabled").MustBool(false) {
 		addressValid := false
 		discord := ""
-		app.debug.Printf("%s: Sending invite message", inviteCode)
+		app.debug.Printf("%s: Sending invite message", invite.Code)
 		if discordEnabled && !strings.Contains(req.SendTo, "@") {
 			users := app.discord.GetUsers(req.SendTo)
 			if len(users) == 0 {
@@ -192,10 +208,10 @@ func (app *appContext) GenerateInvite(gc *gin.Context) {
 			invite.SendTo = req.SendTo
 		}
 		if addressValid {
-			msg, err := app.email.constructInvite(inviteCode, invite, app, false)
+			msg, err := app.email.constructInvite(invite.Code, invite, app, false)
 			if err != nil {
 				invite.SendTo = fmt.Sprintf("Failed to send to %s", req.SendTo)
-				app.err.Printf("%s: Failed to construct invite message: %v", inviteCode, err)
+				app.err.Printf("%s: Failed to construct invite message: %v", invite.Code, err)
 			} else {
 				var err error
 				if discord != "" {
@@ -205,22 +221,21 @@ func (app *appContext) GenerateInvite(gc *gin.Context) {
 				}
 				if err != nil {
 					invite.SendTo = fmt.Sprintf("Failed to send to %s", req.SendTo)
-					app.err.Printf("%s: %s: %v", inviteCode, invite.SendTo, err)
+					app.err.Printf("%s: %s: %v", invite.Code, invite.SendTo, err)
 				} else {
-					app.info.Printf("%s: Sent invite email to \"%s\"", inviteCode, req.SendTo)
+					app.info.Printf("%s: Sent invite email to \"%s\"", invite.Code, req.SendTo)
 				}
 			}
 		}
 	}
 	if req.Profile != "" {
-		if _, ok := app.storage.profiles[req.Profile]; ok {
+		if _, ok := app.storage.GetProfileKey(req.Profile); ok {
 			invite.Profile = req.Profile
 		} else {
 			invite.Profile = "Default"
 		}
 	}
-	app.storage.invites[inviteCode] = invite
-	app.storage.storeInvites()
+	app.storage.SetInvitesKey(invite.Code, invite)
 	respondBool(200, true, gc)
 }

@@ -233,13 +248,15 @@ func (app *appContext) GenerateInvite(gc *gin.Context) {
 func (app *appContext) GetInvites(gc *gin.Context) {
 	app.debug.Println("Invites requested")
 	currentTime := time.Now()
-	app.storage.loadInvites()
 	app.checkInvites()
 	var invites []inviteDTO
-	for code, inv := range app.storage.invites {
+	for _, inv := range app.storage.GetInvites() {
+		if inv.IsReferral {
+			continue
+		}
 		_, months, days, hours, minutes, _ := timeDiff(inv.ValidTill, currentTime)
 		invite := inviteDTO{
-			Code:        code,
+			Code:        inv.Code,
 			Months:      months,
 			Days:        days,
 			Hours:       hours,
@@ -253,6 +270,7 @@ func (app *appContext) GetInvites(gc *gin.Context) {
 			Profile:     inv.Profile,
 			NoLimit:     inv.NoLimit,
 			Label:       inv.Label,
+			UserLabel:   inv.UserLabel,
 		}
 		if len(inv.UsedBy) != 0 {
 			invite.UsedBy = map[string]int64{}
@@ -277,37 +295,36 @@ func (app *appContext) GetInvites(gc *gin.Context) {
 			invite.SendTo = inv.SendTo
 		}
 		if len(inv.Notify) != 0 {
-			var address string
+			// app.err.Printf("%s has notify section: %+v, you are %s\n", inv.Code, inv.Notify, gc.GetString("jfId"))
+			var addressOrID string
 			if app.config.Section("ui").Key("jellyfin_login").MustBool(false) {
-				app.storage.loadEmails()
-				if addr, ok := app.storage.emails[gc.GetString("jfId")]; ok && addr.Addr != "" {
-					address = addr.Addr
-				}
+				addressOrID = gc.GetString("jfId")
 			} else {
-				address = app.config.Section("ui").Key("email").String()
+				addressOrID = app.config.Section("ui").Key("email").String()
 			}
-			if _, ok := inv.Notify[address]; ok {
-				if _, ok = inv.Notify[address]["notify-expiry"]; ok {
-					invite.NotifyExpiry = inv.Notify[address]["notify-expiry"]
+			if _, ok := inv.Notify[addressOrID]; ok {
+				if _, ok = inv.Notify[addressOrID]["notify-expiry"]; ok {
+					invite.NotifyExpiry = inv.Notify[addressOrID]["notify-expiry"]
 				}
-				if _, ok = inv.Notify[address]["notify-creation"]; ok {
-					invite.NotifyCreation = inv.Notify[address]["notify-creation"]
+				if _, ok = inv.Notify[addressOrID]["notify-creation"]; ok {
+					invite.NotifyCreation = inv.Notify[addressOrID]["notify-creation"]
 				}
 			}
 		}
 		invites = append(invites, invite)
 	}
-	profiles := make([]string, len(app.storage.profiles))
-	if len(app.storage.profiles) != 0 {
-		profiles[0] = app.storage.defaultProfile
+	fullProfileList := app.storage.GetProfiles()
+	profiles := make([]string, len(fullProfileList))
+	if len(profiles) != 0 {
+		defaultProfile := app.storage.GetDefaultProfile()
+		profiles[0] = defaultProfile.Name
 		i := 1
-		if len(app.storage.profiles) > 1 {
-			for p := range app.storage.profiles {
-				if p != app.storage.defaultProfile {
-					profiles[i] = p
-					i++
-				}
-			}
+		if len(fullProfileList) > 1 {
+			app.storage.db.ForEach(badgerhold.Where("Name").Ne(profiles[0]), func(p *Profile) error {
+				profiles[i] = p.Name
+				i++
+				return nil
+			})
 		}
 	}
 	resp := getInvitesDTO{
@@ -330,15 +347,14 @@ func (app *appContext) SetProfile(gc *gin.Context) {
 	gc.BindJSON(&req)
 	app.debug.Printf("%s: Setting profile to \"%s\"", req.Invite, req.Profile)
 	// "" means "Don't apply profile"
-	if _, ok := app.storage.profiles[req.Profile]; !ok && req.Profile != "" {
+	if _, ok := app.storage.GetProfileKey(req.Profile); !ok && req.Profile != "" {
 		app.err.Printf("%s: Profile \"%s\" not found", req.Invite, req.Profile)
 		respond(500, "Profile not found", gc)
 		return
 	}
-	inv := app.storage.invites[req.Invite]
+	inv, _ := app.storage.GetInvitesKey(req.Invite)
 	inv.Profile = req.Profile
-	app.storage.invites[req.Invite] = inv
-	app.storage.storeInvites()
+	app.storage.SetInvitesKey(req.Invite, inv)
 	respondBool(200, true, gc)
 }

@@ -357,9 +373,7 @@ func (app *appContext) SetNotify(gc *gin.Context) {
 	changed := false
 	for code, settings := range req {
 		app.debug.Printf("%s: Notification settings change requested", code)
-		app.storage.loadInvites()
-		app.storage.loadEmails()
-		invite, ok := app.storage.invites[code]
+		invite, ok := app.storage.GetInvitesKey(code)
 		if !ok {
 			app.err.Printf("%s Notification setting change failed: Invalid code", code)
 			respond(400, "Invalid invite code", gc)
@@ -398,12 +412,9 @@ func (app *appContext) SetNotify(gc *gin.Context) {
 			changed = true
 		}
 		if changed {
-			app.storage.invites[code] = invite
+			app.storage.SetInvitesKey(code, invite)
 		}
 	}
-	if changed {
-		app.storage.storeInvites()
-	}
 }

 // @Summary Delete an invite.
@@ -419,10 +430,9 @@ func (app *appContext) DeleteInvite(gc *gin.Context) {
 	gc.BindJSON(&req)
 	app.debug.Printf("%s: Deletion requested", req.Code)
 	var ok bool
-	_, ok = app.storage.invites[req.Code]
+	_, ok = app.storage.GetInvitesKey(req.Code)
 	if ok {
-		delete(app.storage.invites, req.Code)
-		app.storage.storeInvites()
+		app.storage.DeleteInvitesKey(req.Code)
 		app.info.Printf("%s: Invite deleted", req.Code)
 		respondBool(200, true, gc)
 		return
--- a/api-messages.go
+++ b/api-messages.go
@@ -15,29 +15,46 @@ import (
 // @Router /config/emails [get]
 // @Security Bearer
 // @tags Configuration
-func (app *appContext) GetCustomEmails(gc *gin.Context) {
+func (app *appContext) GetCustomContent(gc *gin.Context) {
 	lang := gc.Query("lang")
 	if _, ok := app.storage.lang.Email[lang]; !ok {
 		lang = app.storage.lang.chosenEmailLang
 	}
-	gc.JSON(200, emailListDTO{
-		"UserCreated":       {Name: app.storage.lang.Email[lang].UserCreated["name"], Enabled: app.storage.customEmails.UserCreated.Enabled},
-		"InviteExpiry":      {Name: app.storage.lang.Email[lang].InviteExpiry["name"], Enabled: app.storage.customEmails.InviteExpiry.Enabled},
-		"PasswordReset":     {Name: app.storage.lang.Email[lang].PasswordReset["name"], Enabled: app.storage.customEmails.PasswordReset.Enabled},
-		"UserDeleted":       {Name: app.storage.lang.Email[lang].UserDeleted["name"], Enabled: app.storage.customEmails.UserDeleted.Enabled},
-		"UserDisabled":      {Name: app.storage.lang.Email[lang].UserDisabled["name"], Enabled: app.storage.customEmails.UserDisabled.Enabled},
-		"UserEnabled":       {Name: app.storage.lang.Email[lang].UserEnabled["name"], Enabled: app.storage.customEmails.UserEnabled.Enabled},
-		"InviteEmail":       {Name: app.storage.lang.Email[lang].InviteEmail["name"], Enabled: app.storage.customEmails.InviteEmail.Enabled},
-		"WelcomeEmail":      {Name: app.storage.lang.Email[lang].WelcomeEmail["name"], Enabled: app.storage.customEmails.WelcomeEmail.Enabled},
-		"EmailConfirmation": {Name: app.storage.lang.Email[lang].EmailConfirmation["name"], Enabled: app.storage.customEmails.EmailConfirmation.Enabled},
-		"UserExpired":       {Name: app.storage.lang.Email[lang].UserExpired["name"], Enabled: app.storage.customEmails.UserExpired.Enabled},
-	})
+	adminLang := lang
+	if _, ok := app.storage.lang.Admin[lang]; !ok {
+		adminLang = app.storage.lang.chosenAdminLang
+	}
+	list := emailListDTO{
+		"UserCreated":       {Name: app.storage.lang.Email[lang].UserCreated["name"], Enabled: app.storage.MustGetCustomContentKey("UserCreated").Enabled},
+		"InviteExpiry":      {Name: app.storage.lang.Email[lang].InviteExpiry["name"], Enabled: app.storage.MustGetCustomContentKey("InviteExpiry").Enabled},
+		"PasswordReset":     {Name: app.storage.lang.Email[lang].PasswordReset["name"], Enabled: app.storage.MustGetCustomContentKey("PasswordReset").Enabled},
+		"UserDeleted":       {Name: app.storage.lang.Email[lang].UserDeleted["name"], Enabled: app.storage.MustGetCustomContentKey("UserDeleted").Enabled},
+		"UserDisabled":      {Name: app.storage.lang.Email[lang].UserDisabled["name"], Enabled: app.storage.MustGetCustomContentKey("UserDisabled").Enabled},
+		"UserEnabled":       {Name: app.storage.lang.Email[lang].UserEnabled["name"], Enabled: app.storage.MustGetCustomContentKey("UserEnabled").Enabled},
+		"InviteEmail":       {Name: app.storage.lang.Email[lang].InviteEmail["name"], Enabled: app.storage.MustGetCustomContentKey("InviteEmail").Enabled},
+		"WelcomeEmail":      {Name: app.storage.lang.Email[lang].WelcomeEmail["name"], Enabled: app.storage.MustGetCustomContentKey("WelcomeEmail").Enabled},
+		"EmailConfirmation": {Name: app.storage.lang.Email[lang].EmailConfirmation["name"], Enabled: app.storage.MustGetCustomContentKey("EmailConfirmation").Enabled},
+		"UserExpired":       {Name: app.storage.lang.Email[lang].UserExpired["name"], Enabled: app.storage.MustGetCustomContentKey("UserExpired").Enabled},
+		"UserLogin":         {Name: app.storage.lang.Admin[adminLang].Strings["userPageLogin"], Enabled: app.storage.MustGetCustomContentKey("Login").Enabled},
+		"UserPage":          {Name: app.storage.lang.Admin[adminLang].Strings["userPagePage"], Enabled: app.storage.MustGetCustomContentKey("Page").Enabled},
+	}
+
+	filter := gc.Query("filter")
+	if filter == "user" {
+		list = emailListDTO{"UserLogin": list["UserLogin"], "UserPage": list["UserPage"]}
+	} else {
+		delete(list, "UserLogin")
+		delete(list, "UserPage")
+	}
+
+	gc.JSON(200, list)
 }

-func (app *appContext) getCustomEmail(id string) *customEmail {
+// No longer needed, these are stored by string keys in the database now.
+/* func (app *appContext) getCustomMessage(id string) *CustomContent {
 	switch id {
 	case "Announcement":
-		return &customEmail{}
+		return &CustomContent{}
 	case "UserCreated":
 		return &app.storage.customEmails.UserCreated
 	case "InviteExpiry":
@@ -58,43 +75,44 @@ func (app *appContext) getCustomEmail(id string) *customEmail {
 		return &app.storage.customEmails.EmailConfirmation
 	case "UserExpired":
 		return &app.storage.customEmails.UserExpired
+	case "UserLogin":
+		return &app.storage.userPage.Login
+	case "UserPage":
+		return &app.storage.userPage.Page
 	}
 	return nil
-}
+} */

-// @Summary Sets the corresponding custom email.
+// @Summary Sets the corresponding custom content.
 // @Produce json
-// @Param customEmail body customEmail true "Content = email (in markdown)."
+// @Param CustomContent body CustomContent true "Content = email (in markdown)."
 // @Success 200 {object} boolResponse
 // @Failure 400 {object} boolResponse
 // @Failure 500 {object} boolResponse
-// @Param id path string true "ID of email"
+// @Param id path string true "ID of content"
 // @Router /config/emails/{id} [post]
 // @Security Bearer
 // @tags Configuration
-func (app *appContext) SetCustomEmail(gc *gin.Context) {
-	var req customEmail
+func (app *appContext) SetCustomMessage(gc *gin.Context) {
+	var req CustomContent
 	gc.BindJSON(&req)
 	id := gc.Param("id")
 	if req.Content == "" {
 		respondBool(400, false, gc)
 		return
 	}
-	email := app.getCustomEmail(id)
-	if email == nil {
+	message, ok := app.storage.GetCustomContentKey(id)
+	if !ok {
 		respondBool(400, false, gc)
 		return
 	}
-	email.Content = req.Content
-	email.Enabled = true
-	if app.storage.storeCustomEmails() != nil {
-		respondBool(500, false, gc)
-		return
-	}
+	message.Content = req.Content
+	message.Enabled = true
+	app.storage.SetCustomContentKey(id, message)
 	respondBool(200, true, gc)
 }

-// @Summary Enable/Disable custom email.
+// @Summary Enable/Disable custom content.
 // @Produce json
 // @Success 200 {object} boolResponse
 // @Failure 400 {object} boolResponse
@@ -104,7 +122,7 @@ func (app *appContext) SetCustomEmail(gc *gin.Context) {
 // @Router /config/emails/{id}/state/{enable/disable} [post]
 // @Security Bearer
 // @tags Configuration
-func (app *appContext) SetCustomEmailState(gc *gin.Context) {
+func (app *appContext) SetCustomMessageState(gc *gin.Context) {
 	id := gc.Param("id")
 	s := gc.Param("state")
 	enabled := false
@@ -113,20 +131,17 @@ func (app *appContext) SetCustomEmailState(gc *gin.Context) {
 	} else if s != "disable" {
 		respondBool(400, false, gc)
 	}
-	email := app.getCustomEmail(id)
-	if email == nil {
+	message, ok := app.storage.GetCustomContentKey(id)
+	if !ok {
 		respondBool(400, false, gc)
 		return
 	}
-	email.Enabled = enabled
-	if app.storage.storeCustomEmails() != nil {
-		respondBool(500, false, gc)
-		return
-	}
+	message.Enabled = enabled
+	app.storage.SetCustomContentKey(id, message)
 	respondBool(200, true, gc)
 }

-// @Summary Returns the custom email (generating it if not set) and list of used variables in it.
+// @Summary Returns the custom content/message (generating it if not set) and list of used variables in it.
 // @Produce json
 // @Success 200 {object} customEmailDTO
 // @Failure 400 {object} boolResponse
@@ -135,7 +150,7 @@ func (app *appContext) SetCustomEmailState(gc *gin.Context) {
 // @Router /config/emails/{id} [get]
 // @Security Bearer
 // @tags Configuration
-func (app *appContext) GetCustomEmailTemplate(gc *gin.Context) {
+func (app *appContext) GetCustomMessageTemplate(gc *gin.Context) {
 	lang := app.storage.lang.chosenEmailLang
 	id := gc.Param("id")
 	var content string
@@ -146,20 +161,26 @@ func (app *appContext) GetCustomEmailTemplate(gc *gin.Context) {
 	var values map[string]interface{}
 	username := app.storage.lang.Email[lang].Strings.get("username")
 	emailAddress := app.storage.lang.Email[lang].Strings.get("emailAddress")
-	email := app.getCustomEmail(id)
-	if email == nil {
-		app.err.Printf("Failed to get custom email with ID \"%s\"", id)
+	customMessage, ok := app.storage.GetCustomContentKey(id)
+	if !ok && id != "Announcement" {
+		app.err.Printf("Failed to get custom message with ID \"%s\"", id)
 		respondBool(400, false, gc)
 		return
 	}
 	if id == "WelcomeEmail" {
 		conditionals = []string{"{yourAccountWillExpire}"}
-		email.Conditionals = conditionals
+		customMessage.Conditionals = conditionals
+	} else if id == "UserPage" {
+		variables = []string{"{username}"}
+		customMessage.Variables = variables
+	} else if id == "UserLogin" {
+		variables = []string{}
+		customMessage.Variables = variables
 	}
-	content = email.Content
+	content = customMessage.Content
 	noContent := content == ""
 	if !noContent {
-		variables = email.Variables
+		variables = customMessage.Variables
 	}
 	switch id {
 	case "Announcement":
@@ -215,12 +236,14 @@ func (app *appContext) GetCustomEmailTemplate(gc *gin.Context) {
 			msg, err = app.email.constructUserExpired(app, true)
 		}
 		values = app.email.userExpiredValues(app, false)
+	case "UserLogin", "UserPage":
+		values = map[string]interface{}{}
 	}
 	if err != nil {
 		respondBool(500, false, gc)
 		return
 	}
-	if noContent && id != "Announcement" {
+	if noContent && id != "Announcement" && id != "UserPage" && id != "UserLogin" {
 		content = msg.Text
 		variables = make([]string, strings.Count(content, "{"))
 		i := 0
@@ -239,19 +262,24 @@ func (app *appContext) GetCustomEmailTemplate(gc *gin.Context) {
 				i++
 			}
 		}
-		email.Variables = variables
+		customMessage.Variables = variables
 	}
 	if variables == nil {
 		variables = []string{}
 	}
-	if app.storage.storeCustomEmails() != nil {
-		respondBool(500, false, gc)
-		return
-	}
-	mail, err := app.email.constructTemplate("", "<div class=\"preview-content\"></div>", app)
-	if err != nil {
-		respondBool(500, false, gc)
-		return
+	app.storage.SetCustomContentKey(id, customMessage)
+	var mail *Message
+	if id != "UserLogin" && id != "UserPage" {
+		mail, err = app.email.constructTemplate("", "<div class=\"preview-content\"></div>", app)
+		if err != nil {
+			respondBool(500, false, gc)
+			return
+		}
+	} else {
+		mail = &Message{
+			HTML:     "<div class=\"card ~neutral dark:~d_neutral @low preview-content\"></div>",
+			Markdown: "<div class=\"card ~neutral dark:~d_neutral @low preview-content\"></div>",
+		}
 	}
 	gc.JSON(200, customEmailDTO{Content: content, Variables: variables, Conditionals: conditionals, Values: values, HTML: mail.HTML, Plaintext: mail.Text})
 }
@@ -285,18 +313,12 @@ func (app *appContext) TelegramAddUser(gc *gin.Context) {
 		respondBool(400, false, gc)
 		return
 	}
-	tokenIndex := -1
-	for i, v := range app.telegram.verifiedTokens {
-		if v.Token == req.Token {
-			tokenIndex = i
-			break
-		}
-	}
-	if tokenIndex == -1 {
+	tgToken, ok := app.telegram.TokenVerified(req.Token)
+	app.telegram.DeleteVerifiedToken(req.Token)
+	if !ok {
 		respondBool(500, false, gc)
 		return
 	}
-	tgToken := app.telegram.verifiedTokens[tokenIndex]
 	tgUser := TelegramUser{
 		ChatID:   tgToken.ChatID,
 		Username: tgToken.Username,
@@ -305,17 +327,7 @@ func (app *appContext) TelegramAddUser(gc *gin.Context) {
 	if lang, ok := app.telegram.languages[tgToken.ChatID]; ok {
 		tgUser.Lang = lang
 	}
-	if app.storage.telegram == nil {
-		app.storage.telegram = map[string]TelegramUser{}
-	}
-	app.storage.telegram[req.ID] = tgUser
-	err := app.storage.storeTelegramUsers()
-	if err != nil {
-		app.err.Printf("Failed to store Telegram users: %v", err)
-	} else {
-		app.telegram.verifiedTokens[len(app.telegram.verifiedTokens)-1], app.telegram.verifiedTokens[tokenIndex] = app.telegram.verifiedTokens[tokenIndex], app.telegram.verifiedTokens[len(app.telegram.verifiedTokens)-1]
-		app.telegram.verifiedTokens = app.telegram.verifiedTokens[:len(app.telegram.verifiedTokens)-1]
-	}
+	app.storage.SetTelegramKey(req.ID, tgUser)
 	linkExistingOmbiDiscordTelegram(app)
 	respondBool(200, true, gc)
 }
@@ -336,15 +348,14 @@ func (app *appContext) SetContactMethods(gc *gin.Context) {
 		respondBool(400, false, gc)
 		return
 	}
-	if tgUser, ok := app.storage.telegram[req.ID]; ok {
+	app.setContactMethods(req, gc)
+}
+
+func (app *appContext) setContactMethods(req SetContactMethodsDTO, gc *gin.Context) {
+	if tgUser, ok := app.storage.GetTelegramKey(req.ID); ok {
 		change := tgUser.Contact != req.Telegram
 		tgUser.Contact = req.Telegram
-		app.storage.telegram[req.ID] = tgUser
-		if err := app.storage.storeTelegramUsers(); err != nil {
-			respondBool(500, false, gc)
-			app.err.Printf("Telegram: Failed to store users: %v", err)
-			return
-		}
+		app.storage.SetTelegramKey(req.ID, tgUser)
 		if change {
 			msg := ""
 			if !req.Telegram {
@@ -353,15 +364,10 @@ func (app *appContext) SetContactMethods(gc *gin.Context) {
 			app.debug.Printf("Telegram: User \"%s\" will%s be notified through Telegram.", tgUser.Username, msg)
 		}
 	}
-	if dcUser, ok := app.storage.discord[req.ID]; ok {
+	if dcUser, ok := app.storage.GetDiscordKey(req.ID); ok {
 		change := dcUser.Contact != req.Discord
 		dcUser.Contact = req.Discord
-		app.storage.discord[req.ID] = dcUser
-		if err := app.storage.storeDiscordUsers(); err != nil {
-			respondBool(500, false, gc)
-			app.err.Printf("Discord: Failed to store users: %v", err)
-			return
-		}
+		app.storage.SetDiscordKey(req.ID, dcUser)
 		if change {
 			msg := ""
 			if !req.Discord {
@@ -370,15 +376,10 @@ func (app *appContext) SetContactMethods(gc *gin.Context) {
 			app.debug.Printf("Discord: User \"%s\" will%s be notified through Discord.", dcUser.Username, msg)
 		}
 	}
-	if mxUser, ok := app.storage.matrix[req.ID]; ok {
+	if mxUser, ok := app.storage.GetMatrixKey(req.ID); ok {
 		change := mxUser.Contact != req.Matrix
 		mxUser.Contact = req.Matrix
-		app.storage.matrix[req.ID] = mxUser
-		if err := app.storage.storeMatrixUsers(); err != nil {
-			respondBool(500, false, gc)
-			app.err.Printf("Matrix: Failed to store users: %v", err)
-			return
-		}
+		app.storage.SetMatrixKey(req.ID, mxUser)
 		if change {
 			msg := ""
 			if !req.Matrix {
@@ -387,15 +388,10 @@ func (app *appContext) SetContactMethods(gc *gin.Context) {
 			app.debug.Printf("Matrix: User \"%s\" will%s be notified through Matrix.", mxUser.UserID, msg)
 		}
 	}
-	if email, ok := app.storage.emails[req.ID]; ok {
+	if email, ok := app.storage.GetEmailsKey(req.ID); ok {
 		change := email.Contact != req.Email
 		email.Contact = req.Email
-		app.storage.emails[req.ID] = email
-		if err := app.storage.storeEmails(); err != nil {
-			respondBool(500, false, gc)
-			app.err.Printf("Failed to store emails: %v", err)
-			return
-		}
+		app.storage.SetEmailsKey(req.ID, email)
 		if change {
 			msg := ""
 			if !req.Email {
@@ -416,19 +412,8 @@ func (app *appContext) SetContactMethods(gc *gin.Context) {
 // @tags Other
 func (app *appContext) TelegramVerified(gc *gin.Context) {
 	pin := gc.Param("pin")
-	tokenIndex := -1
-	for i, v := range app.telegram.verifiedTokens {
-		if v.Token == pin {
-			tokenIndex = i
-			break
-		}
-	}
-	// if tokenIndex != -1 {
-	// 	length := len(app.telegram.verifiedTokens)
-	// 	app.telegram.verifiedTokens[length-1], app.telegram.verifiedTokens[tokenIndex] = app.telegram.verifiedTokens[tokenIndex], app.telegram.verifiedTokens[length-1]
-	// 	app.telegram.verifiedTokens = app.telegram.verifiedTokens[:length-1]
-	// }
-	respondBool(200, tokenIndex != -1, gc)
+	_, ok := app.telegram.TokenVerified(pin)
+	respondBool(200, ok, gc)
 }

 // @Summary Returns true/false on whether or not a telegram PIN was verified. Requires invite code.
@@ -441,32 +426,18 @@ func (app *appContext) TelegramVerified(gc *gin.Context) {
 // @tags Other
 func (app *appContext) TelegramVerifiedInvite(gc *gin.Context) {
 	code := gc.Param("invCode")
-	if _, ok := app.storage.invites[code]; !ok {
+	if _, ok := app.storage.GetInvitesKey(code); !ok {
 		respondBool(401, false, gc)
 		return
 	}
 	pin := gc.Param("pin")
-	tokenIndex := -1
-	for i, v := range app.telegram.verifiedTokens {
-		if v.Token == pin {
-			tokenIndex = i
-			break
-		}
+	token, ok := app.telegram.TokenVerified(pin)
+	if ok && app.config.Section("telegram").Key("require_unique").MustBool(false) && app.telegram.UserExists(token.Username) {
+		app.discord.DeleteVerifiedUser(pin)
+		respondBool(400, false, gc)
+		return
 	}
-	if app.config.Section("telegram").Key("require_unique").MustBool(false) {
-		for _, u := range app.storage.telegram {
-			if app.telegram.verifiedTokens[tokenIndex].Username == u.Username {
-				respondBool(400, false, gc)
-				return
-			}
-		}
-	}
-	// if tokenIndex != -1 {
-	// 	length := len(app.telegram.verifiedTokens)
-	// 	app.telegram.verifiedTokens[length-1], app.telegram.verifiedTokens[tokenIndex] = app.telegram.verifiedTokens[tokenIndex], app.telegram.verifiedTokens[length-1]
-	// 	app.telegram.verifiedTokens = app.telegram.verifiedTokens[:length-1]
-	// }
-	respondBool(200, tokenIndex != -1, gc)
+	respondBool(200, ok, gc)
 }

 // @Summary Returns true/false on whether or not a discord PIN was verified. Requires invite code.
@@ -479,20 +450,16 @@ func (app *appContext) TelegramVerifiedInvite(gc *gin.Context) {
 // @tags Other
 func (app *appContext) DiscordVerifiedInvite(gc *gin.Context) {
 	code := gc.Param("invCode")
-	if _, ok := app.storage.invites[code]; !ok {
+	if _, ok := app.storage.GetInvitesKey(code); !ok {
 		respondBool(401, false, gc)
 		return
 	}
 	pin := gc.Param("pin")
-	_, ok := app.discord.verifiedTokens[pin]
-	if app.config.Section("discord").Key("require_unique").MustBool(false) {
-		for _, u := range app.storage.discord {
-			if app.discord.verifiedTokens[pin].ID == u.ID {
-				delete(app.discord.verifiedTokens, pin)
-				respondBool(400, false, gc)
-				return
-			}
-		}
+	user, ok := app.discord.UserVerified(pin)
+	if ok && app.config.Section("discord").Key("require_unique").MustBool(false) && app.discord.UserExists(user.ID) {
+		delete(app.discord.verifiedTokens, pin)
+		respondBool(400, false, gc)
+		return
 	}
 	respondBool(200, ok, gc)
 }
@@ -512,7 +479,7 @@ func (app *appContext) DiscordServerInvite(gc *gin.Context) {
 		return
 	}
 	code := gc.Param("invCode")
-	if _, ok := app.storage.invites[code]; !ok {
+	if _, ok := app.storage.GetInvitesKey(code); !ok {
 		respondBool(401, false, gc)
 		return
 	}
@@ -536,7 +503,7 @@ func (app *appContext) DiscordServerInvite(gc *gin.Context) {
 // @tags Other
 func (app *appContext) MatrixSendPIN(gc *gin.Context) {
 	code := gc.Param("invCode")
-	if _, ok := app.storage.invites[code]; !ok {
+	if _, ok := app.storage.GetInvitesKey(code); !ok {
 		respondBool(401, false, gc)
 		return
 	}
@@ -547,7 +514,7 @@ func (app *appContext) MatrixSendPIN(gc *gin.Context) {
 		return
 	}
 	if app.config.Section("matrix").Key("require_unique").MustBool(false) {
-		for _, u := range app.storage.matrix {
+		for _, u := range app.storage.GetMatrix() {
 			if req.UserID == u.UserID {
 				respondBool(400, false, gc)
 				return
@@ -574,7 +541,7 @@ func (app *appContext) MatrixSendPIN(gc *gin.Context) {
 // @tags Other
 func (app *appContext) MatrixCheckPIN(gc *gin.Context) {
 	code := gc.Param("invCode")
-	if _, ok := app.storage.invites[code]; !ok {
+	if _, ok := app.storage.GetInvitesKey(code); !ok {
 		app.debug.Println("Matrix: Invite code was invalid")
 		respondBool(401, false, gc)
 		return
@@ -644,8 +611,8 @@ func (app *appContext) MatrixLogin(gc *gin.Context) {
 func (app *appContext) MatrixConnect(gc *gin.Context) {
 	var req MatrixConnectUserDTO
 	gc.BindJSON(&req)
-	if app.storage.matrix == nil {
-		app.storage.matrix = map[string]MatrixUser{}
+	if app.storage.GetMatrix() == nil {
+		app.storage.deprecatedMatrix = matrixStore{}
 	}
 	roomID, encrypted, err := app.matrix.CreateRoom(req.UserID)
 	if err != nil {
@@ -653,19 +620,14 @@ func (app *appContext) MatrixConnect(gc *gin.Context) {
 		respondBool(500, false, gc)
 		return
 	}
-	app.storage.matrix[req.JellyfinID] = MatrixUser{
+	app.storage.SetMatrixKey(req.JellyfinID, MatrixUser{
 		UserID:    req.UserID,
 		RoomID:    string(roomID),
 		Lang:      "en-us",
 		Contact:   true,
 		Encrypted: encrypted,
-	}
+	})
 	app.matrix.isEncrypted[roomID] = encrypted
-	if err := app.storage.storeMatrixUsers(); err != nil {
-		app.err.Printf("Failed to store Matrix users: %v", err)
-		respondBool(500, false, gc)
-		return
-	}
 	respondBool(200, true, gc)
 }

@@ -715,12 +677,7 @@ func (app *appContext) DiscordConnect(gc *gin.Context) {
 		respondBool(500, false, gc)
 		return
 	}
-	app.storage.discord[req.JellyfinID] = user
-	if err := app.storage.storeDiscordUsers(); err != nil {
-		app.err.Printf("Failed to store Discord users: %v", err)
-		respondBool(500, false, gc)
-		return
-	}
+	app.storage.SetDiscordKey(req.JellyfinID, user)
 	linkExistingOmbiDiscordTelegram(app)
 	respondBool(200, true, gc)
 }
@@ -739,8 +696,7 @@ func (app *appContext) UnlinkDiscord(gc *gin.Context) {
 		respond(400, "User not found", gc)
 		return
 	} */
-	delete(app.storage.discord, req.ID)
-	app.storage.storeDiscordUsers()
+	app.storage.DeleteDiscordKey(req.ID)
 	respondBool(200, true, gc)
 }

@@ -758,8 +714,7 @@ func (app *appContext) UnlinkTelegram(gc *gin.Context) {
 		respond(400, "User not found", gc)
 		return
 	} */
-	delete(app.storage.telegram, req.ID)
-	app.storage.storeTelegramUsers()
+	app.storage.DeleteTelegramKey(req.ID)
 	respondBool(200, true, gc)
 }

@@ -777,7 +732,6 @@ func (app *appContext) UnlinkMatrix(gc *gin.Context) {
 		respond(400, "User not found", gc)
 		return
 	} */
-	delete(app.storage.matrix, req.ID)
-	app.storage.storeMatrixUsers()
+	app.storage.DeleteMatrixKey(req.ID)
 	respondBool(200, true, gc)
 }
--- a/api-ombi.go
+++ b/api-ombi.go
@@ -4,6 +4,7 @@ import (
 	"fmt"

 	"github.com/gin-gonic/gin"
+	"github.com/hrfee/mediabrowser"
 )

 func (app *appContext) getOmbiUser(jfID string) (map[string]interface{}, int, error) {
@@ -17,7 +18,7 @@ func (app *appContext) getOmbiUser(jfID string) (map[string]interface{}, int, er
 	}
 	username := jfUser.Name
 	email := ""
-	if e, ok := app.storage.emails[jfID]; ok {
+	if e, ok := app.storage.GetEmailsKey(jfID); ok {
 		email = e.Addr
 	}
 	for _, ombiUser := range ombiUsers {
@@ -29,7 +30,31 @@ func (app *appContext) getOmbiUser(jfID string) (map[string]interface{}, int, er
 			return ombiUser, code, err
 		}
 	}
-	return nil, 400, fmt.Errorf("Couldn't find user")
+	return nil, 400, fmt.Errorf("couldn't find user")
+}
+
+// Returns a user with the given name who has been imported from Jellyfin/Emby by Ombi
+func (app *appContext) getOmbiImportedUser(name string) (map[string]interface{}, int, error) {
+	// Ombi User Types: 3/4 = Emby, 5 = Jellyfin
+	ombiUsers, code, err := app.ombi.GetUsers()
+	if err != nil || code != 200 {
+		return nil, code, err
+	}
+	for _, ombiUser := range ombiUsers {
+		if ombiUser["userName"].(string) == name {
+			uType, ok := ombiUser["userType"].(int)
+			if !ok { // Don't know if Ombi somehow allows duplicate usernames
+				continue
+			}
+			if serverType == mediabrowser.JellyfinServer && uType != 5 { // Jellyfin
+				continue
+			} else if uType != 3 && uType != 4 { // Emby
+				continue
+			}
+			return ombiUser, code, err
+		}
+	}
+	return nil, 400, fmt.Errorf("couldn't find user")
 }

 // @Summary Get a list of Ombi users.
@@ -71,7 +96,7 @@ func (app *appContext) SetOmbiProfile(gc *gin.Context) {
 	var req ombiUser
 	gc.BindJSON(&req)
 	profileName := gc.Param("profile")
-	profile, ok := app.storage.profiles[profileName]
+	profile, ok := app.storage.GetProfileKey(profileName)
 	if !ok {
 		respondBool(400, false, gc)
 		return
@@ -83,12 +108,7 @@ func (app *appContext) SetOmbiProfile(gc *gin.Context) {
 		return
 	}
 	profile.Ombi = template
-	app.storage.profiles[profileName] = profile
-	if err := app.storage.storeProfiles(); err != nil {
-		respond(500, "Failed to store profile", gc)
-		app.err.Printf("Failed to store profiles: %v", err)
-		return
-	}
+	app.storage.SetProfileKey(profileName, profile)
 	respondBool(204, true, gc)
 }

@@ -103,17 +123,27 @@ func (app *appContext) SetOmbiProfile(gc *gin.Context) {
 // @tags Ombi
 func (app *appContext) DeleteOmbiProfile(gc *gin.Context) {
 	profileName := gc.Param("profile")
-	profile, ok := app.storage.profiles[profileName]
+	profile, ok := app.storage.GetProfileKey(profileName)
 	if !ok {
 		respondBool(400, false, gc)
 		return
 	}
 	profile.Ombi = nil
-	app.storage.profiles[profileName] = profile
-	if err := app.storage.storeProfiles(); err != nil {
-		respond(500, "Failed to store profile", gc)
-		app.err.Printf("Failed to store profiles: %v", err)
-		return
-	}
+	app.storage.SetProfileKey(profileName, profile)
 	respondBool(204, true, gc)
 }
+
+func (app *appContext) applyOmbiProfile(user map[string]interface{}, profile map[string]interface{}) (status int, err error) {
+	for k, v := range profile {
+		switch v.(type) {
+		case map[string]interface{}, []interface{}:
+			user[k] = v
+		default:
+			if v != user[k] {
+				user[k] = v
+			}
+		}
+	}
+	status, err = app.ombi.ModifyUser(user)
+	return
+}
--- a/api-profiles.go
+++ b/api-profiles.go
@@ -4,6 +4,7 @@ import (
 	"time"

 	"github.com/gin-gonic/gin"
+	"github.com/timshannon/badgerhold/v4"
 )

 // @Summary Get a list of profiles
@@ -13,19 +14,28 @@ import (
 // @Security Bearer
 // @tags Profiles & Settings
 func (app *appContext) GetProfiles(gc *gin.Context) {
-	app.storage.loadProfiles()
 	app.debug.Println("Profiles requested")
 	out := getProfilesDTO{
-		DefaultProfile: app.storage.defaultProfile,
+		DefaultProfile: app.storage.GetDefaultProfile().Name,
 		Profiles:       map[string]profileDTO{},
 	}
-	for name, p := range app.storage.profiles {
-		out.Profiles[name] = profileDTO{
-			Admin:         p.Admin,
-			LibraryAccess: p.LibraryAccess,
-			FromUser:      p.FromUser,
-			Ombi:          p.Ombi != nil,
+	referralsEnabled := app.config.Section("user_page").Key("referrals").MustBool(false)
+	baseInv := Invite{}
+	for _, p := range app.storage.GetProfiles() {
+		pdto := profileDTO{
+			Admin:            p.Admin,
+			LibraryAccess:    p.LibraryAccess,
+			FromUser:         p.FromUser,
+			Ombi:             p.Ombi != nil,
+			ReferralsEnabled: false,
 		}
+		if referralsEnabled {
+			err := app.storage.db.Get(p.ReferralTemplateKey, &baseInv)
+			if p.ReferralTemplateKey != "" && err == nil {
+				pdto.ReferralsEnabled = true
+			}
+		}
+		out.Profiles[p.Name] = pdto
 	}
 	gc.JSON(200, out)
 }
@@ -42,20 +52,20 @@ func (app *appContext) SetDefaultProfile(gc *gin.Context) {
 	req := profileChangeDTO{}
 	gc.BindJSON(&req)
 	app.info.Printf("Setting default profile to \"%s\"", req.Name)
-	if _, ok := app.storage.profiles[req.Name]; !ok {
+	if _, ok := app.storage.GetProfileKey(req.Name); !ok {
 		app.err.Printf("Profile not found: \"%s\"", req.Name)
 		respond(500, "Profile not found", gc)
 		return
 	}
-	for name, profile := range app.storage.profiles {
-		if name == req.Name {
-			profile.Admin = true
-			app.storage.profiles[name] = profile
+	app.storage.db.ForEach(&badgerhold.Query{}, func(profile *Profile) error {
+		if profile.Name == req.Name {
+			profile.Default = true
 		} else {
-			profile.Admin = false
+			profile.Default = false
 		}
-	}
-	app.storage.defaultProfile = req.Name
+		app.storage.SetProfileKey(profile.Name, *profile)
+		return nil
+	})
 	respondBool(200, true, gc)
 }

@@ -79,8 +89,9 @@ func (app *appContext) CreateProfile(gc *gin.Context) {
 		return
 	}
 	profile := Profile{
-		FromUser: user.Name,
-		Policy:   user.Policy,
+		FromUser:   user.Name,
+		Policy:     user.Policy,
+		Homescreen: req.Homescreen,
 	}
 	app.debug.Printf("Creating profile from user \"%s\"", user.Name)
 	if req.Homescreen {
@@ -92,10 +103,11 @@ func (app *appContext) CreateProfile(gc *gin.Context) {
 			return
 		}
 	}
-	app.storage.loadProfiles()
-	app.storage.profiles[req.Name] = profile
-	app.storage.storeProfiles()
-	app.storage.loadProfiles()
+	app.storage.SetProfileKey(req.Name, profile)
+	// Refresh discord bots, profile list
+	if discordEnabled {
+		app.discord.UpdateCommands()
+	}
 	respondBool(200, true, gc)
 }

@@ -110,12 +122,73 @@ func (app *appContext) DeleteProfile(gc *gin.Context) {
 	req := profileChangeDTO{}
 	gc.BindJSON(&req)
 	name := req.Name
-	if _, ok := app.storage.profiles[name]; ok {
-		if app.storage.defaultProfile == name {
-			app.storage.defaultProfile = ""
-		}
-		delete(app.storage.profiles, name)
-	}
-	app.storage.storeProfiles()
+	app.storage.DeleteProfileKey(name)
+	respondBool(200, true, gc)
+}
+
+// @Summary Enable referrals for a profile, sourced from the given invite by its code.
+// @Produce json
+// @Param profile path string true "name of profile to enable referrals for."
+// @Param invite path string true "invite code to create referral template from."
+// @Success 200 {object} boolResponse
+// @Failure 400 {object} stringResponse
+// @Failure 500 {object} stringResponse
+// @Router /profiles/referral/{profile}/{invite} [post]
+// @Security Bearer
+// @tags Profiles & Settings
+func (app *appContext) EnableReferralForProfile(gc *gin.Context) {
+	profileName := gc.Param("profile")
+	invCode := gc.Param("invite")
+	inv, ok := app.storage.GetInvitesKey(invCode)
+	if !ok {
+		respond(400, "Invalid invite code", gc)
+		app.err.Printf("\"%s\": Failed to enable referrals: invite not found", profileName)
+		return
+	}
+	profile, ok := app.storage.GetProfileKey(profileName)
+	if !ok {
+		respond(400, "Invalid profile", gc)
+		app.err.Printf("\"%s\": Failed to enable referrals: profile not found", profileName)
+		return
+	}
+
+	// Generate new code for referral template
+	inv.Code = GenerateInviteCode()
+	inv.Created = time.Now()
+	inv.ValidTill = inv.Created.Add(REFERRAL_EXPIRY_DAYS * 24 * time.Hour)
+	inv.IsReferral = true
+	// Since this is a template for multiple users, ReferrerJellyfinID is not set.
+	// inv.ReferrerJellyfinID = ...
+
+	app.storage.SetInvitesKey(inv.Code, inv)
+
+	profile.ReferralTemplateKey = inv.Code
+
+	app.storage.SetProfileKey(profile.Name, profile)
+
+	respondBool(200, true, gc)
+}
+
+// @Summary Disable referrals for a profile, and removes the referral template. no-op if not enabled.
+// @Produce json
+// @Param profile path string true "name of profile to enable referrals for."
+// @Success 200 {object} boolResponse
+// @Router /profiles/referral/{profile} [delete]
+// @Security Bearer
+// @tags Profiles & Settings
+func (app *appContext) DisableReferralForProfile(gc *gin.Context) {
+	profileName := gc.Param("profile")
+	profile, ok := app.storage.GetProfileKey(profileName)
+	if !ok {
+		respondBool(200, true, gc)
+		return
+	}
+
+	app.storage.DeleteInvitesKey(profile.ReferralTemplateKey)
+
+	profile.ReferralTemplateKey = ""
+
+	app.storage.SetProfileKey(profileName, profile)
+
 	respondBool(200, true, gc)
 }
--- a/api-userpage.go
+++ b/api-userpage.go
@@ -0,0 +1,695 @@
+package main
+
+import (
+	"net/http"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/golang-jwt/jwt"
+	"github.com/timshannon/badgerhold/v4"
+)
+
+const (
+	REFERRAL_EXPIRY_DAYS = 90
+)
+
+// @Summary Returns the logged-in user's Jellyfin ID & Username, and other details.
+// @Produce json
+// @Success 200 {object} MyDetailsDTO
+// @Router /my/details [get]
+// @tags User Page
+func (app *appContext) MyDetails(gc *gin.Context) {
+	resp := MyDetailsDTO{
+		Id: gc.GetString("jfId"),
+	}
+
+	user, status, err := app.jf.UserByID(resp.Id, false)
+	if status != 200 || err != nil {
+		app.err.Printf("Failed to get Jellyfin user (%d): %+v\n", status, err)
+		respond(500, "Failed to get user", gc)
+		return
+	}
+	resp.Username = user.Name
+	resp.Admin = user.Policy.IsAdministrator
+	resp.AccountsAdmin = false
+	if !app.config.Section("ui").Key("allow_all").MustBool(false) {
+		adminOnly := app.config.Section("ui").Key("admin_only").MustBool(true)
+		if emailStore, ok := app.storage.GetEmailsKey(resp.Id); ok {
+			resp.AccountsAdmin = emailStore.Admin
+		}
+		resp.AccountsAdmin = resp.AccountsAdmin || (adminOnly && resp.Admin)
+	}
+	resp.Disabled = user.Policy.IsDisabled
+
+	if exp, ok := app.storage.GetUserExpiryKey(user.ID); ok {
+		resp.Expiry = exp.Expiry.Unix()
+	}
+
+	if emailEnabled {
+		resp.Email = &MyDetailsContactMethodsDTO{}
+		if email, ok := app.storage.GetEmailsKey(user.ID); ok && email.Addr != "" {
+			resp.Email.Value = email.Addr
+			resp.Email.Enabled = email.Contact
+		}
+	}
+
+	if discordEnabled {
+		resp.Discord = &MyDetailsContactMethodsDTO{}
+		if discord, ok := app.storage.GetDiscordKey(user.ID); ok {
+			resp.Discord.Value = RenderDiscordUsername(discord)
+			resp.Discord.Enabled = discord.Contact
+		}
+	}
+
+	if telegramEnabled {
+		resp.Telegram = &MyDetailsContactMethodsDTO{}
+		if telegram, ok := app.storage.GetTelegramKey(user.ID); ok {
+			resp.Telegram.Value = telegram.Username
+			resp.Telegram.Enabled = telegram.Contact
+		}
+	}
+
+	if matrixEnabled {
+		resp.Matrix = &MyDetailsContactMethodsDTO{}
+		if matrix, ok := app.storage.GetMatrixKey(user.ID); ok {
+			resp.Matrix.Value = matrix.UserID
+			resp.Matrix.Enabled = matrix.Contact
+		}
+	}
+
+	if app.config.Section("user_page").Key("referrals").MustBool(false) {
+		// 1. Look for existing template bound to this Jellyfin ID
+		//    If one exists, that means its just for us and so we
+		//    can use it directly.
+		inv := Invite{}
+		err := app.storage.db.FindOne(&inv, badgerhold.Where("ReferrerJellyfinID").Eq(resp.Id))
+		if err == nil {
+			resp.HasReferrals = true
+		} else {
+			// 2. Look for a template matching the key found in the user storage
+			//    Since this key is shared between users in a profile, we make a copy.
+			user, ok := app.storage.GetEmailsKey(gc.GetString("jfId"))
+			err = app.storage.db.Get(user.ReferralTemplateKey, &inv)
+			if ok && err == nil {
+				resp.HasReferrals = true
+			}
+		}
+	}
+
+	gc.JSON(200, resp)
+}
+
+// @Summary Sets whether to notify yourself through telegram/discord/matrix/email or not.
+// @Produce json
+// @Param SetContactMethodsDTO body SetContactMethodsDTO true "User's Jellyfin ID and whether or not to notify then through Telegram."
+// @Success 200 {object} boolResponse
+// @Success 400 {object} boolResponse
+// @Success 500 {object} boolResponse
+// @Router /my/contact [post]
+// @Security Bearer
+// @tags User Page
+func (app *appContext) SetMyContactMethods(gc *gin.Context) {
+	var req SetContactMethodsDTO
+	gc.BindJSON(&req)
+	req.ID = gc.GetString("jfId")
+	if req.ID == "" {
+		respondBool(400, false, gc)
+		return
+	}
+	app.setContactMethods(req, gc)
+}
+
+// @Summary Logout by deleting refresh token from cookies.
+// @Produce json
+// @Success 200 {object} boolResponse
+// @Failure 500 {object} stringResponse
+// @Router /my/logout [post]
+// @Security Bearer
+// @tags User Page
+func (app *appContext) LogoutUser(gc *gin.Context) {
+	cookie, err := gc.Cookie("user-refresh")
+	if err != nil {
+		app.debug.Printf("Couldn't get cookies: %s", err)
+		respond(500, "Couldn't fetch cookies", gc)
+		return
+	}
+	app.invalidTokens = append(app.invalidTokens, cookie)
+	gc.SetCookie("refresh", "invalid", -1, "/my", gc.Request.URL.Hostname(), true, true)
+	respondBool(200, true, gc)
+}
+
+// @Summary confirm an action (e.g. changing an email address.)
+// @Produce json
+// @Param jwt path string true "jwt confirmation code"
+// @Router /my/confirm/{jwt} [post]
+// @Success 200 {object} boolResponse
+// @Failure 400 {object} stringResponse
+// @Failure 404
+// @Success 303
+// @Failure 500 {object} stringResponse
+// @tags User Page
+func (app *appContext) ConfirmMyAction(gc *gin.Context) {
+	app.confirmMyAction(gc, "")
+}
+
+func (app *appContext) confirmMyAction(gc *gin.Context, key string) {
+	var claims jwt.MapClaims
+	var target ConfirmationTarget
+	var id string
+	fail := func() {
+		gcHTML(gc, 404, "404.html", gin.H{
+			"cssClass":       app.cssClass,
+			"cssVersion":     cssVersion,
+			"contactMessage": app.config.Section("ui").Key("contact_message").String(),
+		})
+	}
+
+	// Validate key
+	if key == "" {
+		key = gc.Param("jwt")
+	}
+	token, err := jwt.Parse(key, checkToken)
+	if err != nil {
+		app.err.Printf("Failed to parse key: %s", err)
+		fail()
+		// respond(500, "unknownError", gc)
+		return
+	}
+	claims, ok := token.Claims.(jwt.MapClaims)
+	if !ok {
+		app.err.Printf("Failed to parse key: %s", err)
+		fail()
+		// respond(500, "unknownError", gc)
+		return
+	}
+	expiry := time.Unix(int64(claims["exp"].(float64)), 0)
+	if !(ok && token.Valid && claims["type"].(string) == "confirmation" && expiry.After(time.Now())) {
+		app.err.Printf("Invalid key")
+		fail()
+		// respond(400, "invalidKey", gc)
+		return
+	}
+	target = ConfirmationTarget(int(claims["target"].(float64)))
+	id = claims["id"].(string)
+
+	// Perform an Action
+	if target == NoOp {
+		gc.Redirect(http.StatusSeeOther, "/my/account")
+		return
+	} else if target == UserEmailChange {
+		emailStore, ok := app.storage.GetEmailsKey(id)
+		if !ok {
+			emailStore = EmailAddress{
+				Contact: true,
+			}
+		}
+		emailStore.Addr = claims["email"].(string)
+		app.storage.SetEmailsKey(id, emailStore)
+		if app.config.Section("ombi").Key("enabled").MustBool(false) {
+			ombiUser, code, err := app.getOmbiUser(id)
+			if code == 200 && err == nil {
+				ombiUser["emailAddress"] = claims["email"].(string)
+				code, err = app.ombi.ModifyUser(ombiUser)
+				if code != 200 || err != nil {
+					app.err.Printf("%s: Failed to change ombi email address (%d): %v", ombiUser["userName"].(string), code, err)
+				}
+			}
+		}
+
+		app.info.Println("Email list modified")
+		gc.Redirect(http.StatusSeeOther, "/my/account")
+		return
+	}
+}
+
+// @Summary Modify your email address.
+// @Produce json
+// @Param ModifyMyEmailDTO body ModifyMyEmailDTO true "New email address."
+// @Success 200 {object} boolResponse
+// @Failure 400 {object} stringResponse
+// @Failure 401 {object} stringResponse
+// @Failure 500 {object} stringResponse
+// @Router /my/email [post]
+// @Security Bearer
+// @tags User Page
+func (app *appContext) ModifyMyEmail(gc *gin.Context) {
+	var req ModifyMyEmailDTO
+	gc.BindJSON(&req)
+	app.debug.Println("Email modification requested")
+	if !strings.ContainsRune(req.Email, '@') {
+		respond(400, "Invalid Email Address", gc)
+		return
+	}
+	id := gc.GetString("jfId")
+
+	// We'll use the ConfirmMyAction route to do the work, even if we don't need to confirm the address.
+	claims := jwt.MapClaims{
+		"valid":  true,
+		"id":     id,
+		"email":  req.Email,
+		"type":   "confirmation",
+		"target": UserEmailChange,
+		"exp":    time.Now().Add(time.Hour).Unix(),
+	}
+	tk := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	key, err := tk.SignedString([]byte(os.Getenv("JFA_SECRET")))
+
+	if err != nil {
+		app.err.Printf("Failed to generate confirmation token: %v", err)
+		respond(500, "errorUnknown", gc)
+		return
+	}
+
+	if emailEnabled && app.config.Section("email_confirmation").Key("enabled").MustBool(false) {
+		user, status, err := app.jf.UserByID(id, false)
+		name := ""
+		if status == 200 && err == nil {
+			name = user.Name
+		}
+		app.debug.Printf("%s: Email confirmation required", id)
+		respond(401, "confirmEmail", gc)
+		msg, err := app.email.constructConfirmation("", name, key, app, false)
+		if err != nil {
+			app.err.Printf("%s: Failed to construct confirmation email: %v", name, err)
+		} else if err := app.email.send(msg, req.Email); err != nil {
+			app.err.Printf("%s: Failed to send user confirmation email: %v", name, err)
+		} else {
+			app.info.Printf("%s: Sent user confirmation email to \"%s\"", name, req.Email)
+		}
+		return
+	}
+
+	app.confirmMyAction(gc, key)
+	return
+}
+
+// @Summary Returns a 10-minute, one-use Discord server invite
+// @Produce json
+// @Success 200 {object} DiscordInviteDTO
+// @Failure 400 {object} boolResponse
+// @Failure 401 {object} boolResponse
+// @Failure 500 {object} boolResponse
+// @Param invCode path string true "invite Code"
+// @Router /my/discord/invite [get]
+// @Security Bearer
+// @tags User Page
+func (app *appContext) MyDiscordServerInvite(gc *gin.Context) {
+	if app.discord.inviteChannelName == "" {
+		respondBool(400, false, gc)
+		return
+	}
+	invURL, iconURL := app.discord.NewTempInvite(10*60, 1)
+	if invURL == "" {
+		respondBool(500, false, gc)
+		return
+	}
+	gc.JSON(200, DiscordInviteDTO{invURL, iconURL})
+}
+
+// @Summary Returns a linking PIN for discord/telegram
+// @Produce json
+// @Success 200 {object} GetMyPINDTO
+// @Failure 400 {object} stringResponse
+// Param service path string true "discord/telegram"
+// @Router /my/pin/{service} [get]
+// @Security Bearer
+// @tags User Page
+func (app *appContext) GetMyPIN(gc *gin.Context) {
+	service := gc.Param("service")
+	resp := GetMyPINDTO{}
+	switch service {
+	case "discord":
+		resp.PIN = app.discord.NewAssignedAuthToken(gc.GetString("jfId"))
+		break
+	case "telegram":
+		resp.PIN = app.telegram.NewAssignedAuthToken(gc.GetString("jfId"))
+		break
+	default:
+		respond(400, "invalid service", gc)
+		return
+	}
+	gc.JSON(200, resp)
+}
+
+// @Summary Returns true/false on whether or not your discord PIN was verified, and assigns the discord user to you.
+// @Produce json
+// @Success 200 {object} boolResponse
+// @Failure 401 {object} boolResponse
+// @Param pin path string true "PIN code to check"
+// @Router /my/discord/verified/{pin} [get]
+// @Security Bearer
+// @tags User Page
+func (app *appContext) MyDiscordVerifiedInvite(gc *gin.Context) {
+	pin := gc.Param("pin")
+	dcUser, ok := app.discord.AssignedUserVerified(pin, gc.GetString("jfId"))
+	app.discord.DeleteVerifiedUser(pin)
+	if !ok {
+		respondBool(200, false, gc)
+		return
+	}
+	if app.config.Section("discord").Key("require_unique").MustBool(false) && app.discord.UserExists(dcUser.ID) {
+		respondBool(400, false, gc)
+		return
+	}
+	existingUser, ok := app.storage.GetDiscordKey(gc.GetString("jfId"))
+	if ok {
+		dcUser.Lang = existingUser.Lang
+		dcUser.Contact = existingUser.Contact
+	}
+	app.storage.SetDiscordKey(gc.GetString("jfId"), dcUser)
+	respondBool(200, true, gc)
+}
+
+// @Summary Returns true/false on whether or not your telegram PIN was verified, and assigns the telegram user to you.
+// @Produce json
+// @Success 200 {object} boolResponse
+// @Failure 401 {object} boolResponse
+// @Param pin path string true "PIN code to check"
+// @Router /my/telegram/verified/{pin} [get]
+// @Security Bearer
+// @tags User Page
+func (app *appContext) MyTelegramVerifiedInvite(gc *gin.Context) {
+	pin := gc.Param("pin")
+	token, ok := app.telegram.AssignedTokenVerified(pin, gc.GetString("jfId"))
+	app.telegram.DeleteVerifiedToken(pin)
+	if !ok {
+		respondBool(200, false, gc)
+		return
+	}
+	if app.config.Section("telegram").Key("require_unique").MustBool(false) && app.telegram.UserExists(token.Username) {
+		respondBool(400, false, gc)
+		return
+	}
+	tgUser := TelegramUser{
+		ChatID:   token.ChatID,
+		Username: token.Username,
+		Contact:  true,
+	}
+	if lang, ok := app.telegram.languages[tgUser.ChatID]; ok {
+		tgUser.Lang = lang
+	}
+
+	existingUser, ok := app.storage.GetTelegramKey(gc.GetString("jfId"))
+	if ok {
+		tgUser.Lang = existingUser.Lang
+		tgUser.Contact = existingUser.Contact
+	}
+	app.storage.SetTelegramKey(gc.GetString("jfId"), tgUser)
+	respondBool(200, true, gc)
+}
+
+// @Summary Generate and send a new PIN to your given matrix user.
+// @Produce json
+// @Success 200 {object} boolResponse
+// @Failure 400 {object} stringResponse
+// @Failure 401 {object} boolResponse
+// @Failure 500 {object} boolResponse
+// @Param MatrixSendPINDTO body MatrixSendPINDTO true "User's Matrix ID."
+// @Router /my/matrix/user [post]
+// @Security Bearer
+// @tags User Page
+func (app *appContext) MatrixSendMyPIN(gc *gin.Context) {
+	var req MatrixSendPINDTO
+	gc.BindJSON(&req)
+	if req.UserID == "" {
+		respond(400, "errorNoUserID", gc)
+		return
+	}
+	if app.config.Section("matrix").Key("require_unique").MustBool(false) {
+		for _, u := range app.storage.GetMatrix() {
+			if req.UserID == u.UserID {
+				respondBool(400, false, gc)
+				return
+			}
+		}
+	}
+
+	ok := app.matrix.SendStart(req.UserID)
+	if !ok {
+		respondBool(500, false, gc)
+		return
+	}
+	respondBool(200, true, gc)
+}
+
+// @Summary Check whether your matrix PIN is valid, and link the account to yours if so.
+// @Produce json
+// @Success 200 {object} boolResponse
+// @Failure 401 {object} boolResponse
+// @Param pin path string true "PIN code to check"
+// @Param invCode path string true "invite Code"
+// @Param userID path string true "Matrix User ID"
+// @Router /my/matrix/verified/{userID}/{pin} [get]
+// @Security Bearer
+// @tags User Page
+func (app *appContext) MatrixCheckMyPIN(gc *gin.Context) {
+	userID := gc.Param("userID")
+	pin := gc.Param("pin")
+	user, ok := app.matrix.tokens[pin]
+	if !ok {
+		app.debug.Println("Matrix: PIN not found")
+		respondBool(200, false, gc)
+		return
+	}
+	if user.User.UserID != userID {
+		app.debug.Println("Matrix: User ID of PIN didn't match")
+		respondBool(200, false, gc)
+		return
+	}
+
+	mxUser := *user.User
+	mxUser.Contact = true
+	existingUser, ok := app.storage.GetMatrixKey(gc.GetString("jfId"))
+	if ok {
+		mxUser.Lang = existingUser.Lang
+		mxUser.Contact = existingUser.Contact
+	}
+
+	app.storage.SetMatrixKey(gc.GetString("jfId"), mxUser)
+	delete(app.matrix.tokens, pin)
+	respondBool(200, true, gc)
+}
+
+// @Summary unlink the Discord account from your Jellyfin user. Always succeeds.
+// @Produce json
+// @Success 200 {object} boolResponse
+// @Router /my/discord [delete]
+// @Security Bearer
+// @Tags User Page
+func (app *appContext) UnlinkMyDiscord(gc *gin.Context) {
+	app.storage.DeleteDiscordKey(gc.GetString("jfId"))
+	respondBool(200, true, gc)
+}
+
+// @Summary unlink the Telegram account from your Jellyfin user. Always succeeds.
+// @Produce json
+// @Success 200 {object} boolResponse
+// @Router /my/telegram [delete]
+// @Security Bearer
+// @Tags User Page
+func (app *appContext) UnlinkMyTelegram(gc *gin.Context) {
+	app.storage.DeleteTelegramKey(gc.GetString("jfId"))
+	respondBool(200, true, gc)
+}
+
+// @Summary unlink the Matrix account from your Jellyfin user. Always succeeds.
+// @Produce json
+// @Success 200 {object} boolResponse
+// @Router /my/matrix [delete]
+// @Security Bearer
+// @Tags User Page
+func (app *appContext) UnlinkMyMatrix(gc *gin.Context) {
+	app.storage.DeleteMatrixKey(gc.GetString("jfId"))
+	respondBool(200, true, gc)
+}
+
+// @Summary Generate & send a password reset link if the given username/email/contact method exists. Doesn't give you any info about it's success.
+// @Produce json
+// @Param address path string true "address/contact method associated w/ your account."
+// @Success 204 {object} boolResponse
+// @Failure 400 {object} boolResponse
+// @Failure 500 {object} boolResponse
+// @Router /my/password/reset/{address} [post]
+// @Tags User Page
+func (app *appContext) ResetMyPassword(gc *gin.Context) {
+	// All requests should take 1 second, to make it harder to tell if a success occured or not.
+	timerWait := make(chan bool)
+	cancel := time.AfterFunc(1*time.Second, func() {
+		timerWait <- true
+	})
+	address := gc.Param("address")
+	if address == "" {
+		app.debug.Println("Ignoring empty request for PWR")
+		cancel.Stop()
+		respondBool(400, false, gc)
+		return
+	}
+	var pwr InternalPWR
+	var err error
+
+	jfUser, ok := app.ReverseUserSearch(address)
+	if !ok {
+		app.debug.Printf("Ignoring PWR request: User not found")
+
+		for range timerWait {
+			respondBool(204, true, gc)
+			return
+		}
+		return
+	}
+	pwr, err = app.GenInternalReset(jfUser.ID)
+	if err != nil {
+		app.err.Printf("Failed to get user from Jellyfin: %v", err)
+		for range timerWait {
+			respondBool(204, true, gc)
+			return
+		}
+		return
+	}
+	if app.internalPWRs == nil {
+		app.internalPWRs = map[string]InternalPWR{}
+	}
+	app.internalPWRs[pwr.PIN] = pwr
+	// FIXME: Send to all contact methods
+	msg, err := app.email.constructReset(
+		PasswordReset{
+			Pin:      pwr.PIN,
+			Username: pwr.Username,
+			Expiry:   pwr.Expiry,
+			Internal: true,
+		}, app, false,
+	)
+	if err != nil {
+		app.err.Printf("Failed to construct password reset message for \"%s\": %v", pwr.Username, err)
+		for range timerWait {
+			respondBool(204, true, gc)
+			return
+		}
+		return
+	} else if err := app.sendByID(msg, jfUser.ID); err != nil {
+		app.err.Printf("Failed to send password reset message to \"%s\": %v", address, err)
+	} else {
+		app.info.Printf("Sent password reset message to \"%s\"", address)
+	}
+	for range timerWait {
+		respondBool(204, true, gc)
+		return
+	}
+}
+
+// @Summary Change your password, given the old one and the new one.
+// @Produce json
+// @Param ChangeMyPasswordDTO body ChangeMyPasswordDTO true "User's old & new passwords."
+// @Success 204 {object} boolResponse
+// @Failure 400 {object} PasswordValidation
+// @Failure 401 {object} boolResponse
+// @Failure 500 {object} boolResponse
+// @Router /my/password [post]
+// @Security Bearer
+// @Tags User Page
+func (app *appContext) ChangeMyPassword(gc *gin.Context) {
+	var req ChangeMyPasswordDTO
+	gc.BindJSON(&req)
+	if req.Old == "" || req.New == "" {
+		respondBool(400, false, gc)
+	}
+	validation := app.validator.validate(req.New)
+	for _, val := range validation {
+		if !val {
+			app.debug.Printf("%s: Change password failed: Invalid password", gc.GetString("jfId"))
+			gc.JSON(400, validation)
+			return
+		}
+	}
+	user, status, err := app.jf.UserByID(gc.GetString("jfId"), false)
+	if status != 200 || err != nil {
+		app.err.Printf("Failed to change password: couldn't find user (%d): %+v", status, err)
+		respondBool(500, false, gc)
+		return
+	}
+	// Authenticate as user to confirm old password.
+	user, status, err = app.authJf.Authenticate(user.Name, req.Old)
+	if status != 200 || err != nil {
+		respondBool(401, false, gc)
+		return
+	}
+	status, err = app.jf.SetPassword(gc.GetString("jfId"), req.Old, req.New)
+	if (status != 200 && status != 204) || err != nil {
+		respondBool(500, false, gc)
+		return
+	}
+	if app.config.Section("ombi").Key("enabled").MustBool(false) {
+		func() {
+			ombiUser, status, err := app.getOmbiUser(gc.GetString("jfId"))
+			if status != 200 || err != nil {
+				app.err.Printf("Failed to get user \"%s\" from ombi (%d): %v", user.Name, status, err)
+				return
+			}
+			ombiUser["password"] = req.New
+			status, err = app.ombi.ModifyUser(ombiUser)
+			if status != 200 || err != nil {
+				app.err.Printf("Failed to set password for ombi user \"%s\" (%d): %v", ombiUser["userName"], status, err)
+				return
+			}
+			app.debug.Printf("Reset password for ombi user \"%s\"", ombiUser["userName"])
+		}()
+	}
+	cookie, err := gc.Cookie("user-refresh")
+	if err == nil {
+		app.invalidTokens = append(app.invalidTokens, cookie)
+		gc.SetCookie("refresh", "invalid", -1, "/my", gc.Request.URL.Hostname(), true, true)
+	} else {
+		app.debug.Printf("Couldn't get cookies: %s", err)
+	}
+	respondBool(204, true, gc)
+}
+
+// @Summary Get or generate a new referral code.
+// @Produce json
+// @Success 200 {object} GetMyReferralRespDTO
+// @Failure 400 {object} boolResponse
+// @Failure 401 {object} boolResponse
+// @Failure 500 {object} boolResponse
+// @Router /my/referral [get]
+// @Security Bearer
+// @Tags User Page
+func (app *appContext) GetMyReferral(gc *gin.Context) {
+	// 1. Look for existing template bound to this Jellyfin ID
+	//    If one exists, that means its just for us and so we
+	//    can use it directly.
+	inv := Invite{}
+	err := app.storage.db.FindOne(&inv, badgerhold.Where("ReferrerJellyfinID").Eq(gc.GetString("jfId")))
+	if err != nil {
+		// 2. Look for a template matching the key found in the user storage
+		//    Since this key is shared between users in a profile, we make a copy.
+		user, ok := app.storage.GetEmailsKey(gc.GetString("jfId"))
+		err = app.storage.db.Get(user.ReferralTemplateKey, &inv)
+		if !ok || err != nil {
+			app.debug.Printf("Ignoring referral request, couldn't find template.")
+			respondBool(400, false, gc)
+			return
+		}
+		inv.Code = GenerateInviteCode()
+		inv.Created = time.Now()
+		inv.ValidTill = inv.Created.Add(REFERRAL_EXPIRY_DAYS * 24 * time.Hour)
+		inv.IsReferral = true
+		inv.ReferrerJellyfinID = gc.GetString("jfId")
+		app.storage.SetInvitesKey(inv.Code, inv)
+	} else if time.Now().After(inv.ValidTill) {
+		// 3. We found an invite for us, but it's expired.
+		//    We delete it from storage, and put it back with a fresh code and expiry.
+		app.storage.DeleteInvitesKey(inv.Code)
+		inv.Code = GenerateInviteCode()
+		inv.Created = time.Now()
+		inv.ValidTill = inv.Created.Add(REFERRAL_EXPIRY_DAYS * 24 * time.Hour)
+		app.storage.SetInvitesKey(inv.Code, inv)
+	}
+	gc.JSON(200, GetMyReferralRespDTO{
+		Code:          inv.Code,
+		RemainingUses: inv.RemainingUses,
+		NoLimit:       inv.NoLimit,
+		Expiry:        inv.ValidTill.Unix(),
+	})
+}
--- a/api-users.go
+++ b/api-users.go
@@ -9,6 +9,7 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/golang-jwt/jwt"
 	"github.com/hrfee/mediabrowser"
+	"github.com/timshannon/badgerhold/v4"
 )

 // @Summary Creates a new Jellyfin user without an invite.
@@ -44,16 +45,21 @@ func (app *appContext) NewUserAdmin(gc *gin.Context) {
 		return
 	}
 	id := user.ID
-	if app.storage.policy.BlockedTags != nil {
-		status, err = app.jf.SetPolicy(id, app.storage.policy)
+	profile := app.storage.GetDefaultProfile()
+	if req.Profile != "" && req.Profile != "none" {
+		if p, ok := app.storage.GetProfileKey(req.Profile); ok {
+			profile = p
+		} else {
+			app.debug.Printf("Couldn't find profile \"%s\", using default", req.Profile)
+		}
+
+		status, err = app.jf.SetPolicy(id, profile.Policy)
 		if !(status == 200 || status == 204 || err == nil) {
 			app.err.Printf("%s: Failed to set user policy (%d): %v", req.Username, status, err)
 		}
-	}
-	if app.storage.configuration.GroupedFolders != nil && len(app.storage.displayprefs) != 0 {
-		status, err = app.jf.SetConfiguration(id, app.storage.configuration)
+		status, err = app.jf.SetConfiguration(id, profile.Configuration)
 		if (status == 200 || status == 204) && err == nil {
-			status, err = app.jf.SetDisplayPreferences(id, app.storage.displayprefs)
+			status, err = app.jf.SetDisplayPreferences(id, profile.Displayprefs)
 		}
 		if !((status == 200 || status == 204) && err == nil) {
 			app.err.Printf("%s: Failed to set configuration template (%d): %v", req.Username, status, err)
@@ -61,19 +67,18 @@ func (app *appContext) NewUserAdmin(gc *gin.Context) {
 	}
 	app.jf.CacheExpiry = time.Now()
 	if emailEnabled {
-		app.storage.emails[id] = EmailAddress{Addr: req.Email, Contact: true}
-		app.storage.storeEmails()
+		app.storage.SetEmailsKey(id, EmailAddress{Addr: req.Email, Contact: true})
 	}
 	if app.config.Section("ombi").Key("enabled").MustBool(false) {
-		app.storage.loadOmbiTemplate()
-		if len(app.storage.ombi_template) != 0 {
-			errors, code, err := app.ombi.NewUser(req.Username, req.Password, req.Email, app.storage.ombi_template)
-			if err != nil || code != 200 {
-				app.err.Printf("Failed to create Ombi user (%d): %v", code, err)
-				app.debug.Printf("Errors reported by Ombi: %s", strings.Join(errors, ", "))
-			} else {
-				app.info.Println("Created Ombi user")
-			}
+		if profile.Ombi == nil {
+			profile.Ombi = map[string]interface{}{}
+		}
+		errors, code, err := app.ombi.NewUser(req.Username, req.Password, req.Email, profile.Ombi)
+		if err != nil || code != 200 {
+			app.err.Printf("Failed to create Ombi user (%d): %v", code, err)
+			app.debug.Printf("Errors reported by Ombi: %s", strings.Join(errors, ", "))
+		} else {
+			app.info.Println("Created Ombi user")
 		}
 	}
 	if emailEnabled && app.config.Section("welcome_email").Key("enabled").MustBool(false) && req.Email != "" {
@@ -121,7 +126,7 @@ func (app *appContext) newUser(req newUserDTO, confirmed bool) (f errorFunc, suc
 				return
 			}
 		} else {
-			discordUser, discordVerified = app.discord.verifiedTokens[req.DiscordPIN]
+			discordUser, discordVerified = app.discord.UserVerified(req.DiscordPIN)
 			if !discordVerified {
 				f = func(gc *gin.Context) {
 					app.debug.Printf("%s: New user failed: Discord PIN was invalid", req.Code)
@@ -130,17 +135,13 @@ func (app *appContext) newUser(req newUserDTO, confirmed bool) (f errorFunc, suc
 				success = false
 				return
 			}
-			if app.config.Section("discord").Key("require_unique").MustBool(false) {
-				for _, u := range app.storage.discord {
-					if discordUser.ID == u.ID {
-						f = func(gc *gin.Context) {
-							app.debug.Printf("%s: New user failed: Discord user already linked", req.Code)
-							respond(400, "errorAccountLinked", gc)
-						}
-						success = false
-						return
-					}
+			if app.config.Section("discord").Key("require_unique").MustBool(false) && app.discord.UserExists(discordUser.ID) {
+				f = func(gc *gin.Context) {
+					app.debug.Printf("%s: New user failed: Discord user already linked", req.Code)
+					respond(400, "errorAccountLinked", gc)
 				}
+				success = false
+				return
 			}
 			err := app.discord.ApplyRole(discordUser.ID)
 			if err != nil {
@@ -176,24 +177,21 @@ func (app *appContext) newUser(req newUserDTO, confirmed bool) (f errorFunc, suc
 				success = false
 				return
 			}
-			if app.config.Section("matrix").Key("require_unique").MustBool(false) {
-				for _, u := range app.storage.matrix {
-					if user.User.UserID == u.UserID {
-						f = func(gc *gin.Context) {
-							app.debug.Printf("%s: New user failed: Matrix user already linked", req.Code)
-							respond(400, "errorAccountLinked", gc)
-						}
-						success = false
-						return
-					}
+			if app.config.Section("matrix").Key("require_unique").MustBool(false) && app.matrix.UserExists(user.User.UserID) {
+				f = func(gc *gin.Context) {
+					app.debug.Printf("%s: New user failed: Matrix user already linked", req.Code)
+					respond(400, "errorAccountLinked", gc)
 				}
+				success = false
+				return
 			}
 			matrixVerified = user.Verified
 			matrixUser = *user.User

 		}
 	}
-	telegramTokenIndex := -1
+	var tgToken TelegramVerifiedToken
+	telegramVerified := false
 	if telegramEnabled {
 		if req.TelegramPIN == "" {
 			if app.config.Section("telegram").Key("required").MustBool(false) {
@@ -205,13 +203,8 @@ func (app *appContext) newUser(req newUserDTO, confirmed bool) (f errorFunc, suc
 				return
 			}
 		} else {
-			for i, v := range app.telegram.verifiedTokens {
-				if v.Token == req.TelegramPIN {
-					telegramTokenIndex = i
-					break
-				}
-			}
-			if telegramTokenIndex == -1 {
+			tgToken, telegramVerified = app.telegram.TokenVerified(req.TelegramPIN)
+			if !telegramVerified {
 				f = func(gc *gin.Context) {
 					app.debug.Printf("%s: New user failed: Telegram PIN was invalid", req.Code)
 					respond(401, "errorInvalidPIN", gc)
@@ -219,30 +212,22 @@ func (app *appContext) newUser(req newUserDTO, confirmed bool) (f errorFunc, suc
 				success = false
 				return
 			}
-			if app.config.Section("telegram").Key("require_unique").MustBool(false) {
-				for _, u := range app.storage.telegram {
-					if app.telegram.verifiedTokens[telegramTokenIndex].Username == u.Username {
-						f = func(gc *gin.Context) {
-							app.debug.Printf("%s: New user failed: Telegram user already linked", req.Code)
-							respond(400, "errorAccountLinked", gc)
-						}
-						success = false
-						return
-					}
+			if app.config.Section("telegram").Key("require_unique").MustBool(false) && app.telegram.UserExists(tgToken.Username) {
+				f = func(gc *gin.Context) {
+					app.debug.Printf("%s: New user failed: Telegram user already linked", req.Code)
+					respond(400, "errorAccountLinked", gc)
 				}
+				success = false
+				return
 			}
 		}
 	}
 	if emailEnabled && app.config.Section("email_confirmation").Key("enabled").MustBool(false) && !confirmed {
 		claims := jwt.MapClaims{
-			"valid":       true,
-			"invite":      req.Code,
-			"email":       req.Email,
-			"username":    req.Username,
-			"password":    req.Password,
-			"telegramPIN": req.TelegramPIN,
-			"exp":         time.Now().Add(time.Hour * 12).Unix(),
-			"type":        "confirmation",
+			"valid":  true,
+			"invite": req.Code,
+			"exp":    time.Now().Add(30 * time.Minute).Unix(),
+			"type":   "confirmation",
 		}
 		tk := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
 		key, err := tk.SignedString([]byte(os.Getenv("JFA_SECRET")))
@@ -254,10 +239,17 @@ func (app *appContext) newUser(req newUserDTO, confirmed bool) (f errorFunc, suc
 			success = false
 			return
 		}
-		inv := app.storage.invites[req.Code]
-		inv.Keys = append(inv.Keys, key)
-		app.storage.invites[req.Code] = inv
-		app.storage.storeInvites()
+		if app.ConfirmationKeys == nil {
+			app.ConfirmationKeys = map[string]map[string]newUserDTO{}
+		}
+		cKeys, ok := app.ConfirmationKeys[req.Code]
+		if !ok {
+			cKeys = map[string]newUserDTO{}
+		}
+		cKeys[key] = req
+		app.confirmationKeysLock.Lock()
+		app.ConfirmationKeys[req.Code] = cKeys
+		app.confirmationKeysLock.Unlock()
 		f = func(gc *gin.Context) {
 			app.debug.Printf("%s: Email confirmation required", req.Code)
 			respond(401, "confirmEmail", gc)
@@ -283,8 +275,7 @@ func (app *appContext) newUser(req newUserDTO, confirmed bool) (f errorFunc, suc
 		success = false
 		return
 	}
-	app.storage.loadProfiles()
-	invite := app.storage.invites[req.Code]
+	invite, _ := app.storage.GetInvitesKey(req.Code)
 	app.checkInvite(req.Code, true, req.Username)
 	if emailEnabled && app.config.Section("notifications").Key("enabled").MustBool(false) {
 		for address, settings := range invite.Notify {
@@ -311,61 +302,61 @@ func (app *appContext) newUser(req newUserDTO, confirmed bool) (f errorFunc, suc
 		}
 	}
 	id := user.ID
+
+	emailStore := EmailAddress{
+		Addr:    req.Email,
+		Contact: (req.Email != ""),
+	}
+
+	if invite.UserLabel != "" {
+		emailStore.Label = invite.UserLabel
+	}
+
 	var profile Profile
 	if invite.Profile != "" {
 		app.debug.Printf("Applying settings from profile \"%s\"", invite.Profile)
 		var ok bool
-		profile, ok = app.storage.profiles[invite.Profile]
+		profile, ok = app.storage.GetProfileKey(invite.Profile)
 		if !ok {
-			profile = app.storage.profiles["Default"]
+			profile = app.storage.GetDefaultProfile()
 		}
-		if profile.Policy.BlockedTags != nil {
-			app.debug.Printf("Applying policy from profile \"%s\"", invite.Profile)
-			status, err = app.jf.SetPolicy(id, profile.Policy)
-			if !((status == 200 || status == 204) && err == nil) {
-				app.err.Printf("%s: Failed to set user policy (%d): %v", req.Code, status, err)
-			}
+		app.debug.Printf("Applying policy from profile \"%s\"", invite.Profile)
+		status, err = app.jf.SetPolicy(id, profile.Policy)
+		if !((status == 200 || status == 204) && err == nil) {
+			app.err.Printf("%s: Failed to set user policy (%d): %v", req.Code, status, err)
 		}
-		if profile.Configuration.GroupedFolders != nil && len(profile.Displayprefs) != 0 {
-			app.debug.Printf("Applying homescreen from profile \"%s\"", invite.Profile)
-			status, err = app.jf.SetConfiguration(id, profile.Configuration)
-			if (status == 200 || status == 204) && err == nil {
-				status, err = app.jf.SetDisplayPreferences(id, profile.Displayprefs)
-			}
-			if !((status == 200 || status == 204) && err == nil) {
-				app.err.Printf("%s: Failed to set configuration template (%d): %v", req.Code, status, err)
-			}
+		app.debug.Printf("Applying homescreen from profile \"%s\"", invite.Profile)
+		status, err = app.jf.SetConfiguration(id, profile.Configuration)
+		if (status == 200 || status == 204) && err == nil {
+			status, err = app.jf.SetDisplayPreferences(id, profile.Displayprefs)
+		}
+		if !((status == 200 || status == 204) && err == nil) {
+			app.err.Printf("%s: Failed to set configuration template (%d): %v", req.Code, status, err)
+		}
+		if app.config.Section("user_page").Key("enabled").MustBool(false) && app.config.Section("user_page").Key("referrals").MustBool(false) && profile.ReferralTemplateKey != "" {
+			emailStore.ReferralTemplateKey = profile.ReferralTemplateKey
+			// Store here, just incase email are disabled (whether this is even possible, i don't know)
+			app.storage.SetEmailsKey(id, emailStore)
 		}
 	}
 	// if app.config.Section("password_resets").Key("enabled").MustBool(false) {
-	if req.Email != "" {
-		app.storage.emails[id] = EmailAddress{Addr: req.Email, Contact: true}
-		app.storage.storeEmails()
+	if req.Email != "" || invite.UserLabel != "" {
+		app.storage.SetEmailsKey(id, emailStore)
 	}
 	expiry := time.Time{}
 	if invite.UserExpiry {
-		app.storage.usersLock.Lock()
-		defer app.storage.usersLock.Unlock()
 		expiry = time.Now().AddDate(0, invite.UserMonths, invite.UserDays).Add(time.Duration((60*invite.UserHours)+invite.UserMinutes) * time.Minute)
-		app.storage.users[id] = expiry
-		if err := app.storage.storeUsers(); err != nil {
-			app.err.Printf("Failed to store user duration: %v", err)
-		}
+		app.storage.SetUserExpiryKey(id, UserExpiry{Expiry: expiry})
 	}
-	if discordEnabled && discordVerified {
+	if discordVerified {
 		discordUser.Contact = req.DiscordContact
-		if app.storage.discord == nil {
-			app.storage.discord = map[string]DiscordUser{}
-		}
-		app.storage.discord[user.ID] = discordUser
-		if err := app.storage.storeDiscordUsers(); err != nil {
-			app.err.Printf("Failed to store Discord users: %v", err)
-		} else {
-			delete(app.discord.verifiedTokens, req.DiscordPIN)
+		if app.storage.deprecatedDiscord == nil {
+			app.storage.deprecatedDiscord = discordStore{}
 		}
+		app.storage.SetDiscordKey(user.ID, discordUser)
+		delete(app.discord.verifiedTokens, req.DiscordPIN)
 	}
-	if telegramEnabled && telegramTokenIndex != -1 {
-		tgToken := app.telegram.verifiedTokens[telegramTokenIndex]
+	if telegramVerified {
 		tgUser := TelegramUser{
 			ChatID:   tgToken.ChatID,
 			Username: tgToken.Username,
@@ -374,44 +365,57 @@ func (app *appContext) newUser(req newUserDTO, confirmed bool) (f errorFunc, suc
 		if lang, ok := app.telegram.languages[tgToken.ChatID]; ok {
 			tgUser.Lang = lang
 		}
-		if app.storage.telegram == nil {
-			app.storage.telegram = map[string]TelegramUser{}
-		}
-		app.storage.telegram[user.ID] = tgUser
-		if err := app.storage.storeTelegramUsers(); err != nil {
-			app.err.Printf("Failed to store Telegram users: %v", err)
-		} else {
-			app.telegram.verifiedTokens[len(app.telegram.verifiedTokens)-1], app.telegram.verifiedTokens[telegramTokenIndex] = app.telegram.verifiedTokens[telegramTokenIndex], app.telegram.verifiedTokens[len(app.telegram.verifiedTokens)-1]
-			app.telegram.verifiedTokens = app.telegram.verifiedTokens[:len(app.telegram.verifiedTokens)-1]
+		if app.storage.deprecatedTelegram == nil {
+			app.storage.deprecatedTelegram = telegramStore{}
 		}
+		app.telegram.DeleteVerifiedToken(req.TelegramPIN)
+		app.storage.SetTelegramKey(user.ID, tgUser)
 	}
 	if invite.Profile != "" && app.config.Section("ombi").Key("enabled").MustBool(false) {
 		if profile.Ombi != nil && len(profile.Ombi) != 0 {
 			template := profile.Ombi
 			errors, code, err := app.ombi.NewUser(req.Username, req.Password, req.Email, template)
+			accountExists := false
+			var ombiUser map[string]interface{}
 			if err != nil || code != 200 {
-				app.info.Printf("Failed to create Ombi user (%d): %s", code, err)
-				app.debug.Printf("Errors reported by Ombi: %s", strings.Join(errors, ", "))
-			} else {
-				app.info.Println("Created Ombi user")
-				if (discordEnabled && discordVerified) || (telegramEnabled && telegramTokenIndex != -1) {
-					ombiUser, status, err := app.getOmbiUser(id)
+				// Check if on the off chance, Ombi's user importer has already added the account.
+				ombiUser, status, err = app.getOmbiImportedUser(req.Username)
+				if status == 200 && err == nil {
+					app.info.Println("Found existing Ombi user, applying changes")
+					accountExists = true
+					template["password"] = req.Password
+					status, err = app.applyOmbiProfile(ombiUser, template)
 					if status != 200 || err != nil {
-						app.err.Printf("Failed to get Ombi user (%d): %v", status, err)
-					} else {
-						dID := ""
-						tUser := ""
-						if discordEnabled && discordVerified {
-							dID = discordUser.ID
-						}
-						if telegramEnabled && telegramTokenIndex != -1 {
-							tUser = app.storage.telegram[user.ID].Username
-						}
-						resp, status, err := app.ombi.SetNotificationPrefs(ombiUser, dID, tUser)
-						if !(status == 200 || status == 204) || err != nil {
-							app.err.Printf("Failed to link Telegram/Discord to Ombi (%d): %v", status, err)
-							app.debug.Printf("Response: %v", resp)
-						}
+						app.err.Printf("Failed to modify existing Ombi user (%d): %v\n", status, err)
+					}
+				} else {
+					app.info.Printf("Failed to create Ombi user (%d): %s", code, err)
+					app.debug.Printf("Errors reported by Ombi: %s", strings.Join(errors, ", "))
+				}
+			} else {
+				ombiUser, status, err = app.getOmbiUser(id)
+				if status != 200 || err != nil {
+					app.err.Printf("Failed to get Ombi user (%d): %v", status, err)
+				} else {
+					app.info.Println("Created Ombi user")
+					accountExists = true
+				}
+			}
+			if accountExists {
+				if discordVerified || telegramVerified {
+					dID := ""
+					tUser := ""
+					if discordVerified {
+						dID = discordUser.ID
+					}
+					if telegramVerified {
+						u, _ := app.storage.GetTelegramKey(user.ID)
+						tUser = u.Username
+					}
+					resp, status, err := app.ombi.SetNotificationPrefs(ombiUser, dID, tUser)
+					if !(status == 200 || status == 204) || err != nil {
+						app.err.Printf("Failed to link Telegram/Discord to Ombi (%d): %v", status, err)
+						app.debug.Printf("Response: %v", resp)
 					}
 				}
 			}
@@ -422,15 +426,12 @@ func (app *appContext) newUser(req newUserDTO, confirmed bool) (f errorFunc, suc
 	if matrixVerified {
 		matrixUser.Contact = req.MatrixContact
 		delete(app.matrix.tokens, req.MatrixPIN)
-		if app.storage.matrix == nil {
-			app.storage.matrix = map[string]MatrixUser{}
-		}
-		app.storage.matrix[user.ID] = matrixUser
-		if err := app.storage.storeMatrixUsers(); err != nil {
-			app.err.Printf("Failed to store Matrix users: %v", err)
+		if app.storage.deprecatedMatrix == nil {
+			app.storage.deprecatedMatrix = matrixStore{}
 		}
+		app.storage.SetMatrixKey(user.ID, matrixUser)
 	}
-	if (emailEnabled && app.config.Section("welcome_email").Key("enabled").MustBool(false) && req.Email != "") || telegramTokenIndex != -1 || discordVerified {
+	if (emailEnabled && app.config.Section("welcome_email").Key("enabled").MustBool(false) && req.Email != "") || telegramVerified || discordVerified || matrixVerified {
 		name := app.getAddressOrName(user.ID)
 		app.debug.Printf("%s: Sending welcome message to %s", req.Username, name)
 		msg, err := app.email.constructWelcome(req.Username, expiry, app, false)
@@ -473,6 +474,7 @@ func (app *appContext) NewUser(gc *gin.Context) {
 	for _, val := range validation {
 		if !val {
 			valid = false
+			break
 		}
 	}
 	if !valid {
@@ -487,14 +489,10 @@ func (app *appContext) NewUser(gc *gin.Context) {
 			respond(400, "errorNoEmail", gc)
 			return
 		}
-		if app.config.Section("email").Key("require_unique").MustBool(false) && req.Email != "" {
-			for _, email := range app.storage.emails {
-				if req.Email == email.Addr {
-					app.info.Printf("%s: New user failed: Email already in use", req.Code)
-					respond(400, "errorEmailLinked", gc)
-					return
-				}
-			}
+		if app.config.Section("email").Key("require_unique").MustBool(false) && req.Email != "" && app.EmailAddressExists(req.Email) {
+			app.info.Printf("%s: New user failed: Email already in use", req.Code)
+			respond(400, "errorEmailLinked", gc)
+			return
 		}
 	}
 	f, success := app.newUser(req, false)
@@ -650,25 +648,96 @@ func (app *appContext) ExtendExpiry(gc *gin.Context) {
 		respondBool(400, false, gc)
 		return
 	}
-	app.storage.usersLock.Lock()
-	defer app.storage.usersLock.Unlock()
 	for _, id := range req.Users {
-		if expiry, ok := app.storage.users[id]; ok {
-			app.storage.users[id] = expiry.AddDate(0, req.Months, req.Days).Add(time.Duration(((60 * req.Hours) + req.Minutes)) * time.Minute)
+		base := time.Now()
+		if expiry, ok := app.storage.GetUserExpiryKey(id); ok {
+			base = expiry.Expiry
 			app.debug.Printf("Expiry extended for \"%s\"", id)
 		} else {
-			app.storage.users[id] = time.Now().AddDate(0, req.Months, req.Days).Add(time.Duration(((60 * req.Hours) + req.Minutes)) * time.Minute)
 			app.debug.Printf("Created expiry for \"%s\"", id)
 		}
-	}
-	if err := app.storage.storeUsers(); err != nil {
-		app.err.Printf("Failed to store user duration: %v", err)
-		respondBool(500, false, gc)
-		return
+		expiry := UserExpiry{Expiry: base.AddDate(0, req.Months, req.Days).Add(time.Duration(((60 * req.Hours) + req.Minutes)) * time.Minute)}
+		app.storage.SetUserExpiryKey(id, expiry)
 	}
 	respondBool(204, true, gc)
 }

+// @Summary Enable referrals for the given user(s) based on the rules set in the given invite code, or profile.
+// @Produce json
+// @Param EnableDisableReferralDTO body EnableDisableReferralDTO true "List of users"
+// @Param mode path string true "mode of template sourcing from 'invite' or 'profile'."
+// @Param source path string true "invite code or profile name, depending on what mode is."
+// @Success 200 {object} boolResponse
+// @Failure 400 {object} boolResponse
+// @Failure 500 {object} boolResponse
+// @Router /users/referral/{mode}/{source} [post]
+// @Security Bearer
+// @tags Users
+func (app *appContext) EnableReferralForUsers(gc *gin.Context) {
+	var req EnableDisableReferralDTO
+	gc.BindJSON(&req)
+	mode := gc.Param("mode")
+	source := gc.Param("source")
+
+	baseInv := Invite{}
+	if mode == "profile" {
+		profile, ok := app.storage.GetProfileKey(source)
+		err := app.storage.db.Get(profile.ReferralTemplateKey, &baseInv)
+		if !ok || profile.ReferralTemplateKey == "" || err != nil {
+			app.debug.Printf("Couldn't find template to source from")
+			respondBool(400, false, gc)
+			return
+
+		}
+		app.debug.Printf("Found referral template in profile: %+v\n", profile.ReferralTemplateKey)
+	} else if mode == "invite" {
+		// Get the invite, and modify it to turn it into a referral
+		err := app.storage.db.Get(source, &baseInv)
+		if err != nil {
+			app.debug.Printf("Couldn't find invite to source from")
+			respondBool(400, false, gc)
+			return
+		}
+	}
+	for _, u := range req.Users {
+		// 1. Wipe out any existing referral codes.
+		app.storage.db.DeleteMatching(Invite{}, badgerhold.Where("ReferrerJellyfinID").Eq(u))
+
+		// 2. Generate referral invite.
+		inv := baseInv
+		inv.Code = GenerateInviteCode()
+		inv.Created = time.Now()
+		inv.ValidTill = inv.Created.Add(REFERRAL_EXPIRY_DAYS * 24 * time.Hour)
+		inv.IsReferral = true
+		inv.ReferrerJellyfinID = u
+		app.storage.SetInvitesKey(inv.Code, inv)
+	}
+}
+
+// @Summary Disable referrals for the given user(s).
+// @Produce json
+// @Param EnableDisableReferralDTO body EnableDisableReferralDTO true "List of users"
+// @Success 200 {object} boolResponse
+// @Router /users/referral [delete]
+// @Security Bearer
+// @tags Users
+func (app *appContext) DisableReferralForUsers(gc *gin.Context) {
+	var req EnableDisableReferralDTO
+	gc.BindJSON(&req)
+	for _, u := range req.Users {
+		// 1. Delete directly bound template
+		app.storage.db.DeleteMatching(Invite{}, badgerhold.Where("ReferrerJellyfinID").Eq(u))
+		// 2. Check for and delete profile-attached template
+		user, ok := app.storage.GetEmailsKey(u)
+		if !ok {
+			continue
+		}
+		user.ReferralTemplateKey = ""
+		app.storage.SetEmailsKey(u, user)
+	}
+	respondBool(200, true, gc)
+}
+
 // @Summary Send an announcement via email to a given list of users.
 // @Produce json
 // @Param announcementDTO body announcementDTO true "Announcement request object"
@@ -736,27 +805,21 @@ func (app *appContext) SaveAnnounceTemplate(gc *gin.Context) {
 		respondBool(400, false, gc)
 		return
 	}
-	app.storage.announcements[req.Name] = req
-	if err := app.storage.storeAnnouncements(); err != nil {
-		respondBool(500, false, gc)
-		app.err.Printf("Failed to store announcement templates: %v", err)
-		return
-	}
+
+	app.storage.SetAnnouncementsKey(req.Name, req)
 	respondBool(200, true, gc)
 }

 // @Summary Save an announcement as a template for use or editing later.
 // @Produce json
 // @Success 200 {object} getAnnouncementsDTO
-// @Router /users/announce/template [get]
+// @Router /users/announce [get]
 // @Security Bearer
 // @tags Users
 func (app *appContext) GetAnnounceTemplates(gc *gin.Context) {
-	resp := &getAnnouncementsDTO{make([]string, len(app.storage.announcements))}
-	i := 0
-	for name := range app.storage.announcements {
-		resp.Announcements[i] = name
-		i++
+	resp := &getAnnouncementsDTO{make([]string, len(app.storage.GetAnnouncements()))}
+	for i, a := range app.storage.GetAnnouncements() {
+		resp.Announcements[i] = a.Name
 	}
 	gc.JSON(200, resp)
 }
@@ -771,7 +834,7 @@ func (app *appContext) GetAnnounceTemplates(gc *gin.Context) {
 // @tags Users
 func (app *appContext) GetAnnounceTemplate(gc *gin.Context) {
 	name := gc.Param("name")
-	if announcement, ok := app.storage.announcements[name]; ok {
+	if announcement, ok := app.storage.GetAnnouncementsKey(name); ok {
 		gc.JSON(200, announcement)
 		return
 	}
@@ -788,12 +851,7 @@ func (app *appContext) GetAnnounceTemplate(gc *gin.Context) {
 // @tags Users
 func (app *appContext) DeleteAnnounceTemplate(gc *gin.Context) {
 	name := gc.Param("name")
-	delete(app.storage.announcements, name)
-	if err := app.storage.storeAnnouncements(); err != nil {
-		respondBool(500, false, gc)
-		app.err.Printf("Failed to store announcement templates: %v", err)
-		return
-	}
+	app.storage.DeleteAnnouncementsKey(name)
 	respondBool(200, false, gc)
 }

@@ -884,43 +942,55 @@ func (app *appContext) GetUsers(gc *gin.Context) {
 	}
 	adminOnly := app.config.Section("ui").Key("admin_only").MustBool(true)
 	allowAll := app.config.Section("ui").Key("allow_all").MustBool(false)
+	referralsEnabled := app.config.Section("user_page").Key("referrals").MustBool(false)
 	i := 0
-	app.storage.usersLock.Lock()
-	defer app.storage.usersLock.Unlock()
 	for _, jfUser := range users {
 		user := respUser{
-			ID:       jfUser.ID,
-			Name:     jfUser.Name,
-			Admin:    jfUser.Policy.IsAdministrator,
-			Disabled: jfUser.Policy.IsDisabled,
+			ID:               jfUser.ID,
+			Name:             jfUser.Name,
+			Admin:            jfUser.Policy.IsAdministrator,
+			Disabled:         jfUser.Policy.IsDisabled,
+			ReferralsEnabled: false,
 		}
 		if !jfUser.LastActivityDate.IsZero() {
 			user.LastActive = jfUser.LastActivityDate.Unix()
 		}
-		if email, ok := app.storage.emails[jfUser.ID]; ok {
+		if email, ok := app.storage.GetEmailsKey(jfUser.ID); ok {
 			user.Email = email.Addr
 			user.NotifyThroughEmail = email.Contact
 			user.Label = email.Label
 			user.AccountsAdmin = (app.jellyfinLogin) && (email.Admin || (adminOnly && jfUser.Policy.IsAdministrator) || allowAll)
 		}
-		expiry, ok := app.storage.users[jfUser.ID]
+		expiry, ok := app.storage.GetUserExpiryKey(jfUser.ID)
 		if ok {
-			user.Expiry = expiry.Unix()
+			user.Expiry = expiry.Expiry.Unix()
 		}
-		if tgUser, ok := app.storage.telegram[jfUser.ID]; ok {
+		if tgUser, ok := app.storage.GetTelegramKey(jfUser.ID); ok {
 			user.Telegram = tgUser.Username
 			user.NotifyThroughTelegram = tgUser.Contact
 		}
-		if mxUser, ok := app.storage.matrix[jfUser.ID]; ok {
+		if mxUser, ok := app.storage.GetMatrixKey(jfUser.ID); ok {
 			user.Matrix = mxUser.UserID
 			user.NotifyThroughMatrix = mxUser.Contact
 		}
-		if dcUser, ok := app.storage.discord[jfUser.ID]; ok {
+		if dcUser, ok := app.storage.GetDiscordKey(jfUser.ID); ok {
 			user.Discord = RenderDiscordUsername(dcUser)
 			// user.Discord = dcUser.Username + "#" + dcUser.Discriminator
 			user.DiscordID = dcUser.ID
 			user.NotifyThroughDiscord = dcUser.Contact
 		}
+		// FIXME: Send referral data
+		referrerInv := Invite{}
+		if referralsEnabled {
+			// 1. Directly attached invite.
+			err := app.storage.db.FindOne(&referrerInv, badgerhold.Where("ReferrerJellyfinID").Eq(jfUser.ID))
+			if err == nil {
+				user.ReferralsEnabled = true
+				// 2. Referrals via profile template. Shallow check, doesn't look for the thing in the database.
+			} else if email, ok := app.storage.GetEmailsKey(jfUser.ID); ok && email.ReferralTemplateKey != "" {
+				user.ReferralsEnabled = true
+			}
+		}
 		resp.UserList[i] = user
 		i++
 	}
@@ -949,17 +1019,13 @@ func (app *appContext) SetAccountsAdmin(gc *gin.Context) {
 		id := jfUser.ID
 		if admin, ok := req[id]; ok {
 			var emailStore = EmailAddress{}
-			if oldEmail, ok := app.storage.emails[id]; ok {
+			if oldEmail, ok := app.storage.GetEmailsKey(id); ok {
 				emailStore = oldEmail
 			}
 			emailStore.Admin = admin
-			app.storage.emails[id] = emailStore
+			app.storage.SetEmailsKey(id, emailStore)
 		}
 	}
-	if err := app.storage.storeEmails(); err != nil {
-		app.err.Printf("Failed to store email list: %v", err)
-		respondBool(500, false, gc)
-	}
 	app.info.Println("Email list modified")
 	respondBool(204, true, gc)
 }
@@ -986,17 +1052,13 @@ func (app *appContext) ModifyLabels(gc *gin.Context) {
 		id := jfUser.ID
 		if label, ok := req[id]; ok {
 			var emailStore = EmailAddress{}
-			if oldEmail, ok := app.storage.emails[id]; ok {
+			if oldEmail, ok := app.storage.GetEmailsKey(id); ok {
 				emailStore = oldEmail
 			}
 			emailStore.Label = label
-			app.storage.emails[id] = emailStore
+			app.storage.SetEmailsKey(id, emailStore)
 		}
 	}
-	if err := app.storage.storeEmails(); err != nil {
-		app.err.Printf("Failed to store email list: %v", err)
-		respondBool(500, false, gc)
-	}
 	app.info.Println("Email list modified")
 	respondBool(204, true, gc)
 }
@@ -1024,18 +1086,17 @@ func (app *appContext) ModifyEmails(gc *gin.Context) {
 		id := jfUser.ID
 		if address, ok := req[id]; ok {
 			var emailStore = EmailAddress{}
-			oldEmail, ok := app.storage.emails[id]
+			oldEmail, ok := app.storage.GetEmailsKey(id)
 			if ok {
 				emailStore = oldEmail
 			}
 			// Auto enable contact by email for newly added addresses
 			if !ok || oldEmail.Addr == "" {
 				emailStore.Contact = true
-				app.storage.storeEmails()
 			}

 			emailStore.Addr = address
-			app.storage.emails[id] = emailStore
+			app.storage.SetEmailsKey(id, emailStore)
 			if ombiEnabled {
 				ombiUser, code, err := app.getOmbiUser(id)
 				if code == 200 && err == nil {
@@ -1048,7 +1109,6 @@ func (app *appContext) ModifyEmails(gc *gin.Context) {
 			}
 		}
 	}
-	app.storage.storeEmails()
 	app.info.Println("Email list modified")
 	respondBool(200, true, gc)
 }
@@ -1071,25 +1131,24 @@ func (app *appContext) ApplySettings(gc *gin.Context) {
 	var displayprefs map[string]interface{}
 	var ombi map[string]interface{}
 	if req.From == "profile" {
-		app.storage.loadProfiles()
 		// Check profile exists & isn't empty
-		if _, ok := app.storage.profiles[req.Profile]; !ok || app.storage.profiles[req.Profile].Policy.BlockedTags == nil {
+		profile, ok := app.storage.GetProfileKey(req.Profile)
+		if !ok {
 			app.err.Printf("Couldn't find profile \"%s\" or profile was empty", req.Profile)
 			respond(500, "Couldn't find profile", gc)
 			return
 		}
 		if req.Homescreen {
-			if app.storage.profiles[req.Profile].Configuration.GroupedFolders == nil || len(app.storage.profiles[req.Profile].Displayprefs) == 0 {
+			if !profile.Homescreen {
 				app.err.Printf("No homescreen saved in profile \"%s\"", req.Profile)
 				respond(500, "No homescreen template available", gc)
 				return
 			}
-			configuration = app.storage.profiles[req.Profile].Configuration
-			displayprefs = app.storage.profiles[req.Profile].Displayprefs
+			configuration = profile.Configuration
+			displayprefs = profile.Displayprefs
 		}
-		policy = app.storage.profiles[req.Profile].Policy
+		policy = profile.Policy
 		if app.config.Section("ombi").Key("enabled").MustBool(false) {
-			profile := app.storage.profiles[req.Profile]
 			if profile.Ombi != nil && len(profile.Ombi) != 0 {
 				ombi = profile.Ombi
 			}
@@ -1164,17 +1223,7 @@ func (app *appContext) ApplySettings(gc *gin.Context) {
 				// newUser["userName"] = user["userName"]
 				// newUser["alias"] = user["alias"]
 				// newUser["emailAddress"] = user["emailAddress"]
-				for k, v := range ombi {
-					switch v.(type) {
-					case map[string]interface{}, []interface{}:
-						user[k] = v
-					default:
-						if v != user[k] {
-							user[k] = v
-						}
-					}
-				}
-				status, err = app.ombi.ModifyUser(user)
+				status, err = app.applyOmbiProfile(user, ombi)
 				if status != 200 || err != nil {
 					errorString += fmt.Sprintf("Apply %d: %v ", status, err)
 				}
--- a/api.go
+++ b/api.go
@@ -143,6 +143,7 @@ func (app *appContext) ResetSetPassword(gc *gin.Context) {
 			respondBool(status, false, gc)
 			return
 		}
+		delete(app.internalPWRs, req.PIN)
 	} else {
 		resp, status, err := app.jf.ResetPassword(req.PIN)
 		if status != 200 || err != nil || !resp.Success {
@@ -181,7 +182,7 @@ func (app *appContext) ResetSetPassword(gc *gin.Context) {
 	}
 	if app.config.Section("ombi").Key("enabled").MustBool(false) {
 		// Silently fail for changing ombi passwords
-		if status != 200 || err != nil {
+		if (status != 200 && status != 204) || err != nil {
 			app.err.Printf("Failed to get user \"%s\" from jellyfin/emby (%d): %v", username, status, err)
 			respondBool(200, true, gc)
 			return
@@ -214,7 +215,7 @@ func (app *appContext) GetConfig(gc *gin.Context) {
 	app.info.Println("Config requested")
 	resp := app.configBase
 	// Load language options
-	formOptions := app.storage.lang.Form.getOptions()
+	formOptions := app.storage.lang.User.getOptions()
 	fl := resp.Sections["ui"].Settings["language-form"]
 	fl.Options = formOptions
 	fl.Value = app.config.Section("ui").Key("language-form").MustString("en-us")
@@ -268,7 +269,7 @@ func (app *appContext) GetConfig(gc *gin.Context) {
 			val := app.config.Section(sectName).Key(settingName)
 			s := resp.Sections[sectName].Settings[settingName]
 			switch setting.Type {
-			case "text", "email", "select", "password":
+			case "text", "email", "select", "password", "note":
 				s.Value = val.MustString("")
 			case "number":
 				s.Value = val.MustInt(0)
@@ -452,8 +453,8 @@ func (app *appContext) GetLanguages(gc *gin.Context) {
 	page := gc.Param("page")
 	resp := langDTO{}
 	switch page {
-	case "form":
-		for key, lang := range app.storage.lang.Form {
+	case "form", "user":
+		for key, lang := range app.storage.lang.User {
 			resp[key] = lang.Meta.Name
 		}
 	case "admin":
@@ -494,8 +495,8 @@ func (app *appContext) ServeLang(gc *gin.Context) {
 	if page == "admin" {
 		gc.JSON(200, app.storage.lang.Admin[lang])
 		return
-	} else if page == "form" {
-		gc.JSON(200, app.storage.lang.Form[lang])
+	} else if page == "form" || page == "user" {
+		gc.JSON(200, app.storage.lang.User[lang])
 		return
 	}
 	respondBool(400, false, gc)
--- a/auth.go
+++ b/auth.go
@@ -9,21 +9,28 @@ import (

 	"github.com/gin-gonic/gin"
 	"github.com/golang-jwt/jwt"
+	"github.com/hrfee/mediabrowser"
 	"github.com/lithammer/shortuuid/v3"
 )

+const (
+	TOKEN_VALIDITY_SEC         = 20 * 60
+	REFRESH_TOKEN_VALIDITY_SEC = 3600 * 24
+)
+
 func (app *appContext) webAuth() gin.HandlerFunc {
 	return app.authenticate
 }

 // CreateToken returns a web token as well as a refresh token, which can be used to obtain new tokens.
-func CreateToken(userId, jfId string) (string, string, error) {
+func CreateToken(userId, jfId string, admin bool) (string, string, error) {
 	var token, refresh string
 	claims := jwt.MapClaims{
 		"valid": true,
 		"id":    userId,
-		"exp":   time.Now().Add(time.Minute * 20).Unix(),
+		"exp":   time.Now().Add(time.Second * TOKEN_VALIDITY_SEC).Unix(),
 		"jfid":  jfId,
+		"admin": admin,
 		"type":  "bearer",
 	}
 	tk := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
@@ -31,7 +38,7 @@ func CreateToken(userId, jfId string) (string, string, error) {
 	if err != nil {
 		return "", "", err
 	}
-	claims["exp"] = time.Now().Add(time.Hour * 24).Unix()
+	claims["exp"] = time.Now().Add(time.Second * REFRESH_TOKEN_VALIDITY_SEC).Unix()
 	claims["type"] = "refresh"
 	tk = jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
 	refresh, err = tk.SignedString([]byte(os.Getenv("JFA_SECRET")))
@@ -41,8 +48,9 @@ func CreateToken(userId, jfId string) (string, string, error) {
 	return token, refresh, nil
 }

-// Check header for token
-func (app *appContext) authenticate(gc *gin.Context) {
+// Caller should return if this returns false.
+func (app *appContext) decodeValidateAuthHeader(gc *gin.Context) (claims jwt.MapClaims, ok bool) {
+	ok = false
 	header := strings.SplitN(gc.Request.Header.Get("Authorization"), " ", 2)
 	if header[0] != "Bearer" {
 		app.debug.Println("Invalid authorization header")
@@ -55,23 +63,48 @@ func (app *appContext) authenticate(gc *gin.Context) {
 		respond(401, "Unauthorized", gc)
 		return
 	}
-	claims, ok := token.Claims.(jwt.MapClaims)
+	claims, ok = token.Claims.(jwt.MapClaims)
+	if !ok {
+		app.debug.Println("Invalid JWT")
+		respond(401, "Unauthorized", gc)
+		return
+	}
 	expiryUnix := int64(claims["exp"].(float64))
 	if err != nil {
 		app.debug.Printf("Auth denied: %s", err)
 		respond(401, "Unauthorized", gc)
+		ok = false
 		return
 	}
 	expiry := time.Unix(expiryUnix, 0)
 	if !(ok && token.Valid && claims["type"].(string) == "bearer" && expiry.After(time.Now())) {
 		app.debug.Printf("Auth denied: Invalid token")
+		// app.debug.Printf("Expiry: %+v, OK: %t, Valid: %t, ClaimType: %s\n", expiry, ok, token.Valid, claims["type"].(string))
+		respond(401, "Unauthorized", gc)
+		ok = false
+		return
+	}
+	ok = true
+	return
+}
+
+// Check header for token
+func (app *appContext) authenticate(gc *gin.Context) {
+	claims, ok := app.decodeValidateAuthHeader(gc)
+	if !ok {
+		return
+	}
+	isAdminToken := claims["admin"].(bool)
+	if !isAdminToken {
+		app.debug.Printf("Auth denied: Token was not for admin access")
 		respond(401, "Unauthorized", gc)
 		return
 	}
+
 	userID := claims["id"].(string)
 	jfID := claims["jfid"].(string)
 	match := false
-	for _, user := range app.users {
+	for _, user := range app.adminUsers {
 		if user.UserID == userID {
 			match = true
 			break
@@ -84,6 +117,7 @@ func (app *appContext) authenticate(gc *gin.Context) {
 	}
 	gc.Set("jfId", jfID)
 	gc.Set("userId", userID)
+	gc.Set("userMode", false)
 	app.debug.Println("Auth succeeded")
 	gc.Next()
 }
@@ -99,6 +133,44 @@ type getTokenDTO struct {
 	Token string `json:"token" example:"kjsdklsfdkljfsjsdfklsdfkldsfjdfskjsdfjklsdf"` // API token for use with everything else.
 }

+func (app *appContext) decodeValidateLoginHeader(gc *gin.Context) (username, password string, ok bool) {
+	header := strings.SplitN(gc.Request.Header.Get("Authorization"), " ", 2)
+	auth, _ := base64.StdEncoding.DecodeString(header[1])
+	creds := strings.SplitN(string(auth), ":", 2)
+	username = creds[0]
+	password = creds[1]
+	ok = false
+	if username == "" || password == "" {
+		app.debug.Println("Auth denied: blank username/password")
+		respond(401, "Unauthorized", gc)
+		return
+	}
+	ok = true
+	return
+}
+
+func (app *appContext) validateJellyfinCredentials(username, password string, gc *gin.Context) (user mediabrowser.User, ok bool) {
+	ok = false
+	user, status, err := app.authJf.Authenticate(username, password)
+	if status != 200 || err != nil {
+		if status == 401 || status == 400 {
+			app.info.Println("Auth denied: Invalid username/password (Jellyfin)")
+			respond(401, "Unauthorized", gc)
+			return
+		}
+		if status == 403 {
+			app.info.Println("Auth denied: Jellyfin account disabled")
+			respond(403, "yourAccountWasDisabled", gc)
+			return
+		}
+		app.err.Printf("Auth failed: Couldn't authenticate with Jellyfin (%d/%s)", status, err)
+		respond(500, "Jellyfin error", gc)
+		return
+	}
+	ok = true
+	return
+}
+
 // @Summary Grabs an API token using username & password.
 // @description If viewing docs locally, click the lock icon next to this, login with your normal jfa-go credentials. Click 'try it out', then 'execute' and an API Key will be returned, copy it (not including quotes). On any of the other routes, click the lock icon and set the API key as "Bearer `your api key`".
 // @Produce json
@@ -109,18 +181,14 @@ type getTokenDTO struct {
 // @Security getTokenAuth
 func (app *appContext) getTokenLogin(gc *gin.Context) {
 	app.info.Println("Token requested (login attempt)")
-	header := strings.SplitN(gc.Request.Header.Get("Authorization"), " ", 2)
-	auth, _ := base64.StdEncoding.DecodeString(header[1])
-	creds := strings.SplitN(string(auth), ":", 2)
-	var userID, jfID string
-	if creds[0] == "" || creds[1] == "" {
-		app.debug.Println("Auth denied: blank username/password")
-		respond(401, "Unauthorized", gc)
+	username, password, ok := app.decodeValidateLoginHeader(gc)
+	if !ok {
 		return
 	}
+	var userID, jfID string
 	match := false
-	for _, user := range app.users {
-		if user.Username == creds[0] && user.Password == creds[1] {
+	for _, user := range app.adminUsers {
+		if user.Username == username && user.Password == password {
 			match = true
 			app.debug.Println("Found existing user")
 			userID = user.UserID
@@ -133,27 +201,20 @@ func (app *appContext) getTokenLogin(gc *gin.Context) {
 		return
 	}
 	if !match {
-		user, status, err := app.authJf.Authenticate(creds[0], creds[1])
-		if status != 200 || err != nil {
-			if status == 401 || status == 400 {
-				app.info.Println("Auth denied: Invalid username/password (Jellyfin)")
-				respond(401, "Unauthorized", gc)
-				return
-			}
-			app.err.Printf("Auth failed: Couldn't authenticate with Jellyfin (%d/%s)", status, err)
-			respond(500, "Jellyfin error", gc)
+		user, ok := app.validateJellyfinCredentials(username, password, gc)
+		if !ok {
 			return
 		}
 		jfID = user.ID
 		if !app.config.Section("ui").Key("allow_all").MustBool(false) {
 			accountsAdmin := false
 			adminOnly := app.config.Section("ui").Key("admin_only").MustBool(true)
-			if emailStore, ok := app.storage.emails[jfID]; ok {
+			if emailStore, ok := app.storage.GetEmailsKey(jfID); ok {
 				accountsAdmin = emailStore.Admin
 			}
 			accountsAdmin = accountsAdmin || (adminOnly && user.Policy.IsAdministrator)
 			if !accountsAdmin {
-				app.debug.Printf("Auth denied: Users \"%s\" isn't admin", creds[0])
+				app.debug.Printf("Auth denied: Users \"%s\" isn't admin", username)
 				respond(401, "Unauthorized", gc)
 				return
 			}
@@ -163,10 +224,10 @@ func (app *appContext) getTokenLogin(gc *gin.Context) {
 		newUser := User{
 			UserID: userID,
 		}
-		app.debug.Printf("Token generated for user \"%s\"", creds[0])
-		app.users = append(app.users, newUser)
+		app.debug.Printf("Token generated for user \"%s\"", username)
+		app.adminUsers = append(app.adminUsers, newUser)
 	}
-	token, refresh, err := CreateToken(userID, jfID)
+	token, refresh, err := CreateToken(userID, jfID, true)
 	if err != nil {
 		app.err.Printf("getToken failed: Couldn't generate token (%s)", err)
 		respond(500, "Couldn't generate token", gc)
@@ -176,15 +237,9 @@ func (app *appContext) getTokenLogin(gc *gin.Context) {
 	gc.JSON(200, getTokenDTO{token})
 }

-// @Summary Grabs an API token using a refresh token from cookies.
-// @Produce json
-// @Success 200 {object} getTokenDTO
-// @Failure 401 {object} stringResponse
-// @Router /token/refresh [get]
-// @tags Auth
-func (app *appContext) getTokenRefresh(gc *gin.Context) {
-	app.debug.Println("Token requested (refresh token)")
-	cookie, err := gc.Cookie("refresh")
+func (app *appContext) decodeValidateRefreshCookie(gc *gin.Context, cookieName string) (claims jwt.MapClaims, ok bool) {
+	ok = false
+	cookie, err := gc.Cookie(cookieName)
 	if err != nil || cookie == "" {
 		app.debug.Printf("getTokenRefresh denied: Couldn't get token: %s", err)
 		respond(400, "Couldn't get token", gc)
@@ -203,27 +258,45 @@ func (app *appContext) getTokenRefresh(gc *gin.Context) {
 		respond(400, "Invalid token", gc)
 		return
 	}
-	claims, ok := token.Claims.(jwt.MapClaims)
+	claims, ok = token.Claims.(jwt.MapClaims)
 	expiryUnix := int64(claims["exp"].(float64))
 	if err != nil {
 		app.debug.Printf("getTokenRefresh: Invalid token expiry: %s", err)
 		respond(401, "Invalid token", gc)
+		ok = false
 		return
 	}
 	expiry := time.Unix(expiryUnix, 0)
 	if !(ok && token.Valid && claims["type"].(string) == "refresh" && expiry.After(time.Now())) {
-		app.debug.Printf("getTokenRefresh: Invalid token: %s", err)
+		app.debug.Printf("getTokenRefresh: Invalid token: %+v", err)
 		respond(401, "Invalid token", gc)
+		ok = false
+		return
+	}
+	ok = true
+	return
+}
+
+// @Summary Grabs an API token using a refresh token from cookies.
+// @Produce json
+// @Success 200 {object} getTokenDTO
+// @Failure 401 {object} stringResponse
+// @Router /token/refresh [get]
+// @tags Auth
+func (app *appContext) getTokenRefresh(gc *gin.Context) {
+	app.debug.Println("Token requested (refresh token)")
+	claims, ok := app.decodeValidateRefreshCookie(gc, "refresh")
+	if !ok {
 		return
 	}
 	userID := claims["id"].(string)
 	jfID := claims["jfid"].(string)
-	jwt, refresh, err := CreateToken(userID, jfID)
+	jwt, refresh, err := CreateToken(userID, jfID, true)
 	if err != nil {
 		app.err.Printf("getTokenRefresh failed: Couldn't generate token (%s)", err)
 		respond(500, "Couldn't generate token", gc)
 		return
 	}
-	gc.SetCookie("refresh", refresh, (3600 * 24), "/", gc.Request.URL.Hostname(), true, true)
+	gc.SetCookie("refresh", refresh, REFRESH_TOKEN_VALIDITY_SEC, "/", gc.Request.URL.Hostname(), true, true)
 	gc.JSON(200, getTokenDTO{jwt})
 }
--- a/config.go
+++ b/config.go
@@ -8,6 +8,7 @@ import (
 	"strconv"
 	"strings"

+	"github.com/hrfee/jfa-go/easyproxy"
 	"gopkg.in/ini.v1"
 )

@@ -46,7 +47,7 @@ func (app *appContext) loadConfig() error {
 			key.SetValue(key.MustString(filepath.Join(app.dataPath, (key.Name() + ".json"))))
 		}
 	}
-	for _, key := range []string{"user_configuration", "user_displayprefs", "user_profiles", "ombi_template", "invites", "emails", "user_template", "custom_emails", "users", "telegram_users", "discord_users", "matrix_users", "announcements"} {
+	for _, key := range []string{"user_configuration", "user_displayprefs", "user_profiles", "ombi_template", "invites", "emails", "user_template", "custom_emails", "users", "telegram_users", "discord_users", "matrix_users", "announcements", "custom_user_page_content"} {
 		app.config.Section("files").Key(key).SetValue(app.config.Section("files").Key(key).MustString(filepath.Join(app.dataPath, (key + ".json"))))
 	}
 	for _, key := range []string{"matrix_sql"} {
@@ -135,6 +136,22 @@ func (app *appContext) loadConfig() error {
 		messagesEnabled = false
 	}

+	if app.proxyEnabled = app.config.Section("advanced").Key("proxy").MustBool(false); app.proxyEnabled {
+		app.proxyConfig = easyproxy.ProxyConfig{}
+		app.proxyConfig.Protocol = easyproxy.HTTP
+		if strings.Contains(app.config.Section("advanced").Key("proxy_protocol").MustString("http"), "socks") {
+			app.proxyConfig.Protocol = easyproxy.SOCKS5
+		}
+		app.proxyConfig.Addr = app.config.Section("advanced").Key("proxy_address").MustString("")
+		app.proxyConfig.User = app.config.Section("advanced").Key("proxy_user").MustString("")
+		app.proxyConfig.Password = app.config.Section("advanced").Key("proxy_password").MustString("")
+		app.proxyTransport, err = easyproxy.NewTransport(app.proxyConfig)
+		if err != nil {
+			app.err.Printf("Failed to initialize Proxy: %v\n", err)
+		}
+		app.proxyEnabled = true
+	}
+
 	app.MustSetValue("updates", "enabled", "true")
 	releaseChannel := app.config.Section("updates").Key("channel").String()
 	if app.config.Section("updates").Key("enabled").MustBool(false) {
@@ -147,6 +164,9 @@ func (app *appContext) loadConfig() error {
 			v = "git"
 		}
 		app.updater = newUpdater(baseURL, namespace, repo, v, commit, updater)
+		if app.proxyEnabled {
+			app.updater.SetTransport(app.proxyTransport)
+		}
 	}
 	if releaseChannel == "" {
 		if version == "git" {
@@ -157,9 +177,6 @@ func (app *appContext) loadConfig() error {
 		app.MustSetValue("updates", "channel", releaseChannel)
 	}

-	app.storage.customEmails_path = app.config.Section("files").Key("custom_emails").String()
-	app.storage.loadCustomEmails()
-
 	substituteStrings = app.config.Section("jellyfin").Key("substitute_jellyfin_strings").MustString("")

 	if substituteStrings != "" {
@@ -169,11 +186,11 @@ func (app *appContext) loadConfig() error {

 	oldFormLang := app.config.Section("ui").Key("language").MustString("")
 	if oldFormLang != "" {
-		app.storage.lang.chosenFormLang = oldFormLang
+		app.storage.lang.chosenUserLang = oldFormLang
 	}
 	newFormLang := app.config.Section("ui").Key("language-form").MustString("")
 	if newFormLang != "" {
-		app.storage.lang.chosenFormLang = newFormLang
+		app.storage.lang.chosenUserLang = newFormLang
 	}
 	app.storage.lang.chosenAdminLang = app.config.Section("ui").Key("language-admin").MustString("en-us")
 	app.storage.lang.chosenEmailLang = app.config.Section("email").Key("language").MustString("en-us")
--- a/config/config-base.json
+++ b/config/config-base.json
@@ -274,6 +274,18 @@
                    "value": false,
                    "advanced": true,
                    "description": "Navigate directly to the above URL instead of needing the user to click \"Continue\"."
+                },
+                "login_appearance": {
+                    "name": "Login screen appearance",
+                    "required": false,
+                    "requires_restart": false,
+                    "type": "select",
+                    "options": [
+                        ["clear", "Transparent"],
+                        ["opaque", "Opaque"]
+                    ],
+                    "value": "clear",
+                    "description": "Appearance of the Admin login screen."
                }
            }
        },
@@ -281,7 +293,8 @@
            "order": [],
            "meta": {
                "name": "Advanced",
-                "description": "Advanced settings."
+                "description": "Advanced settings.",
+                "advanced": true
            },
            "settings": {
                "tls": {
@@ -318,6 +331,187 @@
                    "type": "text",
                    "value": "",
                    "description": "Path to .key file. See jfa-go wiki for more info."
+                },
+                "auth_retry_count": {
+                    "name": "Initial auth retry count",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "number",
+                    "value": 6,
+                    "description": "Number of times to retry initial connection to Jellyfin before failing."
+                },
+                "auth_retry_gap": {
+                    "name": "Initial auth retry gap (seconds)",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "number",
+                    "value": 10,
+                    "description": "Duration in seconds to wait between connection retries."
+                },
+                "proxy": {
+                    "name": "Use Proxy",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "bool",
+                    "value": false,
+                    "description": "Whether or not to use a HTTP/SOCKS5 Proxy."
+                },
+                "proxy_protocol": {
+                    "name": "Proxy Protocol",
+                    "depends_true": "proxy",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "select",
+                    "options": [
+                        ["http", "HTTP"],
+                        ["socks", "SOCKS5"]
+                    ],
+                    "value": "http",
+                    "description": "Protocol to use for proxy connection."
+                },
+                "proxy_address": {
+                    "name": "Proxy Address",
+                    "depends_true": "proxy",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "text",
+                    "value": "",
+                    "description": "Proxy address, including port."
+                },
+                "proxy_user": {
+                    "name": "Proxy Username",
+                    "depends_true": "proxy",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "text",
+                    "value": "",
+                    "description": "Leave blank for no Authentication."
+                },
+                "proxy_password": {
+                    "name": "Proxy Password",
+                    "depends_true": "proxy",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "password",
+                    "value": "",
+                    "description": "Leave blank for no Authentication."
+                },
+                "debug_log_emails": {
+                    "name": "Debug Storage Logging: Emails",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "select",
+                    "options": [
+                        ["none", "None"],
+                        ["all", "All Writes"],
+                        ["deletion", "Deletion Only*"]
+                    ],
+                    "value": "none",
+                    "description": "Extra debug logging for writes to the database. *: Deletion also includes blanking out major fields, e.g. an email address."
+                },
+                "debug_log_discord": {
+                    "name": "Debug Storage Logging: Discord",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "select",
+                    "options": [
+                        ["none", "None"],
+                        ["all", "All Writes"],
+                        ["deletion", "Deletion Only*"]
+                    ],
+                    "value": "none",
+                    "description": "Extra debug logging for writes to the database. *: Deletion also includes blanking out major fields, e.g. an email address."
+                },
+                "debug_log_telegram": {
+                    "name": "Debug Storage Logging: Telegram",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "select",
+                    "options": [
+                        ["none", "None"],
+                        ["all", "All Writes"],
+                        ["deletion", "Deletion Only*"]
+                    ],
+                    "value": "none",
+                    "description": "Extra debug logging for writes to the database. *: Deletion also includes blanking out major fields, e.g. an email address."
+                },
+                "debug_log_matrix": {
+                    "name": "Debug Storage Logging: Matrix",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "select",
+                    "options": [
+                        ["none", "None"],
+                        ["all", "All Writes"],
+                        ["deletion", "Deletion Only*"]
+                    ],
+                    "value": "none",
+                    "description": "Extra debug logging for writes to the database. *: Deletion also includes blanking out major fields, e.g. an email address."
+                },
+                "debug_log_invites": {
+                    "name": "Debug Storage Logging: Invites",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "select",
+                    "options": [
+                        ["none", "None"],
+                        ["all", "All Writes"],
+                        ["deletion", "Deletion Only*"]
+                    ],
+                    "value": "none",
+                    "description": "Extra debug logging for writes to the database. *: Deletion also includes blanking out major fields, e.g. an email address."
+                },
+                "debug_log_announcements": {
+                    "name": "Debug Storage Logging: Announcements",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "select",
+                    "options": [
+                        ["none", "None"],
+                        ["all", "All Writes"],
+                        ["deletion", "Deletion Only*"]
+                    ],
+                    "value": "none",
+                    "description": "Extra debug logging for writes to the database. *: Deletion also includes blanking out major fields, e.g. an email address."
+                },
+                "debug_log_expiries": {
+                    "name": "Debug Storage Logging: User Expiries",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "select",
+                    "options": [
+                        ["none", "None"],
+                        ["all", "All Writes"],
+                        ["deletion", "Deletion Only*"]
+                    ],
+                    "value": "none",
+                    "description": "Extra debug logging for writes to the database. *: Deletion also includes blanking out major fields, e.g. an email address."
+                },
+                "debug_log_profiles": {
+                    "name": "Debug Storage Logging: Profiles",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "select",
+                    "options": [
+                        ["none", "None"],
+                        ["all", "All Writes"],
+                        ["deletion", "Deletion Only*"]
+                    ],
+                    "value": "none",
+                    "description": "Extra debug logging for writes to the database. *: Deletion also includes blanking out major fields, e.g. an email address."
+                },
+                "debug_log_custom_content": {
+                    "name": "Debug Storage Logging: Custom Message Content",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "select",
+                    "options": [
+                        ["none", "None"],
+                        ["all", "All Writes"],
+                        ["deletion", "Deletion Only*"]
+                    ],
+                    "value": "none",
+                    "description": "Extra debug logging for writes to the database. *: Deletion also includes blanking out major fields, e.g. an email address."
                }
            }
        },
@@ -335,6 +529,100 @@
                    "type": "bool",
                    "value": false,
                    "description": "Enable a CAPTCHA on the account creation form."
+                },
+                "recaptcha": {
+                    "name": "Use Google reCAPTCHA",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "bool",
+                    "depends_true": "enabled",
+                    "value": false,
+                    "description": "More reliable, but requires some setup. See jfa-go wiki for more info."
+                },
+                "recaptcha_site_key": {
+                    "name": "reCAPTCHA Site Key",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "text",
+                    "depends_true": "recaptcha",
+                    "value": "",
+                    "description": "Site Key, see jfa-go wiki for how to acquire one."
+                },
+                "recaptcha_secret_key": {
+                    "name": "reCAPTCHA Secret Key",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "text",
+                    "depends_true": "recaptcha",
+                    "value": "",
+                    "description": "Secret Key, see jfa-go wiki for how to acquire one."
+                },
+                "recaptcha_hostname": {
+                    "name": "Hostname",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "text",
+                    "depends_true": "recaptcha",
+                    "value": "",
+                    "description": "Public host-name of jfa-go, e.g. \"site.com\". Don't include any subpaths."
+                }
+            }
+        },
+        "user_page": {
+            "order": [],
+            "meta": {
+                "name": "User Page/\"My Account\"",
+                "description": "The User Page (My Account) allows users to access and modify info directly, such as changing/adding contact methods, seeing their expiry date, sending referrals or changing their password. Password resets can also be initiated from here, given a contact method or username. ",
+                "depends_true": "ui|jellyfin_login"
+            },
+            "settings": {
+                "enabled": {
+                    "name": "Enabled",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "bool",
+                    "value": true
+                },
+                "jellyfin_login_note": {
+                    "name": "Note:",
+                    "type": "note",
+                    "value": "",
+                    "depends_true": "enabled",
+                    "required": "false",
+                    "description": "Jellyfin Login must be enabled to use this feature, and password resets with a link must be enabled for self-service.",
+                    "style": "critical"
+                },
+                "edit_note": {
+                    "name": "Message Cards:",
+                    "type": "note",
+                    "value": "",
+                    "depends_true": "enabled",
+                    "required": "false",
+                    "description": "Click the edit icon next to the \"User Page\" Setting to add custom Markdown messages that will be shown to the user. Note message cards are not private, little effort is required for anyone to view them."
+                },
+                "show_link": {
+                    "name": "Show Link on Admin Login page",
+                    "required": false,
+                    "requires_restart": false,
+                    "type": "bool",
+                    "value": true,
+                    "description": "Whether or not to show a link to the \"My Account\" page on the admin login screen, to direct lost users."
+                },
+                "referrals": {
+                    "name": "User Referrals",
+                    "required": false,
+                    "requires_restart": true,
+                    "type": "bool",
+                    "value": true,
+                    "description": "Users are given their own \"invite\" to send to others."
+                },
+                "referrals_note": {
+                    "name": "Using Referrals:",
+                    "type": "note",
+                    "value": "",
+                    "depends_true": "referrals",
+                    "required": "false",
+                    "description": "Create an invite with your desired settings, then either assign it to a user in the accounts tab, or to a profile in settings."
                }
            }
        },
@@ -430,6 +718,14 @@
                    "type": "text",
                    "value": "Need help? contact me.",
                    "description": "Message displayed at bottom of emails."
+                },
+                "edit_note": {
+                    "name": "Customize Messages:",
+                    "type": "note",
+                    "value": "",
+                    "depends_true": "enabled",
+                    "required": "false",
+                    "description": "Click the edit icon next to the \"Messages/Notifications\" Setting to customize the messages sent to users with Markdown."
                }
            }
        },
@@ -918,6 +1214,14 @@
                    "value": true,
                    "description": "Enable to store provided email addresses, monitor Jellyfin directory for pw-resets, and send reset pins"
                },
+                "pwr_note": {
+                    "name": "Setup:",
+                    "type": "note",
+                    "value": "",
+                    "depends_true": "enabled",
+                    "required": "false",
+                    "description": "There are multiple ways password resets can be set up. See the <a href=\"https://wiki.jfa-go.com/docs/pwr/\" target=\"_blank\">wiki page</a> for more information."
+                },
                "watch_directory": {
                    "name": "Jellyfin directory",
                    "required": false,
@@ -1499,6 +1803,14 @@
                    "value": "",
                    "description": "JSON file generated by program in settings, different from email_html/email_text. See wiki for more info."
                },
+                "custom_user_page_content": {
+                    "name": "Custom user page content",
+                    "required": false,
+                    "requires_restart": false,
+                    "type": "text",
+                    "value": "",
+                    "description": "JSON file generated by program in settings, containing user page messages. See wiki for more info."
+                },
                "telegram_users": {
                    "name": "Telegram users",
                    "required": false,
--- a/css/base.css
+++ b/css/base.css
@@ -3,6 +3,7 @@
@import "./dark.css";
@import "./tooltip.css";
@import "./loader.css";
+@import "./fonts.css";

@tailwind base;
@tailwind components;
@@ -13,6 +14,10 @@
    --border-width-2: 3px;
    --border-width-4: 5px;
    --border-width-8: 8px;
+    font-family: 'Hanken Grotesk', ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol";
+
+    --bg-light: #fff;
+    --bg-dark: #101010;
 }

 .light {
@@ -24,11 +29,11 @@
 }

 .dark body {
-    background-color: #101010;
+    background-color: var(--bg-dark);
 }

 html:not(.dark) body {
-    background-color: #fff;
+    background-color: var(--bg-light);
 }

 .dark select, .dark option, .dark input {
@@ -485,6 +490,15 @@ a:hover:not(.lang-link):not(.\~urge), a:active:not(.lang-link):not(.\~urge) {
    color: var(--color-urge-200);
 }

+a.button,
+a.button:link,
+a.button:visited,
+a.button:focus,
+a.buton:hover {
+    color: var(--color-content) !important;
+}
+
+
 .link-center {
    display: block;
    text-align: center;
@@ -560,3 +574,16 @@ div.card:contains(section.banner.footer) {
 input[type="checkbox" i], [class^="ri-"], [class*=" ri-"], .ri-refresh-line:before, .modal-close {
    cursor: pointer;
 }
+
+
+.g-recaptcha {
+    overflow: hidden;
+    width: 296px;
+    height: 72px;
+    transform: scale(1.1);
+    transform-origin: top left;
+}
+
+.g-recaptcha iframe {
+    margin: -2px 0px 0px -4px;
+}
--- a/css/fonts.css
+++ b/css/fonts.css
@@ -0,0 +1,44 @@
+/* hanken-grotesk-regular - cyrillic-ext_latin_vietnamese */
+@font-face {
+  font-display: swap; /* Check https://developer.mozilla.org/en-US/docs/Web/CSS/@font-face/font-display for other options. */
+  font-family: 'Hanken Grotesk';
+  font-style: normal;
+  font-weight: 400;
+  src: url('../fonts/hanken-grotesk-v8-cyrillic-ext_latin_vietnamese-regular.woff2') format('woff2'); /* Chrome 36+, Opera 23+, Firefox 39+, Safari 12+, iOS 10+ */
+}
+
+/* hanken-grotesk-500 - cyrillic-ext_latin_vietnamese */
+@font-face {
+  font-display: swap; /* Check https://developer.mozilla.org/en-US/docs/Web/CSS/@font-face/font-display for other options. */
+  font-family: 'Hanken Grotesk';
+  font-style: normal;
+  font-weight: 500;
+  src: url('../fonts/hanken-grotesk-v8-cyrillic-ext_latin_vietnamese-500.woff2') format('woff2'); /* Chrome 36+, Opera 23+, Firefox 39+, Safari 12+, iOS 10+ */
+}
+
+/* hanken-grotesk-500italic - cyrillic-ext_latin_vietnamese */
+@font-face {
+  font-display: swap; /* Check https://developer.mozilla.org/en-US/docs/Web/CSS/@font-face/font-display for other options. */
+  font-family: 'Hanken Grotesk';
+  font-style: italic;
+  font-weight: 500;
+  src: url('../fonts/hanken-grotesk-v8-cyrillic-ext_latin_vietnamese-500italic.woff2') format('woff2'); /* Chrome 36+, Opera 23+, Firefox 39+, Safari 12+, iOS 10+ */
+}
+
+/* hanken-grotesk-700 - cyrillic-ext_latin_vietnamese */
+@font-face {
+  font-display: swap; /* Check https://developer.mozilla.org/en-US/docs/Web/CSS/@font-face/font-display for other options. */
+  font-family: 'Hanken Grotesk';
+  font-style: normal;
+  font-weight: 700;
+  src: url('../fonts/hanken-grotesk-v8-cyrillic-ext_latin_vietnamese-700.woff2') format('woff2'); /* Chrome 36+, Opera 23+, Firefox 39+, Safari 12+, iOS 10+ */
+}
+
+/* hanken-grotesk-700italic - cyrillic-ext_latin_vietnamese */
+@font-face {
+  font-display: swap; /* Check https://developer.mozilla.org/en-US/docs/Web/CSS/@font-face/font-display for other options. */
+  font-family: 'Hanken Grotesk';
+  font-style: italic;
+  font-weight: 700;
+  src: url('../fonts/hanken-grotesk-v8-cyrillic-ext_latin_vietnamese-700italic.woff2') format('woff2'); /* Chrome 36+, Opera 23+, Firefox 39+, Safari 12+, iOS 10+ */
+}
--- a/css/modal.css
+++ b/css/modal.css
@@ -10,6 +10,24 @@
    background-color: rgba(0,0,0,40%);
 }

+.wall {
+    position: fixed;
+    z-index: 11;
+    top: 0;
+    left: 0;
+    width: 100%;
+    height: 100%;
+    overflow: auto;
+}
+
+html.dark .wall {
+    background-color: var(--bg-dark);
+}
+
+html:not(.dark) .wall {
+    background-color: var(--bg-light);
+}
+
 .modal-close {
    float: right;
    color: #aaa;
--- a/daemon.go
+++ b/daemon.go
@@ -7,77 +7,53 @@ import "time"
 // the user cache is fresh.
 func (app *appContext) clearEmails() {
 	app.debug.Println("Housekeeping: removing unused email addresses")
-	users, status, err := app.jf.GetUsers(false)
-	if status != 200 || err != nil || len(users) == 0 {
-		app.err.Printf("Failed to get users from Jellyfin (%d): %v", status, err)
-		return
-	}
-	// Rebuild email storage to from existing users to reduce time complexity
-	emails := map[string]EmailAddress{}
-	for _, user := range users {
-		if email, ok := app.storage.emails[user.ID]; ok {
-			emails[user.ID] = email
+	emails := app.storage.GetEmails()
+	for _, email := range emails {
+		_, status, err := app.jf.UserByID(email.JellyfinID, false)
+		if status == 200 && err == nil {
+			continue
 		}
+		app.storage.DeleteEmailsKey(email.JellyfinID)
 	}
-	app.storage.emails = emails
-	app.storage.storeEmails()
 }

 // clearDiscord does the same as clearEmails, but for Discord Users.
 func (app *appContext) clearDiscord() {
 	app.debug.Println("Housekeeping: removing unused Discord IDs")
-	users, status, err := app.jf.GetUsers(false)
-	if status != 200 || err != nil || len(users) == 0 {
-		app.err.Printf("Failed to get users from Jellyfin (%d): %v", status, err)
-		return
-	}
-	// Rebuild discord storage to from existing users to reduce time complexity
-	dcUsers := map[string]DiscordUser{}
-	for _, user := range users {
-		if dcUser, ok := app.storage.discord[user.ID]; ok {
-			dcUsers[user.ID] = dcUser
+	discordUsers := app.storage.GetDiscord()
+	for _, discordUser := range discordUsers {
+		_, status, err := app.jf.UserByID(discordUser.JellyfinID, false)
+		if status == 200 && err == nil {
+			continue
 		}
+		app.storage.DeleteDiscordKey(discordUser.JellyfinID)
 	}
-	app.storage.discord = dcUsers
-	app.storage.storeDiscordUsers()
 }

 // clearMatrix does the same as clearEmails, but for Matrix Users.
 func (app *appContext) clearMatrix() {
 	app.debug.Println("Housekeeping: removing unused Matrix IDs")
-	users, status, err := app.jf.GetUsers(false)
-	if status != 200 || err != nil || len(users) == 0 {
-		app.err.Printf("Failed to get users from Jellyfin (%d): %v", status, err)
-		return
-	}
-	// Rebuild matrix storage to from existing users to reduce time complexity
-	mxUsers := map[string]MatrixUser{}
-	for _, user := range users {
-		if mxUser, ok := app.storage.matrix[user.ID]; ok {
-			mxUsers[user.ID] = mxUser
+	matrixUsers := app.storage.GetMatrix()
+	for _, matrixUser := range matrixUsers {
+		_, status, err := app.jf.UserByID(matrixUser.JellyfinID, false)
+		if status == 200 && err == nil {
+			continue
 		}
+		app.storage.DeleteMatrixKey(matrixUser.JellyfinID)
 	}
-	app.storage.matrix = mxUsers
-	app.storage.storeMatrixUsers()
 }

 // clearTelegram does the same as clearEmails, but for Telegram Users.
 func (app *appContext) clearTelegram() {
 	app.debug.Println("Housekeeping: removing unused Telegram IDs")
-	users, status, err := app.jf.GetUsers(false)
-	if status != 200 || err != nil || len(users) == 0 {
-		app.err.Printf("Failed to get users from Jellyfin (%d): %v", status, err)
-		return
-	}
-	// Rebuild telegram storage to from existing users to reduce time complexity
-	tgUsers := map[string]TelegramUser{}
-	for _, user := range users {
-		if tgUser, ok := app.storage.telegram[user.ID]; ok {
-			tgUsers[user.ID] = tgUser
+	telegramUsers := app.storage.GetTelegram()
+	for _, telegramUser := range telegramUsers {
+		_, status, err := app.jf.UserByID(telegramUser.JellyfinID, false)
+		if status == 200 && err == nil {
+			continue
 		}
+		app.storage.DeleteTelegramKey(telegramUser.JellyfinID)
 	}
-	app.storage.telegram = tgUsers
-	app.storage.storeTelegramUsers()
 }

 // https://bbengfort.github.io/snippets/2016/06/26/background-work-goroutines-timer.html THANKS
@@ -140,7 +116,6 @@ func (rt *housekeepingDaemon) run() {
 			break
 		}
 		started := time.Now()
-		rt.app.storage.loadInvites()

 		for _, job := range rt.jobs {
 			job(rt.app)
--- a/discord.go
+++ b/discord.go
@@ -3,8 +3,10 @@ package main
 import (
 	"fmt"
 	"strings"
+	"time"

 	dg "github.com/bwmarrin/discordgo"
+	"github.com/timshannon/badgerhold/v4"
 )

 type DiscordDaemon struct {
@@ -12,8 +14,8 @@ type DiscordDaemon struct {
 	ShutdownChannel                                            chan string
 	bot                                                        *dg.Session
 	username                                                   string
-	tokens                                                     []string
-	verifiedTokens                                             map[string]DiscordUser // Map of tokens to discord users.
+	tokens                                                     map[string]VerifToken  // Map of pins to tokens.
+	verifiedTokens                                             map[string]DiscordUser // Map of token pins to discord users.
 	channelID, channelName, inviteChannelID, inviteChannelName string
 	guildID                                                    string
 	serverChannelName, serverName                              string
@@ -22,6 +24,7 @@ type DiscordDaemon struct {
 	app                                                        *appContext
 	commandHandlers                                            map[string]func(s *dg.Session, i *dg.InteractionCreate, lang string)
 	commandIDs                                                 []string
+	commandDescriptions                                        []*dg.ApplicationCommand
 }

 func newDiscordDaemon(app *appContext) (*DiscordDaemon, error) {
@@ -37,7 +40,7 @@ func newDiscordDaemon(app *appContext) (*DiscordDaemon, error) {
 		Stopped:         false,
 		ShutdownChannel: make(chan string),
 		bot:             bot,
-		tokens:          []string{},
+		tokens:          map[string]VerifToken{},
 		verifiedTokens:  map[string]DiscordUser{},
 		users:           map[string]DiscordUser{},
 		app:             app,
@@ -48,7 +51,8 @@ func newDiscordDaemon(app *appContext) (*DiscordDaemon, error) {
 	dd.commandHandlers[app.config.Section("discord").Key("start_command").MustString("start")] = dd.cmdStart
 	dd.commandHandlers["lang"] = dd.cmdLang
 	dd.commandHandlers["pin"] = dd.cmdPIN
-	for _, user := range app.storage.discord {
+	dd.commandHandlers["inv"] = dd.cmdInvite
+	for _, user := range app.storage.GetDiscord() {
 		dd.users[user.ID] = user
 	}

@@ -58,7 +62,15 @@ func newDiscordDaemon(app *appContext) (*DiscordDaemon, error) {
 // NewAuthToken generates an 8-character pin in the form "A1-2B-CD".
 func (d *DiscordDaemon) NewAuthToken() string {
 	pin := genAuthToken()
-	d.tokens = append(d.tokens, pin)
+	d.tokens[pin] = VerifToken{Expiry: time.Now().Add(VERIF_TOKEN_EXPIRY_SEC * time.Second), JellyfinID: ""}
+	return pin
+}
+
+// NewAssignedAuthToken generates an 8-character pin in the form "A1-2B-CD",
+// and assigns it for access only with the given Jellyfin ID.
+func (d *DiscordDaemon) NewAssignedAuthToken(id string) string {
+	pin := genAuthToken()
+	d.tokens[pin] = VerifToken{Expiry: time.Now().Add(VERIF_TOKEN_EXPIRY_SEC * time.Second), JellyfinID: id}
 	return pin
 }

@@ -117,6 +129,7 @@ func (d *DiscordDaemon) run() {
 			d.inviteChannelName = invChannel
 		}
 	}
+	err = d.bot.UpdateGameStatus(0, "/"+d.app.config.Section("discord").Key("start_command").MustString("start"))
 	defer d.deregisterCommands()
 	defer d.bot.Close()

@@ -297,7 +310,7 @@ func (d *DiscordDaemon) Shutdown() {
 }

 func (d *DiscordDaemon) registerCommands() {
-	commands := []*dg.ApplicationCommand{
+	d.commandDescriptions = []*dg.ApplicationCommand{
 		{
 			Name:        d.app.config.Section("discord").Key("start_command").MustString("start"),
 			Description: "Start the Discord linking process. The bot will send further instructions.",
@@ -327,25 +340,73 @@ func (d *DiscordDaemon) registerCommands() {
 				},
 			},
 		},
+		{
+			Name:        "inv",
+			Description: "Send an invite to a discord user (admin only).",
+			Options: []*dg.ApplicationCommandOption{
+				{
+					Type:        dg.ApplicationCommandOptionUser,
+					Name:        "user",
+					Description: "User to Invite.",
+					Required:    true,
+				},
+				{
+					Type:        dg.ApplicationCommandOptionInteger,
+					Name:        "expiry",
+					Description: "Time in minutes before expiration.",
+					Required:    false,
+				},
+				/* Label should be automatically set to something like "Discord invite for @username"
+				{
+					Type:        dg.ApplicationCommandOptionString,
+					Name:        "label",
+					Description: "Label given to this invite (shown on the Admin page)",
+					Required:    false,
+				}, */
+				{
+					Type:        dg.ApplicationCommandOptionString,
+					Name:        "user_label",
+					Description: "Label given to users created with this invite.",
+					Required:    false,
+				},
+				{
+					Type:        dg.ApplicationCommandOptionString,
+					Name:        "profile",
+					Description: "Profile to apply to the created user.",
+					Required:    false,
+				},
+			},
+		},
 	}
-	commands[1].Options[0].Choices = make([]*dg.ApplicationCommandOptionChoice, len(d.app.storage.lang.Telegram))
+	d.commandDescriptions[1].Options[0].Choices = make([]*dg.ApplicationCommandOptionChoice, len(d.app.storage.lang.Telegram))
 	i := 0
 	for code := range d.app.storage.lang.Telegram {
-		commands[1].Options[0].Choices[i] = &dg.ApplicationCommandOptionChoice{
+		d.app.debug.Printf("Discord: registering lang choice \"%s\":\"%s\"\n", d.app.storage.lang.Telegram[code].Meta.Name, code)
+		d.commandDescriptions[1].Options[0].Choices[i] = &dg.ApplicationCommandOptionChoice{
 			Name:  d.app.storage.lang.Telegram[code].Meta.Name,
 			Value: code,
 		}
 		i++
 	}

+	profiles := d.app.storage.GetProfiles()
+	d.commandDescriptions[3].Options[3].Choices = make([]*dg.ApplicationCommandOptionChoice, len(profiles))
+	for i, profile := range profiles {
+		d.app.debug.Printf("Discord: registering profile choice \"%s\"", profile.Name)
+		d.commandDescriptions[3].Options[3].Choices[i] = &dg.ApplicationCommandOptionChoice{
+			Name:  profile.Name,
+			Value: profile.Name,
+		}
+	}
+
 	// d.deregisterCommands()

-	d.commandIDs = make([]string, len(commands))
+	d.commandIDs = make([]string, len(d.commandDescriptions))
 	// cCommands, err := d.bot.ApplicationCommandBulkOverwrite(d.bot.State.User.ID, d.guildID, commands)
 	// if err != nil {
 	// 	d.app.err.Printf("Discord: Cannot create commands: %v", err)
 	// }
-	for i, cmd := range commands {
+	for i, cmd := range d.commandDescriptions {
 		command, err := d.bot.ApplicationCommandCreate(d.bot.State.User.ID, d.guildID, cmd)
 		if err != nil {
 			d.app.err.Printf("Discord: Cannot create command \"%s\": %v", cmd.Name, err)
@@ -363,12 +424,32 @@ func (d *DiscordDaemon) deregisterCommands() {
 		return
 	}
 	for _, cmd := range existingCommands {
-		if err := d.bot.ApplicationCommandDelete(d.bot.State.User.ID, "", cmd.ID); err != nil {
-			d.app.err.Printf("Failed to deregister command: %v", err)
+		if err := d.bot.ApplicationCommandDelete(d.bot.State.User.ID, d.guildID, cmd.ID); err != nil {
+			d.app.err.Printf("Discord: Failed to deregister command: %v", err)
 		}
 	}
 }

+// UpdateCommands updates commands which have defined lists of options, to be used when changes occur.
+func (d *DiscordDaemon) UpdateCommands() {
+	// Reload Profile List
+	profiles := d.app.storage.GetProfiles()
+	d.commandDescriptions[3].Options[3].Choices = make([]*dg.ApplicationCommandOptionChoice, len(profiles))
+	for i, profile := range profiles {
+		d.app.debug.Printf("Discord: registering profile choice \"%s\"", profile.Name)
+		d.commandDescriptions[3].Options[3].Choices[i] = &dg.ApplicationCommandOptionChoice{
+			Name:  profile.Name,
+			Value: profile.Name,
+		}
+	}
+	cmd, err := d.bot.ApplicationCommandEdit(d.bot.State.User.ID, d.guildID, d.commandIDs[3], d.commandDescriptions[3])
+	if err != nil {
+		d.app.err.Printf("Discord: Failed to update profile list: %v\n", err)
+	} else {
+		d.commandIDs[3] = cmd.ID
+	}
+}
+
 func (d *DiscordDaemon) commandHandler(s *dg.Session, i *dg.InteractionCreate) {
 	if h, ok := d.commandHandlers[i.ApplicationCommandData().Name]; ok {
 		if i.GuildID != "" && d.channelName != "" {
@@ -429,14 +510,8 @@ func (d *DiscordDaemon) cmdStart(s *dg.Session, i *dg.InteractionCreate, lang st

 func (d *DiscordDaemon) cmdPIN(s *dg.Session, i *dg.InteractionCreate, lang string) {
 	pin := i.ApplicationCommandData().Options[0].StringValue()
-	tokenIndex := -1
-	for i, token := range d.tokens {
-		if pin == token {
-			tokenIndex = i
-			break
-		}
-	}
-	if tokenIndex == -1 {
+	user, ok := d.tokens[pin]
+	if !ok || time.Now().After(user.Expiry) {
 		err := s.InteractionRespond(i.Interaction, &dg.InteractionResponse{
 			//	Type: dg.InteractionResponseChannelMessageWithSource,
 			Type: dg.InteractionResponseChannelMessageWithSource,
@@ -448,6 +523,7 @@ func (d *DiscordDaemon) cmdPIN(s *dg.Session, i *dg.InteractionCreate, lang stri
 		if err != nil {
 			d.app.err.Printf("Discord: Failed to send message to \"%s\": %v", i.Interaction.Member.User.Username, err)
 		}
+		delete(d.tokens, pin)
 		return
 	}
 	err := s.InteractionRespond(i.Interaction, &dg.InteractionResponse{
@@ -461,23 +537,21 @@ func (d *DiscordDaemon) cmdPIN(s *dg.Session, i *dg.InteractionCreate, lang stri
 	if err != nil {
 		d.app.err.Printf("Discord: Failed to send message to \"%s\": %v", i.Interaction.Member.User.Username, err)
 	}
-	d.verifiedTokens[pin] = d.users[i.Interaction.Member.User.ID]
-	d.tokens[len(d.tokens)-1], d.tokens[tokenIndex] = d.tokens[tokenIndex], d.tokens[len(d.tokens)-1]
-	d.tokens = d.tokens[:len(d.tokens)-1]
+	dcUser := d.users[i.Interaction.Member.User.ID]
+	dcUser.JellyfinID = user.JellyfinID
+	d.verifiedTokens[pin] = dcUser
+	delete(d.tokens, pin)
 }

 func (d *DiscordDaemon) cmdLang(s *dg.Session, i *dg.InteractionCreate, lang string) {
 	code := i.ApplicationCommandData().Options[0].StringValue()
 	if _, ok := d.app.storage.lang.Telegram[code]; ok {
 		var user DiscordUser
-		for jfID, u := range d.app.storage.discord {
+		for _, u := range d.app.storage.GetDiscord() {
 			if u.ID == i.Interaction.Member.User.ID {
 				u.Lang = code
 				lang = code
-				d.app.storage.discord[jfID] = u
-				if err := d.app.storage.storeDiscordUsers(); err != nil {
-					d.app.err.Printf("Failed to store Discord users: %v", err)
-				}
+				d.app.storage.SetDiscordKey(u.JellyfinID, u)
 				user = u
 				break
 			}
@@ -498,6 +572,124 @@ func (d *DiscordDaemon) cmdLang(s *dg.Session, i *dg.InteractionCreate, lang str
 	}
 }

+func (d *DiscordDaemon) cmdInvite(s *dg.Session, i *dg.InteractionCreate, lang string) {
+	channel, err := s.UserChannelCreate(i.Interaction.Member.User.ID)
+	if err != nil {
+		d.app.err.Printf("Discord: Failed to create private channel with \"%s\": %v", i.Interaction.Member.User.Username, err)
+		return
+	}
+	requester := d.MustGetUser(channel.ID, i.Interaction.Member.User.ID, i.Interaction.Member.User.Discriminator, i.Interaction.Member.User.Username)
+	d.users[i.Interaction.Member.User.ID] = requester
+	recipient := i.ApplicationCommandData().Options[0].UserValue(s)
+	// d.app.debug.Println(invuser)
+	//label := i.ApplicationCommandData().Options[2].StringValue()
+	//profile := i.ApplicationCommandData().Options[3].StringValue()
+	//mins, err := strconv.Atoi(i.ApplicationCommandData().Options[1].StringValue())
+	//if mins > 0 {
+	//	expmin = mins
+	//}
+	//	Check whether requestor is linked to the admin account
+	requesterEmail, ok := d.app.storage.GetEmailsKey(requester.JellyfinID)
+	if !ok {
+		d.app.err.Printf("Failed to verify admin")
+	}
+	if !requesterEmail.Admin {
+		d.app.err.Printf("User is not admin")
+		//add response message
+		return
+	}
+
+	var expiryMinutes int64 = 30
+	userLabel := ""
+	profileName := ""
+
+	for i, opt := range i.ApplicationCommandData().Options {
+		if i == 0 {
+			continue
+		}
+		switch opt.Name {
+		case "expiry":
+			expiryMinutes = opt.IntValue()
+		case "user_label":
+			userLabel = opt.StringValue()
+		case "profile":
+			profileName = opt.StringValue()
+		}
+	}
+
+	currentTime := time.Now()
+
+	validTill := currentTime.Add(time.Minute * time.Duration(expiryMinutes))
+
+	invite := Invite{
+		Code:          GenerateInviteCode(),
+		Created:       currentTime,
+		RemainingUses: 1,
+		UserExpiry:    false,
+		ValidTill:     validTill,
+		UserLabel:     userLabel,
+		Profile:       "Default",
+		Label:         fmt.Sprintf("Discord: %s", RenderDiscordUsername(recipient)),
+	}
+	if profileName != "" {
+		if _, ok := d.app.storage.GetProfileKey(profileName); ok {
+			invite.Profile = profileName
+		}
+	}
+
+	if recipient != nil && d.app.config.Section("invite_emails").Key("enabled").MustBool(false) {
+		d.app.debug.Printf("%s: Sending invite message", invite.Code)
+		invname, err := d.bot.GuildMember(d.guildID, recipient.ID)
+		invite.SendTo = invname.User.Username
+		msg, err := d.app.email.constructInvite(invite.Code, invite, d.app, false)
+		if err != nil {
+			invite.SendTo = fmt.Sprintf("Failed to send to %s", RenderDiscordUsername(recipient))
+			d.app.err.Printf("%s: Failed to construct invite message: %v", invite.Code, err)
+			err := s.InteractionRespond(i.Interaction, &dg.InteractionResponse{
+				Type: dg.InteractionResponseChannelMessageWithSource,
+				Data: &dg.InteractionResponseData{
+					Content: d.app.storage.lang.Telegram[lang].Strings.get("sentInviteFailure"),
+					Flags:   64, // Ephemeral
+				},
+			})
+			if err != nil {
+				d.app.err.Printf("Discord: Failed to send message to \"%s\": %v", RenderDiscordUsername(requester), err)
+			}
+		} else {
+			var err error
+			err = d.app.discord.SendDM(msg, recipient.ID)
+			if err != nil {
+				invite.SendTo = fmt.Sprintf("Failed to send to %s", RenderDiscordUsername(recipient))
+				d.app.err.Printf("%s: %s: %v", invite.Code, invite.SendTo, err)
+				err := s.InteractionRespond(i.Interaction, &dg.InteractionResponse{
+					Type: dg.InteractionResponseChannelMessageWithSource,
+					Data: &dg.InteractionResponseData{
+						Content: d.app.storage.lang.Telegram[lang].Strings.get("sentInviteFailure"),
+						Flags:   64, // Ephemeral
+					},
+				})
+				if err != nil {
+					d.app.err.Printf("Discord: Failed to send message to \"%s\": %v", RenderDiscordUsername(requester), err)
+				}
+			} else {
+				d.app.info.Printf("%s: Sent invite email to \"%s\"", invite.Code, RenderDiscordUsername(recipient))
+				err := s.InteractionRespond(i.Interaction, &dg.InteractionResponse{
+					Type: dg.InteractionResponseChannelMessageWithSource,
+					Data: &dg.InteractionResponseData{
+						Content: d.app.storage.lang.Telegram[lang].Strings.get("sentInvite"),
+						Flags:   64, // Ephemeral
+					},
+				})
+				if err != nil {
+					d.app.err.Printf("Discord: Failed to send message to \"%s\": %v", RenderDiscordUsername(requester), err)
+				}
+			}
+		}
+	}
+	//if profile != "" {
+	d.app.storage.SetInvitesKey(invite.Code, invite)
+}
+
 func (d *DiscordDaemon) messageHandler(s *dg.Session, m *dg.MessageCreate) {
 	if m.GuildID != "" && d.channelName != "" {
 		if d.channelID == "" {
@@ -580,13 +772,10 @@ func (d *DiscordDaemon) msgLang(s *dg.Session, m *dg.MessageCreate, sects []stri
 	}
 	if _, ok := d.app.storage.lang.Telegram[sects[1]]; ok {
 		var user DiscordUser
-		for jfID, u := range d.app.storage.discord {
+		for _, u := range d.app.storage.GetDiscord() {
 			if u.ID == m.Author.ID {
 				u.Lang = sects[1]
-				d.app.storage.discord[jfID] = u
-				if err := d.app.storage.storeDiscordUsers(); err != nil {
-					d.app.err.Printf("Failed to store Discord users: %v", err)
-				}
+				d.app.storage.SetDiscordKey(u.JellyfinID, u)
 				user = u
 				break
 			}
@@ -610,14 +799,8 @@ func (d *DiscordDaemon) msgPIN(s *dg.Session, m *dg.MessageCreate, sects []strin
 		d.app.debug.Println("Discord: Ignoring message as user was not found")
 		return
 	}
-	tokenIndex := -1
-	for i, token := range d.tokens {
-		if sects[0] == token {
-			tokenIndex = i
-			break
-		}
-	}
-	if tokenIndex == -1 {
+	user, ok := d.tokens[sects[0]]
+	if !ok || time.Now().After(user.Expiry) {
 		_, err := s.ChannelMessageSend(
 			m.ChannelID,
 			d.app.storage.lang.Telegram[lang].Strings.get("invalidPIN"),
@@ -625,6 +808,7 @@ func (d *DiscordDaemon) msgPIN(s *dg.Session, m *dg.MessageCreate, sects []strin
 		if err != nil {
 			d.app.err.Printf("Discord: Failed to send message to \"%s\": %v", m.Author.Username, err)
 		}
+		delete(d.tokens, sects[0])
 		return
 	}
 	_, err := s.ChannelMessageSend(
@@ -634,9 +818,10 @@ func (d *DiscordDaemon) msgPIN(s *dg.Session, m *dg.MessageCreate, sects []strin
 	if err != nil {
 		d.app.err.Printf("Discord: Failed to send message to \"%s\": %v", m.Author.Username, err)
 	}
-	d.verifiedTokens[sects[0]] = d.users[m.Author.ID]
-	d.tokens[len(d.tokens)-1], d.tokens[tokenIndex] = d.tokens[tokenIndex], d.tokens[len(d.tokens)-1]
-	d.tokens = d.tokens[:len(d.tokens)-1]
+	dcUser := d.users[m.Author.ID]
+	dcUser.JellyfinID = user.JellyfinID
+	d.verifiedTokens[sects[0]] = dcUser
+	delete(d.tokens, sects[0])
 }

 func (d *DiscordDaemon) SendDM(message *Message, userID ...string) error {
@@ -690,3 +875,32 @@ func (d *DiscordDaemon) Send(message *Message, channelID ...string) error {
 	}
 	return nil
 }
+
+// UserVerified returns whether or not a token with the given PIN has been verified, and the user itself.
+func (d *DiscordDaemon) UserVerified(pin string) (user DiscordUser, ok bool) {
+	user, ok = d.verifiedTokens[pin]
+	// delete(d.verifiedTokens, pin)
+	return
+}
+
+// AssignedUserVerified returns whether or not a user with the given PIN has been verified, and the token itself.
+// Returns false if the given Jellyfin ID does not match the one in the user.
+func (d *DiscordDaemon) AssignedUserVerified(pin string, jfID string) (user DiscordUser, ok bool) {
+	user, ok = d.verifiedTokens[pin]
+	if ok && user.JellyfinID != jfID {
+		ok = false
+	}
+	// delete(d.verifiedUsers, pin)
+	return
+}
+
+// UserExists returns whether or not a user with the given ID exists.
+func (d *DiscordDaemon) UserExists(id string) bool {
+	c, err := d.app.storage.db.Count(&DiscordUser{}, badgerhold.Where("ID").Eq(id))
+	return err != nil || c > 0
+}
+
+// DeleteVerifiedUser removes the token with the given PIN.
+func (d *DiscordDaemon) DeleteVerifiedUser(pin string) {
+	delete(d.verifiedTokens, pin)
+}
--- a/easyproxy/easyproxy.go
+++ b/easyproxy/easyproxy.go
@@ -0,0 +1,83 @@
+// Package easyproxy provides a method to quickly create a http.Transport or net.Conn using given proxy details (SOCKS5 or HTTP).
+package easyproxy
+
+import (
+	"crypto/tls"
+	"net/http"
+	"net/url"
+
+	"github.com/magisterquis/connectproxy"
+	"golang.org/x/net/proxy"
+)
+
+type Protocol int
+
+const (
+	SOCKS5 Protocol = iota // SOCKS5
+	HTTP                   // HTTP
+)
+
+type ProxyConfig struct {
+	Protocol Protocol
+	Addr     string
+	User     string
+	Password string
+}
+
+// NewTransport returns a http.Transport using the given proxy details. Leave user/pass blank if not needed.
+func NewTransport(c ProxyConfig) (*http.Transport, error) {
+	t := &http.Transport{}
+	if c.Protocol == HTTP {
+		u := &url.URL{
+			Scheme: "http",
+			Host:   c.Addr,
+		}
+		if c.User != "" && c.Password != "" {
+			u.User = url.UserPassword(c.User, c.Password)
+		}
+		t.Proxy = http.ProxyURL(u)
+		return t, nil
+	}
+	var auth *proxy.Auth = nil
+	if c.User != "" && c.Password != "" {
+		auth = &proxy.Auth{User: c.User, Password: c.Password}
+	}
+	dialer, err := proxy.SOCKS5("tcp", c.Addr, auth, proxy.Direct)
+	if err != nil {
+		return nil, err
+	}
+	t.Dial = dialer.Dial
+	return t, nil
+}
+
+// NewConn returns a tls.Conn to "addr" using the given proxy details. Leave user/pass blank if not needed.
+func NewConn(c ProxyConfig, addr string, tlsConf *tls.Config) (*tls.Conn, error) {
+	var proxyDialer proxy.Dialer
+	var err error
+	if c.Protocol == SOCKS5 {
+		var auth *proxy.Auth = nil
+		if c.User != "" && c.Password != "" {
+			auth = &proxy.Auth{User: c.User, Password: c.Password}
+		}
+		proxyDialer, err = proxy.SOCKS5("tcp", c.Addr, auth, proxy.Direct)
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		u := &url.URL{
+			Scheme: "http",
+			Host:   c.Addr,
+		}
+		if c.User != "" && c.Password != "" {
+			u.User = url.UserPassword(c.User, c.Password)
+		}
+		proxyDialer, err = connectproxy.New(u, proxy.Direct)
+	}
+
+	dialer, err := proxyDialer.Dial("tcp", addr)
+	if err != nil {
+		return nil, err
+	}
+	conn := tls.Client(dialer, tlsConf)
+	return conn, nil
+}
--- a/easyproxy/go.mod
+++ b/easyproxy/go.mod
@@ -0,0 +1,7 @@
+module github.com/hrfee/jfa-go/easyproxy
+
+go 1.20
+
+require golang.org/x/net v0.15.0
+
+require github.com/magisterquis/connectproxy v0.0.0-20200725203833-3582e84f0c9b // indirect
--- a/easyproxy/go.sum
+++ b/easyproxy/go.sum
@@ -0,0 +1,4 @@
+github.com/magisterquis/connectproxy v0.0.0-20200725203833-3582e84f0c9b h1:xZ59n7Frzh8CwyfAapUZLSg+gXH5m63YEaFCMpDHhpI=
+github.com/magisterquis/connectproxy v0.0.0-20200725203833-3582e84f0c9b/go.mod h1:uDd4sYVYsqcxAB8j+Q7uhL6IJCs/r1kxib1HV4bgOMg=
+golang.org/x/net v0.15.0 h1:ugBLEUaxABaB5AJqW9enI0ACdci2RUd4eP51NTBvuJ8=
+golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
--- a/email.go
+++ b/email.go
@@ -10,6 +10,7 @@ import (
 	"html/template"
 	"io"
 	"io/fs"
+	"net/url"
 	"os"
 	"strconv"
 	"strings"
@@ -18,12 +19,15 @@ import (

 	"github.com/gomarkdown/markdown"
 	"github.com/gomarkdown/markdown/html"
+	"github.com/hrfee/jfa-go/easyproxy"
+	"github.com/hrfee/mediabrowser"
 	"github.com/itchyny/timefmt-go"
 	"github.com/mailgun/mailgun-go/v4"
+	"github.com/timshannon/badgerhold/v4"
 	sMail "github.com/xhit/go-simple-mail/v2"
 )

-var renderer = html.NewRenderer(html.RendererOptions{Flags: html.Smartypants})
+var markdownRenderer = html.NewRenderer(html.RendererOptions{Flags: html.Smartypants})

 // EmailClient implements email sending, right now via smtp, mailgun or a dummy client.
 type EmailClient interface {
@@ -84,7 +88,11 @@ func NewEmailer(app *appContext) *Emailer {
 		if username == "" && password != "" {
 			username = emailer.fromAddr
 		}
-		err := emailer.NewSMTP(app.config.Section("smtp").Key("server").String(), app.config.Section("smtp").Key("port").MustInt(465), username, password, sslTLS, app.config.Section("smtp").Key("ssl_cert").MustString(""), app.config.Section("smtp").Key("hello_hostname").String(), app.config.Section("smtp").Key("cert_validation").MustBool(true))
+		var proxyConf *easyproxy.ProxyConfig = nil
+		if app.proxyEnabled {
+			proxyConf = &app.proxyConfig
+		}
+		err := emailer.NewSMTP(app.config.Section("smtp").Key("server").String(), app.config.Section("smtp").Key("port").MustInt(465), username, password, sslTLS, app.config.Section("smtp").Key("ssl_cert").MustString(""), app.config.Section("smtp").Key("hello_hostname").String(), app.config.Section("smtp").Key("cert_validation").MustBool(true), proxyConf)
 		if err != nil {
 			app.err.Printf("Error while initiating SMTP mailer: %v", err)
 		}
@@ -110,7 +118,7 @@ type SMTP struct {
 }

 // NewSMTP returns an SMTP emailClient.
-func (emailer *Emailer) NewSMTP(server string, port int, username, password string, sslTLS bool, certPath string, helloHostname string, validateCertificate bool) (err error) {
+func (emailer *Emailer) NewSMTP(server string, port int, username, password string, sslTLS bool, certPath string, helloHostname string, validateCertificate bool, proxy *easyproxy.ProxyConfig) (err error) {
 	sender := &SMTP{}
 	sender.Client = sMail.NewSMTPClient()
 	if sslTLS {
@@ -128,12 +136,16 @@ func (emailer *Emailer) NewSMTP(server string, port int, username, password stri
 	sender.Client.Host = server
 	sender.Client.Port = port
 	sender.Client.KeepAlive = false
+
 	// x509.SystemCertPool is unavailable on windows
 	if PLATFORM == "windows" {
 		sender.Client.TLSConfig = &tls.Config{
 			InsecureSkipVerify: !validateCertificate,
 			ServerName:         server,
 		}
+		if proxy != nil {
+			sender.Client.CustomConn, err = easyproxy.NewConn(*proxy, fmt.Sprintf("%s:%d", server, port), sender.Client.TLSConfig)
+		}
 		emailer.sender = sender
 		return
 	}
@@ -153,6 +165,9 @@ func (emailer *Emailer) NewSMTP(server string, port int, username, password stri
 		ServerName:         server,
 		RootCAs:            rootCAs,
 	}
+	if proxy != nil {
+		sender.Client.CustomConn, err = easyproxy.NewConn(*proxy, fmt.Sprintf("%s:%d", server, port), sender.Client.TLSConfig)
+	}
 	emailer.sender = sender
 	return
 }
@@ -304,10 +319,17 @@ func (emailer *Emailer) confirmationValues(code, username, key string, app *appC
 	} else {
 		message := app.config.Section("messages").Key("message").String()
 		inviteLink := app.config.Section("invite_emails").Key("url_base").String()
-		if !strings.HasSuffix(inviteLink, "/invite") {
-			inviteLink += "/invite"
+		if code == "" { // Personal email change
+			if strings.HasSuffix(inviteLink, "/invite") {
+				inviteLink = strings.TrimSuffix(inviteLink, "/invite")
+			}
+			inviteLink = fmt.Sprintf("%s/my/confirm/%s", inviteLink, url.PathEscape(key))
+		} else { // Invite email confirmation
+			if !strings.HasSuffix(inviteLink, "/invite") {
+				inviteLink += "/invite"
+			}
+			inviteLink = fmt.Sprintf("%s/%s?key=%s", inviteLink, code, url.PathEscape(key))
 		}
-		inviteLink = fmt.Sprintf("%s/%s?key=%s", inviteLink, code, key)
 		template["helloUser"] = emailer.lang.Strings.template("helloUser", tmpl{"username": username})
 		template["confirmationURL"] = inviteLink
 		template["message"] = message
@@ -321,10 +343,11 @@ func (emailer *Emailer) constructConfirmation(code, username, key string, app *a
 	}
 	var err error
 	template := emailer.confirmationValues(code, username, key, app, noSub)
-	if app.storage.customEmails.EmailConfirmation.Enabled {
+	message := app.storage.MustGetCustomContentKey("EmailConfirmation")
+	if message.Enabled {
 		content := templateEmail(
-			app.storage.customEmails.EmailConfirmation.Content,
-			app.storage.customEmails.EmailConfirmation.Variables,
+			message.Content,
+			message.Variables,
 			nil,
 			template,
 		)
@@ -345,7 +368,7 @@ func (emailer *Emailer) constructTemplate(subject, md string, app *appContext, u
 		subject = templateEmail(subject, []string{"{username}"}, nil, map[string]interface{}{"username": username[0]})
 	}
 	email := &Message{Subject: subject}
-	html := markdown.ToHTML([]byte(md), nil, renderer)
+	html := markdown.ToHTML([]byte(md), nil, markdownRenderer)
 	text := stripMarkdown(md)
 	message := app.config.Section("messages").Key("message").String()
 	var err error
@@ -404,10 +427,11 @@ func (emailer *Emailer) constructInvite(code string, invite Invite, app *appCont
 	}
 	template := emailer.inviteValues(code, invite, app, noSub)
 	var err error
-	if app.storage.customEmails.InviteEmail.Enabled {
+	message := app.storage.MustGetCustomContentKey("InviteEmail")
+	if message.Enabled {
 		content := templateEmail(
-			app.storage.customEmails.InviteEmail.Content,
-			app.storage.customEmails.InviteEmail.Variables,
+			message.Content,
+			message.Variables,
 			nil,
 			template,
 		)
@@ -443,10 +467,11 @@ func (emailer *Emailer) constructExpiry(code string, invite Invite, app *appCont
 	}
 	var err error
 	template := emailer.expiryValues(code, invite, app, noSub)
-	if app.storage.customEmails.InviteExpiry.Enabled {
+	message := app.storage.MustGetCustomContentKey("InviteExpiry")
+	if message.Enabled {
 		content := templateEmail(
-			app.storage.customEmails.InviteExpiry.Content,
-			app.storage.customEmails.InviteExpiry.Variables,
+			message.Content,
+			message.Variables,
 			nil,
 			template,
 		)
@@ -497,10 +522,11 @@ func (emailer *Emailer) constructCreated(code, username, address string, invite
 	}
 	template := emailer.createdValues(code, username, address, invite, app, noSub)
 	var err error
-	if app.storage.customEmails.UserCreated.Enabled {
+	message := app.storage.MustGetCustomContentKey("UserCreated")
+	if message.Enabled {
 		content := templateEmail(
-			app.storage.customEmails.UserCreated.Content,
-			app.storage.customEmails.UserCreated.Variables,
+			message.Content,
+			message.Variables,
 			nil,
 			template,
 		)
@@ -514,18 +540,6 @@ func (emailer *Emailer) constructCreated(code, username, address string, invite
 	return email, nil
 }

-// GenResetLink generates and returns a password reset link.
-func (app *appContext) GenResetLink(pin string) (string, error) {
-	url := app.config.Section("password_resets").Key("url_base").String()
-	var pinLink string
-	if url == "" {
-		return pinLink, fmt.Errorf("disabled as no URL Base provided. Set in Settings > Password Resets.")
-	}
-	// Strip /invite from end of this URL, ik it's ugly.
-	pinLink = fmt.Sprintf("%s/reset?pin=%s", url, pin)
-	return pinLink, nil
-}
-
 func (emailer *Emailer) resetValues(pwr PasswordReset, app *appContext, noSub bool) map[string]interface{} {
 	d, t, expiresIn := emailer.formatExpiry(pwr.Expiry, true, app.datePattern, app.timePattern)
 	message := app.config.Section("messages").Key("message").String()
@@ -582,10 +596,11 @@ func (emailer *Emailer) constructReset(pwr PasswordReset, app *appContext, noSub
 	}
 	template := emailer.resetValues(pwr, app, noSub)
 	var err error
-	if app.storage.customEmails.PasswordReset.Enabled {
+	message := app.storage.MustGetCustomContentKey("PasswordReset")
+	if message.Enabled {
 		content := templateEmail(
-			app.storage.customEmails.PasswordReset.Content,
-			app.storage.customEmails.PasswordReset.Variables,
+			message.Content,
+			message.Variables,
 			nil,
 			template,
 		)
@@ -623,10 +638,11 @@ func (emailer *Emailer) constructDeleted(reason string, app *appContext, noSub b
 	}
 	var err error
 	template := emailer.deletedValues(reason, app, noSub)
-	if app.storage.customEmails.UserDeleted.Enabled {
+	message := app.storage.MustGetCustomContentKey("UserDeleted")
+	if message.Enabled {
 		content := templateEmail(
-			app.storage.customEmails.UserDeleted.Content,
-			app.storage.customEmails.UserDeleted.Variables,
+			message.Content,
+			message.Variables,
 			nil,
 			template,
 		)
@@ -664,10 +680,11 @@ func (emailer *Emailer) constructDisabled(reason string, app *appContext, noSub
 	}
 	var err error
 	template := emailer.disabledValues(reason, app, noSub)
-	if app.storage.customEmails.UserDisabled.Enabled {
+	message := app.storage.MustGetCustomContentKey("UserDisabled")
+	if message.Enabled {
 		content := templateEmail(
-			app.storage.customEmails.UserDisabled.Content,
-			app.storage.customEmails.UserDisabled.Variables,
+			message.Content,
+			message.Variables,
 			nil,
 			template,
 		)
@@ -705,10 +722,11 @@ func (emailer *Emailer) constructEnabled(reason string, app *appContext, noSub b
 	}
 	var err error
 	template := emailer.enabledValues(reason, app, noSub)
-	if app.storage.customEmails.UserEnabled.Enabled {
+	message := app.storage.MustGetCustomContentKey("UserEnabled")
+	if message.Enabled {
 		content := templateEmail(
-			app.storage.customEmails.UserEnabled.Content,
-			app.storage.customEmails.UserEnabled.Variables,
+			message.Content,
+			message.Variables,
 			nil,
 			template,
 		)
@@ -760,7 +778,8 @@ func (emailer *Emailer) constructWelcome(username string, expiry time.Time, app
 	}
 	var err error
 	var template map[string]interface{}
-	if app.storage.customEmails.WelcomeEmail.Enabled {
+	message := app.storage.MustGetCustomContentKey("WelcomeEmail")
+	if message.Enabled {
 		template = emailer.welcomeValues(username, expiry, app, noSub, true)
 	} else {
 		template = emailer.welcomeValues(username, expiry, app, noSub, false)
@@ -770,11 +789,11 @@ func (emailer *Emailer) constructWelcome(username string, expiry time.Time, app
 			"date": "{yourAccountWillExpire}",
 		})
 	}
-	if app.storage.customEmails.WelcomeEmail.Enabled {
+	if message.Enabled {
 		content := templateEmail(
-			app.storage.customEmails.WelcomeEmail.Content,
-			app.storage.customEmails.WelcomeEmail.Variables,
-			app.storage.customEmails.WelcomeEmail.Conditionals,
+			message.Content,
+			message.Variables,
+			message.Conditionals,
 			template,
 		)
 		email, err = emailer.constructTemplate(email.Subject, content, app)
@@ -805,10 +824,11 @@ func (emailer *Emailer) constructUserExpired(app *appContext, noSub bool) (*Mess
 	}
 	var err error
 	template := emailer.userExpiredValues(app, noSub)
-	if app.storage.customEmails.UserExpired.Enabled {
+	message := app.storage.MustGetCustomContentKey("UserExpired")
+	if message.Enabled {
 		content := templateEmail(
-			app.storage.customEmails.UserExpired.Content,
-			app.storage.customEmails.UserExpired.Variables,
+			message.Content,
+			message.Variables,
 			nil,
 			template,
 		)
@@ -827,49 +847,114 @@ func (emailer *Emailer) send(email *Message, address ...string) error {
 	return emailer.sender.Send(emailer.fromName, emailer.fromAddr, email, address...)
 }

-func (app *appContext) sendByID(email *Message, ID ...string) error {
+func (app *appContext) sendByID(email *Message, ID ...string) (err error) {
 	for _, id := range ID {
-		var err error
-		if tgChat, ok := app.storage.telegram[id]; ok && tgChat.Contact && telegramEnabled {
+		if tgChat, ok := app.storage.GetTelegramKey(id); ok && tgChat.Contact && telegramEnabled {
 			err = app.telegram.Send(email, tgChat.ChatID)
-			if err != nil {
-				return err
-			}
+			// if err != nil {
+			// 	return err
+			// }
 		}
-		if dcChat, ok := app.storage.discord[id]; ok && dcChat.Contact && discordEnabled {
+		if dcChat, ok := app.storage.GetDiscordKey(id); ok && dcChat.Contact && discordEnabled {
 			err = app.discord.Send(email, dcChat.ChannelID)
-			if err != nil {
-				return err
-			}
+			// if err != nil {
+			// 	return err
+			// }
 		}
-		if mxChat, ok := app.storage.matrix[id]; ok && mxChat.Contact && matrixEnabled {
+		if mxChat, ok := app.storage.GetMatrixKey(id); ok && mxChat.Contact && matrixEnabled {
 			err = app.matrix.Send(email, mxChat)
-			if err != nil {
-				return err
-			}
+			// if err != nil {
+			// 	return err
+			// }
 		}
-		if address, ok := app.storage.emails[id]; ok && address.Contact && emailEnabled {
+		if address, ok := app.storage.GetEmailsKey(id); ok && address.Contact && emailEnabled {
 			err = app.email.send(email, address.Addr)
-			if err != nil {
-				return err
-			}
-		}
-		if err != nil {
-			return err
+			// if err != nil {
+			// 	return err
+			// }
 		}
+		// if err != nil {
+		// 	return err
+		// }
 	}
-	return nil
+	return
 }

 func (app *appContext) getAddressOrName(jfID string) string {
-	if dcChat, ok := app.storage.discord[jfID]; ok && dcChat.Contact && discordEnabled {
+	if dcChat, ok := app.storage.GetDiscordKey(jfID); ok && dcChat.Contact && discordEnabled {
 		return RenderDiscordUsername(dcChat)
 	}
-	if tgChat, ok := app.storage.telegram[jfID]; ok && tgChat.Contact && telegramEnabled {
+	if tgChat, ok := app.storage.GetTelegramKey(jfID); ok && tgChat.Contact && telegramEnabled {
 		return "@" + tgChat.Username
 	}
-	if addr, ok := app.storage.emails[jfID]; ok {
+	if addr, ok := app.storage.GetEmailsKey(jfID); ok {
 		return addr.Addr
 	}
+	if mxChat, ok := app.storage.GetMatrixKey(jfID); ok && mxChat.Contact && matrixEnabled {
+		return mxChat.UserID
+	}
 	return ""
 }
+
+// ReverseUserSearch returns the jellyfin ID of the user with the given username, email, or contact method username.
+// returns "" if none found. returns only the first match, might be an issue if there are users with the same contact method usernames.
+func (app *appContext) ReverseUserSearch(address string) (user mediabrowser.User, ok bool) {
+	ok = false
+	user, status, err := app.jf.UserByName(address, false)
+	if status == 200 && err == nil {
+		ok = true
+		return
+	}
+	emailAddresses := []EmailAddress{}
+	err = app.storage.db.Find(&emailAddresses, badgerhold.Where("Addr").Eq(address))
+	if err == nil && len(emailAddresses) > 0 {
+		for _, emailUser := range emailAddresses {
+			user, status, err = app.jf.UserByID(emailUser.JellyfinID, false)
+			if status == 200 && err == nil {
+				ok = true
+				return
+			}
+		}
+	}
+	// Dont know how we'd use badgerhold when we need to render each username,
+	// Apart from storing the rendered name in the db.
+	for _, dcUser := range app.storage.GetDiscord() {
+		if RenderDiscordUsername(dcUser) == strings.ToLower(address) {
+			user, status, err = app.jf.UserByID(dcUser.JellyfinID, false)
+			if status == 200 && err == nil {
+				ok = true
+				return
+			}
+		}
+	}
+	tgUsername := strings.TrimPrefix(address, "@")
+	telegramUsers := []TelegramUser{}
+	err = app.storage.db.Find(&telegramUsers, badgerhold.Where("Username").Eq(tgUsername))
+	if err == nil && len(telegramUsers) > 0 {
+		for _, telegramUser := range telegramUsers {
+			user, status, err = app.jf.UserByID(telegramUser.JellyfinID, false)
+			if status == 200 && err == nil {
+				ok = true
+				return
+			}
+		}
+	}
+	matrixUsers := []MatrixUser{}
+	err = app.storage.db.Find(&matrixUsers, badgerhold.Where("UserID").Eq(address))
+	if err == nil && len(matrixUsers) > 0 {
+		for _, matrixUser := range matrixUsers {
+			user, status, err = app.jf.UserByID(matrixUser.JellyfinID, false)
+			if status == 200 && err == nil {
+				ok = true
+				return
+			}
+		}
+	}
+	return
+}
+
+// EmailAddressExists returns whether or not a user with the given email address exists.
+func (app *appContext) EmailAddressExists(address string) bool {
+	c, err := app.storage.db.Count(&EmailAddress{}, badgerhold.Where("Addr").Eq(address))
+	return err != nil || c > 0
+}
--- a/go.mod
+++ b/go.mod
@@ -14,6 +14,8 @@ replace github.com/hrfee/jfa-go/linecache => ./linecache

 replace github.com/hrfee/jfa-go/api => ./api

+replace github.com/hrfee/jfa-go/easyproxy => ./easyproxy
+
 require (
 	github.com/bwmarrin/discordgo v0.27.1
 	github.com/emersion/go-autostart v0.0.0-20210130080809-00ed301c8e9a
@@ -26,29 +28,35 @@ require (
 	github.com/go-telegram-bot-api/telegram-bot-api v4.6.4+incompatible
 	github.com/golang-jwt/jwt v3.2.2+incompatible
 	github.com/gomarkdown/markdown v0.0.0-20230322041520-c84983bdbf2a
-	github.com/hrfee/jfa-go/common v0.0.0-20230421170108-d800b97f69b6
-	github.com/hrfee/jfa-go/docs v0.0.0-20230421170108-d800b97f69b6
-	github.com/hrfee/jfa-go/linecache v0.0.0-20230421170108-d800b97f69b6
-	github.com/hrfee/jfa-go/logger v0.0.0-20230421170108-d800b97f69b6
-	github.com/hrfee/jfa-go/ombi v0.0.0-20230421170108-d800b97f69b6
-	github.com/hrfee/mediabrowser v0.3.8
+	github.com/hrfee/jfa-go/common v0.0.0-20230626224816-f72960635dc3
+	github.com/hrfee/jfa-go/docs v0.0.0-20230626224816-f72960635dc3
+	github.com/hrfee/jfa-go/linecache v0.0.0-20230626224816-f72960635dc3
+	github.com/hrfee/jfa-go/logger v0.0.0-20230626224816-f72960635dc3
+	github.com/hrfee/jfa-go/ombi v0.0.0-20230626224816-f72960635dc3
+	github.com/hrfee/mediabrowser v0.3.12
 	github.com/itchyny/timefmt-go v0.1.5
 	github.com/lithammer/shortuuid/v3 v3.0.7
-	github.com/mailgun/mailgun-go/v4 v4.9.0
+	github.com/mailgun/mailgun-go/v4 v4.9.1
 	github.com/robert-nix/ansihtml v1.0.1
 	github.com/steambap/captcha v1.4.1
 	github.com/swaggo/files v1.0.1
 	github.com/swaggo/gin-swagger v1.6.0
+	github.com/timshannon/badgerhold/v4 v4.0.2
 	github.com/writeas/go-strip-markdown v2.0.1+incompatible
-	github.com/xhit/go-simple-mail/v2 v2.13.0
+	github.com/xhit/go-simple-mail/v2 v2.16.0
 	gopkg.in/ini.v1 v1.67.0
-	maunium.net/go/mautrix v0.15.2
+	maunium.net/go/mautrix v0.15.3
 )

 require (
 	github.com/KyleBanks/depth v1.2.1 // indirect
-	github.com/bytedance/sonic v1.9.1 // indirect
+	github.com/bytedance/sonic v1.9.2 // indirect
+	github.com/cespare/xxhash v1.1.0 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
+	github.com/dgraph-io/badger/v3 v3.2103.5 // indirect
+	github.com/dgraph-io/ristretto v0.1.1 // indirect
+	github.com/dustin/go-humanize v1.0.1 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
 	github.com/getlantern/context v0.0.0-20220418194847-3d5e7a086201 // indirect
 	github.com/getlantern/errors v1.0.3 // indirect
@@ -69,14 +77,23 @@ require (
 	github.com/go-stack/stack v1.8.1 // indirect
 	github.com/go-test/deep v1.1.0 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 // indirect
+	github.com/golang/glog v1.1.1 // indirect
+	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/golang/snappy v0.0.4 // indirect
+	github.com/google/flatbuffers v23.5.26+incompatible // indirect
 	github.com/google/uuid v1.3.0 // indirect
 	github.com/gorilla/mux v1.8.0 // indirect
 	github.com/gorilla/websocket v1.5.0 // indirect
+	github.com/hrfee/jfa-go/easyproxy v0.0.0-00010101000000-000000000000 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/klauspost/compress v1.16.6 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.5 // indirect
 	github.com/leodido/go-urn v1.2.4 // indirect
+	github.com/magisterquis/connectproxy v0.0.0-20200725203833-3582e84f0c9b // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.19 // indirect
@@ -95,6 +112,7 @@ require (
 	github.com/toorop/go-dkim v0.0.0-20201103131630-e1cd1a0a5208 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.11 // indirect
+	go.opencensus.io v0.24.0 // indirect
 	go.opentelemetry.io/otel v1.16.0 // indirect
 	go.opentelemetry.io/otel/metric v1.16.0 // indirect
 	go.opentelemetry.io/otel/trace v1.16.0 // indirect
@@ -102,14 +120,14 @@ require (
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.24.0 // indirect
 	golang.org/x/arch v0.3.0 // indirect
-	golang.org/x/crypto v0.9.0 // indirect
-	golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 // indirect
-	golang.org/x/image v0.7.0 // indirect
-	golang.org/x/net v0.10.0 // indirect
-	golang.org/x/sys v0.8.0 // indirect
-	golang.org/x/text v0.9.0 // indirect
-	golang.org/x/tools v0.9.3 // indirect
-	google.golang.org/protobuf v1.30.0 // indirect
+	golang.org/x/crypto v0.13.0 // indirect
+	golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df // indirect
+	golang.org/x/image v0.8.0 // indirect
+	golang.org/x/net v0.15.0 // indirect
+	golang.org/x/sys v0.12.0 // indirect
+	golang.org/x/text v0.13.0 // indirect
+	golang.org/x/tools v0.10.0 // indirect
+	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	maunium.net/go/maulogger/v2 v2.4.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@@ -1,29 +1,60 @@
+cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/DATA-DOG/go-sqlmock v1.5.0 h1:Shsta01QNfFxHCfpW6YH2STWB0MudeXXEWMr20OEh60=
 github.com/KyleBanks/depth v1.2.1 h1:5h8fQADFrWtarTdtDudMmGsC7GPbOAu6RVB3ffsVFHc=
 github.com/KyleBanks/depth v1.2.1/go.mod h1:jzSb9d0L43HxTQfT+oSA1EEp2q+ne2uh6XgeJcm8brE=
+github.com/OneOfOne/xxhash v1.2.2 h1:KMrpdQIwFcEqXDklaen+P1axHaj9BSKzvpUUfnHldSE=
+github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
 github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
 github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
 github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
+github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
 github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
 github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
 github.com/bwmarrin/discordgo v0.27.1 h1:ib9AIc/dom1E/fSIulrBwnez0CToJE113ZGt4HoliGY=
 github.com/bwmarrin/discordgo v0.27.1/go.mod h1:NJZpH+1AfhIcyQsPeuBKsUtYrRnjkyu0kIVMCHkZtRY=
 github.com/bytedance/sonic v1.5.0/go.mod h1:ED5hyg4y6t3/9Ku1R6dU/4KyJ48DZ4jPhfY1O2AihPM=
-github.com/bytedance/sonic v1.9.1 h1:6iJ6NqdoxCDr6mbY8h18oSO+cShGSMRGCEo7F2h0x8s=
-github.com/bytedance/sonic v1.9.1/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U=
+github.com/bytedance/sonic v1.9.2 h1:GDaNjuWSGu09guE9Oql0MSTNhNCLlWwO8y/xM5BzcbM=
+github.com/bytedance/sonic v1.9.2/go.mod h1:i736AoUSYt75HyZLoJW9ERYxcy6eaN6h4BZXU064P/U=
+github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
+github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko=
+github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
+github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
+github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/chenzhuoyu/base64x v0.0.0-20211019084208-fb5309c8db06/go.mod h1:DH46F32mSOjUmXrMHnKwZdA8wcEefY7UVqBKYGjpdQY=
 github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 h1:qSGYFH7+jGhDF8vLC+iwCD4WpbV1EBDSzWkJODFLams=
 github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311/go.mod h1:b583jCggY9gE99b6G5LEC39OIiVsWj+R97kbl5odCEk=
+github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
+github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
+github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
+github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk=
+github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
 github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
+github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dgraph-io/badger/v3 v3.2103.1/go.mod h1:dULbq6ehJ5K0cGW/1TQ9iSfUk0gbSiToDWmWmTsJ53E=
+github.com/dgraph-io/badger/v3 v3.2103.5 h1:ylPa6qzbjYRQMU6jokoj4wzcaweHylt//CH0AKt0akg=
+github.com/dgraph-io/badger/v3 v3.2103.5/go.mod h1:4MPiseMeDQ3FNCYwRbbcBOGJLf5jsE0PPFzRiKjtcdw=
+github.com/dgraph-io/ristretto v0.1.0/go.mod h1:fux0lOrBhrVCJd3lcTHsIJhq1T2rokOu6v9Vcb3Q9ug=
+github.com/dgraph-io/ristretto v0.1.1 h1:6CWw5tJNgpegArSHpNHJKldNeq03FQCwYvfMVWajOK8=
+github.com/dgraph-io/ristretto v0.1.1/go.mod h1:S1GPSBCYCIhmVNfcth17y2zZtQT6wzkzgwUve0VDWWA=
+github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2 h1:tdlZCpZ/P9DhczCTSixgIKmwPv6+wP5DGjqLYw5SUiA=
+github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw=
+github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
+github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
+github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
 github.com/emersion/go-autostart v0.0.0-20210130080809-00ed301c8e9a h1:M88ob4TyDnEqNuL3PgsE/p3bDujfspnulR+0dQWNYZs=
 github.com/emersion/go-autostart v0.0.0-20210130080809-00ed301c8e9a/go.mod h1:buzQsO8HHkZX2Q45fdfGH1xejPjuDQaXH8btcYMFzPM=
+github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
+github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
+github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/facebookgo/ensure v0.0.0-20160127193407-b4ab57deab51 h1:0JZ+dUmQeA8IIVUMzysrX4/AKuQwWhV2dYQuPZdvdSQ=
 github.com/facebookgo/ensure v0.0.0-20160127193407-b4ab57deab51/go.mod h1:Yg+htXGokKKdzcwhuNDwVvN+uBxDGXJ7G/VN1d8fa64=
 github.com/facebookgo/stack v0.0.0-20160209184415-751773369052 h1:JWuenKqqX8nojtoVVWjGfOF9635RETekkoH6Cc9SX0A=
@@ -33,6 +64,7 @@ github.com/facebookgo/subset v0.0.0-20150612182917-8dac2c3c4870/go.mod h1:5tD+ne
 github.com/fatih/color v1.10.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM=
 github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
 github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
+github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
 github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=
 github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw=
 github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU=
@@ -131,20 +163,58 @@ github.com/goccy/go-json v0.9.7/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGF
 github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
 github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
 github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
+github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
+github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
 github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
 github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
 github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 h1:DACJavvAHhabrF08vX0COfcOBJRhZ8lUbR+ZWIs0Y5g=
 github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k=
+github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang/glog v0.0.0-20210429001901-424d2337a529/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
+github.com/golang/glog v1.1.1 h1:jxpi2eWoU84wbX9iIEyAeeoac3FLuifZpY9tcNUD9kw=
+github.com/golang/glog v1.1.1/go.mod h1:zR+okUeTbrL6EL3xHUDxZuEtGv04p5shwip1+mL/rLQ=
+github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
+github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
+github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw=
+github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
+github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
+github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
+github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
+github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
+github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
+github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
 github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
+github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
+github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
+github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/gomarkdown/markdown v0.0.0-20230322041520-c84983bdbf2a h1:AWZzzFrqyjYlRloN6edwTLTUbKxf5flLXNuTBDm3Ews=
 github.com/gomarkdown/markdown v0.0.0-20230322041520-c84983bdbf2a/go.mod h1:JDGcbDT52eL4fju3sZ4TeHGsQwhG9nbDV21aMyhwPoA=
+github.com/google/flatbuffers v1.12.0/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
+github.com/google/flatbuffers v1.12.1/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
+github.com/google/flatbuffers v2.0.0+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
+github.com/google/flatbuffers v23.5.26+incompatible h1:M9dgRyhJemaM4Sw8+66GHBu8ioaQmyPLg1b8VwK5WJg=
+github.com/google/flatbuffers v23.5.26+incompatible/go.mod h1:1AeVuKshWv4vARoZatz6mlQ0JxURH0Kv5+zNeJKJCa8=
+github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
+github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
 github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
@@ -153,8 +223,10 @@ github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB7
 github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
 github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
-github.com/hrfee/mediabrowser v0.3.8 h1:y0iBCb6jE3QKcsiCJSYva2fFPHRn4UA+sGRzoPuJ/Dk=
-github.com/hrfee/mediabrowser v0.3.8/go.mod h1:PnHZbdxmbv1wCVdAQyM7nwPwpVj9fdKx2EcET7sAk+U=
+github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
+github.com/hrfee/mediabrowser v0.3.12 h1:fqDxt1be3e+ZNjAtlKc8MTqg7peo6fuGCrk2wOXo20k=
+github.com/hrfee/mediabrowser v0.3.12/go.mod h1:PnHZbdxmbv1wCVdAQyM7nwPwpVj9fdKx2EcET7sAk+U=
+github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
 github.com/itchyny/timefmt-go v0.1.5 h1:G0INE2la8S6ru/ZI5JecgyzbbJNs5lG1RcBqa7Jm6GE=
 github.com/itchyny/timefmt-go v0.1.5/go.mod h1:nEP7L+2YmAbT2kZ2HfSs1d8Xtw9LY8D2stDBckWakZ8=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
@@ -165,6 +237,12 @@ github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/u
 github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
+github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
+github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/klauspost/compress v1.12.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
+github.com/klauspost/compress v1.13.1/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
+github.com/klauspost/compress v1.16.6 h1:91SKEy4K37vkp255cJ8QesJhjyRO0hn9i9G0GoUwLsk=
+github.com/klauspost/compress v1.16.6/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE=
 github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg=
 github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
@@ -185,8 +263,11 @@ github.com/lithammer/shortuuid/v3 v3.0.7 h1:trX0KTHy4Pbwo/6ia8fscyHoGA+mf1jWbPJV
 github.com/lithammer/shortuuid/v3 v3.0.7/go.mod h1:vMk8ke37EmiewwolSO1NLW8vP4ZaKlRuDIi8tWWmAts=
 github.com/lxn/walk v0.0.0-20210112085537-c389da54e794/go.mod h1:E23UucZGqpuUANJooIbHWCufXvOcT6E7Stq81gU+CSQ=
 github.com/lxn/win v0.0.0-20210218163916-a377121e959e/go.mod h1:KxxjdtRkfNoYDCUP5ryK7XJJNTnpC8atvtmTheChOtk=
-github.com/mailgun/mailgun-go/v4 v4.9.0 h1:wRbxvVQ5QObFewLxc1uVvipA16D8gxeiO+cBOca51Iw=
-github.com/mailgun/mailgun-go/v4 v4.9.0/go.mod h1:FJlF9rI5cQT+mrwujtJjPMbIVy3Ebor9bKTVsJ0QU40=
+github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
+github.com/magisterquis/connectproxy v0.0.0-20200725203833-3582e84f0c9b h1:xZ59n7Frzh8CwyfAapUZLSg+gXH5m63YEaFCMpDHhpI=
+github.com/magisterquis/connectproxy v0.0.0-20200725203833-3582e84f0c9b/go.mod h1:uDd4sYVYsqcxAB8j+Q7uhL6IJCs/r1kxib1HV4bgOMg=
+github.com/mailgun/mailgun-go/v4 v4.9.1 h1:D/jhJXYod4RqRsNOOSrjrtAcMEnz8mPYJmeA5cueHKY=
+github.com/mailgun/mailgun-go/v4 v4.9.1/go.mod h1:FJlF9rI5cQT+mrwujtJjPMbIVy3Ebor9bKTVsJ0QU40=
 github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
@@ -205,7 +286,9 @@ github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27k
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
 github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
-github.com/mattn/go-sqlite3 v1.14.16 h1:yOQRA0RpS5PFz/oikGwBEqvAWhWg5ufRz4ETLjwpU1Y=
+github.com/mattn/go-sqlite3 v1.14.17 h1:mCRHCLDUBXgpKAqIKsaAaAsrAlbkeomtRFKXh2L6YIM=
+github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
+github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -216,6 +299,7 @@ github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjY
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
 github.com/oxtoacart/bpool v0.0.0-20190530202638-03653db5a59c h1:rp5dCmg/yLR3mgFuSOe4oEnDDmGLROTvMragMUXpTQw=
 github.com/oxtoacart/bpool v0.0.0-20190530202638-03653db5a59c/go.mod h1:X07ZCGwUbLaax7L0S3Tw4hpejzu63ZrrQiUe6W0hcy0=
+github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
 github.com/pelletier/go-toml/v2 v2.0.1/go.mod h1:r9LEWfGN8R5k0VXJ+0BkIe7MYkRdwZOjgMj2KwnJFUo=
 github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ=
 github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4=
@@ -225,6 +309,7 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/robert-nix/ansihtml v1.0.1 h1:VTiyQ6/+AxSJoSSLsMecnkh8i0ZqOEdiRl/odOc64fc=
 github.com/robert-nix/ansihtml v1.0.1/go.mod h1:CJwclxYaTPc2RfcxtanEACsYuTksh4yDXcNeHHKZINE=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
@@ -233,10 +318,20 @@ github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6po
 github.com/rs/xid v1.4.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
 github.com/rs/zerolog v1.29.1 h1:cO+d60CHkknCbvzEWxP0S9K6KqyTjrCNUy1LdQLCGPc=
 github.com/rs/zerolog v1.29.1/go.mod h1:Le6ESbR7hc+DP6Lt1THiV8CQSdkkNrd3R0XbEgp3ZBU=
+github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
 github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
 github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966/go.mod h1:sUM3LWHvSMaG192sy56D9F7CNvL7jUJVXoqM1QKLnog=
+github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
+github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI=
+github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
+github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
+github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
+github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU=
+github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
+github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
+github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
 github.com/steambap/captcha v1.4.1 h1:OmMdxLCWCqJvsFaFYwRpvMckIuvI6s8s1LsBrBw97P0=
 github.com/steambap/captcha v1.4.1/go.mod h1:oC9T7IfEgnrhzjDz5Djf1H7GPffCzRMbsQfFkJmhlnk=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
@@ -252,8 +347,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
 github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/swaggo/files v0.0.0-20190704085106-630677cd5c14/go.mod h1:gxQT6pBGRuIGunNf/+tSOB5OHvguWi8Tbt82WOkf35E=
 github.com/swaggo/files v1.0.1 h1:J1bVJ4XHZNq0I46UU90611i9/YzdrF7x92oX1ig5IdE=
 github.com/swaggo/files v1.0.1/go.mod h1:0qXmMNH6sXNf+73t65aKeB+ApmgxdnkQzVTAj2uaMUg=
@@ -276,6 +371,10 @@ github.com/tidwall/pretty v1.2.1 h1:qjsOFOWWQl+N3RsoF5/ssm1pHmJJwhjlSbZ51I6wMl4=
 github.com/tidwall/pretty v1.2.1/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
 github.com/tidwall/sjson v1.2.5 h1:kLy8mja+1c9jlljvWTlSazM7cKDRfJuR/bOJhcY5NcY=
 github.com/tidwall/sjson v1.2.5/go.mod h1:Fvgq9kS/6ociJEDnK0Fk1cpYF4FIW6ZF7LAe+6jwd28=
+github.com/timshannon/badgerhold/v3 v3.0.0-20210909134927-2b6764d68c1e h1:zWSVsQaifg0cVH9VvR+cMguV7exK6U+SoW8YD1cZpR4=
+github.com/timshannon/badgerhold/v3 v3.0.0-20210909134927-2b6764d68c1e/go.mod h1:/Seq5xGNo8jLhSbDX3jdbeZrp4yFIpQ6/7n4TjziEWs=
+github.com/timshannon/badgerhold/v4 v4.0.2 h1:83OLY/NFnEaMnHEPd84bYtkLipVkjTsMbzQRYbk47g4=
+github.com/timshannon/badgerhold/v4 v4.0.2/go.mod h1:rh6RyXLQFsvrvcKondPQQFZnNovpRzu+gS0FlLxYuHY=
 github.com/toorop/go-dkim v0.0.0-20201103131630-e1cd1a0a5208 h1:PM5hJF7HVfNWmCjMdEfbuOBNXSVF2cMFGgQTPdKCbwM=
 github.com/toorop/go-dkim v0.0.0-20201103131630-e1cd1a0a5208/go.mod h1:BzWtXXrXzZUvMacR0oF/fbDDgUPO8L36tDMmRAf14ns=
 github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
@@ -285,6 +384,7 @@ github.com/ugorji/go v1.1.5-pre/go.mod h1:FwP/aQVg39TXzItUBMwnWp9T9gPQnXw4Poh4/o
 github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw=
 github.com/ugorji/go v1.2.7/go.mod h1:nF9osbDWLy6bDVv/Rtoh6QgnvNDpmCalQV5urGCCS6M=
 github.com/ugorji/go/codec v0.0.0-20181022190402-e5e69e061d4f/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
+github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
 github.com/ugorji/go/codec v1.1.5-pre/go.mod h1:tULtS6Gy1AE1yCENaw4Vb//HLH5njI2tfCQDUqRd8fI=
 github.com/ugorji/go/codec v1.1.7/go.mod h1:Ax+UKWsSmolVDwsd+7N3ZtXu+yMGCf907BLYF3GoBXY=
 github.com/ugorji/go/codec v1.2.7/go.mod h1:WGN1fab3R1fzQlVQTkfxVtIBhWDRqOviHU95kRgeqEY=
@@ -296,8 +396,17 @@ github.com/writeas/go-strip-markdown v2.0.1+incompatible h1:IIqxTM5Jr7RzhigcL6Fk
 github.com/writeas/go-strip-markdown v2.0.1+incompatible/go.mod h1:Rsyu10ZhbEK9pXdk8V6MVnZmTzRG0alMNLMwa0J01fE=
 github.com/xhit/go-simple-mail/v2 v2.13.0 h1:OANWU9jHZrVfBkNkvLf8Ww0fexwpQVF/v/5f96fFTLI=
 github.com/xhit/go-simple-mail/v2 v2.13.0/go.mod h1:b7P5ygho6SYE+VIqpxA6QkYfv4teeyG4MKqB3utRu98=
+github.com/xhit/go-simple-mail/v2 v2.16.0 h1:ouGy/Ww4kuaqu2E2UrDw7SvLaziWTB60ICLkIkNVccA=
+github.com/xhit/go-simple-mail/v2 v2.16.0/go.mod h1:b7P5ygho6SYE+VIqpxA6QkYfv4teeyG4MKqB3utRu98=
+github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
+github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
+go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk=
+go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E=
+go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
+go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
 go.opentelemetry.io/otel v1.9.0/go.mod h1:np4EoPGzoPs3O67xUVNoPPcmSvsfOxNlNA4F4AC+0Eo=
 go.opentelemetry.io/otel v1.16.0 h1:Z7GVAX/UkAXPKsy94IU+i6thsQS4nb7LviLpnaNeW8s=
 go.opentelemetry.io/otel v1.16.0/go.mod h1:vl0h9NUa1D5s1nv3A5vZOYWn8av4K8Ml6JDeHrT/bx4=
@@ -320,26 +429,39 @@ go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg=
 golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/arch v0.3.0 h1:02VY4/ZcO/gBOH6PUaoiptASxtXU10jazRCP865E97k=
 golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
+golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
 golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g=
-golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0=
-golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc=
-golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w=
+golang.org/x/crypto v0.10.0 h1:LKqV2xt9+kDzSTfOhx4FrkEBcMrAgHSYgzywV9zcGmM=
+golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I=
+golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck=
+golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
+golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
+golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df h1:UA2aFVmmsIlefxMk29Dp2juaUSth8Pyn3Tq5Y5mJGME=
+golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc=
 golang.org/x/image v0.0.0-20210628002857-a66eb6448b8d/go.mod h1:023OzeP/+EPmXeapQh35lcL3II3LrY8Ic+EFFKVhULM=
-golang.org/x/image v0.7.0 h1:gzS29xtG1J5ybQlv0PuyfE3nmc6R4qB73m6LUUmvFuw=
-golang.org/x/image v0.7.0/go.mod h1:nd/q4ef1AKKYl/4kft7g+6UyGbdiqWqTP1ZAbRoV7Rg=
+golang.org/x/image v0.8.0 h1:agUcRXV/+w6L9ryntYYsF2x9fQTMd4T8fiiYXAVW6Jg=
+golang.org/x/image v0.8.0/go.mod h1:PwLxp3opCYg4WR2WO9P0L6ESnsD6bLTWcw8zanLMVFM=
+golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
+golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
+golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk=
+golang.org/x/mod v0.11.0 h1:bUO06HqtnRcc/7l71XBe4WcqTZ+3AH1J59zWDDwLKgU=
+golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181005035420-146acd28ed58/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
@@ -347,29 +469,47 @@ golang.org/x/net v0.0.0-20190611141213-3f473d35a33a/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
+golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
-golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
-golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
+golang.org/x/net v0.11.0 h1:Gi2tvZIJyBtO9SDr1q9h5hEQCp/4L2RQ+ar0qjx2oNU=
+golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ=
+golang.org/x/net v0.15.0 h1:ugBLEUaxABaB5AJqW9enI0ACdci2RUd4eP51NTBvuJ8=
+golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
+golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
+golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20181228144115-9a3f9b0469bb/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190610200419-93c9922d18ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201018230417-eeed37f84f13/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
@@ -379,11 +519,14 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20221010170243-090e33056c14/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU=
-golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s=
+golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
+golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
@@ -393,30 +536,61 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE=
-golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
+golang.org/x/text v0.10.0 h1:UpjohKhiEgNc0CSauXmwYftY1+LlaC75SJwh0SgCX58=
+golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
+golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
 golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/tools v0.0.0-20190606050223-4d9ae51c2468/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
 golang.org/x/tools v0.0.0-20190611222205-d73e1c7e250b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
 golang.org/x/tools v0.0.0-20190614205625-5aca471b1d59/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
+golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
-golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM=
-golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc=
+golang.org/x/tools v0.10.0 h1:tvDr/iQoUqNdohiYm0LmmKcBk+q86lb9EprIUFhHHGg=
+golang.org/x/tools v0.10.0/go.mod h1:UJwyiVBsOA2uwvK/e5OY3GTpDUJriEd+/YlqAwLPmyM=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
+google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
+google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
+google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
+google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
+google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
+google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
+google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
+google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
+google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
+google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
+google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
+google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
+google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
+google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
+google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
+google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
+google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
+google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
-google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng=
-google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
+google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 gopkg.in/Knetic/govaluate.v3 v3.0.0/go.mod h1:csKLBORsPbafmSCGTEh3U7Ozmsuq8ZSIlKk1bcqph0E=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
@@ -435,8 +609,10 @@ gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C
 gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
+honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 maunium.net/go/maulogger/v2 v2.4.1 h1:N7zSdd0mZkB2m2JtFUsiGTQQAdP0YeFWT7YMc80yAL8=
 maunium.net/go/maulogger/v2 v2.4.1/go.mod h1:omPuYwYBILeVQobz8uO3XC8DIRuEb5rXYlQSuqrbCho=
-maunium.net/go/mautrix v0.15.2 h1:fUiVajeoOR92uJoSShHbCvh7uG6lDY4ZO4Mvt90LbjU=
-maunium.net/go/mautrix v0.15.2/go.mod h1:h4NwfKqE4YxGTLSgn/gawKzXAb2sF4qx8agL6QEFtGg=
+maunium.net/go/mautrix v0.15.3 h1:C9BHSUM0gYbuZmAtopuLjIcH5XHLb/ZjTEz7nN+0jN0=
+maunium.net/go/mautrix v0.15.3/go.mod h1:zLrQqdxJlLkurRCozTc9CL6FySkgZlO/kpCYxBILSLE=
 rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
--- a/html/account-linking.html
+++ b/html/account-linking.html
@@ -0,0 +1,52 @@
+{{ if .discordEnabled }}
+<div id="modal-discord" class="modal">
+    <div class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3">
+        <span class="heading mb-4">{{ .strings.linkDiscord }}</span>
+        <p class="content mb-4"> {{ .discordSendPINMessage }}</p>
+        <h1 class="text-center text-2xl mb-2 pin"></h1>
+        <div class="row center">
+            <a class="my-5 hover:underline">
+                <span class="mr-2">{{ .strings.joinTheServer }}</span>
+                <span id="discord-invite"></span>
+            </a>
+        </div>
+        <span class="button ~info @low full-width center mt-4" id="discord-waiting">{{ .strings.success }}</span>
+    </div>
+</div>
+{{ end }}
+{{ if .telegramEnabled }}
+<div id="modal-telegram" class="modal">
+    <div class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3">
+        <span class="heading mb-4">{{ .strings.linkTelegram }}</span>
+        <p class="content mb-4">{{ .strings.sendPIN }}</p>
+        <p class="text-center text-2xl mb-2 pin"></p>
+        <a class="subheading link-center" href="{{ .telegramURL }}" target="_blank">
+            <span class="shield ~info mr-4">
+                <span class="icon">
+                    <i class="ri-telegram-line"></i>
+                </span>
+            </span>
+            &#64;{{ .telegramUsername }}
+        </a>
+        <span class="button ~info @low full-width center mt-4" id="telegram-waiting">{{ .strings.success }}</span>
+    </div>
+</div>
+{{ end }}
+{{ if .matrixEnabled }}
+<div id="modal-matrix" class="modal">
+    <div class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3">
+        <span class="heading mb-4">{{ .strings.linkMatrix }}</span>
+        <p class="content mb-4"> {{ .strings.matrixEnterUser }}</p>
+        <input type="text" class="input ~neutral @high" placeholder="@user:riot.im" id="matrix-userid">
+        <div class="subheading link-center mt-4">
+            <span class="shield ~info mr-4">
+                <span class="icon">
+                    <i class="ri-chat-3-line"></i>
+                </span>
+            </span>
+            {{ .matrixUser }}
+        </div>
+        <span class="button ~info @low full-width center mt-4" id="matrix-send">{{ .strings.submit }}</span>
+    </div>
+</div>
+{{ end }}
--- a/html/admin.html
+++ b/html/admin.html
@@ -17,28 +17,25 @@
            window.jellyfinLogin = {{ .jellyfinLogin }};
            window.jfAdminOnly = {{ .jfAdminOnly }};
            window.jfAllowAll = {{ .jfAllowAll }};
+            window.referralsEnabled = {{ .referralsEnabled }};
+            window.loginAppearance = "{{ .loginAppearance }}";
        </script>
        <title>Admin - jfa-go</title>
        {{ template "header.html" . }}
    </head>
    <body class="max-w-full overflow-x-hidden section">
-        <div id="modal-login" class="modal">
-            <form class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3" id="form-login" href="">
-                <span class="heading">{{ .strings.login }}</span>
-                <input type="text" class="field input ~neutral @high mt-4 mb-2" placeholder="{{ .strings.username }}" id="login-user">
-                <input type="password" class="field input ~neutral @high mb-4" placeholder="{{ .strings.password }}" id="login-password">
-                <label>
-                    <input type="submit" class="unfocused">
-                    <span class="button ~urge @low full-width center supra submit">{{ .strings.login }}</span>
-                </label>
-            </form>
-        </div>
+        {{ template "login-modal.html" . }}
        <div id="modal-add-user" class="modal">
            <form class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3" id="form-add-user" href="">
                <span class="heading">{{ .strings.newUser }} <span class="modal-close">&times;</span></span>
                <input type="text" class="field input ~neutral @high mt-4 mb-2" placeholder="{{ .strings.username }}" id="add-user-user">
                <input type="email" class="field input ~neutral @high mt-4 mb-2" placeholder="{{ .strings.emailAddress }}">
                <input type="password" class="field input ~neutral @high mb-4" placeholder="{{ .strings.password }}" id="add-user-password">
+                <label class="label supra">{{ .strings.profile }}</label>
+                <div class="select ~neutral @low mb-2 mt-4">
+                    <select id="add-user-profile">
+                    </select>
+                </div>
                <label>
                    <input type="submit" class="unfocused">
                    <span class="button ~urge @low full-width center supra submit">{{ .strings.create }}</span>
@@ -51,6 +48,8 @@
                <span class="heading"><span class="modal-close">&times;</span></span>
                <p>{{ .strings.version }} <span class="text-black dark:text-white font-mono bg-inherit">{{ .version }}</span></p>
                <p>{{ .strings.commitNoun }} <span class="text-black dark:text-white font-mono bg-inherit">{{ .commit }}</span></p>
+                <p>{{ .strings.buildTime }} <span class="text-black dark:text-white font-mono bg-inherit">{{ .buildTime }}</span></p>
+                <p>{{ .strings.builtBy }} <span class="text-black dark:text-white font-mono bg-inherit">{{ .builtBy }}</span></p>
                <div class="row col flex">
                    <a class="button ~neutral mr-2 mt-4 mb-4 lang-link" href="https://github.com/hrfee/jfa-go"><i class="ri-github-line mr-2"></i>github</a>
                    <a class="button ~urge mt-4 mb-4 mr-2 lang-link" href="https://wiki.jfa-go.com">wiki/docs</a>
@@ -70,7 +69,7 @@
                    </div>
                    <a class="button ~urge mt-4 mb-4 @low discord lang-link" href="https://discord.com/invite/MrtvuQmyhP" target="_blank"><i class="ri-discord-line mr-2"></i>discord</a>
                </div>
-                <p><a href="https://github.com/hrfee/jfa-go/blob/main/LICENSE">Available under the MIT License.</a></p>
+                <p><a href="https://github.com/hrfee/jfa-go/blob/main/LICENSE">Available under the MIT License. Font "Hanken Grotesk" available under SIL OFL 1.1 License.</a></p>
                <pre class="font-mono bg-inherit">{{ .license }}</pre>
            </div>
        </div>
@@ -84,7 +83,7 @@
            <form class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3" id="form-modify-user" href="">
                <span class="heading"><span id="header-modify-user"></span> <span class="modal-close">&times;</span></span>
                <p class="content my-4">{{ .strings.modifySettingsDescription }}</p>
-                <div class="flex-row mb-4">
+                <div class="flex flex-row mb-4">
                    <label class="flex-row-group mr-2">
                        <input type="radio" name="modify-user-source" class="unfocused" id="radio-use-profile" checked>
                        <span class="button ~neutral @high supra full-width center">{{ .strings.profile }}</span>
@@ -110,6 +109,48 @@
                </label>
            </form>
        </div>
+        {{ if .referralsEnabled }}
+        <div id="modal-enable-referrals-user" class="modal">
+            <form class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3" id="form-enable-referrals-user" href="">
+                <span class="heading"><span id="header-enable-referrals-user"></span> <span class="modal-close">&times;</span></span>
+                <p class="content my-4">{{ .strings.enableReferralsDescription }}</p>
+                <div class="flex flex-row mb-4">
+                    <label class="flex-row-group mr-2">
+                        <input type="radio" name="enable-referrals-user-source" class="unfocused" id="radio-referrals-use-profile" checked>
+                        <span class="button ~neutral @high supra full-width center">{{ .strings.profile }}</span>
+                    </label>
+                    <label class="flex-row-group ml-2">
+                        <input type="radio" name="enable-referrals-user-source" class="unfocused" id="radio-referrals-use-invite">
+                        <span class="button ~neutral @low supra full-width center">{{ .strings.invite }}</span>
+                    </label>
+                </div>
+                <div class="select ~neutral @low mb-4">
+                    <select id="enable-referrals-user-profiles"></select>
+                </div>
+                <div class="select ~neutral @low mb-4 unfocused">
+                    <select id="enable-referrals-user-invites"></select>
+                </div>
+                <label>
+                    <input type="submit" class="unfocused">
+                    <span class="button ~urge @low full-width center supra submit">{{ .strings.apply }}</span>
+                </label>
+            </form>
+        </div>
+        <div id="modal-enable-referrals-profile" class="modal">
+            <form class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3" id="form-enable-referrals-profile" href="">
+                <span class="heading"><span id="header-enable-referrals-profile">{{ .strings.enableReferrals }}</span> <span class="modal-close">&times;</span></span>
+                <p class="content my-4">{{ .strings.enableReferralsProfileDescription }}</p>
+                <label class="supra" for="enable-referrals-profile-invites">{{ .strings.invite }}</label>
+                <div class="select ~neutral @low mb-4 mt-2">
+                    <select id="enable-referrals-profile-invites"></select>
+                </div>
+                <label>
+                    <input type="submit" class="unfocused">
+                    <span class="button ~urge @low full-width center supra submit">{{ .strings.apply }}</span>
+                </label>
+            </form>
+        </div>
+        {{ end }}
        <div id="modal-delete-user" class="modal">
            <form class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3" id="form-delete-user" href="">
                <span class="heading"><span id="header-delete-user"></span> <span class="modal-close">&times;</span></span>
@@ -306,6 +347,9 @@
                                {{ if .ombiEnabled }}
                                <th>Ombi</th>
                                {{ end }}
+                                {{ if .referralsEnabled }}
+                                <th>{{ .strings.referrals }}</th>
+                                {{ end }}
                                <th>{{ .strings.from }}</th>
                                <th>{{ .strings.userProfilesLibraries }}</th>
                                <th><span class="button ~neutral @high" id="button-profile-create">{{ .strings.create }}</span></th>
@@ -399,7 +443,7 @@
        </div>
        <div id="notification-box"></div>
        <div class="top-4 left-4 absolute">
-            <span class="dropdown" tabindex="0" id="lang-dropdown">
+            <span class="dropdown z-[11]" tabindex="0" id="lang-dropdown">
                <span class="button ~urge dropdown-button">
                    <i class="ri-global-line"></i>
                    <span class="ml-2 chev"></span>
@@ -420,6 +464,11 @@
            </span>
            <span class="button ~warning" alt="{{ .strings.theme }}" id="button-theme"><i class="ri-sun-line"></i></span>
        </div>
+        {{ if .userPageEnabled }}
+            <div class="top-4 right-4 absolute">
+                <a class="button ~info" href="{{ .urlBase }}/my/account"><i class="ri-account-circle-fill mr-2"></i>{{ .strings.myAccount }}</a>
+            </div>
+        {{ end }}
        <div class="page-container">
            <div class="mb-4">
                <header class="flex flex-wrap items-center justify-between">
@@ -541,6 +590,11 @@
                                <label class="label supra" for="create-label"> {{ .strings.label }}</label>
                                <input type="text" id="create-label" class="input ~neutral @low mb-2 mt-4">
                            </div>
+                            <div class="col">
+                                <label class="label supra" for="create-user-label"> {{ .strings.userLabel }}</label>
+                                <p class="support">{{ .strings.userLabelDescription }}</p>
+                                <input type="text" id="create-user-label" class="input ~neutral @low mb-2 mt-4">
+                            </div>
                        </div>
                        <div class="card ~neutral @low col">
                            <label class="label supra" for="create-uses">{{ .strings.inviteNumberOfUses }}</label>
@@ -591,11 +645,11 @@
                            </div>
                        </div>
                        <input type="search" class="field ~neutral @low input search ml-2 mr-2" id="accounts-search" placeholder="{{ .strings.search }}">
-                        <span class="button ~neutral @low center -ml-8" id="accounts-search-clear" aria-label="{{ .strings.clearSearch }}" text="{{ .strings.clearSearch }}"><i class="ri-close-line"></i></span>
+                        <span class="button ~neutral @low center ml-[-2.64rem] rounded-s-none accounts-search-clear" aria-label="{{ .strings.clearSearch }}" text="{{ .strings.clearSearch }}"><i class="ri-close-line"></i></span>
                    </div>
                    <div class="supra py-1 sm hidden" id="accounts-search-options-header">{{ .strings.searchOptions }}</div>
-                    <div class="row -mx-2">
-                        <button type="button" class="button ~neutral @low center m-2 hidden"><span id="accounts-sort-by-field"></span> <i class="ri-close-line ml-2 text-2xl"></i></button>
+                    <div class="row -mx-2 mb-2">
+                        <button type="button" class="button ~neutral @low center mx-2 hidden"><span id="accounts-sort-by-field"></span> <i class="ri-close-line ml-2 text-2xl"></i></button>
                        <span id="accounts-filter-area"></span>
                    </div>
                    <div class="supra py-1 sm">{{ .strings.actions }}</div>
@@ -611,6 +665,9 @@
                            </div>
                        </div>
                        <span class="col button ~urge @low center max-w-[20%]" id="accounts-modify-user">{{ .strings.modifySettings }}</span>
+                        {{ if .referralsEnabled }}
+                            <span class="col button ~urge @low center max-w-[20%]" id="accounts-enable-referrals">{{ .strings.enableReferrals }}</span>
+                        {{ end }}
                        <span class="col button ~warning @low center max-w-[20%]" id="accounts-extend-expiry">{{ .strings.extendExpiry }}</span>
                        <div id="accounts-disable-enable-dropdown" class="col dropdown manual pb-0i max-w-[20%]" tabindex="0">
                            <span class="w-100 button ~positive @low center" id="accounts-disable-enable">{{ .strings.disable }}</span>
@@ -642,12 +699,23 @@
                                    {{ if .discordEnabled }}
                                    <th class="text-center-i grid gap-4 place-items-stretch accounts-header-discord">Discord</th>
                                    {{ end }}
+                                    {{ if .referralsEnabled }}
+                                    <th class="text-center-i grid gap-4 place-items-stretch accounts-header-referrals">{{ .strings.referrals }}</th>
+                                    {{ end }}
                                    <th class="grid gap-4 place-items-stretch accounts-header-expiry">{{ .strings.expiry }}</th>
                                    <th class="grid gap-4 place-items-stretch accounts-header-last-active">{{ .strings.lastActiveTime }}</th>
                                </tr>
                            </thead>
                            <tbody id="accounts-list"></tbody>
                        </table>
+                        <div class="unfocused h-[100%] my-3" id="accounts-not-found">
+                            <div class="flex flex-col h-[100%] justify-center items-center">
+                                <span class="text-2xl font-medium italic mb-3">{{ .strings.noResultsFound }}</span>
+                                <button class="button ~neutral @low accounts-search-clear">
+                                    <span class="mr-2">{{ .strings.clearSearch }}</span><i class="ri-close-line"></i>
+                                </button>
+                            </div>
+                        </div>
                    </div>
                </div>
            </div>
@@ -669,11 +737,25 @@
                    </div>
                    <div class="flex flex-col md:flex-row gap-3">
                        <div class="card @low dark:~d_neutral col" id="settings-sidebar">
+                            <div class="flex-expand">
+                                <input type="search" class="field ~neutral @low input settings-section-button justify-between mb-2" id="settings-search" placeholder="{{ .strings.search }}">
+                                <button class="button ~neutral @low center -ml-10 rounded-s-none mb-2 settings-search-clear" aria-label="{{ .strings.clearSearch }}" text="{{ .strings.clearSearch }}"><i class="ri-close-line"></i></button>
+                            </div>
                            <aside class="aside sm ~urge dark:~d_info mb-2 @low" id="settings-message">Note: <span class="badge ~critical">*</span> indicates a required field, <span class="badge ~info dark:~d_warning">R</span> indicates changes require a restart.</aside> 
                            <span class="button ~neutral @low settings-section-button justify-between mb-2" id="setting-about"><span class="flex">{{ .strings.aboutProgram }} <i class="ri-information-line ml-2"></i></span></span>
                            <span class="button ~neutral @low settings-section-button justify-between mb-2" id="setting-profiles"><span class="flex">{{ .strings.userProfiles }} <i class="ri-user-line ml-2"></i></span></span>
                        </div>
-                        <div class="card ~neutral @low col overflow" id="settings-panel"></div>
+                        <div class="card ~neutral @low col overflow" id="settings-panel">
+                            <div class="settings-section unfocused h-[100%]" id="settings-not-found">
+                                <div class="flex flex-col h-[100%] justify-center items-center">
+                                    <span class="text-2xl font-medium italic mb-2">{{ .strings.noResultsFound }}</span>
+                                    <span class="mb-2 px-12 text-center">{{ .strings.settingsMaybeUnderAdvanced }}</span>
+                                    <button class="button ~neutral @low settings-search-clear">
+                                        <span class="mr-2">{{ .strings.clearSearch }}</span><i class="ri-close-line"></i>
+                                    </button>
+                                </div>
+                            </div>
+                        </div>
                    </div>
                </div>
            </div>
--- a/html/create-success.html
+++ b/html/create-success.html
@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html lang="en" class="{{ .cssClass }}">
    <head>
-        <link rel="stylesheet" type="text/css" href="css/{{ .cssVersion }}bundle.css">
+        <link rel="stylesheet" type="text/css" href="{{ .urlBase }}/css/{{ .cssVersion }}bundle.css">
        {{ template "header.html" . }}
        <title>{{ .strings.successHeader }} - jfa-go</title>
    </head>
--- a/html/form-base.html
+++ b/html/form-base.html
@@ -27,10 +27,26 @@
    window.matrixRequired = {{ .matrixRequired }};
    window.matrixUserID = "{{ .matrixUser }}";
    window.captcha = {{ .captcha }};
+    window.reCAPTCHA = {{ .reCAPTCHA }};
+    window.reCAPTCHASiteKey = "{{ .reCAPTCHASiteKey }}";
+    window.userPageEnabled = {{ .userPageEnabled }};
+    window.userPageAddress = "{{ .userPageAddress }}";
 </script>
 {{ if .passwordReset }}
 <script src="js/pwr.js" type="module"></script>
 {{ else }}
 <script src="js/form.js" type="module"></script>
+{{ if .reCAPTCHA }}
+<script>
+    var reCAPTCHACallback = () => {
+        const el = document.getElementsByClassName("g-recaptcha")[0];
+        grecaptcha.render(el, {
+            "sitekey": window.reCAPTCHASiteKey,
+            "theme": document.documentElement.classList.contains("dark") ? "dark" : "light"
+        });
+    }
+</script>
+<script src="https://www.google.com/recaptcha/api.js?onload=reCAPTCHACallback&render=explicit" async defer></script>
+{{ end }}
 {{ end }}
 {{ end }}
--- a/html/form.html
+++ b/html/form.html
@@ -17,6 +17,7 @@
            <div class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3">
                <span class="heading mb-4">{{ if .passwordReset }}{{ .strings.passwordReset }}{{ else }}{{ .strings.successHeader }}{{ end }}</span>
                <p class="content mb-4">{{ if .passwordReset }}{{ .strings.youCanLoginPassword }}{{ else }}{{ .successMessage }}{{ end }}</p>
+                {{ if .userPageEnabled }}<p class="content mb-4" id="modal-success-user-page-area" my-account-term="{{ .strings.myAccount }}">{{ .strings.userPageSuccessMessage }}</p>{{ end }}
                <a class="button ~urge @low full-width center supra submit" href="{{ .jfLink }}" id="create-success-button">{{ .strings.continue }}</a>
            </div>
        </div>
@@ -26,53 +27,7 @@
                <p class="content mb-4">{{ .strings.confirmationRequiredMessage }}</p>
            </div>
        </div>
-        {{ if .telegramEnabled }}
-        <div id="modal-telegram" class="modal">
-            <div class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3">
-                <span class="heading mb-4">{{ .strings.linkTelegram }}</span>
-                <p class="content mb-4">{{ .strings.sendPIN }}</p>
-                <p class="text-center text-2xl mb-2">{{ .telegramPIN }}</p>
-                <a class="subheading link-center" href="{{ .telegramURL }}" target="_blank">
-                    <span class="shield ~info mr-4">
-                        <span class="icon">
-                            <i class="ri-telegram-line"></i>
-                        </span>
-                    </span>
-                    &#64;{{ .telegramUsername }}
-                </a>
-                <span class="button ~info @low full-width center mt-4" id="telegram-waiting">{{ .strings.success }}</span>
-            </div>
-        </div>
-        {{ end }}
-        {{ if .discordEnabled }}
-        <div id="modal-discord" class="modal">
-            <div class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3">
-                <span class="heading mb-4">{{ .strings.linkDiscord }}</span>
-                <p class="content mb-4"> {{ .discordSendPINMessage }}</p>
-                <h1 class="text-center text-2xl mb-2">{{ .discordPIN }}</h1>
-                <a id="discord-invite"></a>
-                <span class="button ~info @low full-width center mt-4" id="discord-waiting">{{ .strings.success }}</span>
-            </div>
-        </div>
-        {{ end }}
-        {{ if .matrixEnabled }}
-        <div id="modal-matrix" class="modal">
-            <div class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3">
-                <span class="heading mb-4">{{ .strings.linkMatrix }}</span>
-                <p class="content mb-4"> {{ .strings.matrixEnterUser }}</p>
-                <input type="text" class="input ~neutral @high" placeholder="@user:riot.im" id="matrix-userid">
-                <div class="subheading link-center mt-4">
-                    <span class="shield ~info mr-4">
-                        <span class="icon">
-                            <i class="ri-chat-3-line"></i>
-                        </span>
-                    </span>
-                    {{ .matrixUser }}
-                </div>
-                <span class="button ~info @low full-width center mt-4" id="matrix-send">{{ .strings.submit }}</span>
-            </div>
-        </div>
-        {{ end }}
+        {{ template "account-linking.html" . }}
        <div class="top-4 left-4 absolute">
            <span class="dropdown" tabindex="0" id="lang-dropdown">
                <span class="button ~urge dropdown-button">
@@ -88,7 +43,7 @@
        <div id="notification-box"></div>
        <div class="page-container">
            <div class="card dark:~d_neutral @low">
-                <div class="flex flex-col md:flex-row gap-3 baseline">
+                <div class="flex flex-col md:flex-row gap-3 items-baseline mb-2">
                    <span class="heading mr-5">
                        {{ if .passwordReset }}
                        {{ .strings.passwordReset }}
@@ -98,9 +53,9 @@
                    </span>
                    <span class="subheading">
                        {{ if .passwordReset }}
-                        {{ .strings.enterYourPassword }}
+                            {{ .strings.enterYourPassword }}
                        {{ else }}
-                        {{ .helpMessage }}
+                            {{ .helpMessage }}
                        {{ end }}
                    </span>
                </div>
@@ -130,21 +85,21 @@
                            {{ if or (.telegramEnabled) (or .discordEnabled .matrixEnabled) }}
                            <div id="contact-via" class="unfocused">
                                <label class="row switch pb-4 unfocused">
-                                    <input type="radio" name="contact-via" value="email" id="contact-via-email" class="mr-2"><span>Contact through Email</span>
+                                    <input type="checkbox" name="contact-via" value="email" id="contact-via-email" class="mr-2"><span>Contact through Email</span>
                                </label>
                                {{ if .telegramEnabled }}
                                <label class="row switch pb-4 unfocused">
-                                    <input type="radio" name="contact-via" value="telegram" id="contact-via-telegram" class="mr-2"><span>Contact through Telegram</span>
+                                    <input type="checkbox" name="contact-via" value="telegram" id="contact-via-telegram" class="mr-2"><span>Contact through Telegram</span>
                                </label>
                                {{ end }}
                                {{ if .discordEnabled }}
                                <label class="row switch pb-4 unfocused">
-                                    <input type="radio" name="contact-via" value="discord" id="contact-via-discord" class="mr-2"><span>Contact through Discord</span>
+                                    <input type="checkbox" name="contact-via" value="discord" id="contact-via-discord" class="mr-2"><span>Contact through Discord</span>
                                </label>
                                {{ end }}
                                {{ if .matrixEnabled }}
                                <label class="row switch pb-4 unfocused">
-                                    <input type="radio" name="contact-via" value="matrix" id="contact-via-matrix" class="mr-2"><span>Contact through Matrix</span>
+                                    <input type="checkbox" name="contact-via" value="matrix" id="contact-via-matrix" class="mr-2"><span>Contact through Matrix</span>
                                </label>
                                {{ end }}
                            </div>
@@ -167,9 +122,12 @@
                            </label>
                        </form>
                    </div>
-                    <div class="flex-1">
+                    <div class="flex-initial">
+                        {{ if .fromUser }}
+                            <aside class="col aside sm ~positive mb-4" id="invite-from-user" data-from="{{ .fromUser }}">{{ .strings.invitedBy }}</aside>
+                        {{ end }}
                        <div class="card ~neutral @low mb-4">
-                            <span class="label supra" for="inv-uses">{{ .strings.passwordRequirementsHeader }}</span>
+                            <span class="label supra">{{ .strings.passwordRequirementsHeader }}</span>
                            <ul>
                                {{ range $key, $value := .requirements }}
                                <li class="" id="requirement-{{ $key }}" min="{{ $value }}">
@@ -180,13 +138,15 @@
                        </div>
                        {{ if .captcha }}
                        <div class="card ~neutral @low mb-4">
-                            <span class="label supra mb-2">CAPTCHA <span id="captcha-regen" title="{{ .strings.refresh }}" class="badge lg @low ~info ml-2 float-right"><i class="ri-refresh-line"></i></span><span id="captcha-success" class="badge lg @low ~critical ml-2 float-right"><i class="ri-close-line"></i></span></span>
-                            <div id="captcha-img" class="mt-2 mb-2"></div>
+                            <span class="label supra mb-2">CAPTCHA {{ if not .reCAPTCHA }}<span id="captcha-regen" title="{{ .strings.refresh }}" class="badge lg @low ~info ml-2 float-right"><i class="ri-refresh-line"></i></span><span id="captcha-success" class="badge lg @low ~critical ml-2 float-right"><i class="ri-close-line"></i></span>{{ end }}</span>
+                            <div id="captcha-img" class="mt-2 mb-2 {{ if .reCAPTCHA }}g-recaptcha{{ end }}"></div>
+                            {{ if not .reCAPTCHA }}
                            <input class="field ~neutral @low" id="captcha-input" class="mt-2" placeholder="CAPTCHA">
+                            {{ end }}
                        </div>
                        {{ end }}
                        {{ if .contactMessage }}
-                        <aside class="col aside sm ~info mt-4">{{ .contactMessage }}</aside>
+                            <aside class="col aside sm ~info mt-4">{{ .contactMessage }}</aside>
                        {{ end }}
                    </div>
                </div>
--- a/html/header.html
+++ b/html/header.html
@@ -1,4 +1,4 @@
-<meta charset="utf-8">
+<meta charset="UTF-8"/>
 <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
 <meta name="Description" content="jfa-go, a better way to manage Jellyfin users.">
 <meta name="color-scheme" content="dark light">
--- a/html/invalidCode.html
+++ b/html/invalidCode.html
@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html lang="en" class="{{ .cssClass }}">
    <head>
-        <link rel="stylesheet" type="text/css" href="css/{{ .cssVersion }}bundle.css">
+        <link rel="stylesheet" type="text/css" href="{{ .urlBase }}/css/{{ .cssVersion }}bundle.css">
        {{ template "header.html" . }}
        <title>Invalid Code - jfa-go</title>
    </head>
--- a/html/login-modal.html
+++ b/html/login-modal.html
@@ -0,0 +1,33 @@
+<div id="modal-login" class="modal">
+    <div class="my-[10%] row items-stretch relative mx-auto w-[40%] lg:w-[60%]">
+        {{ if index . "LoginMessageEnabled" }}
+            {{ if .LoginMessageEnabled }}
+                <div class="card mx-2 flex-initial w-[100%] xl:w-[35%] mb-4 xl:mb-0 dark:~d_neutral @low content">
+                    {{ .LoginMessageContent }}
+                </div>
+            {{ end }}
+        {{ end }}
+        {{ if index . "userPageEnabled" }}
+                {{ if and .userPageEnabled .showUserPageLink }}
+                <div class="card mx-2 flex-initial w-[100%] xl:w-[35%] mb-4 xl:mb-0 dark:~d_neutral @low content">
+                    <span class="heading row">{{ .strings.loginNotAdmin }}</span>
+                    <a class="button ~info h-12 w-100" href="{{ .urlBase }}/my/account"><i class="ri-account-circle-fill mr-2"></i>{{ .strings.myAccount }}</a>
+                </div>
+            {{ end }}
+        {{ end }}
+        <form class="card mx-2 flex-auto form-login w-[100%] xl:w-[55%] mb-0" href="">
+            <span class="heading">{{ .strings.login }}</span>
+            <input type="text" class="field input ~neutral @high mt-4 mb-2" placeholder="{{ .strings.username }}" id="login-user">
+            <input type="password" class="field input ~neutral @high mb-4" placeholder="{{ .strings.password }}" id="login-password">
+            <label>
+                <input type="submit" class="unfocused">
+                <span class="button ~urge @low full-width center supra submit">{{ .strings.login }}</span>
+                {{ if index . "pwrEnabled" }}
+                    {{ if .pwrEnabled }}
+                        <span class="button ~info @low full-width center supra submit my-2" id="modal-login-pwr">{{ .strings.resetPassword }}</span>
+                    {{ end }}
+                {{ end }}
+            </label>
+        </form>
+    </div>
+</div>
--- a/html/setup.html
+++ b/html/setup.html
@@ -146,6 +146,7 @@
                    <label class="row switch pb-4">
                        <input type="radio" class="mr-2" name="ui-jellyfin_login" value="false"><span>{{ .lang.Login.authorizeManual }}</span>
                    </label>
+                    <p class="support pb-4 pl-4 mt-1">{{ .lang.Login.authorizeManualUserPageNotice }}</p>
                </div>
                <div id="login-manual">
                    <label class="label">
@@ -238,6 +239,21 @@
                    </div>
                </section>
            </div>
+            <div class="card ~neutral @low mb-2 unfocused">
+                <span class="heading">{{ .lang.UserPage.title }}</span>
+                <p class="content my-2">{{ .lang.UserPage.description }}</p>
+                <p class="content my-2">{{ .lang.UserPage.customizeMessages }}</p>
+                <label class="row switch pb-4">
+                    <input type="checkbox" class="mr-2" id="userpage-enabled"><span>{{ .lang.Strings.enabled }}</span>
+                </label>
+                <p class="support mb-1 mt-1">{{ .lang.UserPage.requiredSettings }}</p>
+                <section class="section ~neutral banner footer flex-expand middle">
+                    <span class="button ~neutral @low back">{{ .lang.Strings.back }}</span>
+                    <div>
+                        <span class="button ~urge @low next">{{ .lang.Strings.next }}</span>
+                    </div>
+                </section>
+            </div>
            <div class="card ~neutral @low mb-2 unfocused">
                <span class="heading">{{ .lang.Messages.title }}</span>
                <p class="content my-2" id="messages-description"></p>
@@ -391,7 +407,7 @@
                </label>
                <label class="switch">
                    <input type="checkbox" class="mr-2" id="password_resets-link_reset"><span>{{ .lang.PasswordResets.resetLinks }}</span>
-                    <p class="support mb-2 mt-1">{{ .lang.PasswordResets.resetLinksNotice }}</p>
+                    <p class="support mb-2 mt-1">{{ .lang.PasswordResets.resetLinksNotice }} {{ .lang.PasswordResets.resetLinksRequiredForUserPage }}</p>
                </label>
                <label class="switch">
                    <input type="checkbox" class="mr-2" id="password_resets-set_password"><span>{{ .lang.PasswordResets.setPassword }}</span>
--- a/html/user.html
+++ b/html/user.html
@@ -0,0 +1,173 @@
+<html lang="en" class="light">
+    <head>
+        <link rel="stylesheet" type="text/css" href="{{ .urlBase }}/css/{{ .cssVersion }}bundle.css">
+        <script>
+            window.URLBase = "{{ .urlBase }}";
+            window.notificationsEnabled = {{ .notifications }};
+            window.ombiEnabled = {{ .ombiEnabled }};
+            window.langFile = JSON.parse({{ .language }});
+            window.pwrEnabled = {{ .pwrEnabled }};
+            window.linkResetEnabled = {{ .linkResetEnabled }};
+            window.language = "{{ .langName }}";
+            window.telegramEnabled = {{ .telegramEnabled }};
+            window.telegramRequired = {{ .telegramRequired }};
+            window.telegramUsername = {{ .telegramUsername }};
+            window.telegramURL = {{ .telegramURL }};
+            window.emailEnabled = {{ .emailEnabled }};
+            window.emailRequired = {{ .emailRequired }};
+            window.discordEnabled = {{ .discordEnabled }};
+            window.discordRequired = {{ .discordRequired }};
+            window.discordServerName = "{{ .discordServerName }}";
+            window.discordInviteLink = {{ .discordInviteLink }};
+            window.discordSendPINMessage = "{{ .discordSendPINMessage }}";
+            window.matrixEnabled = {{ .matrixEnabled }};
+            window.matrixRequired = {{ .matrixRequired }};
+            window.matrixUserID = "{{ .matrixUser }}";
+            window.validationStrings = JSON.parse({{ .validationStrings }});
+            window.referralsEnabled = {{ .referralsEnabled }};
+        </script>
+        {{ template "header.html" . }}
+        <title>{{ .strings.myAccount }}</title>
+    </head>
+    <body class="max-w-full overflow-x-hidden section">
+        <div id="modal-email" class="modal">
+            <div class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3">
+                <div class="content">
+                    <span class="heading mb-4 my-2"></span>
+                    <label class="label supra row m-1" for="modal-email-input">{{ .strings.emailAddress }}</label>
+                    <div class="row">
+                        <input type="email" class="col sm field ~neutral @low input" id="modal-email-input" placeholder="{{ .strings.emailAddress }}">
+                    </div>
+                    <button class="button ~urge @low supra full-width center lg my-2 modal-submit">{{ .strings.submit }}</button>
+                </div>
+                <div class="confirmation-required unfocused">
+                    <span class="heading mb-4">{{ .strings.confirmationRequired }} <span class="modal-close">&times;</span></span>
+                    <p class="content mb-4">{{ .strings.confirmationRequiredMessage }}</p>
+                </div>
+            </div>
+        </div>
+        {{ if .pwrEnabled }}
+        <div id="modal-pwr" class="modal">
+            <div class="card relative mx-auto my-[10%] w-4/5 lg:w-1/3 ~neutral @low">
+                <span class="heading">{{ .strings.resetPassword }}</span>
+                <p class="content my-2">
+                {{ if .linkResetEnabled }}
+                    {{ .strings.resetPasswordThroughLink }}
+                {{ else }}
+                    {{ .strings.resetPasswordThroughJellyfin }}
+                {{ end }}
+                </p>
+                <div class="row">
+                    <input type="text" class="col sm field ~neutral @low input" id="pwr-address" placeholder="username | example@example.com | user#1234 | @user:host | @username">
+                </div>
+                {{ if .linkResetEnabled }}
+                    <span class="button ~info @low full-width center mt-4" id="pwr-submit">
+                        {{ .strings.submit }}
+                    </span>
+                {{ else }}
+                    <a class="button ~info @low full-width center mt-4" href="{{ .jfLink }}" target="_blank">{{ .strings.continue }}</a>
+                {{ end }}
+            </div>
+        </div>
+        {{ end }}
+        {{ template "login-modal.html" . }}
+        {{ template "account-linking.html" . }}
+        <div id="notification-box"></div>
+        <div class="top-4 left-4 absolute">
+            <span class="dropdown" tabindex="0" id="lang-dropdown">
+                <span class="button ~urge dropdown-button">
+                    <i class="ri-global-line"></i>
+                    <span class="ml-2 chev"></span>
+                </span>
+                <div class="dropdown-display">
+                    <div class="card ~neutral @low">
+                        <label class="switch pb-4">
+                            <input type="radio" name="lang-time" id="lang-12h">
+                            <span>{{ .strings.time12h }}</span>
+                        </label>
+                        <label class="switch pb-4">
+                            <input type="radio" name="lang-time" id="lang-24h">
+                            <span>{{ .strings.time24h }}</span>
+                        </label>
+                        <div id="lang-list"></div>
+                    </div>
+                </div>
+            </span>
+            <span class="button ~warning" alt="{{ .strings.theme }}" id="button-theme"><i class="ri-sun-line"></i></span>
+            <span class="button ~critical @low mb-4 unfocused" id="logout-button">{{ .strings.logout }}</span>
+        </div>
+        <div class="top-4 right-4 absolute">
+            <a class="button ~info unfocused" href="/" id="admin-back-button"><i class="ri-arrow-left-fill mr-2"></i>{{ .strings.admin }}</a>
+        </div>
+        <div class="page-container unfocused">
+            <div class="card @low dark:~d_neutral mb-4" id="card-user">
+                <span class="heading mb-2"></span>
+            </div>
+            <div class="grid grid-cols-1 lg:grid-cols-2 gap-4">
+                {{ if index . "PageMessageEnabled" }}
+                    {{ if .PageMessageEnabled }}
+                        <div class="card @low dark:~d_neutral content" id="card-message">
+                            {{ .PageMessageContent }}
+                        </div>
+                    {{ end }}
+                {{ end }}
+                <div class="card @low dark:~d_neutral flex-col" id="card-contact">
+                    <span class="heading mb-2">{{ .strings.contactMethods }}</span>
+                    <div class="content flex justify-between flex-col h-100"></div>
+                </div>
+                <div>
+                    <div class="card @low dark:~d_neutral content" id="card-password">
+                        <span class="heading row mb-2">{{ .strings.changePassword }}</span>
+                        <div class="">
+                            <div class="my-2">
+                                <span class="label supra row">{{ .strings.passwordRequirementsHeader }}</span>
+                                <ul>
+                                    {{ range $key, $value := .requirements }}
+                                        <li class="" id="requirement-{{ $key }}" min="{{ $value }}">
+                                            <span class="badge lg ~positive requirement-valid"></span> <span class="content requirement-content"></span>
+                                        </li>
+                                    {{ end }}
+                                </ul>
+                            </div>
+                            <div class="my-2">
+                                <label class="label supra" for="user-old-password">{{ .strings.oldPassword }}</label>
+                                <input type="password" class="input ~neutral @low mt-2 mb-4" placeholder="{{ .strings.password }}" id="user-old-password" aria-label="{{ .strings.oldPassword }}">
+                                <label class="label supra" for="user-new-password">{{ .strings.newPassword }}</label>
+                                <input type="password" class="input ~neutral @low mt-2 mb-4" placeholder="{{ .strings.password }}" id="user-new-password" aria-label="{{ .strings.newPassword }}">
+
+                                <label class="label supra" for="user-reenter-password">{{ .strings.reEnterPassword }}</label>
+                                <input type="password" class="input ~neutral @low mt-2 mb-4" placeholder="{{ .strings.password }}" id="user-reenter-new-password" aria-label="{{ .strings.reEnterPassword }}">
+                                <span class="button ~info @low full-width center mt-4" id="user-password-submit">
+                                    {{ .strings.changePassword }}
+                                </span>
+                            </div>
+                        </div>
+                    </div>
+                </div>
+                <div>
+                    <div class="card @low dark:~d_neutral unfocused" id="card-status">
+                        <span class="heading mb-2">{{ .strings.expiry }}</span>
+                        <aside class="aside ~warning user-expiry my-4"></aside>
+                        <div class="user-expiry-countdown"></div>
+                    </div>
+                </div>
+                {{ if .referralsEnabled }}
+                    <div>
+                        <div class="card @low dark:~d_neutral unfocused" id="card-referrals">
+                            <span class="heading mb-2">{{ .strings.referrals }}</span>
+                            <aside class="aside ~neutral my-4 col">{{ .strings.referralsDescription }}</aside>
+                            <div class="row flex-expand">
+                                <div class="user-referrals-info"></div>
+                                <div class="grid my-2">
+                                    <button type="button" class="user-referrals-button button ~info dark:~d_info @low" title="Copy">{{ .strings.copyReferral }}<i class="ri-file-copy-line ml-2"></i></button>
+                                </div>
+                            </div>
+                        </div>
+                    </div>
+                {{ end }}
+            </div>
+        </div>
+        <script src="{{ .urlBase }}/js/user.js" type="module"></script>
+    </body>
+</html>
+
--- a/images/README.md
+++ b/images/README.md
@@ -1,6 +1,9 @@
 # Images

-This holds any images on the main README, and the base files for the icons and banner. The font used, like Jellyfin, is [Quicksand](https://fonts.google.com/specimen/Quicksand) by Andrew Paglinawan.
+This holds any images on the main README, and the base files for the icons and banner. The font used pre-0.5.0, like Jellyfin, is [Quicksand](https://fonts.google.com/specimen/Quicksand) by Andrew Paglinawan. These old versions are prefixed with `-quicksand` in `src/`.
+
+Post-0.5.0, the font used is Hanken Grotesk, available under SIL OFL 1.1 License.
+https://scripts.sil.org/cms/scripts/page.php?item_id=OFL_web

 "Go" text logo and Gopher image: Copyright 2018 The Go Authors. All rights reserved.
 https://creativecommons.org/licenses/by/3.0/legalcode
--- a/images/accounts.png
+++ b/images/accounts.png
--- a/images/banner.svg
+++ b/images/banner.svg
--- a/images/create.png
+++ b/images/create.png
--- a/images/invites.png
+++ b/images/invites.png
--- a/images/jfa-go-social.png
+++ b/images/jfa-go-social.png
--- a/images/jfa-go-social.svg
+++ b/images/jfa-go-social.svg
--- a/images/myaccount.png
+++ b/images/myaccount.png
--- a/images/src/banner-hanken.svg
+++ b/images/src/banner-hanken.svg
--- a/images/src/banner-quicksand.svg
+++ b/images/src/banner-quicksand.svg
--- a/images/src/jfa-go-social-hanken.svg
+++ b/images/src/jfa-go-social-hanken.svg
--- a/images/src/jfa-go-social-quicksand.svg
+++ b/images/src/jfa-go-social-quicksand.svg
--- a/lang.go
+++ b/lang.go
@@ -26,8 +26,10 @@ func (ls *adminLangs) getOptions() [][2]string {
 type commonLangs map[string]commonLang

 type commonLang struct {
-	Meta    langMeta    `json:"meta"`
-	Strings langSection `json:"strings"`
+	Meta            langMeta                  `json:"meta"`
+	Strings         langSection               `json:"strings"`
+	Notifications   langSection               `json:"notifications"`
+	QuantityStrings map[string]quantityString `json:"quantityStrings"`
 }

 type adminLang struct {
@@ -38,9 +40,9 @@ type adminLang struct {
 	JSON            string
 }

-type formLangs map[string]formLang
+type userLangs map[string]userLang

-func (ls *formLangs) getOptions() [][2]string {
+func (ls *userLangs) getOptions() [][2]string {
 	opts := make([][2]string, len(*ls))
 	i := 0
 	for key, lang := range *ls {
@@ -50,13 +52,15 @@ func (ls *formLangs) getOptions() [][2]string {
 	return opts
 }

-type formLang struct {
+type userLang struct {
 	Meta                  langMeta    `json:"meta"`
 	Strings               langSection `json:"strings"`
 	Notifications         langSection `json:"notifications"`
 	notificationsJSON     string
 	ValidationStrings     map[string]quantityString `json:"validationStrings"`
 	validationStringsJSON string
+	QuantityStrings       map[string]quantityString `json:"quantityStrings"`
+	JSON                  string
 }

 type pwrLangs map[string]pwrLang
@@ -119,6 +123,7 @@ type setupLang struct {
 	Email              langSection `json:"email"`
 	Messages           langSection `json:"messages"`
 	Notifications      langSection `json:"notifications"`
+	UserPage           langSection `json:"userPage"`
 	WelcomeEmails      langSection `json:"welcomeEmails"`
 	PasswordResets     langSection `json:"passwordResets"`
 	InviteEmails       langSection `json:"inviteEmails"`
--- a/lang/admin/ar-aa.json
+++ b/lang/admin/ar-aa.json
@@ -0,0 +1,216 @@
+{
+    "meta": {
+        "name": "العربية (AR)"
+    },
+    "strings": {
+        "invites": "الدعوات",
+        "accounts": "الحسابات",
+        "settings": "الإعدادات",
+        "inviteMonths": "شهور",
+        "inviteDays": "أيام",
+        "inviteHours": "ساعات",
+        "inviteMinutes": "دقائق",
+        "inviteNumberOfUses": "عدد الاستخدامات",
+        "inviteDuration": "مدة الدعوة",
+        "warning": "تحذير",
+        "inviteInfiniteUsesWarning": "الدعوات ذات الاستخدامات اللانهائية يمكن ان تستخدم بشكل مسيئ",
+        "inviteSendToEmail": "إرسال إلى",
+        "create": "إنشاء",
+        "apply": "تطبيق",
+        "select": "تحديد",
+        "name": "الاسم",
+        "date": "التاريخ",
+        "setExpiry": "تعيين انتهاء الصلاحية",
+        "updates": "التحديثات",
+        "update": "تحديث",
+        "download": "تنزيل",
+        "search": "بحث",
+        "advancedSettings": "إعدادات متقدمة",
+        "lastActiveTime": "آخر نشاط",
+        "from": "من",
+        "after": "بعد",
+        "before": "قبل",
+        "user": "مستخدم",
+        "userExpiry": "انتهاء صلاحية المستخدم",
+        "userExpiryDescription": "",
+        "aboutProgram": "حول",
+        "version": "إصدار",
+        "commitNoun": "تعديل",
+        "newUser": "مستخدم جديد",
+        "profile": "ملف",
+        "unknown": "غير معروف",
+        "label": "وسم",
+        "logs": "السجلات",
+        "announce": "إعلان",
+        "templates": "قوالب",
+        "subject": "الموضوع",
+        "message": "الرسالة",
+        "variables": "المتغيرات",
+        "conditionals": "",
+        "preview": "معاينة",
+        "reset": "إعادة ضبط",
+        "donate": "تبرع",
+        "unlink": "إلغاء ربط الحساب",
+        "sendPWR": "إرسال إعادة تعيين كلمة المرور",
+        "contactThrough": "تواصل عن طريق:",
+        "extendExpiry": "تمديد إنتهاء الصلاحية",
+        "sendPWRManual": "",
+        "sendPWRSuccess": "تم إرسال رابط إعادة تعيين كلمة المرور.",
+        "sendPWRSuccessManual": "",
+        "sendPWRValidFor": "",
+        "customizeMessages": "",
+        "customizeMessagesDescription": "",
+        "markdownSupported": "",
+        "modifySettings": "",
+        "modifySettingsDescription": "",
+        "applyHomescreenLayout": "",
+        "sendDeleteNotificationEmail": "",
+        "sendDeleteNotifiationExample": "",
+        "settingsRestart": "",
+        "settingsRestarting": "",
+        "settingsRestartRequired": "",
+        "settingsRestartRequiredDescription": "",
+        "settingsApplyRestartLater": "",
+        "settingsApplyRestartNow": "",
+        "settingsApplied": "",
+        "settingsRefreshPage": "",
+        "settingsRequiredOrRestartMessage": "",
+        "settingsSave": "",
+        "ombiProfile": "",
+        "ombiUserDefaultsDescription": "",
+        "userProfiles": "",
+        "userProfilesDescription": "",
+        "userProfilesIsDefault": "",
+        "userProfilesLibraries": "",
+        "addProfile": "",
+        "addProfileDescription": "",
+        "addProfileNameOf": "",
+        "addProfileStoreHomescreenLayout": "",
+        "inviteNoUsersCreated": "",
+        "inviteUsersCreated": "",
+        "inviteNoProfile": "",
+        "inviteDateCreated": "",
+        "inviteRemainingUses": "",
+        "inviteNoInvites": "",
+        "inviteExpiresInTime": "",
+        "notifyEvent": "",
+        "notifyInviteExpiry": "",
+        "notifyUserCreation": "",
+        "sendPIN": "",
+        "searchDiscordUser": "",
+        "findDiscordUser": "",
+        "linkMatrixDescription": "",
+        "matrixHomeServer": "",
+        "saveAsTemplate": "",
+        "deleteTemplate": "",
+        "templateEnterName": "",
+        "accessJFA": "",
+        "accessJFASettings": "",
+        "sortingBy": "",
+        "filters": "",
+        "clickToRemoveFilter": "",
+        "clearSearch": "",
+        "actions": "",
+        "searchOptions": "",
+        "matchText": "",
+        "jellyfinID": "",
+        "userPageLogin": "",
+        "userPagePage": "",
+        "buildTime": "",
+        "builtBy": ""
+    },
+    "notifications": {
+        "changedEmailAddress": "",
+        "userCreated": "",
+        "createProfile": "",
+        "saveSettings": "",
+        "saveEmail": "",
+        "sentAnnouncement": "",
+        "savedAnnouncement": "",
+        "setOmbiProfile": "",
+        "updateApplied": "",
+        "updateAppliedRefresh": "",
+        "telegramVerified": "",
+        "accountConnected": "",
+        "errorSettingsAppliedNoHomescreenLayout": "",
+        "errorHomescreenAppliedNoSettings": "",
+        "errorSettingsFailed": "",
+        "errorSaveEmail": "",
+        "errorBlankFields": "",
+        "errorDeleteProfile": "",
+        "errorLoadProfiles": "",
+        "errorCreateProfile": "",
+        "errorSetDefaultProfile": "",
+        "errorLoadUsers": "",
+        "errorLoadSettings": "",
+        "errorSetOmbiProfile": "",
+        "errorLoadOmbiUsers": "",
+        "errorChangedEmailAddress": "",
+        "errorFailureCheckLogs": "",
+        "errorPartialFailureCheckLogs": "",
+        "errorUserCreated": "",
+        "errorSendWelcomeEmail": "",
+        "errorApplyUpdate": "",
+        "errorCheckUpdate": "",
+        "updateAvailable": "",
+        "noUpdatesAvailable": ""
+    },
+    "quantityStrings": {
+        "modifySettingsFor": {
+            "singular": "",
+            "plural": ""
+        },
+        "deleteNUsers": {
+            "singular": "",
+            "plural": ""
+        },
+        "disableUsers": {
+            "singular": "",
+            "plural": ""
+        },
+        "reEnableUsers": {
+            "singular": "",
+            "plural": ""
+        },
+        "addUser": {
+            "singular": "",
+            "plural": ""
+        },
+        "deleteUser": {
+            "singular": "",
+            "plural": ""
+        },
+        "deletedUser": {
+            "singular": "",
+            "plural": ""
+        },
+        "disabledUser": {
+            "singular": "",
+            "plural": ""
+        },
+        "enabledUser": {
+            "singular": "",
+            "plural": ""
+        },
+        "announceTo": {
+            "singular": "",
+            "plural": ""
+        },
+        "appliedSettings": {
+            "singular": "",
+            "plural": ""
+        },
+        "extendExpiry": {
+            "singular": "",
+            "plural": ""
+        },
+        "setExpiry": {
+            "singular": "",
+            "plural": ""
+        },
+        "extendedExpiry": {
+            "singular": "",
+            "plural": ""
+        }
+    }
+}
--- a/lang/admin/da-dk.json
+++ b/lang/admin/da-dk.json
@@ -15,20 +15,11 @@
        "warning": "Advarsel",
        "inviteInfiniteUsesWarning": "invitationer med uendelig brug kan blive misbrugt",
        "inviteSendToEmail": "Send til",
-        "login": "Log på",
-        "logout": "Log ud",
        "create": "Opret",
        "apply": "Anvend",
-        "delete": "Slet",
-        "add": "Tilføj",
        "select": "Vælg",
        "name": "Navn",
        "date": "Dato",
-        "enabled": "Aktiveret",
-        "disabled": "Deaktiveret",
-        "reEnable": "Genaktiver",
-        "disable": "Deaktiver",
-        "admin": "Administrator",
        "updates": "Opdateringer",
        "update": "Opdatering",
        "download": "Hent",
@@ -37,7 +28,6 @@
        "lastActiveTime": "Sidst Aktiv",
        "from": "Fra",
        "user": "Bruger",
-        "expiry": "Udløb",
        "userExpiry": "Brugerens Udløb",
        "userExpiryDescription": "En specificeret tid efter hver tilmelding, sletter/deaktiverer jfa-go kontoen. Du kan ændre denne adfærd i indstillingerne.",
        "aboutProgram": "Om",
@@ -54,7 +44,6 @@
        "conditionals": "Betingelser",
        "preview": "Eksempel",
        "reset": "Nulstil",
-        "edit": "Rediger",
        "donate": "Doner",
        "contactThrough": "Kontakt gennem:",
        "extendExpiry": "Forlæng udløb",
@@ -90,7 +79,6 @@
        "inviteUsersCreated": "Oprettet brugere",
        "inviteNoProfile": "Ingen Profil",
        "inviteDateCreated": "Oprettet",
-        "inviteRemainingUses": "Resterende anvendelser",
        "inviteNoInvites": "Ingen",
        "inviteExpiresInTime": "Udløber om {n}",
        "notifyEvent": "Meddel den:",
@@ -128,13 +116,9 @@
        "updateAppliedRefresh": "Opdatering anvendt, genindlæs venligst siden.",
        "telegramVerified": "Telegram konto verificeret.",
        "accountConnected": "Konto tilsluttet.",
-        "errorConnection": "Kunne ikke oprette forbindelse til jfa-go.",
-        "error401Unauthorized": "Adgang nægtet. Prøv at genindlæse siden.",
        "errorSettingsAppliedNoHomescreenLayout": "Indstillingerne blev anvendt, men anvendelse af startskærmens layout mislykkedes muligvis.",
        "errorHomescreenAppliedNoSettings": "Startskærmens layout blev anvendt, men anvendelsen af indstillingerne mislykkedes muligvis.",
        "errorSettingsFailed": "Ansøgningen mislykkedes.",
-        "errorLoginBlank": "Brugernavnet og/eller adgangskoden blev efterladt tomme.",
-        "errorUnknown": "Ukendt fejl.",
        "errorSaveEmail": "Kunne ikke gemme e-mail.",
        "errorBlankFields": "Felter blev efterladt tomme",
        "errorDeleteProfile": "Kunne ikke slette profilen {n}",
@@ -142,7 +126,6 @@
        "errorCreateProfile": "Kunne ikke oprette profilen {n}",
        "errorSetDefaultProfile": "Standard profilen kunne ikke indstilles.",
        "errorLoadUsers": "Kunne ikke indlæse brugere.",
-        "errorSaveSettings": "Kunne ikke gemme indstillingerne.",
        "errorLoadSettings": "Indstillingerne kunne ikke indlæses.",
        "errorSetOmbiDefaults": "Ombi standarderne kunne ikke gemmes.",
        "errorLoadOmbiUsers": "Kunne ikke indlæse ombi brugere.",
@@ -217,4 +200,4 @@
            "plural": "Indstil udløb for {n} brugere"
        }
    }
-}
+}
--- a/lang/admin/de-de.json
+++ b/lang/admin/de-de.json
@@ -13,11 +13,8 @@
        "warning": "Warnung",
        "inviteInfiniteUsesWarning": "Invites mit unendlich vielen Verwendungen können missbräuchlich verwendet werden",
        "inviteSendToEmail": "Senden an",
-        "login": "Anmelden",
-        "logout": "Abmelden",
        "create": "Erstellen",
        "apply": "Anwenden",
-        "delete": "Löschen",
        "name": "Name",
        "date": "Datum",
        "lastActiveTime": "Zuletzt aktiv",
@@ -56,7 +53,6 @@
        "inviteUsersCreated": "Erstellte Benutzer",
        "inviteNoProfile": "Kein Profil",
        "inviteDateCreated": "Erstellt",
-        "inviteRemainingUses": "Verbleibende Verwendungen",
        "inviteNoInvites": "Keine",
        "inviteExpiresInTime": "Läuft in {n} ab",
        "notifyEvent": "Benachrichtigen bei:",
@@ -68,7 +64,6 @@
        "variables": "Variablen",
        "preview": "Vorschau",
        "reset": "Zurücksetzen",
-        "edit": "Bearbeiten",
        "customizeMessages": "Benachrichtigungen anpassen",
        "customizeMessagesDescription": "Wenn du jfa-go's E-Mail-Vorlagen nicht benutzen willst, kannst du deinen eigenen unter Verwendung von Markdown erstellen.",
        "announce": "Ankündigen",
@@ -79,23 +74,16 @@
        "search": "Suchen",
        "userExpiry": "Benutzer Ablaufdatum",
        "inviteDuration": "Invite Dauer",
-        "enabled": "Aktiviert",
        "userExpiryDescription": "Eine bestimmte Zeit nach der Anmeldung wird jfa-go das Konto löschen/deaktivieren. Du kannst dieses Verhalten in den Einstellungen ändern.",
-        "disabled": "Deaktiviert",
-        "admin": "Admin",
        "download": "Herunterladen",
        "update": "Aktualisieren",
        "updates": "Aktualisierungen",
-        "expiry": "Ablaufdatum",
        "extendExpiry": "Ablaufdatum verlängern",
-        "reEnable": "Wieder aktivieren",
-        "disable": "Deaktivieren",
        "donate": "Spenden",
        "conditionals": "Bedingungen",
        "contactThrough": "Kontakt über:",
        "sendPIN": "Bitte den Benutzer, die unten stehende PIN an den Bot zu senden.",
        "inviteMonths": "Monate",
-        "add": "Hinzufügen",
        "select": "Auswählen",
        "searchDiscordUser": "Gib den Discord-Benutzername ein, um den Benutzer zu finden.",
        "findDiscordUser": "Suche Discord-Benutzer",
@@ -114,7 +102,20 @@
        "accessJFASettings": "Kann nicht geändert werden, da entweder \"Nur Admin-Benutzer\" oder \"Erlaube allen Jellyfin-Nutzern sich anzumelden\" in Einstellungen > Allgemein aktiviert ist.",
        "saveAsTemplate": "Als Vorlage speichern",
        "deleteTemplate": "Vorlage löschen",
-        "templateEnterName": "Gebe einen Namen ein, um diese Vorlage zu speichern."
+        "templateEnterName": "Gebe einen Namen ein, um diese Vorlage zu speichern.",
+        "filters": "Filter",
+        "clickToRemoveFilter": "zum Entfernen des Filters klicken.",
+        "clearSearch": "Suche löschen",
+        "actions": "Aktionen",
+        "searchOptions": "Suchoptionen",
+        "matchText": "Textübereinstummung",
+        "jellyfinID": "Jellyfin ID",
+        "userPageLogin": "Benutzer Seite: Login",
+        "userPagePage": "Benutzer Seite: Seite",
+        "after": "nach",
+        "before": "vor",
+        "unlink": "Account trennen",
+        "sortingBy": "Sortieren nach"
    },
    "notifications": {
        "changedEmailAddress": "E-Mail-Adresse von {n} geändert.",
@@ -122,20 +123,15 @@
        "createProfile": "Profil {n} erstellt.",
        "saveSettings": "Einstellungen wurden gespeichert",
        "setOmbiDefaults": "Ombi-Standardeinstellungen gespeichert.",
-        "errorConnection": "Konnte keine Verbindung zu jfa-go herstellen.",
-        "error401Unauthorized": "Unberechtigt. Versuch, die Seite zu aktualisieren.",
        "errorSettingsAppliedNoHomescreenLayout": "Einstellungen wurden angewendet, aber die Anwendung des Startbildschirmlayouts ist möglicherweise fehlgeschlagen.",
        "errorHomescreenAppliedNoSettings": "Startbildschirmlayout wurde angewendet, aber die Anwendung der Einstellungen ist möglicherweise fehlgeschlagen.",
        "errorSettingsFailed": "Anwendung ist fehlgeschlagen.",
-        "errorLoginBlank": "Der Benutzername und/oder das Passwort wurden nicht ausgefüllt.",
-        "errorUnknown": "Unbekannter Fehler.",
        "errorBlankFields": "Felder wurden nicht ausgefüllt",
        "errorDeleteProfile": "Fehler beim Löschen des Profils {n}",
        "errorLoadProfiles": "Fehler beim Laden der Profile.",
        "errorCreateProfile": "Fehler beim Erstellen des Profils {n}",
        "errorSetDefaultProfile": "Fehler beim Setzen des Standardprofils.",
        "errorLoadUsers": "Fehler beim Laden der Benutzer.",
-        "errorSaveSettings": "Einstellungen konnten nicht gespeichert werden.",
        "errorLoadSettings": "Fehler beim Laden der Einstellungen.",
        "errorSetOmbiDefaults": "Fehler beim Speichern der Ombi-Standardeinstellungen.",
        "errorLoadOmbiUsers": "Fehler beim Laden der Ombi-Benutzer.",
--- a/lang/admin/el-gr.json
+++ b/lang/admin/el-gr.json
@@ -13,11 +13,8 @@
        "warning": "Προσοχή",
        "inviteInfiniteUsesWarning": "μπορεί να γίνει κατάχρηση των προσκλήσεων με άπειρες χρήσεις",
        "inviteSendToEmail": "Αποστολή σε",
-        "login": "Σύνδεση",
-        "logout": "Αποσύνδεση",
        "create": "Δημιουργία",
        "apply": "Εφαρμογή",
-        "delete": "Διαγραφή",
        "name": "Όνομα",
        "date": "Ημερομηνία",
        "lastActiveTime": "Τελευταία Ενεργός",
@@ -59,7 +56,6 @@
        "inviteUsersCreated": "Δημιουργηθέντες χρήστες",
        "inviteNoProfile": "Κανένα Προφίλ",
        "inviteDateCreated": "Δημιουργηθέντα",
-        "inviteRemainingUses": "Εναπομείναντες χρήσεις",
        "inviteNoInvites": "Καμία",
        "inviteExpiresInTime": "Λήγει σε {n}",
        "notifyEvent": "Ενημέρωση όταν:",
@@ -68,7 +64,6 @@
        "variables": "Μεταβλητές",
        "preview": "Προεπισκόπηση",
        "reset": "Επαναφορά",
-        "edit": "Επεξεργασία",
        "customizeMessages": "Παραμετροποίηση Emails",
        "advancedSettings": "Προχωρημένες Ρυθμίσεις",
        "customizeMessagesDescription": "Αν δεν θέλετε να ζρησιμοποιήσετε τα πρότυπα email του jfa-go, μπορείτε να δημιουργήσετε τα δικά σας με χρήση Markdown.",
@@ -77,10 +72,6 @@
        "download": "Λήψη",
        "search": "Αναζήτηση",
        "inviteDuration": "Διάρκεια Πρόσκλησης",
-        "enabled": "Ενεργοποιημένο",
-        "disabled": "Απενεργοποιημένο",
-        "admin": "Διαχειριστής",
-        "expiry": "Λήξη",
        "userExpiry": "Λήξη Χρήστη",
        "userExpiryDescription": "Μετά απο ένα καθορισμένο χρόνο μετά απο κάθε εγγραφή, το jfa-go θα διαγράφει/απενεργοποιεί τον λογαριασμό. Μπορείτε να αλλάξετε αυτή την συμπεριφορά στις ρυθμίσεις.",
        "announce": "Ανακοίνωση",
@@ -88,8 +79,6 @@
        "message": "Μήνυμα",
        "extendExpiry": "Παράταση λήξης",
        "markdownSupported": "Το Markdown υποστυρίζεται.",
-        "reEnable": "Επανα-ενεργοποίηση",
-        "disable": "Απενεργοποίηση",
        "inviteMonths": "Μήνες"
    },
    "notifications": {
@@ -98,20 +87,15 @@
        "createProfile": "Δημιουργήθηκε το {n} προφίλ.",
        "saveSettings": "Οι ρυθμίσεις αποθηκεύτηκαν",
        "setOmbiDefaults": "Αποθηκεύτηκαν οι προκαθορισμένες ρυθμίσεις του ombi.",
-        "errorConnection": "Δεν μπόρεσε να συνδεθεί με το jfa-go.",
-        "error401Unauthorized": "Ανεξουσιοδότητος. Προσπαθήστε να κάνετε επαναφόρτωση την σελίδα.",
        "errorSettingsAppliedNoHomescreenLayout": "Οι ρυθμίσεις αποθηκεύτηκαν, αλλά η καταχώρηση δομής αρχικής οθόνης ίσως απέτυχε.",
        "errorHomescreenAppliedNoSettings": "Η δομή αρχικής οθόνης εφαρμόστηκε, αλλά οι ρυθμίσεις ίσως απέτυχαν.",
        "errorSettingsFailed": "Η εφαρμογή απέτυχε.",
-        "errorLoginBlank": "Το όνομα χρήστη και/ή ο κωδικός ήταν κενά.",
-        "errorUnknown": "Άγνωστο σφάλμα.",
        "errorBlankFields": "Τα πεφία ήταν κενά",
        "errorDeleteProfile": "Αποτυχία διαγραφής του προφίλ {n}",
        "errorLoadProfiles": "Αποτυχία φόρτωσης των προφίλ.",
        "errorCreateProfile": "Αποτυχία δημιουργίας του προφίλ {n}",
        "errorSetDefaultProfile": "Αποτυχία ορισμού του προκαθορισμένου προφίλ.",
        "errorLoadUsers": "Αποτυχία φόρτωσης χρηστών.",
-        "errorSaveSettings": "Αποτυχία αποθήκευσης ρυθμίσεων.",
        "errorLoadSettings": "Αποτυχία φόρτωσης ρυθμίσεων.",
        "errorSetOmbiDefaults": "Αποτυχία αποθήκευσης προκαθορισμένων ρυθμίσεων για το Ombi.",
        "errorLoadOmbiUsers": "Αποτυχία φόρτωσης χρηστών Ombi.",
@@ -183,4 +167,4 @@
            "plural": "Εργοποιήθηκαν {n} χρήστες."
        }
    }
-}
+}
--- a/lang/admin/en-gb.json
+++ b/lang/admin/en-gb.json
@@ -68,12 +68,8 @@
        "inviteHours": "Hours",
        "inviteInfiniteUsesWarning": "invites with infinite uses can be used abusively",
        "inviteSendToEmail": "Send to",
-        "login": "Login",
-        "logout": "Logout",
        "apply": "Apply",
-        "delete": "Delete",
        "updates": "Updates",
-        "expiry": "Expiry",
        "variables": "Variables",
        "preview": "Preview",
        "markdownSupported": "Markdown is supported.",
@@ -96,16 +92,10 @@
        "contactThrough": "Contact through:",
        "select": "Select",
        "date": "Date",
-        "enabled": "Enabled",
-        "disabled": "Disabled",
-        "disable": "Disable",
-        "edit": "Edit",
        "extendExpiry": "Extend expiry",
        "sendPWR": "Send Password Reset",
        "inviteMonths": "Months",
        "inviteDuration": "Invite Duration",
-        "add": "Add",
-        "reEnable": "Re-enable",
        "update": "Update",
        "user": "User",
        "userExpiryDescription": "A specified amount of time after each signup, jfa-go will delete/disable the account. You can change this behaviour in settings.",
@@ -134,7 +124,6 @@
        "addProfileStoreHomescreenLayout": "Store homescreen layout",
        "inviteNoUsersCreated": "None yet!",
        "inviteUsersCreated": "Created users",
-        "inviteRemainingUses": "Remaining uses",
        "inviteNoInvites": "None",
        "inviteExpiresInTime": "Expires in {n}",
        "notifyEvent": "Notify on:",
@@ -150,7 +139,6 @@
        "settingsApplyRestartLater": "Apply, restart later",
        "subject": "Subject",
        "setExpiry": "Set expiry",
-        "admin": "Admin",
        "download": "Download",
        "search": "Search",
        "advancedSettings": "Advanced Settings",
@@ -175,9 +163,7 @@
    },
    "notifications": {
        "errorSettingsFailed": "Application failed.",
-        "errorLoginBlank": "The username and/or password was left blank.",
        "errorLoadSettings": "Failed to load settings.",
-        "errorUnknown": "Unknown error.",
        "errorDeleteProfile": "Failed to delete profile {n}",
        "sentAnnouncement": "Announcement sent.",
        "savedAnnouncement": "Announcement saved.",
@@ -186,13 +172,11 @@
        "updateAppliedRefresh": "Update applied, please refresh.",
        "telegramVerified": "Telegram account verified.",
        "accountConnected": "Account connected.",
-        "error401Unauthorized": "Unauthorised. Try refreshing the page.",
        "errorSettingsAppliedNoHomescreenLayout": "Settings were applied, but applying homescreen layout may have failed.",
        "errorSaveEmail": "Failed to save email.",
        "errorLoadProfiles": "Failed to load profiles.",
        "errorCreateProfile": "Failed to create profile {n}",
        "errorLoadUsers": "Failed to load users.",
-        "errorSaveSettings": "Couldn't save settings.",
        "errorSetOmbiProfile": "Failed to store ombi profile.",
        "errorLoadOmbiUsers": "Failed to load ombi users.",
        "errorFailureCheckLogs": "Failed (check console/logs)",
@@ -207,11 +191,10 @@
        "saveEmail": "Email saved.",
        "createProfile": "Created profile {n}.",
        "saveSettings": "Settings were saved",
-        "errorConnection": "Couldn't connect to jfa-go.",
        "errorHomescreenAppliedNoSettings": "Homescreen layout was applied, but applying settings may have failed.",
        "errorBlankFields": "Fields were left blank",
        "errorSetDefaultProfile": "Failed to set default profile.",
        "errorChangedEmailAddress": "Couldn't change email address of {n}.",
        "updateAvailable": "A new update is available, check settings."
    }
-}
+}
--- a/lang/admin/en-us.json
+++ b/lang/admin/en-us.json
@@ -4,6 +4,7 @@
    },
    "strings": {
        "invites": "Invites",
+        "invite": "Invite",
        "accounts": "Accounts",
        "settings": "Settings",
        "inviteMonths": "Months",
@@ -15,21 +16,12 @@
        "warning": "Warning",
        "inviteInfiniteUsesWarning": "invites with infinite uses can be used abusively",
        "inviteSendToEmail": "Send to",
-        "login": "Login",
-        "logout": "Logout",
        "create": "Create",
        "apply": "Apply",
-        "delete": "Delete",
-        "add": "Add",
        "select": "Select",
        "name": "Name",
        "date": "Date",
-        "enabled": "Enabled",
-        "disabled": "Disabled",
-        "reEnable": "Re-enable",
        "setExpiry": "Set expiry",
-        "disable": "Disable",
-        "admin": "Admin",
        "updates": "Updates",
        "update": "Update",
        "download": "Download",
@@ -40,7 +32,6 @@
        "after": "After",
        "before": "Before",
        "user": "User",
-        "expiry": "Expiry",
        "userExpiry": "User Expiry",
        "userExpiryDescription": "A specified amount of time after each signup, jfa-go will delete/disable the account. You can change this behaviour in settings.",
        "aboutProgram": "About",
@@ -50,6 +41,8 @@
        "profile": "Profile",
        "unknown": "Unknown",
        "label": "Label",
+        "userLabel": "User Label",
+        "userLabelDescription": "Label to apply to users created with this invite.",
        "logs": "Logs",
        "announce": "Announce",
        "templates": "Templates",
@@ -59,10 +52,10 @@
        "conditionals": "Conditionals",
        "preview": "Preview",
        "reset": "Reset",
-        "edit": "Edit",
        "donate": "Donate",
        "unlink": "Unlink Account",
        "sendPWR": "Send Password Reset",
+        "noResultsFound": "No Results Found",
        "contactThrough": "Contact through:",
        "extendExpiry": "Extend expiry",
        "sendPWRManual": "User {n} has no method of contact, press copy to get a link to send to them.",
@@ -74,6 +67,10 @@
        "markdownSupported": "Markdown is supported.",
        "modifySettings": "Modify Settings",
        "modifySettingsDescription": "Apply settings from an existing profile, or source them directly from a user.",
+        "enableReferrals": "Enable Referrals",
+        "disableReferrals": "Disable Referrals",
+        "enableReferralsDescription": "Give users a personal referral link similiar to an invite, to send to friends/family. Can be sourced from a referral template in a profile, or from an existing invite.",
+        "enableReferralsProfileDescription": "Give users created with this profile a personal referral link similiar to an invite, to send to friends/family. Create an invite with the desired settings, then select it here. Each referral will then be based on this invite. You can delete the invite once complete.",
        "applyHomescreenLayout": "Apply homescreen layout",
        "sendDeleteNotificationEmail": "Send notification message",
        "sendDeleteNotifiationExample": "Your account has been deleted.",
@@ -87,10 +84,14 @@
        "settingsRefreshPage": "Refresh the page in a few seconds.",
        "settingsRequiredOrRestartMessage": "Note: {n} indicates a required field, {n} indicates changes require a restart.",
        "settingsSave": "Save",
+        "settingsHiddenDependency": "Matching settings are hidden because they depend on the value of another setting:",
+        "settingsDependsOn": "{setting}: Depends on {dependency}",
+        "settingsAdvancedMode": "{setting}: Advanced Settings must be enabled",
+        "settingsMaybeUnderAdvanced": "Tip: You might find what you're looking for by enabling Advanced Settings.",
        "ombiProfile": "Ombi user profile",
        "ombiUserDefaultsDescription": "Create an Ombi user and configure it, then select it below. It's settings/permissions will be stored and applied to new Ombi users created by jfa-go when this profile is selected.",
        "userProfiles": "User Profiles",
-        "userProfilesDescription": "Profiles are applied to users when they create an account. A profile include library access rights and homescreen layout.",
+        "userProfilesDescription": "Profiles are applied to users when they create an account. A profile includes library access rights and homescreen layout.",
        "userProfilesIsDefault": "Default",
        "userProfilesLibraries": "Libraries",
        "addProfile": "Add Profile",
@@ -101,7 +102,6 @@
        "inviteUsersCreated": "Created users",
        "inviteNoProfile": "No Profile",
        "inviteDateCreated": "Created",
-        "inviteRemainingUses": "Remaining uses",
        "inviteNoInvites": "None",
        "inviteExpiresInTime": "Expires in {n}",
        "notifyEvent": "Notify on:",
@@ -124,7 +124,12 @@
        "actions": "Actions",
        "searchOptions": "Search Options",
        "matchText": "Match Text",
-        "jellyfinID": "Jellyfin ID"
+        "jellyfinID": "Jellyfin ID",
+        "userPageLogin": "User Page: Login",
+        "userPagePage": "User Page: Page",
+        "buildTime": "Build Time",  
+        "builtBy": "Built By",
+        "loginNotAdmin": "Not an Admin?"
    },
    "notifications": {
        "changedEmailAddress": "Changed email address of {n}.",
@@ -139,13 +144,10 @@
        "updateAppliedRefresh": "Update applied, please refresh.",
        "telegramVerified": "Telegram account verified.",
        "accountConnected": "Account connected.",
-        "errorConnection": "Couldn't connect to jfa-go.",
-        "error401Unauthorized": "Unauthorized. Try refreshing the page.",
+        "referralsEnabled": "Referrals enabled.",
        "errorSettingsAppliedNoHomescreenLayout": "Settings were applied, but applying homescreen layout may have failed.",
        "errorHomescreenAppliedNoSettings": "Homescreen layout was applied, but applying settings may have failed.",
        "errorSettingsFailed": "Application failed.",
-        "errorLoginBlank": "The username and/or password were left blank.",
-        "errorUnknown": "Unknown error.",
        "errorSaveEmail": "Failed to save email.",
        "errorBlankFields": "Fields were left blank",
        "errorDeleteProfile": "Failed to delete profile {n}",
@@ -153,7 +155,6 @@
        "errorCreateProfile": "Failed to create profile {n}",
        "errorSetDefaultProfile": "Failed to set default profile.",
        "errorLoadUsers": "Failed to load users.",
-        "errorSaveSettings": "Couldn't save settings.",
        "errorLoadSettings": "Failed to load settings.",
        "errorSetOmbiProfile": "Failed to store ombi profile.",
        "errorLoadOmbiUsers": "Failed to load ombi users.",
@@ -164,6 +165,7 @@
        "errorSendWelcomeEmail": "Failed to send welcome message (check console/logs)",
        "errorApplyUpdate": "Failed to apply update, try manually.",
        "errorCheckUpdate": "Failed to check for update.",
+        "errorNoReferralTemplate": "Profile doesn't contain referral template, add one in settings.",
        "updateAvailable": "A new update is available, check settings.",
        "noUpdatesAvailable": "No new updates available."
    },
@@ -172,6 +174,10 @@
            "singular": "Modify Settings for {n} user",
            "plural": "Modify Settings for {n} users"
        },
+        "enableReferralsFor": {
+            "singular": "Enable Referrals for {n} user",
+            "plural": "Enable Referrals for {n} users"
+        },
        "deleteNUsers": {
            "singular": "Delete {n} user",
            "plural": "Delete {n} users"
--- a/lang/admin/es-es.json
+++ b/lang/admin/es-es.json
@@ -15,18 +15,10 @@
        "warning": "Advertencia",
        "inviteInfiniteUsesWarning": "Las invitaciones con usos infinitos se pueden usar de forma abusiva",
        "inviteSendToEmail": "Enviar a",
-        "login": "Acceso",
-        "logout": "Cerrar sesión",
        "create": "Crear",
        "apply": "Aplicar",
-        "delete": "Eliminar",
        "name": "Nombre",
        "date": "Fecha",
-        "enabled": "Activado",
-        "disabled": "Desactivado",
-        "reEnable": "Reactivar",
-        "disable": "Desactivar",
-        "admin": "Administrador",
        "updates": "Actualizaciones",
        "update": "Actualizar",
        "download": "Descargar",
@@ -35,7 +27,6 @@
        "lastActiveTime": "Último activo",
        "from": "De",
        "user": "Usuario",
-        "expiry": "Expiración",
        "userExpiry": "Caducidad del usuario",
        "userExpiryDescription": "Una cantidad de tiempo específica después de cada registro, jfa-go eliminará / deshabilitará la cuenta. Puede cambiar este comportamiento en la configuración.",
        "aboutProgram": "Acerca de",
@@ -51,7 +42,6 @@
        "variables": "Variables",
        "preview": "Vista previa",
        "reset": "Reiniciar",
-        "edit": "Editar",
        "extendExpiry": "Extender el vencimiento",
        "customizeMessages": "Personalizar mensajes",
        "customizeMessagesDescription": "Si no desea utilizar las plantillas de mensajes de jfa-go, puede crear las suyas con Markdown.",
@@ -85,7 +75,6 @@
        "inviteUsersCreated": "Usuarios creados",
        "inviteNoProfile": "Sin perfil",
        "inviteDateCreated": "Creado",
-        "inviteRemainingUses": "Usos restantes",
        "inviteNoInvites": "Ninguno",
        "inviteExpiresInTime": "Caduca en {n}",
        "notifyEvent": "Notificar en:",
@@ -93,7 +82,6 @@
        "notifyUserCreation": "Sobre la creación de usuarios",
        "conditionals": "Condicionales",
        "donate": "Donar",
-        "add": "Agregar",
        "templates": "Plantillas",
        "contactThrough": "Contactar a través de:",
        "select": "Seleccionar",
@@ -114,7 +102,21 @@
        "ombiProfile": "Perfil de usuario de Ombi",
        "logs": "Registros",
        "accessJFA": "Acceso",
-        "accessJFASettings": "No se puede cambia, ya que se ha establecido \"Solo administradores\" o \"Permitir a todos\" en Configuración > General."
+        "accessJFASettings": "No se puede cambia, ya que se ha establecido \"Solo administradores\" o \"Permitir a todos\" en Configuración > General.",
+        "buildTime": "Tiempo de construcción",
+        "builtBy": "Construido por",
+        "sortingBy": "Ordenar por",
+        "filters": "Filtros",
+        "clearSearch": "Borrar búsqueda",
+        "searchOptions": "Opciones de búsqueda",
+        "matchText": "Coincidir texto",
+        "jellyfinID": "Jellyfin ID",
+        "userPageLogin": "Página de usuario: Iniciar sesión",
+        "userPagePage": "Página de usuario: Página",
+        "after": "Después",
+        "before": "Antes",
+        "unlink": "Desvincular cuenta",
+        "clickToRemoveFilter": "Haga clic para eliminar el filtro."
    },
    "notifications": {
        "changedEmailAddress": "Se cambió la dirección de correo electrónico de {n}.",
@@ -125,13 +127,9 @@
        "sentAnnouncement": "Anuncio enviado.",
        "setOmbiDefaults": "Valores predeterminados de ombi almacenados.",
        "updateApplied": "Actualización aplicada, por favor reinicie.",
-        "errorConnection": "No se pudo conectar a jfa-go.",
-        "error401Unauthorized": "No autorizado. Intente actualizar la página.",
        "errorSettingsAppliedNoHomescreenLayout": "Se aplicó la configuración, pero es posible que no se haya aplicado el diseño de la pantalla de inicio.",
        "errorHomescreenAppliedNoSettings": "Se aplicó el diseño de la pantalla de inicio, pero es posible que la aplicación de la configuración haya fallado.",
        "errorSettingsFailed": "La aplicación falló.",
-        "errorLoginBlank": "El nombre de usuario y/o la contraseña se dejaron en blanco.",
-        "errorUnknown": "Error desconocido.",
        "errorSaveEmail": "No se pudo guardar el correo electrónico.",
        "errorBlankFields": "Los campos se dejaron en blanco",
        "errorDeleteProfile": "No se pudo borrar el perfil {n}",
@@ -139,7 +137,6 @@
        "errorCreateProfile": "No se pudo crear el perfil {n}",
        "errorSetDefaultProfile": "No se pudo establecer el perfil predeterminado.",
        "errorLoadUsers": "No se pudieron cargar los usuarios.",
-        "errorSaveSettings": "No se pudo guardar la configuración.",
        "errorLoadSettings": "No se pudo cargar la configuración.",
        "errorSetOmbiDefaults": "No se pudieron almacenar los valores predeterminados de ombi.",
        "errorLoadOmbiUsers": "No se pudieron cargar los usuarios de Ombi.",
--- a/lang/admin/fr-fr.json
+++ b/lang/admin/fr-fr.json
@@ -15,11 +15,8 @@
        "warning": "Attention",
        "inviteInfiniteUsesWarning": "les invitations infinies peuvent être utilisées abusivement",
        "inviteSendToEmail": "Envoyer à",
-        "login": "S'identifier",
-        "logout": "Se déconnecter",
        "create": "Créer",
        "apply": "Appliquer",
-        "delete": "Effacer",
        "name": "Nom",
        "date": "Date",
        "lastActiveTime": "Dernière activité",
@@ -58,7 +55,6 @@
        "inviteUsersCreated": "Utilisateurs créés",
        "inviteNoProfile": "Aucun profil",
        "inviteDateCreated": "Créer",
-        "inviteRemainingUses": "Utilisations restantes",
        "inviteNoInvites": "Aucune",
        "inviteExpiresInTime": "Expires dans {n}",
        "notifyEvent": "Notifier sur :",
@@ -75,15 +71,8 @@
        "variables": "Variables",
        "preview": "Aperçu",
        "reset": "Réinitialisation",
-        "edit": "Éditer",
        "customizeMessages": "Personnaliser les e-mails",
        "inviteDuration": "Durée de l'invitation",
-        "enabled": "Activé",
-        "disabled": "Désactivé",
-        "reEnable": "Ré-activé",
-        "disable": "Désactivé",
-        "admin": "Administrateur",
-        "expiry": "Expiration",
        "advancedSettings": "Paramètres avancés",
        "userExpiry": "Expiration de l'utilisateur",
        "updates": "Mises à jour",
@@ -96,7 +85,6 @@
        "extendExpiry": "Prolonger l'expiration",
        "contactThrough": "Contacté par :",
        "sendPIN": "Demandez à l'utilisateur d'envoyer le code PIN ci-dessous au bot.",
-        "add": "Ajouter",
        "select": "Sélectionner",
        "findDiscordUser": "Trouver l'utilisateur Discord",
        "linkMatrixDescription": "Entrez le nom d'utilisateur et le mot de passe de l'utilisateur pour l’utilisateur comme bot. Une fois soumis, l'application va redémarrer.",
@@ -115,7 +103,29 @@
        "ombiProfile": "Profil d'utilisateur Ombi",
        "logs": "Logs",
        "accessJFA": "Accès à jfa-go",
-        "accessJFASettings": "Ne peut pas être changé car \"Admin Only\" ou \"Allow All\" a été défini dans Paramètres > Général."
+        "accessJFASettings": "Ne peut pas être changé car \"Admin Only\" ou \"Allow All\" a été défini dans Paramètres > Général.",
+        "buildTime": "Heure de la version",
+        "builtBy": "Version créée par",
+        "sortingBy": "Trier par",
+        "filters": "Filtres",
+        "clickToRemoveFilter": "Cliquer pour supprimer ce filtre.",
+        "clearSearch": "Réinitialiser la recherche",
+        "actions": "Actions",
+        "searchOptions": "Recherche avancée",
+        "matchText": "Texte correspondant",
+        "jellyfinID": "ID Jellyfin",
+        "userPageLogin": "Page utilisateur : Connexion",
+        "userPagePage": "Page utilisateur : Page",
+        "after": "Après",
+        "before": "Avant",
+        "unlink": "Délier le compte",
+        "enableReferrals": "Activer Parrainage",
+        "enableReferralsDescription": "Offrez aux utilisateurs un lien de parrainage personnel semblable à une invitation, à envoyer à vos amis/famille. Peut provenir modèle de profil ou d’une invitation existante.",
+        "invite": "Inviter",
+        "userLabel": "Étiquette",
+        "userLabelDescription": "Étiquette à appliquer aux utilisateurs créés avec cette invitation.",
+        "disableReferrals": "Désactiver Parrainage",
+        "enableReferralsProfileDescription": "Donnez aux utilisateurs créés avec ce profil un lien de parrainage personnel semblable à une invitation, à envoyer à vos amis/famille. Créez une invitation avec les paramètres souhaités, puis sélectionnez-la ici. Chaque référence sera alors basée sur cette invitation. Vous pouvez supprimer l'invitation une fois terminée."
    },
    "notifications": {
        "changedEmailAddress": "Adresse e-mail modifiée de {n}.",
@@ -123,20 +133,15 @@
        "createProfile": "Profil créé {n}.",
        "saveSettings": "Les paramètres ont été enregistrés",
        "setOmbiDefaults": "Valeurs par défaut de Ombi.",
-        "errorConnection": "Impossible de se connecter à jfa-go.",
-        "error401Unauthorized": "Non autorisé. Essayez d'actualiser la page.",
        "errorSettingsAppliedNoHomescreenLayout": "Les paramètres ont été appliqués, mais l'application de la disposition de l'écran d'accueil a peut-être échoué.",
        "errorHomescreenAppliedNoSettings": "La disposition de l'écran d'accueil a été appliquée, mais l'application des paramètres a peut-être échoué.",
        "errorSettingsFailed": "L'application a échoué.",
-        "errorLoginBlank": "Le nom d'utilisateur et/ou le mot de passe sont vides.",
-        "errorUnknown": "Erreur inconnue.",
        "errorBlankFields": "Les champs sont vides",
        "errorDeleteProfile": "Échec de la suppression du profil {n}",
        "errorLoadProfiles": "Échec du chargement des profils.",
        "errorCreateProfile": "Échec de la création du profil {n}",
        "errorSetDefaultProfile": "Échec de la définition du profil par défaut.",
        "errorLoadUsers": "Échec du chargement des utilisateurs.",
-        "errorSaveSettings": "Impossible d'enregistrer les paramètres.",
        "errorLoadSettings": "Échec du chargement des paramètres.",
        "errorSetOmbiDefaults": "Impossible de stocker les valeurs par défaut d'Ombi.",
        "errorLoadOmbiUsers": "Échec du chargement des utilisateurs Ombi.",
@@ -158,7 +163,9 @@
        "accountConnected": "Compte connecté.",
        "savedAnnouncement": "Annonce enregistrée.",
        "setOmbiProfile": "Profil ombi enregistré.",
-        "errorSetOmbiProfile": "Echec de la sauvegarde du profil ombi."
+        "errorSetOmbiProfile": "Echec de la sauvegarde du profil ombi.",
+        "errorNoReferralTemplate": "Le profil ne contient pas de modèle de référence, ajoutez-en un dans les paramètres.",
+        "referralsEnabled": "Parrainage activer."
    },
    "quantityStrings": {
        "modifySettingsFor": {
@@ -216,6 +223,10 @@
        "setExpiry": {
            "singular": "Définir l'expiration pour {n} utilisateur",
            "plural": "Définir l'expiration pour {n} utilisateurs"
+        },
+        "enableReferralsFor": {
+            "singular": "Activer les parrainages pour {n} utilisateur",
+            "plural": "Activer les parrainages pour {n} utilisateur"
        }
    }
 }
--- a/lang/admin/hu-hu.json
+++ b/lang/admin/hu-hu.json
@@ -15,21 +15,12 @@
        "warning": "Figyelmeztetés",
        "inviteInfiniteUsesWarning": "a végtelen felhasználású meghívókkal visszaélhetnek",
        "inviteSendToEmail": "Címzett",
-        "login": "Belépés",
-        "logout": "Kijelentkezés",
        "create": "Létrehozás",
        "apply": "Alkalmaz",
-        "delete": "Törlés",
-        "add": "Hozzáadás",
        "select": "Kiválasztás",
        "name": "Név",
        "date": "Dátum",
-        "enabled": "Engedélyezve",
-        "disabled": "Tiltva",
-        "reEnable": "Újra engedélyezés",
        "setExpiry": "Lejárat beállítása",
-        "disable": "Letiltás",
-        "admin": "Adminisztrátor",
        "updates": "Frissítések",
        "update": "Frissítés",
        "download": "Letöltés",
@@ -38,9 +29,8 @@
        "lastActiveTime": "Utoljára aktív",
        "from": "Feladó",
        "user": "Felhasználó",
-        "expiry": "Lejárat",
-        "userExpiry": "Felhasználói lejárat",
-        "userExpiryDescription": "Egy meghatározott idő után minden regisztrációt töröl, vagy felfüggeszt a jfa-go. Ezt a működést megváltoztathatod a beállításokban.",
+        "userExpiry": "Felhasználó megszünése",
+        "userExpiryDescription": "Egy meghatározott idő után minden létrehozott felhasználó, vagy felfüggesztésre vagy törlésre kerül rendszer által. A viselkedés a beállításokban módosítható.",
        "aboutProgram": "Névjegy",
        "version": "Verzió",
        "commitNoun": "Elkövet",
@@ -57,53 +47,52 @@
        "conditionals": "Feltételek",
        "preview": "Előnézet",
        "reset": "Visszaállítás",
-        "edit": "Szerkesztés",
        "donate": "Támogatás",
        "sendPWR": "Jelszó visszaállítás küldése",
-        "contactThrough": "",
-        "extendExpiry": "",
-        "sendPWRManual": "",
-        "sendPWRSuccess": "",
-        "sendPWRSuccessManual": "",
-        "sendPWRValidFor": "",
-        "customizeMessages": "",
-        "customizeMessagesDescription": "",
-        "markdownSupported": "",
-        "modifySettings": "",
-        "modifySettingsDescription": "",
-        "applyHomescreenLayout": "",
-        "sendDeleteNotificationEmail": "",
-        "sendDeleteNotifiationExample": "",
-        "settingsRestart": "",
-        "settingsRestarting": "",
-        "settingsRestartRequired": "",
-        "settingsRestartRequiredDescription": "",
-        "settingsApplyRestartLater": "",
-        "settingsApplyRestartNow": "",
-        "settingsApplied": "",
-        "settingsRefreshPage": "",
-        "settingsRequiredOrRestartMessage": "",
-        "settingsSave": "",
-        "ombiProfile": "",
-        "ombiUserDefaultsDescription": "",
-        "userProfiles": "",
-        "userProfilesDescription": "",
-        "userProfilesIsDefault": "",
-        "userProfilesLibraries": "",
-        "addProfile": "",
-        "addProfileDescription": "",
-        "addProfileNameOf": "",
-        "addProfileStoreHomescreenLayout": "",
-        "inviteNoUsersCreated": "",
-        "inviteUsersCreated": "",
-        "inviteNoProfile": "",
-        "inviteDateCreated": "",
-        "inviteRemainingUses": "",
-        "inviteNoInvites": "",
-        "inviteExpiresInTime": "",
-        "notifyEvent": "",
-        "notifyInviteExpiry": "",
-        "notifyUserCreation": "",
+        "contactThrough": "Kapcsolatfelvétel vele:",
+        "extendExpiry": "Lejárat kiterjesztése",
+        "sendPWRManual": "{n} felhasználónak nincs beállítva egy kapcsolati lehetőség sem, kattints a másolásra a linkhez és küld tovább neki.",
+        "sendPWRSuccess": "Jelszó visszaállítási link elküldve.",
+        "sendPWRSuccessManual": "Ha a felhasználó nem kapta meg, nyomj a másolásra és küld el neki manuálisan.",
+        "sendPWRValidFor": "A link érvényessége 30p.",
+        "customizeMessages": "Üzenetek testreszabása",
+        "customizeMessagesDescription": "Hogyha nem akarod a jfa-go üzenet sablonjait használni, létre hozhatsz egy sajátot, akár Markdown segítségével.",
+        "markdownSupported": "Markdown támogatott.",
+        "modifySettings": "Beállítások módosítása",
+        "modifySettingsDescription": "Beállítások másolása egy meglévő profilról, vagy egy konkrét felhasználóról.",
+        "applyHomescreenLayout": "Főképernyő elrendezés alkalmazása",
+        "sendDeleteNotificationEmail": "Értesítések küldése",
+        "sendDeleteNotifiationExample": "A fiókod törlésre került.",
+        "settingsRestart": "Újraindítás",
+        "settingsRestarting": "Újraindítás…",
+        "settingsRestartRequired": "Újraindítás szükséges",
+        "settingsRestartRequiredDescription": "A változtatott beállítások érvénybe léptetéséhez újraindítás szükséges. Most szeretnéd újraindítani vagy később?",
+        "settingsApplyRestartLater": "Alkalmazás, újraindítás később",
+        "settingsApplyRestartNow": "Alkalmazás és újraindítás",
+        "settingsApplied": "Beállítások alkalmazva.",
+        "settingsRefreshPage": "Frissítsd az oldalt egy pár másodperc múlva.",
+        "settingsRequiredOrRestartMessage": "Megjegyzés: {n} jelöli a kötelező mezőket, {n} jelöli hogyha újraindítás szükséges.",
+        "settingsSave": "Mentés",
+        "ombiProfile": "Ombi felhasználói profil",
+        "ombiUserDefaultsDescription": "Hozz létre egy Ombi felhasználót, állítsd be, majd válaszd ki lentebb. A beállításai/jogosultságai el lesznek mentve és alkalmazva lesznek az új Ombi felhasználókra amik ezzel a profillal lesznek létrehozva.",
+        "userProfiles": "Felhasználói profilok",
+        "userProfilesDescription": "A profilok alkalmazva lesznek a felhasználó létrehozáskor. A profil tartalmazza a könyvtár hozzáférést, és a kezdőképernyő elrendezést.",
+        "userProfilesIsDefault": "Alapértelmezett",
+        "userProfilesLibraries": "Könyvtárak",
+        "addProfile": "Profil hozzáadása",
+        "addProfileDescription": "Hozz létre egy Jellyfin felhasználót, állítsd be, majd válaszd ki lentebb. Amikor egy felhasználó létrejön egy meghívásból aminél ez a profil volt alkalmazva, megkapja az összes beállítását.",
+        "addProfileNameOf": "Profil neve",
+        "addProfileStoreHomescreenLayout": "Kezdőképernyő elrendezés elmentése",
+        "inviteNoUsersCreated": "Még nincs!",
+        "inviteUsersCreated": "Létrehozott felhasználók",
+        "inviteNoProfile": "Profil nélkül",
+        "inviteDateCreated": "Létrehozva",
+        "inviteRemainingUses": "Hátralévő felhasználások",
+        "inviteNoInvites": "Nincs meghívó",
+        "inviteExpiresInTime": "Lejárat {n} múlva",
+        "notifyEvent": "Értesítés ekkor:",
+        "notifyInviteExpiry": "Lejáratkor",
+        "notifyUserCreation": "Használatkor",
        "sendPIN": "",
        "searchDiscordUser": "",
        "findDiscordUser": "",
@@ -111,7 +100,19 @@
        "matrixHomeServer": "",
        "saveAsTemplate": "",
        "deleteTemplate": "",
-        "templateEnterName": ""
+        "templateEnterName": "",
+        "unlink": "Fiók leválasztása",
+        "after": "Utánna",
+        "before": "Elötte",
+        "sortingBy": "Rendezés",
+        "filters": "Szűrők",
+        "clearSearch": "Keresés törlése",
+        "actions": "Műveletek",
+        "searchOptions": "Kereső paraméterek",
+        "matchText": "Eggyező szöveg",
+        "jellyfinID": "Jellyfin azonosító",
+        "userPageLogin": "Felhasználói oldal: Bejelentkezés",
+        "clickToRemoveFilter": "Szűrő eltávolítása."
    },
    "notifications": {
        "changedEmailAddress": "",
@@ -126,13 +127,9 @@
        "updateAppliedRefresh": "",
        "telegramVerified": "",
        "accountConnected": "",
-        "errorConnection": "",
-        "error401Unauthorized": "",
        "errorSettingsAppliedNoHomescreenLayout": "",
        "errorHomescreenAppliedNoSettings": "",
        "errorSettingsFailed": "",
-        "errorLoginBlank": "",
-        "errorUnknown": "",
        "errorSaveEmail": "",
        "errorBlankFields": "",
        "errorDeleteProfile": "",
@@ -140,7 +137,6 @@
        "errorCreateProfile": "",
        "errorSetDefaultProfile": "",
        "errorLoadUsers": "",
-        "errorSaveSettings": "",
        "errorLoadSettings": "",
        "errorSetOmbiProfile": "",
        "errorLoadOmbiUsers": "",
--- a/lang/admin/id-id.json
+++ b/lang/admin/id-id.json
@@ -13,11 +13,8 @@
        "warning": "Peringatan",
        "inviteInfiniteUsesWarning": "Undangan dalam jumlah tak terbatas dapat disalahgunakan",
        "inviteSendToEmail": "Dikirim kepada",
-        "login": "Masuk",
-        "logout": "Keluar",
        "create": "Buat",
        "apply": "Terapkan",
-        "delete": "Hapus",
        "name": "Nama",
        "date": "Tanggal",
        "lastActiveTime": "Terakhir Aktif",
@@ -33,7 +30,7 @@
        "modifySettings": "Ganti Pengaturan",
        "modifySettingsDescription": "Terapkan pengaturan dari profil yang ada, atau dapatkan langsung dari pengguna.",
        "applyHomescreenLayout": "Terapkan tata letak layar beranda",
-        "sendDeleteNotificationEmail": "Kirim email notifikasi",
+        "sendDeleteNotificationEmail": "Kirim pesan notifikasi",
        "sendDeleteNotifiationExample": "Akun anda telah dihapus.",
        "settingsRestart": "Mulai ulang",
        "settingsRestarting": "Mengulang kembali…",
@@ -59,7 +56,6 @@
        "inviteUsersCreated": "Pengguna yang telah dibuat",
        "inviteNoProfile": "Tidak ada profil",
        "inviteDateCreated": "Dibuat",
-        "inviteRemainingUses": "Penggunaan yang tersisa",
        "inviteNoInvites": "Tidak ada",
        "inviteExpiresInTime": "Kadaluarsa dalam {n}",
        "notifyEvent": "Beritahu pada:",
@@ -68,13 +64,17 @@
        "variables": "Variabel",
        "preview": "Pratinjau",
        "reset": "Setel ulang",
-        "edit": "Edit",
        "customizeMessages": "Sesuaikan Email",
        "customizeMessagesDescription": "Jika Anda tidak ingin menggunakan templat email jfa-go, Anda dapat membuatnya sendiri menggunakan Markdown.",
        "announce": "Mengumumkan",
-        "subject": "Subjek Email",
+        "subject": "Subjek",
        "message": "Pesan",
-        "markdownSupported": "Markdown didukung."
+        "markdownSupported": "Markdown didukung.",
+        "donate": "Donasi",
+        "select": "Pilih",
+        "search": "Cari",
+        "download": "Unduh",
+        "inviteMonths": "Bulan"
    },
    "notifications": {
        "changedEmailAddress": "Alamat email {n} diubah.",
@@ -82,20 +82,15 @@
        "createProfile": "Membuat profil {n}.",
        "saveSettings": "Pengaturan telah disimpan",
        "setOmbiDefaults": "Default ombi tersimpan.",
-        "errorConnection": "Tidak dapat terhubung ke jfa-go.",
-        "error401Unauthorized": "Tidak ter-otorisasi. Coba segarkan halaman.",
        "errorSettingsAppliedNoHomescreenLayout": "Pengaturan telah diterapkan, tetapi menerapkan tata letak layar utama mungkin gagal.",
        "errorHomescreenAppliedNoSettings": "Tata letak layar beranda diterapkan, tetapi menerapkan pengaturan mungkin gagal.",
        "errorSettingsFailed": "Aplikasi gagal.",
-        "errorLoginBlank": "Nama pengguna dan / atau sandi kosong.",
-        "errorUnknown": "Kesalahan yang tidak diketahui.",
        "errorBlankFields": "Isian dibiarkan kosong",
        "errorDeleteProfile": "Gagal menghapus profil {n}",
        "errorLoadProfiles": "Gagal memuat profil.",
        "errorCreateProfile": "Gagal membuat profil {n}",
        "errorSetDefaultProfile": "Gagal menyetel profil default.",
        "errorLoadUsers": "Gagal memuat pengguna.",
-        "errorSaveSettings": "Tidak dapat menyimpan pengaturan.",
        "errorLoadSettings": "Gagal memuat pengaturan.",
        "errorSetOmbiDefaults": "Gagal menyimpan default ombi.",
        "errorLoadOmbiUsers": "Gagal memuat pengguna ombi.",
--- a/lang/admin/it-it.json
+++ b/lang/admin/it-it.json
@@ -0,0 +1,216 @@
+{
+    "meta": {
+        "name": "Italiano (IT)"
+    },
+    "strings": {
+        "invites": "",
+        "accounts": "",
+        "settings": "",
+        "inviteMonths": "",
+        "inviteDays": "",
+        "inviteHours": "",
+        "inviteMinutes": "",
+        "inviteNumberOfUses": "",
+        "inviteDuration": "",
+        "warning": "",
+        "inviteInfiniteUsesWarning": "",
+        "inviteSendToEmail": "",
+        "create": "",
+        "apply": "",
+        "select": "",
+        "name": "",
+        "date": "",
+        "setExpiry": "",
+        "updates": "",
+        "update": "",
+        "download": "",
+        "search": "",
+        "advancedSettings": "",
+        "lastActiveTime": "",
+        "from": "",
+        "after": "",
+        "before": "",
+        "user": "",
+        "userExpiry": "",
+        "userExpiryDescription": "",
+        "aboutProgram": "",
+        "version": "",
+        "commitNoun": "",
+        "newUser": "",
+        "profile": "",
+        "unknown": "",
+        "label": "",
+        "logs": "",
+        "announce": "",
+        "templates": "",
+        "subject": "",
+        "message": "",
+        "variables": "",
+        "conditionals": "",
+        "preview": "",
+        "reset": "Ripristino",
+        "donate": "",
+        "unlink": "",
+        "sendPWR": "",
+        "contactThrough": "",
+        "extendExpiry": "",
+        "sendPWRManual": "",
+        "sendPWRSuccess": "",
+        "sendPWRSuccessManual": "",
+        "sendPWRValidFor": "",
+        "customizeMessages": "",
+        "customizeMessagesDescription": "",
+        "markdownSupported": "",
+        "modifySettings": "",
+        "modifySettingsDescription": "",
+        "applyHomescreenLayout": "",
+        "sendDeleteNotificationEmail": "",
+        "sendDeleteNotifiationExample": "",
+        "settingsRestart": "",
+        "settingsRestarting": "",
+        "settingsRestartRequired": "",
+        "settingsRestartRequiredDescription": "",
+        "settingsApplyRestartLater": "",
+        "settingsApplyRestartNow": "",
+        "settingsApplied": "",
+        "settingsRefreshPage": "",
+        "settingsRequiredOrRestartMessage": "",
+        "settingsSave": "",
+        "ombiProfile": "",
+        "ombiUserDefaultsDescription": "",
+        "userProfiles": "",
+        "userProfilesDescription": "",
+        "userProfilesIsDefault": "",
+        "userProfilesLibraries": "",
+        "addProfile": "",
+        "addProfileDescription": "",
+        "addProfileNameOf": "",
+        "addProfileStoreHomescreenLayout": "",
+        "inviteNoUsersCreated": "",
+        "inviteUsersCreated": "",
+        "inviteNoProfile": "",
+        "inviteDateCreated": "",
+        "inviteRemainingUses": "",
+        "inviteNoInvites": "",
+        "inviteExpiresInTime": "",
+        "notifyEvent": "",
+        "notifyInviteExpiry": "",
+        "notifyUserCreation": "",
+        "sendPIN": "",
+        "searchDiscordUser": "",
+        "findDiscordUser": "",
+        "linkMatrixDescription": "",
+        "matrixHomeServer": "",
+        "saveAsTemplate": "",
+        "deleteTemplate": "",
+        "templateEnterName": "",
+        "accessJFA": "",
+        "accessJFASettings": "",
+        "sortingBy": "",
+        "filters": "",
+        "clickToRemoveFilter": "",
+        "clearSearch": "",
+        "actions": "",
+        "searchOptions": "",
+        "matchText": "",
+        "jellyfinID": "",
+        "userPageLogin": "",
+        "userPagePage": "",
+        "buildTime": "",
+        "builtBy": ""
+    },
+    "notifications": {
+        "changedEmailAddress": "",
+        "userCreated": "",
+        "createProfile": "",
+        "saveSettings": "",
+        "saveEmail": "",
+        "sentAnnouncement": "",
+        "savedAnnouncement": "",
+        "setOmbiProfile": "",
+        "updateApplied": "",
+        "updateAppliedRefresh": "",
+        "telegramVerified": "",
+        "accountConnected": "",
+        "errorSettingsAppliedNoHomescreenLayout": "",
+        "errorHomescreenAppliedNoSettings": "",
+        "errorSettingsFailed": "",
+        "errorSaveEmail": "",
+        "errorBlankFields": "",
+        "errorDeleteProfile": "",
+        "errorLoadProfiles": "",
+        "errorCreateProfile": "",
+        "errorSetDefaultProfile": "",
+        "errorLoadUsers": "",
+        "errorLoadSettings": "",
+        "errorSetOmbiProfile": "",
+        "errorLoadOmbiUsers": "",
+        "errorChangedEmailAddress": "",
+        "errorFailureCheckLogs": "",
+        "errorPartialFailureCheckLogs": "",
+        "errorUserCreated": "",
+        "errorSendWelcomeEmail": "",
+        "errorApplyUpdate": "",
+        "errorCheckUpdate": "",
+        "updateAvailable": "",
+        "noUpdatesAvailable": ""
+    },
+    "quantityStrings": {
+        "modifySettingsFor": {
+            "singular": "",
+            "plural": ""
+        },
+        "deleteNUsers": {
+            "singular": "",
+            "plural": ""
+        },
+        "disableUsers": {
+            "singular": "",
+            "plural": ""
+        },
+        "reEnableUsers": {
+            "singular": "",
+            "plural": ""
+        },
+        "addUser": {
+            "singular": "",
+            "plural": ""
+        },
+        "deleteUser": {
+            "singular": "",
+            "plural": ""
+        },
+        "deletedUser": {
+            "singular": "",
+            "plural": ""
+        },
+        "disabledUser": {
+            "singular": "",
+            "plural": ""
+        },
+        "enabledUser": {
+            "singular": "",
+            "plural": ""
+        },
+        "announceTo": {
+            "singular": "",
+            "plural": ""
+        },
+        "appliedSettings": {
+            "singular": "",
+            "plural": ""
+        },
+        "extendExpiry": {
+            "singular": "",
+            "plural": ""
+        },
+        "setExpiry": {
+            "singular": "",
+            "plural": ""
+        },
+        "extendedExpiry": {
+            "singular": "",
+            "plural": ""
+        }
+    }
+}
--- a/lang/admin/nl-nl.json
+++ b/lang/admin/nl-nl.json
@@ -13,11 +13,8 @@
        "warning": "Waarschuwing",
        "inviteInfiniteUsesWarning": "ongelimiteerde uitnodigingen kunnen misbruikt worden",
        "inviteSendToEmail": "Stuur naar",
-        "login": "Inloggen",
-        "logout": "Uitloggen",
        "create": "Aanmaken",
        "apply": "Toepassen",
-        "delete": "Verwijderen",
        "name": "Naam",
        "date": "Datum",
        "lastActiveTime": "Laatst actief",
@@ -56,7 +53,6 @@
        "inviteUsersCreated": "Aangemaakte gebruikers",
        "inviteNoProfile": "Geen profiel",
        "inviteDateCreated": "Aangemaakt",
-        "inviteRemainingUses": "Resterend aantal keer te gebruiken",
        "inviteNoInvites": "Geen",
        "inviteExpiresInTime": "Verloopt over {n}",
        "notifyEvent": "Meldingen:",
@@ -73,14 +69,9 @@
        "customizeMessagesDescription": "Als je de e-mailsjablonen van jfa-go niet wilt gebruiken, kun je met gebruik van Markdown je eigen aanmaken.",
        "preview": "Voorbeeld",
        "reset": "Reset",
-        "edit": "Bewerken",
        "customizeMessages": "E-mails aanpassen",
        "inviteDuration": "Geldigheidsduur uitnodiging",
        "userExpiryDescription": "Een bepaalde tijd na elke aanmelding, wordt de account verwijderd/uitgeschakeld door jfa-go. Dit kan aangepast worden in de instellingen.",
-        "enabled": "Ingeschakeld",
-        "disabled": "Uitgeschakeld",
-        "admin": "Beheerder",
-        "expiry": "Verloop",
        "userExpiry": "Gebruikersverloop",
        "extendExpiry": "Verleng verloop",
        "updates": "Updates",
@@ -89,13 +80,10 @@
        "search": "Zoeken",
        "advancedSettings": "Geavanceerde instellingen",
        "inviteMonths": "Maanden",
-        "reEnable": "Opnieuw inschakelen",
-        "disable": "Uitschakelen",
        "conditionals": "Voorwaarden",
        "donate": "Doneer",
        "contactThrough": "Stuur bericht via:",
        "sendPIN": "Vraag de gebruiker om onderstaande pincode naar de bot te sturen.",
-        "add": "Voeg toe",
        "searchDiscordUser": "Begin de Discord gebruikersnaam te typen om de gebruiker te vinden.",
        "linkMatrixDescription": "Vul de gebruikersnaam en wachtwoord in van de gebruiker om als bot te gebruiken. De app start zodra ze zijn verstuurd.",
        "select": "Selecteer",
@@ -122,20 +110,15 @@
        "createProfile": "Profiel {n} aangemaakt.",
        "saveSettings": "De instellingen zijn opgeslagen",
        "setOmbiDefaults": "De ombi standaardinstellingen zijn opgeslagen.",
-        "errorConnection": "Kon geen verbinding maken met jfa-go.",
-        "error401Unauthorized": "Geen toegang. Probeer de pagina te vernieuwen.",
        "errorSettingsAppliedNoHomescreenLayout": "De instellingen zijn toegepast, maar wijzigen van de startpaginaindeling is misschien mislukt.",
        "errorHomescreenAppliedNoSettings": "Startpaginaindeling toegepast, maar opslaan van instellingen is misschien mislukt.",
        "errorSettingsFailed": "Opslaan mislukt.",
-        "errorLoginBlank": "De gebruikersnaam en/of wachtwoord is leeg.",
-        "errorUnknown": "Onbekende fout.",
        "errorBlankFields": "Velden leeggelaten",
        "errorDeleteProfile": "Verwijderen van profiel {n} mislukt",
        "errorLoadProfiles": "Fout bij het laden van profielen.",
        "errorCreateProfile": "Aanmaken van profile {n} mislukt",
        "errorSetDefaultProfile": "Fout bij instellen van standaardprofiel.",
        "errorLoadUsers": "Laden van gebruikers mislukt.",
-        "errorSaveSettings": "Opslaan van instellingen mislukt.",
        "errorLoadSettings": "Laden van instellingen mislukt.",
        "errorSetOmbiDefaults": "Opslaan van ombi standaardinstellingen mislukt.",
        "errorLoadOmbiUsers": "Laden van ombi gebruikers mislukt.",
@@ -217,4 +200,4 @@
            "plural": "Stel verloop in voor {n} gebruikers"
        }
    }
-}
+}
--- a/lang/admin/pl-pl.json
+++ b/lang/admin/pl-pl.json
@@ -15,21 +15,12 @@
        "warning": "Ostrzeżenie",
        "inviteInfiniteUsesWarning": "",
        "inviteSendToEmail": "",
-        "login": "",
-        "logout": "",
        "create": "",
        "apply": "",
-        "delete": "",
-        "add": "",
        "select": "",
        "name": "Imię",
        "date": "Data",
-        "enabled": "Włączone",
-        "disabled": "Wyłączone",
-        "reEnable": "",
        "setExpiry": "",
-        "disable": "Wyłączone",
-        "admin": "Admin",
        "updates": "Aktualizacje",
        "update": "Aktualizacja",
        "download": "Pobierz",
@@ -38,7 +29,6 @@
        "lastActiveTime": "Ostatnia aktywność",
        "from": "Od",
        "user": "Użytkownik",
-        "expiry": "Wygasa",
        "userExpiry": "Użytkownik wygasa",
        "userExpiryDescription": "",
        "aboutProgram": "O",
@@ -57,7 +47,6 @@
        "conditionals": "",
        "preview": "",
        "reset": "Zresetuj",
-        "edit": "Edytuj",
        "donate": "",
        "sendPWR": "",
        "contactThrough": "",
@@ -98,7 +87,6 @@
        "inviteUsersCreated": "",
        "inviteNoProfile": "",
        "inviteDateCreated": "Utworzone",
-        "inviteRemainingUses": "",
        "inviteNoInvites": "",
        "inviteExpiresInTime": "",
        "notifyEvent": "",
@@ -128,13 +116,9 @@
        "updateAppliedRefresh": "Aktualizacja zastosowana, odśwież.",
        "telegramVerified": "Konto telegramu zweryfikowane.",
        "accountConnected": "Konto połączone.",
-        "errorConnection": "Nie udało się połączyć z jfa-go.",
-        "error401Unauthorized": "Nieautoryzowany. Spróbuj odświeżyć stronę.",
        "errorSettingsAppliedNoHomescreenLayout": "Zastosowano ustawienia, ale zastosowanie układu ekranu głównego mogło się nie powieść.",
        "errorHomescreenAppliedNoSettings": "",
        "errorSettingsFailed": "",
-        "errorLoginBlank": "",
-        "errorUnknown": "Nieznany błąd.",
        "errorSaveEmail": "",
        "errorBlankFields": "",
        "errorDeleteProfile": "",
@@ -142,7 +126,6 @@
        "errorCreateProfile": "",
        "errorSetDefaultProfile": "",
        "errorLoadUsers": "",
-        "errorSaveSettings": "",
        "errorLoadSettings": "",
        "errorSetOmbiProfile": "",
        "errorLoadOmbiUsers": "",
@@ -214,4 +197,4 @@
            "plural": ""
        }
    }
-}
+}
--- a/lang/admin/pt-br.json
+++ b/lang/admin/pt-br.json
@@ -13,11 +13,8 @@
        "warning": "Aviso",
        "inviteInfiniteUsesWarning": "convites infinitos podem ser usados de forma abusiva",
        "inviteSendToEmail": "Enviar para",
-        "login": "Login",
-        "logout": "Sair",
        "create": "Criar",
        "apply": "Aplicar",
-        "delete": "Deletar",
        "name": "Nome",
        "date": "Data",
        "lastActiveTime": "Ativo pela última vez",
@@ -57,7 +54,6 @@
        "inviteUsersCreated": "Usuários criado",
        "inviteNoProfile": "Sem Perfil",
        "inviteDateCreated": "Criado",
-        "inviteRemainingUses": "Uso restantes",
        "inviteNoInvites": "Nenhum",
        "inviteExpiresInTime": "Expira em {n}",
        "notifyEvent": "Notificar em:",
@@ -73,14 +69,9 @@
        "variables": "Variáveis",
        "preview": "Pre-visualizar",
        "reset": "Redefinir",
-        "edit": "Editar",
        "customizeMessages": "Customizar Emails",
-        "disabled": "Desativado",
        "userExpiryDescription": "Após um determinado período de tempo de cada inscrição, o jfa-go apagará/desabilitará a conta. Você pode alterar essa opção nas configurações.",
        "inviteDuration": "Duração do Convite",
-        "enabled": "Habilitado",
-        "admin": "Admin",
-        "expiry": "Expira",
        "userExpiry": "Vencimento do Usuário",
        "extendExpiry": "Extender o vencimento",
        "updates": "Atualizações",
@@ -89,15 +80,12 @@
        "search": "Procurar",
        "advancedSettings": "Configurações Avançada",
        "inviteMonths": "Meses",
-        "reEnable": "Reativar",
-        "disable": "Desativar",
        "conditionals": "Condicionais",
        "donate": "Doar",
        "contactThrough": "Contato através:",
        "sendPIN": "Peça que o usuário envie o PIN abaixo para o bot.",
        "searchDiscordUser": "Digite o nome de usuário do Discord.",
        "findDiscordUser": "Encontrar usuário Discord",
-        "add": "Adicionar",
        "linkMatrixDescription": "Digite o nome de usuário e a senha para usar como bot. Depois de enviado, o aplicativo será reiniciado.",
        "select": "Selecionar",
        "templates": "Modelos",
@@ -122,20 +110,15 @@
        "createProfile": "Perfil {n} criado.",
        "saveSettings": "As configurações foram salvas",
        "setOmbiDefaults": "Padrões do ombi armazenados.",
-        "errorConnection": "Não foi possível conectar ao jfa-go.",
-        "error401Unauthorized": "Não autorizado. Tente atualizar a página.",
        "errorSettingsAppliedNoHomescreenLayout": "As configurações foram aplicadas, mas a aplicação do layout da tela inicial pode ter falhado.",
        "errorHomescreenAppliedNoSettings": "O layout da tela inicial foi aplicado, mas a aplicação das configurações pode ter falhado.",
        "errorSettingsFailed": "Falha na aplicação.",
-        "errorLoginBlank": "O nome de usuário e/ou senha foram deixados em branco.",
-        "errorUnknown": "Erro desconhecido.",
        "errorBlankFields": "Os campos foram deixados em branco",
        "errorDeleteProfile": "Falha ao excluir perfil {n}",
        "errorLoadProfiles": "Falha ao carregar perfis.",
        "errorCreateProfile": "Falha ao criar perfil {n}",
        "errorSetDefaultProfile": "Falha ao definir o perfil padrão.",
        "errorLoadUsers": "Falha ao carregar usuários.",
-        "errorSaveSettings": "Não foi possível salvar as configurações.",
        "errorLoadSettings": "Falha ao carregar as configurações.",
        "errorSetOmbiDefaults": "Falha em armazenar os padrões ombi.",
        "errorLoadOmbiUsers": "Falha ao carregar usuários ombi.",
@@ -217,4 +200,4 @@
            "plural": "Definir expiração para {a} usuários"
        }
    }
-}
+}
--- a/lang/admin/sv-se.json
+++ b/lang/admin/sv-se.json
@@ -13,11 +13,8 @@
        "warning": "Varning",
        "inviteInfiniteUsesWarning": "inbjudningar med oändligt antal användningar kan missbrukas",
        "inviteSendToEmail": "Skicka till",
-        "login": "Logga in",
-        "logout": "Logga ut",
        "create": "Skapa",
        "apply": "Tillämpa",
-        "delete": "Radera",
        "name": "Namn",
        "date": "Datum",
        "lastActiveTime": "Senast aktiv",
@@ -36,7 +33,6 @@
        "variables": "Variabler",
        "preview": "Förhandsvisning",
        "reset": "Återställ",
-        "edit": "Redigera",
        "customizeMessages": "Anpassa e-post",
        "customizeMessagesDescription": "Om du inte vill använda jfa-go's e-postmallar, så kan du skapa dina egna med Markdown.",
        "markdownSupported": "Markdown stöds.",
@@ -69,17 +65,12 @@
        "inviteUsersCreated": "Skapade användare",
        "inviteNoProfile": "Ingen profil",
        "inviteDateCreated": "Skapad",
-        "inviteRemainingUses": "Återstående användningar",
        "inviteNoInvites": "Ingen",
        "inviteExpiresInTime": "Går ut om {n}",
        "notifyEvent": "Meddela den:",
        "notifyInviteExpiry": "Vid utgång",
        "notifyUserCreation": "Vid användarskapande",
-        "disabled": "Inaktiverad",
-        "enabled": "Aktiverad",
        "inviteDuration": "Varaktighet för inbjudan",
-        "admin": "Admin",
-        "expiry": "Löper ut",
        "userExpiry": "Användarutgång",
        "userExpiryDescription": "Efter en angiven tid efter varje registrering så tar jfa-go bort/inaktiverar kontot. Du kan ändra detta beteende i inställningarna.",
        "extendExpiry": "Förläng utgång"
@@ -92,13 +83,9 @@
        "saveEmail": "E-post sparad.",
        "sentAnnouncement": "Meddelande skickat.",
        "setOmbiDefaults": "Lagrade ombi-standardvärden.",
-        "errorConnection": "Det gick inte att ansluta till jfa-go.",
-        "error401Unauthorized": "Obehörig. Prova att uppdatera sidan.",
        "errorSettingsAppliedNoHomescreenLayout": "Inställningarna tillämpades, men tillämpningen av hemskärmslayout kan ha misslyckats.",
        "errorHomescreenAppliedNoSettings": "Hemskärmslayout tillämpades, men tillämpningen av inställningar kan ha misslyckats.",
        "errorSettingsFailed": "Tillämpning misslyckades.",
-        "errorLoginBlank": "Användarnamnet och/eller lösenordet lämnades tomt.",
-        "errorUnknown": "Okänt fel.",
        "errorSaveEmail": "Det gick inte att spara e-postmeddelandet.",
        "errorBlankFields": "Fält lämnades tomma",
        "errorDeleteProfile": "Det gick inte att ta bort profilen {n}",
@@ -106,7 +93,6 @@
        "errorCreateProfile": "Det gick inte att skapa profilen {n}",
        "errorSetDefaultProfile": "Det gick inte att ange standardprofil.",
        "errorLoadUsers": "Det gick inte att läsa in användare.",
-        "errorSaveSettings": "Det gick inte att spara inställningarna.",
        "errorLoadSettings": "Det gick inte att läsa in inställningarna.",
        "errorSetOmbiDefaults": "Det gick inte att lagra ombi-standardvärden.",
        "errorLoadOmbiUsers": "Det gick inte att ladda ombi-användare.",
@@ -154,4 +140,4 @@
            "plural": "Utökad giltighetstid för {n} användare."
        }
    }
-}
+}
--- a/lang/admin/vi-vn.json
+++ b/lang/admin/vi-vn.json
@@ -15,21 +15,12 @@
        "warning": "Cảnh báo",
        "inviteInfiniteUsesWarning": "các lời mời không giới hạn số lần sử dụng có thể bị lạm dụng",
        "inviteSendToEmail": "Gửi tới",
-        "login": "Đăng nhập",
-        "logout": "Đăng xuất",
        "create": "Tạo mới",
        "apply": "Áp dụng",
-        "delete": "Xóa",
-        "add": "Thêm",
        "select": "Chọn",
        "name": "Tên",
        "date": "Ngày",
-        "enabled": "Mở",
-        "disabled": "Tắt",
-        "reEnable": "Mở lại",
        "setExpiry": "Đặt hết hạn",
-        "disable": "Tắt",
-        "admin": "Admin",
        "updates": "Cập nhật",
        "update": "Cập nhật",
        "download": "Tải về",
@@ -38,7 +29,6 @@
        "lastActiveTime": "Lần cuối Hoạt động",
        "from": "Từ",
        "user": "Người dùng",
-        "expiry": "Hết hạn",
        "userExpiry": "Hết hạn Người dùng",
        "userExpiryDescription": "Sau một khoảng thời gian nhất định sau khi mỗi đăng ký, jfa-go sẽ xóa/vô hiệu hóa tài khoản. Bạn có thể chỉnh sửa chế độ này trong cài đặt.",
        "aboutProgram": "Thông tin",
@@ -56,7 +46,6 @@
        "conditionals": "Điều kiện",
        "preview": "Xem trước",
        "reset": "Đặt lại",
-        "edit": "Chỉnh sửa",
        "donate": "Đóng góp",
        "sendPWR": "Gửi Đặt lại Mật khẩu",
        "contactThrough": "Liên lạc qua:",
@@ -97,7 +86,6 @@
        "inviteUsersCreated": "Người dùng đã tạo",
        "inviteNoProfile": "Không có Tài khoản mẫu",
        "inviteDateCreated": "Tạo",
-        "inviteRemainingUses": "Số lần sử dụng còn lại",
        "inviteNoInvites": "Không có",
        "inviteExpiresInTime": "Hết hạn trong {n}",
        "notifyEvent": "Thông báo khi:",
@@ -127,13 +115,9 @@
        "updateAppliedRefresh": "Cập nhật mới đã được áp dụng, vui lòng làm mới lại trang.",
        "telegramVerified": "Tài khoản Telegram đã được xác thực.",
        "accountConnected": "Tài khoản đã được kết nối.",
-        "errorConnection": "Không thể kết nối với jfa-go.",
-        "error401Unauthorized": "Không được phép. Hãy thử làm mới trang.",
        "errorSettingsAppliedNoHomescreenLayout": "Cài đặt đã được áp dụng, nhưng việc áp dụng bố cục màn hình chính có thể không thành công.",
        "errorHomescreenAppliedNoSettings": "",
        "errorSettingsFailed": "",
-        "errorLoginBlank": "",
-        "errorUnknown": "",
        "errorSaveEmail": "",
        "errorBlankFields": "",
        "errorDeleteProfile": "",
@@ -141,7 +125,6 @@
        "errorCreateProfile": "",
        "errorSetDefaultProfile": "",
        "errorLoadUsers": "",
-        "errorSaveSettings": "",
        "errorLoadSettings": "",
        "errorSetOmbiProfile": "",
        "errorLoadOmbiUsers": "",
@@ -209,4 +192,4 @@
            "plural": ""
        }
    }
-}
+}
--- a/lang/admin/zh-hans.json
+++ b/lang/admin/zh-hans.json
@@ -15,20 +15,11 @@
        "warning": "警告",
        "inviteInfiniteUsesWarning": "无限使用次数的邀请码可能被滥用",
        "inviteSendToEmail": "发送到",
-        "login": "登录",
-        "logout": "登出",
        "create": "创建",
        "apply": "申请",
-        "delete": "删除",
-        "add": "添加",
        "select": "选择",
        "name": "名称",
        "date": "日期",
-        "enabled": "已启用",
-        "disabled": "已禁用",
-        "reEnable": "重新启用",
-        "disable": "禁用",
-        "admin": "管理员",
        "updates": "更新",
        "update": "更新",
        "download": "下载",
@@ -37,7 +28,6 @@
        "lastActiveTime": "上次活动",
        "from": "从",
        "user": "用户",
-        "expiry": "到期",
        "userExpiry": "用户到期",
        "userExpiryDescription": "每次注册后的指定时间，jfa-go 将删除/禁用该帐户。您可以在设置中更改此行为。",
        "aboutProgram": "关于",
@@ -55,7 +45,6 @@
        "conditionals": "条件性条款",
        "preview": "预览",
        "reset": "重设",
-        "edit": "编辑",
        "donate": "捐助",
        "contactThrough": "联系方式：",
        "extendExpiry": "延长有效期",
@@ -91,7 +80,6 @@
        "inviteUsersCreated": "已创建的用户",
        "inviteNoProfile": "没有个人资料",
        "inviteDateCreated": "已创建",
-        "inviteRemainingUses": "剩余使用次数",
        "inviteNoInvites": "无",
        "inviteExpiresInTime": "在 {n} 到期",
        "notifyEvent": "通知：",
@@ -114,7 +102,22 @@
        "sendPWRValidFor": "此链接有效30分钟。",
        "ombiProfile": "Ombi 用户配置文件",
        "accessJFASettings": "无法更改，因为“仅限管理员”或“允许所有”已在“设置”>“常规”中设置。",
-        "accessJFA": "访问jfa-go"
+        "accessJFA": "访问 jfa-go",
+        "buildTime": "构建时间",
+        "builtBy": "由",
+        "clickToRemoveFilter": "单击此处以取消此筛选器。",
+        "filters": "筛选器",
+        "jellyfinID": "Jellyfin ID",
+        "clearSearch": "清除搜索",
+        "searchOptions": "搜索选项",
+        "matchText": "匹配文本",
+        "userPagePage": "用户页面",
+        "actions": "操作",
+        "after": "之后",
+        "before": "之前",
+        "unlink": "取消关联帐户",
+        "sortingBy": "排序方式",
+        "userPageLogin": "用户页面：登录"
    },
    "notifications": {
        "changedEmailAddress": "更改了 {n} 的电子邮件地址。",
@@ -129,13 +132,9 @@
        "updateAppliedRefresh": "已应用更新，请刷新。",
        "telegramVerified": "Telegram账户已验证。",
        "accountConnected": "帐户已连接。",
-        "errorConnection": "无法连接到 jfa-go。",
-        "error401Unauthorized": "无授权。尝试刷新页面。",
        "errorSettingsAppliedNoHomescreenLayout": "已应用设置，但应用主屏幕布局可能失败。",
        "errorHomescreenAppliedNoSettings": "已应用主屏幕布局，但应用设置可能失败。",
        "errorSettingsFailed": "应用失败。",
-        "errorLoginBlank": "用户名/密码留空。",
-        "errorUnknown": "未知错误。",
        "errorSaveEmail": "电子邮箱保存失败。",
        "errorBlankFields": "字段留空",
        "errorDeleteProfile": "删除配置文件{n}失败",
@@ -143,7 +142,6 @@
        "errorCreateProfile": "创建配置文件{n}失败",
        "errorSetDefaultProfile": "设置默认配置文件失败。",
        "errorLoadUsers": "加载用户列表失败。",
-        "errorSaveSettings": "无法保存设置。",
        "errorLoadSettings": "加载配置列表失败。",
        "errorSetOmbiDefaults": "存储Ombi默认值失败。",
        "errorLoadOmbiUsers": "加载ombi用户列表失败。",
--- a/lang/admin/zh-hant.json
+++ b/lang/admin/zh-hant.json
@@ -15,21 +15,12 @@
        "warning": "警告",
        "inviteInfiniteUsesWarning": "無限使用次數的邀請碼可能被濫用",
        "inviteSendToEmail": "發送到",
-        "login": "登錄",
-        "logout": "登出",
        "create": "創建",
        "apply": "應用",
-        "delete": "刪除",
-        "add": "添加",
        "select": "選擇",
        "name": "帳戶名稱",
        "date": "日期",
-        "enabled": "已啟用",
-        "disabled": "已禁用",
-        "reEnable": "重新啟用",
        "setExpiry": "設置到期時間",
-        "disable": "禁用",
-        "admin": "管理員",
        "updates": "更新",
        "update": "更新",
        "download": "下載",
@@ -38,7 +29,6 @@
        "lastActiveTime": "上次啟用時間",
        "from": "從",
        "user": "帳戶",
-        "expiry": "到期",
        "userExpiry": "帳戶到期",
        "userExpiryDescription": "每次註冊后指定的時間，jfa-go 將刪除/禁用該帳戶。您可以在設定中更改此行為。",
        "aboutProgram": "關於",
@@ -57,7 +47,6 @@
        "conditionals": "條件",
        "preview": "預覽",
        "reset": "重設",
-        "edit": "編輯",
        "donate": "捐贈",
        "sendPWR": "發送密碼重置",
        "contactThrough": "聯繫方式：",
@@ -98,7 +87,6 @@
        "inviteUsersCreated": "創建的帳戶",
        "inviteNoProfile": "無資料",
        "inviteDateCreated": "已創建",
-        "inviteRemainingUses": "剩餘使用次數",
        "inviteNoInvites": "無",
        "inviteExpiresInTime": "在 {n} 到期",
        "notifyEvent": "通知：",
@@ -128,13 +116,9 @@
        "updateAppliedRefresh": "更新已應用，請重新整理。",
        "telegramVerified": "Telegram 帳戶已驗證。",
        "accountConnected": "帳戶已連接。",
-        "errorConnection": "無法連接到 jfa-go。",
-        "error401Unauthorized": "未經授權。嘗試重新整理頁面。",
        "errorSettingsAppliedNoHomescreenLayout": "已應用設置，但應用主螢幕佈局可能失敗。",
        "errorHomescreenAppliedNoSettings": "已應用主螢幕佈局，但應用設置可能失敗。",
        "errorSettingsFailed": "應用失敗。",
-        "errorLoginBlank": "帳戶名稱和/或密碼留空。",
-        "errorUnknown": "未知的錯誤。",
        "errorSaveEmail": "無法儲存電子郵件。",
        "errorBlankFields": "欄位留空",
        "errorDeleteProfile": "無法刪除設置文件 {n}",
@@ -142,7 +126,6 @@
        "errorCreateProfile": "無法創建設置文件 {n}",
        "errorSetDefaultProfile": "無法設置預設設置文件。",
        "errorLoadUsers": "無法讀取帳戶。",
-        "errorSaveSettings": "無法儲存設置。",
        "errorLoadSettings": "無法讀取設置。",
        "errorSetOmbiProfile": "無法儲存 ombi 設置文件。",
        "errorLoadOmbiUsers": "無法讀取 ombi 帳戶。",
@@ -214,4 +197,4 @@
            "plural": "已延長 {n} 個帳戶的到期時間。"
        }
    }
-}
+}
--- a/lang/common/ar-aa.json
+++ b/lang/common/ar-aa.json
@@ -0,0 +1,65 @@
+{
+    "meta": {
+        "name": "العربية (AR)"
+    },
+    "strings": {
+        "username": "اسم المستخدم",
+        "password": "كلمة المرور",
+        "emailAddress": "البريد الالكتروني",
+        "name": "الاسم",
+        "submit": "ادخال",
+        "success": "نجاح",
+        "continue": "اكمل",
+        "error": "خطأ",
+        "copy": "نسخ",
+        "time24h": "توقيت 24 ساعة",
+        "time12h": "توقيت 12 ساعة",
+        "linkTelegram": "رابط تلغرام",
+        "contactTelegram": "التواصل عبر التلغرام",
+        "linkDiscord": "رابط الدسكورد",
+        "linkMatrix": "ربط Matrix",
+        "contactDiscord": "التواصل عبر الدسكورد",
+        "theme": "القالب",
+        "refresh": "تحديث",
+        "required": "مطلوب",
+        "login": "تسجيل الدخول",
+        "admin": "المسؤول",
+        "reEnable": "اعادة تفعيل",
+        "disable": "تجميد",
+        "accountStatus": "حالة الحساب",
+        "notSet": "لم تحدد",
+        "expiry": "انتهاء الصلاحية",
+        "add": "اضافة",
+        "edit": "تعديل",
+        "delete": "حذف",
+        "myAccount": "حسابي",
+        "disabled": "معطل",
+        "enabled": "مفعل",
+        "send": "ارسال",
+        "copied": "تم النسخ",
+        "contactEmail": "التواصل عبر البريد الالكتروني",
+        "logout": "تسجيل الخروج",
+        "contactMethods": "وسيلة التواصل"
+    },
+    "notifications": {
+        "errorUnknown": "خطأ غير معروف.",
+        "error401Unauthorized": "غير مخول. حاول تحديث الصفحة.",
+        "errorSaveSettings": "لا يمكن حفظ الاعدادات.",
+        "errorLoginBlank": "اسم المستخدم و/أو كلمة المرور لم يتم ادخالها.",
+        "errorConnection": "لا يمكن الاتصال بـالبرنامج."
+    },
+    "quantityStrings": {
+        "year": {
+            "singular": "{n} سنة",
+            "plural": "{n} سنوات"
+        },
+        "month": {
+            "singular": "{n} شهر",
+            "plural": "{n} أشهر"
+        },
+        "day": {
+            "singular": "{n} يوم",
+            "plural": "{n} أيام"
+        }
+    }
+}
--- a/lang/common/da-dk.json
+++ b/lang/common/da-dk.json
@@ -24,6 +24,26 @@
        "contactDiscord": "Kontakt gennem Discord",
        "theme": "Tema",
        "refresh": "Opdater",
-        "required": "Påkrævet"
-    }
-}
+        "required": "Påkrævet",
+        "login": "Log på",
+        "logout": "Log ud",
+        "admin": "Administrator",
+        "enabled": "Aktiveret",
+        "disabled": "Deaktiveret",
+        "reEnable": "Genaktiver",
+        "disable": "Deaktiver",
+        "expiry": "Udløb",
+        "add": "Tilføj",
+        "edit": "Rediger",
+        "delete": "Slet",
+        "inviteRemainingUses": "Resterende anvendelser"
+    },
+    "notifications": {
+        "errorLoginBlank": "Brugernavnet og/eller adgangskoden blev efterladt tomme.",
+        "errorConnection": "Kunne ikke oprette forbindelse til jfa-go.",
+        "errorUnknown": "Ukendt fejl.",
+        "error401Unauthorized": "Adgang nægtet. Prøv at genindlæse siden.",
+        "errorSaveSettings": "Kunne ikke gemme indstillingerne."
+    },
+    "quantityStrings": {}
+}
--- a/lang/common/de-de.json
+++ b/lang/common/de-de.json
@@ -4,26 +4,46 @@
    },
    "strings": {
        "username": "Benutzername",
-        "name": "Name",
        "password": "Passwort",
        "emailAddress": "E-Mail Adresse",
+        "name": "Name",
        "submit": "Absenden",
+        "send": "Senden",
        "success": "Erfolgreich",
        "continue": "Weiter",
        "error": "Fehler",
        "copy": "Kopieren",
-        "theme": "Thema",
+        "copied": "Kopiert",
        "time24h": "24h-Format",
        "time12h": "12h-Format",
-        "copied": "Kopiert",
        "linkTelegram": "Link Telegram",
        "contactEmail": "Kontakt über E-Mail",
        "contactTelegram": "Kontakt über Telegram",
        "linkDiscord": "Link Discord",
        "linkMatrix": "Link Matrix",
-        "send": "Senden",
        "contactDiscord": "Kontakt über Discord",
+        "theme": "Thema",
        "refresh": "Aktualisieren",
-        "required": "Erforderlich"
-    }
-}
+        "required": "Erforderlich",
+        "login": "Anmelden",
+        "logout": "Abmelden",
+        "admin": "Admin",
+        "enabled": "Aktiviert",
+        "disabled": "Deaktiviert",
+        "reEnable": "Wieder aktivieren",
+        "disable": "Deaktivieren",
+        "expiry": "Ablaufdatum",
+        "add": "Hinzufügen",
+        "edit": "Bearbeiten",
+        "delete": "Löschen",
+        "inviteRemainingUses": "Verbleibende Verwendungen"
+    },
+    "notifications": {
+        "errorLoginBlank": "Der Benutzername und/oder das Passwort wurden nicht ausgefüllt.",
+        "errorConnection": "Konnte keine Verbindung zu jfa-go herstellen.",
+        "errorUnknown": "Unbekannter Fehler.",
+        "error401Unauthorized": "Unberechtigt. Versuch, die Seite zu aktualisieren.",
+        "errorSaveSettings": "Einstellungen konnten nicht gespeichert werden."
+    },
+    "quantityStrings": {}
+}
--- a/lang/common/el-gr.json
+++ b/lang/common/el-gr.json
@@ -12,9 +12,28 @@
        "continue": "Συνέχεια",
        "error": "Σφάλμα",
        "copy": "Αντιγραφή",
-        "theme": "Θέμα",
+        "copied": "Αντιγράφηκε",
        "time24h": "24 Ώρες",
        "time12h": "12 Ώρες",
-        "copied": "Αντιγράφηκε"
-    }
-}
+        "theme": "Θέμα",
+        "login": "Σύνδεση",
+        "logout": "Αποσύνδεση",
+        "admin": "Διαχειριστής",
+        "enabled": "Ενεργοποιημένο",
+        "disabled": "Απενεργοποιημένο",
+        "reEnable": "Επανα-ενεργοποίηση",
+        "disable": "Απενεργοποίηση",
+        "expiry": "Λήξη",
+        "edit": "Επεξεργασία",
+        "delete": "Διαγραφή",
+        "inviteRemainingUses": "Εναπομείναντες χρήσεις"
+    },
+    "notifications": {
+        "errorLoginBlank": "Το όνομα χρήστη και/ή ο κωδικός ήταν κενά.",
+        "errorConnection": "Δεν μπόρεσε να συνδεθεί με το jfa-go.",
+        "errorUnknown": "Άγνωστο σφάλμα.",
+        "error401Unauthorized": "Ανεξουσιοδότητος. Προσπαθήστε να κάνετε επαναφόρτωση την σελίδα.",
+        "errorSaveSettings": "Αποτυχία αποθήκευσης ρυθμίσεων."
+    },
+    "quantityStrings": {}
+}
--- a/lang/common/en-gb.json
+++ b/lang/common/en-gb.json
@@ -3,27 +3,47 @@
        "name": "English (GB)"
    },
    "strings": {
-        "continue": "Continue",
-        "time24h": "24h Time",
-        "linkTelegram": "Link Telegram",
-        "send": "Send",
-        "linkDiscord": "Link Discord",
-        "linkMatrix": "Link Matrix",
-        "contactDiscord": "Contact through Discord",
        "username": "Username",
        "password": "Password",
        "emailAddress": "Email Address",
+        "name": "Name",
+        "submit": "Submit",
+        "send": "Send",
+        "success": "Success",
+        "continue": "Continue",
+        "error": "Error",
        "copy": "Copy",
        "copied": "Copied",
-        "submit": "Submit",
-        "success": "Success",
-        "error": "Error",
+        "time24h": "24h Time",
        "time12h": "12h Time",
-        "theme": "Theme",
+        "linkTelegram": "Link Telegram",
        "contactEmail": "Contact through Email",
        "contactTelegram": "Contact through Telegram",
-        "name": "Name",
+        "linkDiscord": "Link Discord",
+        "linkMatrix": "Link Matrix",
+        "contactDiscord": "Contact through Discord",
+        "theme": "Theme",
        "refresh": "Refresh",
-        "required": "Required"
-    }
-}
+        "required": "Required",
+        "login": "Login",
+        "logout": "Logout",
+        "admin": "Admin",
+        "enabled": "Enabled",
+        "disabled": "Disabled",
+        "reEnable": "Re-enable",
+        "disable": "Disable",
+        "expiry": "Expiry",
+        "add": "Add",
+        "edit": "Edit",
+        "delete": "Delete",
+        "inviteRemainingUses": "Remaining uses"
+    },
+    "notifications": {
+        "errorLoginBlank": "The username and/or password was left blank.",
+        "errorConnection": "Couldn't connect to jfa-go.",
+        "errorUnknown": "Unknown error.",
+        "error401Unauthorized": "Unauthorised. Try refreshing the page.",
+        "errorSaveSettings": "Couldn't save settings."
+    },
+    "quantityStrings": {}
+}
--- a/lang/common/en-us.json
+++ b/lang/common/en-us.json
@@ -24,6 +24,44 @@
        "contactDiscord": "Contact through Discord",
        "theme": "Theme",
        "refresh": "Refresh",
-        "required": "Required"
+        "required": "Required",
+        "login": "Login",
+        "logout": "Logout",
+        "admin": "Admin",
+        "enabled": "Enabled",
+        "disabled": "Disabled",
+        "reEnable": "Re-enable",
+        "disable": "Disable",
+        "contactMethods": "Contact Methods",
+        "accountStatus": "Account Status",
+        "notSet": "Not set",
+        "expiry": "Expiry",
+        "add": "Add",
+        "edit": "Edit",
+        "delete": "Delete",
+        "myAccount": "My Account",
+        "referrals": "Referrals",
+        "inviteRemainingUses": "Remaining uses"
+    },
+    "notifications": {
+        "errorLoginBlank": "The username and/or password were left blank.",
+        "errorConnection": "Couldn't connect to jfa-go.",
+        "errorUnknown": "Unknown error.",
+        "error401Unauthorized": "Unauthorized. Try refreshing the page.",
+        "errorSaveSettings": "Couldn't save settings."
+    },
+    "quantityStrings": {
+        "year": {
+            "singular": "{n} Year",
+            "plural": "{n} Years"
+        },
+        "month": {
+            "singular": "{n} Month",
+            "plural": "{n} Months"
+        },
+        "day": {
+            "singular": "{n} Day",
+            "plural": "{n} Days"
+        }
    }
-}
+}
--- a/lang/common/es-es.json
+++ b/lang/common/es-es.json
@@ -8,6 +8,7 @@
        "emailAddress": "Correo electrónico",
        "name": "Nombre",
        "submit": "Enviar",
+        "send": "Enviar",
        "success": "Éxito",
        "continue": "Continuar",
        "error": "Error",
@@ -15,15 +16,34 @@
        "copied": "Copiado",
        "time24h": "Formato de 24 horas",
        "time12h": "Formato de 12 horas",
-        "theme": "Tema",
-        "send": "Enviar",
-        "contactDiscord": "Contactar por Discord",
+        "linkTelegram": "Enlace Telegram",
        "contactEmail": "Contactar por correo electrónico",
        "contactTelegram": "Contactar por Telegram",
-        "linkMatrix": "Enlace Matrix",
        "linkDiscord": "Enlace Discord",
-        "linkTelegram": "Enlace Telegram",
+        "linkMatrix": "Enlace Matrix",
+        "contactDiscord": "Contactar por Discord",
+        "theme": "Tema",
        "refresh": "Refrescar",
-        "required": "Requerido"
-    }
-}
+        "required": "Requerido",
+        "login": "Acceso",
+        "logout": "Cerrar sesión",
+        "admin": "Administrador",
+        "enabled": "Activado",
+        "disabled": "Desactivado",
+        "reEnable": "Reactivar",
+        "disable": "Desactivar",
+        "expiry": "Expiración",
+        "add": "Agregar",
+        "edit": "Editar",
+        "delete": "Eliminar",
+        "inviteRemainingUses": "Usos restantes"
+    },
+    "notifications": {
+        "errorLoginBlank": "El nombre de usuario y/o la contraseña se dejaron en blanco.",
+        "errorConnection": "No se pudo conectar a jfa-go.",
+        "errorUnknown": "Error desconocido.",
+        "error401Unauthorized": "No autorizado. Intente actualizar la página.",
+        "errorSaveSettings": "No se pudo guardar la configuración."
+    },
+    "quantityStrings": {}
+}
--- a/lang/common/fa-ir.json
+++ b/lang/common/fa-ir.json
@@ -23,5 +23,7 @@
        "linkMatrix": "پیوند ماتریکس",
        "contactDiscord": "از طریق دیسکورد تماس بگیرید",
        "theme": "موضوع"
-    }
-}
+    },
+    "notifications": {},
+    "quantityStrings": {}
+}
--- a/lang/common/fr-fr.json
+++ b/lang/common/fr-fr.json
@@ -1,28 +1,67 @@
 {
    "meta": {
-        "name": "Français (FR)",
-        "author": "https://github.com/Killianbe"
+        "name": "Français (FR)"
    },
    "strings": {
        "username": "Nom d'utilisateur",
-        "name": "Nom",
        "password": "Mot de passe",
-        "emailAddress": "Addresse Email",
+        "emailAddress": "Adresse Email",
+        "name": "Nom",
        "submit": "Soumettre",
+        "send": "Envoyer",
        "success": "Succès",
        "continue": "Continuer",
        "error": "Erreur",
        "copy": "Copier",
+        "copied": "Copié",
        "time24h": "Temps 24h",
        "time12h": "Temps 12h",
-        "theme": "Thème",
-        "copied": "Copié",
        "linkTelegram": "Lien Telegram",
        "contactEmail": "Contact par e-mail",
        "contactTelegram": "Contact par Telegram",
        "linkDiscord": "Lier Discord",
        "linkMatrix": "Lier Matrix",
-        "send": "Envoyer",
-        "contactDiscord": "Contacter par Discord"
+        "contactDiscord": "Contacter par Discord",
+        "theme": "Thème",
+        "refresh": "Actualiser",
+        "required": "Requis",
+        "login": "S'identifier",
+        "logout": "Se déconnecter",
+        "admin": "Administrateur",
+        "enabled": "Activé",
+        "disabled": "Désactiver",
+        "reEnable": "Ré-activé",
+        "disable": "Désactivé",
+        "expiry": "Expiration",
+        "add": "Ajouter",
+        "edit": "Éditer",
+        "delete": "Effacer",
+        "inviteRemainingUses": "Utilisations restantes",
+        "accountStatus": "Statut du compte",
+        "notSet": "Non défini",
+        "myAccount": "Mon compte",
+        "contactMethods": "Moyens de contact",
+        "referrals": "Programme de parrainage"
+    },
+    "notifications": {
+        "errorLoginBlank": "Le nom d'utilisateur et/ou le mot de passe sont vides.",
+        "errorConnection": "Impossible de se connecter à jfa-go.",
+        "errorUnknown": "Erreur inconnue.",
+        "error401Unauthorized": "Non autorisé. Essayez d'actualiser la page.",
+        "errorSaveSettings": "Impossible d'enregistrer les paramètres."
+    },
+    "quantityStrings": {
+        "year": {
+            "plural": "{n} années",
+            "singular": "{n} année"
+        },
+        "day": {
+            "singular": "{n} jour",
+            "plural": "{n} jours"
+        },
+        "month": {
+            "singular": "{n} mois",
+            "plural": "{n} mois"
+        }
    }
 }
--- a/lang/common/hu-hu.json
+++ b/lang/common/hu-hu.json
@@ -0,0 +1,65 @@
+{
+    "meta": {
+        "name": "Magyar (HU)"
+    },
+    "strings": {
+        "login": "Belépés",
+        "logout": "Kijelentkezés",
+        "admin": "Adminisztrátor",
+        "enabled": "Engedélyezve",
+        "disabled": "Tiltva",
+        "reEnable": "Újra engedélyezés",
+        "disable": "Letiltás",
+        "expiry": "Lejárat",
+        "add": "Hozzáadás",
+        "edit": "Szerkesztés",
+        "delete": "Törlés",
+        "password": "Jelszó",
+        "username": "Felhasználónév",
+        "emailAddress": "E-mail cím",
+        "name": "Név",
+        "submit": "Mentés",
+        "send": "Küldés",
+        "success": "Siker",
+        "continue": "Folytatás",
+        "error": "Hiba",
+        "copy": "Másolás",
+        "copied": "Másolva",
+        "time24h": "24 órás idő",
+        "time12h": "12 órás idő",
+        "linkTelegram": "Telegram összekötése",
+        "contactEmail": "Kapcsolat e-mailen keresztül",
+        "contactTelegram": "Kapcsolat telegramon keresztül",
+        "linkDiscord": "Discord összekötése",
+        "linkMatrix": "Matrix összekötése",
+        "contactDiscord": "Kapcsolat discordon keresztül",
+        "theme": "Téma",
+        "refresh": "Frissítés",
+        "required": "Kötelező",
+        "contactMethods": "Kapcsolati lehetőségek",
+        "accountStatus": "Fiók státusz",
+        "notSet": "Nincs beállítva",
+        "myAccount": "Saját fiókom"
+    },
+    "notifications": {
+        "errorLoginBlank": "A felhasználónév és/vagy a jelszó üresen lett hagyva.",
+        "errorConnection": "Nem lehet csatlakozni a jfa-go-hoz.",
+        "errorUnknown": "Ismeretlen hiba.",
+        "error401Unauthorized": "Nincs jogosultság. Próbáld frissíteni az oldalt.",
+        "errorSaveSettings": "Nem lehet menteni a beállításokat."
+    },
+    "quantityStrings": {
+        "year": {
+            "singular": "{n} Év",
+            "plural": "{n} Évek"
+        },
+        "month": {
+            "singular": "{n} Hónap",
+            "plural": "{n} Hónapok"
+        },
+        "day": {
+            "singular": "{n} Nap",
+            "plural": "{n} Napok"
+        }
+    }
+}
--- a/lang/common/id-id.json
+++ b/lang/common/id-id.json
@@ -8,6 +8,7 @@
        "emailAddress": "Alamat Email",
        "name": "Nama",
        "submit": "Submit",
+        "send": "Kirim",
        "success": "Sukses",
        "continue": "Lanjut",
        "error": "Error",
@@ -15,6 +16,17 @@
        "time24h": "Waktu 24 jam",
        "time12h": "Waktu 12 jam",
        "theme": "Tema",
-        "send": "Kirim"
+        "login": "Masuk",
+        "logout": "Keluar",
+        "edit": "Edit",
+        "delete": "Hapus",
+        "inviteRemainingUses": "Penggunaan yang tersisa"
+    },
+    "notifications": {
+        "errorLoginBlank": "Nama pengguna dan / atau sandi kosong.",
+        "errorConnection": "Tidak dapat terhubung ke jfa-go.",
+        "errorUnknown": "Terjadi kesalahan yang tidak diketahui.",
+        "error401Unauthorized": "Tidak ter-otorisasi. Coba segarkan halaman.",
+        "errorSaveSettings": "Tidak dapat menyimpan pengaturan."
    }
 }
--- a/lang/common/it-IT.json
+++ b/lang/common/it-IT.json
@@ -1,29 +0,0 @@
-{
-    "meta": {
-        "name": "Inglese (US)"
-    },
-    "strings": {
-        "username": "Username",
-        "password": "Password",
-        "emailAddress": "Indirizzo Email",
-        "name": "Nome",
-        "submit": "Invia",
-        "send": "Invia",
-        "success": "Successo",
-        "continue": "Continua",
-        "error": "Errore",
-        "copy": "Copia",
-        "copied": "Copiato",
-        "time24h": "Formato 24h",
-        "time12h": "Formato 12h",
-        "linkTelegram": "Link Telegram",
-        "contactEmail": "Contatta tramite Email",
-        "contactTelegram": "Contatta tramite Telegram",
-        "linkDiscord": "Link Discord",
-        "linkMatrix": "Link Matrix",
-        "contactDiscord": "Contatta tramite Discord",
-        "theme": "Tema",
-        "refresh": "Aggiorna",
-        "required": "Richiesto"
-    }
-}
--- a/lang/common/it-it.json
+++ b/lang/common/it-it.json
@@ -0,0 +1,65 @@
+{
+    "meta": {
+        "name": "Italiano (IT)"
+    },
+    "strings": {
+        "username": "Username",
+        "password": "Password",
+        "emailAddress": "Indirizzo Email",
+        "name": "Nome",
+        "submit": "Invia",
+        "send": "Invia",
+        "success": "Successo",
+        "continue": "Continua",
+        "error": "Errore",
+        "copy": "Copia",
+        "copied": "Copiato",
+        "time24h": "Formato 24h",
+        "time12h": "Formato 12h",
+        "linkTelegram": "Link Telegram",
+        "contactEmail": "Contatta tramite Email",
+        "contactTelegram": "Contatta tramite Telegram",
+        "linkDiscord": "Collega Discord",
+        "linkMatrix": "Link Matrix",
+        "contactDiscord": "Contatta tramite Discord",
+        "theme": "Tema",
+        "refresh": "Aggiorna",
+        "required": "Richiesto",
+        "accountStatus": "Stato Account",
+        "login": "Login",
+        "admin": "Admin",
+        "enabled": "Abilitato",
+        "disabled": "Disabilitato",
+        "reEnable": "Riabilita",
+        "disable": "Disattiva",
+        "contactMethods": "Metodo di contatto",
+        "notSet": "Non impostato",
+        "expiry": "Scadenza",
+        "add": "Aggiungi",
+        "edit": "Modifica",
+        "delete": "Elimina",
+        "myAccount": "Il mio Account",
+        "logout": "Esci"
+    },
+    "notifications": {
+        "errorUnknown": "Errore sconosciuto.",
+        "errorLoginBlank": "L'username o password sono stati lasciati vuoti.",
+        "errorConnection": "Non riesco a connettermi a jfa-go.",
+        "error401Unauthorized": "Non autorizzato. Prova a ricaricare la pagina.",
+        "errorSaveSettings": "Impossibile salvare impostazione."
+    },
+    "quantityStrings": {
+        "year": {
+            "singular": "{n} Anno",
+            "plural": "{n} Anni"
+        },
+        "month": {
+            "singular": "{n} Mese",
+            "plural": "{n} Mesi"
+        },
+        "day": {
+            "singular": "{n} Giorno",
+            "plural": "{n} Giorni"
+        }
+    }
+}
--- a/lang/common/nds.json
+++ b/lang/common/nds.json
@@ -0,0 +1,8 @@
+{
+    "meta": {
+        "name": "Nedderdütsch (NDS)"
+    },
+    "strings": {},
+    "notifications": {},
+    "quantityStrings": {}
+}
--- a/lang/common/nl-nl.json
+++ b/lang/common/nl-nl.json
@@ -4,26 +4,46 @@
    },
    "strings": {
        "username": "Gebruikersnaam",
-        "name": "Naam",
        "password": "Wachtwoord",
        "emailAddress": "E-mailadres",
+        "name": "Naam",
        "submit": "Verstuur",
+        "send": "Verstuur",
        "success": "Succes",
        "continue": "Doorgaan",
        "error": "Fout",
        "copy": "Kopiëer",
-        "theme": "Thema",
+        "copied": "Gekopieerd",
        "time24h": "24u-formaat",
        "time12h": "12u-formaat",
-        "copied": "Gekopieerd",
        "linkTelegram": "Koppel Telegram",
        "contactEmail": "Stuur e-mailbericht",
        "contactTelegram": "Stuur Telegram-bericht",
-        "send": "Verstuur",
        "linkDiscord": "Koppel Discord",
        "linkMatrix": "Koppel Matrix",
        "contactDiscord": "Stuur Discord bericht",
+        "theme": "Thema",
        "refresh": "Ververs",
-        "required": "Verplicht"
-    }
-}
+        "required": "Verplicht",
+        "login": "Inloggen",
+        "logout": "Uitloggen",
+        "admin": "Beheerder",
+        "enabled": "Ingeschakeld",
+        "disabled": "Uitgeschakeld",
+        "reEnable": "Opnieuw inschakelen",
+        "disable": "Uitschakelen",
+        "expiry": "Verloop",
+        "add": "Voeg toe",
+        "edit": "Bewerken",
+        "delete": "Verwijderen",
+        "inviteRemainingUses": "Resterend aantal keer te gebruiken"
+    },
+    "notifications": {
+        "errorLoginBlank": "De gebruikersnaam en/of wachtwoord is leeg.",
+        "errorConnection": "Kon geen verbinding maken met jfa-go.",
+        "errorUnknown": "Onbekende fout.",
+        "error401Unauthorized": "Geen toegang. Probeer de pagina te vernieuwen.",
+        "errorSaveSettings": "Opslaan van instellingen mislukt."
+    },
+    "quantityStrings": {}
+}
--- a/lang/common/pl-pl.json
+++ b/lang/common/pl-pl.json
@@ -24,6 +24,18 @@
        "contactDiscord": "Kontakt przez Discord",
        "theme": "Motyw",
        "refresh": "Odśwież",
-        "required": "Wymagane"
-    }
-}
+        "required": "Wymagane",
+        "admin": "Admin",
+        "enabled": "Włączone",
+        "disabled": "Wyłączone",
+        "disable": "Wyłączone",
+        "expiry": "Wygasa",
+        "edit": "Edytuj"
+    },
+    "notifications": {
+        "errorConnection": "Nie udało się połączyć z jfa-go.",
+        "errorUnknown": "Nieznany błąd.",
+        "error401Unauthorized": "Nieautoryzowany. Spróbuj odświeżyć stronę."
+    },
+    "quantityStrings": {}
+}
--- a/lang/common/pt-br.json
+++ b/lang/common/pt-br.json
@@ -4,26 +4,46 @@
    },
    "strings": {
        "username": "Nome do Usuário",
-        "name": "Nome",
        "password": "Senha",
        "emailAddress": "Endereço de e-mail",
+        "name": "Nome",
        "submit": "Enviar",
+        "send": "Enviar",
        "success": "Sucesso",
        "continue": "Continuar",
        "error": "Erro",
        "copy": "Copiar",
-        "theme": "Tema",
+        "copied": "Copiado",
        "time24h": "Horário 24h",
        "time12h": "Horário 12h",
-        "copied": "Copiado",
        "linkTelegram": "Link do Telegram",
        "contactEmail": "Contato por Email",
        "contactTelegram": "Contato pelo Telegram",
-        "send": "Enviar",
        "linkDiscord": "Link do Discord",
        "linkMatrix": "Link do Matrix",
        "contactDiscord": "Contato através do Discord",
+        "theme": "Tema",
        "refresh": "Atualizar",
-        "required": "Requeridos"
-    }
-}
+        "required": "Requeridos",
+        "login": "Login",
+        "logout": "Sair",
+        "admin": "Admin",
+        "enabled": "Habilitado",
+        "disabled": "Desativado",
+        "reEnable": "Reativar",
+        "disable": "Desativar",
+        "expiry": "Expira",
+        "add": "Adicionar",
+        "edit": "Editar",
+        "delete": "Deletar",
+        "inviteRemainingUses": "Uso restantes"
+    },
+    "notifications": {
+        "errorLoginBlank": "O nome de usuário e/ou senha foram deixados em branco.",
+        "errorConnection": "Não foi possível conectar ao jfa-go.",
+        "errorUnknown": "Erro desconhecido.",
+        "error401Unauthorized": "Não autorizado. Tente atualizar a página.",
+        "errorSaveSettings": "Não foi possível salvar as configurações."
+    },
+    "quantityStrings": {}
+}
--- a/lang/common/ro-ro.json
+++ b/lang/common/ro-ro.json
@@ -0,0 +1,8 @@
+{
+    "meta": {
+        "name": "Română (ROU)"
+    },
+    "strings": {},
+    "notifications": {},
+    "quantityStrings": {}
+}
--- a/lang/common/sl-si.json
+++ b/lang/common/sl-si.json
@@ -1,6 +1,6 @@
 {
    "meta": {
-        "name": "Angleščina (ZDA)"
+        "name": "Slovenščina (SI)"
    },
    "strings": {
        "username": "Uporabniško ime",
@@ -25,5 +25,7 @@
        "theme": "Tema",
        "refresh": "Osveži",
        "required": "Obvezno"
-    }
-}
+    },
+    "notifications": {},
+    "quantityStrings": {}
+}
--- a/lang/common/sv-se.json
+++ b/lang/common/sv-se.json
@@ -14,6 +14,37 @@
        "copy": "Kopiera",
        "time24h": "24 timmarsklocka",
        "time12h": "12 timmarsklocka",
-        "theme": "Tema"
+        "theme": "Tema",
+        "login": "Logga in",
+        "logout": "Logga ut",
+        "admin": "Admin",
+        "enabled": "Aktiverad",
+        "disabled": "Inaktiverad",
+        "expiry": "Löper ut",
+        "edit": "Redigera",
+        "delete": "Radera",
+        "inviteRemainingUses": "Återstående användningar",
+        "send": "Skicka",
+        "linkDiscord": "Länka Discord",
+        "copied": "Kopierat",
+        "linkTelegram": "Länka Telegram",
+        "contactEmail": "Kontakta via e-post",
+        "contactTelegram": "Kontakta via Telegram",
+        "refresh": "Uppdatera",
+        "required": "Obligatoriskt",
+        "contactDiscord": "Kontakt via Discord",
+        "linkMatrix": "Länka Matrix",
+        "reEnable": "Återaktivera",
+        "disable": "Inaktivera",
+        "contactMethods": "Kontaktmetoder",
+        "accountStatus": "Kontostatus",
+        "notSet": "Inte inställt"
+    },
+    "notifications": {
+        "errorLoginBlank": "Användarnamnet och/eller lösenordet lämnades tomt.",
+        "errorConnection": "Det gick inte att ansluta till jfa-go.",
+        "errorUnknown": "Okänt fel.",
+        "error401Unauthorized": "Obehörig. Prova att uppdatera sidan.",
+        "errorSaveSettings": "Det gick inte att spara inställningarna."
    }
 }
--- a/lang/common/vi-vn.json
+++ b/lang/common/vi-vn.json
@@ -0,0 +1,24 @@
+{
+    "meta": {
+        "name": "Tiếng Anh (Mỹ)"
+    },
+    "strings": {
+        "login": "Đăng nhập",
+        "logout": "Đăng xuất",
+        "admin": "Admin",
+        "enabled": "Mở",
+        "disabled": "Tắt",
+        "reEnable": "Mở lại",
+        "disable": "Tắt",
+        "expiry": "Hết hạn",
+        "add": "Thêm",
+        "edit": "Chỉnh sửa",
+        "delete": "Xóa",
+        "inviteRemainingUses": "Số lần sử dụng còn lại"
+    },
+    "notifications": {
+        "errorConnection": "Không thể kết nối với jfa-go.",
+        "error401Unauthorized": "Không được phép. Hãy thử làm mới trang."
+    },
+    "quantityStrings": {}
+}
--- a/lang/common/zh-hans.json
+++ b/lang/common/zh-hans.json
@@ -24,6 +24,43 @@
        "contactDiscord": "通过Discord联系",
        "theme": "主题",
        "refresh": "刷新",
-        "required": "必需的"
+        "required": "必需的",
+        "login": "登录",
+        "logout": "登出",
+        "admin": "管理员",
+        "enabled": "已启用",
+        "disabled": "已禁用",
+        "reEnable": "重新启用",
+        "disable": "禁用",
+        "expiry": "到期",
+        "add": "添加",
+        "edit": "编辑",
+        "delete": "删除",
+        "inviteRemainingUses": "剩余使用次数",
+        "contactMethods": "联系方式",
+        "accountStatus": "帐户状态",
+        "notSet": "未设置",
+        "myAccount": "我的帐户"
+    },
+    "notifications": {
+        "errorLoginBlank": "用户名/密码留空。",
+        "errorConnection": "无法连接到 jfa-go。",
+        "errorUnknown": "未知错误。",
+        "error401Unauthorized": "无授权。尝试刷新页面。",
+        "errorSaveSettings": "无法保存设置。"
+    },
+    "quantityStrings": {
+        "day": {
+            "plural": "{n} 天",
+            "singular": "{n} 天"
+        },
+        "month": {
+            "singular": "{n} 月",
+            "plural": "{n} 月"
+        },
+        "year": {
+            "singular": "{n} 年",
+            "plural": "{n} 年"
+        }
    }
 }
--- a/lang/common/zh-hant.json
+++ b/lang/common/zh-hant.json
@@ -24,6 +24,26 @@
        "contactDiscord": "通過 Discord 聯繫",
        "theme": "主題",
        "refresh": "重新整理",
-        "required": "必填"
-    }
-}
+        "required": "必填",
+        "login": "登錄",
+        "logout": "登出",
+        "admin": "管理員",
+        "enabled": "已啟用",
+        "disabled": "已禁用",
+        "reEnable": "重新啟用",
+        "disable": "禁用",
+        "expiry": "到期",
+        "add": "添加",
+        "edit": "編輯",
+        "delete": "刪除",
+        "inviteRemainingUses": "剩餘使用次數"
+    },
+    "notifications": {
+        "errorLoginBlank": "帳戶名稱和/或密碼留空。",
+        "errorConnection": "無法連接到 jfa-go。",
+        "errorUnknown": "未知的錯誤。",
+        "error401Unauthorized": "未經授權。嘗試重新整理頁面。",
+        "errorSaveSettings": "無法儲存設置。"
+    },
+    "quantityStrings": {}
+}
--- a/lang/email/ar-aa.json
+++ b/lang/email/ar-aa.json
@@ -0,0 +1,77 @@
+{
+    "meta": {
+        "name": "العربية (AR)"
+    },
+    "strings": {
+        "ifItWasNotYou": "اذا لم يكن هذا انت، الرجاء تجاهل هذا.",
+        "helloUser": "مرحباً {username}،",
+        "reason": "السبب"
+    },
+    "userCreated": {
+        "name": "إنشاء حساب",
+        "title": "ملاحظة: تم إنشاء الحساب",
+        "aUserWasCreated": "تم إنشاء الحساب بواسطة الرمز {code}.",
+        "time": "الوقت",
+        "notificationNotice": "ملاحظة: الرسائل التذكيرية يمكن تعديلها في لوحة التحكم."
+    },
+    "inviteExpiry": {
+        "name": "انتهاء صلاحية الدعوة",
+        "title": "ملاحظة: انتهت صلاحية الدعوة",
+        "inviteExpired": "انتهت صلاحية الدعوة.",
+        "expiredAt": "انتهت صلاحية الرمز {code} في {time} .",
+        "notificationNotice": "ملاحظة: الرسائل التذكيرية يمكن تعديلها في لوحة التحكم."
+    },
+    "passwordReset": {
+        "name": "إعادة تعيين كلمة المرور",
+        "title": "تم طلب إعادة تعيين كلمة المرور - Jellyfin",
+        "someoneHasRequestedReset": "قام شخص ما بطلب إعادة تعيين كلمة المرور مؤخرا.",
+        "ifItWasYou": "إذا كان هذا انت، أدخل رمز التعريف الشخصي أدناه في الخانة.",
+        "ifItWasYouLink": "إذا كان هذا انت، اضغط على الرابط أدناه.",
+        "codeExpiry": "ستنتهي صلاحية الرمز في {date}، {time} UTC، خلال {expiresInMinutes}.",
+        "pin": "رمز التعريف الشخصي"
+    },
+    "userDeleted": {
+        "name": "حذف المستخدم",
+        "title": "لقد تم حذف حسابك - Jellyfin",
+        "yourAccountWasDeleted": "لقد تم حذف حسابك في Jellyfin."
+    },
+    "userDisabled": {
+        "name": "تعطيل المستخدم",
+        "title": "لقد تم تعطيل حسابك - Jellyfin",
+        "yourAccountWasDisabled": "لقد تم تعطيل حسابك."
+    },
+    "userEnabled": {
+        "name": "تفعيل المستخدم",
+        "title": "لقد تم تفعيل حسابك - Jellyfin",
+        "yourAccountWasEnabled": "لقد تم تفعيل حسابك."
+    },
+    "inviteEmail": {
+        "name": "دعوة البريد الإلكتروني",
+        "title": "دعوة - Jellyfin",
+        "hello": "مرحباً",
+        "youHaveBeenInvited": "تمت دعوتك إلى Jellyfin.",
+        "toJoin": "للإنضمام، اتبع الرابط أدناه.",
+        "inviteExpiry": "ستنتهي صلاحية الدعوة في {date} {time}، خلال {expiresInMinutes}، اتخذ اجراءاً.",
+        "linkButton": "قم بإعداد حسابك"
+    },
+    "welcomeEmail": {
+        "name": "مرحباً",
+        "title": "مرحباً في Jellyfin",
+        "welcome": "مرحباً في Jellyfin!",
+        "youCanLoginWith": "يمكنك تسجيل الدخول بإستخدام المعلومات أدناه",
+        "yourAccountWillExpire": "ستنتهي صلاحية حسابك في {date}.",
+        "jellyfinURL": "رابط"
+    },
+    "emailConfirmation": {
+        "name": "بريد التحقق",
+        "title": "قم بتأكيد حسابك - Jellyfin",
+        "clickBelow": "اضغط الرابط ادناه لتأكيد حسابك والبدء في استخدام Jellyfin.",
+        "confirmEmail": "تأكيد البريد الإلكتروني"
+    },
+    "userExpired": {
+        "name": "انتهاء صلاحية المستخدم",
+        "title": "انتهت صلاحية حسابك - Jellyfin",
+        "yourAccountHasExpired": "انتهت صلاحية حسابك.",
+        "contactTheAdmin": "تواصل مع المشرفين للمزيد من المعلومات."
+    }
+}
--- a/lang/email/da-dk.json
+++ b/lang/email/da-dk.json
@@ -74,4 +74,4 @@
        "yourAccountHasExpired": "Din konto er udløbet.",
        "contactTheAdmin": "Kontakt administratoren for mere information."
    }
-}
+}
--- a/lang/email/de-de.json
+++ b/lang/email/de-de.json
@@ -74,4 +74,4 @@
        "title": "Dein Konto wurde wieder freigeschaltet - Jellyfin",
        "yourAccountWasEnabled": "Dein Konto wurde wieder aktiviert."
    }
-}
+}
--- a/lang/email/el-gr.json
+++ b/lang/email/el-gr.json
@@ -74,4 +74,4 @@
        "name": "Ο χρήστης ενεργοποιήθηκε",
        "yourAccountWasEnabled": "Ο λογαριασμός σας ενεργοποιήθηκε εκ νέου."
    }
-}
+}
--- a/lang/email/en-gb.json
+++ b/lang/email/en-gb.json
@@ -74,4 +74,4 @@
        "title": "Your account has been re-enabled - Jellyfin",
        "yourAccountWasEnabled": "Your account was re-enabled."
    }
-}
+}
--- a/lang/email/en-us.json
+++ b/lang/email/en-us.json
@@ -74,4 +74,4 @@
        "yourAccountHasExpired": "Your account has expired.",
        "contactTheAdmin": "Contact the administrator for more info."
    }
-}
+}
--- a/lang/email/es-es.json
+++ b/lang/email/es-es.json
@@ -74,4 +74,4 @@
        "yourAccountHasExpired": "Tu cuenta ha expirado.",
        "contactTheAdmin": "Póngase en contacto con el administrador para obtener más información."
    }
-}
+}
--- a/lang/email/fr-fr.json
+++ b/lang/email/fr-fr.json
@@ -75,4 +75,4 @@
        "title": "Ton compte a été ré-activé - Jellyfin",
        "yourAccountWasEnabled": "Ton compte a été ré-activé."
    }
-}
+}
--- a/lang/email/hu-hu.json
+++ b/lang/email/hu-hu.json
@@ -0,0 +1,77 @@
+{
+    "meta": {
+        "name": "Magyar (HU)"
+    },
+    "strings": {
+        "ifItWasNotYou": "",
+        "helloUser": "",
+        "reason": ""
+    },
+    "userCreated": {
+        "name": "",
+        "title": "",
+        "aUserWasCreated": "",
+        "time": "",
+        "notificationNotice": ""
+    },
+    "inviteExpiry": {
+        "name": "",
+        "title": "",
+        "inviteExpired": "",
+        "expiredAt": "",
+        "notificationNotice": ""
+    },
+    "passwordReset": {
+        "name": "",
+        "title": "",
+        "someoneHasRequestedReset": "",
+        "ifItWasYou": "",
+        "ifItWasYouLink": "",
+        "codeExpiry": "",
+        "pin": ""
+    },
+    "userDeleted": {
+        "name": "",
+        "title": "",
+        "yourAccountWasDeleted": ""
+    },
+    "userDisabled": {
+        "name": "",
+        "title": "",
+        "yourAccountWasDisabled": ""
+    },
+    "userEnabled": {
+        "name": "",
+        "title": "",
+        "yourAccountWasEnabled": ""
+    },
+    "inviteEmail": {
+        "name": "",
+        "title": "",
+        "hello": "",
+        "youHaveBeenInvited": "",
+        "toJoin": "",
+        "inviteExpiry": "",
+        "linkButton": ""
+    },
+    "welcomeEmail": {
+        "name": "",
+        "title": "",
+        "welcome": "",
+        "youCanLoginWith": "",
+        "yourAccountWillExpire": "",
+        "jellyfinURL": ""
+    },
+    "emailConfirmation": {
+        "name": "",
+        "title": "",
+        "clickBelow": "",
+        "confirmEmail": ""
+    },
+    "userExpired": {
+        "name": "",
+        "title": "",
+        "yourAccountHasExpired": "",
+        "contactTheAdmin": ""
+    }
+}
--- a/lang/email/id-id.json
+++ b/lang/email/id-id.json
@@ -56,4 +56,4 @@
        "confirmEmail": "Konfirmasi Email",
        "name": "Email konfirmasi"
    }
-}
+}
--- a/Show More
+++ b/Show More