Wrote my own Yubico-time-to-Unix-time conversion, as strtotime() was unreliable.

Fixed "Mixing of GROUP columns (MIN(),MAX(),COUNT(),...) with no GROUP columns is illegal if there is no GROUP BY clause"

Damn it Yubico, you changed your API and broke my code.

Yubikey flags are no longer fetched from server at login time, instead provided with load

SECURITY (critical): If username provided, any Yubikey could be used to log in.

Added error for HTTP connection failure.

Yubikey user CP now requires re-auth to CHPREF. Didn't win YubiKing :-(

Branch merge (how did this happen?)

Added auth plugin flag.

Whoops! That load_component was needed in prefs page

Removed stray load of expander, jquery and jquery-ui

Added timestamp-based verification.

If yubikey_reg_require_otp is 1, opening login window now auto-opens Yubikey prompt

Added option to enroll Yubikey during registration + option in admin CP to require enrollment

Fixed a few issues with input postprocessing in client API

Added visual feedback for key entry

Auth: added string for pass required

Should work with Yubico's official server now - forgot to account for newlines.

Maybe we could actually make yubikey_enable in config not ignored!

Minor: if input OTP is empty and password looks like OTP, now copies password to OTP in memory and treats password field as OTP. Will require patch in Enano trunk to work for html login.

Typo! STOP -> DROP. See Spot run. Spot runs to the house. Spot licks Dick. Dick pets Spot.

First commit! Hoping everything works.