release: v1.6.2

owner_reset_password.go: use ownerHex in SELECT
release: v1.6.1
2019-02-19 00:12:28 -05:00 · 2019-02-19 00:11:26 -05:00 · 2019-02-18 18:36:17 -05:00 · 2019-02-18 18:35:28 -05:00 · 2019-02-18 18:28:06 -05:00 · 2019-02-18 17:40:22 -05:00
117 changed files with 2808 additions and 984 deletions
--- a/1
+++ b/1
@@ -52,6 +52,7 @@ COPY --from=frontend-build /commento/frontend/build/prod/*.html /commento/
 COPY --from=frontend-build /commento/frontend/build/prod/css/*.css /commento/css/
 COPY --from=frontend-build /commento/frontend/build/prod/js/*.js /commento/js/
 COPY --from=frontend-build /commento/frontend/build/prod/images/* /commento/images/
+COPY --from=frontend-build /commento/frontend/build/prod/fonts/* /commento/fonts/
 COPY --from=templates-build /commento/templates/build/prod/templates/ /commento/templates/
 COPY --from=db-build /commento/db/build/prod/db/ /commento/db/

--- a/api/Gopkg.lock
+++ b/api/Gopkg.lock
@@ -116,10 +116,11 @@

 [[projects]]
  branch = "master"
-  digest = "1:bea0314c10bd362ab623af4880d853b5bad3b63d0ab9945c47e461b8d04203ed"
+  digest = "1:82e6e4dc5ab71680d89684e4649be630fdeeaf81feb8e88e4a56273a0cd4d966"
  name = "golang.org/x/oauth2"
  packages = [
    ".",
+    "github",
    "google",
    "internal",
    "jws",
@@ -160,7 +161,9 @@
    "github.com/op/go-logging",
    "github.com/russross/blackfriday",
    "golang.org/x/crypto/bcrypt",
+    "golang.org/x/net/html",
    "golang.org/x/oauth2",
+    "golang.org/x/oauth2/github",
    "golang.org/x/oauth2/google",
  ]
  solver-name = "gps-cdcl"
--- a/api/comment_new.go
+++ b/api/comment_new.go
@@ -77,13 +77,19 @@ func commentNewHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	if d.RequireIdentification && *x.CommenterToken == "anonymous" {
+		bodyMarshal(w, response{"success": false, "message": errorNotAuthorised.Error()})
+		return
+	}
+
 	// logic: (empty column indicates the value doesn't matter)
-	// | anonymous | moderator | requireIdentification | requireModeration | approved? |
-	// |-----------+-----------+-----------------------+-------------------+-----------|
-	// |       yes |           |                       |                   |        no |
-	// |        no |       yes |                       |                   |       yes |
-	// |        no |        no |                       |               yes |       yes |
-	// |        no |        no |                       |                no |        no |
+	// | anonymous | moderator | requireIdentification | requireModeration | moderateAllAnonymous | approved? |
+	// |-----------+-----------+-----------------------+-------------------+----------------------+-----------|
+	// |       yes |           |                       |                   |                   no |       yes |
+	// |       yes |           |                       |                   |                  yes |        no |
+	// |        no |       yes |                       |                   |                      |       yes |
+	// |        no |        no |                       |               yes |                      |       yes |
+	// |        no |        no |                       |                no |                      |        no |

 	var commenterHex string
 	var state string
@@ -93,7 +99,11 @@ func commentNewHandler(w http.ResponseWriter, r *http.Request) {
 		if isSpam(*x.Domain, getIp(r), getUserAgent(r), "Anonymous", "", "", *x.Markdown) {
 			state = "flagged"
 		} else {
-			state = "unapproved"
+			if d.ModerateAllAnonymous || d.RequireModeration {
+				state = "unapproved"
+			} else {
+				state = "approved"
+			}
 		}
 	} else {
 		c, err := commenterGetByCommenterToken(*x.CommenterToken)
@@ -134,5 +144,11 @@ func commentNewHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	bodyMarshal(w, response{"success": true, "commentHex": commentHex, "state": state})
+	// TODO: reuse html in commentNew and do only one markdown to HTML conversion?
+	html := markdownToHtml(*x.Markdown)
+
+	bodyMarshal(w, response{"success": true, "commentHex": commentHex, "state": state, "html": html})
+	if smtpConfigured {
+		go emailNotificationNew(d, path, commenterHex, commentHex, *x.ParentHex, state)
+	}
 }
--- a/api/commenter_get.go
+++ b/api/commenter_get.go
@@ -66,5 +66,6 @@ func commenterGetByCommenterToken(commenterToken string) (commenter, error) {
 		return commenter{}, errorNoSuchToken
 	}

+	// TODO: use a join instead of two queries?
 	return commenterGetByHex(commenterHex)
 }
--- a/api/commenter_login.go
+++ b/api/commenter_login.go
@@ -67,5 +67,12 @@ func commenterLoginHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	bodyMarshal(w, response{"success": true, "commenterToken": commenterToken})
+	// TODO: modify commenterLogin to directly return c?
+	c, err := commenterGetByCommenterToken(commenterToken)
+	if err != nil {
+		bodyMarshal(w, response{"success": false, "message": err.Error()})
+		return
+	}
+
+	bodyMarshal(w, response{"success": true, "commenterToken": commenterToken, "commenter": c})
 }
--- a/api/commenter_new.go
+++ b/api/commenter_new.go
@@ -27,6 +27,10 @@ func commenterNew(email string, name string, link string, photo string, provider
 		return "", errorEmailAlreadyExists
 	}

+	if err := emailNew(email); err != nil {
+		return "", errorInternal
+	}
+
 	commenterHex, err := randomHex(32)
 	if err != nil {
 		return "", errorInternal
--- a/api/commenter_self.go
+++ b/api/commenter_self.go
@@ -21,5 +21,11 @@ func commenterSelfHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	bodyMarshal(w, response{"success": true, "commenter": c})
+	e, err := emailGet(c.Email)
+	if err != nil {
+		bodyMarshal(w, response{"success": false, "message": err.Error()})
+		return
+	}
+
+	bodyMarshal(w, response{"success": true, "commenter": c, "email": e})
 }
--- a/api/config.go
+++ b/api/config.go
@@ -47,6 +47,9 @@ func configParse() error {

 		"GOOGLE_KEY":    "",
 		"GOOGLE_SECRET": "",
+
+		"GITHUB_KEY":    "",
+		"GITHUB_SECRET": "",
 	}

 	for key, value := range defaults {
--- a/api/constants.go
+++ b/api/constants.go
@@ -1,3 +1,3 @@
 package main

-var version = "v1.4.1"
+var version = "v1.6.2"
--- a/api/cron_domain_export_cleanup.go
+++ b/api/cron_domain_export_cleanup.go
@@ -0,0 +1,25 @@
+package main
+
+import (
+	"time"
+)
+
+func domainExportCleanupBegin() error {
+	go func() {
+		for {
+			statement := `
+				DELETE FROM exports
+				WHERE creationDate < $1;
+			`
+			_, err := db.Exec(statement, time.Now().UTC().AddDate(0, 0, -7))
+			if err != nil {
+				logger.Errorf("error cleaning up export rows: %v", err)
+				return
+			}
+
+			time.Sleep(2 * time.Hour)
+		}
+	}()
+
+	return nil
+}
--- a/api/cron_email_notification.go
+++ b/api/cron_email_notification.go
@@ -0,0 +1,66 @@
+package main
+
+import (
+	"time"
+)
+
+func emailNotificationBegin() error {
+	go func() {
+		for {
+			statement := `
+				SELECT email, sendModeratorNotifications, sendReplyNotifications
+				FROM emails
+				WHERE pendingEmails > 0 AND lastEmailNotificationDate < $1;
+			`
+			rows, err := db.Query(statement, time.Now().UTC().Add(time.Duration(-10)*time.Minute))
+			if err != nil {
+				logger.Errorf("cannot query domains: %v", err)
+				return
+			}
+			defer rows.Close()
+
+			for rows.Next() {
+				var email string
+				var sendModeratorNotifications bool
+				var sendReplyNotifications bool
+				if err = rows.Scan(&email, &sendModeratorNotifications, &sendReplyNotifications); err != nil {
+					logger.Errorf("cannot scan email in cron job to send notifications: %v", err)
+					continue
+				}
+
+				if _, ok := emailQueue[email]; !ok {
+					if err = emailNotificationPendingReset(email); err != nil {
+						logger.Errorf("error resetting pendingEmails: %v", err)
+						continue
+					}
+				}
+
+				cont := true
+				kindListMap := map[string][]emailNotification{}
+				for cont {
+					select {
+					case e := <-emailQueue[email]:
+						if _, ok := kindListMap[e.Kind]; !ok {
+							kindListMap[e.Kind] = []emailNotification{}
+						}
+
+						if (e.Kind == "reply" && sendReplyNotifications) || sendModeratorNotifications {
+							kindListMap[e.Kind] = append(kindListMap[e.Kind], e)
+						}
+					default:
+						cont = false
+						break
+					}
+				}
+
+				for kind, list := range kindListMap {
+					go emailNotificationSend(email, kind, list)
+				}
+			}
+
+			time.Sleep(10 * time.Minute)
+		}
+	}()
+
+	return nil
+}
--- a/api/cron_views_cleanup.go
+++ b/api/cron_views_cleanup.go
@@ -0,0 +1,25 @@
+package main
+
+import (
+	"time"
+)
+
+func viewsCleanupBegin() error {
+	go func() {
+		for {
+			statement := `
+				DELETE FROM views
+				WHERE viewDate < $1;
+			`
+			_, err := db.Exec(statement, time.Now().UTC().AddDate(0, 0, -45))
+			if err != nil {
+				logger.Errorf("error cleaning up views: %v", err)
+				return
+			}
+
+			time.Sleep(24 * time.Hour)
+		}
+	}()
+
+	return nil
+}
--- a/api/database_migrate.go
+++ b/api/database_migrate.go
@@ -6,6 +6,10 @@ import (
 	"strings"
 )

+var goMigrations = map[string](func() error){
+	"20190213033530-email-notifications.sql": migrateEmails,
+}
+
 func migrate() error {
 	return migrateFromDir(os.Getenv("STATIC") + "/db")
 }
@@ -69,6 +73,13 @@ func migrateFromDir(dir string) error {
 					return err
 				}

+				if fn, ok := goMigrations[file.Name()]; ok {
+					if err = fn(); err != nil {
+						logger.Errorf("cannot execute Go migration associated with SQL %s: %v", f, err)
+						return err
+					}
+				}
+
 				completed++
 			}
 		}
--- a/api/database_migrate_email_notifications.go
+++ b/api/database_migrate_email_notifications.go
@@ -0,0 +1,37 @@
+package main
+
+import ()
+
+func migrateEmails() error {
+	statement := `
+		SELECT commenters.email
+		FROM commenters
+		UNION
+		SELECT owners.email
+		FROM owners
+		UNION
+		SELECT moderators.email
+		FROM moderators;
+	`
+	rows, err := db.Query(statement)
+	if err != nil {
+		logger.Errorf("cannot get comments: %v", err)
+		return errorDatabaseMigration
+	}
+	defer rows.Close()
+
+	for rows.Next() {
+		var email string
+		if err = rows.Scan(&email); err != nil {
+			logger.Errorf("cannot get email from tables during migration: %v", err)
+			return errorDatabaseMigration
+		}
+
+		if err = emailNew(email); err != nil {
+			logger.Errorf("cannot insert email during migration: %v", err)
+			return errorDatabaseMigration
+		}
+	}
+
+	return nil
+}
--- a/api/domain.go
+++ b/api/domain.go
@@ -5,14 +5,16 @@ import (
 )

 type domain struct {
-	Domain                string      `json:"domain"`
-	OwnerHex              string      `json:"ownerHex"`
-	Name                  string      `json:"name"`
-	CreationDate          time.Time   `json:"creationDate"`
-	State                 string      `json:"state"`
-	ImportedComments      bool        `json:"importedComments"`
-	AutoSpamFilter        bool        `json:"autoSpamFilter"`
-	RequireModeration     bool        `json:"requireModeration"`
-	RequireIdentification bool        `json:"requireIdentification"`
-	Moderators            []moderator `json:"moderators"`
+	Domain                  string      `json:"domain"`
+	OwnerHex                string      `json:"ownerHex"`
+	Name                    string      `json:"name"`
+	CreationDate            time.Time   `json:"creationDate"`
+	State                   string      `json:"state"`
+	ImportedComments        bool        `json:"importedComments"`
+	AutoSpamFilter          bool        `json:"autoSpamFilter"`
+	RequireModeration       bool        `json:"requireModeration"`
+	RequireIdentification   bool        `json:"requireIdentification"`
+	ModerateAllAnonymous    bool        `json:"moderateAllAnonymous"`
+	Moderators              []moderator `json:"moderators"`
+	EmailNotificationPolicy string      `json:"emailNotificationPolicy"`
 }
--- a/api/domain_export.go
+++ b/api/domain_export.go
@@ -0,0 +1,151 @@
+package main
+
+import (
+	"encoding/json"
+	"net/http"
+	"time"
+)
+
+func domainExportBeginError(email string, toName string, domain string, err error) {
+	// we're not using err at the moment because it's all errorInternal
+	if err2 := smtpDomainExportError(email, toName, domain); err2 != nil {
+		logger.Errorf("cannot send domain export error email for %s: %v", domain, err2)
+		return
+	}
+}
+
+func domainExportBegin(email string, toName string, domain string) {
+	type dataExport struct {
+		Version    int         `json:"version"`
+		Comments   []comment   `json:"comments"`
+		Commenters []commenter `json:"commenters"`
+	}
+
+	e := dataExport{Version: 1, Comments: []comment{}, Commenters: []commenter{}}
+
+	statement := `
+		SELECT commentHex, domain, path, commenterHex, markdown, parentHex, score, state, creationDate
+		FROM comments
+		WHERE domain = $1;
+	`
+	rows1, err := db.Query(statement, domain)
+	if err != nil {
+		logger.Errorf("cannot select comments while exporting %s: %v", domain, err)
+		domainExportBeginError(email, toName, domain, errorInternal)
+		return
+	}
+	defer rows1.Close()
+
+	for rows1.Next() {
+		c := comment{}
+		if err = rows1.Scan(&c.CommentHex, &c.Domain, &c.Path, &c.CommenterHex, &c.Markdown, &c.ParentHex, &c.Score, &c.State, &c.CreationDate); err != nil {
+			logger.Errorf("cannot scan comment while exporting %s: %v", domain, err)
+			domainExportBeginError(email, toName, domain, errorInternal)
+			return
+		}
+
+		e.Comments = append(e.Comments, c)
+	}
+
+	statement = `
+		SELECT commenters.commenterHex, commenters.email, commenters.name, commenters.link, commenters.photo, commenters.provider, commenters.joinDate
+		FROM commenters, comments
+		WHERE comments.domain = $1 AND commenters.commenterHex = comments.commenterHex;
+	`
+	rows2, err := db.Query(statement, domain)
+	if err != nil {
+		logger.Errorf("cannot select commenters while exporting %s: %v", domain, err)
+		domainExportBeginError(email, toName, domain, errorInternal)
+		return
+	}
+	defer rows2.Close()
+
+	for rows2.Next() {
+		c := commenter{}
+		if err := rows2.Scan(&c.CommenterHex, &c.Email, &c.Name, &c.Link, &c.Photo, &c.Provider, &c.JoinDate); err != nil {
+			logger.Errorf("cannot scan commenter while exporting %s: %v", domain, err)
+			domainExportBeginError(email, toName, domain, errorInternal)
+			return
+		}
+
+		e.Commenters = append(e.Commenters, c)
+	}
+
+	je, err := json.Marshal(e)
+	if err != nil {
+		logger.Errorf("cannot marshall JSON while exporting %s: %v", domain, err)
+		domainExportBeginError(email, toName, domain, errorInternal)
+		return
+	}
+
+	gje, err := gzipStatic(je)
+	if err != nil {
+		logger.Errorf("cannot gzip JSON while exporting %s: %v", domain, err)
+		domainExportBeginError(email, toName, domain, errorInternal)
+		return
+	}
+
+	exportHex, err := randomHex(32)
+	if err != nil {
+		logger.Errorf("cannot generate exportHex while exporting %s: %v", domain, err)
+		domainExportBeginError(email, toName, domain, errorInternal)
+		return
+	}
+
+	statement = `
+		INSERT INTO
+		exports (exportHex, binData, domain, creationDate)
+		VALUES  ($1,        $2,      $3    , $4          );
+	`
+	_, err = db.Exec(statement, exportHex, gje, domain, time.Now().UTC())
+	if err != nil {
+		logger.Errorf("error inserting expiry binary data while exporting %s: %v", domain, err)
+		domainExportBeginError(email, toName, domain, errorInternal)
+		return
+	}
+
+	err = smtpDomainExport(email, toName, domain, exportHex)
+	if err != nil {
+		logger.Errorf("error sending data export email for %s: %v", domain, err)
+		return
+	}
+}
+
+func domainExportBeginHandler(w http.ResponseWriter, r *http.Request) {
+	type request struct {
+		OwnerToken *string `json:"ownerToken"`
+		Domain     *string `json:"domain"`
+	}
+
+	var x request
+	if err := bodyUnmarshal(r, &x); err != nil {
+		bodyMarshal(w, response{"success": false, "message": err.Error()})
+		return
+	}
+
+	if !smtpConfigured {
+		bodyMarshal(w, response{"success": false, "message": errorSmtpNotConfigured.Error()})
+		return
+	}
+
+	o, err := ownerGetByOwnerToken(*x.OwnerToken)
+	if err != nil {
+		bodyMarshal(w, response{"success": false, "message": err.Error()})
+		return
+	}
+
+	isOwner, err := domainOwnershipVerify(o.OwnerHex, *x.Domain)
+	if err != nil {
+		bodyMarshal(w, response{"success": false, "message": err.Error()})
+		return
+	}
+
+	if !isOwner {
+		bodyMarshal(w, response{"success": false, "message": errorNotAuthorised.Error()})
+		return
+	}
+
+	go domainExportBegin(o.Email, o.Name, *x.Domain)
+
+	bodyMarshal(w, response{"success": true})
+}
--- a/api/domain_export_download.go
+++ b/api/domain_export_download.go
@@ -0,0 +1,33 @@
+package main
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+)
+
+func domainExportDownloadHandler(w http.ResponseWriter, r *http.Request) {
+	exportHex := r.FormValue("exportHex")
+	if exportHex == "" {
+		fmt.Fprintf(w, "Error: empty exportHex\n")
+		return
+	}
+
+	statement := `
+		SELECT domain, binData, creationDate
+		FROM exports
+		WHERE exportHex = $1;
+	`
+	row := db.QueryRow(statement, exportHex)
+
+	var domain string
+	var binData []byte
+	var creationDate time.Time
+	if err := row.Scan(&domain, &binData, &creationDate); err != nil {
+		fmt.Fprintf(w, "Error: that exportHex does not exist\n")
+	}
+
+	w.Header().Set("Content-Disposition", fmt.Sprintf(`inline; filename="%s-%v.gz"`, domain, creationDate.Unix()))
+	w.Header().Set("Content-Encoding", "gzip")
+	w.Write(binData)
+}
--- a/api/domain_get.go
+++ b/api/domain_get.go
@@ -8,7 +8,7 @@ func domainGet(dmn string) (domain, error) {
 	}

 	statement := `
-    SELECT domain, ownerHex, name, creationDate, state, importedComments, autoSpamFilter, requireModeration, requireIdentification
+    SELECT domain, ownerHex, name, creationDate, state, importedComments, autoSpamFilter, requireModeration, requireIdentification, moderateAllAnonymous, emailNotificationPolicy
 		FROM domains
 		WHERE domain = $1;
 	`
@@ -16,7 +16,7 @@ func domainGet(dmn string) (domain, error) {

 	var err error
 	d := domain{}
-	if err = row.Scan(&d.Domain, &d.OwnerHex, &d.Name, &d.CreationDate, &d.State, &d.ImportedComments, &d.AutoSpamFilter, &d.RequireModeration, &d.RequireIdentification); err != nil {
+	if err = row.Scan(&d.Domain, &d.OwnerHex, &d.Name, &d.CreationDate, &d.State, &d.ImportedComments, &d.AutoSpamFilter, &d.RequireModeration, &d.RequireIdentification, &d.ModerateAllAnonymous, &d.EmailNotificationPolicy); err != nil {
 		return d, errorNoSuchDomain
 	}

--- a/api/domain_import_disqus.go
+++ b/api/domain_import_disqus.go
@@ -18,9 +18,9 @@ type disqusThread struct {

 type disqusAuthor struct {
 	XMLName     xml.Name `xml:"author"`
-	IsAnonymous bool     `xml:"isAnonymous"`
 	Name        string   `xml:"name"`
-	Email       string   `xml:"email"`
+	IsAnonymous bool     `xml:"isAnonymous"`
+	Username    string   `xml:"username"`
 }

 type disqusThreadId struct {
@@ -43,7 +43,6 @@ type disqusPost struct {
 	Id           string         `xml:"http://disqus.com/disqus-internals id,attr"`
 	ThreadId     disqusThreadId `xml:"thread"`
 	ParentId     disqusParentId `xml:"parent"`
-	PostId       disqusPostId   `xml:"post"`
 	Message      string         `xml:"message"`
 	CreationDate time.Time      `xml:"createdAt"`
 	IsDeleted    bool           `xml:"isDeleted"`
@@ -98,24 +97,26 @@ func domainImportDisqus(domain string, url string) (int, error) {

 	// Map Disqus emails to commenterHex (if not available, create a new one
 	// with a random password that can be reset later).
-	commenterHex := make(map[string]string)
+	commenterHex := map[string]string{}
 	for _, post := range x.Posts {
 		if post.IsDeleted || post.IsSpam {
 			continue
 		}

-		if _, ok := commenterHex[post.Author.Email]; ok {
+		email := post.Author.Username + "@disqus.com"
+
+		if _, ok := commenterHex[email]; ok {
 			continue
 		}

-		c, err := commenterGetByEmail("commento", post.Author.Email)
+		c, err := commenterGetByEmail("commento", email)
 		if err != nil && err != errorNoSuchCommenter {
 			logger.Errorf("cannot get commenter by email: %v", err)
 			return 0, errorInternal
 		}

 		if err == nil {
-			commenterHex[post.Author.Email] = c.CommenterHex
+			commenterHex[email] = c.CommenterHex
 			continue
 		}

@@ -125,7 +126,7 @@ func domainImportDisqus(domain string, url string) (int, error) {
 			return 0, errorInternal
 		}

-		commenterHex[post.Author.Email], err = commenterNew(post.Author.Email, post.Author.Name, "undefined", "undefined", "commento", randomPassword)
+		commenterHex[email], err = commenterNew(email, post.Author.Name, "undefined", "undefined", "commento", randomPassword)
 		if err != nil {
 			return 0, err
 		}
@@ -134,12 +135,17 @@ func domainImportDisqus(domain string, url string) (int, error) {
 	// For each Disqus post, create a Commento comment. Attempt to convert the
 	// HTML to markdown.
 	numImported := 0
-	disqusIdMap := make(map[string]string)
+	disqusIdMap := map[string]string{}
 	for _, post := range x.Posts {
 		if post.IsDeleted || post.IsSpam {
 			continue
 		}

+		cHex := "anonymous"
+		if !post.Author.IsAnonymous {
+			cHex = commenterHex[post.Author.Username+"@disqus.com"]
+		}
+
 		parentHex := "root"
 		if val, ok := disqusIdMap[post.ParentId.Id]; ok {
 			parentHex = val
@@ -148,7 +154,7 @@ func domainImportDisqus(domain string, url string) (int, error) {
 		// TODO: restrict the list of tags to just the basics: <a>, <b>, <i>, <code>
 		// Especially remove <img> (convert it to <a>).
 		commentHex, err := commentNew(
-			commenterHex[post.Author.Email],
+			cHex,
 			domain,
 			pathStrip(threads[post.ThreadId.Id].URL),
 			parentHex,
@@ -159,7 +165,7 @@ func domainImportDisqus(domain string, url string) (int, error) {
 			return numImported, err
 		}

-		disqusIdMap[post.PostId.Id] = commentHex
+		disqusIdMap[post.Id] = commentHex
 		numImported += 1
 	}

--- a/api/domain_list.go
+++ b/api/domain_list.go
@@ -10,7 +10,7 @@ func domainList(ownerHex string) ([]domain, error) {
 	}

 	statement := `
-    SELECT domain, ownerHex, name, creationDate, state, importedComments, autoSpamFilter, requireModeration, requireIdentification
+    SELECT domain, ownerHex, name, creationDate, state, importedComments, autoSpamFilter, requireModeration, requireIdentification, moderateAllAnonymous, emailNotificationPolicy
 		FROM domains
 		WHERE ownerHex=$1;
 	`
@@ -24,7 +24,7 @@ func domainList(ownerHex string) ([]domain, error) {
 	domains := []domain{}
 	for rows.Next() {
 		d := domain{}
-		if err = rows.Scan(&d.Domain, &d.OwnerHex, &d.Name, &d.CreationDate, &d.State, &d.ImportedComments, &d.AutoSpamFilter, &d.RequireModeration, &d.RequireIdentification); err != nil {
+		if err = rows.Scan(&d.Domain, &d.OwnerHex, &d.Name, &d.CreationDate, &d.State, &d.ImportedComments, &d.AutoSpamFilter, &d.RequireModeration, &d.RequireIdentification, &d.ModerateAllAnonymous, &d.EmailNotificationPolicy); err != nil {
 			logger.Errorf("cannot Scan domain: %v", err)
 			return nil, errorInternal
 		}
--- a/api/domain_moderator_new.go
+++ b/api/domain_moderator_new.go
@@ -10,6 +10,11 @@ func domainModeratorNew(domain string, email string) error {
 		return errorMissingField
 	}

+	if err := emailNew(email); err != nil {
+		logger.Errorf("cannot create email when creating moderator: %v", err)
+		return errorInternal
+	}
+
 	statement := `
 		INSERT INTO
 		moderators (domain, email, addDate)
--- a/api/domain_update.go
+++ b/api/domain_update.go
@@ -7,11 +7,11 @@ import (
 func domainUpdate(d domain) error {
 	statement := `
 		UPDATE domains
-    SET name=$2, state=$3, autoSpamFilter=$4, requireModeration=$5, requireIdentification=$6
+    SET name=$2, state=$3, autoSpamFilter=$4, requireModeration=$5, requireIdentification=$6, moderateAllAnonymous=$7, emailNotificationPolicy=$8
 		WHERE domain=$1;
 	`

-	_, err := db.Exec(statement, d.Domain, d.Name, d.State, d.AutoSpamFilter, d.RequireModeration, d.RequireIdentification)
+	_, err := db.Exec(statement, d.Domain, d.Name, d.State, d.AutoSpamFilter, d.RequireModeration, d.RequireIdentification, d.ModerateAllAnonymous, d.EmailNotificationPolicy)
 	if err != nil {
 		logger.Errorf("cannot update non-moderators: %v", err)
 		return errorInternal
--- a/api/email.go
+++ b/api/email.go
@@ -0,0 +1,14 @@
+package main
+
+import (
+	"time"
+)
+
+type email struct {
+	Email                      string    `json:"email"`
+	UnsubscribeSecretHex       string    `json:"unsubscribeSecretHex"`
+	LastEmailNotificationDate  time.Time `json:"lastEmailNotificationDate"`
+	PendingEmails              int       `json:"-"`
+	SendReplyNotifications     bool      `json:"sendReplyNotifications"`
+	SendModeratorNotifications bool      `json:"sendModeratorNotifications"`
+}
--- a/api/email_get.go
+++ b/api/email_get.go
@@ -0,0 +1,59 @@
+package main
+
+import (
+	"net/http"
+)
+
+func emailGet(em string) (email, error) {
+	statement := `
+		SELECT email, unsubscribeSecretHex, lastEmailNotificationDate, pendingEmails, sendReplyNotifications, sendModeratorNotifications
+		FROM emails
+		WHERE email = $1;
+	`
+	row := db.QueryRow(statement, em)
+
+	e := email{}
+	if err := row.Scan(&e.Email, &e.UnsubscribeSecretHex, &e.LastEmailNotificationDate, &e.PendingEmails, &e.SendReplyNotifications, &e.SendModeratorNotifications); err != nil {
+		// TODO: is this the only error?
+		return e, errorNoSuchEmail
+	}
+
+	return e, nil
+}
+
+func emailGetByUnsubscribeSecretHex(unsubscribeSecretHex string) (email, error) {
+	statement := `
+		SELECT email, unsubscribeSecretHex, lastEmailNotificationDate, pendingEmails, sendReplyNotifications, sendModeratorNotifications
+		FROM emails
+		WHERE unsubscribeSecretHex = $1;
+	`
+	row := db.QueryRow(statement, unsubscribeSecretHex)
+
+	e := email{}
+	if err := row.Scan(&e.Email, &e.UnsubscribeSecretHex, &e.LastEmailNotificationDate, &e.PendingEmails, &e.SendReplyNotifications, &e.SendModeratorNotifications); err != nil {
+		// TODO: is this the only error?
+		return e, errorNoSuchUnsubscribeSecretHex
+	}
+
+	return e, nil
+}
+
+func emailGetHandler(w http.ResponseWriter, r *http.Request) {
+	type request struct {
+		UnsubscribeSecretHex *string `json:"unsubscribeSecretHex"`
+	}
+
+	var x request
+	if err := bodyUnmarshal(r, &x); err != nil {
+		bodyMarshal(w, response{"success": false, "message": err.Error()})
+		return
+	}
+
+	e, err := emailGetByUnsubscribeSecretHex(*x.UnsubscribeSecretHex)
+	if err != nil {
+		bodyMarshal(w, response{"success": false, "message": err.Error()})
+		return
+	}
+
+	bodyMarshal(w, response{"success": true, "email": e})
+}
--- a/api/email_moderate.go
+++ b/api/email_moderate.go
@@ -0,0 +1,66 @@
+package main
+
+import (
+	"fmt"
+	"net/http"
+)
+
+func emailModerateHandler(w http.ResponseWriter, r *http.Request) {
+	unsubscribeSecretHex := r.FormValue("unsubscribeSecretHex")
+	e, err := emailGetByUnsubscribeSecretHex(unsubscribeSecretHex)
+	if err != nil {
+		fmt.Fprintf(w, "error: %v", err.Error())
+		return
+	}
+
+	action := r.FormValue("action")
+	if action != "delete" && action != "approve" {
+		fmt.Fprintf(w, "error: invalid action")
+		return
+	}
+
+	commentHex := r.FormValue("commentHex")
+	if commentHex == "" {
+		fmt.Fprintf(w, "error: invalid commentHex")
+		return
+	}
+
+	statement := `
+		SELECT domain
+		FROM comments
+		WHERE commentHex = $1;
+	`
+	row := db.QueryRow(statement, commentHex)
+
+	var domain string
+	if err = row.Scan(&domain); err != nil {
+		// TODO: is this the only error?
+		fmt.Fprintf(w, "error: no such comment found (perhaps it has been deleted?)")
+		return
+	}
+
+	isModerator, err := isDomainModerator(domain, e.Email)
+	if err != nil {
+		logger.Errorf("error checking if %s is a moderator: %v", e.Email, err)
+		fmt.Fprintf(w, "error checking if %s is a moderator: %v", e.Email, err)
+		return
+	}
+
+	if !isModerator {
+		fmt.Fprintf(w, "error: you're not a moderator for that domain")
+		return
+	}
+
+	if action == "approve" {
+		err = commentApprove(commentHex)
+	} else {
+		err = commentDelete(commentHex)
+	}
+
+	if err != nil {
+		fmt.Fprintf(w, "error: %v", err)
+		return
+	}
+
+	fmt.Fprintf(w, "comment successfully %sd", action)
+}
--- a/api/email_new.go
+++ b/api/email_new.go
@@ -0,0 +1,26 @@
+package main
+
+import (
+	"time"
+)
+
+func emailNew(email string) error {
+	unsubscribeSecretHex, err := randomHex(32)
+	if err != nil {
+		return errorInternal
+	}
+
+	statement := `
+		INSERT INTO
+		emails (email, unsubscribeSecretHex, lastEmailNotificationDate)
+		VALUES ($1,    $2,                   $3                       )
+		ON CONFLICT DO NOTHING;
+	`
+	_, err = db.Exec(statement, email, unsubscribeSecretHex, time.Now().UTC())
+	if err != nil {
+		logger.Errorf("cannot insert email into emails: %v", err)
+		return errorInternal
+	}
+
+	return nil
+}
--- a/api/email_notification.go
+++ b/api/email_notification.go
@@ -0,0 +1,81 @@
+package main
+
+import (
+	"time"
+)
+
+type emailNotification struct {
+	Email         string
+	CommenterName string
+	Domain        string
+	Path          string
+	Title         string
+	CommentHex    string
+	Kind          string
+}
+
+var emailQueue map[string](chan emailNotification) = map[string](chan emailNotification){}
+
+func emailNotificationPendingResetAll() error {
+	statement := `
+		UPDATE emails
+		SET pendingEmails = 0;
+	`
+	_, err := db.Exec(statement)
+	if err != nil {
+		logger.Errorf("cannot reset pendingEmails: %v", err)
+		return err
+	}
+
+	return nil
+}
+
+func emailNotificationPendingIncrement(email string) error {
+	statement := `
+		UPDATE emails
+		SET pendingEmails = pendingEmails + 1
+		WHERE email = $1;
+	`
+	_, err := db.Exec(statement, email)
+	if err != nil {
+		logger.Errorf("cannot increment pendingEmails: %v", err)
+		return err
+	}
+
+	return nil
+}
+
+func emailNotificationPendingReset(email string) error {
+	statement := `
+		UPDATE emails
+		SET pendingEmails = 0, lastEmailNotificationDate = $2
+		WHERE email = $1;
+	`
+	_, err := db.Exec(statement, email, time.Now().UTC())
+	if err != nil {
+		logger.Errorf("cannot decrement pendingEmails: %v", err)
+		return err
+	}
+
+	return nil
+}
+
+func emailNotificationEnqueue(e emailNotification) error {
+	if err := emailNotificationPendingIncrement(e.Email); err != nil {
+		logger.Errorf("cannot increment pendingEmails when enqueueing: %v", err)
+		return err
+	}
+
+	if _, ok := emailQueue[e.Email]; !ok {
+		// don't enqueue more than 10 emails as we won't send more than 10 comments
+		// in one email anyway
+		emailQueue[e.Email] = make(chan emailNotification, 10)
+	}
+
+	select {
+	case emailQueue[e.Email] <- e:
+	default:
+	}
+
+	return nil
+}
--- a/api/email_notification_new.go
+++ b/api/email_notification_new.go
@@ -0,0 +1,138 @@
+package main
+
+import ()
+
+func emailNotificationModerator(d domain, path string, title string, commenterHex string, commentHex string, state string) {
+	if d.EmailNotificationPolicy == "none" {
+		return
+	}
+
+	// We'll need to check again when we're sending in case the comment was
+	// approved midway anyway.
+	if d.EmailNotificationPolicy == "pending-moderation" && state == "approved" {
+		return
+	}
+
+	var commenterName string
+	var commenterEmail string
+	if commenterHex == "anonymous" {
+		commenterName = "Anonymous"
+	} else {
+		c, err := commenterGetByHex(commenterHex)
+		if err != nil {
+			logger.Errorf("cannot get commenter to send email notification: %v", err)
+			return
+		}
+
+		commenterName = c.Name
+		commenterEmail = c.Email
+	}
+
+	kind := d.EmailNotificationPolicy
+	if state != "approved" {
+		kind = "pending-moderation"
+	}
+
+	for _, m := range d.Moderators {
+		// Do not email the commenting moderator their own comment.
+		if commenterHex != "anonymous" && m.Email == commenterEmail {
+			continue
+		}
+
+		emailNotificationPendingIncrement(m.Email)
+		emailNotificationEnqueue(emailNotification{
+			Email:         m.Email,
+			CommenterName: commenterName,
+			Domain:        d.Domain,
+			Path:          path,
+			Title:         title,
+			CommentHex:    commentHex,
+			Kind:          kind,
+		})
+	}
+}
+
+func emailNotificationReply(d domain, path string, title string, commenterHex string, commentHex string, parentHex string, state string) {
+	// No reply notifications for root comments.
+	if parentHex == "root" {
+		return
+	}
+
+	// No reply notification emails for unapproved comments.
+	if state != "approved" {
+		return
+	}
+
+	statement := `
+		SELECT commenterHex
+		FROM comments
+		WHERE commentHex = $1;
+	`
+	row := db.QueryRow(statement, parentHex)
+
+	var parentCommenterHex string
+	err := row.Scan(&parentCommenterHex)
+	if err != nil {
+		logger.Errorf("cannot scan commenterHex and parentCommenterHex: %v", err)
+		return
+	}
+
+	// No reply notification emails for anonymous users.
+	if parentCommenterHex == "anonymous" {
+		return
+	}
+
+	// No reply notification email for self replies.
+	if parentCommenterHex == commenterHex {
+		return
+	}
+
+	pc, err := commenterGetByHex(parentCommenterHex)
+	if err != nil {
+		logger.Errorf("cannot get commenter to send email notification: %v", err)
+		return
+	}
+
+	var commenterName string
+	if commenterHex == "anonymous" {
+		commenterName = "Anonymous"
+	} else {
+		c, err := commenterGetByHex(commenterHex)
+		if err != nil {
+			logger.Errorf("cannot get commenter to send email notification: %v", err)
+			return
+		}
+		commenterName = c.Name
+	}
+
+	// We'll check if they want to receive reply notifications later at the time
+	// of sending.
+	emailNotificationEnqueue(emailNotification{
+		Email:         pc.Email,
+		CommenterName: commenterName,
+		Domain:        d.Domain,
+		Path:          path,
+		Title:         title,
+		CommentHex:    commentHex,
+		Kind:          "reply",
+	})
+}
+
+func emailNotificationNew(d domain, path string, commenterHex string, commentHex string, parentHex string, state string) {
+	p, err := pageGet(d.Domain, path)
+	if err != nil {
+		logger.Errorf("cannot get page to send email notification: %v", err)
+		return
+	}
+
+	if p.Title == "" {
+		p.Title, err = pageTitleUpdate(d.Domain, path)
+		if err != nil {
+			logger.Errorf("cannot update/get page title to send email notification: %v", err)
+			return
+		}
+	}
+
+	emailNotificationModerator(d, path, p.Title, commenterHex, commentHex, state)
+	emailNotificationReply(d, path, p.Title, commenterHex, commentHex, parentHex, state)
+}
--- a/api/email_notification_send.go
+++ b/api/email_notification_send.go
@@ -0,0 +1,63 @@
+package main
+
+import (
+	"html/template"
+)
+
+func emailNotificationSend(em string, kind string, notifications []emailNotification) {
+	if len(notifications) == 0 {
+		return
+	}
+
+	e, err := emailGet(em)
+	if err != nil {
+		logger.Errorf("cannot get email: %v", err)
+		return
+	}
+
+	messages := []emailNotificationText{}
+	for _, notification := range notifications {
+		statement := `
+			SELECT html
+			FROM comments
+			WHERE commentHex = $1;
+		`
+		row := db.QueryRow(statement, notification.CommentHex)
+
+		var html string
+		if err = row.Scan(&html); err != nil {
+			// the comment was deleted?
+			// TODO: is this the only error?
+			return
+		}
+
+		messages = append(messages, emailNotificationText{
+			emailNotification: notification,
+			Html:              template.HTML(html),
+		})
+	}
+
+	statement := `
+		SELECT name
+		FROM commenters
+		WHERE email = $1;
+	`
+	row := db.QueryRow(statement, em)
+
+	var name string
+	if err := row.Scan(&name); err != nil {
+		// The moderator has probably not created a commenter account. Let's just
+		// use their email as name.
+		name = nameFromEmail(em)
+	}
+
+	if err := emailNotificationPendingReset(em); err != nil {
+		logger.Errorf("cannot reset after email notification: %v", err)
+		return
+	}
+
+	if err := smtpEmailNotification(em, name, e.UnsubscribeSecretHex, messages, kind); err != nil {
+		logger.Errorf("cannot send email notification: %v", err)
+		return
+	}
+}
--- a/api/email_update.go
+++ b/api/email_update.go
@@ -0,0 +1,39 @@
+package main
+
+import (
+	"net/http"
+)
+
+func emailUpdate(e email) error {
+	statement := `
+		UPDATE emails
+		SET sendReplyNotifications = $3, sendModeratorNotifications = $4
+		WHERE email = $1 AND unsubscribeSecretHex = $2;
+	`
+	_, err := db.Exec(statement, e.Email, e.UnsubscribeSecretHex, e.SendReplyNotifications, e.SendModeratorNotifications)
+	if err != nil {
+		logger.Errorf("error updating email: %v", err)
+		return errorInternal
+	}
+
+	return nil
+}
+
+func emailUpdateHandler(w http.ResponseWriter, r *http.Request) {
+	type request struct {
+		Email *email `json:"email"`
+	}
+
+	var x request
+	if err := bodyUnmarshal(r, &x); err != nil {
+		bodyMarshal(w, response{"success": false, "message": err.Error()})
+		return
+	}
+
+	if err := emailUpdate(*x.Email); err != nil {
+		bodyMarshal(w, response{"success": true, "message": err.Error()})
+		return
+	}
+
+	bodyMarshal(w, response{"success": true})
+}
--- a/api/errors.go
+++ b/api/errors.go
@@ -42,3 +42,5 @@ var errorInvalidConfigFile = errors.New("Invalid config file.")
 var errorInvalidConfigValue = errors.New("Invalid config value.")
 var errorNewOwnerForbidden = errors.New("New user registrations are forbidden and closed.")
 var errorThreadLocked = errors.New("This thread is locked. You cannot add new comments.")
+var errorDatabaseMigration = errors.New("Encountered error applying database migration.")
+var errorNoSuchUnsubscribeSecretHex = errors.New("Invalid unsubscribe link.")
--- a/api/main.go
+++ b/api/main.go
@@ -9,8 +9,12 @@ func main() {
 	exitIfError(smtpTemplatesLoad())
 	exitIfError(oauthConfigure())
 	exitIfError(markdownRendererCreate())
+	exitIfError(emailNotificationPendingResetAll())
+	exitIfError(emailNotificationBegin())
 	exitIfError(sigintCleanupSetup())
 	exitIfError(versionCheckStart())
+	exitIfError(domainExportCleanupBegin())
+	exitIfError(viewsCleanupBegin())

 	exitIfError(routesServe())
 }
--- a/api/oauth.go
+++ b/api/oauth.go
@@ -11,5 +11,9 @@ func oauthConfigure() error {
 		return err
 	}

+	if err := githubOauthConfigure(); err != nil {
+		return err
+	}
+
 	return nil
 }
--- a/api/oauth_github.go
+++ b/api/oauth_github.go
@@ -0,0 +1,43 @@
+package main
+
+import (
+	"golang.org/x/oauth2"
+	"golang.org/x/oauth2/github"
+	"os"
+)
+
+var githubConfig *oauth2.Config
+
+func githubOauthConfigure() error {
+	githubConfig = nil
+	if os.Getenv("GITHUB_KEY") == "" && os.Getenv("GITHUB_SECRET") == "" {
+		return nil
+	}
+
+	if os.Getenv("GITHUB_KEY") == "" {
+		logger.Errorf("COMMENTO_GITHUB_KEY not configured, but COMMENTO_GITHUB_SECRET is set")
+		return errorOauthMisconfigured
+	}
+
+	if os.Getenv("GITHUB_SECRET") == "" {
+		logger.Errorf("COMMENTO_GITHUB_SECRET not configured, but COMMENTO_GITHUB_KEY is set")
+		return errorOauthMisconfigured
+	}
+
+	logger.Infof("loading github OAuth config")
+
+	githubConfig = &oauth2.Config{
+		RedirectURL:  os.Getenv("ORIGIN") + "/api/oauth/github/callback",
+		ClientID:     os.Getenv("GITHUB_KEY"),
+		ClientSecret: os.Getenv("GITHUB_SECRET"),
+		Scopes: []string{
+			"read:user",
+			"user:email",
+		},
+		Endpoint: github.Endpoint,
+	}
+
+	configuredOauths = append(configuredOauths, "github")
+
+	return nil
+}
--- a/api/oauth_github_callback.go
+++ b/api/oauth_github_callback.go
@@ -0,0 +1,115 @@
+package main
+
+import (
+	"encoding/json"
+	"fmt"
+	"golang.org/x/oauth2"
+	"io/ioutil"
+	"net/http"
+)
+
+func githubGetPrimaryEmail(accessToken string) (string, error) {
+	resp, err := http.Get("https://api.github.com/user/emails?access_token=" + accessToken)
+	defer resp.Body.Close()
+
+	contents, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return "", errorCannotReadResponse
+	}
+
+	user := []map[string]interface{}{}
+	if err := json.Unmarshal(contents, &user); err != nil {
+		logger.Errorf("error unmarshaling github user: %v", err)
+		return "", errorInternal
+	}
+
+	nonPrimaryEmail := ""
+	for _, email := range user {
+		nonPrimaryEmail = email["email"].(string)
+		if email["primary"].(bool) {
+			return email["email"].(string), nil
+		}
+	}
+
+	return nonPrimaryEmail, nil
+}
+
+func githubCallbackHandler(w http.ResponseWriter, r *http.Request) {
+	commenterToken := r.FormValue("state")
+	code := r.FormValue("code")
+
+	_, err := commenterGetByCommenterToken(commenterToken)
+	if err != nil && err != errorNoSuchToken {
+		fmt.Fprintf(w, "Error: %s\n", err.Error())
+		return
+	}
+
+	token, err := githubConfig.Exchange(oauth2.NoContext, code)
+	if err != nil {
+		fmt.Fprintf(w, "Error: %s", err.Error())
+		return
+	}
+
+	email, err := githubGetPrimaryEmail(token.AccessToken)
+	if err != nil {
+		fmt.Fprintf(w, "Error: %s", err.Error())
+		return
+	}
+
+	resp, err := http.Get("https://api.github.com/user?access_token=" + token.AccessToken)
+	defer resp.Body.Close()
+
+	contents, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		fmt.Fprintf(w, "Error: %s", errorCannotReadResponse.Error())
+		return
+	}
+
+	user := make(map[string]interface{})
+	if err := json.Unmarshal(contents, &user); err != nil {
+		fmt.Fprintf(w, "Error: %s", errorInternal.Error())
+		return
+	}
+
+	if email == "" {
+		if user["email"] == nil {
+			fmt.Fprintf(w, "Error: no email address returned by Github")
+			return
+		}
+
+		email = user["email"].(string)
+	}
+
+	c, err := commenterGetByEmail("github", email)
+	if err != nil && err != errorNoSuchCommenter {
+		fmt.Fprintf(w, "Error: %s", err.Error())
+		return
+	}
+
+	var commenterHex string
+
+	// TODO: in case of returning users, update the information we have on record?
+	if err == errorNoSuchCommenter {
+		var link string
+		if val, ok := user["html_url"]; ok {
+			link = val.(string)
+		} else {
+			link = "undefined"
+		}
+
+		commenterHex, err = commenterNew(email, user["name"].(string), link, user["avatar_url"].(string), "github", "")
+		if err != nil {
+			fmt.Fprintf(w, "Error: %s", err.Error())
+			return
+		}
+	} else {
+		commenterHex = c.CommenterHex
+	}
+
+	if err := commenterSessionUpdate(commenterToken, commenterHex); err != nil {
+		fmt.Fprintf(w, "Error: %s", err.Error())
+		return
+	}
+
+	fmt.Fprintf(w, "<html><script>window.parent.close()</script></html>")
+}
--- a/api/oauth_github_redirect.go
+++ b/api/oauth_github_redirect.go
@@ -0,0 +1,25 @@
+package main
+
+import (
+	"fmt"
+	"net/http"
+)
+
+func githubRedirectHandler(w http.ResponseWriter, r *http.Request) {
+	if githubConfig == nil {
+		logger.Errorf("github oauth access attempt without configuration")
+		fmt.Fprintf(w, "error: this website has not configured github OAuth")
+		return
+	}
+
+	commenterToken := r.FormValue("commenterToken")
+
+	_, err := commenterGetByCommenterToken(commenterToken)
+	if err != nil && err != errorNoSuchToken {
+		fmt.Fprintf(w, "error: %s\n", err.Error())
+		return
+	}
+
+	url := githubConfig.AuthCodeURL(commenterToken)
+	http.Redirect(w, r, url, http.StatusFound)
+}
--- a/api/oauth_google_callback.go
+++ b/api/oauth_google_callback.go
@@ -39,7 +39,14 @@ func googleCallbackHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	c, err := commenterGetByEmail("google", user["email"].(string))
+	if user["email"] == nil {
+		fmt.Fprintf(w, "Error: no email address returned by Github")
+		return
+	}
+
+	email := user["email"].(string)
+
+	c, err := commenterGetByEmail("google", email)
 	if err != nil && err != errorNoSuchCommenter {
 		fmt.Fprintf(w, "Error: %s", err.Error())
 		return
@@ -49,14 +56,6 @@ func googleCallbackHandler(w http.ResponseWriter, r *http.Request) {

 	// TODO: in case of returning users, update the information we have on record?
 	if err == errorNoSuchCommenter {
-		var email string
-		if _, ok := user["email"]; ok {
-			email = user["email"].(string)
-		} else {
-			fmt.Fprintf(w, "Error: %s", errorInvalidEmail.Error())
-			return
-		}
-
 		var link string
 		if val, ok := user["link"]; ok {
 			link = val.(string)
--- a/api/owner_get.go
+++ b/api/owner_get.go
@@ -46,3 +46,24 @@ func ownerGetByOwnerToken(ownerToken string) (owner, error) {

 	return o, nil
 }
+
+func ownerGetByOwnerHex(ownerHex string) (owner, error) {
+	if ownerHex == "" {
+		return owner{}, errorMissingField
+	}
+
+	statement := `
+    SELECT ownerHex, email, name, confirmedEmail, joinDate
+		FROM owners
+		WHERE ownerHex = $1;
+	`
+	row := db.QueryRow(statement, ownerHex)
+
+	var o owner
+	if err := row.Scan(&o.OwnerHex, &o.Email, &o.Name, &o.ConfirmedEmail, &o.JoinDate); err != nil {
+		logger.Errorf("cannot scan owner: %v\n", err)
+		return owner{}, errorInternal
+	}
+
+	return o, nil
+}
--- a/api/owner_new.go
+++ b/api/owner_new.go
@@ -16,6 +16,14 @@ func ownerNew(email string, name string, password string) (string, error) {
 		return "", errorNewOwnerForbidden
 	}

+	if _, err := ownerGetByEmail(email); err == nil {
+		return "", errorEmailAlreadyExists
+	}
+
+	if err := emailNew(email); err != nil {
+		return "", errorInternal
+	}
+
 	ownerHex, err := randomHex(32)
 	if err != nil {
 		logger.Errorf("cannot generate ownerHex: %v", err)
--- a/api/owner_reset_password.go
+++ b/api/owner_reset_password.go
@@ -18,8 +18,9 @@ func ownerResetPassword(resetHex string, password string) error {

 	statement := `
 		UPDATE owners SET passwordHash=$1
-		WHERE email IN (
-			SELECT email FROM ownerResetHexes
+		WHERE ownerHex = (
+			SELECT ownerHex
+			FROM ownerResetHexes
 			WHERE resetHex=$2
 		);
 	`
--- a/api/page.go
+++ b/api/page.go
@@ -8,4 +8,5 @@ type page struct {
 	IsLocked         bool   `json:"isLocked"`
 	CommentCount     int    `json:"commentCount"`
 	StickyCommentHex string `json:"stickyCommentHex"`
+	Title            string `json:"title"`
 }
--- a/api/page_get.go
+++ b/api/page_get.go
@@ -11,14 +11,14 @@ func pageGet(domain string, path string) (page, error) {
 	}

 	statement := `
-		SELECT isLocked, commentCount, stickyCommentHex
+		SELECT isLocked, commentCount, stickyCommentHex, title
 		FROM pages
 		WHERE domain=$1 AND path=$2;
 	`
 	row := db.QueryRow(statement, domain, path)

 	p := page{Domain: domain, Path: path}
-	if err := row.Scan(&p.IsLocked, &p.CommentCount, &p.StickyCommentHex); err != nil {
+	if err := row.Scan(&p.IsLocked, &p.CommentCount, &p.StickyCommentHex, &p.Title); err != nil {
 		if err == sql.ErrNoRows {
 			// If there haven't been any comments, there won't be a record for this
 			// page. The sane thing to do is return defaults.
@@ -26,6 +26,7 @@ func pageGet(domain string, path string) (page, error) {
 			p.IsLocked = false
 			p.CommentCount = 0
 			p.StickyCommentHex = "none"
+			p.Title = ""
 		} else {
 			logger.Errorf("error scanning page: %v", err)
 			return page{}, errorInternal
--- a/api/page_title.go
+++ b/api/page_title.go
@@ -0,0 +1,28 @@
+package main
+
+import ()
+
+func pageTitleUpdate(domain string, path string) (string, error) {
+	title, err := htmlTitleGet("http://" + domain + path)
+	if err != nil {
+		// This could fail due to a variety of reasons that we can't control such
+		// as the user's URL 404 or something, so let's not pollute the error log
+		// with messages. Just use a sane title. Maybe we'll have the ability to
+		// retry later.
+		logger.Errorf("%v", err)
+		title = domain
+	}
+
+	statement := `
+		UPDATE pages
+		SET title = $3
+		WHERE domain = $1 AND path = $2;
+	`
+	_, err = db.Exec(statement, domain, path, title)
+	if err != nil {
+		logger.Errorf("cannot update pages table with title: %v", err)
+		return "", err
+	}
+
+	return title, nil
+}
--- a/api/router_api.go
+++ b/api/router_api.go
@@ -20,15 +20,24 @@ func apiRouterInit(router *mux.Router) error {
 	router.HandleFunc("/api/domain/moderator/delete", domainModeratorDeleteHandler).Methods("POST")
 	router.HandleFunc("/api/domain/statistics", domainStatisticsHandler).Methods("POST")
 	router.HandleFunc("/api/domain/import/disqus", domainImportDisqusHandler).Methods("POST")
+	router.HandleFunc("/api/domain/export/begin", domainExportBeginHandler).Methods("POST")
+	router.HandleFunc("/api/domain/export/download", domainExportDownloadHandler).Methods("GET")

 	router.HandleFunc("/api/commenter/token/new", commenterTokenNewHandler).Methods("GET")
 	router.HandleFunc("/api/commenter/new", commenterNewHandler).Methods("POST")
 	router.HandleFunc("/api/commenter/login", commenterLoginHandler).Methods("POST")
 	router.HandleFunc("/api/commenter/self", commenterSelfHandler).Methods("POST")

+	router.HandleFunc("/api/email/get", emailGetHandler).Methods("POST")
+	router.HandleFunc("/api/email/update", emailUpdateHandler).Methods("POST")
+	router.HandleFunc("/api/email/moderate", emailModerateHandler).Methods("GET")
+
 	router.HandleFunc("/api/oauth/google/redirect", googleRedirectHandler).Methods("GET")
 	router.HandleFunc("/api/oauth/google/callback", googleCallbackHandler).Methods("GET")

+	router.HandleFunc("/api/oauth/github/redirect", githubRedirectHandler).Methods("GET")
+	router.HandleFunc("/api/oauth/github/callback", githubCallbackHandler).Methods("GET")
+
 	router.HandleFunc("/api/comment/new", commentNewHandler).Methods("POST")
 	router.HandleFunc("/api/comment/list", commentListHandler).Methods("POST")
 	router.HandleFunc("/api/comment/count", commentCountHandler).Methods("POST")
--- a/api/router_static.go
+++ b/api/router_static.go
@@ -75,7 +75,7 @@ func staticRouterInit(router *mux.Router) error {
 		return err
 	}

-	for _, dir := range []string{"/js", "/css", "/images"} {
+	for _, dir := range []string{"/js", "/css", "/images", "/fonts"} {
 		files, err := ioutil.ReadDir(os.Getenv("STATIC") + dir)
 		if err != nil {
 			logger.Errorf("cannot read directory %s%s: %v", os.Getenv("STATIC"), dir, err)
@@ -98,6 +98,7 @@ func staticRouterInit(router *mux.Router) error {
 		"/reset-password",
 		"/signup",
 		"/confirm-email",
+		"/unsubscribe",
 		"/dashboard",
 		"/logout",
 	}
--- a/api/smtp_domain_export.go
+++ b/api/smtp_domain_export.go
@@ -0,0 +1,29 @@
+package main
+
+import (
+	"bytes"
+	"net/smtp"
+	"os"
+)
+
+type domainExportPlugs struct {
+	Origin    string
+	Domain    string
+	ExportHex string
+}
+
+func smtpDomainExport(to string, toName string, domain string, exportHex string) error {
+	var header bytes.Buffer
+	headerTemplate.Execute(&header, &headerPlugs{FromAddress: os.Getenv("SMTP_FROM_ADDRESS"), ToAddress: to, ToName: toName, Subject: "Commento Data Export"})
+
+	var body bytes.Buffer
+	templates["domain-export"].Execute(&body, &domainExportPlugs{Origin: os.Getenv("ORIGIN"), ExportHex: exportHex})
+
+	err := smtp.SendMail(os.Getenv("SMTP_HOST")+":"+os.Getenv("SMTP_PORT"), smtpAuth, os.Getenv("SMTP_FROM_ADDRESS"), []string{to}, concat(header, body))
+	if err != nil {
+		logger.Errorf("cannot send data export email: %v", err)
+		return errorCannotSendEmail
+	}
+
+	return nil
+}
--- a/api/smtp_domain_export_error.go
+++ b/api/smtp_domain_export_error.go
@@ -0,0 +1,28 @@
+package main
+
+import (
+	"bytes"
+	"net/smtp"
+	"os"
+)
+
+type domainExportErrorPlugs struct {
+	Origin string
+	Domain string
+}
+
+func smtpDomainExportError(to string, toName string, domain string) error {
+	var header bytes.Buffer
+	headerTemplate.Execute(&header, &headerPlugs{FromAddress: os.Getenv("SMTP_FROM_ADDRESS"), ToAddress: to, ToName: toName, Subject: "Commento Data Export"})
+
+	var body bytes.Buffer
+	templates["data-export-error"].Execute(&body, &domainExportPlugs{Origin: os.Getenv("ORIGIN")})
+
+	err := smtp.SendMail(os.Getenv("SMTP_HOST")+":"+os.Getenv("SMTP_PORT"), smtpAuth, os.Getenv("SMTP_FROM_ADDRESS"), []string{to}, concat(header, body))
+	if err != nil {
+		logger.Errorf("cannot send data export error email: %v", err)
+		return errorCannotSendEmail
+	}
+
+	return nil
+}
--- a/api/smtp_email_notification.go
+++ b/api/smtp_email_notification.go
@@ -0,0 +1,86 @@
+package main
+
+import (
+	"bytes"
+	"fmt"
+	ht "html/template"
+	"net/smtp"
+	"os"
+	tt "text/template"
+)
+
+type emailNotificationText struct {
+	emailNotification
+	Html ht.HTML
+}
+
+type emailNotificationPlugs struct {
+	Origin               string
+	Kind                 string
+	Subject              string
+	UnsubscribeSecretHex string
+	Notifications        []emailNotificationText
+}
+
+func smtpEmailNotification(to string, toName string, unsubscribeSecretHex string, notifications []emailNotificationText, kind string) error {
+	var subject string
+	if kind == "reply" {
+		var verb string
+		if len(notifications) > 1 {
+			verb = "replies"
+		} else {
+			verb = "reply"
+		}
+		subject = fmt.Sprintf("%d new comment %s", len(notifications), verb)
+	} else {
+		var verb string
+		if len(notifications) > 1 {
+			verb = "comments"
+		} else {
+			verb = "comment"
+		}
+		if kind == "pending-moderation" {
+			subject = fmt.Sprintf("%d new %s pending moderation", len(notifications), verb)
+		} else {
+			subject = fmt.Sprintf("%d new %s on your website", len(notifications), verb)
+		}
+	}
+
+	h, err := tt.New("header").Parse(`MIME-Version: 1.0
+From: Commento <{{.FromAddress}}>
+To: {{.ToName}} <{{.ToAddress}}>
+Content-Type: text/html; charset=UTF-8
+Subject: {{.Subject}}
+
+`)
+
+	var header bytes.Buffer
+	h.Execute(&header, &headerPlugs{FromAddress: os.Getenv("SMTP_FROM_ADDRESS"), ToAddress: to, ToName: toName, Subject: "[Commento] " + subject})
+
+	t, err := ht.ParseFiles(fmt.Sprintf("%s/templates/email-notification.txt", os.Getenv("STATIC")))
+	if err != nil {
+		logger.Errorf("cannot parse %s/templates/email-notification.txt: %v", os.Getenv("STATIC"), err)
+		return errorMalformedTemplate
+	}
+
+	var body bytes.Buffer
+	err = t.Execute(&body, &emailNotificationPlugs{
+		Origin:               os.Getenv("ORIGIN"),
+		Kind:                 kind,
+		Subject:              subject,
+		UnsubscribeSecretHex: unsubscribeSecretHex,
+		Notifications:        notifications,
+	})
+	if err != nil {
+		logger.Errorf("error generating templated HTML for email notification: %v", err)
+		return err
+	}
+
+	err = smtp.SendMail(os.Getenv("SMTP_HOST")+":"+os.Getenv("SMTP_PORT"), smtpAuth, os.Getenv("SMTP_FROM_ADDRESS"), []string{to}, concat(header, body))
+	if err != nil {
+		logger.Errorf("cannot send email notification: %v", err)
+		return errorCannotSendEmail
+	}
+
+	return nil
+}
--- a/api/smtp_templates.go
+++ b/api/smtp_templates.go
@@ -2,8 +2,8 @@ package main

 import (
 	"fmt"
-	"html/template"
 	"os"
+	"text/template"
 )

 var headerTemplate *template.Template
@@ -20,9 +20,9 @@ var templates map[string]*template.Template
 func smtpTemplatesLoad() error {
 	var err error
 	headerTemplate, err = template.New("header").Parse(`MIME-Version: 1.0
-Content-Type: text/html; charset=UTF-8
-From: {{.FromAddress}}
+From: Commento <{{.FromAddress}}>
 To: {{.ToName}} <{{.ToAddress}}>
+Content-Type: text/plain; charset=UTF-8
 Subject: {{.Subject}}

 `)
@@ -31,7 +31,12 @@ Subject: {{.Subject}}
 		return errorMalformedTemplate
 	}

-	names := []string{"confirm-hex", "reset-hex"}
+	names := []string{
+		"confirm-hex",
+		"reset-hex",
+		"domain-export",
+		"domain-export-error",
+	}

 	templates = make(map[string]*template.Template)

@@ -39,9 +44,9 @@ Subject: {{.Subject}}
 	for _, name := range names {
 		var err error
 		templates[name] = template.New(name)
-		templates[name], err = template.ParseFiles(fmt.Sprintf("%s/templates/%s.html", os.Getenv("STATIC"), name))
+		templates[name], err = template.ParseFiles(fmt.Sprintf("%s/templates/%s.txt", os.Getenv("STATIC"), name))
 		if err != nil {
-			logger.Errorf("cannot parse %s/templates/%s.html: %v", os.Getenv("STATIC"), name, err)
+			logger.Errorf("cannot parse %s/templates/%s.txt: %v", os.Getenv("STATIC"), name, err)
 			return errorMalformedTemplate
 		}
 	}
--- a/api/utils_html.go
+++ b/api/utils_html.go
@@ -0,0 +1,36 @@
+package main
+
+import (
+	"golang.org/x/net/html"
+	"net/http"
+)
+
+func htmlTitleRecurse(h *html.Node) string {
+	if h.Type == html.ElementNode && h.Data == "title" {
+		return h.FirstChild.Data
+	}
+
+	for c := h.FirstChild; c != nil; c = c.NextSibling {
+		res := htmlTitleRecurse(c)
+		if res != "" {
+			return res
+		}
+	}
+
+	return ""
+}
+
+func htmlTitleGet(url string) (string, error) {
+	resp, err := http.Get(url)
+	if err != nil {
+		return "", err
+	}
+	defer resp.Body.Close()
+
+	h, err := html.Parse(resp.Body)
+	if err != nil {
+		return "", err
+	}
+
+	return htmlTitleRecurse(h), nil
+}
--- a/api/utils_misc.go
+++ b/api/utils_misc.go
@@ -10,6 +10,16 @@ func concat(a bytes.Buffer, b bytes.Buffer) []byte {
 	return append(a.Bytes(), b.Bytes()...)
 }

+func nameFromEmail(email string) string {
+	for i, c := range email {
+		if c == '@' {
+			return email[:i]
+		}
+	}
+
+	return email
+}
+
 func exitIfError(err error) {
 	if err != nil {
 		fmt.Printf("fatal error: %v\n", err)
--- a/db/20190122235525-anonymous-moderation-default.sql
+++ b/db/20190122235525-anonymous-moderation-default.sql
@@ -0,0 +1,4 @@
+-- Allow the owner to change whether anonymous comments are put into moderation by default.
+
+ALTER TABLE domains
+  ADD COLUMN moderateAllAnonymous BOOLEAN DEFAULT true;
--- a/db/20190123002724-v1.4.2.sql
+++ b/db/20190123002724-v1.4.2.sql
@@ -0,0 +1,2 @@
+UPDATE config
+SET version = 'v1.4.2';
--- a/db/20190131002240-export.sql
+++ b/db/20190131002240-export.sql
@@ -0,0 +1,8 @@
+-- add export feature
+
+CREATE TABLE IF NOT EXISTS exports (
+  exportHex TEXT NOT NULL UNIQUE PRIMARY KEY,
+  binData BYTEA NOT NULL,
+  domain TEXT NOT NULL,
+  creationDate TIMESTAMP NOT NULL
+);
--- a/db/20190204180609-v1.5.0.sql
+++ b/db/20190204180609-v1.5.0.sql
@@ -0,0 +1,2 @@
+UPDATE config
+SET version = 'v1.5.0';
--- a/db/20190213033530-email-notifications.sql
+++ b/db/20190213033530-email-notifications.sql
@@ -0,0 +1,38 @@
+-- Email notifications
+-- There are two kinds of email notifications: those sent to domain moderators
+-- and those sent to commenters. Domain owners can choose to subscribe their
+-- moderators to all comments, those pending moderation, or no emails. Each
+-- moderator can independently opt out of these emails, of course. Commenters,
+-- on the other, can choose to opt into reply notifications by email.
+
+-- TODO: daily and weekly digests instead of just batched real-time emails?
+
+-- TODO: more granular options to unsubscribe from emails for particular
+-- domains can be provided - add unsubscribedReplyDomains []TEXT and
+-- unsubscribedModeratorDomains []TEXT to emails table?
+
+-- Each address has a cooldown period so that emails aren't sent within 10
+-- minutes of each other. Why is this a separate table instead of another
+-- column on commenters/owners? Because there may be some mods that haven't
+-- logged in to create a row in the commenter table.
+CREATE TABLE IF NOT EXISTS emails (
+  email TEXT NOT NULL UNIQUE PRIMARY KEY,
+  unsubscribeSecretHex TEXT NOT NULL UNIQUE,
+  lastEmailNotificationDate TIMESTAMP NOT NULL,
+  pendingEmails INTEGER NOT NULL DEFAULT 0,
+  sendReplyNotifications BOOLEAN NOT NULL DEFAULT false,
+  sendModeratorNotifications BOOLEAN NOT NULL DEFAULT true
+);
+
+CREATE INDEX IF NOT EXISTS unsubscribeSecretHexIndex ON emails(unsubscribeSecretHex);
+
+-- Which comments should be sent?
+-- Possible values: all, pending-moderation, none
+-- Default to pending-moderation because this is critical. If the user forgets
+-- to moderate, some comments will never see the light of day.
+ALTER TABLE domains
+  ADD COLUMN emailNotificationPolicy TEXT DEFAULT 'pending-moderation';
+
+-- Each page now needs to store the title of the page.
+ALTER TABLE pages
+  ADD COLUMN title TEXT DEFAULT '';
--- a/db/20190218173502-v1.6.0.sql
+++ b/db/20190218173502-v1.6.0.sql
@@ -0,0 +1,2 @@
+UPDATE config
+SET version = 'v1.6.0';
--- a/db/20190218183556-v1.6.1.sql
+++ b/db/20190218183556-v1.6.1.sql
--- a/db/20190219001130-v1.6.2.sql
+++ b/db/20190219001130-v1.6.2.sql
@@ -0,0 +1,2 @@
+UPDATE config
+SET version = 'v1.6.0';
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -19,12 +19,10 @@ services:
      POSTGRES_DB: commento
      POSTGRES_USER: postgres
      POSTGRES_PASSWORD: postgres
-    ports:
-      - 5432:5432
    networks:
      - db_network
    volumes:
-      - postgres_data_volume:/var/lib/postgres
+      - postgres_data_volume:/var/lib/postgresql/data

 networks:
  db_network:
--- a/frontend/confirm-email.html
+++ b/frontend/confirm-email.html
@@ -2,6 +2,7 @@
  <head>
    <meta name="viewport" content="user-scalable=no, initial-scale=1.0">
    <script src="[[[.CdnPrefix]]]/js/jquery.js"></script>
+    <link rel="icon" href="[[[.CdnPrefix]]]/images/120x120.png">
    <link rel="stylesheet" href="[[[.CdnPrefix]]]/css/auth.css">
    <link href="https://fonts.googleapis.com/css?family=Source+Code+Pro:400,700|Source+Sans+Pro:200,300,400,700" rel="stylesheet">
    <title>Commento: Email Confirmation</title>
--- a/frontend/dashboard.html
+++ b/frontend/dashboard.html
@@ -5,6 +5,7 @@
    <script src="[[[.CdnPrefix]]]/js/highlight.js"></script>
    <script src="[[[.CdnPrefix]]]/js/chartist.js"></script>
    <script src="[[[.CdnPrefix]]]/js/dashboard.js"></script>
+    <link rel="icon" href="[[[.CdnPrefix]]]/images/120x120.png">
    <link rel="stylesheet" href="[[[.CdnPrefix]]]/css/chartist.css">
    <link rel="stylesheet" href="[[[.CdnPrefix]]]/css/dashboard.css">
    <link href="https://fonts.googleapis.com/css?family=Source+Code+Pro:400,700|Source+Sans+Pro:200,300,400,700" rel="stylesheet">
@@ -81,23 +82,29 @@
      <!-- Installation -->
      <div id="installation-view" class="view hidden">
        <div class="view-inside">
-          <div class="large-view">
+          <div class="mid-view">
            <div class="tabs-container">
              <div class="tab">
                <ul class="tabs">
-                  <li class="tab-link original current" data-tab="install-tab-1">Universal Snippet</li>
+                  <li class="tab-link original current" data-tab="installation-tab-1">Universal Snippet</li>
                </ul>

-                <div id="install-tab-1" class="content original current">
-                  <div class="import-text">
+                <div id="installation-tab-1" class="content original current">
+                  <div class="normal-text">
                    Copy the following piece of HTML code and paste it where you'd like Commento to load.
                  </div>

                  <pre><code id="code-div" class="html"></code></pre>

-                  <div class="text">
+                  <div class="normal-text">
                    And that's it. All your settings, themes, and comments would be automagically loaded. Commento is mobile-responsive too, as it simply fills the container it is put in.
                  </div>
+                  
+                  <br>
+
+                  <div class="normal-text">
+                    Read the Commento documentation <a href="https://docs.commento.io/configuration/">on configuration</a>.
+                  </div>
                </div>
              </div>
            </div>
@@ -112,6 +119,11 @@
            <div class="center center-title">
              Analytics
            </div>
+
+            <div class="normal-text">
+              Anonymous statistics such as monthly pageviews and number of comments
+            </div>
+
            <div class="stat">
              <div class="number">
                <div class="digits gray-digits">{{domains[cd].viewsLast30Days.zeros}}</div>
@@ -142,16 +154,58 @@
      <!-- moderation -->
      <div id="moderation-view" class="view hidden">
        <div class="view-inside">
-          <div class="small-view mid-view">
+          <div class="mid-view">
            <div class="tabs-container">
              <div class="tab">
                <ul class="tabs">
-                  <li class="tab-link original current" data-tab="mod-tab-1">Moderator List</li>
+                  <li class="tab-link original current" data-tab="mod-tab-1">General</li>
+                  <li class="tab-link" data-tab="mod-tab-2">Add/Remove Moderators</li>
+                  <li class="tab-link" data-tab="mod-tab-3">Email Settings</li>
                </ul>

                <div id="mod-tab-1" class="content original current">
-                  <div class="pitch">
-                    Moderators have the power to approve and delete comments. To make someone a moderator, add their email address down below. Once added, shiny new moderation buttons will appear on each comment for that person on each page on this domain.
+                  <div class="row no-border commento-round-check">
+                    <input type="checkbox" v-model="domains[cd].autoSpamFilter" id="spam-filtering">
+                    <label for="spam-filtering">Automatic spam filtering</label>
+                    <div class="pitch">
+                      Commento uses Akismet's advanced spam detection to automatically identify and remove spam comments. This is strongly recommended. Requires backend configuration.
+                    </div>
+                  </div>
+
+                  <div class="row no-border commento-round-check">
+                    <input type="checkbox" v-model="domains[cd].requireModeration" id="require-moderation">
+                    <label for="require-moderation">Require all comments to be approved manually</label>
+                    <div class="pitch">
+                      Enabling this would require a moderator to approve all comments. This is generally recommended if your site doesn't receive too much traffic.
+                    </div>
+                  </div>
+
+                  <div class="row no-border commento-round-check">
+                    <input type="checkbox" v-model="domains[cd].allowAnonymous" id="allow-anonymous">
+                    <label for="allow-anonymous">Allow anonymous comments</label>
+                    <div class="pitch">
+                      Enabling this would allow your readers to comment anonymously. Disabling would require the to authenticate themselves (using their Google account, for example). Recommended.
+                    </div>
+                  </div>
+
+                  <div class="row no-border commento-round-check indent" v-if="domains[cd].allowAnonymous">
+                    <input type="checkbox" v-model="domains[cd].moderateAllAnonymous" id="moderate-all-anonymous">
+                    <label for="moderate-all-anonymous">Require anonymous comments to be approved manually</label>
+                    <div class="pitch">
+                      Enabling this would require a moderator to approve all anonymous comments. This is recommended if most of your spam comments are from anonymous users.
+                    </div>
+                  </div>
+
+                  <div class="center">
+                    <button id="save-general-button" onclick="window.commento.generalSaveHandler()" class="button">Save Changes</button>
+                  </div>
+                </div>
+
+                <div id="mod-tab-2" class="content">
+                  <div class="normal-text">
+                    Moderators have the power to approve/delete comments and lock threads. Once you add an user as a moderator, shiny new buttons will appear on each comment on each page when they log in.<br><br>
+
+                    You're still the only administrator and the only person who can add and remove moderators. Moderators do not have access to this dashboard. Their access is restricted to pages on your website.
                  </div>
                  <div class="commento-email-container">
                    <div class="commento-email">
@@ -169,6 +223,31 @@
                    </div>
                  </div>
                </div>
+
+                <div id="mod-tab-3" class="content">
+                  <div class="normal-text">
+                    You can enable email notifications to notify your moderators when a new comment is posted or when a comment is pending moderation. Commento tries to be smart about how often an email is sent. Emails will be delayed and batched until you go 10 minutes without one. This requires valid SMTP settings in order to send emails.<br><br>
+                  </div>
+                  <div class="question">
+                    When do you want emails sent to moderators?
+                  </div>
+                  <div class="row no-border commento-round-check indent">
+                    <input type="radio" id="email-all" value="all" v-model="domains[cd].emailNotificationPolicy">
+                    <label for="email-all">Whenever a new comment is created</label>
+                  </div>
+                  <div class="row no-border commento-round-check indent">
+                    <input type="radio" id="email-pending-moderation" value="pending-moderation" v-model="domains[cd].emailNotificationPolicy">
+                    <label for="email-pending-moderation">Only for comments pending moderation</label>
+                  </div>
+                  <div class="row no-border commento-round-check indent">
+                    <input type="radio" id="email-none" value="none" v-model="domains[cd].emailNotificationPolicy">
+                    <label for="email-none">Do not email moderators</label>
+                  </div>
+                  <br>
+                  <div class="center">
+                    <button id="save-general-button" onclick="window.commento.generalSaveHandler()" class="button">Save Changes</button>
+                  </div>
+                </div>
              </div>
            </div>
          </div>
@@ -178,44 +257,38 @@
      <!-- Configure Domain -->
      <div id="general-view" class="view hidden">
        <div class="view-inside">
-          <div class="small-mid-view">
-            <div class="center center-title">
-              Configure Domain
-            </div>
-            <div class="box">
-              <div class="row">
-                <div class="label">Website Name</div>
-                <input class="input gray-input" id="cur-domain-name" type="text" :placeholder="domains[cd].origName" v-model="domains[cd].name">
-              </div>
+          <div class="mid-view">
+            <div class="tabs-container">
+              <div class="tab">
+                <ul class="tabs">
+                  <li class="tab-link original current" data-tab="configure-tab-1">General</li>
+                  <li class="tab-link" data-tab="configure-tab-2">Export Data</li>
+                </ul>

-              <div class="row no-border round-check">
-                <input type="checkbox" class="switch" v-model="domains[cd].autoSpamFilter" id="spam-filtering">
-                <label for="spam-filtering">Automatic spam filtering</label>
-                <div class="pitch">
-                  Commento uses Akismet's advanced spam detection to automatically identify and remove spam comments. We strongly recommended you have this enabled.
+                <div id="configure-tab-1" class="content original current">
+                  <div class="box">
+                    <div class="row">
+                      <div class="label">Website Name</div>
+                      <input class="input gray-input" id="cur-domain-name" type="text" :placeholder="domains[cd].origName" v-model="domains[cd].name">
+                    </div>
+                  </div>
+                  <div class="center">
+                    <button id="save-general-button" onclick="window.commento.generalSaveHandler()" class="button">Save Changes</button>
+                  </div>
+                </div>
+
+                <div id="configure-tab-2" class="content">
+                  <div class="normal-text">
+                    You can export an archive of this domain's data (which includes all comments and commenters) in the JSON format. To initiate and queue an archive request, click the button below. You will receive an email containing the archive once it's ready.<br><br>
+
+                    Please note that this requires valid SMTP settings in order to send emails.<br><br>
+
+                    <div class="center">
+                      <button id="domain-export-button" onclick="window.commento.domainExportBegin()" class="button">Initiate Data Export</button>
+                    </div>
+                  </div>
                </div>
              </div>
-
-              <div class="row no-border round-check">
-                <input type="checkbox" class="switch" v-model="domains[cd].requireModeration" id="require-moderation">
-                <label for="require-moderation">Require all comments to be approved manually</label>
-                <div class="pitch">
-                  Enabling this would require a moderator to approve every comment. Moderators can manually delete comments even if this is not enabled.
-                </div>
-              </div>
-
-              <div class="row no-border round-check">
-                <input type="checkbox" class="switch" v-model="domains[cd].requireIdentification" id="require-identification">
-                <label for="require-identification">Require identification</label>
-                <div class="pitch">
-                  Enabling this would require all commenters to authenticate themselves (using their Google account, for example). Disabling would allow anonymous comments.
-                </div>
-              </div>
-
-              <div id="new-domain-error" class="modal-error-box"></div>
-            </div>
-            <div class="center">
-              <button id="save-general-button" onclick="window.commento.generalSaveHandler()" class="button">Save Changes</button>
            </div>
          </div>
        </div>
@@ -224,7 +297,7 @@
      <!-- Import Comments -->
      <div id="import-view" class="view hidden">
        <div class="view-inside">
-          <div class="large-view">
+          <div class="mid-view">
            <div class="tabs-container">
              <div class="tab">
                <ul class="tabs">
@@ -232,15 +305,15 @@
                </ul>

                <div id="install-tab-1" class="content original current">
-                  <div class="import-text">
-                    If you're currently using Disqus and want to import all your comments into Commento, you can do so:
+                  <div class="normal-text">
+                    If you're currently using Disqus, you can import all comments into Commento:
                    <ul>
                      <li>
-                        Go to <a href="http://disqus.com/admin/discussions/export/">the admin export section</a> in Disqus and click on <b>Export Comments</b>. This should start the process of exporting your comments.
+                        Go to <a href="http://disqus.com/admin/discussions/export/">the admin export section</a> in Disqus and click on <b>Export Comments</b>. This should start the process of exporting your comments in the background.
                      </li>

                      <li>
-                        After a while, you'll receive an email from Disqus with a link to a compressed archive of all comments and associated data. Copy and paste that link here and start the import process:
+                        You'll receive an email from Disqus with a link to a compressed archive of all comments and associated data. Copy and paste that link here to start the import process:

                        <br><br>

@@ -250,14 +323,23 @@
                            <button id="disqus-import-button" class="commento-email-button" onclick="window.commento.importDisqus()">Import</button>
                          </div>
                        </div>
+                        <!--
                        <div class="subtext-container">
                          <div class="subtext">
-                            <div>Note: it is strongly recommended you do this only once. Multiple imports for the same domain may have unintended effects.</div>
+                            <div>By using this service, you grant Commento the permission to download and process your Disqus information.</div>
                          </div>
                        </div>
+                        -->
+
+                        <br>
                      </li>
+
                      <li>
-                        We'll automatically download this file, extract it, parse it and import comments into Commento. The URL information will be preserved. By using this service, you grant Commento the permission to download and process your Disqus information.
+                        Commento will automatically download this file, extract it, parse it and import comments into Commento. URL information, comment authors, text formatting, and nested replies will be preserved.
+                      </li>
+                        
+                      <li>
+                        It is strongly recommended you do this only once. Importing multiple times may have unintended effects.
                      </li>
                    </ul>
                  </div>
--- a/frontend/fonts/source-sans-400-cyrillic-ext.woff2
+++ b/frontend/fonts/source-sans-400-cyrillic-ext.woff2
--- a/frontend/fonts/source-sans-400-cyrillic.woff2
+++ b/frontend/fonts/source-sans-400-cyrillic.woff2
--- a/frontend/fonts/source-sans-400-greek-ext.woff2
+++ b/frontend/fonts/source-sans-400-greek-ext.woff2
--- a/frontend/fonts/source-sans-400-greek.woff2
+++ b/frontend/fonts/source-sans-400-greek.woff2
--- a/frontend/fonts/source-sans-400-latin-ext.woff2
+++ b/frontend/fonts/source-sans-400-latin-ext.woff2
--- a/frontend/fonts/source-sans-400-latin.woff2
+++ b/frontend/fonts/source-sans-400-latin.woff2
--- a/frontend/fonts/source-sans-400-vietnamese.woff2
+++ b/frontend/fonts/source-sans-400-vietnamese.woff2
--- a/frontend/fonts/source-sans-700-cyrillic-ext.woff2
+++ b/frontend/fonts/source-sans-700-cyrillic-ext.woff2
--- a/frontend/fonts/source-sans-700-cyrillic.woff2
+++ b/frontend/fonts/source-sans-700-cyrillic.woff2
--- a/frontend/fonts/source-sans-700-greek-ext.woff2
+++ b/frontend/fonts/source-sans-700-greek-ext.woff2
--- a/frontend/fonts/source-sans-700-greek.woff2
+++ b/frontend/fonts/source-sans-700-greek.woff2
--- a/frontend/fonts/source-sans-700-latin-ext.woff2
+++ b/frontend/fonts/source-sans-700-latin-ext.woff2
--- a/frontend/fonts/source-sans-700-latin.woff2
+++ b/frontend/fonts/source-sans-700-latin.woff2
--- a/frontend/fonts/source-sans-700-vietnamese.woff2
+++ b/frontend/fonts/source-sans-700-vietnamese.woff2
--- a/frontend/forgot.html
+++ b/frontend/forgot.html
@@ -3,6 +3,7 @@
    <meta name="viewport" content="user-scalable=no, initial-scale=1.0">
    <script src="[[[.CdnPrefix]]]/js/jquery.js"></script>
    <script src="[[[.CdnPrefix]]]/js/forgot.js"></script>
+    <link rel="icon" href="[[[.CdnPrefix]]]/images/120x120.png">
    <link rel="stylesheet" href="[[[.CdnPrefix]]]/css/auth.css">
    <link href="https://fonts.googleapis.com/css?family=Source+Code+Pro:400,700|Source+Sans+Pro:200,300,400,700" rel="stylesheet">
    <title>Commento: Reset your Password</title>
--- a/frontend/gulpfile.js
+++ b/frontend/gulpfile.js
@@ -14,6 +14,8 @@ const develPath = "build/devel/";
 const prodPath = "build/prod/";
 const scssSrc = "./sass/*.scss";
 const cssDir = "css/";
+const fontsDir = "fonts/";
+const fontsGlob = fontsDir + "**/*";
 const imagesDir = "images/";
 const imagesGlob = imagesDir + "**/*";
 const jsDir = "js/";
@@ -66,6 +68,7 @@ const jsCompileMap = {
    "js/dashboard-statistics.js",
    "js/dashboard-import.js",
    "js/dashboard-danger.js",
+    "js/dashboard-export.js",
  ],
  "js/logout.js": [
    "js/constants.js",
@@ -73,6 +76,12 @@ const jsCompileMap = {
    "js/logout.js"
  ],
  "js/commento.js": ["js/commento.js"],
+  "js/unsubscribe.js": [
+    "js/constants.js",
+    "js/utils.js",
+    "js/http.js",
+    "js/unsubscribe.js",
+  ],
 };

 gulp.task("scss-devel", function () {
@@ -100,6 +109,14 @@ gulp.task("html-prod", function () {
    .pipe(gulp.dest(prodPath))
 });

+gulp.task("fonts-devel", function () {
+  gulp.src([fontsGlob]).pipe(gulp.dest(develPath + fontsDir));
+});
+
+gulp.task("fonts-prod", function () {
+  gulp.src([fontsGlob]).pipe(gulp.dest(prodPath + fontsDir));
+});
+
 gulp.task("images-devel", function () {
  gulp.src([imagesGlob]).pipe(gulp.dest(develPath + imagesDir));
 });
@@ -135,5 +152,5 @@ gulp.task("lint", function () {
    .pipe(eslint.failAfterError())
 });

-gulp.task("devel", ["scss-devel", "html-devel", "images-devel", "lint", "js-devel"]);
-gulp.task("prod", ["scss-prod", "html-prod", "images-prod", "lint", "js-prod"]);
+gulp.task("devel", ["scss-devel", "html-devel", "fonts-devel", "images-devel", "lint", "js-devel"]);
+gulp.task("prod", ["scss-prod", "html-prod", "fonts-prod", "images-prod", "lint", "js-prod"]);
--- a/frontend/js/auth-common.js
+++ b/frontend/js/auth-common.js
@@ -13,8 +13,8 @@

  // Prefills the email field from the URL parameter.
  global.prefillEmail = function() {
-    if (paramGet("email") !== undefined) {
-      $("#email").val(paramGet("email"));
+    if (global.paramGet("email") !== undefined) {
+      $("#email").val(global.paramGet("email"));
      $("#password").click();
    }
  };
--- a/frontend/js/commento.js
+++ b/frontend/js/commento.js
--- a/frontend/js/dashboard-domain.js
+++ b/frontend/js/dashboard-domain.js
@@ -91,6 +91,8 @@

        resp.domains[i].viewsLast30Days = global.numberify(0);
        resp.domains[i].commentsLast30Days = global.numberify(0);
+
+        resp.domains[i].allowAnonymous = !resp.domains[i].requireIdentification;
        
        for (var j = 0; j < resp.domains[i].moderators.length; j++) {
          resp.domains[i].moderators[j].timeAgo = global.timeSince(
@@ -109,6 +111,7 @@

  // Updates a domain with the backend.
  global.domainUpdate = function(domain, callback) {
+    domain.requireIdentification = !domain.allowAnonymous;
    var json = {
      "ownerToken": global.cookieGet("commentoOwnerToken"),
      "domain": domain,
--- a/frontend/js/dashboard-export.js
+++ b/frontend/js/dashboard-export.js
@@ -0,0 +1,26 @@
+(function (global, document) {
+  "use strict";
+
+  (document);
+
+  global.domainExportBegin = function() {
+    var data = global.dashboard.$data;
+
+    var json = {
+      "ownerToken": global.cookieGet("commentoOwnerToken"),
+      "domain": data.domains[data.cd].domain,
+    }
+
+    global.buttonDisable("#domain-export-button");
+    global.post(global.origin + "/api/domain/export/begin", json, function(resp) {
+      global.buttonEnable("#domain-export-button");
+      if (!resp.success) {
+        global.globalErrorShow(resp.message);
+        return;
+      }
+
+      global.globalOKShow("Data export operation has been successfully queued. You will receive an email.");
+    });
+  };
+
+} (window.commento, document));
--- a/frontend/js/dashboard-statistics.js
+++ b/frontend/js/dashboard-statistics.js
@@ -98,10 +98,10 @@
        series: [comments],
      }, options);

-      data.domains[data.cd].viewsLast30Days = numberify(views.reduce(function(a, b) {
+      data.domains[data.cd].viewsLast30Days = global.numberify(views.reduce(function(a, b) {
        return a + b; 
      }, 0));
-      data.domains[data.cd].commentsLast30Days = numberify(comments.reduce(function(a, b) {
+      data.domains[data.cd].commentsLast30Days = global.numberify(comments.reduce(function(a, b) {
        return a + b; 
      }, 0));
    });
--- a/frontend/js/dashboard.js
+++ b/frontend/js/dashboard.js
@@ -23,29 +23,29 @@
    var settings = [
      {
        "id": "installation",
-        "text": "Installation",
+        "text": "Installation Guide",
        "meaning": "Install Commento with HTML",
        "selected": false,
        "open": global.installationOpen,
      },
      {
        "id": "general",
-        "text": "Configure Domain",
-        "meaning": "Names, domains and the rest",
+        "text": "General",
+        "meaning": "Email settings, data export",
        "selected": false,
        "open": global.generalOpen,
      },
      {
        "id": "moderation",
        "text": "Moderation Settings",
-        "meaning": "Manage list of moderators",
+        "meaning": "Manage moderators, spam filtering",
        "selected": false,
        "open": global.moderationOpen,
      },
      {
        "id": "statistics",
-        "text": "View Activity",
-        "meaning": "Usage and comment statistics",
+        "text": "Analytics",
+        "meaning": "Anonymous statistics and graphs",
        "selected": false,
        "open": global.statisticsOpen,
      },
--- a/frontend/js/reset.js
+++ b/frontend/js/reset.js
@@ -17,7 +17,7 @@
    }

    var json = {
-      "resetHex": paramGet("hex"),
+      "resetHex": global.paramGet("hex"),
      "password": $("#password").val(),
    };

--- a/frontend/js/signup.js
+++ b/frontend/js/signup.js
@@ -35,7 +35,7 @@
      }

      if (resp.confirmEmail) {
-        document.locatidocumenton = global.origin + "/confirm-email";
+        document.location = global.origin + "/confirm-email";
      } else {
        document.location = global.origin + "/login?signedUp=true";
      }
--- a/frontend/js/unsubscribe.js
+++ b/frontend/js/unsubscribe.js
@@ -0,0 +1,54 @@
+(function (global, document) {
+  "use strict";
+
+  (document);
+
+  var e;
+
+  // Update the email records.
+  global.emailUpdate = function() {
+    $(".err").text("");
+    $(".msg").text("");
+    e.sendModeratorNotifications = $("#moderator").is(":checked");
+    e.sendReplyNotifications = $("#reply").is(":checked");
+
+    var json = {
+      "email": e,
+    };
+
+    global.buttonDisable("#save-button");
+    global.post(global.origin + "/api/email/update", json, function(resp) {
+      global.buttonEnable("#save-button");
+      if (!resp.success) {
+        $(".err").text(resp.message);
+        return;
+      }
+
+      $(".msg").text("Successfully updated!");
+    });
+  }
+
+  // Checks the unsubscribeSecretHex token to retrieve current settings.
+  global.emailGet = function() {
+    $(".err").text("");
+    $(".msg").text("");
+    var json = {
+      "unsubscribeSecretHex": global.paramGet("unsubscribeSecretHex"),
+    };
+
+    global.post(global.origin + "/api/email/get", json, function(resp) {
+      $(".loading").hide();
+      if (!resp.success) {
+        $(".err").text(resp.message);
+        return;
+      }
+
+      e = resp.email;
+      $("#email").text(e.email);
+      $("#moderator").prop("checked", e.sendModeratorNotifications);
+      $("#reply").prop("checked", e.sendReplyNotifications);
+      $(".checkboxes").attr("style", "");
+    });
+  };
+
+} (window.commento, document));
--- a/frontend/login.html
+++ b/frontend/login.html
@@ -3,6 +3,7 @@
    <meta name="viewport" content="user-scalable=no, initial-scale=1.0">
    <script src="[[[.CdnPrefix]]]/js/jquery.js"></script>
    <script src="[[[.CdnPrefix]]]/js/login.js"></script>
+    <link rel="icon" href="[[[.CdnPrefix]]]/images/120x120.png">
    <link rel="stylesheet" href="[[[.CdnPrefix]]]/css/auth.css">
    <link href="https://fonts.googleapis.com/css?family=Source+Code+Pro:400,700|Source+Sans+Pro:200,300,400,700" rel="stylesheet">
    <title>Commento: Login</title>
--- a/frontend/reset-password.html
+++ b/frontend/reset-password.html
@@ -3,6 +3,7 @@
    <meta name="viewport" content="user-scalable=no, initial-scale=1.0">
    <script src="[[[.CdnPrefix]]]/js/jquery.js"></script>
    <script src="[[[.CdnPrefix]]]/js/reset.js"></script>
+    <link rel="icon" href="[[[.CdnPrefix]]]/images/120x120.png">
    <link rel="stylesheet" href="[[[.CdnPrefix]]]/css/auth.css">
    <link href="https://fonts.googleapis.com/css?family=Source+Code+Pro:400,700|Source+Sans+Pro:200,300,400,700" rel="stylesheet">
    <title>Commento: Reset your Password</title>
--- a/frontend/sass/button.scss
+++ b/frontend/sass/button.scss
@@ -0,0 +1,34 @@
+@import "colors-main.scss";
+@import "common-main.scss";
+
+.button {
+  @extend .shadow;
+  height: 40px;
+  min-width: 110px;
+  background: $white;
+  border: none;
+  outline: none;
+  padding: 0px 10px 0px 10px;
+  font-size: 12px;
+  text-transform: uppercase;
+  text-align: center;
+  font-weight: bold;
+  color: $blue-7;
+  cursor: pointer;
+  transition: all 0.2s;
+}
+
+.button:hover {
+  color: $blue-6;
+}
+
+.button:disabled {
+  cursor: default;
+  color: $gray-6;
+}
+
+.short-button {
+  width: 80px;
+  position: absolute;
+  top: 10px;
+}
--- a/frontend/sass/checkbox.scss
+++ b/frontend/sass/checkbox.scss
@@ -0,0 +1,88 @@
+@import "colors-main.scss";
+
+.commento-round-check {
+  input[type="radio"],
+  input[type="checkbox"] {
+    display: none;
+  }
+
+  input[type="radio"] + label,
+  input[type="checkbox"] + label {
+    display: block;
+    position: relative;
+    padding-left: 35px;
+    margin-bottom: 5px;
+    cursor: pointer;
+    -webkit-user-select: none;
+    -moz-user-select: none;
+    -ms-user-select: none;
+  }
+
+  input[type="radio"] + label:last-child,
+  input[type="checkbox"] + label:last-child {
+    margin-bottom: 0;
+  }
+
+  input[type="radio"] + label:before,
+  input[type="checkbox"] + label:before {
+    content: '';
+    display: block;
+    width: 13px;
+    height: 13px;
+    margin-top: 2px;
+    background: $gray-0;
+    border: 1px solid $gray-3;
+    border-radius: 3px;
+    position: absolute;
+    left: 0;
+    top: 0;
+    transition: all .15s;
+  }
+
+  input[type="radio"]:disabled + label:before,
+  input[type="checkbox"]:disabled + label:before {
+    background: $gray-0;
+    border: 1px solid $gray-4;
+    opacity: 0.4;
+  }
+
+  input[type="radio"]:checked + label:before,
+  input[type="checkbox"]:checked + label:before {
+    background: $blue-6;
+    border: 1px solid $blue-6;
+  }
+
+  input[type="radio"] + label:after,
+  input[type="checkbox"] + label:after {
+    position: absolute;
+    left: -7px;
+    top: 4px;
+    content: '';
+    display: inline-block;
+    width: 3px;
+    height: 7px;
+    transform: rotate(45deg);
+    margin-left: 12px;
+    margin-right: 12px;
+    border: solid transparent;
+    border-width: 0 2px 2px 0;
+  }
+
+  input[type="radio"]:disabled + label:after,
+  input[type="checkbox"]:disabled + label:after {
+    border: solid transparent;
+    border-width: 0 2px 2px 0;
+  }
+
+  input[type="radio"]:checked + label:after,
+  input[type="checkbox"]:checked + label:after {
+    border: solid $gray-0;
+    border-width: 0 2px 2px 0;
+  }
+
+  .pitch {
+    font-size: 14px;
+    color: #a5a5a5;
+    line-height: 20px !important;
+  }
+}
--- a/frontend/sass/commento-card.scss
+++ b/frontend/sass/commento-card.scss
@@ -0,0 +1,130 @@
+@import "colors-main.scss";
+
+.commento-card {
+  @import "commento-options.scss"; // SVG buttons to the right of each comment
+
+  padding: 12px 0px 0px 12px;
+  margin-top: 16px;
+  border-top: 1px solid #f0f0f0;
+
+  .commento-header {
+    padding-bottom: 4px;
+  }
+
+  .commento-avatar::after {
+    content:"";
+    display:block;
+  }
+
+  .commento-name {
+    font-weight: 700;
+    font-size: 14px;
+    color: #555;
+    border: none;
+    display: block;
+    z-index: 1;
+    margin-left: 48px;
+    white-space: nowrap;
+    overflow: hidden;
+    text-overflow: ellipsis;
+    width: fit-content;
+  }
+
+  .commento-flagged::after {
+    content: "Flagged";
+    text-transform: uppercase;
+    font-size: 10px;
+    background: $red-7;
+    color: white;
+    margin-left: 8px;
+    padding: 2px 6px 2px 6px;
+    border-radius: 100px;
+  }
+
+  .commento-subtitle {
+    display: block;
+    color: #999;
+    font-size: 12px;
+    margin-left: 48px;
+  }
+
+  .commento-timeago {
+    display: inline;
+    color: #888;
+    font-size: 12px;
+  }
+
+  .commento-score {
+    display: inline;
+    color: #888;
+    font-size: 12px;
+    font-weight: 700;
+  }
+
+  .commento-timeago::before {
+    content: "\00a0 \00a0 \00b7 \00a0 \00a0";
+  }
+
+  .commento-body {
+    p {
+      margin-top: 6px;
+      margin-bottom: 6px;
+    }
+  }
+
+  .commento-options {
+    float: right;
+    position: relative;
+    height: 38px;
+    z-index: 2;
+  }
+
+  .commento-options-mobile {
+    margin-right: 12px;
+  }
+
+  .commento-options-clearfix {
+    height: 38px;
+    width: 1px;
+    display: block;
+  }
+
+  .commento-moderation {
+    height: 48px;
+  }
+}
+
+.commento-dark-card {
+  background: $red-0;
+}
+
+.commento-highlighted-card {
+  background: $yellow-0;
+}
+
+// do not place this inside .commento-card as this is used by logged-container
+// as well
+.commento-avatar {
+  width: 38px;
+  height: 38px;
+  border-radius: 50%;
+  display: flex;
+  justify-content: center;
+  align-items: center;
+  color: white;
+  font-size: 22px;
+  float: left;
+  margin-right: 10px;
+  border: 0px transparent;
+}
+
+.commento-avatar-img {
+  width: 38px;
+  height: 38px;
+  border-radius: 50%;
+  display: flex;
+  justify-content: center;
+  align-items: center;
+  float: left;
+  margin-right: 10px;
+}
--- a/frontend/sass/commento-common.scss
+++ b/frontend/sass/commento-common.scss
@@ -0,0 +1,42 @@
+@import "colors-main.scss";
+
+code {
+  background: $red-1;
+  font-family: monospace;
+  line-height: 1.5;
+  color: $red-6;
+  padding: 2px;
+  margin: 2px;
+}
+
+a {
+  color: $blue-6;
+  border-bottom: 1px solid $blue-6;
+  outline: none;
+  text-decoration: none;
+}
+
+a:focus {
+  box-shadow: 0 0 0 1px rgba(87, 85, 217, .2);
+}
+
+.commento-button {
+  display: inline-flex;
+  justify-content: center;
+  align-items: center;
+  text-align: center;
+  cursor: pointer;
+  font-weight: bold;
+  line-height: 24px;
+  font-size: 14px;
+  padding: 6px;
+  padding-left: 8px;
+  padding-right: 8px;
+  box-shadow: 0 4px 6px rgba(50,50,93,.11),0 1px 3px rgba(0,0,0,.08);
+  border: 1px solid transparent;
+  border-radius: 3px;
+  color: #fff;
+  width: 100px;
+  margin-left: 5px;
+  margin-right: 5px;
+}
--- a/frontend/sass/commento-footer.scss
+++ b/frontend/sass/commento-footer.scss
--- a/frontend/sass/commento-input.scss
+++ b/frontend/sass/commento-input.scss
@@ -1,4 +1,5 @@
@import "colors-main.scss";
+@import "checkbox.scss";

 textarea,
 input[type=text] {
@@ -13,7 +14,7 @@ input[type=text]::placeholder {
 }

 textarea::placeholder {
-  color: #aaa;
+  color: $gray-6;
  font-size: 20px;
  display: flex;
  line-height: 110px;
@@ -24,7 +25,7 @@ textarea::placeholder {

 textarea {
  display: inline-block;
-  font-family: "Segoe UI", Roboto, "Helvetica Neue", sans-serif;
+  font-family: 'Source Sans Pro', sans-serif;
  padding: 8px;
  outline: none;
  overflow: auto;
@@ -47,93 +48,6 @@ textarea {
  }
 }

-.commento-oauth-buttons-container {
-  display: flex;
-  justify-content: center;
-}
-
-.commento-oauth-buttons,
-.commento-account-buttons,
-.commento-account-buttons-container {
-  display: flex;
-  flex-direction: column;
-  align-items: center;
-  position: absolute;
-  z-index: 1;
-}
-
-.commento-account-buttons {
-  position: static;
-  flex-direction: row;
-}
-
-.commento-account-buttons-container {
-  top: 3rem;
-  padding-bottom: 10px;
-}
-
-.commento-oauth-buttons {
-  display: contents;
-}
-
-.commento-account-buttons-question {
-  position: absolute;
-  top: 10px;
-  display: block;
-  text-align: center;
-  justify-content: center;
-  align-items: center;
-  font-weight: bold;
-  font-size: 14px;
-  padding: 6px;
-  color: $gray-8;
-  outline: none;
-}
-
-.commento-button {
-  display: inline-flex;
-  justify-content: center;
-  align-items: center;
-  text-align: center;
-  cursor: pointer;
-  font-weight: bold;
-  line-height: 24px;
-  font-size: 14px;
-  padding: 6px;
-  padding-left: 8px;
-  padding-right: 8px;
-  box-shadow: 0 4px 6px rgba(50,50,93,.11),0 1px 3px rgba(0,0,0,.08);
-  border: 1px solid transparent;
-  border-radius: 3px;
-  color: #fff;
-  width: 100px;
-  margin-left: 5px;
-  margin-right: 5px;
-}
-
-.commento-google-button {
-  background: #dd4b39;
-  text-transform: uppercase;
-  font-size: 12px;
-}
-
-.commento-github-button {
-  background: #000000;
-  text-transform: uppercase;
-  font-size: 12px;
-}
-
-.commento-anonymous-button {
-  display: block;
-  color: $blue-6;
-  font-weight: 700;
-  margin-top: 12px;
-  font-size: 12px;
-  cursor: pointer;
-  text-align: center;
-  text-transform: uppercase;
-}
-
 .commento-blurred-textarea {
  list-style: none;
  display: flex;
@@ -144,47 +58,35 @@ textarea {
  will-change: transform;
 }

-.commento-approve-button,
-.commento-delete-button,
-.commento-submit-button {
-  margin-top: 10px;
-  font-size: 14px;
-  width: -moz-fit-content;
-  width: -webkit-fit-content;
-  width: -ms-fit-content;
-  width: -o-fit-content;
-  width: fit-content;
-}
-
-.commento-create-button {
-  width: 150px;
-  background: $pink-9;
-  text-transform: uppercase;
-  font-size: 12px;
-}
-
-.commento-login-button {
-  width: 50px;
-  background: $cyan-9;
-  text-transform: uppercase;
-  font-size: 12px;
-}
-
 .commento-submit-button {
  float: right;
-  background: $indigo-7;
+  background: $blue-8;
  text-transform: uppercase;
  font-size: 12px;
-}
-
-.commento-approve-button {
-  background: $green-7;
-}
-
-.commento-delete-button {
-  background: $red-7;
+  margin-top: 10px;
 }

 .commento-button-margin {
  padding-bottom: 60px;
 }
+
+.commento-anonymous-checkbox-container {
+  float: right;
+  margin: 20px 16px;
+
+  input[type="checkbox"] + label {
+    padding-left: 24px;
+    font-size: 12px;
+    text-transform: uppercase;
+    font-weight: bold;
+    color: $gray-7;
+  }
+
+  input[type="checkbox"] + label:before {
+    margin-top: 1px;
+  }
+
+  input[type="checkbox"] + label:after {
+    margin-top: -1px;
+  }
+}
--- a/frontend/sass/commento-logged.scss
+++ b/frontend/sass/commento-logged.scss
@@ -1,5 +1,19 @@
@import "colors-main.scss";

+.commento-login {
+  width: 100%;
+
+  .commento-login-text {
+    text-align: right;
+    margin-right: 16px;
+    height: 38px;
+    color: $gray-6;
+    font-weight: bold;
+    cursor: pointer;
+    display: block;
+  }
+}
+
 .commento-logged-container {
  width: 100%;
  text-align: left;
--- a/frontend/sass/commento-login.scss
+++ b/frontend/sass/commento-login.scss
@@ -23,25 +23,20 @@
    opacity: 1;
    transition: opacity 0.2s;

+    @import "commento-oauth.scss";
+
    hr {
      border: none;
      background: $gray-2;
      height: 1px;
-    }
-
-    .commento-login-box-header {
-      font-size: 20px;
-      font-weight: 200;
-      text-align: center;
-      color: $pink-8;
-      margin: 16px;
+      margin: 24px 0px;
    }

    .commento-login-box-subtitle {
      color: $gray-6;
      text-align: center;
-      font-size: 15px;
      margin: 12px 0px;
+      font-size: 15px;
    }

    @import "email-main.scss";
--- a/frontend/sass/commento-mod-tools.scss
+++ b/frontend/sass/commento-mod-tools.scss
@@ -0,0 +1,24 @@
+@import "colors-main.scss";
+
+.commento-mod-tools {
+  margin-bottom: 16px;
+
+  button {
+    text-transform: uppercase;
+    color: $gray-7;
+    font-size: 12px;
+    font-weight: 700;
+    cursor: pointer;
+    margin-left: 12px;
+    background: none;
+    border: none;
+  }
+}
+
+.commento-mod-tools::before {
+  content: "Moderator Tools";
+  text-transform: uppercase;
+  color: $indigo-8;
+  font-size: 12px;
+  font-weight: 700;
+}
--- a/frontend/sass/commento-oauth.scss
+++ b/frontend/sass/commento-oauth.scss
@@ -0,0 +1,27 @@
+@import "colors-main.scss";
+
+.commento-oauth-buttons-container {
+  display: flex;
+  justify-content: center;
+
+  .commento-oauth-buttons {
+    display: flex;
+    flex-direction: column;
+    align-items: center;
+    position: absolute;
+    z-index: 1;
+    display: contents;
+
+    .commento-google-button {
+      background: #dd4b39;
+      text-transform: uppercase;
+      font-size: 13px;
+    }
+
+    .commento-github-button {
+      background: #000000;
+      text-transform: uppercase;
+      font-size: 13px;
+    }
+  }
+}
--- a/frontend/sass/commento-options.scss
+++ b/frontend/sass/commento-options.scss
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Adhityaa Chandrasekar	e0f188909f	release: v1.6.2	2019-02-19 00:12:28 -05:00
Adhityaa Chandrasekar	0b78e9e70c	owner_reset_password.go: use ownerHex in SELECT	2019-02-19 00:11:26 -05:00
Adhityaa Chandrasekar	ca797cd165	release: v1.6.1	2019-02-18 18:36:17 -05:00
Adhityaa Chandrasekar	15d729c6ac	docker-compose.yml: remove db ports exposure	2019-02-18 18:35:28 -05:00
Adhityaa Chandrasekar	af1d1dcd0c	Dockerfile: copy fonts file	2019-02-18 18:28:06 -05:00
Adhityaa Chandrasekar	b21c630208	release: v1.6.0	2019-02-18 17:40:22 -05:00
Adhityaa Chandrasekar	ef68dadcd7	email_moderate.go: include email in error message	2019-02-18 17:40:22 -05:00
Adhityaa Chandrasekar	8a7348ed6a	email.go: run go fmt	2019-02-18 17:38:58 -05:00
Adhityaa Chandrasekar	5df5b5f112	fonts: add source sans fonts	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	c9677385f8	commenter_self.go: include email details	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	220109a157	commento.js: close login box when logged in	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	2e2d022c9b	commento.js: add login button	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	63c4da0b8d	api: add email moderation	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	e1c94ecf15	api,frontend: add unsubscribe	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	60a9f2cc15	button.scss: move .button to separate file	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	06f0f6f014	everywhere: add email notifications	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	69aba94590	commento.scss: move highlighted to commento-card.scss	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	52ce1e2660	comment_new.go: enforce RequireIdentification when anonymous Yikes, I can't believe I forgot about this.	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	7fc3910009	comment_new.go: use RequireModeration in anonymous clause	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	619231e32f	commento.js: add scroll into view based on hash	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	a22b49a112	commenter_get.go: add TODO comment	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	b77089388f	commento.js: show oauth above email login	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	b35155b9e5	commento.js: default to login instead of signup	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	5bb51bb131	commento-mod-tools.scss: use 12px font	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	8a8e0b53fc	commento.scss: move avatar and dark-card to commento-card.scss	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	2b00384219	commento.scss: move mod-tools to separate file	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	bd695c53fd	commento-input.scss: darken textarea placeholder	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	24ddf0657b	commento-input.scss: remove unused approve and delete classes	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	e70546fb56	commento-oauth.scss: move oauth button styling to file	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	4ceb85ae51	commento.js, commento-input.scss: make textarea cleaner	2019-02-18 17:34:43 -05:00
Adhityaa Chandrasekar	41b0c8e5ca	checkbox.scss: add commento- prefix	2019-02-18 17:33:44 -05:00
Adhityaa Chandrasekar	0acdd67e39	commenter_login.go: include commenter struct in response	2019-02-18 17:33:44 -05:00
Adhityaa Chandrasekar	caca7b8c41	commento-input.scss: use Source Sans Pro	2019-02-18 17:33:44 -05:00
Adhityaa Chandrasekar	24de2dbcb3	checkbox.scss: move checkbox element to separate file	2019-02-18 17:33:44 -05:00
Adhityaa Chandrasekar	9a14801990	commento.scss: rename buttons, tags, card file	2019-02-18 17:33:44 -05:00
Adhityaa Chandrasekar	de98ed81cd	commento-logo.scss: rename to commento-footer.scss	2019-02-18 17:33:44 -05:00
Adhityaa Chandrasekar	3f7b65dee9	commento.js: fix anonymous selfHex logic in commentNew	2019-02-18 17:33:44 -05:00
Adhityaa Chandrasekar	8c09aa0ff6	commento.scss: remove unnecessary common-main include	2019-02-18 17:33:44 -05:00
dasZGFz	ce47f80e8e	commento.js: Add iframe support	2019-02-12 23:35:33 -08:00
Adhityaa Chandrasekar	e434f59f9a	release: v1.5.0	2019-02-04 18:11:03 -05:00
Adhityaa Chandrasekar	a4fbf67d73	api: run go fmt	2019-02-04 18:11:03 -05:00
Adhityaa Chandrasekar	1aea90cb07	dashboard.html: hide email settings for now	2019-02-04 18:08:17 -05:00
Adhityaa Chandrasekar	20b6660fa9	domain_import_disqus.go: update disqus export spec	2019-02-04 18:05:51 -05:00
Adhityaa Chandrasekar	815628c5ee	dashboard-statistics.js: namespace numberify with global	2019-01-31 02:25:05 -05:00
Adhityaa Chandrasekar	6caa3e312c	cron_domain_export_cleanup.go: change cron period	2019-01-31 02:19:47 -05:00
Adhityaa Chandrasekar	94829d9b83	api: add cron job to clean up views table	2019-01-31 02:19:12 -05:00
Adhityaa Chandrasekar	7be22b091f	domain_export.go: raise error if SMTP is not configured	2019-01-31 02:08:13 -05:00
Adhityaa Chandrasekar	fff5e5c0e1	everywhere: add option to export data	2019-01-31 02:06:11 -05:00
Adhityaa Chandrasekar	f1ece27c99	dashboard: overhaul	2019-01-30 23:49:16 -05:00
Adhityaa Chandrasekar	5e48da6940	dashboard: improve moderator list explanation text	2019-01-30 22:49:25 -05:00
Adhityaa Chandrasekar	28fe1aaa89	dashboard.html: improve readability in panes	2019-01-30 22:44:36 -05:00
Adhityaa Chandrasekar	f846935a2a	comment_new.go, commento.js: don't refresh when creating comments	2019-01-30 22:19:16 -05:00
Adhityaa Chandrasekar	42b452b9f8	commento-input.scss: biggen oauth button text size	2019-01-30 21:26:14 -05:00
Adhityaa Chandrasekar	514535a607	oauth_google_callback.go: fix potential nil panic	2019-01-30 21:25:09 -05:00
Adhityaa Chandrasekar	55f24b2de2	api: add github oauth Closes https://gitlab.com/commento/commento/issues/20	2019-01-30 21:22:46 -05:00
Adhityaa Chandrasekar	24d76c2fb6	frontend: add favicon to all html files	2019-01-30 20:13:08 -05:00
Max	f2ff2b4940	Update docker.md with correct postgresql directory for persitence	2019-01-27 16:16:24 +00:00
Adhityaa Chandrasekar	6d1563e22a	email-main.scss: unset width	2019-01-24 07:01:16 -05:00
Adhityaa Chandrasekar	9a3c181442	commento-input.scss: use pixels instead of rem	2019-01-24 06:56:30 -05:00
Adhityaa Chandrasekar	010b7336cd	signup.js: fix document.location typo I have no idea what that was.	2019-01-24 06:12:44 -05:00
Adhityaa Chandrasekar	00c197e2ee	owner_new.go: perform email check before processing	2019-01-24 06:11:37 -05:00
Adhityaa Chandrasekar	c6a98d93e4	dashboard.html: update allow-anonymous subtext	2019-01-23 18:39:12 -05:00
Adhityaa Chandrasekar	edd8aae7a7	auth-common.js, reset.js: use global namespace for paramGet	2019-01-23 17:48:39 -05:00
Adhityaa Chandrasekar	3677d43aab	templates: use plaintext instead of fancy HTML	2019-01-23 02:52:13 -05:00
Adhityaa Chandrasekar	0cdba65e48	release: v1.4.2	2019-01-23 00:27:55 -05:00
Adhityaa Chandrasekar	022fc06257	everywhere: improve anonymous comments logic	2019-01-23 00:26:25 -05:00
Adhityaa Chandrasekar	61bc73e705	dashboard.html: rephrase requireIdentification text on-screen	2019-01-22 23:55:18 -05:00