diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
new file mode 100644
index 0000000..2260fb6
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,27 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of the bug.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Go to ...
+2. Click on ....
+3. ...
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots, Videos, Logs or Errors**
+If applicable, add screenshots to help explain your problem.
+If possible, try uploading images or large logs as an attachment instead of somewhere else to ensure it's availability.
+
+**Additional context**
+Add any other context about the problem here.
diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
new file mode 100644
index 0000000..cc96547
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -0,0 +1,21 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is.
+Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.
diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml
new file mode 100644
index 0000000..d0ecefe
--- /dev/null
+++ b/.github/workflows/nodejs.yml
@@ -0,0 +1,35 @@
+# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node
+# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
+
+name: TypeScript Compile
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [10.x]  # Oldest 'Active' version: https://nodejs.org/en/about/releases/
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Use Node.js v${{ matrix.node-version }}
+      uses: actions/setup-node@v1
+      with:
+        node-version: ${{ matrix.node-version }}
+    - name: 'Cache: npm-node_modules'
+      uses: actions/cache@v1
+      with:
+        path: ./node_modules/
+        key: ${{ runner.os }}-npm-${{ hashFiles('./package-lock.json') }}
+    - run: npm i
+    - run: npm run build
+    #- run: npm test
+      env:
+        CI: true
diff --git a/.gitignore b/.gitignore
index 3febf95..f82cd88 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
-node_modules/
-storage/
-logs/
\ No newline at end of file
+/build/
+/logs/
+/node_modules/
+/storage/
\ No newline at end of file
diff --git a/.static/script-login.js b/.static/script-login.js
deleted file mode 100644
index 8951682..0000000
--- a/.static/script-login.js
+++ /dev/null
@@ -1,105 +0,0 @@
-const BASE_URL = 'https://mc-auth.com';
-
-async function submitUsername(event) {
-  event.preventDefault();
-
-  const submitBtn = document.getElementById('submitBtn'),
-    nameInput = document.getElementById('mcName');
-
-  submitBtn.classList.add('disabled');
-  nameInput.classList.add('disabled');
-  submitBtn.setAttribute('disabled', 'disabled');
-  nameInput.setAttribute('disabled', 'disabled');
-
-  try {
-    const res = await fetch(`https://api.sprax2013.de/mc/profile/${nameInput.value}`, {
-      method: 'GET',
-      headers: { 'Accept': 'application/json' }
-    });
-
-    if (res.status === 200) {
-      const json = await res.json();
-
-      event.target.onsubmit = submitCode;
-
-      nameInput.setAttribute('data-mcUUID', json.id);
-      document.getElementById('otp').setAttribute('required', 'required');
-      document.getElementById('form2').classList.remove('hidden');
-
-      submitBtn.classList.remove('disabled');
-      submitBtn.removeAttribute('disabled');
-
-      console.log('Valid Username:', json.name);
-    } else {
-      console.error('That username does not exist!');
-
-      submitBtn.classList.remove('disabled');
-      submitBtn.removeAttribute('disabled');
-
-      nameInput.classList.remove('disabled');
-      nameInput.removeAttribute('disabled');
-    }
-  } catch (err) {
-    console.error('Request failed!');
-    console.error(err);
-
-    submitBtn.classList.remove('disabled');
-    submitBtn.removeAttribute('disabled');
-
-    nameInput.classList.remove('disabled');
-    nameInput.removeAttribute('disabled');
-
-    // console.error('Request failed - Sending form to server instead!', err);
-
-    // event.target.onsubmit = undefined;
-    // event.target.submit();
-  }
-}
-
-async function submitCode(event) {
-  event.preventDefault();
-
-  const submitBtn = document.getElementById('submitBtn'),
-    mcUUID = document.getElementById('mcName').getAttribute('data-mcUUID'),
-    codeInput = document.getElementById('otp');
-
-  submitBtn.classList.add('disabled');
-  codeInput.classList.add('disabled');
-  submitBtn.setAttribute('disabled', 'disabled');
-  codeInput.setAttribute('disabled', 'disabled');
-
-  try {
-    const res = await fetch(`${BASE_URL}/login/verify?uuid=${mcUUID}&otp=${codeInput.value}&keepLogin=${document.getElementById('keepLogin').checked}&returnTo=${event.target.getAttribute('data-returnTo')}`, {
-      method: 'GET',
-      headers: { 'Accept': 'application/json' }
-    });
-
-    const json = await res.json();
-
-    if (res.status == 200 && json.verified) {
-      console.log('Login was successful!');
-      window.location.href = json.url || BASE_URL;
-    } else {
-      console.error('The code is invalid!');
-
-      submitBtn.classList.remove('disabled');
-      submitBtn.removeAttribute('disabled');
-
-      codeInput.classList.remove('disabled');
-      codeInput.removeAttribute('disabled');
-    }
-  } catch (err) {
-    console.error('Request failed!');
-    console.error(err);
-    submitBtn.classList.remove('disabled');
-    submitBtn.removeAttribute('disabled');
-
-    codeInput.classList.remove('disabled');
-    codeInput.removeAttribute('disabled');
-
-    // console.error('Request failed - Sending form to server instead!', err);
-
-    // event.target.onsubmit = undefined;
-    // event.target.submit();
-  }
-}
\ No newline at end of file
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
new file mode 100644
index 0000000..6dbe943
--- /dev/null
+++ b/CODE_OF_CONDUCT.md
@@ -0,0 +1,76 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, sex characteristics, gender identity and expression,
+level of experience, education, socio-economic status, nationality, personal
+appearance, race, religion, or sexual identity and orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+ advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+ address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+ professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at developer@sprax2013.de. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
+
+[homepage]: https://www.contributor-covenant.org
+
+For answers to common questions about this code of conduct, see
+https://www.contributor-covenant.org/faq
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
new file mode 100644
index 0000000..f66825d
--- /dev/null
+++ b/CONTRIBUTING.md
@@ -0,0 +1,63 @@
+# Contributing to Mc-Auth-Web
+We love your input!
+We want to make contributing to this project as easy and transparent as possible, whether it's:
+
+* Reporting a bug
+* Discussing the current state of the code
+* Submitting a fix
+* Proposing new features
+
+## We Develop with GitHub
+We use GitHub to host code, to track issues and feature requests, as well as accept pull requests.
+
+## We Use [GitHub Flow](https://guides.github.com/introduction/flow/index.html), So All Code Changes Happen Through Pull Requests
+Pull requests are the best way to propose changes to the codebase (we use [GitHub Flow](https://guides.github.com/introduction/flow/index.html)).
+We actively welcome your pull requests:
+
+1. Fork the repo and create your branch from `master`.
+2. If you've added code that should be tested, add tests.
+3. If you've changed APIs, update the documentation.
+5. Ensure the test suite passes.
+6. Issue that pull request!
+
+## Any contributions you make will be under the MIT Software License
+In short, when you submit code changes, your submissions are understood to be under the same
+[MIT License](https://choosealicense.com/licenses/mit/) that covers the project.
+Feel free to contact the maintainers if that's a concern.
+
+## Report bugs using GitHub's [issues](https://github.com/Mc-Auth-com/Mc-Auth-Web/issues)
+We use GitHub issues to track public bugs. Report a bug by [opening a new issue](https://github.com/Mc-Auth-com/Mc-Auth-Web/issues/new) – it's that easy!
+
+## Write bug reports with detail, background, and sample code
+Make sure to provide all the relevant information needed to reproduce the bug you are reporting. You can upload logs, images or videos if needed.
+
+**Great Bug Reports** tend to have:
+
+* A quick summary and/or background
+* Steps to reproduce
+  * Be specific!
+  * Give sample code if you can – Try to make it as universal as possible, so is quickly understood.
+* What you expected would happen
+* What actually happens
+* Notes (possibly including why you think this might be happening, or stuff you tried that didn't work)
+
+People *love* thorough bug reports. I'm not even kidding.
+
+## Use a Consistent Coding Style
+* 2 spaces for indentation rather than tabs
+* Use `const` or `let` rather than `var`
+
+## License
+By contributing, you agree that your contributions will be licensed under its [MIT License](./LICENSE.md).
+
+## Enforcement
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at developer@sprax2013.de.
+All complaints will be reviewed and investigated and will result in a response that is deemed necessary and appropriate to the circumstances.
+The project team is obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined
+by other members of the project's leadership.
+
+## References
+This document was adapted from [briandk](https://gist.github.com/briandk/3d2e8b3ec8daf5a27a62), who originally adapted it from Facebook's Draft.
diff --git a/LICENSE b/LICENSE
index 551ed2a..7e6c89a 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2019 Mc-Auth.com
+Copyright (c) 2019 Christian Koop
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
diff --git a/README.md b/README.md
index 3a71813..3f88c0d 100644
--- a/README.md
+++ b/README.md
@@ -16,53 +16,50 @@ So I read some [oAuth2 paper](https://tools.ietf.org/html/rfc6749) and started w
 ## Setup
 **You'll need [Node.js and npm](https://nodejs.org/en/download/package-manager/) on your machine and a PostgreSQL instance**
 
-1. Prepare your PostgreSQL server by running the commands inside `./tables.sql`
+1. Prepare your PostgreSQL server by running `./database-setup.sql`
 2. `npm install`
-3. `npm start`
+3. `npm run build` (needs to be rerun everytime the app is updated)
+4. `npm run start` Or you can use `npm run dev` to automatically recompile on file changes (not recommended for production)
 4. Configure all files inside `./storage` (automatically generated)
-5. Edit the first variables of the files `./storage.js` and `./.static/script-login.js`
 6. Type `rs` into the console or restart the process
 
 ## TODO
-* Settings: Show grants (accepted and denied ones)
+* **Complete Recode ([#70](https://github.com/Mc-Auth-com/Mc-Auth-Web/pull/70))**
+  * Redesign how localization files look and move to Crowdin
+  * [X] Recode demo page
+  * [X] Cache HTML in memory (for every language)
+* Finish settings pages
+  * Account
+    * Show public Minecraft account data (as example)
+    * [X] Adding and confirming email address
+    * Export account data
+  * Account Security
+    * Show active sessions (+IP, User-Agent, ...)
+    * Show all apps that have been granted access
+  * Notification
+    * Allow enabling/disabling email notifications for specific events
+  * oAuth Apps
+    * [X] Delete button
+* Allow grants to be temporary (60 days without activity by default)
+* Fully implement verified applications
+  * Force 2FA when editing verified apps
+* When uploading an app icon: Show notification that user needs to use the 'Save' button
+* Send 'Content Security Policy' header
+* Allow users to report applications (in authorization screen)
+* Introduce rate limits
 * Create documentation/wiki
-  * Create Brand/Press Kit with images
-  * Create HTML-Button examples
-* ~~Allow easy localization of HTML~~
-  * ~~Functional Language-Switcher~~
-  * Cache localized HTML
-  * ~~Create english translation~~
-  * ~~Create german translation~~
-* Tell users that changes have been saved or that an upload failed/succeeded
-* Rate-limit icon uploads
-* Allow users to report applications (On grant-request)
-* Add possibilities to be an verified application
-* App-Settings
-  * Allow deletion
-  * Allow regenerating client_secret
-  * fix text position
-* Allow 2FA for Settings-Page (Applications)
-  * Force for verified applications
-* './.static/script-login.js' should not hold it's own `BASE_URL`
-* Don't use Google Analytics (Something on webserver level is enough with a good dashboard)
-* Recode in TypeScript
-* ~~Notify about cookies~~
-* ~~Resize and crop uploaded images to fit inside 128px x 128px~~
-* ~~Use reCAPTCHA when creating a new app~~
-* ~~Cards (Login, Settings, App-Settings) go out of bounds when view-port is not high enough~~
-* ~~App-Settings: Description looses line-breaks~~
-* ~~Publish Demo-Application~~ 
-* ~~When an application requests authorization and the user is not logged in, the user can't proceed as intended~~
+* Create Brand/Press Kit with images
+  * With HTML Examples for buttons
+* Replace 'Google Analytics'
+* Admin Dashboard
 
 ## Contributors ✨
 <table>
   <tr>
-    <td align="center"><a href="https://github.com/JonasAlpha"><img src="https://avatars1.githubusercontent.com/u/35976079?s=460&v=4" width="100px" alt=""><br><sub><b>Jonas</b></sub></a><br>🎨 Logo and Banner</td>
-    <td align="center"><a href="https://github.com/Songoda"><img src="https://avatars3.githubusercontent.com/u/26376600?s=460&v=4" width="100px" alt=""><br><sub><b>Brianna O'Keefe</b></sub></a><br>🌍 English Translations</td>
+    <td align="center"><a href="https://github.com/JonasAlpha"><img src="https://avatars1.githubusercontent.com/u/35976079" width="100px" alt=""><br><sub><b>Jonas</b></sub></a><br>🎨 Logo and Banner</td>
+    <td align="center"><a href="https://github.com/Songoda"><img src="https://avatars2.githubusercontent.com/u/26376600" width="100px" alt=""><br><sub><b>Brianna O'Keefe</b></sub></a><br>🌍 English Translations</td>
   </tr>
 </table>
 
 ## License
-[MIT License](./LICENSE)
-
-[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2FMc-Auth-com%2FMc-Auth-Web.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2FMc-Auth-com%2FMc-Auth-Web?ref=badge_large)
+[MIT License](./LICENSE)
\ No newline at end of file
diff --git a/database-setup.sql b/database-setup.sql
new file mode 100644
index 0000000..b9db07b
--- /dev/null
+++ b/database-setup.sql
@@ -0,0 +1,283 @@
+/*
+ Target Server Type    : PostgreSQL
+ Target Server Version : 110009
+ File Encoding         : 65001
+*/
+
+-- ----------------------------
+-- Extension pgcrypto
+-- ----------------------------
+CREATE EXTENSION IF NOT EXISTS pgcrypto;
+
+-- ----------------------------
+-- Function structure for generate_snowflake
+-- ----------------------------
+CREATE OR REPLACE FUNCTION "public"."generate_snowflake"(IN "seq" text, OUT "snowflake" int8)
+  RETURNS "pg_catalog"."int8" AS $BODY$
+DECLARE
+    our_epoch bigint := 1314220021721;
+    seq_id bigint;
+    now_millis bigint;
+    -- the id of this DB shard, must be set for each
+    -- schema shard you have - you could pass this as a parameter too
+    shard_id int := 1;
+BEGIN
+    SELECT nextval(seq) % 1024 INTO seq_id;
+
+    SELECT FLOOR(EXTRACT(EPOCH FROM clock_timestamp()) * 1000) INTO now_millis;
+    snowflake := (now_millis - our_epoch) << 23;
+    snowflake := snowflake | (shard_id << 10);
+    snowflake := snowflake | (seq_id);
+END;
+$BODY$
+  LANGUAGE plpgsql VOLATILE
+  COST 100;
+
+-- ----------------------------
+-- Function structure for random_string
+-- ----------------------------
+CREATE OR REPLACE FUNCTION "public"."random_string"("length" int4)
+  RETURNS "pg_catalog"."varchar" AS $BODY$
+declare
+  chars text[] := '{0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z}';
+  result varchar := '';
+  i integer := 0;
+begin
+  for i in 1..length loop
+    result := result || chars[1+random()*(array_length(chars, 1)-1)];
+  end loop;
+  return result;
+end;
+$BODY$
+  LANGUAGE plpgsql VOLATILE
+  COST 100;
+
+-- ----------------------------
+-- Type structure for GrantResult
+-- ----------------------------
+DROP TYPE IF EXISTS "public"."GrantResult";
+CREATE TYPE "public"."GrantResult" AS ENUM (
+  'GRANTED',
+  'DENIED',
+  'REVOKED'
+);
+
+-- ----------------------------
+-- Sequence structure for apps_id_sequence
+-- ----------------------------
+DROP SEQUENCE IF EXISTS "public"."apps_id_sequence";
+CREATE SEQUENCE "public"."apps_id_sequence"
+INCREMENT 1
+MINVALUE  1
+MAXVALUE 9223372036854775807
+START 1
+CACHE 1;
+
+-- ----------------------------
+-- Sequence structure for apps_secret_sequence
+-- ----------------------------
+DROP SEQUENCE IF EXISTS "public"."apps_secret_sequence";
+CREATE SEQUENCE "public"."apps_secret_sequence"
+INCREMENT 1
+MINVALUE  1
+MAXVALUE 9223372036854775807
+START 1
+CACHE 1;
+
+-- ----------------------------
+-- Sequence structure for grants_id_sequence
+-- ----------------------------
+DROP SEQUENCE IF EXISTS "public"."grants_id_sequence";
+CREATE SEQUENCE "public"."grants_id_sequence"
+INCREMENT 1
+MINVALUE  1
+MAXVALUE 9223372036854775807
+START 1
+CACHE 1;
+
+-- ----------------------------
+-- Sequence structure for icons_id_sequence
+-- ----------------------------
+DROP SEQUENCE IF EXISTS "public"."icons_id_sequence";
+CREATE SEQUENCE "public"."icons_id_sequence"
+INCREMENT 1
+MINVALUE  1
+MAXVALUE 9223372036854775807
+START 1
+CACHE 1;
+
+-- ----------------------------
+-- Table structure for accounts
+-- ----------------------------
+DROP TABLE IF EXISTS "public"."accounts";
+CREATE TABLE "public"."accounts" (
+  "id" varchar(32) COLLATE "pg_catalog"."default" NOT NULL,
+  "name" varchar(128) COLLATE "pg_catalog"."default" NOT NULL,
+  "email" varchar(255) COLLATE "pg_catalog"."default",
+  "email_pending" varchar(255) COLLATE "pg_catalog"."default",
+  "email_pending_since" timestamptz(0),
+  "last_login" timestamptz(0)
+);
+
+-- ----------------------------
+-- Table structure for apps
+-- ----------------------------
+DROP TABLE IF EXISTS "public"."apps";
+CREATE TABLE "public"."apps" (
+  "id" int8 NOT NULL DEFAULT generate_snowflake('public.apps_id_sequence'::text),
+  "owner" varchar(32) COLLATE "pg_catalog"."default" NOT NULL,
+  "name" varchar(128) COLLATE "pg_catalog"."default" NOT NULL,
+  "description" varchar(512) COLLATE "pg_catalog"."default",
+  "website" varchar(512) COLLATE "pg_catalog"."default" NOT NULL DEFAULT '[]'::character varying,
+  "icon" int8,
+  "redirect_uris" jsonb NOT NULL DEFAULT '[]'::jsonb,
+  "secret" varchar(255) COLLATE "pg_catalog"."default" DEFAULT concat(random_string(8), '.', generate_snowflake('public.apps_secret_sequence'::text), '.', random_string(4)),
+  "verified" bool NOT NULL DEFAULT false,
+  "deleted" bool NOT NULL DEFAULT false,
+  "created" timestamptz(0) NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
+
+-- ----------------------------
+-- Table structure for grants
+-- ----------------------------
+DROP TABLE IF EXISTS "public"."grants";
+CREATE TABLE "public"."grants" (
+  "id" int8 NOT NULL DEFAULT generate_snowflake('public.grants_id_sequence'::text),
+  "app" int8 NOT NULL,
+  "account" varchar(32) COLLATE "pg_catalog"."default" NOT NULL,
+  "result" "public"."GrantResult",
+  "scopes" jsonb NOT NULL,
+  "response_type" varchar(128) COLLATE "pg_catalog"."default" NOT NULL,
+  "state" varchar(128) COLLATE "pg_catalog"."default",
+  "access_token" varchar(32) COLLATE "pg_catalog"."default",
+  "exchange_token" varchar(32) COLLATE "pg_catalog"."default",
+  "redirect_uri" varchar(255) COLLATE "pg_catalog"."default" NOT NULL,
+  "issued" timestamptz(0) NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
+
+-- ----------------------------
+-- Table structure for icons
+-- ----------------------------
+DROP TABLE IF EXISTS "public"."icons";
+CREATE TABLE "public"."icons" (
+  "id" int8 NOT NULL DEFAULT generate_snowflake('public.icons_id_sequence'::text),
+  "optimized" bytea,
+  "original" bytea,
+  "duplicate_of" int8,
+  "added_by" varchar(32) COLLATE "pg_catalog"."default" NOT NULL,
+  "added" timestamptz(0) NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
+
+-- ----------------------------
+-- Table structure for otps
+-- ----------------------------
+DROP TABLE IF EXISTS "public"."otps";
+CREATE TABLE "public"."otps" (
+  "account" varchar(32) COLLATE "pg_catalog"."default" NOT NULL,
+  "code" int4 NOT NULL,
+  "issued" timestamptz(0) DEFAULT CURRENT_TIMESTAMP
+);
+COMMENT ON TABLE "public"."otps" IS 'OTPs or One-Time-Passwords';
+
+-- ----------------------------
+-- Table structure for sessions
+-- ----------------------------
+DROP TABLE IF EXISTS "public"."sessions";
+CREATE TABLE "public"."sessions" (
+  "sid" varchar COLLATE "pg_catalog"."default" NOT NULL,
+  "sess" json NOT NULL,
+  "expire" timestamp(6) NOT NULL
+);
+
+-- ----------------------------
+-- Alter sequences owned by
+-- ----------------------------
+ALTER SEQUENCE "public"."apps_id_sequence"
+OWNED BY "public"."apps"."id";
+ALTER SEQUENCE "public"."apps_secret_sequence"
+OWNED BY "public"."apps"."secret";
+ALTER SEQUENCE "public"."grants_id_sequence"
+OWNED BY "public"."grants"."id";
+ALTER SEQUENCE "public"."icons_id_sequence"
+OWNED BY "public"."icons"."id";
+
+-- ----------------------------
+-- Primary Key structure for table accounts
+-- ----------------------------
+ALTER TABLE "public"."accounts" ADD CONSTRAINT "accounts_pkey" PRIMARY KEY ("id");
+
+-- ----------------------------
+-- Primary Key structure for table apps
+-- ----------------------------
+ALTER TABLE "public"."apps" ADD CONSTRAINT "applications_pkey" PRIMARY KEY ("id");
+
+-- ----------------------------
+-- Indexes structure for table grants
+-- ----------------------------
+CREATE UNIQUE INDEX "grants_app_access_token_idx" ON "public"."grants" USING btree (
+  "app" "pg_catalog"."int8_ops" ASC NULLS LAST,
+  "access_token" COLLATE "pg_catalog"."default" "pg_catalog"."text_ops" ASC NULLS LAST
+);
+CREATE UNIQUE INDEX "grants_exchange_token_idx" ON "public"."grants" USING btree (
+  "exchange_token" COLLATE "pg_catalog"."default" "pg_catalog"."text_ops" ASC NULLS LAST
+);
+
+-- ----------------------------
+-- Primary Key structure for table grants
+-- ----------------------------
+ALTER TABLE "public"."grants" ADD CONSTRAINT "grants_pkey" PRIMARY KEY ("id");
+
+-- ----------------------------
+-- Indexes structure for table icons
+-- ----------------------------
+CREATE UNIQUE INDEX "icons_digest_idx" ON "public"."icons" USING btree (
+  digest(original, 'sha256'::text) "pg_catalog"."bytea_ops" ASC NULLS LAST
+);
+CREATE INDEX "icons_original_idx" ON "public"."icons" USING hash (
+  "original" "pg_catalog"."bytea_ops"
+);
+
+-- ----------------------------
+-- Primary Key structure for table icons
+-- ----------------------------
+ALTER TABLE "public"."icons" ADD CONSTRAINT "images_pkey" PRIMARY KEY ("id");
+
+-- ----------------------------
+-- Primary Key structure for table otps
+-- ----------------------------
+ALTER TABLE "public"."otps" ADD CONSTRAINT "otps_pkey" PRIMARY KEY ("account");
+
+-- ----------------------------
+-- Indexes structure for table sessions
+-- ----------------------------
+CREATE INDEX "IDX_session_expire" ON "public"."sessions" USING btree (
+  "expire" "pg_catalog"."timestamp_ops" ASC NULLS LAST
+);
+
+-- ----------------------------
+-- Primary Key structure for table sessions
+-- ----------------------------
+ALTER TABLE "public"."sessions" ADD CONSTRAINT "session_pkey" PRIMARY KEY ("sid");
+
+-- ----------------------------
+-- Foreign Keys structure for table apps
+-- ----------------------------
+ALTER TABLE "public"."apps" ADD CONSTRAINT "applications_icon_fkey" FOREIGN KEY ("icon") REFERENCES "public"."icons" ("id") ON DELETE NO ACTION ON UPDATE NO ACTION;
+ALTER TABLE "public"."apps" ADD CONSTRAINT "applications_owner_fkey" FOREIGN KEY ("owner") REFERENCES "public"."accounts" ("id") ON DELETE NO ACTION ON UPDATE NO ACTION;
+
+-- ----------------------------
+-- Foreign Keys structure for table grants
+-- ----------------------------
+ALTER TABLE "public"."grants" ADD CONSTRAINT "grants_account_fkey" FOREIGN KEY ("account") REFERENCES "public"."accounts" ("id") ON DELETE NO ACTION ON UPDATE NO ACTION;
+ALTER TABLE "public"."grants" ADD CONSTRAINT "grants_app_fkey" FOREIGN KEY ("app") REFERENCES "public"."apps" ("id") ON DELETE NO ACTION ON UPDATE NO ACTION;
+
+-- ----------------------------
+-- Foreign Keys structure for table icons
+-- ----------------------------
+ALTER TABLE "public"."icons" ADD CONSTRAINT "images_added_by_fkey" FOREIGN KEY ("added_by") REFERENCES "public"."accounts" ("id") ON DELETE NO ACTION ON UPDATE NO ACTION;
+ALTER TABLE "public"."icons" ADD CONSTRAINT "images_duplicate_of_fkey" FOREIGN KEY ("duplicate_of") REFERENCES "public"."icons" ("id") ON DELETE NO ACTION ON UPDATE NO ACTION;
+
+-- ----------------------------
+-- Foreign Keys structure for table otps
+-- ----------------------------
+ALTER TABLE "public"."otps" ADD CONSTRAINT "otps_account_fkey" FOREIGN KEY ("account") REFERENCES "public"."accounts" ("id") ON DELETE NO ACTION ON UPDATE NO ACTION;
\ No newline at end of file
diff --git a/db/DB.js b/db/DB.js
deleted file mode 100644
index 69a7aa7..0000000
--- a/db/DB.js
+++ /dev/null
@@ -1,296 +0,0 @@
-const Utils = require('../utils');
-
-const { Pool } = require('pg');
-const pool = new Pool({
-  host: require('./../storage/db.json')['host'],
-  port: require('./../storage/db.json')['port'],
-  user: require('./../storage/db.json')['user'],
-  password: require('./../storage/db.json')['password'],
-  database: require('./../storage/db.json')['database'],
-  ssl: require('./../storage/db.json')['ssl'],
-  max: 8
-});
-pool.on('error', (err, _client) => {
-  console.error('Unexpected error on idle client:', err);
-});
-
-/* Helper */
-function firstRow(res, key = null) {
-  const result = res.rows.length > 0 ? res.rows[0] : null;
-
-  return (result && key) ? result[key] : result;
-}
-
-/* exports */
-module.exports = {
-  pool,
-
-  /* OTPs (Minecraft) */
-
-  /**
-   * @param {String} uuid 
-   * @param {Number} otp 
-   * @param {Function} callback err (Error), success (Boolean)
-   */
-  invalidateOneTimePassword(uuid, otp, callback) {
-    pool.query(`DELETE FROM otp WHERE minecraft =$1::UUID AND code =$2 AND issued >= CURRENT_TIMESTAMP - INTERVAL '5 MINUTES' RETURNING *;`,
-      [uuid, otp], (err, res) => {
-        if (err) return callback(err);
-
-        callback(null, res.rows.length > 0);
-      });
-  },
-
-  /* Applications */
-
-  /**
-   * @param {String} clientID 
-   * @param {Function} callback 
-   */
-  getApplication(clientID, callback) {
-    pool.query(`SELECT * FROM applications WHERE id =$1;`, [clientID], (err, res) => {
-      if (err) return callback(err);
-
-      return callback(null, firstRow(res));
-    });
-  },
-
-  /**
-   * @param {String} clientID 
-   * @param {String} mcUUID
-   * @param {Function} callback 
-   */
-  getApplicationForOwner(clientID, mcUUID, callback) {
-    pool.query(`SELECT * FROM applications WHERE id =$1 AND owner =$2::UUID;`,
-      [clientID, mcUUID], (err, res) => {
-        if (err) return callback(err);
-
-        return callback(null, firstRow(res));
-      });
-  },
-
-  /**
-   * @param {String} mcUUID 
-   * @param {Function} callback 
-   */
-  getActiveApplications(mcUUID, callback) {
-    pool.query(`SELECT * FROM applications WHERE owner =$1::UUID AND deleted =FALSE ORDER BY created DESC;`,
-      [mcUUID], (err, res) => {
-        if (err) return callback(err);
-
-        const result = [];
-
-        for (const row of res.rows) {
-          result.push(row);
-        }
-
-        return callback(null, result);
-      });
-  },
-
-  /**
-   * @param {String} clientID 
-   * @param {String} name 
-   * @param {String} description 
-   * @param {String} redirectURIs 
-   * @param {Function} callback 
-   */
-  updateApplication(clientID, name, description, icon, redirectURIs, callback) {
-    pool.query(`UPDATE applications SET name =$2, description =$3, icon =$4, redirect_uris =$5 WHERE id =$1;`,
-      [clientID, name, description, icon, JSON.stringify(redirectURIs)], (err, _res) => {
-        return callback(err || null);
-      });
-  },
-
-  /**
-   * @param {String} name 
-   * @param {String} description
-   * @param {String} secret
-   * @param {String} mcUUID
-   * @param {Function} callback 
-   */
-  createApplication(name, description, mcUUID, callback) {
-    pool.query(`INSERT INTO applications(name,description,owner) VALUES ($1,$2,$3) RETURNING *;`,
-      [name, description, mcUUID], (err, res) => {
-        if (err) return callback(err);
-
-        callback(null, firstRow(res));
-      });
-  },
-
-  /**
-   * @param {String} clientID 
-   * @param {Function} callback 
-   */
-  regenerateApplicationSecret(clientID, callback) {
-    pool.query(`UPDATE applications SET secret =DEFAULT WHERE id =$1 RETURNING secret;`,
-      [clientID], (err, res) => {
-        if (err) return callback(err);
-
-        callback(null, firstRow(res));
-      });
-  },
-
-  /* Grants */
-
-  /**
-   * @param {String} grantID 
-   * @param {Function} callback 
-   */
-  getUnusedGrant(grantID, mcUUID, callback) {
-    pool.query(`SELECT * FROM grants WHERE id =$1 AND result ='NONE'::"GrantResult" AND mc_uuid =$2 AND issued >= CURRENT_TIMESTAMP - INTERVAL '24 HOUR';`,
-      [grantID, mcUUID], (err, res) => {
-        if (err) return callback(err);
-
-        return callback(null, firstRow(res));
-      });
-  },
-
-  /**
-   * @param {String} clientID 
-   * @param {String} mcUUID
-   * @param {String} redirectURI
-   * @param {String} state
-   * @param {String[]} scope
-   * @param {Function} callback 
-   */
-  generateGrant(clientID, mcUUID, redirectURI, state, scope, callback) {
-    pool.query(`INSERT INTO grants(application,mc_uuid,redirect_uri,state,scope) VALUES ($1,$2,$3,$4,$5) RETURNING *;`,
-      [clientID, mcUUID, redirectURI.toLowerCase(), state, JSON.stringify(scope)], (err, res) => {
-        if (err) return callback(err);
-
-        callback(null, firstRow(res));
-      });
-  },
-
-  /**
-   * @param {String} clientID 
-   * @param {String} mcUUID
-   * @param {String} redirectURI
-   * @param {String} state
-   * @param {String[]} scope
-   * @param {Function} callback 
-   */
-  generateAccessToken(clientID, mcUUID, redirectURI, state, scope, callback) {
-    pool.query(`INSERT INTO grants(application,mc_uuid,redirect_uri,state,scope,access_token,result) VALUES ($1,$2,$3,$4,$5,random_string(32),'GRANTED'::"GrantResult") RETURNING access_token;`,
-      [clientID, mcUUID, redirectURI.toLowerCase(), state, JSON.stringify(scope)], (err, res) => {
-        if (err) return callback(err);
-
-        callback(null, firstRow(res, 'access_token'));
-      });
-  },
-
-  /**
-   * @param {String} clientID 
-   * @param {String} redirectURI
-   * @param {Function} callback err (Error), success (Boolean)
-   */
-  invalidateExchangeToken(clientID, exchangeToken, redirectURI, callback) {
-    pool.query(`UPDATE grants SET access_token =random_string(32) WHERE application =$1 AND access_token IS NULL AND exchange_token =$2 AND redirect_uri =$3 AND result ='GRANTED'::"GrantResult" AND issued >= CURRENT_TIMESTAMP - INTERVAL '5 MINUTES' RETURNING *;`,
-      [clientID, exchangeToken, redirectURI.toLowerCase()], (err, res) => {
-        if (err) return callback(err);
-
-        callback(null, firstRow(res));
-      });
-  },
-
-  /**
-   * @param {String} grantID 
-   * @param {Boolean} granted
-   * @param {Function} callback err (Error)
-   */
-  setGrantResult(grantID, granted, callback) {
-    pool.query(`UPDATE grants SET result ='${granted ? 'GRANTED' : 'DENIED'}'::"GrantResult" WHERE id =$1;`, [grantID], (err, _res) => {
-      callback(err || null);
-    });
-  },
-
-  /* Images */
-  /**
-   * @param {Buffer} png 
-   * @param {Buffer} original 
-   * @param {Function} callback 
-   */
-  createImage(png, original, callback) {  // What the actual fuck did I doe here o.0
-    pool.connect((err, client, done) => {
-      if (err) {
-        done();
-        return callback(err);
-      }
-
-      client.query(`SELECT id FROM images WHERE original =$1;`, [original], (err, res) => {
-        if (err) {
-          done();
-          return callback(err);
-        }
-
-        if (firstRow(res, 'id')) {
-          done();
-
-          module.exports.getImageID(original, callback);
-        } else {
-          client.query(`INSERT INTO images(optimized,original) VALUES ($1,$2) ON CONFLICT DO NOTHING RETURNING id;`,
-            [png, original], (err, res) => {
-              if (err) {
-                done();
-                return callback(err);
-              }
-
-              if (firstRow(res, 'id')) {
-                return callback(err, firstRow(res, 'id'));
-              }
-
-              this.getImageID(original, (err, id) => {
-                done();
-                if (err) return callback(err);
-
-                return this.getOptimizedImage(id, callback);
-              });
-            });
-        }
-      });
-    });
-  },
-
-  /**
-   * @param {Buffer} original 
-   * @param {Function} callback 
-   */
-  getImageID(original, callback) {
-    pool.query(`SELECT id FROM images WHERE original =$1;`, [original], (err, res) => {
-      if (err) return callback(err);
-
-      callback(null, firstRow(res, 'id'));
-    });
-  },
-
-  /**
-   * @param {Number|String} id 
-   * @param {Function} callback 
-   */
-  getOptimizedImage(id, callback) {
-    pool.query(`SELECT optimized FROM images WHERE id =$1;`, [id], (err, res) => {
-      if (err) return callback(err);
-
-      callback(null, firstRow(res, 'optimized'));
-    });
-  }
-};
-
-/* Maintenance */
-
-// setInterval(async () => {
-  // pool.query(`DELETE FROM grants WHERE issued < CURRENT_TIMESTAMP - INTERVAL '24 HOUR' RETURNING *;`,
-  //   [], (err, res) => {
-  //     if (err) return Utils.logAndCreateError(err);
-
-  //     console.log(`Deleted ${res.rowCount} stale grants`);
-  //   });
-
-  // pool.query(`DELETE FROM otp WHERE issued < CURRENT_TIMESTAMP - INTERVAL '24 HOUR' RETURNING *;`,
-  //   [], (err, res) => {
-  //     if (err) return Utils.logAndCreateError(err);
-
-  //     console.log(`Deleted ${res.rowCount} stale one-time-passwords`);
-  //   });
-// }, 3 * 24 * 60 * 60 * 1000 /* 3d */);
\ No newline at end of file
diff --git a/html/_head_bottom.html b/html/_head_bottom.html
deleted file mode 100644
index bb3cdcd..0000000
--- a/html/_head_bottom.html
+++ /dev/null
@@ -1,39 +0,0 @@
-<link rel="apple-touch-icon" sizes="180x180" href="${URL_STATIC_CONTENT}/img/favicon/apple-touch-icon.png">
-<link rel="icon" type="image/png" sizes="32x32" href="${URL_STATIC_CONTENT}/img/favicon/favicon-32x32.png">
-<link rel="icon" type="image/png" sizes="16x16" href="${URL_STATIC_CONTENT}/img/favicon/favicon-16x16.png">
-<link rel="manifest" href="${URL_STATIC_CONTENT}/img/favicon/site.webmanifest">
-<link rel="mask-icon" href="${URL_STATIC_CONTENT}/img/favicon/safari-pinned-tab.svg" color="#603cba">
-<link rel="shortcut icon" href="${URL_STATIC_CONTENT}/img/favicon/favicon.ico">
-<meta name="msapplication-TileColor" content="#603cba">
-<meta name="msapplication-config" content="${URL_STATIC_CONTENT}/img/favicon/browserconfig.xml">
-<meta name="theme-color" content="#ffffff">
-
-<meta name="author" content="Sprax2013">
-
-<meta name="twitter:title" content="Mc-Auth.com — Minecraft Authentication made easy">
-<meta name="twitter:description"
-  content="Mc-Auth.com allows users to securely login with their Minecraft accounts without ever needing to enter their account password.">
-<meta name="twitter:url" content="${URL_BASE}">
-<meta name="twitter:image" content="${URL_STATIC_CONTENT}/assets/img/Logo_HD.png">
-<meta name="twitter:card" content="summary">
-<meta name="twitter:site" content="@Sprax2013">
-<meta name="twitter:creator" content="@Sprax2013">
-
-<meta property="og:type" content="website">
-<meta property="og:title" content="Mc-Auth.com — Minecraft Authentication made easy">
-<meta property="og:site_name" content="Mc-Auth.com">
-<meta property="og:description"
-  content="Mc-Auth.com allows users to securely login with their Minecraft accounts without ever needing to enter their account password.">
-<meta property="og:image" content="${URL_STATIC_CONTENT}/assets/img/Logo_HD.png">
-<meta property="og:url" content="${URL_BASE}">
-
-<script type="application/ld+json">
-  {
-  "@context": "http://schema.org",
-  "@type": "Organization",
-  "url": "${URL_BASE}",
-  "logo": "${URL_STATIC_CONTENT}/assets/img/Logo_HD.png"
-  }
-</script>
-
-<script src="${URL_STATIC_CONTENT}/script.js"></script>
\ No newline at end of file
diff --git a/html/_head_top.html b/html/_head_top.html
deleted file mode 100644
index 851f82e..0000000
--- a/html/_head_top.html
+++ /dev/null
@@ -1,10 +0,0 @@
-<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css"
-  integrity="sha256-L/W5Wfqfa0sdBNIKN9cG6QA5F2qx4qICmU2VgLruv9Y=" crossorigin="anonymous">
-<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-1/css/all.min.css"
-  integrity="sha256-4w9DunooKSr3MFXHXWyFER38WmPdm361bQS/2KUWZbU=" crossorigin="anonymous">
-
-<!-- https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 -->
-<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.3/css/flag-icon.min.css"
-  integrity="sha256-NkXMfPcpoih3/xWDcrJcAX78pHpfwxkhNj0bAf8AMTs=" crossorigin="anonymous">
-
-<link rel="stylesheet" href="${URL_STATIC_CONTENT}/style.css">
\ No newline at end of file
diff --git a/html/_header.html b/html/_header.html
deleted file mode 100644
index cee9d41..0000000
--- a/html/_header.html
+++ /dev/null
@@ -1,65 +0,0 @@
-<header>
-  <nav class="navbar navbar-expand-md ?{DarkTheme:navbar-dark bg-dark?:navbar-light bg-light?}" id="headerMenu">
-    <a class="navbar-brand" style="color: #7952B3" href="${URL_BASE}">
-      <img src="https://mc-auth.com/assets/img/Logo.svg" style="height:2.5rem; width: auto" alt="${LOC:words.logo}">
-      Minecraft Authentication
-      <small style="font-size: 60%">Made easy</small>
-    </a>
-
-    <div class="navbar-collapse">
-      <ul class="navbar-nav mr-auto"></ul>
-
-      <ul class="navbar-nav" style="align-items: center">
-        ?{LoggedIn:
-        <li class="nav-item dropdown">
-          <a class="nav-link dropdown-toggle" href="#" id="profileDropdown" role="button" data-toggle="dropdown"
-            aria-haspopup="true" aria-expanded="false">
-            ${LOC:html.header.logged_in_as}
-            <img src="https://api.sprax2013.de/mc/skin/${Minecraft_UUID}/head?size=64"
-              style="width: auto; height: 2.5rem; border-radius: 25px; border: 3px solid #F27405"
-              alt="${LOC:html.header.your_minecraft_face}">
-          </a>
-
-          <div class="dropdown-menu" aria-labelledby="profileDropdown">
-            <a class="dropdown-item" href="${URL_BASE}/settings">
-              <i class="fas fa-cog" aria-hidden="true"></i> ${LOC:words.settings}
-            </a>
-            <a class="dropdown-item" href="${URL_BASE}/logout?returnTo=${URL_CURRENT_ENCODED}">
-              <i class="fas fa-sign-out-alt" aria-hidden="true"></i> ${LOC:words.logout}
-            </a>
-          </div>
-        </li>
-        ?:
-        <li class="nav-item">
-          <a class="nav-link" href="${URL_BASE}/login?returnTo=${URL_CURRENT_ENCODED}">
-            ${LOC:words.login}
-          </a>
-        </li>
-        ?}
-
-        <li class="nav-item">
-          <a class="nav-link" href="#" onclick="toggleDarkMode(event)" aria-label="${LOC:html.header.toggle_dark_theme}">
-            <i class="far fa-moon fa-lg" aria-hidden="true"></i>
-          </a>
-        </li>
-
-        <li class="nav-item dropdown">
-          <a class="nav-link dropdown-toggle" href="#" id="langDropdown" role="button" data-toggle="dropdown"
-            aria-haspopup="true" aria-expanded="false" aria-label="${LOC:html.header.open_language_selection}">
-            <i class="fas fa-language fa-lg" aria-hidden="true"></i>
-          </a>
-
-          <div class="dropdown-menu dropdown-menu-right langDropdown" aria-labelledby="langDropdown">
-            <a class="dropdown-item" href="${URL_BASE}/language?lang=de&returnTo=${URL_CURRENT_ENCODED}">
-              <span class="flag-icon flag-icon-de"></span> Deutsch
-            </a>
-
-            <a class="dropdown-item" href="${URL_BASE}/language?lang=en&returnTo=${URL_CURRENT_ENCODED}">
-              <span class="flag-icon flag-icon-us"></span> English
-            </a>
-          </div>
-        </li>
-      </ul>
-    </div>
-  </nav>
-</header>
\ No newline at end of file
diff --git a/html/authorize.html b/html/authorize.html
deleted file mode 100644
index 2d5a6d1..0000000
--- a/html/authorize.html
+++ /dev/null
@@ -1,115 +0,0 @@
-<!DOCTYPE html>
-<html lang="en" class="h-100">
-
-<head>
-  <meta charset="UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-
-  ${HTML_HEAD_TOP}
-
-  <title>${LOC:html.authorize.authorizing_app} | Mc-Auth.com</title>
-
-  ${HTML_HEAD_BOTTOM}
-
-  <script>
-    // Force page-reload when using browser-pageinator to get to this page (regenerate Grant-ID)
-    window.addEventListener('pageshow', (e) => {
-      if (historyTraversal = e.persisted ||
-        (window.performance &&
-          window.performance.navigation.type === 2)) {
-        window.location.reload();
-      }
-    });
-  </script>
-</head>
-
-<body class="d-flex flex-column h-100 ?{DarkTheme:dark-body text-light?:?}">
-  ${HTML_HEADER}
-
-  <main style="margin-bottom: 2rem">
-    <div class="container-fluid text-center">
-      <h2>
-        <u>${LOC:html.authorize.login_request_from_app}</u>
-      </h2>
-
-      <div class="row">
-        <div class="col"></div>
-
-        <div class="col-auto">
-          <div class="appCard">
-            <div class="row">
-              <div class="col-2">
-                <img src="${APP_ICON}" class="img-fluid" style="max-height: 128px; max-width: 128px;"
-                  alt="${LOC:html.authorize.app_logo}">
-              </div>
-
-              <div class="col-1"></div>
-
-              <div class="col">
-                <p class="text-center">${APP_DESCRIPTION}</p>
-                <hr>
-                <p>
-                  <strong>${LOC:html.authorize.app_owner}:</strong> ${APP_OWNER_NAME}
-                  <br>
-                  <strong>${LOC:html.authorize.app_created_on}:</strong> ${APP_PUBLISHED}
-                </p>
-              </div>
-            </div>
-
-            <div class="row">
-              <div class="col-3"></div>
-
-              <div class="col">
-                <hr>
-              </div>
-            </div>
-
-            <div class="row">
-              <div class="col-2">
-                <img src="https://api.sprax2013.de/mc/skin/${Minecraft_UUID}/head?size=128" class="img-fluid"
-                  style="max-height: 128px; max-width: 128px;" alt="${LOC:html.authorize.your_minecraft_skin}">
-              </div>
-
-              <div class="col-1"></div>
-
-              <div class="col">
-                <p class="text-center"><strong>${LOC:html.authorize.app_wants_access_to}</strong></p>
-
-                <ul>
-                  <li>
-                    <p class="text-left">
-                      ${LOC:html.authorize.scope.profile}
-                      <br>
-                      <em class="text-muted">${LOC:html.authorize.scope.profile.note}</em>
-                    </p>
-                  </li>
-                </ul>
-              </div>
-            </div>
-
-            <hr>
-
-            <div class="row">
-              <div class="col" style="padding-right: 6px">
-                <a class="btn btn-danger float-right"
-                  href="${URL_BASE}/oauth2/authorize/${GRANT_ID}${QUERY_PARAMS}&agreed=0"
-                  role="button">${LOC:words.deny}</a>
-              </div>
-
-              <div class="col" style="padding-left: 6px">
-                <a class="btn btn-success" href="${URL_BASE}/oauth2/authorize/${GRANT_ID}${QUERY_PARAMS}&agreed=1"
-                  role="button">${LOC:words.agree}</a>
-              </div>
-            </div>
-          </div>
-        </div>
-
-        <div class="col"></div>
-      </div>
-    </div>
-  </main>
-
-  ${HTML_FOOTER}
-</body>
-
-</html>
\ No newline at end of file
diff --git a/html/err.html b/html/err.html
deleted file mode 100644
index 46fe8fb..0000000
--- a/html/err.html
+++ /dev/null
@@ -1 +0,0 @@
-<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><title>{0} | {1}</title></head><body><h1>{0}</h1><p>{1}</p></body></html>
\ No newline at end of file
diff --git a/html/index.html b/html/index.html
deleted file mode 100644
index c9929e5..0000000
--- a/html/index.html
+++ /dev/null
@@ -1,64 +0,0 @@
-<!DOCTYPE html>
-<html lang="en" class="h-100">
-
-<head>
-  <meta charset="UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-
-  ${HTML_HEAD_TOP}
-
-  <title>Mc-Auth.com — Easy Minecraft Authentication</title>
-
-  ${HTML_HEAD_BOTTOM}
-</head>
-
-<body class="d-flex flex-column h-100 ?{DarkTheme:dark-body text-light?:?}">
-  ${HTML_HEADER}
-
-  <main style="margin-bottom: 2rem">
-    <div class="container">
-      <h2>${LOC:html.index.what_is.title}</h2>
-      <p>
-        ${LOC:html.index.what_is.content1}
-      </p>
-      <p>
-        ${LOC:html.index.what_is.content2}
-      </p>
-
-      <h2>${LOC:html.index.how.title}</h2>
-      <p>
-        <em>${LOC:html.index.how.content1}</em>
-      </p>
-
-      <ol>
-        <li>${LOC:html.index.how.step1}</li>
-        <li>${LOC:html.index.how.step2}</li>
-        <li>${LOC:html.index.how.step3}</li>
-        <li>${LOC:html.index.how.step4}<br><br></li>
-
-        <li>${LOC:html.index.how.step5}</li>
-      </ol>
-
-      <h2><a href="${URL_DEMO}"><u>${LOC:html.index.how.content2}</u></a></h2>
-    </div>
-
-    <hr>
-
-    <h2 style="text-align: center">
-      ${LOC:html.index.used_by}
-    </h2>
-    <br>
-
-    <div class="text-center">
-      <img src="${URL_STATIC_CONTENT}/assets/img/SkinDB.svg" style="max-height: 150px; max-width: 150px"
-        class="img-fluid rounded" alt="SkinDB.net Logo">
-
-      <img src="${URL_STATIC_CONTENT}/assets/img/CherryBread_Network.jpg" style="max-height: 150px; max-width: 150px"
-        class="img-fluid rounded" alt="CherryBread-Network Logo">
-    </div>
-  </main>
-
-  ${HTML_FOOTER}
-</body>
-
-</html>
\ No newline at end of file
diff --git a/html/login.html b/html/login.html
deleted file mode 100644
index 3f9d573..0000000
--- a/html/login.html
+++ /dev/null
@@ -1,107 +0,0 @@
-<!DOCTYPE html>
-<html lang="en" class="h-100">
-
-<head>
-  <meta charset="UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-
-  <link rel="canonical" href="${URL_BASE}/login">
-
-  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css"
-    integrity="sha256-PHcOkPmOshsMBC+vtJdVr5Mwb7r0LkSVJPlPrp/IMpU=" crossorigin="anonymous">
-  ${HTML_HEAD_TOP}
-
-  <title>Login | Mc-Auth.com</title>
-
-  ${HTML_HEAD_BOTTOM}
-
-  ?{LoggedIn:?:
-  <script src="${URL_STATIC_CONTENT}/script-login.js"></script>
-  ?}
-</head>
-
-<body class="d-flex flex-column h-100 ?{DarkTheme:dark-body text-light?:?}">
-  ${HTML_HEADER}
-
-  <main style="margin-bottom: 2rem">
-    <div class="container text-center">
-      <h2>
-        <u>${LOC:words.login}</u>
-      </h2>
-
-      <div class="row">
-        <div class="col"></div>
-
-        <div class="col">
-          <div class="appCard">
-            ?{LoggedIn:
-            <p>${LOC:html.login.already_logged_in}</p>
-
-            <ul>
-              <li><a href="${URL_BASE}">${LOC:words.frontpage}</a><br><br></li>
-              <li><a href="${URL_BASE}/settings">${LOC:words.settings}</a></li>
-              <li><a href="${URL_BASE}/logout">${LOC:words.logout}</a></li>
-            </ul>
-            ?:
-            <form onsubmit="submitUsername(event)" data-returnTo="${GET_ReturnTo_ENCODED}" method="GET">
-              <div class="form-group" id="form1">
-                <label for="mcName">${LOC:html.login.your_minecraft_name}</label>
-
-                <div class="input-group">
-                  <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fas fa-user" aria-hidden="true"></i></span>
-                  </div>
-
-                  <input type="text" class="form-control" id="mcName" name="mcName" placeholder="Username" required>
-                </div>
-              </div>
-
-              <div class="form-group animated slideInUp hidden" id="form2">
-                <hr>
-
-                <p>
-                  ${LOC:html.login.start_minecraft_and_connect}
-
-                  <button type="button" class="btn btn-sm btn-outline-info"
-                    onclick="copyToClipboard(this, '${MINECRAFT_HOST}')"
-                    aria-label="${LOC:html.login.click_to_copy_minecraft_host_to_clipboard}"><i class="far fa-clipboard"
-                      aria-hidden="true"></i></button>
-
-                  <br>
-                  ${LOC:html.login.kicked_with_code}
-                </p>
-
-                <label for="otp">${LOC:html.login.six_digit_code}</label>
-                <div class="input-group">
-                  <div class="input-group-prepend">
-                    <span class="input-group-text"><i class="fas fa-key" aria-hidden="true"></i></span>
-                  </div>
-
-                  <input type="text" class="form-control" id="otp" name="otp" placeholder="123 456" minlength="6"
-                    maxlength="7" autocomplete="off">
-                </div>
-              </div>
-
-              <hr>
-              <br>
-
-              <div class="form-group form-check">
-                <input type="checkbox" checked class="form-check-input" id="keepLogin" name="keepLogin">
-                <label class="form-check-label" for="keepLogin">${LOC:html.login.stay_logged_in}</label>
-              </div>
-
-              <button type="submit" class="btn btn-primary" id="submitBtn">${LOC:words.next} »</button>
-            </form>
-            ?}
-          </div>
-        </div>
-
-        <div class="col"></div>
-      </div>
-    </div>
-  </main>
-
-  ${HTML_FOOTER}
-</body>
-
-</html>
\ No newline at end of file
diff --git a/html/privacy.html b/html/privacy.html
deleted file mode 100644
index e920b9a..0000000
--- a/html/privacy.html
+++ /dev/null
@@ -1,166 +0,0 @@
-<!DOCTYPE html>
-<html lang="de" class="h-100">
-
-<head>
-  <meta charset="UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-
-  ${HTML_HEAD_TOP}
-
-  <title>Datenschutz | Mc-Auth.com</title>
-
-  ${HTML_HEAD_BOTTOM}
-</head>
-
-<body class="d-flex flex-column h-100 ?{DarkTheme:dark-body text-light?:?}">
-  ${HTML_HEADER}
-
-  <main style="margin-bottom: 2rem">
-    <div class="container text-center">
-      <h2>
-        <u>Datenschutzerklärung</u>
-      </h2>
-      <p>Die Betreiber dieser Seiten nehmen
-        den Schutz Ihrer pers&ouml;nlichen Daten sehr ernst. Wir behandeln Ihre personenbezogenen Daten
-        vertraulich und entsprechend der gesetzlichen Datenschutzvorschriften sowie dieser
-        Datenschutzerkl&auml;rung.</p>
-      <p>Die Nutzung unserer Website ist in der Regel ohne Angabe
-        personenbezogener Daten m&ouml;glich. Soweit auf unseren Seiten personenbezogene Daten
-        (beispielsweise Name, Anschrift oder E-Mail-Adressen) erhoben werden, erfolgt dies, soweit
-        m&ouml;glich, stets auf freiwilliger Basis. Diese Daten werden ohne Ihre ausdr&uuml;ckliche Zustimmung
-        nicht an Dritte weitergegeben.</p>
-      <p>Wir weisen darauf hin, dass die Daten&uuml;bertragung im Internet
-        (z.B. bei der Kommunikation per E-Mail) Sicherheitsl&uuml;cken aufweisen kann. Ein l&uuml;ckenloser
-        Schutz der Daten vor dem Zugriff durch Dritte ist nicht m&ouml;glich.</p>
-      <p>&nbsp;</p>
-      <h2>Cookies</h2>
-      <p>Die Internetseiten verwenden teilweise so genannte Cookies. Cookies richten auf
-        Ihrem Rechner keinen Schaden an und enthalten keine Viren. Cookies dienen dazu, unser Angebot
-        nutzerfreundlicher, effektiver und sicherer zu machen. Cookies sind kleine Textdateien, die auf Ihrem
-        Rechner abgelegt werden und die Ihr Browser speichert.</p>
-      <p>Die meisten der von uns verwendeten
-        Cookies sind so genannte „Session-Cookies“. Sie werden nach Ende Ihres Besuchs automatisch
-        gel&ouml;scht. Andere Cookies bleiben auf Ihrem Endger&auml;t gespeichert, bis Sie diese l&ouml;schen.
-        Diese Cookies erm&ouml;glichen es uns, Ihren Browser beim n&auml;chsten Besuch
-        wiederzuerkennen.</p>
-      <p>Sie k&ouml;nnen Ihren Browser so einstellen, dass Sie &uuml;ber das Setzen
-        von Cookies informiert werden und Cookies nur im Einzelfall erlauben, die Annahme von Cookies f&uuml;r
-        bestimmte F&auml;lle oder generell ausschlie&szlig;en sowie das automatische L&ouml;schen der
-        Cookies beim Schlie&szlig;en des Browser aktivieren. Bei der Deaktivierung von Cookies kann die
-        Funktionalit&auml;t dieser Website eingeschr&auml;nkt sein.</p>
-      <p>&nbsp;</p>
-      <h2>Server-Log-Files</h2>
-      <p>Der Provider der Seiten erhebt und speichert automatisch Informationen in so genannten
-        Server-Log Files, die Ihr Browser automatisch an uns &uuml;bermittelt. Dies sind:</p>
-      <ul>
-        <li>Browsertyp und Browserversion</li>
-        <li>verwendetes Betriebssystem</li>
-        <li>Referrer URL</li>
-        <li>Hostname des zugreifenden Rechners</li>
-        <li>Uhrzeit der Serveranfrage</li>
-      </ul>
-      <p>Diese Daten
-        sind nicht bestimmten Personen zuordenbar. Eine Zusammenf&uuml;hrung dieser Daten mit anderen
-        Datenquellen wird nicht vorgenommen. Wir behalten uns vor, diese Daten nachtr&auml;glich zu
-        pr&uuml;fen, wenn uns konkrete Anhaltspunkte f&uuml;r eine rechtswidrige Nutzung bekannt
-        werden.</p>
-      <p>&nbsp;</p>
-      <h2>Kontaktformular</h2>
-      <p>Wenn Sie uns per Kontaktformular Anfragen
-        zukommen lassen, werden Ihre Angaben aus dem Anfrageformular inklusive der von Ihnen dort
-        angegebenen Kontaktdaten zwecks Bearbeitung der Anfrage und f&uuml;r den Fall von Anschlussfragen
-        bei uns gespeichert. Diese Daten geben wir nicht ohne Ihre Einwilligung weiter.</p>
-      <p>&nbsp;</p>
-      <h2>Google Analytics</h2>
-      <p>Diese
-        Website nutzt Funktionen des Webanalysedienstes Google Analytics. Anbieter ist die Google Inc., 1600
-        Amphitheatre Parkway Mountain View, CA 94043, USA.</p>
-      <p>Google Analytics verwendet so genannte
-        &quot;Cookies&quot;. Das sind Textdateien, die auf Ihrem Computer gespeichert werden und die eine
-        Analyse der Benutzung der Website durch Sie erm&ouml;glichen. Die durch den Cookie erzeugten
-        Informationen &uuml;ber Ihre Benutzung dieser Website werden in der Regel an einen Server von Google
-        in den USA &uuml;bertragen und dort gespeichert.</p>
-      <p><strong>IP Anonymisierung</strong></p>
-      <p>Wir haben auf dieser Website die Funktion IP-Anonymisierung aktiviert. Dadurch wird Ihre IP-Adresse
-        von Google innerhalb von Mitgliedstaaten der Europ&auml;ischen Union oder in anderen Vertragsstaaten
-        des Abkommens &uuml;ber den Europ&auml;ischen Wirtschaftsraum vor der &Uuml;bermittlung in die
-        USA gek&uuml;rzt. Nur in Ausnahmef&auml;llen wird die volle IP-Adresse an einen Server von Google in
-        den USA &uuml;bertragen und dort gek&uuml;rzt. Im Auftrag des Betreibers dieser Website wird Google
-        diese Informationen benutzen, um Ihre Nutzung der Website auszuwerten, um Reports &uuml;ber die
-        Websiteaktivit&auml;ten zusammenzustellen und um weitere mit der Websitenutzung und der
-        Internetnutzung verbundene Dienstleistungen gegen&uuml;ber dem Websitebetreiber zu erbringen. Die im
-        Rahmen von Google Analytics von Ihrem Browser &uuml;bermittelte IP-Adresse wird nicht mit anderen
-        Daten von Google zusammengef&uuml;hrt.</p>
-      <p><strong>Browser Plugin</strong></p>
-      <p>Sie k&ouml;nnen die Speicherung der Cookies durch eine entsprechende Einstellung Ihrer Browser-Software
-        verhindern; wir weisen Sie jedoch darauf hin, dass Sie in diesem Fall gegebenenfalls nicht
-        s&auml;mtliche
-        Funktionen dieser Website vollumf&auml;nglich werden nutzen k&ouml;nnen. Sie k&ouml;nnen
-        dar&uuml;ber hinaus die Erfassung der durch den Cookie erzeugten und auf Ihre Nutzung der Website
-        bezogenen Daten (inkl. Ihrer IP-Adresse) an Google sowie die Verarbeitung dieser Daten durch Google
-        verhindern, indem Sie das unter dem folgenden Link verf&uuml;gbare Browser-Plugin herunterladen und
-        installieren: <a href="https://tools.google.com/dlpage/gaoptout?hl=de" target="_blank"
-          rel="noopener noreferrer">https://tools.google.com/dlpage/gaoptout?hl=de</a></p>
-      <p><strong>Widerspruch gegen Datenerfassung</strong></p>
-      <p>Mehr Informationen zum Umgang mit Nutzerdaten bei Google Analytics finden Sie in der
-        Datenschutzerkl&auml;rung von Google:
-        <a href="https://support.google.com/analytics/answer/6004245?hl=de" target="_blank"
-          rel="noopener noreferrer">https://support.google.com/analytics/answer/6004245?hl=de</a></p>
-      <p><strong>Auftragsdatenverarbeitung</strong></p>
-      <p>Wir haben mit Google einen Vertrag zur Auftragsdatenverarbeitung abgeschlossen und setzen die
-        strengen Vorgaben der deutschen Datenschutzbeh&ouml;rden bei der Nutzung von Google Analytics
-        vollst&auml;ndig um.</p>
-      <p><strong>Demografische Merkmale bei Google Analytics</strong></p>
-      <p>Diese Website nutzt die Funktion &ldquo;demografische Merkmale&rdquo; von Google Analytics.
-        Dadurch k&ouml;nnen Berichte erstellt werden, die Aussagen zu Alter, Geschlecht und Interessen der
-        Seitenbesucher enthalten. Diese Daten stammen aus interessenbezogener Werbung von Google sowie
-        aus Besucherdaten von Drittanbietern. Diese Daten k&ouml;nnen keiner bestimmten Person zugeordnet
-        werden. Sie k&ouml;nnen diese Funktion jederzeit &uuml;ber die Anzeigeneinstellungen in Ihrem Google-
-        Konto deaktivieren oder die Erfassung Ihrer Daten durch Google Analytics wie im Punkt
-        &ldquo;Widerspruch gegen Datenerfassung&rdquo; dargestellt generell untersagen.</p>
-      <p>&nbsp;</p>
-      <h2>Kommentarfunktion auf dieser Website</h2>
-      <p>F&uuml;r die Kommentarfunktion auf dieser Seite
-        werden neben Ihrem Kommentar auch Angaben zum Zeitpunkt der Erstellung des Kommentars, Ihre E-
-        Mail-Adresse und, wenn Sie nicht anonym posten, der von Ihnen gew&auml;hlte Nutzername
-        gespeichert.</p>
-      <p><strong>Speicherung der IP Adresse</strong></p>
-      <p>Unsere Kommentarfunktion speichert die IP-Adressen der Nutzer, die Kommentare verfassen. Da wir
-        Kommentare auf unserer Seite
-        nicht vor der Freischaltung pr&uuml;fen, ben&ouml;tigen wir diese Daten, um im Falle von
-        Rechtsverletzungen wie Beleidigungen oder Propaganda gegen den Verfasser vorgehen zu
-        k&ouml;nnen.</p>
-      <p>&nbsp;</p>
-      <h2>SSL-Verschl&uuml;sselung</h2>
-      <p>Diese Seite nutzt aus
-        Gr&uuml;nden der Sicherheit und zum Schutz der &Uuml;bertragung vertraulicher Inhalte, wie zum
-        Beispiel der Anfragen, die Sie an uns als Seitenbetreiber senden, eine SSL-Verschl&uuml;sselung. Eine
-        verschl&uuml;sselte Verbindung erkennen Sie daran, dass die Adresszeile des Browsers von
-        &quot;http://&quot; auf &quot;https://&quot; wechselt und an dem Schloss-Symbol in Ihrer
-        Browserzeile.</p>
-      <p>Wenn die SSL Verschl&uuml;sselung aktiviert ist, k&ouml;nnen die Daten, die Sie
-        an uns &uuml;bermitteln, nicht von Dritten mitgelesen werden.</p>
-      <p>&nbsp;</p>
-      <h2>Recht auf
-        Auskunft, L&ouml;schung, Sperrung</h2>
-      <p>Sie haben jederzeit das Recht auf unentgeltliche Auskunft
-        &uuml;ber Ihre gespeicherten personenbezogenen Daten, deren Herkunft und Empf&auml;nger und den
-        Zweck der Datenverarbeitung sowie ein Recht auf Berichtigung, Sperrung oder L&ouml;schung dieser
-        Daten. Hierzu sowie zu weiteren Fragen zum Thema personenbezogene Daten k&ouml;nnen Sie sich
-        jederzeit unter der im Impressum angegebenen Adresse an uns wenden.</p>
-      <p>&nbsp;</p>
-      <h2>Widerspruch Werbe-Mails</h2>
-      <p>Der Nutzung von im Rahmen der Impressumspflicht
-        ver&ouml;ffentlichten Kontaktdaten zur &Uuml;bersendung von nicht ausdr&uuml;cklich angeforderter
-        Werbung und Informationsmaterialien wird hiermit widersprochen. Die Betreiber der Seiten behalten sich
-        ausdr&uuml;cklich rechtliche Schritte im Falle der unverlangten Zusendung von Werbeinformationen, etwa
-        durch Spam-E-Mails, vor.</p>
-      <p>&nbsp;</p>
-      <p>Quelle: <a href="https://www.e-recht24.de" rel="noopener noreferrer">e-recht24.de</a></p>
-    </div>
-  </main>
-
-  ${HTML_FOOTER}
-</body>
-
-</html>
\ No newline at end of file
diff --git a/html/settings.html b/html/settings.html
deleted file mode 100644
index 3e3ee58..0000000
--- a/html/settings.html
+++ /dev/null
@@ -1,70 +0,0 @@
-<!DOCTYPE html>
-<html lang="en" class="h-100">
-
-<head>
-  <meta charset="UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-
-  ${HTML_HEAD_TOP}
-
-  <title>${LOC:words.settings} | Mc-Auth.com</title>
-
-  ${HTML_HEAD_BOTTOM}
-</head>
-
-<body class="d-flex flex-column h-100 ?{DarkTheme:dark-body text-light?:?}">
-  ${HTML_HEADER}
-
-  <main style="margin-bottom: 2rem">
-    <div class="container text-center">
-      <h2>
-        <u>${LOC:html.settings.your_applications_title}</u>
-      </h2>
-
-      <div class="row display-flex">
-        ?{HasApps:
-        <div class="col"></div>
-
-        <div class="col">
-          <div class="appCard">
-            <a href="${BASE_URL}/settings/$?{APP_ID}">
-              <div class="row">
-                <div class="col">
-                  <img src="$?{APP_ICON}" class="img-fluid" style="max-width: 128px; max-height: 128px;"
-                    alt="${LOC:html.authorize.app_logo}">
-                </div>
-
-                <div class="w-100"></div>
-
-                <div class="col">
-                  $?{APP_NAME}
-                </div>
-              </div>
-            </a>
-          </div>
-        </div>
-
-        <div class="col"></div>
-
-        <div class="w-100"></div>
-        ?:
-        <div class="col">
-          <strong>${LOC:html.settings.you_do_not_have_any_apps}</strong>
-        </div>
-
-        <div class="w-100"></div>
-        ?}
-
-        <div class="col">
-          <a href="${BASE_URL}/settings/create" class="btn btn-primary" role="button">
-            ${LOC:html.settings.create_app}
-          </a>
-        </div>
-      </div>
-    </div>
-  </main>
-
-  ${HTML_FOOTER}
-</body>
-
-</html>
\ No newline at end of file
diff --git a/html/settings_app.html b/html/settings_app.html
deleted file mode 100644
index 41b1205..0000000
--- a/html/settings_app.html
+++ /dev/null
@@ -1,168 +0,0 @@
-<!DOCTYPE html>
-<html lang="en" class="h-100">
-
-<head>
-  <meta charset="UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-
-  ${HTML_HEAD_TOP}
-
-  <title>${LOC:html.settings.manage_app} | Mc-Auth.com</title>
-
-  ${HTML_HEAD_BOTTOM}
-</head>
-
-<body class="d-flex flex-column h-100 ?{DarkTheme:dark-body text-light?:?}">
-  ${HTML_HEADER}
-
-  <script>
-    function startAppIconUpload(elem) {
-      const input = document.createElement('input');
-      input.type = 'file';
-
-      input.onchange = async (e) => {
-        const file = e.target.files[0];
-
-        if (file) {
-          const res = await fetch(`${BASE_URL}/uploads/new`, {
-            method: 'POST',
-            headers: { 'Content-Type': file.type },
-            body: file
-          });
-
-          const json = await res.json();
-
-          if (res.status === 201) {
-            console.log(`Stored at ` + res.headers.get('Location'));
-
-            document.getElementById('icon').value = json.id;
-            elem.src = res.headers.get('Location');
-
-            console.log('Upload succeeded:', json);
-          } else {
-            console.error('Upload failed:', json);
-          }
-        }
-      };
-
-      input.click();
-    }
-  </script>
-
-  <main style="margin-bottom: 2rem">
-    <div class="container-fluid text-center">
-      <h2>
-        <u>${LOC:html.settings.manage_app}</u>
-      </h2>
-
-      <div class="row">
-        <div class="col"></div>
-
-        <div class="col">
-          <div class="appCard">
-            <div class="row">
-              <div class="col">
-                <p>client_id</p>
-              </div>
-
-              <div class="col">
-                <p>client_secret</p>
-              </div>
-            </div>
-
-            <div class="row">
-              <div class="col">
-                <div class="row">
-                  <div class="col-auto">
-                    <p class="text-muted">${APP_ID}</p>
-                  </div>
-
-                  <div class="col-auto" style="padding-left: 0;">
-                    <button type="button" class="btn btn-sm btn-outline-info"
-                      onclick="copyToClipboard(this, '${APP_ID}')"><i class="far fa-clipboard"
-                        aria-hidden="true"></i></button>
-                  </div>
-                </div>
-              </div>
-
-              <div class="col">
-                <div class="row">
-                  <div class="col-auto">
-                    <p class="text-muted text-unrevealed" onclick="reveal(this, '${APP_SECRET}')">
-                      ${LOC:html.settings.click_to_show}</p>
-                  </div>
-
-                  <div class="col-auto" style="padding-left: 0;">
-                    <button type="button" class="btn btn-sm btn-outline-info"
-                      onclick="copyToClipboard(this, '${APP_SECRET}')"><i class="far fa-clipboard"
-                        aria-hidden="true"></i></button>
-                  </div>
-                </div>
-              </div>
-            </div>
-
-            <hr>
-
-            <p class="text-center">
-              ${LOC:html.settings.please_provide_exact_info}
-              <br>
-              ${LOC:html.settings.you_can_edit_at_any_time}
-            </p>
-
-            <form method="POST">
-              <input type="text" class="hidden" name="client_id" value="${APP_ID}" required>
-
-              <div>
-                <img src="${APP_ICON}" onclick="startAppIconUpload(this)" class="rounded mx-auto d-block"
-                  style="max-height: 128px; max-width: 128px;" alt="${LOC:html.authorize.app_logo}">
-                <input type="text" class="form-control hidden" id="icon" name="icon" value="${APP_ICON_ID}" required>
-                <p class="text-muted text-center">${LOC:html.settings.click_image_above_to_upload}</p>
-              </div>
-
-              <div class="form-group">
-                <label for="name">${LOC:words.name}<span class="text-danger">*</span></label>
-                <input type="text" class="form-control" id="name" name="name" value="${APP_NAME}" maxlength="128"
-                  data-remaining="nameRemain" oninput="updateRemainingChars(this)" required>
-                <small id="nameRemain"
-                  class="form-text text-muted text-left">${LOC:html.settings.max_length_128_characters}</small>
-              </div>
-
-              <div class="form-group">
-                <label for="desc">${LOC:words.description}</label>
-                <textarea rows="3" class="form-control" id="desc" name="desc" maxlength="512"
-                  data-remaining="descRemain" oninput="updateRemainingChars(this)">${APP_DESCRIPTION_RAW}</textarea>
-                <small id="descRemain"
-                  class="form-text text-muted text-left">${LOC:html.settings.max_length_512_characters}</small>
-              </div>
-
-              <div class="form-group">
-                <label for="redirect_uris">${LOC:html.settings.redirect_uris}</label>
-                <textarea rows="3" class="form-control" id="redirect_uris"
-                  name="redirect_uris">${APP_REDIRECT_URIs}</textarea>
-              </div>
-
-              <hr>
-
-              <div class="row">
-                <div class="col" style="padding-right: 6px">
-                  <a class="btn btn-danger float-right" href="${URL_BASE}/settings"
-                    role="button">${LOC:html.settings.return_to_settings}</a>
-                </div>
-
-                <div class="col" style="padding-left: 6px">
-                  <button type="submit" class="btn btn-success">${LOC:words.save_changes}</button>
-                </div>
-              </div>
-            </form>
-          </div>
-        </div>
-
-        <div class="col"></div>
-      </div>
-    </div>
-  </main>
-
-  ${HTML_FOOTER}
-</body>
-
-</html>
\ No newline at end of file
diff --git a/html/settings_create.html b/html/settings_create.html
deleted file mode 100644
index 09fc22c..0000000
--- a/html/settings_create.html
+++ /dev/null
@@ -1,69 +0,0 @@
-<!DOCTYPE html>
-<html lang="en" class="h-100">
-
-<head>
-  <meta charset="UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-
-  ${HTML_HEAD_TOP}
-
-  <title>${LOC:html.settings.create_app} | Mc-Auth.com</title>
-
-  ${HTML_HEAD_BOTTOM}
-
-  <script src="https://www.google.com/recaptcha/api.js" async defer></script>
-</head>
-
-<body class="d-flex flex-column h-100 ?{DarkTheme:dark-body text-light?:?}">
-  ${HTML_HEADER}
-
-  <main style="margin-bottom: 2rem">
-    <div class="container text-center">
-      <h2>
-        <u>${LOC:html.settings.create_app}</u>
-      </h2>
-
-      <div class="row">
-        <div class="col"></div>
-
-        <div class="col">
-          <div class="appCard">
-            <p>${LOC:html.settings.please_provide_exact_info}</p>
-            <p>${LOC:html.settings.you_can_edit_at_any_time}</p>
-
-            <form method="POST">
-
-              <div class="form-group">
-                <label for="name">${LOC:words.name}<span class="text-danger">*</span></label>
-                <input type="text" class="form-control" id="name" name="name" maxlength="128"
-                  data-remaining="nameRemain" oninput="updateRemainingChars(this)" required>
-                <small id="nameRemain"
-                  class="form-text text-muted text-left">${LOC:html.settings.max_length_128_characters}</small>
-              </div>
-
-              <div class="form-group">
-                <label for="desc">${LOC:words.description}</label>
-                <textarea rows="3" class="form-control" id="desc" name="desc" maxlength="512"
-                  data-remaining="descRemain" oninput="updateRemainingChars(this)"></textarea>
-                <small id="descRemain"
-                  class="form-text text-muted text-left">${LOC:html.settings.max_length_512_characters}</small>
-              </div>
-
-              <hr>
-              <div class="g-recaptcha" data-sitekey="${reCAPTCHA_public}"></div>
-              <hr>
-
-              <button type="submit" class="btn btn-primary" id="submitBtn">${LOC:words.create}</button>
-            </form>
-          </div>
-        </div>
-
-        <div class="col"></div>
-      </div>
-    </div>
-  </main>
-
-  ${HTML_FOOTER}
-</body>
-
-</html>
\ No newline at end of file
diff --git a/index.js b/index.js
deleted file mode 100644
index 9c84cb0..0000000
--- a/index.js
+++ /dev/null
@@ -1,158 +0,0 @@
-let cfg;
-let server;
-
-function shutdownHook() {
-  console.log('Shutting down...');
-
-  const ready = async () => {
-    try {
-      await require('./db/DB').pool.end();
-    } catch (ex) { }
-
-    process.exit();
-  };
-
-  server.close((err) => {
-    if (err && err.message != 'Server is not running.') console.error(err);
-
-    ready();
-  });
-}
-
-process.on('SIGTERM', shutdownHook);
-process.on('SIGINT', shutdownHook);
-process.on('SIGQUIT', shutdownHook);
-process.on('SIGHUP', shutdownHook);
-process.on('SIGUSR2', shutdownHook);  // The package 'nodemon' is using this signal
-
-initStorage(() => {
-  cfg = require('./storage/config.json');
-
-  server = require('http').createServer(require('./server'));
-  server.on('error', (err) => {
-    if (err.syscall !== 'listen') {
-      throw err;
-    }
-
-    switch (err.code) {
-      case 'EACCES':
-        console.error(
-          ((cfg.listen.usePath || process.env.UNIX_PATH) ? `path ${process.env.UNIX_PATH || cfg.listen.path}` : `port ${process.env.PORT || cfg.listen.port}`) +
-          ' requires elevated privileges'
-        );
-        return process.exit(1);
-      case 'EADDRINUSE':
-        console.error(
-          ((cfg.listen.usePath || process.env.UNIX_PATH) ? `path ${process.env.UNIX_PATH || cfg.listen.path}` : `port ${process.env.PORT || cfg.listen.port}`) +
-          ' is already in use'
-        );
-        return process.exit(1);
-      default:
-        throw err;
-    }
-  });
-
-  server.on('listening', () => {
-    console.log('Listening on ' +
-      ((cfg.listen.usePath || process.env.UNIX_PATH) ? `path ${process.env.UNIX_PATH || cfg.listen.path}` : `port ${process.env.PORT || cfg.listen.port}`)
-    );
-  });
-
-  if (cfg.listen.usePath || process.env.UNIX_PATH) {
-    const fs = require('fs');
-
-    const unixSocketPath = process.env.UNIX_PATH || cfg.listen.path,
-      unixSocketPIDPath = (process.env.UNIX_PATH || cfg.listen.path) + '.pid',
-      parentDir = require('path').dirname(unixSocketPath);
-
-    if (!fs.existsSync(parentDir)) {
-      fs.mkdirSync(parentDir, { recursive: true });
-    }
-
-    if (fs.existsSync(unixSocketPath)) {
-      let isRunning = false;
-      if (!fs.existsSync(unixSocketPIDPath) || !(isRunning = isProcessRunning(parseInt(fs.readFileSync(unixSocketPIDPath, 'utf-8'))))) {
-        fs.unlinkSync(unixSocketPath);
-      }
-
-      if (isRunning) {
-        console.error(`It looks like the process that created '${unixSocketPath}' is still running!`);
-        process.exit(1);
-      }
-    }
-
-    fs.writeFileSync(unixSocketPIDPath, process.pid);
-    server.listen(unixSocketPath);
-    fs.chmodSync(unixSocketPath, '0777');
-  } else {
-    server.listen(process.env.PORT || cfg.listen.port, process.env.HOST || cfg.listen.host);
-  }
-});
-
-async function initStorage(callback) {
-  const fs = require('fs');
-
-  if (!fs.existsSync('./storage/')) {
-    fs.mkdirSync('./storage/');
-  }
-
-  if (!fs.existsSync('./storage/config.json')) {
-    fs.writeFileSync('./storage/config.json', JSON.stringify(
-      {
-        listen: {
-          usePath: false,
-          path: './mcAuth.unixSocket',
-
-          host: '127.0.0.1',
-          port: 8091
-        },
-        trustProxy: false,
-        secureCookies: 'auto',
-        reCAPTCHA: {
-          public: '',
-          private: ''
-        }
-      }
-      , null, 4));
-
-    console.log('./storage/config.json has been created!');
-  }
-
-  if (!fs.existsSync('./storage/db.json')) {
-    fs.writeFileSync('./storage/db.json', JSON.stringify(
-      {
-        host: '127.0.0.1',
-        port: 5432,
-        user: 'mcAuth',
-        password: 's3cr3t!',
-        ssl: false,
-
-        database: 'mcAuth'
-      }
-      , null, 4));
-
-    console.log('./storage/db.json has been created!');
-  }
-
-  if (!fs.existsSync('./storage/misc.json')) {
-    fs.writeFileSync('./storage/misc.json', JSON.stringify(
-      {
-        CookieSecret: require('crypto').createHash('sha256').update(require('uuid').v4()).update(require('crypto').randomBytes(256)).digest('hex')
-      }
-      , null, 4));
-
-    console.log('./storage/misc.json has been created!');
-  }
-
-  if (callback) {
-    callback();
-  }
-}
-
-function isProcessRunning(pid) {
-  try {
-    return process.kill(pid, 0);
-  } catch (ex) {
-    return ex.code === 'EPERM';
-  }
-}
\ No newline at end of file
diff --git a/lang/arguments.json b/lang/arguments.json
deleted file mode 100644
index 8bce7a9..0000000
--- a/lang/arguments.json
+++ /dev/null
@@ -1,50 +0,0 @@
-[
-  {
-    "term": "html.index.how.content1",
-    "args": [
-      "<a href=\"${URL_DOCS}\">${LOC:words.documentation}</a>"
-    ]
-  },
-  {
-    "term": "html.index.how.step1",
-    "args": [
-      "<a href=\"${URL_BASE}/login\">${URL_BASE}/login</a>"
-    ]
-  },
-  {
-    "term": "html.index.how.step3",
-    "args": [
-      "${MINECRAFT_HOST}"
-    ]
-  },
-  {
-    "term": "html.header.logged_in_as",
-    "args": [
-      "${Minecraft_Username}"
-    ]
-  },
-  {
-    "term": "html.authorize.authorizing_app",
-    "args": [
-      "${APP_NAME}"
-    ]
-  },
-  {
-    "term": "html.authorize.app_wants_access_to",
-    "args": [
-      "<em>${APP_NAME}</em>"
-    ]
-  },
-  {
-    "term": "html.login.start_minecraft_and_connect",
-    "args": [
-      "<code>${MINECRAFT_HOST}</code>"
-    ]
-  },
-  {
-    "term": "html.authorize.login_request_from_app",
-    "args": [
-      "${APP_NAME}"
-    ]
-  }
-]
\ No newline at end of file
diff --git a/localization.js b/localization.js
deleted file mode 100644
index ce8122a..0000000
--- a/localization.js
+++ /dev/null
@@ -1,100 +0,0 @@
-const fs = require('fs');
-
-const defaultLang = 'en',
-  localizations = {},
-  termArguments = {};
-
-for (const fileName of fs.readdirSync('./lang')) {
-  if (fileName.endsWith('.json')) {
-    if (fileName == 'arguments.json') continue;
-
-    const lang = (localizations[fileName.substring(0, fileName.length - 5)] = {});
-
-    for (const obj of JSON.parse(fs.readFileSync(`./lang/${fileName}`, 'utf-8'))) {
-      if (!/^\+?([a-z0-9_\.]*)$/.test(obj.term)) {
-        console.error(`Term (${obj.term}) in './lang/${fileName}' contains invalid characters (allowed: a-z0-9_.)`);
-        continue;
-      }
-
-      if (lang[obj.term]) {
-        console.error(`Duplicate term (${obj.term}) in './lang/${fileName}'`);
-        continue;
-      }
-
-      lang[obj.term] = obj.definition;
-      Object.freeze(obj.definition);  // Protect from accidental modification
-    }
-
-    Object.freeze(lang);  // Protect from accidental modification
-  } else {
-    console.error(`Invalid file extension for './lang/${fileName}'`);
-  }
-}
-
-for (const obj of JSON.parse(fs.readFileSync('./lang/arguments.json', 'utf-8'))) {
-  if (!localizations[defaultLang][obj.term]) {
-    console.error(`Skipping Localization-Argument because term '${obj.term}' is unknown for defaultLang '${defaultLang}'!`);
-    continue;
-  }
-
-  termArguments[obj.term] = obj.args;
-  Object.freeze(obj.args);  // Protect from accidental modification
-}
-
-// Protect from accidental modification
-Object.freeze(localizations);
-Object.freeze(termArguments);
-
-if (!localizations[defaultLang]) {
-  console.error(`Could not find default localization './lang/${defaultLang}.json'`);
-  process.exit(3);
-}
-
-module.exports = {
-  defaultLang,
-
-  /**
-   * @param {String} strTerm 
-   * @param {String} langKey 
-   * @param {Number} amount 
-   * 
-   * @returns {String}
-   */
-  getString(strTerm, langKey = defaultLang, amount = 1) {
-    let result = (localizations[langKey] || localizations[defaultLang])[strTerm];
-
-    if (!result) {
-      result = localizations[defaultLang][strTerm];
-    }
-
-    if (typeof result == 'object') {
-      if (amount == 1 && result['one']) {
-        result = result['one'];
-      } else if (amount == 0 && result['zero']) {
-        result = result['zero'];
-      } else {
-        result = result['other'];
-      }
-    }
-
-    return typeof result == 'string' ? result : JSON.stringify(result);
-  },
-
-  /**
-   * @param {String} strTerm 
-   * 
-   * @returns {any[]}
-   */
-  getArguments(strTerm) {
-    return Array.from(termArguments[strTerm] || []);
-  },
-
-  /**
-   * @param {String} langKey 
-   * 
-   * @returns {Boolean}
-   */
-  isLanguageSupported(langKey) {
-    return langKey && typeof langKey == 'string' && langKey.length == 2 && localizations[langKey.toLowerCase()];
-  }
-};
\ No newline at end of file
diff --git a/package-lock.json b/package-lock.json
index 390bab1..cd272bc 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "mc-auth-web",
-  "version": "0.1.0",
+  "version": "2.0.0",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
@@ -17,16 +17,145 @@
         "defer-to-connect": "^1.0.1"
       }
     },
+    "@types/body-parser": {
+      "version": "1.19.0",
+      "resolved": "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.0.tgz",
+      "integrity": "sha512-W98JrE0j2K78swW4ukqMleo8R7h/pFETjM2DQ90MF6XK2i4LO4W3gQ71Lt4w3bfm2EvVSyWHplECvB5sK22yFQ==",
+      "dev": true,
+      "requires": {
+        "@types/connect": "*",
+        "@types/node": "*"
+      }
+    },
+    "@types/caseless": {
+      "version": "0.12.2",
+      "resolved": "https://registry.npmjs.org/@types/caseless/-/caseless-0.12.2.tgz",
+      "integrity": "sha512-6ckxMjBBD8URvjB6J3NcnuAn5Pkl7t3TizAg+xdlzzQGSPSmBcXf8KoIH0ua/i+tio+ZRUHEXp0HEmvaR4kt0w==",
+      "dev": true
+    },
     "@types/color-name": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/@types/color-name/-/color-name-1.1.1.tgz",
       "integrity": "sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ=="
     },
+    "@types/connect": {
+      "version": "3.4.33",
+      "resolved": "https://registry.npmjs.org/@types/connect/-/connect-3.4.33.tgz",
+      "integrity": "sha512-2+FrkXY4zllzTNfJth7jOqEHC+enpLeGslEhpnTAkg21GkRrWV4SsAtqchtT4YS9/nODBU2/ZfsBY2X4J/dX7A==",
+      "dev": true,
+      "requires": {
+        "@types/node": "*"
+      }
+    },
+    "@types/connect-pg-simple": {
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/@types/connect-pg-simple/-/connect-pg-simple-4.2.0.tgz",
+      "integrity": "sha512-Y+ptWW6q6Ll92Y0Zbqb+YiPIUd5ldNsovZJ22Oy5wc4tyl0QVqXPx+ksYCrMgUINXeBDQxJi7HcZ5iATZ62x8A==",
+      "dev": true,
+      "requires": {
+        "@types/express": "*",
+        "@types/express-session": "*",
+        "@types/pg": "*"
+      }
+    },
+    "@types/cookie-parser": {
+      "version": "1.4.2",
+      "resolved": "https://registry.npmjs.org/@types/cookie-parser/-/cookie-parser-1.4.2.tgz",
+      "integrity": "sha512-uwcY8m6SDQqciHsqcKDGbo10GdasYsPCYkH3hVegj9qAah6pX5HivOnOuI3WYmyQMnOATV39zv/Ybs0bC/6iVg==",
+      "dev": true,
+      "requires": {
+        "@types/express": "*"
+      }
+    },
+    "@types/cookiejar": {
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/@types/cookiejar/-/cookiejar-2.1.1.tgz",
+      "integrity": "sha512-aRnpPa7ysx3aNW60hTiCtLHlQaIFsXFCgQlpakNgDNVFzbtusSY8PwjAQgRWfSk0ekNoBjO51eQRB6upA9uuyw==",
+      "dev": true
+    },
+    "@types/ejs": {
+      "version": "3.0.4",
+      "resolved": "https://registry.npmjs.org/@types/ejs/-/ejs-3.0.4.tgz",
+      "integrity": "sha512-ZxnwyBGO4KX/82AsFHTX82eMw0PsoBcIngEat+zx0y+3yxoNDJucAihg9nAcrc+g4Cwiv/4WcWsX4oiy0ySrRQ==",
+      "dev": true
+    },
+    "@types/express": {
+      "version": "4.17.7",
+      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.17.7.tgz",
+      "integrity": "sha512-dCOT5lcmV/uC2J9k0rPafATeeyz+99xTt54ReX11/LObZgfzJqZNcW27zGhYyX+9iSEGXGt5qLPwRSvBZcLvtQ==",
+      "dev": true,
+      "requires": {
+        "@types/body-parser": "*",
+        "@types/express-serve-static-core": "*",
+        "@types/qs": "*",
+        "@types/serve-static": "*"
+      }
+    },
+    "@types/express-serve-static-core": {
+      "version": "4.17.9",
+      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.9.tgz",
+      "integrity": "sha512-DG0BYg6yO+ePW+XoDENYz8zhNGC3jDDEpComMYn7WJc4mY1Us8Rw9ax2YhJXxpyk2SF47PQAoQ0YyVT1a0bEkA==",
+      "dev": true,
+      "requires": {
+        "@types/node": "*",
+        "@types/qs": "*",
+        "@types/range-parser": "*"
+      }
+    },
+    "@types/express-session": {
+      "version": "1.17.0",
+      "resolved": "https://registry.npmjs.org/@types/express-session/-/express-session-1.17.0.tgz",
+      "integrity": "sha512-OQEHeBFE1UhChVIBhRh9qElHUvTp4BzKKHxMDkGHT7WuYk5eL93hPG7D8YAIkoBSbhNEY0RjreF15zn+U0eLjA==",
+      "dev": true,
+      "requires": {
+        "@types/express": "*",
+        "@types/node": "*"
+      }
+    },
+    "@types/jsonwebtoken": {
+      "version": "8.5.0",
+      "resolved": "https://registry.npmjs.org/@types/jsonwebtoken/-/jsonwebtoken-8.5.0.tgz",
+      "integrity": "sha512-9bVao7LvyorRGZCw0VmH/dr7Og+NdjYSsKAxB43OQoComFbBgsEpoR9JW6+qSq/ogwVBg8GI2MfAlk4SYI4OLg==",
+      "dev": true,
+      "requires": {
+        "@types/node": "*"
+      }
+    },
+    "@types/mime": {
+      "version": "2.0.3",
+      "resolved": "https://registry.npmjs.org/@types/mime/-/mime-2.0.3.tgz",
+      "integrity": "sha512-Jus9s4CDbqwocc5pOAnh8ShfrnMcPHuJYzVcSUU7lrh8Ni5HuIqX3oilL86p3dlTrk0LzHRCgA/GQ7uNCw6l2Q==",
+      "dev": true
+    },
+    "@types/morgan": {
+      "version": "1.9.1",
+      "resolved": "https://registry.npmjs.org/@types/morgan/-/morgan-1.9.1.tgz",
+      "integrity": "sha512-2j5IKrgJpEP6xw/uiVb2Xfga0W0sSVD9JP9t7EZLvpBENdB0OKgcnoKS8IsjNeNnZ/86robdZ61Orl0QCFGOXg==",
+      "dev": true,
+      "requires": {
+        "@types/node": "*"
+      }
+    },
     "@types/node": {
       "version": "14.0.27",
       "resolved": "https://registry.npmjs.org/@types/node/-/node-14.0.27.tgz",
       "integrity": "sha512-kVrqXhbclHNHGu9ztnAwSncIgJv/FaxmzXJvGXNdcCpV1b8u1/Mi6z6m0vwy0LzKeXFTPLH0NzwmoJ3fNCIq0g=="
     },
+    "@types/nodemailer": {
+      "version": "6.4.0",
+      "resolved": "https://registry.npmjs.org/@types/nodemailer/-/nodemailer-6.4.0.tgz",
+      "integrity": "sha512-KY7bFWB0MahRZvVW4CuW83qcCDny59pJJ0MQ5ifvfcjNwPlIT0vW4uARO4u1gtkYnWdhSvURegecY/tzcukJcA==",
+      "dev": true,
+      "requires": {
+        "@types/node": "*"
+      }
+    },
+    "@types/object-assign-deep": {
+      "version": "0.4.0",
+      "resolved": "https://registry.npmjs.org/@types/object-assign-deep/-/object-assign-deep-0.4.0.tgz",
+      "integrity": "sha512-3D0F3rHRNDc8cQSXNzwF1jBrJi28Mdrhc10ZLlqbJWDPYRWTTWB9Tc8JoKrgBvLKioXoPoHT6Uzf3s2F7akCUg==",
+      "dev": true
+    },
     "@types/pg": {
       "version": "7.14.4",
       "resolved": "https://registry.npmjs.org/@types/pg/-/pg-7.14.4.tgz",
@@ -41,6 +170,78 @@
       "resolved": "https://registry.npmjs.org/@types/pg-types/-/pg-types-1.11.5.tgz",
       "integrity": "sha512-L8ogeT6vDzT1vxlW3KITTCt+BVXXVkLXfZ/XNm6UqbcJgxf+KPO7yjWx7dQQE8RW07KopL10x2gNMs41+IkMGQ=="
     },
+    "@types/qs": {
+      "version": "6.9.4",
+      "resolved": "https://registry.npmjs.org/@types/qs/-/qs-6.9.4.tgz",
+      "integrity": "sha512-+wYo+L6ZF6BMoEjtf8zB2esQsqdV6WsjRK/GP9WOgLPrq87PbNWgIxS76dS5uvl/QXtHGakZmwTznIfcPXcKlQ==",
+      "dev": true
+    },
+    "@types/range-parser": {
+      "version": "1.2.3",
+      "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.3.tgz",
+      "integrity": "sha512-ewFXqrQHlFsgc09MK5jP5iR7vumV/BYayNC6PgJO2LPe8vrnNFyjQjSppfEngITi0qvfKtzFvgKymGheFM9UOA==",
+      "dev": true
+    },
+    "@types/request": {
+      "version": "2.48.5",
+      "resolved": "https://registry.npmjs.org/@types/request/-/request-2.48.5.tgz",
+      "integrity": "sha512-/LO7xRVnL3DxJ1WkPGDQrp4VTV1reX9RkC85mJ+Qzykj2Bdw+mG15aAfDahc76HtknjzE16SX/Yddn6MxVbmGQ==",
+      "dev": true,
+      "requires": {
+        "@types/caseless": "*",
+        "@types/node": "*",
+        "@types/tough-cookie": "*",
+        "form-data": "^2.5.0"
+      },
+      "dependencies": {
+        "form-data": {
+          "version": "2.5.1",
+          "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.5.1.tgz",
+          "integrity": "sha512-m21N3WOmEEURgk6B9GLOE4RuWOFf28Lhh9qGYeNlGq4VDXUlJy2th2slBNU8Gp8EzloYZOibZJ7t5ecIrFSjVA==",
+          "dev": true,
+          "requires": {
+            "asynckit": "^0.4.0",
+            "combined-stream": "^1.0.6",
+            "mime-types": "^2.1.12"
+          }
+        }
+      }
+    },
+    "@types/serve-static": {
+      "version": "1.13.5",
+      "resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.13.5.tgz",
+      "integrity": "sha512-6M64P58N+OXjU432WoLLBQxbA0LRGBCRm7aAGQJ+SMC1IMl0dgRVi9EFfoDcS2a7Xogygk/eGN94CfwU9UF7UQ==",
+      "dev": true,
+      "requires": {
+        "@types/express-serve-static-core": "*",
+        "@types/mime": "*"
+      }
+    },
+    "@types/sharp": {
+      "version": "0.25.1",
+      "resolved": "https://registry.npmjs.org/@types/sharp/-/sharp-0.25.1.tgz",
+      "integrity": "sha512-qv9kr1RIad4nZIiIEizjoQyY9VwjwKsl7nJ8LLWHko5SZm/0+/A8ila05YQpKp8BERHxpC+i8Vr8oYyhJtlQBQ==",
+      "dev": true,
+      "requires": {
+        "@types/node": "*"
+      }
+    },
+    "@types/superagent": {
+      "version": "4.1.9",
+      "resolved": "https://registry.npmjs.org/@types/superagent/-/superagent-4.1.9.tgz",
+      "integrity": "sha512-gpIC0p49YHT4VYDbdl0fKjOMWBurJFfYtKUIxOHzOwBtu5VT29FyldFI2vbmZ1K2iH2vS6MVcJZMjHM+652l4Q==",
+      "dev": true,
+      "requires": {
+        "@types/cookiejar": "*",
+        "@types/node": "*"
+      }
+    },
+    "@types/tough-cookie": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/@types/tough-cookie/-/tough-cookie-4.0.0.tgz",
+      "integrity": "sha512-I99sngh224D0M7XgW1s120zxCt3VYQ3IQsuw3P3jbq5GG4yc79+ZjyKznyOGIQrflfylLgcfekeZW/vk0yng6A==",
+      "dev": true
+    },
     "abbrev": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz",
@@ -56,9 +257,9 @@
       }
     },
     "ajv": {
-      "version": "6.11.0",
-      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.11.0.tgz",
-      "integrity": "sha512-nCprB/0syFYy9fVYU1ox1l2KN8S9I+tziH8D4zdZuLT3N6RMlGSGt5FSTpAiHB/Whv8Qs1cWHma1aMKZyaHRKA==",
+      "version": "6.12.3",
+      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.3.tgz",
+      "integrity": "sha512-4K0cK3L1hsqk9xIb2z9vs/XU+PGJZ9PNpJRDS9YLzmNdX6jmVPfamLvTJr0aDAusnHyCHO6MjzlkAsgtqp9teA==",
       "requires": {
         "fast-deep-equal": "^3.1.1",
         "fast-json-stable-stringify": "^2.0.0",
@@ -74,11 +275,6 @@
         "string-width": "^3.0.0"
       },
       "dependencies": {
-        "ansi-regex": {
-          "version": "4.1.0",
-          "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz",
-          "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg=="
-        },
         "string-width": {
           "version": "3.1.0",
           "resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz",
@@ -88,21 +284,13 @@
             "is-fullwidth-code-point": "^2.0.0",
             "strip-ansi": "^5.1.0"
           }
-        },
-        "strip-ansi": {
-          "version": "5.2.0",
-          "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz",
-          "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==",
-          "requires": {
-            "ansi-regex": "^4.1.0"
-          }
         }
       }
     },
     "ansi-regex": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz",
-      "integrity": "sha1-w7M6te42DYbg5ijwRorn7yfWVN8="
+      "version": "4.1.0",
+      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz",
+      "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg=="
     },
     "ansi-styles": {
       "version": "4.2.1",
@@ -111,21 +299,6 @@
       "requires": {
         "@types/color-name": "^1.1.1",
         "color-convert": "^2.0.1"
-      },
-      "dependencies": {
-        "color-convert": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
-          "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==",
-          "requires": {
-            "color-name": "~1.1.4"
-          }
-        },
-        "color-name": {
-          "version": "1.1.4",
-          "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
-          "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA=="
-        }
       }
     },
     "anymatch": {
@@ -151,6 +324,12 @@
         "readable-stream": "^2.0.6"
       }
     },
+    "arg": {
+      "version": "4.1.3",
+      "resolved": "https://registry.npmjs.org/arg/-/arg-4.1.3.tgz",
+      "integrity": "sha512-58S9QDqG0Xx27YwPSt9fJxivjYl432YCwfDMfZ+71RAqUrZef7LrKQZ3LHLOwCS4FLNBplP533Zx895SeOCHvA==",
+      "dev": true
+    },
     "array-flatten": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz",
@@ -169,6 +348,11 @@
       "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz",
       "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU="
     },
+    "async": {
+      "version": "0.9.2",
+      "resolved": "https://registry.npmjs.org/async/-/async-0.9.2.tgz",
+      "integrity": "sha1-rqdNXmHB+JlhO/ZL2mbUx48v0X0="
+    },
     "asynckit": {
       "version": "0.4.0",
       "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz",
@@ -180,9 +364,9 @@
       "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg="
     },
     "aws4": {
-      "version": "1.9.1",
-      "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.9.1.tgz",
-      "integrity": "sha512-wMHVg2EOHaMRxbzgFJ9gtjOOCrI80OHLG14rxi28XwOW8ux6IiEbRCGGGqCtdAIg4FQCbW20k9RsT4y3gJlFug=="
+      "version": "1.10.0",
+      "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.10.0.tgz",
+      "integrity": "sha512-3YDiu347mtVtjpyV3u5kVqQLP242c06zwDOgpeRnybmXlYYsLbtTrUBUm8i8srONt+FWobl5aibnU1030PeeuA=="
     },
     "balanced-match": {
       "version": "1.0.0",
@@ -211,9 +395,9 @@
       }
     },
     "binary-extensions": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.0.0.tgz",
-      "integrity": "sha512-Phlt0plgpIIBOGTT/ehfFnbNlfsDEiqmzE2KRXoX1bLIlir4X/MR+zSyBEkL05ffWgnRSf/DXv+WrUAVr93/ow=="
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.1.0.tgz",
+      "integrity": "sha512-1Yj8h9Q+QDF5FzhMs/c9+6UntbD5MkRfRwac8DoEm9ZfUBZ7tZ55YcGVAzEe4bXsdQHEk+s9S5wsOKVdZrw0tQ=="
     },
     "bl": {
       "version": "4.0.3",
@@ -272,41 +456,6 @@
         "term-size": "^2.1.0",
         "type-fest": "^0.8.1",
         "widest-line": "^3.1.0"
-      },
-      "dependencies": {
-        "ansi-regex": {
-          "version": "5.0.0",
-          "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz",
-          "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg=="
-        },
-        "emoji-regex": {
-          "version": "8.0.0",
-          "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz",
-          "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A=="
-        },
-        "is-fullwidth-code-point": {
-          "version": "3.0.0",
-          "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz",
-          "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg=="
-        },
-        "string-width": {
-          "version": "4.2.0",
-          "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.0.tgz",
-          "integrity": "sha512-zUz5JD+tgqtuDjMhwIg5uFVV3dtqZ9yQJlZVfq4I01/K5Paj5UHj7VyrQOJvzawSVlKpObApbfD0Ed6yJc+1eg==",
-          "requires": {
-            "emoji-regex": "^8.0.0",
-            "is-fullwidth-code-point": "^3.0.0",
-            "strip-ansi": "^6.0.0"
-          }
-        },
-        "strip-ansi": {
-          "version": "6.0.0",
-          "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz",
-          "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==",
-          "requires": {
-            "ansi-regex": "^5.0.0"
-          }
-        }
       }
     },
     "brace-expansion": {
@@ -335,6 +484,17 @@
         "ieee754": "^1.1.4"
       }
     },
+    "buffer-equal-constant-time": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz",
+      "integrity": "sha1-+OcRMvf/5uAaXJaXpMbz5I1cyBk="
+    },
+    "buffer-from": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.1.tgz",
+      "integrity": "sha512-MQcXEUbCKtEo7bhqEs6560Hyd4XaovZlO/k9V3hjVUF/zwW7KBVdSK4gIt/bzwS9MbR5qob+F5jusZsb0YQK2A==",
+      "dev": true
+    },
     "buffer-writer": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/buffer-writer/-/buffer-writer-2.0.0.tgz",
@@ -409,9 +569,9 @@
       }
     },
     "chokidar": {
-      "version": "3.4.0",
-      "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.4.0.tgz",
-      "integrity": "sha512-aXAaho2VJtisB/1fg1+3nlLJqGOuewTzQpd/Tz0yTg2R0e4IGtshYvtjowyEumcBv2z+y4+kc75Mz7j5xJskcQ==",
+      "version": "3.4.2",
+      "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.4.2.tgz",
+      "integrity": "sha512-IZHaDeBeI+sZJRX7lGcXsdzgvZqKv6sECqsbErJA4mHWfpRrD8B97kSFN4cQz6nGBGiuFia1MKR4d6c1o8Cv7A==",
       "requires": {
         "anymatch": "~3.1.1",
         "braces": "~3.0.2",
@@ -449,13 +609,6 @@
       "integrity": "sha1-0dyXOSAxTfZ/vrlCI7TuNQI56Ws=",
       "requires": {
         "mimic-response": "^1.0.0"
-      },
-      "dependencies": {
-        "mimic-response": {
-          "version": "1.0.1",
-          "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-1.0.1.tgz",
-          "integrity": "sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ=="
-        }
       }
     },
     "code-point-at": {
@@ -470,20 +623,35 @@
       "requires": {
         "color-convert": "^1.9.1",
         "color-string": "^1.5.2"
+      },
+      "dependencies": {
+        "color-convert": {
+          "version": "1.9.3",
+          "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
+          "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
+          "requires": {
+            "color-name": "1.1.3"
+          }
+        },
+        "color-name": {
+          "version": "1.1.3",
+          "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
+          "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
+        }
       }
     },
     "color-convert": {
-      "version": "1.9.3",
-      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
-      "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-2.0.1.tgz",
+      "integrity": "sha512-RRECPsj7iu/xb5oKYcsFHSppFNnsj/52OVTRKb4zP5onXwVF3zVmmToNcOfGC+CRDpfK/U584fMg38ZHCaElKQ==",
       "requires": {
-        "color-name": "1.1.3"
+        "color-name": "~1.1.4"
       }
     },
     "color-name": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
-      "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
+      "version": "1.1.4",
+      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.4.tgz",
+      "integrity": "sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA=="
     },
     "color-string": {
       "version": "1.5.3",
@@ -502,6 +670,11 @@
         "delayed-stream": "~1.0.0"
       }
     },
+    "component-emitter": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.3.0.tgz",
+      "integrity": "sha512-Rd3se6QB+sO1TwqZjscQrurpEPIfO0/yYnSin6Q/rD3mOutHvUrCAhJub3r90uNb+SESBuE0QYoB90YdfatsRg=="
+    },
     "concat-map": {
       "version": "0.0.1",
       "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
@@ -521,9 +694,9 @@
       }
     },
     "connect-pg-simple": {
-      "version": "6.2.0",
-      "resolved": "https://registry.npmjs.org/connect-pg-simple/-/connect-pg-simple-6.2.0.tgz",
-      "integrity": "sha512-7I/X3JgXwpqpjfx5rgzZgXZhzgWaBOkmRNdOuBYYYEu1PGnNq3O7M61E5njOG+e+QKM6q59gVFx8715oz/dVJQ==",
+      "version": "6.2.1",
+      "resolved": "https://registry.npmjs.org/connect-pg-simple/-/connect-pg-simple-6.2.1.tgz",
+      "integrity": "sha512-bwDp/gKyRtyz0V5Vxy3SATSxItWBK/wDhaacncC79+q1B1VB8SQ49AlVaQCM+XxmIO29cWX4cvsFj65mD2qrzA==",
       "requires": {
         "@types/pg": "^7.14.4",
         "pg": "^8.2.1"
@@ -566,11 +739,36 @@
       "resolved": "https://registry.npmjs.org/cookie-signature/-/cookie-signature-1.0.6.tgz",
       "integrity": "sha1-4wOogrNCzD7oylE6eZmXNNqzriw="
     },
+    "cookiejar": {
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/cookiejar/-/cookiejar-2.1.2.tgz",
+      "integrity": "sha512-Mw+adcfzPxcPeI+0WlvRrr/3lGVO0bD75SxX6811cxSh1Wbxx7xZBGK1eVtDf6si8rg2lhnUjsVLMFMfbRIuwA=="
+    },
     "core-util-is": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz",
       "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac="
     },
+    "cross-env": {
+      "version": "7.0.2",
+      "resolved": "https://registry.npmjs.org/cross-env/-/cross-env-7.0.2.tgz",
+      "integrity": "sha512-KZP/bMEOJEDCkDQAyRhu3RL2ZO/SUVrxQVI0G3YEQ+OLbRA3c6zgixe8Mq8a/z7+HKlNEjo8oiLUs8iRijY2Rw==",
+      "dev": true,
+      "requires": {
+        "cross-spawn": "^7.0.1"
+      }
+    },
+    "cross-spawn": {
+      "version": "7.0.3",
+      "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz",
+      "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==",
+      "dev": true,
+      "requires": {
+        "path-key": "^3.1.0",
+        "shebang-command": "^2.0.0",
+        "which": "^2.0.1"
+      }
+    },
     "crypto-random-string": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/crypto-random-string/-/crypto-random-string-2.0.0.tgz",
@@ -593,11 +791,11 @@
       }
     },
     "decompress-response": {
-      "version": "4.2.1",
-      "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-4.2.1.tgz",
-      "integrity": "sha512-jOSne2qbyE+/r8G1VU+G/82LBs2Fs4LAsTiLSHOCOMZQl2OKZ6i8i4IyHemTe+/yIXOtTcRQMzPcgyhoFlqPkw==",
+      "version": "3.3.0",
+      "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-3.3.0.tgz",
+      "integrity": "sha1-gKTdMjdIOEv6JICDYirt7Jgq3/M=",
       "requires": {
-        "mimic-response": "^2.0.0"
+        "mimic-response": "^1.0.0"
       }
     },
     "deep-extend": {
@@ -635,6 +833,12 @@
       "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-1.0.3.tgz",
       "integrity": "sha1-+hN8S9aY7fVc1c0CrFWfkaTEups="
     },
+    "diff": {
+      "version": "4.0.2",
+      "resolved": "https://registry.npmjs.org/diff/-/diff-4.0.2.tgz",
+      "integrity": "sha512-58lmxKSA4BNyLz+HHMUzlOEpg09FV+ev6ZMe3vJihgdxzgcwZ8VoEEPmALCZG9LmqfVoNMMKpttIYTVG6uDY7A==",
+      "dev": true
+    },
     "dot-prop": {
       "version": "5.2.0",
       "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-5.2.0.tgz",
@@ -657,11 +861,27 @@
         "safer-buffer": "^2.1.0"
       }
     },
+    "ecdsa-sig-formatter": {
+      "version": "1.0.11",
+      "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz",
+      "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==",
+      "requires": {
+        "safe-buffer": "^5.0.1"
+      }
+    },
     "ee-first": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz",
       "integrity": "sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0="
     },
+    "ejs": {
+      "version": "3.1.5",
+      "resolved": "https://registry.npmjs.org/ejs/-/ejs-3.1.5.tgz",
+      "integrity": "sha512-dldq3ZfFtgVTJMLjOe+/3sROTzALlL9E34V4/sDtUd/KlBSS0s6U1/+WPE1B4sj9CXHJpL1M6rhNJnc9Wbal9w==",
+      "requires": {
+        "jake": "^10.6.1"
+      }
+    },
     "emoji-regex": {
       "version": "7.0.3",
       "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-7.0.3.tgz",
@@ -690,6 +910,11 @@
       "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz",
       "integrity": "sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg="
     },
+    "escape-string-regexp": {
+      "version": "1.0.5",
+      "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
+      "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ="
+    },
     "etag": {
       "version": "1.8.1",
       "resolved": "https://registry.npmjs.org/etag/-/etag-1.8.1.tgz",
@@ -775,15 +1000,28 @@
       "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU="
     },
     "fast-deep-equal": {
-      "version": "3.1.1",
-      "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.1.tgz",
-      "integrity": "sha512-8UEa58QDLauDNfpbrX55Q9jrGHThw2ZMdOky5Gl1CDtVeJDPVrG4Jxx1N8jw2gkWaff5UUuX1KJd+9zGe2B+ZA=="
+      "version": "3.1.3",
+      "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz",
+      "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q=="
     },
     "fast-json-stable-stringify": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz",
       "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw=="
     },
+    "fast-safe-stringify": {
+      "version": "2.0.7",
+      "resolved": "https://registry.npmjs.org/fast-safe-stringify/-/fast-safe-stringify-2.0.7.tgz",
+      "integrity": "sha512-Utm6CdzT+6xsDk2m8S6uL8VHxNwI6Jub+e9NYTcAms28T84pTa25GJQV9j0CY0N1rM8hK4x6grpF2BQf+2qwVA=="
+    },
+    "filelist": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/filelist/-/filelist-1.0.1.tgz",
+      "integrity": "sha512-8zSK6Nu0DQIC08mUC46sWGXi+q3GGpKydAG36k+JDba6VRpkevvOWUW5a/PhShij4+vHT9M+ghgG7eM+a9JDUQ==",
+      "requires": {
+        "minimatch": "^3.0.4"
+      }
+    },
     "fill-range": {
       "version": "7.0.1",
       "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
@@ -821,6 +1059,11 @@
         "mime-types": "^2.1.12"
       }
     },
+    "formidable": {
+      "version": "1.2.2",
+      "resolved": "https://registry.npmjs.org/formidable/-/formidable-1.2.2.tgz",
+      "integrity": "sha512-V8gLm+41I/8kguQ4/o1D3RIHRmhYFG4pnNyonvua+40rqcEmT4+V71yaZ3B457xbbgCsCfjSPi65u/W6vK1U5Q=="
+    },
     "forwarded": {
       "version": "0.1.2",
       "resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.1.2.tgz",
@@ -855,6 +1098,39 @@
         "string-width": "^1.0.1",
         "strip-ansi": "^3.0.1",
         "wide-align": "^1.1.0"
+      },
+      "dependencies": {
+        "ansi-regex": {
+          "version": "2.1.1",
+          "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz",
+          "integrity": "sha1-w7M6te42DYbg5ijwRorn7yfWVN8="
+        },
+        "is-fullwidth-code-point": {
+          "version": "1.0.0",
+          "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz",
+          "integrity": "sha1-754xOG8DGn8NZDr4L95QxFfvAMs=",
+          "requires": {
+            "number-is-nan": "^1.0.0"
+          }
+        },
+        "string-width": {
+          "version": "1.0.2",
+          "resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz",
+          "integrity": "sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M=",
+          "requires": {
+            "code-point-at": "^1.0.0",
+            "is-fullwidth-code-point": "^1.0.0",
+            "strip-ansi": "^3.0.0"
+          }
+        },
+        "strip-ansi": {
+          "version": "3.0.1",
+          "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz",
+          "integrity": "sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8=",
+          "requires": {
+            "ansi-regex": "^2.0.0"
+          }
+        }
       }
     },
     "get-stream": {
@@ -910,21 +1186,6 @@
         "p-cancelable": "^1.0.0",
         "to-readable-stream": "^1.0.0",
         "url-parse-lax": "^3.0.0"
-      },
-      "dependencies": {
-        "decompress-response": {
-          "version": "3.3.0",
-          "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-3.3.0.tgz",
-          "integrity": "sha1-gKTdMjdIOEv6JICDYirt7Jgq3/M=",
-          "requires": {
-            "mimic-response": "^1.0.0"
-          }
-        },
-        "mimic-response": {
-          "version": "1.0.1",
-          "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-1.0.1.tgz",
-          "integrity": "sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ=="
-        }
       }
     },
     "graceful-fs": {
@@ -938,11 +1199,11 @@
       "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI="
     },
     "har-validator": {
-      "version": "5.1.3",
-      "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.3.tgz",
-      "integrity": "sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==",
+      "version": "5.1.5",
+      "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz",
+      "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==",
       "requires": {
-        "ajv": "^6.5.5",
+        "ajv": "^6.12.3",
         "har-schema": "^2.0.0"
       }
     },
@@ -1027,9 +1288,9 @@
       "integrity": "sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw=="
     },
     "ipaddr.js": {
-      "version": "1.9.0",
-      "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.0.tgz",
-      "integrity": "sha512-M4Sjn6N/+O6/IXSJseKqHoFc+5FdGJ22sXqnjTpdZweHK64MzEPAyQZyEU3R/KRv2GLoa7nNtg/C2Ev6m7z+eA=="
+      "version": "1.9.1",
+      "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz",
+      "integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g=="
     },
     "is-arrayish": {
       "version": "0.3.2",
@@ -1114,11 +1375,61 @@
       "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
       "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE="
     },
+    "isexe": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz",
+      "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=",
+      "dev": true
+    },
     "isstream": {
       "version": "0.1.2",
       "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz",
       "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo="
     },
+    "jake": {
+      "version": "10.8.2",
+      "resolved": "https://registry.npmjs.org/jake/-/jake-10.8.2.tgz",
+      "integrity": "sha512-eLpKyrfG3mzvGE2Du8VoPbeSkRry093+tyNjdYaBbJS9v17knImYGNXQCUV0gLxQtF82m3E8iRb/wdSQZLoq7A==",
+      "requires": {
+        "async": "0.9.x",
+        "chalk": "^2.4.2",
+        "filelist": "^1.0.1",
+        "minimatch": "^3.0.4"
+      },
+      "dependencies": {
+        "ansi-styles": {
+          "version": "3.2.1",
+          "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
+          "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
+          "requires": {
+            "color-convert": "^1.9.0"
+          }
+        },
+        "chalk": {
+          "version": "2.4.2",
+          "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
+          "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
+          "requires": {
+            "ansi-styles": "^3.2.1",
+            "escape-string-regexp": "^1.0.5",
+            "supports-color": "^5.3.0"
+          }
+        },
+        "color-convert": {
+          "version": "1.9.3",
+          "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz",
+          "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==",
+          "requires": {
+            "color-name": "1.1.3"
+          }
+        },
+        "color-name": {
+          "version": "1.1.3",
+          "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
+          "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
+        }
+      }
+    },
     "jsbn": {
       "version": "0.1.1",
       "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz",
@@ -1144,6 +1455,54 @@
       "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz",
       "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus="
     },
+    "jsonwebtoken": {
+      "version": "8.5.1",
+      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz",
+      "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==",
+      "requires": {
+        "jws": "^3.2.2",
+        "lodash.includes": "^4.3.0",
+        "lodash.isboolean": "^3.0.3",
+        "lodash.isinteger": "^4.0.4",
+        "lodash.isnumber": "^3.0.3",
+        "lodash.isplainobject": "^4.0.6",
+        "lodash.isstring": "^4.0.1",
+        "lodash.once": "^4.0.0",
+        "ms": "^2.1.1",
+        "semver": "^5.6.0"
+      },
+      "dependencies": {
+        "jwa": {
+          "version": "1.4.1",
+          "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz",
+          "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==",
+          "requires": {
+            "buffer-equal-constant-time": "1.0.1",
+            "ecdsa-sig-formatter": "1.0.11",
+            "safe-buffer": "^5.0.1"
+          }
+        },
+        "jws": {
+          "version": "3.2.2",
+          "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz",
+          "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==",
+          "requires": {
+            "jwa": "^1.4.1",
+            "safe-buffer": "^5.0.1"
+          }
+        },
+        "ms": {
+          "version": "2.1.2",
+          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
+          "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
+        },
+        "semver": {
+          "version": "5.7.1",
+          "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
+          "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ=="
+        }
+      }
+    },
     "jsprim": {
       "version": "1.4.1",
       "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz",
@@ -1171,6 +1530,41 @@
         "package-json": "^6.3.0"
       }
     },
+    "lodash.includes": {
+      "version": "4.3.0",
+      "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz",
+      "integrity": "sha1-YLuYqHy5I8aMoeUTJUgzFISfVT8="
+    },
+    "lodash.isboolean": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz",
+      "integrity": "sha1-bC4XHbKiV82WgC/UOwGyDV9YcPY="
+    },
+    "lodash.isinteger": {
+      "version": "4.0.4",
+      "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz",
+      "integrity": "sha1-YZwK89A/iwTDH1iChAt3sRzWg0M="
+    },
+    "lodash.isnumber": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz",
+      "integrity": "sha1-POdoEMWSjQM1IwGsKHMX8RwLH/w="
+    },
+    "lodash.isplainobject": {
+      "version": "4.0.6",
+      "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz",
+      "integrity": "sha1-fFJqUtibRcRcxpC4gWO+BJf1UMs="
+    },
+    "lodash.isstring": {
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz",
+      "integrity": "sha1-1SfftUVuynzJu5XV2ur4i6VKVFE="
+    },
+    "lodash.once": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz",
+      "integrity": "sha1-DdOXEhPHxW34gJd9UEyI+0cal6w="
+    },
     "lowercase-keys": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/lowercase-keys/-/lowercase-keys-1.0.1.tgz",
@@ -1191,6 +1585,12 @@
         }
       }
     },
+    "make-error": {
+      "version": "1.3.6",
+      "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz",
+      "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==",
+      "dev": true
+    },
     "media-typer": {
       "version": "0.3.0",
       "resolved": "https://registry.npmjs.org/media-typer/-/media-typer-0.3.0.tgz",
@@ -1212,22 +1612,22 @@
       "integrity": "sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg=="
     },
     "mime-db": {
-      "version": "1.42.0",
-      "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.42.0.tgz",
-      "integrity": "sha512-UbfJCR4UAVRNgMpfImz05smAXK7+c+ZntjaA26ANtkXLlOe947Aag5zdIcKQULAiF9Cq4WxBi9jUs5zkA84bYQ=="
+      "version": "1.44.0",
+      "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz",
+      "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg=="
     },
     "mime-types": {
-      "version": "2.1.25",
-      "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.25.tgz",
-      "integrity": "sha512-5KhStqB5xpTAeGqKBAMgwaYMnQik7teQN4IAzC7npDv6kzeU6prfkR67bc87J1kWMPGkoaZSq1npmexMgkmEVg==",
+      "version": "2.1.27",
+      "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz",
+      "integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==",
       "requires": {
-        "mime-db": "1.42.0"
+        "mime-db": "1.44.0"
       }
     },
     "mimic-response": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-2.1.0.tgz",
-      "integrity": "sha512-wXqjST+SLt7R009ySCglWBCFpjUygmCIfD790/kVbiGmUgfYGuB14PiTd5DwVxSV4NcYHjzMkoj5LjQZwTQLEA=="
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-1.0.1.tgz",
+      "integrity": "sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ=="
     },
     "minimatch": {
       "version": "3.0.4",
@@ -1255,6 +1655,11 @@
       "resolved": "https://registry.npmjs.org/mkdirp-classic/-/mkdirp-classic-0.5.3.tgz",
       "integrity": "sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A=="
     },
+    "moment": {
+      "version": "2.27.0",
+      "resolved": "https://registry.npmjs.org/moment/-/moment-2.27.0.tgz",
+      "integrity": "sha512-al0MUK7cpIcglMv3YF13qSgdAIqxHTO7brRtaz3DlSULbqfazqkc5kEjNrLDOM7fsjshoFIihnU8snrP7zUvhQ=="
+    },
     "morgan": {
       "version": "1.10.0",
       "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.0.tgz",
@@ -1317,6 +1722,11 @@
         "clone": "2.x"
       }
     },
+    "nodemailer": {
+      "version": "6.4.11",
+      "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-6.4.11.tgz",
+      "integrity": "sha512-BVZBDi+aJV4O38rxsUh164Dk1NCqgh6Cm0rQSb9SK/DHGll/DrCMnycVDD7msJgZCnmVa8ASo8EZzR7jsgTukQ=="
+    },
     "nodemon": {
       "version": "2.0.4",
       "resolved": "https://registry.npmjs.org/nodemon/-/nodemon-2.0.4.tgz",
@@ -1403,6 +1813,11 @@
       "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
       "integrity": "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM="
     },
+    "object-assign-deep": {
+      "version": "0.4.0",
+      "resolved": "https://registry.npmjs.org/object-assign-deep/-/object-assign-deep-0.4.0.tgz",
+      "integrity": "sha512-54Uvn3s+4A/cMWx9tlRez1qtc7pN7pbQ+Yi7mjLjcBpWLlP+XbSHiHbQW6CElDiV4OvuzqnMrBdkgxI1mT8V/Q=="
+    },
     "on-finished": {
       "version": "2.3.0",
       "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.3.0.tgz",
@@ -1457,6 +1872,12 @@
       "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz",
       "integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ=="
     },
+    "path-key": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/path-key/-/path-key-3.1.1.tgz",
+      "integrity": "sha512-ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q==",
+      "dev": true
+    },
     "path-to-regexp": {
       "version": "0.1.7",
       "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz",
@@ -1572,6 +1993,19 @@
         "which-pm-runs": "^1.0.0"
       },
       "dependencies": {
+        "decompress-response": {
+          "version": "4.2.1",
+          "resolved": "https://registry.npmjs.org/decompress-response/-/decompress-response-4.2.1.tgz",
+          "integrity": "sha512-jOSne2qbyE+/r8G1VU+G/82LBs2Fs4LAsTiLSHOCOMZQl2OKZ6i8i4IyHemTe+/yIXOtTcRQMzPcgyhoFlqPkw==",
+          "requires": {
+            "mimic-response": "^2.0.0"
+          }
+        },
+        "mimic-response": {
+          "version": "2.1.0",
+          "resolved": "https://registry.npmjs.org/mimic-response/-/mimic-response-2.1.0.tgz",
+          "integrity": "sha512-wXqjST+SLt7R009ySCglWBCFpjUygmCIfD790/kVbiGmUgfYGuB14PiTd5DwVxSV4NcYHjzMkoj5LjQZwTQLEA=="
+        },
         "simple-get": {
           "version": "3.1.0",
           "resolved": "https://registry.npmjs.org/simple-get/-/simple-get-3.1.0.tgz",
@@ -1595,23 +2029,23 @@
       "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag=="
     },
     "proxy-addr": {
-      "version": "2.0.5",
-      "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.5.tgz",
-      "integrity": "sha512-t/7RxHXPH6cJtP0pRG6smSr9QJidhB+3kXu0KgXnbGYMgzEnUxRQ4/LDdfOwZEMyIh3/xHb8PX3t+lfL9z+YVQ==",
+      "version": "2.0.6",
+      "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.6.tgz",
+      "integrity": "sha512-dh/frvCBVmSsDYzw6n926jv974gddhkFPfiN8hPOi30Wax25QZyZEGveluCgliBnqmuM+UJmBErbAUFIoDbjOw==",
       "requires": {
         "forwarded": "~0.1.2",
-        "ipaddr.js": "1.9.0"
+        "ipaddr.js": "1.9.1"
       }
     },
     "psl": {
-      "version": "1.7.0",
-      "resolved": "https://registry.npmjs.org/psl/-/psl-1.7.0.tgz",
-      "integrity": "sha512-5NsSEDv8zY70ScRnOTn7bK7eanl2MvFrOrS/R6x+dBt5g1ghnj9Zv90kO8GwT8gxcu2ANyFprnFYB85IogIJOQ=="
+      "version": "1.8.0",
+      "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz",
+      "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ=="
     },
     "pstree.remy": {
-      "version": "1.1.7",
-      "resolved": "https://registry.npmjs.org/pstree.remy/-/pstree.remy-1.1.7.tgz",
-      "integrity": "sha512-xsMgrUwRpuGskEzBFkH8NmTimbZ5PcPup0LA8JJkHIm2IMUbQcpo3yeLNWVrufEYjh8YwtSVh0xz6UeWc5Oh5A=="
+      "version": "1.1.8",
+      "resolved": "https://registry.npmjs.org/pstree.remy/-/pstree.remy-1.1.8.tgz",
+      "integrity": "sha512-77DZwxQmxKnu3aR542U+X8FypNzbfJ+C5XQDk3uWjWxn6151aIMGthWYRXTqT1E5oJvg+ljaa2OJi+VfvCOQ8w=="
     },
     "pump": {
       "version": "3.0.0",
@@ -1695,9 +2129,9 @@
       }
     },
     "registry-auth-token": {
-      "version": "4.1.1",
-      "resolved": "https://registry.npmjs.org/registry-auth-token/-/registry-auth-token-4.1.1.tgz",
-      "integrity": "sha512-9bKS7nTl9+/A1s7tnPeGrUpRcVY+LUh7bfFgzpndALdPfXQBfQV77rQVtqgUV3ti4vc/Ik81Ex8UJDWDQ12zQA==",
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/registry-auth-token/-/registry-auth-token-4.2.0.tgz",
+      "integrity": "sha512-P+lWzPrsgfN+UEpDS3U8AQKg/UjZX6mQSJueZj3EK+vNESoqBSpBUD3gmu4sF9lOsjXWjF11dQKUqemf3veq1w==",
       "requires": {
         "rc": "^1.2.8"
       }
@@ -1863,10 +2297,25 @@
         }
       }
     },
+    "shebang-command": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz",
+      "integrity": "sha512-kHxr2zZpYtdmrN1qDjrrX/Z1rR1kG8Dx+gkpK1G4eXmvXswmcE1hTWBWYUzlraYw1/yZp6YuDY77YtvbN0dmDA==",
+      "dev": true,
+      "requires": {
+        "shebang-regex": "^3.0.0"
+      }
+    },
+    "shebang-regex": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-3.0.0.tgz",
+      "integrity": "sha512-7++dFhtcx3353uBaq8DDR4NuxBetBzC7ZQOhmTQInHEd6bSrXdiEyzCvG07Z44UYdLShWUyXt5M/yhz8ekcb1A==",
+      "dev": true
+    },
     "signal-exit": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.2.tgz",
-      "integrity": "sha1-tf3AjxKH6hF4Yo5BXiUTK3NkbG0="
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.3.tgz",
+      "integrity": "sha512-VUJ49FC8U1OxwZLxIbTTrDvLnf/6TDgxZcK8wxR8zs13xpx7xbG60ndBlhNrFi2EMuFRoeDoJO7wthSLq42EjA=="
     },
     "simple-concat": {
       "version": "1.0.1",
@@ -1906,6 +2355,22 @@
         "is-arrayish": "^0.3.1"
       }
     },
+    "source-map": {
+      "version": "0.6.1",
+      "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
+      "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
+      "dev": true
+    },
+    "source-map-support": {
+      "version": "0.5.19",
+      "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.5.19.tgz",
+      "integrity": "sha512-Wonm7zOCIJzBGQdB+thsPar0kYuCIzYvxZwlBa87yi/Mdjv7Tip2cyVbLj5o0cFPN4EVkuTwb3GDDyUx2DGnGw==",
+      "dev": true,
+      "requires": {
+        "buffer-from": "^1.0.0",
+        "source-map": "^0.6.0"
+      }
+    },
     "split": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/split/-/split-1.0.1.tgz",
@@ -1936,21 +2401,36 @@
       "integrity": "sha1-Fhx9rBd2Wf2YEfQ3cfqZOBR4Yow="
     },
     "string-width": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz",
-      "integrity": "sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M=",
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.0.tgz",
+      "integrity": "sha512-zUz5JD+tgqtuDjMhwIg5uFVV3dtqZ9yQJlZVfq4I01/K5Paj5UHj7VyrQOJvzawSVlKpObApbfD0Ed6yJc+1eg==",
       "requires": {
-        "code-point-at": "^1.0.0",
-        "is-fullwidth-code-point": "^1.0.0",
-        "strip-ansi": "^3.0.0"
+        "emoji-regex": "^8.0.0",
+        "is-fullwidth-code-point": "^3.0.0",
+        "strip-ansi": "^6.0.0"
       },
       "dependencies": {
+        "ansi-regex": {
+          "version": "5.0.0",
+          "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz",
+          "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg=="
+        },
+        "emoji-regex": {
+          "version": "8.0.0",
+          "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz",
+          "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A=="
+        },
         "is-fullwidth-code-point": {
-          "version": "1.0.0",
-          "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz",
-          "integrity": "sha1-754xOG8DGn8NZDr4L95QxFfvAMs=",
+          "version": "3.0.0",
+          "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz",
+          "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg=="
+        },
+        "strip-ansi": {
+          "version": "6.0.0",
+          "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz",
+          "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==",
           "requires": {
-            "number-is-nan": "^1.0.0"
+            "ansi-regex": "^5.0.0"
           }
         }
       }
@@ -1964,11 +2444,11 @@
       }
     },
     "strip-ansi": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz",
-      "integrity": "sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8=",
+      "version": "5.2.0",
+      "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz",
+      "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==",
       "requires": {
-        "ansi-regex": "^2.0.0"
+        "ansi-regex": "^4.1.0"
       }
     },
     "strip-json-comments": {
@@ -1976,6 +2456,74 @@
       "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-2.0.1.tgz",
       "integrity": "sha1-PFMZQukIwml8DsNEhYwobHygpgo="
     },
+    "superagent": {
+      "version": "6.0.0",
+      "resolved": "https://registry.npmjs.org/superagent/-/superagent-6.0.0.tgz",
+      "integrity": "sha512-gBiyDSUR3zbYO8za+MudSNxMFSOhKcZfQ1Anya1DWzk9R32zl++cYUFHXzP3VnyvQO8h/1/uPPA9FUDDtE+qdA==",
+      "requires": {
+        "component-emitter": "^1.3.0",
+        "cookiejar": "^2.1.2",
+        "debug": "^4.1.1",
+        "fast-safe-stringify": "^2.0.7",
+        "form-data": "^3.0.0",
+        "formidable": "^1.2.2",
+        "methods": "^1.1.2",
+        "mime": "^2.4.6",
+        "qs": "^6.9.4",
+        "readable-stream": "^3.6.0",
+        "semver": "^7.3.2"
+      },
+      "dependencies": {
+        "debug": {
+          "version": "4.1.1",
+          "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz",
+          "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==",
+          "requires": {
+            "ms": "^2.1.1"
+          }
+        },
+        "form-data": {
+          "version": "3.0.0",
+          "resolved": "https://registry.npmjs.org/form-data/-/form-data-3.0.0.tgz",
+          "integrity": "sha512-CKMFDglpbMi6PyN+brwB9Q/GOw0eAnsrEZDgcsH5Krhz5Od/haKHAX0NmQfha2zPPz0JpWzA7GJHGSnvCRLWsg==",
+          "requires": {
+            "asynckit": "^0.4.0",
+            "combined-stream": "^1.0.8",
+            "mime-types": "^2.1.12"
+          }
+        },
+        "mime": {
+          "version": "2.4.6",
+          "resolved": "https://registry.npmjs.org/mime/-/mime-2.4.6.tgz",
+          "integrity": "sha512-RZKhC3EmpBchfTGBVb8fb+RL2cWyw/32lshnsETttkBAyAUXSGHxbEJWWRXc751DrIxG1q04b8QwMbAwkRPpUA=="
+        },
+        "ms": {
+          "version": "2.1.2",
+          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
+          "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
+        },
+        "qs": {
+          "version": "6.9.4",
+          "resolved": "https://registry.npmjs.org/qs/-/qs-6.9.4.tgz",
+          "integrity": "sha512-A1kFqHekCTM7cz0udomYUoYNWjBebHm/5wzU/XqrBRBNWectVH0QIiN+NEcZ0Dte5hvzHwbr8+XQmguPhJ6WdQ=="
+        },
+        "readable-stream": {
+          "version": "3.6.0",
+          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-3.6.0.tgz",
+          "integrity": "sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==",
+          "requires": {
+            "inherits": "^2.0.3",
+            "string_decoder": "^1.1.1",
+            "util-deprecate": "^1.0.1"
+          }
+        },
+        "semver": {
+          "version": "7.3.2",
+          "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.2.tgz",
+          "integrity": "sha512-OrOb32TeeambH6UrhtShmF7CRDqhL6/5XpPNp2DuRH6+9QLw/orhp72j87v8Qa1ScDkvrrBNpZcDejAirJmfXQ=="
+        }
+      }
+    },
     "supports-color": {
       "version": "5.5.0",
       "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz",
@@ -2064,6 +2612,19 @@
         "punycode": "^2.1.1"
       }
     },
+    "ts-node": {
+      "version": "8.10.2",
+      "resolved": "https://registry.npmjs.org/ts-node/-/ts-node-8.10.2.tgz",
+      "integrity": "sha512-ISJJGgkIpDdBhWVu3jufsWpK3Rzo7bdiIXJjQc0ynKxVOVcg2oIrf2H2cejminGrptVc6q6/uynAHNCuWGbpVA==",
+      "dev": true,
+      "requires": {
+        "arg": "^4.1.0",
+        "diff": "^4.0.1",
+        "make-error": "^1.1.1",
+        "source-map-support": "^0.5.17",
+        "yn": "3.1.1"
+      }
+    },
     "tunnel-agent": {
       "version": "0.6.0",
       "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz",
@@ -2099,6 +2660,12 @@
         "is-typedarray": "^1.0.0"
       }
     },
+    "typescript": {
+      "version": "3.9.7",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-3.9.7.tgz",
+      "integrity": "sha512-BLbiRkiBzAwsjut4x/dsibSTB6yWpwT5qWmC2OfuCg3GgVQCSgMs4vEctYPhsaGtd0AeuuHMkjZ2h2WG8MSzRw==",
+      "dev": true
+    },
     "uid-safe": {
       "version": "2.1.5",
       "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz",
@@ -2194,6 +2761,15 @@
         "extsprintf": "^1.2.0"
       }
     },
+    "which": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/which/-/which-2.0.2.tgz",
+      "integrity": "sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==",
+      "dev": true,
+      "requires": {
+        "isexe": "^2.0.0"
+      }
+    },
     "which-pm-runs": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/which-pm-runs/-/which-pm-runs-1.0.0.tgz",
@@ -2205,51 +2781,40 @@
       "integrity": "sha512-QGkOQc8XL6Bt5PwnsExKBPuMKBxnGxWWW3fU55Xt4feHozMUhdUMaBCk290qpm/wG5u/RSKzwdAC4i51YigihA==",
       "requires": {
         "string-width": "^1.0.2 || 2"
-      }
-    },
-    "widest-line": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/widest-line/-/widest-line-3.1.0.tgz",
-      "integrity": "sha512-NsmoXalsWVDMGupxZ5R08ka9flZjjiLvHVAWYOKtiKM8ujtZWr9cRffak+uSE48+Ob8ObalXpwyeUiyDD6QFgg==",
-      "requires": {
-        "string-width": "^4.0.0"
       },
       "dependencies": {
         "ansi-regex": {
-          "version": "5.0.0",
-          "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-5.0.0.tgz",
-          "integrity": "sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg=="
-        },
-        "emoji-regex": {
-          "version": "8.0.0",
-          "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-8.0.0.tgz",
-          "integrity": "sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A=="
-        },
-        "is-fullwidth-code-point": {
           "version": "3.0.0",
-          "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-3.0.0.tgz",
-          "integrity": "sha512-zymm5+u+sCsSWyD9qNaejV3DFvhCKclKdizYaJUuHA83RLjb7nSuGnddCHGv0hk+KY7BMAlsWeK4Ueg6EV6XQg=="
+          "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz",
+          "integrity": "sha1-7QMXwyIGT3lGbAKWa922Bas32Zg="
         },
         "string-width": {
-          "version": "4.2.0",
-          "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.0.tgz",
-          "integrity": "sha512-zUz5JD+tgqtuDjMhwIg5uFVV3dtqZ9yQJlZVfq4I01/K5Paj5UHj7VyrQOJvzawSVlKpObApbfD0Ed6yJc+1eg==",
+          "version": "2.1.1",
+          "resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz",
+          "integrity": "sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw==",
           "requires": {
-            "emoji-regex": "^8.0.0",
-            "is-fullwidth-code-point": "^3.0.0",
-            "strip-ansi": "^6.0.0"
+            "is-fullwidth-code-point": "^2.0.0",
+            "strip-ansi": "^4.0.0"
           }
         },
         "strip-ansi": {
-          "version": "6.0.0",
-          "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-6.0.0.tgz",
-          "integrity": "sha512-AuvKTrTfQNYNIctbR1K/YGTR1756GycPsg7b9bdV9Duqur4gv6aKqHXah67Z8ImS7WEz5QVcOtlfW2rZEugt6w==",
+          "version": "4.0.0",
+          "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz",
+          "integrity": "sha1-qEeQIusaw2iocTibY1JixQXuNo8=",
           "requires": {
-            "ansi-regex": "^5.0.0"
+            "ansi-regex": "^3.0.0"
           }
         }
       }
     },
+    "widest-line": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/widest-line/-/widest-line-3.1.0.tgz",
+      "integrity": "sha512-NsmoXalsWVDMGupxZ5R08ka9flZjjiLvHVAWYOKtiKM8ujtZWr9cRffak+uSE48+Ob8ObalXpwyeUiyDD6QFgg==",
+      "requires": {
+        "string-width": "^4.0.0"
+      }
+    },
     "wrappy": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
@@ -2275,6 +2840,12 @@
       "version": "4.0.2",
       "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz",
       "integrity": "sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ=="
+    },
+    "yn": {
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/yn/-/yn-3.1.1.tgz",
+      "integrity": "sha512-Ux4ygGWsu2c7isFWe8Yu1YluJmqVhxqK2cLXNQA5AcC3QfbGNpM7fu0Y8b/z16pXLnFxZYvWhd3fhBY9DLmC6Q==",
+      "dev": true
     }
   }
 }
diff --git a/package.json b/package.json
index 4bff92c..906c9fa 100644
--- a/package.json
+++ b/package.json
@@ -1,43 +1,85 @@
 {
   "name": "mc-auth-web",
-  "version": "1.0.0",
-  "description": "",
-  "main": "index.js",
+  "version": "2.0.0",
+  "description": "Easily login with your Minecraft account without giving your password or email to strangers! Fully oAuth2 compliant!",
+  "keywords": [
+    "Minecraft",
+    "oAuth2",
+    "oAuth",
+    "Login",
+    "GDPR",
+    "API",
+    "restful",
+    "rest"
+  ],
+  "homepage": "https://mc-auth.com",
+  "main": "build/index.js",
+  "private": false,
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1",
-    "start": "nodemon index.js"
+    "build": "tsc",
+    "start": "cross-env NODE_ENV=production nodemon --enable-source-maps build/index.js",
+    "devStart": "cross-env NODE_ENV=development ts-node src/index.ts",
+    "dev": "nodemon --ext ts,html,json,txt --watch ./src --watch ./resources/lang --watch ./resources/web/dynamic --watch ./resources/email --exec \"npm run devStart\""
+  },
+  "author": {
+    "name": "Christian Koop",
+    "url": "https://Sprax2013.de",
+    "email": "developer@sprax2013.de"
   },
-  "author": "Sprax2013",
   "license": "MIT",
-  "homepage": "https://mc-auth.com",
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/Mc-Auth-com/Mc-Auth-Web.git"
+    "url": "https://github.com/Mc-Auth-com/Mc-Auth-Web.git"
   },
   "bugs": {
     "url": "https://github.com/Mc-Auth-com/Mc-Auth-Web/issues"
   },
+  "engines": {
+    "node": ">=10.0.0"
+  },
   "dependencies": {
-    "body-parser": "^1.19.0",
-    "connect-pg-simple": "^6.2.0",
+    "connect-pg-simple": "^6.2.1",
     "cookie-parser": "^1.4.5",
+    "ejs": "^3.1.5",
     "escape-html": "^1.0.3",
     "express": "^4.17.1",
     "express-session": "^1.17.1",
+    "jsonwebtoken": "^8.5.1",
+    "moment": "^2.27.0",
     "morgan": "^1.10.0",
     "node-cache": "^5.1.2",
+    "nodemailer": "^6.4.11",
     "nodemon": "^2.0.4",
+    "object-assign-deep": "^0.4.0",
     "pg": "^8.3.3",
     "request": "^2.88.2",
     "rotating-file-stream": "^2.1.3",
     "sharp": "^0.26.0",
+    "superagent": "^6.0.0",
     "uuid": "^8.3.0"
   },
+  "devDependencies": {
+    "@types/connect-pg-simple": "^4.2.0",
+    "@types/cookie-parser": "^1.4.2",
+    "@types/ejs": "^3.0.4",
+    "@types/express": "^4.17.7",
+    "@types/express-session": "^1.17.0",
+    "@types/jsonwebtoken": "^8.5.0",
+    "@types/morgan": "^1.9.1",
+    "@types/nodemailer": "^6.4.0",
+    "@types/object-assign-deep": "^0.4.0",
+    "@types/pg": "^7.14.4",
+    "@types/request": "^2.48.5",
+    "@types/sharp": "^0.25.1",
+    "@types/superagent": "^4.1.9",
+    "cross-env": "^7.0.2",
+    "ts-node": "^8.10.2",
+    "typescript": "^3.9.7"
+  },
   "nodemonConfig": {
-    "ignore": [
-      "./storage",
-      "./logs"
-    ],
-    "ext": "js,json,html"
+    "watch": [
+      "build"
+    ]
   }
 }
diff --git a/resources/email/LICENSE b/resources/email/LICENSE
new file mode 100644
index 0000000..9f52777
--- /dev/null
+++ b/resources/email/LICENSE
@@ -0,0 +1 @@
+confirm_email.html: https://github.com/mailgun/transactional-email-templates/blob/4b926d8879df3174ab0e47ef4af8bc0dab670b27/LICENSE
\ No newline at end of file
diff --git a/resources/email/confirm_email.html b/resources/email/confirm_email.html
new file mode 100644
index 0000000..a12beaa
--- /dev/null
+++ b/resources/email/confirm_email.html
@@ -0,0 +1,328 @@
+<!DOCTYPE html
+  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html lang="<%1- langKey -%1>" xmlns="http://www.w3.org/1999/xhtml">
+
+<head>
+  <meta name="viewport" content="width=device-width" />
+  <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+  <title><%1- loc.getString(langKey, 'email.confirm_email.subject') -%1> | Mc-Auth.com</title>
+
+  <style>
+    /* Basic CSS reset */
+
+    * {
+      margin: 0;
+      font-family: "Helvetica Neue", Helvetica, Arial, sans-serif;
+      box-sizing: border-box;
+      font-size: 14px;
+    }
+
+    img {
+      max-width: 100%;
+    }
+
+    body {
+      -webkit-font-smoothing: antialiased;
+      -webkit-text-size-adjust: none;
+      width: 100% !important;
+      height: 100%;
+      line-height: 1.6em;
+    }
+
+    table td {
+      vertical-align: top;
+    }
+
+    /* Body & Content */
+
+    body {
+      background-color: #f6f6f6;
+    }
+
+    .body-wrap {
+      background-color: #f6f6f6;
+      width: 100%;
+    }
+
+    .container {
+      display: block !important;
+      max-width: 600px !important;
+      margin: 0 auto !important;
+      clear: both !important;
+    }
+
+    .content {
+      max-width: 600px;
+      margin: 0 auto;
+      display: block;
+      padding: 20px;
+    }
+
+    /* Layout */
+    .main {
+      background-color: #fff;
+      border: 1px solid #e9e9e9;
+      border-radius: 3px;
+    }
+
+    .content-wrap {
+      padding: 20px;
+    }
+
+    .content-block {
+      padding: 0 0 20px;
+    }
+
+    .header {
+      width: 100%;
+      margin-bottom: 20px;
+    }
+
+    .footer {
+      width: 100%;
+      clear: both;
+      color: #999;
+      padding: 20px;
+    }
+
+    .footer p,
+    .footer a,
+    .footer td {
+      color: #999;
+      font-size: 12px;
+    }
+
+    /* Typography */
+    h1,
+    h2,
+    h3 {
+      font-family: "Helvetica Neue", Helvetica, Arial, "Lucida Grande", sans-serif;
+      color: #000;
+      margin: 40px 0 0;
+      line-height: 1.2em;
+      font-weight: 400;
+    }
+
+    h1 {
+      font-size: 32px;
+      font-weight: 500;
+    }
+
+    h2 {
+      font-size: 24px;
+    }
+
+    h3 {
+      font-size: 18px;
+    }
+
+    h4 {
+      font-size: 14px;
+      font-weight: 600;
+    }
+
+    p,
+    ul,
+    ol {
+      margin-bottom: 10px;
+      font-weight: normal;
+    }
+
+    p li,
+    ul li,
+    ol li {
+      margin-left: 5px;
+      list-style-position: inside;
+    }
+
+    /* Links & Buttons */
+    a {
+      color: #348eda;
+      text-decoration: underline;
+    }
+
+    .btn-primary {
+      text-decoration: none;
+      color: #FFF;
+      background-color: #348eda;
+      border: solid #348eda;
+      border-width: 10px 20px;
+      line-height: 2em;
+      font-weight: bold;
+      text-align: center;
+      cursor: pointer;
+      display: inline-block;
+      border-radius: 5px;
+      text-transform: capitalize;
+    }
+
+    /* Misc */
+    .last {
+      margin-bottom: 0;
+    }
+
+    .first {
+      margin-top: 0;
+    }
+
+    .align-center {
+      text-align: center;
+    }
+
+    .align-right {
+      text-align: right;
+    }
+
+    .align-left {
+      text-align: left;
+    }
+
+    .clear {
+      clear: both;
+    }
+
+
+    /* Alerts */
+    .alert {
+      font-size: 16px;
+      color: #fff;
+      font-weight: 500;
+      padding: 20px;
+      text-align: center;
+      border-radius: 3px 3px 0 0;
+    }
+
+    .alert a {
+      color: #fff;
+      text-decoration: none;
+      font-weight: 500;
+      font-size: 16px;
+    }
+
+    .alert.alert-warning {
+      background-color: #FF9F00;
+    }
+
+    .alert.alert-bad {
+      background-color: #D0021B;
+    }
+
+    .alert.alert-good {
+      background-color: #68B90F;
+    }
+
+    /* Responsive layout */
+    @media only screen and (max-width: 640px) {
+      body {
+        padding: 0 !important;
+      }
+
+      h1,
+      h2,
+      h3,
+      h4 {
+        font-weight: 800 !important;
+        margin: 20px 0 5px !important;
+      }
+
+      h1 {
+        font-size: 22px !important;
+      }
+
+      h2 {
+        font-size: 18px !important;
+      }
+
+      h3 {
+        font-size: 16px !important;
+      }
+
+      .container {
+        padding: 0 !important;
+        width: 100% !important;
+      }
+
+      .content {
+        padding: 0 !important;
+      }
+
+      .content-wrap {
+        padding: 10px !important;
+      }
+
+      .invoice {
+        width: 100% !important;
+      }
+    }
+  </style>
+</head>
+
+<body itemscope itemtype="http://schema.org/EmailMessage">
+  <table class="body-wrap">
+    <tr>
+      <td></td>
+
+      <td class="container" width="600">
+        <div class="content">
+          <table class="main" width="100%" cellpadding="0" cellspacing="0" itemprop="action" itemscope
+            itemtype="http://schema.org/ConfirmAction">
+            <tr>
+              <td class="content-wrap">
+                <meta itemprop="name" content="Confirm Email" />
+
+                <table width="100%" cellpadding="0" cellspacing="0">
+                  <tr>
+                    <td class="content-block">
+                      <%1- loc.getString(langKey, 'email.confirm_email.greeting') -%1>
+                    </td>
+                  </tr>
+
+                  <tr>
+                    <td class="content-block">
+                      <%1- loc.getString(langKey, 'email.confirm_email.please_confirm') -%1>
+                    </td>
+                  </tr>
+
+                  <tr>
+                    <td class="content-block" itemprop="handler" itemscope itemtype="http://schema.org/HttpActionHandler">
+                      <a href="<%1- global.url.baseLocalized -%1>/settings/confirm-email/<%2- page.confirm_mail.token -%2>" class="btn-primary" itemprop="url">
+                        <%1- loc.getString(langKey, 'email.confirm_email.button_label') -%1>
+                      </a>
+                    </td>
+                  </tr>
+
+                  <tr>
+                    <td class="content-block">
+                      <%1- loc.getString(langKey, 'email.confirm_email.signature') -%1>
+                    </td>
+                  </tr>
+
+                  <tr>
+                    <td class="content-block">
+                      <%1- loc.getString(langKey, 'email.confirm_email.report_abuse') -%1>
+                    </td>
+                  </tr>
+                </table>
+              </td>
+            </tr>
+          </table>
+
+          <div class="footer">
+            <table width="100%">
+              <tr>
+                <td class="align-center content-block">
+                  <%1- loc.getString(langKey, 'email.confirm_email.follow_on_twitter') -%1>
+                </td>
+              </tr>
+            </table>
+          </div>
+        </div>
+      </td>
+
+      <td></td>
+    </tr>
+  </table>
+
+</body>
+
+</html>
\ No newline at end of file
diff --git a/resources/email/confirm_email.txt b/resources/email/confirm_email.txt
new file mode 100644
index 0000000..f442cdc
--- /dev/null
+++ b/resources/email/confirm_email.txt
@@ -0,0 +1,9 @@
+<%1- loc.getString(langKey, 'email.confirm_email.greeting') %1>
+<%1- loc.getString(langKey, 'email.confirm_email.please_confirm') %1>
+
+<%1- global.url.baseLocalized -%1>/settings/confirm-email/<%2- page.confirm_mail.token -%2>
+
+<%1- loc.getString(langKey, 'email.confirm_email.signature') %1>
+
+
+<%1- loc.getString(langKey, 'email.confirm_email.report_abuse') %1>
\ No newline at end of file
diff --git a/resources/lang/arguments.json b/resources/lang/arguments.json
new file mode 100644
index 0000000..ad687af
--- /dev/null
+++ b/resources/lang/arguments.json
@@ -0,0 +1,98 @@
+[
+  {
+    "term": "html.index.how.content1",
+    "args": [
+      "<a href=\"<%0- global.url.docs -%0>\"><%1- loc.getString(langKey, 'words.documentation') -%1></a>"
+    ]
+  },
+  {
+    "term": "html.index.how.step1",
+    "args": [
+      "<a href=\"<%0- global.url.base -%0>/login\"><%0- global.url.base -%0>/login</a>"
+    ]
+  },
+  {
+    "term": "html.index.how.step3",
+    "args": [
+      "<code><%0- global.url.mcServer -%0></code>"
+    ]
+  },
+  {
+    "term": "html.header.logged_in_as",
+    "args": [
+      "<%2- con.mcProfile.name -%2>"
+    ]
+  },
+  {
+    "term": "html.authorize.authorizing_app",
+    "args": [
+      "<%2= page.apps[0].name -%2>"
+    ]
+  },
+  {
+    "term": "html.authorize.app_created_by",
+    "args": [
+      "<%2= page.appOwner ? page.appOwner.name : page.apps[0].owner -%2>"
+    ]
+  },
+  {
+    "term": "html.authorize.app_creation_time",
+    "args": [
+      "<%2- moment.to(page.apps[0].created) -%2>"
+    ]
+  },
+  {
+    "term": "html.authorize.app_wants_access_to",
+    "args": [
+      "<%2= page.apps[0].name -%2>"
+    ]
+  },
+  {
+    "term": "html.login.start_minecraft_and_connect",
+    "args": [
+      "<code><%0- global.url.mcServer -%0></code>"
+    ]
+  },
+  {
+    "term": "html.authorize.login_request_from_app",
+    "args": [
+      "<%2= page.apps[0].name -%2>"
+    ]
+  },
+  {
+    "term": "html.settings.editing_app",
+    "args": [
+      "<em><%2= page.apps[0].name -%2></em>"
+    ]
+  },
+  {
+    "term": "html.settings.form.name_info",
+    "args": [
+      "<a href=\"https://help.minecraft.net/hc/en-us/articles/360034636712-Minecraft-Usernames\" target=\"_blank\"><em>help.minecraft.net</em></a>"
+    ]
+  },
+  {
+    "term": "html.settings.form.email_info",
+    "args": [
+      "<a href=\"<%1- global.url.baseLocalized -%1>/settings/notifications\"><%1- loc.getString(langKey, 'words.notifications') -%1></a>"
+    ]
+  },
+  {
+    "term": "email.confirm_email.greeting",
+    "args": [
+      "<%2- page.confirm_mail.mcProfile.name -%2>"
+    ]
+  },
+  {
+    "term": "email.confirm_email.follow_on_twitter",
+    "args": [
+      "<a href=\"https://twitter.com/SpraxDev\">@SpraxDev</a>"
+    ]
+  },
+  {
+    "term": "html.settings.form.email_pending",
+    "args": [
+      "<code><%2= page.account.emailPending -%2></code>"
+    ]
+  }
+]
\ No newline at end of file
diff --git a/lang/de.json b/resources/lang/de.json
similarity index 58%
rename from lang/de.json
rename to resources/lang/de.json
index e6c5d9a..f3d3b54 100644
--- a/lang/de.json
+++ b/resources/lang/de.json
@@ -16,8 +16,8 @@
     "comment": ""
   },
   {
-    "term": "html.authorize.app_owner",
-    "definition": "Besitzer",
+    "term": "html.authorize.app_created_by",
+    "definition": "Erstellt von {0}",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -25,7 +25,23 @@
   },
   {
     "term": "html.authorize.app_wants_access_to",
-    "definition": "{1} fordert Zugriff auf",
+    "definition": "Folgende Informationen werden mit <strong>{0}</strong> geteilt:",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.authorize.app_creation_time",
+    "definition": "{0} erstellt",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.authorize.no_app_description",
+    "definition": "<em>Der Anwendungs-Besitzer hat keine Beschreibung verfasst</em>",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -33,7 +49,23 @@
   },
   {
     "term": "html.authorize.authorizing_app",
-    "definition": "Zugriffsanfrage von {1}",
+    "definition": "Zugriffsanfrage von {0}",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.authorize.always_ask_for_app",
+    "definition": "Bei dieser App jedes Mal nachfragen",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.authorize.will_redirect_to",
+    "definition": "Du wirst umgeleitet auf",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -41,7 +73,7 @@
   },
   {
     "term": "html.authorize.login_request_from_app",
-    "definition": "Loginanfrage von {1}",
+    "definition": "<strong>{0}</strong> möchte deine Minecraft-Identität bestätigen",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -49,7 +81,7 @@
   },
   {
     "term": "html.authorize.scope.profile",
-    "definition": "\u00d6ffentliche Account-Daten",
+    "definition": "Öffentliche Account-Daten",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -81,7 +113,7 @@
   },
   {
     "term": "html.footer.legal_data_protection",
-    "definition": "Datenschutzerkl\u00e4rung",
+    "definition": "Datenschutzerklärung",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -105,7 +137,7 @@
   },
   {
     "term": "html.header.logged_in_as",
-    "definition": "Eingeloggt als {1}",
+    "definition": "Eingeloggt als {0}",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -113,7 +145,7 @@
   },
   {
     "term": "html.header.open_language_selection",
-    "definition": "\u00d6ffne das Men\u00fc zur Sprachwahl",
+    "definition": "Öffne das Menü zur Sprachwahl",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -137,7 +169,7 @@
   },
   {
     "term": "html.index.how.content1",
-    "definition": "Du bist ein Entwickler? Wirf einen Blick auf unsere {1}.",
+    "definition": "Du bist ein Entwickler? Wirf einen Blick auf unsere {0}.",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -153,7 +185,7 @@
   },
   {
     "term": "html.index.how.step1",
-    "definition": "Besuche {1}",
+    "definition": "Besuche {0}",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -169,7 +201,7 @@
   },
   {
     "term": "html.index.how.step3",
-    "definition": "Starte Minecraft und verbinde dich mit {1}",
+    "definition": "Starte Minecraft und verbinde dich mit {0}",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -177,7 +209,7 @@
   },
   {
     "term": "html.index.how.step4",
-    "definition": "Gib einen 6-stelligen Code ein, den du in Minecraft siehst, und schlie\u00dfe so den Login ab",
+    "definition": "Gib einen 6-stelligen Code ein, den du in Minecraft siehst, und schließe so den Login ab",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -185,7 +217,7 @@
   },
   {
     "term": "html.index.how.step5",
-    "definition": "Best\u00e4tige die angezeigte Anfrage oder verneine sie",
+    "definition": "Bestätige die angezeigte Anfrage oder verneine sie",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -209,15 +241,15 @@
   },
   {
     "term": "html.index.what_is.content1",
-    "definition": "Mc-Auth.com erm\u00f6glicht es Spielern, sich mit ihren Minecraft-Account einzuloggen, ohne dessen Passwort angeben zu m\u00fcssen.<br>Andere Webseiten und Entwickler k\u00f6nnen diese Funktion nutzen, um eine Best\u00e4tigung anzufordern, dass du Zugriff auf einen bestimmten Account hast.",
+    "definition": "Mc-Auth.com ermöglicht es Spielern, sich mit ihren Minecraft-Account einzuloggen, ohne dessen Passwort angeben zu müssen.<br>Andere Webseiten und Entwickler können diese Funktion nutzen, um eine Bestätigung anzufordern, dass du Zugriff auf einen bestimmten Account hast.",
     "context": "",
     "term_plural": "",
     "reference": "",
-    "comment": "Muss in 2 einzelne Nachrichten aufgeteilt werden, damit <br> nicht in der \u00dcbersetzung vorkommt."
+    "comment": "Muss in 2 einzelne Nachrichten aufgeteilt werden, damit <br> nicht in der Übersetzung vorkommt."
   },
   {
     "term": "html.index.what_is.content2",
-    "definition": "Dank Mc-Auth.com ist es jeder Webseite und jedem Programm eine Login-Anfrage mittels Minecraft-Account anzufragen und durchzuf\u00fchren.",
+    "definition": "Dank Mc-Auth.com ist es jeder Webseite und jedem Programm eine Login-Anfrage mittels Minecraft-Account anzufragen und durchzuführen.",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -249,7 +281,7 @@
   },
   {
     "term": "html.login.kicked_with_code",
-    "definition": "Du wirst automatisch vom Server gekickt und erh\u00e4lst einen Code",
+    "definition": "Du wirst automatisch vom Server gekickt und erhälst einen Code",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -265,7 +297,7 @@
   },
   {
     "term": "html.login.start_minecraft_and_connect",
-    "definition": "Starte Minecraft und verbinde dich mit dem Server {1}",
+    "definition": "Starte Minecraft und verbinde dich mit dem Server {0}",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -337,7 +369,7 @@
   },
   {
     "term": "html.settings.please_provide_exact_info",
-    "definition": "Bitte versuche die Angaben so genau wie m\u00f6glich zu w\u00e4hlen, da sie \u00f6ffentlich sichtbar sind.",
+    "definition": "Bitte versuche die Angaben so genau wie möglich zu wählen, da sie öffentlich sichtbar sind.",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -345,7 +377,7 @@
   },
   {
     "term": "html.settings.redirect_uris",
-    "definition": "Redirect URIs (eine pro Zeile)",
+    "definition": "Redirect URIs (eine pro Zeile, Groß-/Kleinschreibung beachten)",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -353,15 +385,7 @@
   },
   {
     "term": "html.settings.return_to_settings",
-    "definition": "Zur\u00fcck zu den Einstellungen",
-    "context": "",
-    "term_plural": "",
-    "reference": "",
-    "comment": ""
-  },
-  {
-    "term": "html.settings.you_can_edit_at_any_time",
-    "definition": "Alle Informationen k\u00f6nnen nachtr\u00e4glich bearbeitet werden.",
+    "definition": "Zurück zu den Einstellungen",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -377,7 +401,7 @@
   },
   {
     "term": "html.settings.your_applications_title",
-    "definition": "Deine Anwendungen (f\u00fcr Programmierer)",
+    "definition": "Deine Anwendungen",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -399,6 +423,14 @@
     "reference": "",
     "comment": ""
   },
+  {
+    "term": "words.website",
+    "definition": "Webseite",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
   {
     "term": "words.deny",
     "definition": "Ablehnen",
@@ -481,7 +513,7 @@
   },
   {
     "term": "words.save_changes",
-    "definition": "\u00c4nderungen Speichern",
+    "definition": "Änderungen Speichern",
     "context": "Text should be placed on a button",
     "term_plural": "",
     "reference": "",
@@ -494,5 +526,189 @@
     "term_plural": "",
     "reference": "",
     "comment": ""
+  },
+  {
+    "term": "words.notifications",
+    "definition": "Benachrichtigungen",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.account_settings",
+    "definition": "Kontoeinstellungen",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.account_security",
+    "definition": "Sicherheitseinstellungen",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.developer_settings",
+    "definition": "Entwicklereinstellungen",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.oauth_apps",
+    "definition": "oAuth Apps",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.your_oauth_apps",
+    "definition": "Your oAuth Apps",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.editing_app",
+    "definition": "Editiere {0}",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "words.username",
+    "definition": "Benutzername",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "words.email_address",
+    "definition": "E-Mail-Ad­res­se",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.form.name_info",
+    "definition": "Dieser Name entspricht immer deinem Namen in Minecraft.\n<br>\nWeitere Infos findest du auf\n{0}.",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.form.email_info",
+    "definition": "Die Angabe einer E-Mail erhöht die Accountsicherheit auf <em>Mc-Auth.com</em>.\n<br>\nWeitere Einstellungen unter {0}.",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.delete_account",
+    "definition": "Konto löschen",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.delete_app",
+    "definition": "App löschen",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.delete_account_warning",
+    "definition": "<strong>Dieser Vorgang löscht deinen Account auf <em>Mc-Auth.com</em> — Dein Minecraft-Account ist von dieser Aktion nicht betroffen.</strong>\n<br>\n<br>\n\nDieser Vorgang wird manuell innerhalb von <em>7 Tagen</em> durchgeführt.\n<br>\nWenn eine E-Mail hinterlegt ist, wirst du über die Löschung informiert.",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.confirm_regenerate_secret",
+    "definition": "Möchten Sie wirklich einen neuen client_secret generieren?",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.subject",
+    "definition": "Bestätigen Sie ihre E-Mail-Adresse",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.greeting",
+    "definition": "Hallo {0},",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.please_confirm",
+    "definition": "Bitte bestätigen Sie ihre E-Mail-Adresse auf Mc-Auth.com.",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.form.email_pending",
+    "definition": "Du hast angefangen {0} als deine E-Mail-Adresse hinzuzufügen.<br>Bitte prüfe deine Postfach, um den Vorgang abzuschließen.",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.signature",
+    "definition": "— Sprax von Mc-Auth.com",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.button_label",
+    "definition": "Addresse bestätigen",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.report_abuse",
+    "definition": "Wenn Sie diese E-Mail nicht angefordert haben, so können Sie diese Nachricht einfach ignorieren.",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.follow_on_twitter",
+    "definition": "Folge {0} auf Twitter",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
   }
 ]
\ No newline at end of file
diff --git a/lang/en.json b/resources/lang/en.json
similarity index 63%
rename from lang/en.json
rename to resources/lang/en.json
index 33dceff..0b88aed 100644
--- a/lang/en.json
+++ b/resources/lang/en.json
@@ -16,8 +16,16 @@
     "comment": ""
   },
   {
-    "term": "html.authorize.app_owner",
-    "definition": "Owner",
+    "term": "html.authorize.app_created_by",
+    "definition": "Created by {0}",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.authorize.app_creation_time",
+    "definition": "Created {0}",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -25,7 +33,7 @@
   },
   {
     "term": "html.authorize.app_wants_access_to",
-    "definition": "{1} wants access to",
+    "definition": "Information that will be shared with <strong>{0}</strong>:",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -33,7 +41,7 @@
   },
   {
     "term": "html.authorize.authorizing_app",
-    "definition": "Authorizing {1}",
+    "definition": "Authorizing {0}",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -41,7 +49,31 @@
   },
   {
     "term": "html.authorize.login_request_from_app",
-    "definition": "Login request from {1}",
+    "definition": "<strong>{0}</strong> would like to verify your Minecraft identity",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.authorize.no_app_description",
+    "definition": "<em>The application owner did not provide any description</em>",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.authorize.always_ask_for_app",
+    "definition": "Always ask for this application",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.authorize.will_redirect_to",
+    "definition": "You will be redirected to",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -105,7 +137,7 @@
   },
   {
     "term": "html.header.logged_in_as",
-    "definition": "Logged in as {1}",
+    "definition": "Logged in as {0}",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -137,7 +169,7 @@
   },
   {
     "term": "html.index.how.content1",
-    "definition": "Are you a developer? Have a look at the {1}.",
+    "definition": "Are you a developer? Have a look at the {0}.",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -153,7 +185,7 @@
   },
   {
     "term": "html.index.how.step1",
-    "definition": "Visit {1}",
+    "definition": "Visit {0}",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -169,7 +201,7 @@
   },
   {
     "term": "html.index.how.step3",
-    "definition": "Start Minecraft and connect to {1}",
+    "definition": "Start Minecraft and connect to {0}",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -217,7 +249,7 @@
   },
   {
     "term": "html.index.what_is.content2",
-    "definition": "Thanks to Mc-Auth.com, third party sites of any kind can provide \u2018Minecraft-Login\u2019 as a safe and secure authentication method.",
+    "definition": "Thanks to Mc-Auth.com, third party sites of any kind can provide ‘Minecraft-Login’ as a safe and secure authentication method.",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -265,7 +297,7 @@
   },
   {
     "term": "html.login.start_minecraft_and_connect",
-    "definition": "Start Minecraft and connect to {1}",
+    "definition": "Start Minecraft and connect to {0}",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -345,7 +377,7 @@
   },
   {
     "term": "html.settings.redirect_uris",
-    "definition": "Redirect URIs (one per line)",
+    "definition": "Redirect URIs (one per line, case sensitive)",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -360,32 +392,32 @@
     "comment": ""
   },
   {
-    "term": "html.settings.you_can_edit_at_any_time",
-    "definition": "You may return and edit this information at any time",
+    "term": "html.settings.you_do_not_have_any_apps",
+    "definition": "You have not created any applications, yet",
     "context": "",
     "term_plural": "",
     "reference": "",
     "comment": ""
   },
   {
-    "term": "html.settings.you_do_not_have_any_apps",
-    "definition": "You have not created any applications, yet",
+    "term": "html.settings.your_applications_title",
+    "definition": "Your applications",
     "context": "",
     "term_plural": "",
     "reference": "",
     "comment": ""
   },
   {
-    "term": "html.settings.your_applications_title",
-    "definition": "Your applications (for developers)",
+    "term": "words.agree",
+    "definition": "Agree",
     "context": "",
     "term_plural": "",
     "reference": "",
     "comment": ""
   },
   {
-    "term": "words.agree",
-    "definition": "Agree",
+    "term": "words.website",
+    "definition": "Website",
     "context": "",
     "term_plural": "",
     "reference": "",
@@ -494,5 +526,189 @@
     "term_plural": "",
     "reference": "",
     "comment": ""
+  },
+  {
+    "term": "html.settings.account_settings",
+    "definition": "Account",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "words.notifications",
+    "definition": "Notifications",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.account_security",
+    "definition": "Account Security",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.developer_settings",
+    "definition": "Developer Settings",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.oauth_apps",
+    "definition": "oAuth Apps",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.your_oauth_apps",
+    "definition": "Your oAuth Apps",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.editing_app",
+    "definition": "Editing {0}",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "words.username",
+    "definition": "Username",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "words.email_address",
+    "definition": "email address",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.form.name_info",
+    "definition": "This name is the same as your name in Minecraft.\n<br>\nMore information at {0}.",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.form.email_info",
+    "definition": "Entering an email increases the account security on <em>Mc-Auth.com</em>.\n<br>\nFurther options at {0}.",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.form.email_pending",
+    "definition": "You've requested adding {0} as your email address.<br>Please check your mails to confirm it.",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.delete_account",
+    "definition": "Delete account",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.delete_app",
+    "definition": "Delete app",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.delete_account_warning",
+    "definition": "<strong>This deletes your account on <em>Mc-Auth.com</em> — Your Minecraft account stays unaffacted.</strong>\n<br>\n<br>\n\nThis process is done manually and may require up to <em>7 days</em>.\n<br>\nIf you've provided an email address, you'll be notified about the successfull deletion.",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "html.settings.confirm_regenerate_secret",
+    "definition": "Do you really want to generate a new client_secret?",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.subject",
+    "definition": "Confirm your email address",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.greeting",
+    "definition": "Greetings {0},",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.please_confirm",
+    "definition": "Please confirm your email address on Mc-Auth.com.",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.signature",
+    "definition": "— Sprax from Mc-Auth.com",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.button_label",
+    "definition": "Confirm address",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.report_abuse",
+    "definition": "If you did not request this email, you can simply ignore it.",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
+  },
+  {
+    "term": "email.confirm_email.follow_on_twitter",
+    "definition": "Follow {0} on Twitter",
+    "context": "",
+    "term_plural": "",
+    "reference": "",
+    "comment": ""
   }
 ]
\ No newline at end of file
diff --git a/html/_footer.html b/resources/web/dynamic/_footer.html
similarity index 77%
rename from html/_footer.html
rename to resources/web/dynamic/_footer.html
index 93b4c38..8f7ecfe 100644
--- a/html/_footer.html
+++ b/resources/web/dynamic/_footer.html
@@ -1,10 +1,10 @@
-<footer class="footer mt-auto py-3 ?{DarkTheme:bg-dark?:bg-light?}" id="footer">
+<footer class="footer mt-auto py-3 <%2- con.isDarkTheme ? 'bg-dark' : 'bg-light' -%2>" id="footer">
   <div class="container-fluid" style="font-size: 80%;font-weight: 400">
     <div class="row" style="align-items: center; text-align: center">
       <div class="col-sm">
-        <a href="${URL_BASE}/legal">${LOC:html.footer.legal_info}</a>
+        <a href="<%1- global.url.baseLocalized -%1>/legal"><%1- loc.getString(langKey, 'html.footer.legal_info') -%1></a>
         |
-        <a href="${URL_BASE}/privacy">${LOC:html.footer.legal_data_protection}</a>
+        <a href="<%1- global.url.baseLocalized -%1>/privacy"><%1- loc.getString(langKey, 'html.footer.legal_data_protection') -%1></a>
       </div>
 
       <div class="col-sm">
@@ -13,19 +13,19 @@
 
       <div class="col-sm">
         <a href="https://sprax.me/discord">
-          <i class="fab fa-discord" aria-hidden="true"></i> ${LOC:html.footer.support_on_discord}
+          <i class="fab fa-discord" aria-hidden="true"></i> <%1- loc.getString(langKey, 'html.footer.support_on_discord') -%1>
         </a>
       </div>
 
       <div class="col-sm">
-        <a href="${URL_DOCS}"><i class="fas fa-book" aria-hidden="true"></i> ${LOC:words.documentation}</a>
+        <a href="<%0- global.url.docs -%0>"><i class="fas fa-book" aria-hidden="true"></i> <%1- loc.getString(langKey, 'words.documentation') -%1></a>
       </div>
 
       <div class="col-sm">
         <a class="btn btn-primary"
           style="font-size: 90%;background-color: #e85b46; border: 1px solid rgb(232, 91, 70);border-radius: 25px;width: 11rem"
           href="https://www.patreon.com/bePatron?u=11714503&redirect_uri=https%3A%2F%2Fmc-auth.com%2F" role="button">
-          <i class="fab fa-patreon" aria-hidden="true"></i> ${LOC:html.footer.become_patron}
+          <i class="fab fa-patreon" aria-hidden="true"></i> <%1- loc.getString(langKey, 'html.footer.become_patron') -%1>
         </a>
       </div>
     </div>
diff --git a/resources/web/dynamic/_head.html b/resources/web/dynamic/_head.html
new file mode 100644
index 0000000..601f154
--- /dev/null
+++ b/resources/web/dynamic/_head.html
@@ -0,0 +1,64 @@
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+
+<link rel="apple-touch-icon" sizes="180x180" href="<%0- global.url.static -%0>/img/favicon/apple-touch-icon.png">
+<link rel="icon" type="image/png" sizes="32x32" href="<%0- global.url.static -%0>/img/favicon/favicon-32x32.png">
+<link rel="icon" type="image/png" sizes="16x16" href="<%0- global.url.static -%0>/img/favicon/favicon-16x16.png">
+<link rel="manifest" href="<%0- global.url.static -%0>/img/favicon/site.webmanifest">
+<link rel="mask-icon" href="<%0- global.url.static -%0>/img/favicon/safari-pinned-tab.svg" color="#603cba">
+<link rel="shortcut icon" href="<%0- global.url.static -%0>/img/favicon/favicon.ico">
+<meta name="msapplication-TileColor" content="#603cba">
+<meta name="msapplication-config" content="<%0- global.url.static -%0>/img/favicon/browserconfig.xml">
+<meta name="theme-color" content="#ffffff">
+
+<meta name="author" content="Sprax (Christian Koop)">
+
+<meta name="twitter:title" content="Mc-Auth.com — Minecraft Authentication made easy">
+<meta name="twitter:description"
+  content="Mc-Auth.com allows users to securely login with their Minecraft accounts without ever needing to enter their account password.">
+<meta name="twitter:url" content="<%1- global.url.baseLocalized -%1>">
+<meta name="twitter:image" content="<%0- global.url.static -%0>/assets/img/Logo_HD.png">
+<meta name="twitter:card" content="summary">
+<meta name="twitter:site" content="@SpraxDev">
+<meta name="twitter:creator" content="@SpraxDev">
+
+<meta property="og:type" content="website">
+<meta property="og:title" content="Mc-Auth.com — Minecraft Authentication made easy">
+<meta property="og:site_name" content="Mc-Auth.com">
+<meta property="og:description"
+content="Mc-Auth.com allows users to securely login with their Minecraft accounts without ever needing to enter their account password.">
+<meta property="og:image" content="<%0- global.url.static -%0>/assets/img/Logo_HD.png">
+<meta property="og:image:width" content="1440">
+<meta property="og:image:height" content="1440">
+<meta property="og:url" content="<%1- global.url.baseLocalized -%1>">
+<meta property="og:locale" content="en_EN"> <!-- TODO: Translate OpenGraph too -->
+<%1 for (const langKey in loc.languages) { _%1>
+  <meta property="og:locale:alternate" content="<%1- langKey -%1>_<%1- langKey.toUpperCase() -%1>"> <!-- TODO: Use 'language_TERRITORY' instead -->
+<%1 } -%1>
+
+<script type="application/ld+json">
+  {
+  "@context": "http://schema.org",
+  "@type": "Organization",
+  "url": "<%0- global.url.base -%0>",
+  "logo": "<%0- global.url.static -%0>/assets/img/Logo_HD.png"
+  }
+</script>
+
+<script src="<%0- global.url.static -%0>/script.js"></script>
+
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css"
+  integrity="sha256-L/W5Wfqfa0sdBNIKN9cG6QA5F2qx4qICmU2VgLruv9Y=" crossorigin="anonymous">
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.0-1/css/all.min.css"
+  integrity="sha256-4w9DunooKSr3MFXHXWyFER38WmPdm361bQS/2KUWZbU=" crossorigin="anonymous">
+
+<!-- https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 -->
+<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.4.3/css/flag-icon.min.css"
+  integrity="sha256-NkXMfPcpoih3/xWDcrJcAX78pHpfwxkhNj0bAf8AMTs=" crossorigin="anonymous">
+
+<link rel="stylesheet" href="<%0- global.url.static -%0>/style.css">
+
+<%1 for (const langKey in loc.languages) { _%1>
+  <link rel="alternate" hreflang="<%1- langKey -%1>" href="<%2- currLocalizedURL['<%1- langKey -%1>'] -%2>">
+<%1 } -%1>
+<link rel="alternate" hreflang="x-default" href="<%2- currNonLocalizedURL -%2>">
\ No newline at end of file
diff --git a/resources/web/dynamic/_header.html b/resources/web/dynamic/_header.html
new file mode 100644
index 0000000..b050e76
--- /dev/null
+++ b/resources/web/dynamic/_header.html
@@ -0,0 +1,64 @@
+<header>
+  <nav class="navbar navbar-expand-md <%2- con.isDarkTheme ? 'navbar-dark bg-dark' : 'navbar-light bg-light' -%2>" id="headerMenu">
+    <a class="navbar-brand" style="color: #7952B3" href="<%1- global.url.baseLocalized -%1>">
+      <img src="https://mc-auth.com/assets/img/Logo.svg" style="height:2.5rem; width: auto" alt="<%1- loc.getString(langKey, 'words.logo') -%1>">
+      Minecraft Authentication
+      <small style="font-size: 60%">Made easy</small>
+    </a>
+
+    <div class="navbar-collapse">
+      <ul class="navbar-nav mr-auto"></ul>
+
+      <ul class="navbar-nav" style="align-items: center">
+        <%2 if(con.isLoggedIn) { %2>
+          <li class="nav-item dropdown">
+            <a class="nav-link dropdown-toggle" href="#" id="profileDropdown" role="button" data-toggle="dropdown"
+              aria-haspopup="true" aria-expanded="false">
+              <%1- loc.getString(langKey, 'html.header.logged_in_as') -%1>
+              <img src="https://api.sprax2013.de/mc/skin/<%2- con.mcProfile.id -%2>/head?size=64"
+              style="width: auto; height: 2.5rem; border-radius: 25px; border: 3px solid #F27405"
+              alt="<%1- loc.getString(langKey, 'html.header.your_minecraft_face') -%1>"
+              height="64px" width="64px">
+            </a>
+
+            <div class="dropdown-menu" aria-labelledby="profileDropdown">
+              <a class="dropdown-item" href="<%1- global.url.baseLocalized -%1>/settings">
+                <i class="fas fa-cog" aria-hidden="true"></i> <%1- loc.getString(langKey,  'words.settings') -%1>
+              </a>
+              <a class="dropdown-item" href="<%1- global.url.baseLocalized -%1>/logout?return=<%2- encodeURIComponent(con.currPath) -%2>">
+                <i class="fas fa-sign-out-alt" aria-hidden="true"></i> <%1- loc.getString(langKey, 'words.logout') -%1>
+              </a>
+            </div>
+          </li>
+        <%2 } else { %2>
+          <li class="nav-item">
+            <a class="nav-link" href="<%1- global.url.baseLocalized -%1>/login?return=<%2- encodeURIComponent(con.currPath) -%2>">
+              <%1- loc.getString(langKey, 'words.login') -%1>
+            </a>
+          </li>
+        <%2 } %2>
+
+        <li class="nav-item">
+          <a class="nav-link" href="#" onclick="toggleDarkMode(event)" aria-label="<%1- loc.getString(langKey, 'html.header.toggle_dark_theme') -%1>">
+            <i class="far fa-moon fa-lg" aria-hidden="true"></i>
+          </a>
+        </li>
+
+        <li class="nav-item dropdown">
+          <a class="nav-link dropdown-toggle" href="#" id="langDropdown" role="button" data-toggle="dropdown"
+            aria-haspopup="true" aria-expanded="false" aria-label="<%1- loc.getString(langKey, 'html.header.open_language_selection') -%1>">
+            <i class="fas fa-language fa-lg" aria-hidden="true"></i>
+          </a>
+
+          <div class="dropdown-menu dropdown-menu-right langDropdown" aria-labelledby="langDropdown">
+            <%1 for (const langKey in loc.languages) { %1>
+              <a class="dropdown-item" href="<%2- currLocalizedURL['<%1- langKey -%1>'] -%2>">
+                <!-- <span class="flag-icon flag-icon-de"></span> --> <%1- langKey -%1>
+              </a>
+            <%1 } %1>
+          </div>
+        </li>
+      </ul>
+    </div>
+  </nav>
+</header>
\ No newline at end of file
diff --git a/resources/web/dynamic/authorize.html b/resources/web/dynamic/authorize.html
new file mode 100644
index 0000000..7341978
--- /dev/null
+++ b/resources/web/dynamic/authorize.html
@@ -0,0 +1,126 @@
+<!DOCTYPE html>
+<html lang="<%1- langKey -%1>" class="h-100">
+
+<head>
+  <%0- _HEAD -%0>
+
+  <title><%1- loc.getString(langKey, 'html.authorize.authorizing_app') -%1> | Mc-Auth.com</title>
+
+  <script>
+    // Force page-reload when using browser-pageinator to get to this page (regenerate Grant-ID)
+    window.addEventListener('pageshow', (e) => {
+      if (historyTraversal = e.persisted ||
+        (window.performance &&
+          window.performance.navigation.type === 2)) {
+        window.location.reload();
+      }
+    });
+  </script>
+  </style>
+</head>
+
+<body class="d-flex flex-column h-100 <%2- con.isDarkTheme ? 'dark-body text-light' : '' -%2>">
+  <%0- _HEADER -%0>
+
+  <main>
+    <div class="container">
+      <div class="text-center">
+        <img src="<%2- page.apps[0].iconID ?
+          `<%0- global.url.base -%0>/uploads/${page.apps[0].iconID}.png` :
+          `<%0- global.url.static -%0>/uploads/default.png` -%2>"
+          class="img-fluid" height="128px" width="128px"
+          alt="<%1- loc.getString(langKey, 'html.authorize.app_logo') -%1>">
+        <h3><%1- loc.getString(langKey, 'html.authorize.login_request_from_app') -%1></h3>
+      </div>
+
+      <div class="row">
+        <div class="col-3"></div>
+
+        <div class="col">
+          <div class="appCard">
+            <p class="text-center">
+              <%2 if(page.apps[0].description) { %2>
+                <%2- page.apps[0].description.replace(/\u003C/g, '&lt;')
+                                              .replace(/\u003E/g, '&gt;')
+                                              .replace(/\n/g,'<br>\n') -%2>
+              <%2 } else { %2>
+                <%1- loc.getString(langKey, 'html.authorize.no_app_description') -%1>
+              <%2 } %2>
+            </p>
+
+            <div class="row">
+              <div class="col">
+                <div class="float-right">
+                  <img width="24px" height="24px" src="https://api.sprax2013.de/mc/skin/<%2- page.apps[0].owner -%2>/head?size=24">
+                  <%1- loc.getString(langKey, 'html.authorize.app_created_by') -%1>
+                </div>
+              </div>
+
+              <div class="col">
+                <img width="24px" height="24px" src="<%0- global.url.static -%0>/img/icons/clock.svg">
+                <%1- loc.getString(langKey, 'html.authorize.app_creation_time') -%1>
+              </div>
+
+              <!-- <div class="col">
+                <img width="24px" height="24px" src="<%0- global.url.static -%0>/img/icons/users.svg">
+                over/less than X users
+              </div> -->
+            </div>
+
+            <hr>
+
+            <div>
+              <p class="text-center"><%1- loc.getString(langKey, 'html.authorize.app_wants_access_to') -%1></p>
+
+              <img class="float-left" style="margin-right: 1rem" width="48px" height="48px" src="<%0- global.url.static -%0>/img/icons/globe.svg">
+              <p class="text-left">
+                <%1- loc.getString(langKey, 'html.authorize.scope.profile') -%1>
+                <br>
+                <em class="text-muted"><%1- loc.getString(langKey, 'html.authorize.scope.profile.note') -%1></em>
+                <!-- TODO: Add '...'-Button that shows/hides example data with explaination on hover that is sent (depends on "scope=profile" or "scope=") -->
+              </p>
+            </div>
+
+            <hr>
+
+            <form method="POST">
+              <input type="text" name="authenticity_token" value="<%2- page.grant.id -%2>" hidden>
+              <input type="text" name="client_id" value="<%2- page.grant.appId -%2>" hidden>
+              <input type="text" name="state" value="<%2- page.grant.state || '' -%2>" hidden>
+
+              <div class="form-check text-center">
+                <input class="form-check-input" type="checkbox" name="alwaysAskForApp" id="alwaysAskForApp" value="1" disabled>
+                <label class="form-check-label" for="alwaysAskForApp"><%1- loc.getString(langKey, 'html.authorize.always_ask_for_app') -%1> (Coming soon)</label>
+              </div>
+
+              <br>
+
+              <div class="row">
+                <div class="col">
+                  <button type="submit" name="result" value="0" class="btn btn-danger float-right"><%1- loc.getString(langKey, 'words.deny') -%1></button>
+                </div>
+
+                <div class="col">
+                  <button type="submit" name="result" value="1" class="btn btn-success float-left"><%1- loc.getString(langKey, 'words.agree') -%1></button>
+                </div>
+              </div>
+            </form>
+
+            <br>
+
+            <p class="text-center small">
+              <%1- loc.getString(langKey, 'html.authorize.will_redirect_to') -%1>
+              <br>
+              <strong><%2- new URL(page.grant.redirectUri).origin -%2></strong>
+            </p>
+          </div>
+        </div>
+
+        <div class="col-3"></div>
+      </div>
+  </main>
+
+  <%0- _FOOTER -%0>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/resources/web/dynamic/demo.html b/resources/web/dynamic/demo.html
new file mode 100644
index 0000000..41d8630
--- /dev/null
+++ b/resources/web/dynamic/demo.html
@@ -0,0 +1,50 @@
+<!DOCTYPE html>
+<html lang="<%1- langKey -%1>" class="h-100">
+
+<head>
+  <%0- _HEAD -%0>
+
+  <title>Demo | Mc-Auth.com</title>
+</head>
+
+<body class="d-flex flex-column h-100 <%2- con.isDarkTheme ? 'dark-body text-light' : '' -%2>">
+  <%0- _HEADER -%0>
+
+  <main>
+    <div class="container">
+      <%2 if(page.demo.err) { %2>
+        <div class="alert alert-danger alert-dismissible fade show" role="alert">
+          <p><strong>Error</strong>: <%2- page.demo.err.name -%2></p>
+          <p><strong>Error-Description</strong>: <%2- page.demo.err.info || '<em>-</em>' -%2></p>
+
+          <button type="button" class="close" data-dismiss="alert" aria-label="Close">
+            <span aria-hidden="true">&times;</span>
+          </button>
+        </div>
+      <%2 } %2>
+
+      <%2 if(page.demo.mcProfile) { %2>
+        <h2>You are logged into this demo application!</h2>
+        <a class="btn btn-primary" href="<%1- global.url.baseLocalized -%1>/demo/logout" role="button">Logout</a>
+
+        <br><br>
+
+        <!-- TODO: New layout: 'You are\n${SKIN_IMG}\n${Username}\n${UUID}' -->
+        <p><strong>Username</strong>: <%2- page.demo.mcProfile.name -%2></p>
+        <p><strong>UUID</strong>: <%2- page.demo.mcProfile.id -%2></p>
+
+        <p>
+          <strong>Skin</strong>:
+          <img src="https://api.sprax2013.de/mc/skin/<%2- page.demo.mcProfile.id -%2>/body?size=64" alt="Your Minecraft-Skin">
+        </p>
+      <%2 } else { %2>
+        <h2>You are <strong>not</strong> logged into this demo application!</h2>
+        <a class="btn btn-primary" href="<%1- global.url.baseLocalized -%1>/demo/login" role="button">Login using Mc-Auth.com</a>
+      <%2 } %2>
+    </div>
+  </main>
+
+  <%0- _FOOTER -%0>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/resources/web/dynamic/index.html b/resources/web/dynamic/index.html
new file mode 100644
index 0000000..7356842
--- /dev/null
+++ b/resources/web/dynamic/index.html
@@ -0,0 +1,60 @@
+<!DOCTYPE html>
+<html lang="<%1- langKey -%1>" class="h-100">
+
+<head>
+  <%0- _HEAD -%0>
+
+  <title>Mc-Auth.com — Easy Minecraft Authentication</title>
+</head>
+
+
+<body class="d-flex flex-column h-100 <%2- con.isDarkTheme ? 'dark-body text-light' : '' -%2>">
+  <%0- _HEADER -%0>
+
+  <main>
+    <div class="container">
+      <h2><%1- loc.getString(langKey, 'html.index.what_is.title') -%1></h2>
+      <p>
+        <%1- loc.getString(langKey, 'html.index.what_is.content1') -%1>
+      </p>
+      <p>
+        <%1- loc.getString(langKey, 'html.index.what_is.content2') -%1>
+      </p>
+
+      <h2><%1- loc.getString(langKey, 'html.index.how.title') -%1></h2>
+      <p>
+        <em><%1- loc.getString(langKey, 'html.index.how.content1') -%1></em>
+      </p>
+
+      <ol>
+        <li><%1- loc.getString(langKey, 'html.index.how.step1') -%1></li>
+        <li><%1- loc.getString(langKey, 'html.index.how.step2') -%1></li>
+        <li><%1- loc.getString(langKey, 'html.index.how.step3') -%1></li>
+        <li><%1- loc.getString(langKey, 'html.index.how.step4') -%1><br><br></li>
+
+        <li><%1- loc.getString(langKey, 'html.index.how.step5') -%1></li>
+      </ol>
+
+      <h2><a href="<%1- global.url.baseLocalized -%1>/demo"><u><%1- loc.getString(langKey, 'html.index.how.content2') -%1></u></a></h2>
+    </div>
+
+    <hr>
+
+    <h2 style="text-align: center">
+      <%1- loc.getString(langKey, 'html.index.used_by') -%1>
+    </h2>
+    <br>
+
+    <div class="text-center">
+      <img src="<%0- global.url.static -%0>/assets/img/SkinDB.svg" style="max-height: 150px; max-width: 150px"
+        class="img-fluid rounded" alt="SkinDB.net Logo">
+
+      <img src="<%0- global.url.static -%0>/assets/img/CherryBread_Network.jpg" style="max-height: 150px; max-width: 150px"
+        class="img-fluid rounded" alt="CherryBread-Network Logo">
+    </div>
+  </main>
+
+  <%0- _FOOTER -%0>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/html/legal.html b/resources/web/dynamic/legal.html
similarity index 86%
rename from html/legal.html
rename to resources/web/dynamic/legal.html
index 8ac9bad..651f8d5 100644
--- a/html/legal.html
+++ b/resources/web/dynamic/legal.html
@@ -1,37 +1,36 @@
 <!DOCTYPE html>
-<html lang="de" class="h-100">
+<html lang="<%1- 'de' || langKey /* currently only in german */ -%1>" class="h-100">
 
 <head>
-  <meta charset="UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-
-  ${HTML_HEAD_TOP}
+  <%0- _HEAD -%0>
 
   <title>Impressum | Mc-Auth.com</title>
-
-  ${HTML_HEAD_BOTTOM}
 </head>
 
-<body class="d-flex flex-column h-100 ?{DarkTheme:dark-body text-light?:?}">
-  ${HTML_HEADER}
+<body class="d-flex flex-column h-100 <%2- con.isDarkTheme ? 'dark-body text-light' : '' -%2>">
+  <%0- _HEADER -%0>
 
-  <main style="margin-bottom: 2rem">
+  <main>
     <div class="container text-center">
       <h2>
         <u>Impressum</u>
       </h2>
       <br>
+
       <h3>Angaben gemäß § 5 TMG:</h3>
       Christian Koop<br>
-      Moltkestraße, 24<br>
-      64295 Darmstadt<br>
+      Neuer Weg, 10<br>
+      63853 Mömlingen<br>
       <br>
+
       E-Mail: <a href="mailto:developer@sprax2013.de">developer@sprax2013.de</a><br>
       <br><br>
+
       <h2>
         <u>Disclaimer</u>
       </h2>
       <br>
+
       <h3>Haftung für Inhalte</h3>
       Als Diensteanbieter sind wir gemäß § 7 Abs.1 TMG für eigene Inhalte auf diesen Seiten nach den allgemeinen
       Gesetzen verantwortlich. Nach § 8 bis 10 TMG sind wir als Diensteanbieter jedoch nicht verpflichtet,
@@ -43,6 +42,7 @@ <h3>Haftung für Inhalte</h3>
       möglich. Bei Bekanntwerden von entsprechenden Rechtsverletzungen werden wir diese Inhalte umgehend
       entfernen.
       <br><br>
+
       <h3>Haftung für Links</h3>
       Unser Angebot enthält Links zu externen Webseiten Dritter, auf deren Inhalte wir keinen Einfluss haben.
       Deshalb können wir für diese fremden Inhalte auch keine Gewähr übernehmen. Für die Inhalte der verlinkten
@@ -53,6 +53,7 @@ <h3>Haftung für Links</h3>
       der verlinkten Seiten ist jedoch ohne konkrete Anhaltspunkte einer Rechtsverletzung nicht zumutbar. Bei
       Bekanntwerden von Rechtsverletzungen werden wir derartige Links umgehend entfernen.
       <br><br>
+
       <h3>Urheberrecht</h3>
       Die durch die Seitenbetreiber erstellten Inhalte und Werke auf diesen Seiten unterliegen dem deutschen
       Urheberrecht. Die Vervielfältigung, Bearbeitung, Verbreitung und jede Art der Verwertung außerhalb der
@@ -65,13 +66,14 @@ <h3>Urheberrecht</h3>
       Bekanntwerden von
       Rechtsverletzungen werden wir derartige Inhalte umgehend entfernen.
       <br><br>
-      <em>Quelle: <a href="https://www.erecht24.de/impressum-generator.html" target="_blank"
+      <em>
+        Quelle: <a href="https://www.erecht24.de/impressum-generator.html" target="_blank"
           rel="noopener noreferrer">https://www.e-recht24.de/impressum-generator.html</a>
       </em>
     </div>
   </main>
 
-  ${HTML_FOOTER}
+  <%0- _FOOTER -%0>
 </body>
 
 </html>
\ No newline at end of file
diff --git a/resources/web/dynamic/login.html b/resources/web/dynamic/login.html
new file mode 100644
index 0000000..51c046b
--- /dev/null
+++ b/resources/web/dynamic/login.html
@@ -0,0 +1,107 @@
+<!DOCTYPE html>
+<html lang="<%1- langKey -%1>" class="h-100">
+
+<head>
+  <%0- _HEAD -%0>
+
+  <link rel="canonical" href="<%1- global.url.baseLocalized -%1>/login">
+
+  <title><%1- loc.getString(langKey, 'words.login') -%1> | Mc-Auth.com</title>
+
+  <%0- /* -%0>
+  <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.0/animate.min.css"
+    integrity="sha512-kb1CHTNhoLzinkElTgWn246D6pX22xj8jFNKsDmVwIQo+px7n1yjJUZraVuR/ou6Kmgea4vZXZeUDbqKtXkEMg=="
+    crossorigin="anonymous">
+  <%0- */ -%0>
+
+  <%2 if(con.isLoggedIn) { %2>
+    <script src="<%0- global.url.static -%0>/script-login.js"></script>
+  <%2 } %2>
+</head>
+
+<body class="d-flex flex-column h-100 <%2- con.isDarkTheme ? 'dark-body text-light' : '' -%2>">
+  <%0- _HEADER -%0>
+
+  <main>
+    <div class="container text-center">
+      <h2>
+        <u><%1- loc.getString(langKey, 'words.login') -%1></u>
+      </h2>
+
+      <div class="row">
+        <div class="col"></div>
+
+        <div class="col">
+          <div class="appCard">
+            <%2 if(con.isLoggedIn) { %2>
+              <p><%1- loc.getString(langKey, 'html.login.already_logged_in') -%1></p>
+
+              <ul>
+                <li><a href="<%1- global.url.baseLocalized -%1>"><%1- loc.getString(langKey, 'words.frontpage') -%1></a><br><br></li>
+                <li><a href="<%1- global.url.baseLocalized -%1>/settings"><%1- loc.getString(langKey, 'words.settings') -%1></a></li>
+                <li><a href="<%1- global.url.baseLocalized -%1>/logout"><%1- loc.getString(langKey, 'words.logout') -%1></a></li>
+              </ul>
+            <%2 } else { %2>
+              <!-- TODO: show minecraft head of entered username -->
+              <form method="POST">
+                <div class="form-group" id="form1">
+                  <label for="username"><%1- loc.getString(langKey, 'html.login.your_minecraft_name') -%1></label>
+
+                  <div class="input-group">
+                    <div class="input-group-prepend">
+                      <span class="input-group-text"><i class="fas fa-user" aria-hidden="true"></i></span>
+                    </div>
+
+                    <input type="text" class="form-control" id="username" name="username" placeholder="Username" required>
+                  </div>
+                </div>
+
+                <div class="form-group <%0- // animated slideInUp hidden -%0>" id="form2">
+                  <hr>
+
+                  <p>
+                    <%1- loc.getString(langKey, 'html.login.start_minecraft_and_connect') -%1>
+
+                    <button type="button" class="btn btn-sm btn-outline-info"
+                      onclick="copyToClipboard(this, '<%0- global.url.mcServer -%0>')"
+                      aria-label="<%1- loc.getString(langKey, 'html.login.click_to_copy_minecraft_host_to_clipboard') -%1>"><i class="far fa-clipboard"
+                        aria-hidden="true"></i></button>
+
+                    <br>
+                    <%1- loc.getString(langKey, 'html.login.kicked_with_code') -%1>
+                  </p>
+
+                  <label for="otp"><%1- loc.getString(langKey, 'html.login.six_digit_code') -%1></label>
+                  <div class="input-group">
+                    <div class="input-group-prepend">
+                      <span class="input-group-text"><i class="fas fa-key" aria-hidden="true"></i></span>
+                    </div>
+
+                    <input type="text" class="form-control" id="otp" name="otp" placeholder="123 456" minlength="6"
+                      maxlength="7" autocomplete="off" required>
+                  </div>
+                </div>
+
+                <hr>
+                <br>
+
+                <div class="form-group form-check">
+                  <input type="checkbox" checked class="form-check-input" id="keepLogin" name="keepLogin">
+                  <label class="form-check-label" for="keepLogin"><%1- loc.getString(langKey, 'html.login.stay_logged_in') -%1></label>
+                </div>
+
+                <button type="submit" class="btn btn-primary" id="submitBtn"><%1- loc.getString(langKey, 'words.next') -%1> »</button>
+              </form>
+            <%2 } %2>
+          </div>
+        </div>
+
+        <div class="col"></div>
+      </div>
+    </div>
+  </main>
+
+  <%0- _FOOTER -%0>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/resources/web/dynamic/privacy.html b/resources/web/dynamic/privacy.html
new file mode 100644
index 0000000..d9669eb
--- /dev/null
+++ b/resources/web/dynamic/privacy.html
@@ -0,0 +1,170 @@
+<!DOCTYPE html>
+<html lang="<%1- 'de' || langKey /* currently only in german */ -%1>" class="h-100">
+
+<head>
+  <%0- _HEAD -%0>
+
+  <title>Datenschutz | Mc-Auth.com</title>
+</head>
+
+<body class="d-flex flex-column h-100 <%2- con.isDarkTheme ? 'dark-body text-light' : '' -%2>">
+  <%0- _HEADER -%0>
+
+  <main>
+    <div class="container text-center">
+      <h2>
+        <u>Datenschutzerklärung</u>
+      </h2>
+
+      <p>Die Betreiber dieser Seiten nehmen
+        den Schutz Ihrer persönlichen Daten sehr ernst. Wir behandeln Ihre personenbezogenen Daten
+        vertraulich und entsprechend der gesetzlichen Datenschutzvorschriften sowie dieser
+        Datenschutzerklärung.</p>
+      <p>Die Nutzung unserer Website ist in der Regel ohne Angabe
+        personenbezogener Daten möglich. Soweit auf unseren Seiten personenbezogene Daten
+        (beispielsweise Name, Anschrift oder E-Mail-Adressen) erhoben werden, erfolgt dies, soweit
+        möglich, stets auf freiwilliger Basis. Diese Daten werden ohne Ihre ausdrückliche Zustimmung
+        nicht an Dritte weitergegeben.</p>
+      <p>Wir weisen darauf hin, dass die Datenübertragung im Internet
+        (z.B. bei der Kommunikation per E-Mail) Sicherheitslücken aufweisen kann. Ein lückenloser
+        Schutz der Daten vor dem Zugriff durch Dritte ist nicht möglich.</p>
+      <p>&nbsp;</p>
+
+      <h2>Cookies</h2>
+      <p>Die Internetseiten verwenden teilweise so genannte Cookies. Cookies richten auf
+        Ihrem Rechner keinen Schaden an und enthalten keine Viren. Cookies dienen dazu, unser Angebot
+        nutzerfreundlicher, effektiver und sicherer zu machen. Cookies sind kleine Textdateien, die auf Ihrem
+        Rechner abgelegt werden und die Ihr Browser speichert.</p>
+      <p>Die meisten der von uns verwendeten
+        Cookies sind so genannte „Session-Cookies“. Sie werden nach Ende Ihres Besuchs automatisch
+        gelöscht. Andere Cookies bleiben auf Ihrem Endgerät gespeichert, bis Sie diese löschen.
+        Diese Cookies ermöglichen es uns, Ihren Browser beim nächsten Besuch
+        wiederzuerkennen.</p>
+      <p>Sie können Ihren Browser so einstellen, dass Sie über das Setzen
+        von Cookies informiert werden und Cookies nur im Einzelfall erlauben, die Annahme von Cookies für
+        bestimmte Fälle oder generell ausschließen sowie das automatische Löschen der
+        Cookies beim Schließen des Browser aktivieren. Bei der Deaktivierung von Cookies kann die
+        Funktionalität dieser Website eingeschränkt sein.</p>
+      <p>&nbsp;</p>
+
+      <h2>Server-Log-Files</h2>
+      <p>Der Provider der Seiten erhebt und speichert automatisch Informationen in so genannten
+        Server-Log Files, die Ihr Browser automatisch an uns übermittelt. Dies sind:</p>
+      <ul>
+        <li>Browsertyp und Browserversion</li>
+        <li>verwendetes Betriebssystem</li>
+        <li>Referrer URL</li>
+        <li>Hostname des zugreifenden Rechners</li>
+        <li>Uhrzeit der Serveranfrage</li>
+      </ul>
+      <p>Diese Daten
+        sind nicht bestimmten Personen zuordenbar. Eine Zusammenführung dieser Daten mit anderen
+        Datenquellen wird nicht vorgenommen. Wir behalten uns vor, diese Daten nachträglich zu
+        prüfen, wenn uns konkrete Anhaltspunkte für eine rechtswidrige Nutzung bekannt
+        werden.</p>
+      <p>&nbsp;</p>
+
+      <h2>Kontaktformular</h2>
+      <p>Wenn Sie uns per Kontaktformular Anfragen
+        zukommen lassen, werden Ihre Angaben aus dem Anfrageformular inklusive der von Ihnen dort
+        angegebenen Kontaktdaten zwecks Bearbeitung der Anfrage und für den Fall von Anschlussfragen
+        bei uns gespeichert. Diese Daten geben wir nicht ohne Ihre Einwilligung weiter.</p>
+      <p>&nbsp;</p>
+
+      <h2>Google Analytics</h2>
+      <p>Diese
+        Website nutzt Funktionen des Webanalysedienstes Google Analytics. Anbieter ist die Google Inc., 1600
+        Amphitheatre Parkway Mountain View, CA 94043, USA.</p>
+      <p>Google Analytics verwendet so genannte
+        "Cookies". Das sind Textdateien, die auf Ihrem Computer gespeichert werden und die eine
+        Analyse der Benutzung der Website durch Sie ermöglichen. Die durch den Cookie erzeugten
+        Informationen über Ihre Benutzung dieser Website werden in der Regel an einen Server von Google
+        in den USA übertragen und dort gespeichert.</p>
+      <p><strong>IP Anonymisierung</strong></p>
+      <p>Wir haben auf dieser Website die Funktion IP-Anonymisierung aktiviert. Dadurch wird Ihre IP-Adresse
+        von Google innerhalb von Mitgliedstaaten der Europäischen Union oder in anderen Vertragsstaaten
+        des Abkommens über den Europäischen Wirtschaftsraum vor der übermittlung in die
+        USA gekürzt. Nur in Ausnahmefällen wird die volle IP-Adresse an einen Server von Google in
+        den USA übertragen und dort gekürzt. Im Auftrag des Betreibers dieser Website wird Google
+        diese Informationen benutzen, um Ihre Nutzung der Website auszuwerten, um Reports über die
+        Websiteaktivitäten zusammenzustellen und um weitere mit der Websitenutzung und der
+        Internetnutzung verbundene Dienstleistungen gegenüber dem Websitebetreiber zu erbringen. Die im
+        Rahmen von Google Analytics von Ihrem Browser übermittelte IP-Adresse wird nicht mit anderen
+        Daten von Google zusammengeführt.</p>
+      <p><strong>Browser Plugin</strong></p>
+      <p>Sie können die Speicherung der Cookies durch eine entsprechende Einstellung Ihrer Browser-Software
+        verhindern; wir weisen Sie jedoch darauf hin, dass Sie in diesem Fall gegebenenfalls nicht
+        sämtliche
+        Funktionen dieser Website vollumfänglich werden nutzen können. Sie können
+        darüber hinaus die Erfassung der durch den Cookie erzeugten und auf Ihre Nutzung der Website
+        bezogenen Daten (inkl. Ihrer IP-Adresse) an Google sowie die Verarbeitung dieser Daten durch Google
+        verhindern, indem Sie das unter dem folgenden Link verfügbare Browser-Plugin herunterladen und
+        installieren: <a href="https://tools.google.com/dlpage/gaoptout?hl=de" target="_blank"
+          rel="noopener noreferrer">https://tools.google.com/dlpage/gaoptout?hl=de</a></p>
+      <p><strong>Widerspruch gegen Datenerfassung</strong></p>
+      <p>Mehr Informationen zum Umgang mit Nutzerdaten bei Google Analytics finden Sie in der
+        Datenschutzerklärung von Google:
+        <a href="https://support.google.com/analytics/answer/6004245?hl=de" target="_blank"
+          rel="noopener noreferrer">https://support.google.com/analytics/answer/6004245?hl=de</a></p>
+      <p><strong>Auftragsdatenverarbeitung</strong></p>
+      <p>Wir haben mit Google einen Vertrag zur Auftragsdatenverarbeitung abgeschlossen und setzen die
+        strengen Vorgaben der deutschen Datenschutzbehörden bei der Nutzung von Google Analytics
+        vollständig um.</p>
+      <p><strong>Demografische Merkmale bei Google Analytics</strong></p>
+      <p>Diese Website nutzt die Funktion “demografische Merkmale” von Google Analytics.
+        Dadurch können Berichte erstellt werden, die Aussagen zu Alter, Geschlecht und Interessen der
+        Seitenbesucher enthalten. Diese Daten stammen aus interessenbezogener Werbung von Google sowie
+        aus Besucherdaten von Drittanbietern. Diese Daten können keiner bestimmten Person zugeordnet
+        werden. Sie können diese Funktion jederzeit über die Anzeigeneinstellungen in Ihrem Google-
+        Konto deaktivieren oder die Erfassung Ihrer Daten durch Google Analytics wie im Punkt
+        “Widerspruch gegen Datenerfassung” dargestellt generell untersagen.</p>
+      <p>&nbsp;</p>
+
+      <h2>Kommentarfunktion auf dieser Website</h2>
+      <p>Für die Kommentarfunktion auf dieser Seite
+        werden neben Ihrem Kommentar auch Angaben zum Zeitpunkt der Erstellung des Kommentars, Ihre E-
+        Mail-Adresse und, wenn Sie nicht anonym posten, der von Ihnen gewählte Nutzername
+        gespeichert.</p>
+      <p><strong>Speicherung der IP Adresse</strong></p>
+      <p>Unsere Kommentarfunktion speichert die IP-Adressen der Nutzer, die Kommentare verfassen. Da wir
+        Kommentare auf unserer Seite
+        nicht vor der Freischaltung prüfen, benötigen wir diese Daten, um im Falle von
+        Rechtsverletzungen wie Beleidigungen oder Propaganda gegen den Verfasser vorgehen zu
+        können.</p>
+      <p>&nbsp;</p>
+
+      <h2>SSL-Verschlüsselung</h2>
+      <p>Diese Seite nutzt aus
+        Gründen der Sicherheit und zum Schutz der übertragung vertraulicher Inhalte, wie zum
+        Beispiel der Anfragen, die Sie an uns als Seitenbetreiber senden, eine SSL-Verschlüsselung. Eine
+        verschlüsselte Verbindung erkennen Sie daran, dass die Adresszeile des Browsers von
+        "http://" auf "https://" wechselt und an dem Schloss-Symbol in Ihrer
+        Browserzeile.</p>
+      <p>Wenn die SSL Verschlüsselung aktiviert ist, können die Daten, die Sie
+        an uns übermitteln, nicht von Dritten mitgelesen werden.</p>
+      <p>&nbsp;</p>
+
+      <h2>Recht auf Auskunft, Löschung, Sperrung</h2>
+      <p>Sie haben jederzeit das Recht auf unentgeltliche Auskunft
+        über Ihre gespeicherten personenbezogenen Daten, deren Herkunft und Empfänger und den
+        Zweck der Datenverarbeitung sowie ein Recht auf Berichtigung, Sperrung oder Löschung dieser
+        Daten. Hierzu sowie zu weiteren Fragen zum Thema personenbezogene Daten können Sie sich
+        jederzeit unter der im Impressum angegebenen Adresse an uns wenden.</p>
+      <p>&nbsp;</p>
+
+      <h2>Widerspruch Werbe-Mails</h2>
+      <p>Der Nutzung von im Rahmen der Impressumspflicht
+        veröffentlichten Kontaktdaten zur übersendung von nicht ausdrücklich angeforderter
+        Werbung und Informationsmaterialien wird hiermit widersprochen. Die Betreiber der Seiten behalten sich
+        ausdrücklich rechtliche Schritte im Falle der unverlangten Zusendung von Werbeinformationen, etwa
+        durch Spam-E-Mails, vor.</p>
+      <p>&nbsp;</p>
+
+      <p>Quelle: <a href="https://www.e-recht24.de" rel="noopener noreferrer">e-recht24.de</a></p>
+    </div>
+  </main>
+
+  <%0- _FOOTER -%0>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/resources/web/dynamic/settings/_sidebar.html b/resources/web/dynamic/settings/_sidebar.html
new file mode 100644
index 0000000..1a9ab8e
--- /dev/null
+++ b/resources/web/dynamic/settings/_sidebar.html
@@ -0,0 +1,17 @@
+<!-- TODO: use some css for fancy full-width buttons (sidebar) -->
+<strong><u><%1- loc.getString(langKey, 'words.settings') -%1></u></strong>
+<br>
+
+<a href="<%1- global.url.baseLocalized -%1>/settings/account"><%1- loc.getString(langKey, 'html.settings.account_settings') -%1></a>
+<hr>
+<a href="<%1- global.url.baseLocalized -%1>/settings/security"><%1- loc.getString(langKey, 'html.settings.account_security') -%1></a>
+<hr>
+<a href="<%1- global.url.baseLocalized -%1>/settings/notifications"><%1- loc.getString(langKey, 'words.notifications') -%1></a>
+
+<br>
+<br>
+
+<strong><u><%1- loc.getString(langKey, 'html.settings.developer_settings') -%1></u></strong>
+<br>
+
+<a href="<%1- global.url.baseLocalized -%1>/settings/apps"><%1- loc.getString(langKey, 'html.settings.oauth_apps') -%1></a>
\ No newline at end of file
diff --git a/resources/web/dynamic/settings/account.html b/resources/web/dynamic/settings/account.html
new file mode 100644
index 0000000..5c527ed
--- /dev/null
+++ b/resources/web/dynamic/settings/account.html
@@ -0,0 +1,115 @@
+<!DOCTYPE html>
+<html lang="<%1- langKey -%1>" class="h-100">
+
+<head>
+  <%0- _HEAD -%0>
+
+  <title><%1- loc.getString(langKey, 'html.settings.account_settings') -%1> | Mc-Auth.com</title>
+</head>
+
+<body class="d-flex flex-column h-100 <%2- con.isDarkTheme ? 'dark-body text-light' : '' -%2>">
+  <%0- _HEADER -%0>
+
+  <main>
+    <div class="container">
+      <div class="row">
+        <div class="col-2"><%0- _SETTINGS_SIDEBAR -%0></div>
+
+        <div class="col-1"></div>
+
+        <div class="col">
+          <h2 style="margin-bottom: 0;"><%1- loc.getString(langKey, 'html.settings.account_settings') -%1></h2>
+          <hr style="margin-top: 0;">
+
+          <h4><strong>Work In Progress</strong></h4>
+
+          <p style="font-weight: bold;">You'll soon be able to:</p>
+          <ul>
+            <li>See a preview of your public account information (with link to SkinDB)</li>
+            <li>Export all the data associated with your account</li>
+            <li>Delete your account without contacting me via email</li>
+          </ul>
+
+          <!-- Username & Mail -->
+          <form method="POST">
+            <div class="form-group">
+              <label for="mcName"><u><%1- loc.getString(langKey, 'words.username') -%1></u></label>
+              <input id="mcName" type="text" class="form-control" value="<%2= con.mcProfile.name -%2>" aria-describedby="mcNameInfo" readonly>
+              <small id="mcNameInfo" class="form-text text-muted">
+                <%1- loc.getString(langKey, 'html.settings.form.name_info') -%1>
+              </small>
+            </div>
+
+            <div class="form-group">
+              <label for="mailAddr"><u><%1- loc.getString(langKey, 'words.email_address') -%1></u></label>
+
+              <div class="input-group">
+                <%2 if(page.account.emailPending && (Date.now() - 48*60*60*1000 /* 48h in ms */) <= page.account.emailPendingSince) { %2>
+                  <strong class="text-danger"><%1- loc.getString(langKey, 'html.settings.form.email_pending') -%1></strong>
+                <%2 } %2>
+
+                <input id="mailAddr" name="mailAddr" type="email" class="form-control" value="<%2= page.account.email -%2>" aria-describedby="mailAddrInfo">
+
+                <div class="input-group-append">
+                  <div class="input-group-text">
+                    <%2 if(page.account.email) { %2>
+                      <!-- TODO: Color icon -->
+                      <img width="24px" height="24px" src="<%0- global.url.static -%0>/img/icons/check.svg">
+                    <%2 } %2>
+                  </div>
+                </div>
+              </div>
+
+              <small id="mailAddrInfo" class="form-text text-muted">
+                <%1- loc.getString(langKey, 'html.settings.form.email_info') -%1>
+              </small>
+            </div>
+
+            <button type="submit" name="updateMail" value="1" class="btn btn-success"><%1- loc.getString(langKey, 'words.save_changes') -%1></button>
+          </form>
+
+          <!-- Uncomment as soon as 'delete account' is added again -->
+          <!--
+          <br>
+          <hr>
+          <br>
+          -->
+
+          <!-- Delete Account -->
+          <!-- Currently not implemented as parts of the system rely on information marked as deleted instead of being deleted
+               so right now: Only manual deletion when requested per mail is possible-->
+          <!-- <form method="POST">
+            <b class="text-danger"><u><%1- loc.getString(langKey, 'html.settings.delete_account') -%1></u></b>
+
+            <p class="small text-danger"><%1- loc.getString(langKey, 'html.settings.delete_account_warning') -%1></p>
+
+            <div class="form-group">
+              <label for="deleteAccountOTP"><%1- loc.getString(langKey, 'html.login.six_digit_code') -%1></label>
+
+              <input id="deleteAccountOTP" type="text" class="form-control" placeholder="123 456" minlength="6" maxlength="7"
+                autocomplete="off" aria-describedby="deleteAccountOTPInfo" required>
+              <small id="deleteAccountOTPInfo" class="form-text text-muted">
+                <%1- loc.getString(langKey, 'html.login.start_minecraft_and_connect') -%1>
+
+                <button type="button" class="btn btn-sm btn-outline-info" onclick="copyToClipboard(this, '<%0- global.url.mcServer -%0>')"
+                  aria-label="<%1- loc.getString(langKey, 'html.login.click_to_copy_minecraft_host_to_clipboard') -%1>"><i class="far fa-clipboard"
+                  aria-hidden="true"></i></button>
+
+                <br>
+                <%1- loc.getString(langKey, 'html.login.kicked_with_code') -%1>
+              </small>
+            </div>
+
+            <button type="submit" name="deleteAccount" value="1" class="btn btn-danger"><%1- loc.getString(langKey, 'html.settings.delete_account') -%1></button>
+          </form> -->
+        </div>
+
+        <div class="col-3"></div>
+      </div>
+    </div>
+  </main>
+
+  <%0- _FOOTER -%0>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/resources/web/dynamic/settings/apps/apps.html b/resources/web/dynamic/settings/apps/apps.html
new file mode 100644
index 0000000..f6677ef
--- /dev/null
+++ b/resources/web/dynamic/settings/apps/apps.html
@@ -0,0 +1,60 @@
+<!DOCTYPE html>
+<html lang="<%1- langKey -%1>" class="h-100">
+
+<head>
+  <%0- _HEAD -%0>
+
+  <title><%1- loc.getString(langKey, 'html.settings.your_oauth_apps') -%1> | Mc-Auth.com</title>
+</head>
+
+<body class="d-flex flex-column h-100 <%2- con.isDarkTheme ? 'dark-body text-light' : '' -%2>">
+  <%0- _HEADER -%0>
+
+  <main>
+    <div class="container">
+      <div class="row">
+        <div class="col-2"><%0- _SETTINGS_SIDEBAR -%0></div>
+
+        <div class="col-2"></div>
+
+        <div class="col">
+          <h2 style="margin-bottom: 0;"><%1- loc.getString(langKey, 'html.settings.your_oauth_apps') -%1></h2>
+          <hr style="margin-top: 0;">
+
+          <a href="<%1- global.url.baseLocalized -%1>/settings/apps/create" class="btn btn-primary float-right" role="button">
+            <%1- loc.getString(langKey, 'html.settings.create_app') -%1>
+          </a>
+
+          <br>
+          <br>
+
+          <%2 if(page.apps && page.apps.length > 0) { %2>
+            <%2 for(const app of page.apps) { %2>
+            <div id="app_<%2- app.id -%2>">
+              <a href="<%1- global.url.baseLocalized -%1>/settings/apps/<%2- app.id -%2>">
+                <div class="appCard text-center">
+                  <img src="<%2- app.iconID ? `<%0- global.url.base -%0>/uploads/${app.iconID}.png` : `<%0- global.url.static -%0>/uploads/default.png` -%2>" class="img-fluid" style="max-width: 128px; max-height: 128px;"
+                    alt="<%1- loc.getString(langKey, 'html.authorize.app_logo') -%1>">
+                  <br>
+
+                  <%2= app.name -%2>
+                  <!-- TODO: Show some basic statistics -->
+                  <!-- TODO: Haven edit button and statistics button? -->
+                </div>
+              </a>
+            </div>
+            <%2 } %2>
+          <%2 } else { %2>
+            <strong><%1- loc.getString(langKey, 'html.settings.you_do_not_have_any_apps') -%1></strong>
+          <%2 } %2>
+        </div>
+
+        <div class="col-4"></div>
+      </div>
+    </div>
+  </main>
+
+  <%0- _FOOTER -%0>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/resources/web/dynamic/settings/apps/create.html b/resources/web/dynamic/settings/apps/create.html
new file mode 100644
index 0000000..20ab15c
--- /dev/null
+++ b/resources/web/dynamic/settings/apps/create.html
@@ -0,0 +1,71 @@
+<!DOCTYPE html>
+<html lang="<%1- langKey -%1>" class="h-100">
+
+<head>
+  <%0- _HEAD -%0>
+
+  <title><%1- loc.getString(langKey, 'html.settings.create_app') -%1> | Mc-Auth.com</title>
+
+  <script src="https://www.google.com/recaptcha/api.js" async defer></script>
+</head>
+
+<body class="d-flex flex-column h-100 <%2- con.isDarkTheme ? 'dark-body text-light' : '' -%2>">
+  <%0- _HEADER -%0>
+
+  <main>
+    <div class="container">
+      <div class="row">
+        <div class="col-2"><%0- _SETTINGS_SIDEBAR -%0></div>
+
+        <div class="col-1"></div>
+
+        <div class="col">
+          <h2 style="margin-bottom: 0;"><%1- loc.getString(langKey, 'html.settings.create_app') -%1></h2>
+          <hr style="margin-top: 0;">
+
+          <div class="appCard">
+            <p><%1- loc.getString(langKey, 'html.settings.please_provide_exact_info') -%1></p>
+
+            <form method="POST">
+              <div class="form-group">
+                <label for="name"><%1- loc.getString(langKey, 'words.name') -%1><span class="text-danger">*</span></label>
+                <input type="text" class="form-control" id="name" name="name" maxlength="128" data-remaining="nameRemain"
+                  oninput="updateRemainingChars(this)" required>
+                <small id="nameRemain"
+                  class="form-text text-muted text-left"><%1- loc.getString(langKey, 'html.settings.max_length_128_characters') -%1></small>
+              </div>
+
+              <div class="form-group">
+                <label for="website"><%1- loc.getString(langKey, 'words.website') /* TODO: use text 'The full URL to your application homepage.' */ -%1><span class="text-danger">*</span></label>
+                <input type="url" class="form-control" id="website" name="website" maxlength="512" data-remaining="websiteRemain"
+                  oninput="updateRemainingChars(this)" required>
+                <small id="websiteRemain"
+                  class="form-text text-muted text-left"><%1- loc.getString(langKey, 'html.settings.max_length_512_characters') -%1></small>
+              </div>
+
+              <div class="form-group">
+                <label for="description"><%1- loc.getString(langKey, 'words.description') -%1></label>
+                <textarea rows="3" class="form-control" id="description" name="description" maxlength="512" data-remaining="descRemain"
+                  oninput="updateRemainingChars(this)"></textarea>
+                <small id="descRemain"
+                  class="form-text text-muted text-left"><%1- loc.getString(langKey, 'html.settings.max_length_512_characters') -%1></small>
+              </div>
+
+              <hr>
+              <div class="g-recaptcha" data-sitekey="<%0- global.reCaptchaPublic -%0>"></div>
+              <hr>
+
+              <button type="submit" class="btn btn-primary" id="submitBtn"><%1- loc.getString(langKey, 'words.create') -%1></button>
+            </form>
+          </div>
+        </div>
+
+        <div class="col-3"></div>
+      </div>
+    </div>
+  </main>
+
+  <%0- _FOOTER -%0>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/resources/web/dynamic/settings/apps/edit.html b/resources/web/dynamic/settings/apps/edit.html
new file mode 100644
index 0000000..59b8628
--- /dev/null
+++ b/resources/web/dynamic/settings/apps/edit.html
@@ -0,0 +1,202 @@
+<!DOCTYPE html>
+<html lang="<%1- langKey -%1>" class="h-100">
+
+<head>
+  <%0- _HEAD -%0>
+
+  <title><%1- loc.getString(langKey, 'html.settings.manage_app') -%1> | Mc-Auth.com</title>
+</head>
+
+<body class="d-flex flex-column h-100 <%2- con.isDarkTheme ? 'dark-body text-light' : '' -%2>">
+  <%0- _HEADER -%0>
+
+  <script>
+    async function startAppIconUpload(elem) {
+      const input = document.createElement('input');
+      input.type = 'file';
+
+      input.onchange = async (e) => {
+        const file = e.target.files[0];
+
+        if (file) {
+          const res = await fetch('<%0- global.url.base -%0>/uploads', {
+            method: 'POST',
+            headers: { 'Accept': 'application/json', 'Content-Type': file.type },
+            body: file
+          });
+
+          const json = await res.json();
+
+          if (res.status == 200 || res.status == 201) {
+            document.getElementById('icon').value = json.id;
+            elem.src = res.headers.get('Location') || json.url;
+
+            console.log(`Stored at ${elem.src}`);
+
+            console.log('Upload succeeded:', json); // TODO: Automatically save icon (but not form data)
+          } else {
+            console.error('Upload failed:', json);
+          }
+        }
+      };
+
+      input.click();
+    }
+
+    async function regenerateSecret() {
+      if (confirm("<%1= loc.getString(langKey, 'html.settings.confirm_regenerate_secret') -%1>")) {
+        const res = await fetch(window.location.href, {
+          method: 'POST',
+          headers: { 'Accept': 'application/json', 'Content-Type': 'application/json' },
+          body: JSON.stringify({ regenerateSecret: true })
+        });
+
+        const json = await res.json();
+
+        if (res.status == 200) {
+          console.log('A new client_secret has been generated');
+
+          reveal(document.getElementById('clientSecret'), json.secret);
+        } else {
+          console.error('Upload failed:', json);
+        }
+      }
+    }
+  </script>
+
+  <main>
+    <div class="container">
+      <div class="row">
+        <div class="col-2"><%0- _SETTINGS_SIDEBAR -%0></div>
+
+        <div class="col-1"></div>
+
+        <div class="col">
+          <h2 style="margin-bottom: 0;"><%1- loc.getString(langKey, 'html.settings.editing_app') -%1></h2>
+          <hr style="margin-top: 0;">
+
+          <div class="appCard">
+            <div class="row">
+              <div class="col-auto">
+                <p>
+                  client_id
+                  <button type="button" class="btn btn-sm btn-outline-info" onclick="copyToClipboard(this, '<%2- page.apps[0].id -%2>')">
+                    <i class="far fa-clipboard" aria-hidden="true"></i>
+                  </button>
+                </p>
+
+                <p class="text-muted"><%2- page.apps[0].id -%2></p>
+
+              </div>
+
+              <div class="col">
+                <p>
+                  client_secret
+                  <button type="button" class="btn btn-sm btn-outline-info" onclick="copyToClipboard(this, '<%2- page.apps[0].secret -%2>')">
+                    <i class="far fa-clipboard" aria-hidden="true"></i>
+                  </button>
+                  <button type="button" class="btn btn-sm btn-outline-danger" onclick="regenerateSecret()">
+                    <i class="fas fa-sync" aria-hidden="true"></i>
+                  </button>
+                </p>
+
+                <p class="text-muted text-unrevealed" id="clientSecret" onclick="reveal(this, '<%2- page.apps[0].secret -%2>')">
+                  <%1- loc.getString(langKey, 'html.settings.click_to_show') -%1>
+                </p>
+              </div>
+            </div>
+
+            <hr>
+
+            <p class="text-center"><%1- loc.getString(langKey, 'html.settings.please_provide_exact_info') -%1></p>
+
+            <form method="POST">
+              <div class="form-group">
+                <img src="<%2- page.apps[0].iconID ? `<%0- global.url.base -%0>/uploads/${page.apps[0].iconID}.png` : `<%0- global.url.static -%0>/uploads/default.png` -%2>"
+                  onclick="startAppIconUpload(this)"class="rounded mx-auto d-block" style="max-height: 128px; max-width: 128px;"
+                  alt="<%1- loc.getString(langKey, 'html.authorize.app_logo') -%1>">
+                <input type="text" class="form-control hidden" id="icon" name="icon" value="<%2- page.apps[0].iconID -%2>">
+                <p class="text-muted text-center"><%1- loc.getString(langKey, 'html.settings.click_image_above_to_upload') -%1></p>
+              </div>
+
+              <div class="form-group">
+                <label for="name"><%1- loc.getString(langKey, 'words.name') -%1><span class="text-danger">*</span></label>
+                <input type="text" class="form-control" id="name" name="name" value="<%2= page.apps[0].name -%2>" maxlength="128"
+                  data-remaining="nameRemain" oninput="updateRemainingChars(this)" required>
+                <small id="nameRemain"
+                  class="form-text text-muted text-left"><%1- loc.getString(langKey, 'html.settings.max_length_128_characters') -%1></small>
+              </div>
+
+              <div class="form-group">
+                <label for="website"><%1- loc.getString(langKey, 'words.website') /* TODO: use text 'The full URL to your application homepage.' */ -%1><span class="text-danger">*</span></label>
+                <input type="url" class="form-control" id="website" name="website" value="<%2= page.apps[0].website -%2>" maxlength="512" data-remaining="websiteRemain"
+                  oninput="updateRemainingChars(this)" required>
+                <small id="websiteRemain" class="form-text text-muted text-left"><%1- loc.getString(langKey, 'html.settings.max_length_512_characters') -%1></small>
+              </div>
+
+              <div class="form-group">
+                <label for="description"><%1- loc.getString(langKey, 'words.description') -%1></label>
+                <textarea rows="3" class="form-control" id="description" name="description" maxlength="512"
+                  data-remaining="descRemain" oninput="updateRemainingChars(this)"><%2- (page.apps[0].description || '').replace(/\n/g,'\r\n') -%2></textarea>
+                <small id="descRemain"
+                  class="form-text text-muted text-left"><%1- loc.getString(langKey, 'html.settings.max_length_512_characters') -%1></small>
+              </div>
+
+              <div class="form-group">
+                <label for="redirect_uris"><%1- loc.getString(langKey, 'html.settings.redirect_uris') -%1></label>
+                <textarea rows="3" class="form-control" id="redirect_uris"
+                  name="redirect_uris"><%2- page.apps[0].redirectURIs.join('\r\n') -%2></textarea>
+              </div>
+
+              <hr>
+
+              <div class="row">
+                <div class="col" style="padding-right: 6px">
+                  <a class="btn btn-danger float-right" href="<%1- global.url.baseLocalized -%1>/settings/apps#app_<%2- page.apps[0].id -%2>"
+                    role="button"><%1- loc.getString(langKey, 'html.settings.return_to_settings') -%1></a>
+                </div>
+
+                <div class="col" style="padding-left: 6px">
+                  <button type="submit" class="btn btn-success"><%1- loc.getString(langKey, 'words.save_changes') -%1></button>
+                </div>
+              </div>
+            </form>
+
+            <br>
+            <br>
+
+            <!-- Delete App -->
+            <form method="POST">
+              <b class="text-danger"><u><%1- loc.getString(langKey, 'html.settings.delete_app') -%1></u></b>
+
+              <div class="form-group">
+                <label for="deleteAppOTP"><%1- loc.getString(langKey, 'html.login.six_digit_code') -%1></label>
+
+                <input id="deleteAppOTP" name="deleteAppOTP" type="text" class="form-control" placeholder="123 456" minlength="6" maxlength="7"
+                  autocomplete="off" aria-describedby="deleteAppOTPInfo" required>
+                <small id="deleteAppOTPInfo" class="form-text text-muted">
+                  <%1- loc.getString(langKey, 'html.login.start_minecraft_and_connect') -%1>
+
+                  <button type="button" class="btn btn-sm btn-outline-info" onclick="copyToClipboard(this, '<%0- global.url.mcServer -%0>')"
+                    aria-label="<%1- loc.getString(langKey, 'html.login.click_to_copy_minecraft_host_to_clipboard') -%1>"><i class="far fa-clipboard"
+                    aria-hidden="true"></i></button>
+
+                  <br>
+                  <%1- loc.getString(langKey, 'html.login.kicked_with_code') -%1>
+                </small>
+              </div>
+
+              <button type="submit" name="deleteApp" value="1" class="btn btn-danger"><%1- loc.getString(langKey, 'html.settings.delete_app') -%1></button>
+            </form>
+          </div>
+        </div>
+
+        <div class="col-3"></div>
+      </div>
+    </div>
+  </main>
+
+  <%0- _FOOTER -%0>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/resources/web/dynamic/settings/notifications.html b/resources/web/dynamic/settings/notifications.html
new file mode 100644
index 0000000..a360344
--- /dev/null
+++ b/resources/web/dynamic/settings/notifications.html
@@ -0,0 +1,49 @@
+<!DOCTYPE html>
+<html lang="<%1- langKey -%1>" class="h-100">
+
+<head>
+  <%0- _HEAD -%0>
+
+  <title><%1- loc.getString(langKey, 'words.notifications') -%1> | Mc-Auth.com</title>
+</head>
+
+<body class="d-flex flex-column h-100 <%2- con.isDarkTheme ? 'dark-body text-light' : '' -%2>">
+  <%0- _HEADER -%0>
+
+  <main>
+    <div class="container">
+      <div class="row">
+        <div class="col-2"><%0- _SETTINGS_SIDEBAR -%0></div>
+
+        <div class="col-1"></div>
+
+        <div class="col">
+          <h2 style="margin-bottom: 0;">Notifications</h2>
+          <hr style="margin-top: 0;">
+
+          <h4><strong>Work In Progress</strong></h4>
+
+          <p style="font-weight: bold;">You'll soon be able to be notified for:</p>
+          <ul>
+            <li>Successful logins on Mc-Auth.org</li>
+            <li>A new app has been granted permission</li>
+
+            <li>Newsletter (once per month <strong>max</strong>) informing you about changes to Mc-Auth.org</li>
+
+            <li>oAuth App edited</li>
+            <li>oAuth App deleted</li>
+
+            <li>Mc-Auth.org Account  changes (e.g. deletion) (can not be disabled)</li>
+            <li>Information for developers regarding their oAuth Apps (can not be disabled)</li>
+          </ul>
+        </div>
+
+        <div class="col-3"></div>
+      </div>
+    </div>
+  </main>
+
+  <%0- _FOOTER -%0>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/resources/web/dynamic/settings/security.html b/resources/web/dynamic/settings/security.html
new file mode 100644
index 0000000..5284699
--- /dev/null
+++ b/resources/web/dynamic/settings/security.html
@@ -0,0 +1,42 @@
+<!DOCTYPE html>
+<html lang="<%1- langKey -%1>" class="h-100">
+
+<head>
+  <%0- _HEAD -%0>
+
+  <title><%1- loc.getString(langKey, 'html.settings.account_security') -%1> | Mc-Auth.com</title>
+</head>
+
+<body class="d-flex flex-column h-100 <%2- con.isDarkTheme ? 'dark-body text-light' : '' -%2>">
+  <%0- _HEADER -%0>
+
+  <main>
+    <div class="container">
+      <div class="row">
+        <div class="col-2"><%0- _SETTINGS_SIDEBAR -%0></div>
+
+        <div class="col-1"></div>
+
+        <div class="col">
+          <h2 style="margin-bottom: 0;"><%1- loc.getString(langKey, 'html.settings.account_security') -%1></h2>
+          <hr style="margin-top: 0;">
+
+          <h4><strong>Work In Progress</strong></h4>
+
+          <p style="font-weight: bold;">You'll soon be able to:</p>
+          <ul>
+            <li>Use 2FA to protect your <i>oAuth Apps (edit and delete)</i> (forced for verified apps)</li>
+            <li>See all your active sessions you are logged into [+ IP/Location] (e.g. different devices)</li>
+            <li>All the apps you've granted permission with filtering/sorting functions [+Scope/User-Agent/IP/Location]</li>
+          </ul>
+        </div>
+
+        <div class="col-3"></div>
+      </div>
+    </div>
+  </main>
+
+  <%0- _FOOTER -%0>
+</body>
+
+</html>
\ No newline at end of file
diff --git a/.static/assets/img/Banner.jpg b/resources/web/static/assets/img/Banner.jpg
similarity index 100%
rename from .static/assets/img/Banner.jpg
rename to resources/web/static/assets/img/Banner.jpg
diff --git a/.static/assets/img/CherryBread_Network.jpg b/resources/web/static/assets/img/CherryBread_Network.jpg
similarity index 100%
rename from .static/assets/img/CherryBread_Network.jpg
rename to resources/web/static/assets/img/CherryBread_Network.jpg
diff --git a/.static/assets/img/Logo.svg b/resources/web/static/assets/img/Logo.svg
similarity index 100%
rename from .static/assets/img/Logo.svg
rename to resources/web/static/assets/img/Logo.svg
diff --git a/.static/assets/img/Logo_HD.png b/resources/web/static/assets/img/Logo_HD.png
similarity index 100%
rename from .static/assets/img/Logo_HD.png
rename to resources/web/static/assets/img/Logo_HD.png
diff --git a/.static/assets/img/SkinDB.svg b/resources/web/static/assets/img/SkinDB.svg
similarity index 100%
rename from .static/assets/img/SkinDB.svg
rename to resources/web/static/assets/img/SkinDB.svg
diff --git a/.static/img/favicon/favicon.ico b/resources/web/static/favicon.ico
similarity index 100%
rename from .static/img/favicon/favicon.ico
rename to resources/web/static/favicon.ico
diff --git a/.static/img/favicon/android-chrome-192x192.png b/resources/web/static/img/favicon/android-chrome-192x192.png
similarity index 100%
rename from .static/img/favicon/android-chrome-192x192.png
rename to resources/web/static/img/favicon/android-chrome-192x192.png
diff --git a/.static/img/favicon/android-chrome-512x512.png b/resources/web/static/img/favicon/android-chrome-512x512.png
similarity index 100%
rename from .static/img/favicon/android-chrome-512x512.png
rename to resources/web/static/img/favicon/android-chrome-512x512.png
diff --git a/.static/img/favicon/apple-touch-icon.png b/resources/web/static/img/favicon/apple-touch-icon.png
similarity index 100%
rename from .static/img/favicon/apple-touch-icon.png
rename to resources/web/static/img/favicon/apple-touch-icon.png
diff --git a/.static/img/favicon/browserconfig.xml b/resources/web/static/img/favicon/browserconfig.xml
similarity index 90%
rename from .static/img/favicon/browserconfig.xml
rename to resources/web/static/img/favicon/browserconfig.xml
index 868c54b..41967bf 100644
--- a/.static/img/favicon/browserconfig.xml
+++ b/resources/web/static/img/favicon/browserconfig.xml
@@ -2,7 +2,7 @@
 <browserconfig>
     <msapplication>
         <tile>
-            <square150x150logo src="https://mc-auth.com/img/favicons/mstile-150x150.png"/>
+            <square150x150logo src="https://mc-auth.com/img/favicon/mstile-150x150.png"/>
             <TileColor>#603cba</TileColor>
         </tile>
     </msapplication>
diff --git a/.static/img/favicon/favicon-16x16.png b/resources/web/static/img/favicon/favicon-16x16.png
similarity index 100%
rename from .static/img/favicon/favicon-16x16.png
rename to resources/web/static/img/favicon/favicon-16x16.png
diff --git a/.static/img/favicon/favicon-32x32.png b/resources/web/static/img/favicon/favicon-32x32.png
similarity index 100%
rename from .static/img/favicon/favicon-32x32.png
rename to resources/web/static/img/favicon/favicon-32x32.png
diff --git a/resources/web/static/img/favicon/favicon.ico b/resources/web/static/img/favicon/favicon.ico
new file mode 100644
index 0000000..3f583e3
Binary files /dev/null and b/resources/web/static/img/favicon/favicon.ico differ
diff --git a/.static/img/favicon/mstile-150x150.png b/resources/web/static/img/favicon/mstile-150x150.png
similarity index 100%
rename from .static/img/favicon/mstile-150x150.png
rename to resources/web/static/img/favicon/mstile-150x150.png
diff --git a/.static/img/favicon/safari-pinned-tab.svg b/resources/web/static/img/favicon/safari-pinned-tab.svg
similarity index 100%
rename from .static/img/favicon/safari-pinned-tab.svg
rename to resources/web/static/img/favicon/safari-pinned-tab.svg
diff --git a/.static/img/favicon/site.webmanifest b/resources/web/static/img/favicon/site.webmanifest
similarity index 67%
rename from .static/img/favicon/site.webmanifest
rename to resources/web/static/img/favicon/site.webmanifest
index 413c401..0395797 100644
--- a/.static/img/favicon/site.webmanifest
+++ b/resources/web/static/img/favicon/site.webmanifest
@@ -3,12 +3,12 @@
     "short_name": "Mc-Auth.com",
     "icons": [
         {
-            "src": "https://mc-auth.com/img/favicons/android-chrome-192x192.png",
+            "src": "https://mc-auth.com/img/favicon/android-chrome-192x192.png",
             "sizes": "192x192",
             "type": "image/png"
         },
         {
-            "src": "https://mc-auth.com/img/favicons/android-chrome-512x512.png",
+            "src": "https://mc-auth.com/img/favicon/android-chrome-512x512.png",
             "sizes": "512x512",
             "type": "image/png"
         }
diff --git a/resources/web/static/img/icons/LICENSE b/resources/web/static/img/icons/LICENSE
new file mode 100644
index 0000000..2cf1d54
--- /dev/null
+++ b/resources/web/static/img/icons/LICENSE
@@ -0,0 +1 @@
+https://feathericons.com/
\ No newline at end of file
diff --git a/resources/web/static/img/icons/alert-triangle.svg b/resources/web/static/img/icons/alert-triangle.svg
new file mode 100644
index 0000000..1fdab2e
--- /dev/null
+++ b/resources/web/static/img/icons/alert-triangle.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" class="feather feather-alert-triangle" viewBox="0 0 24 24"><path d="M10.29 3.86L1.82 18a2 2 0 001.71 3h16.94a2 2 0 001.71-3L13.71 3.86a2 2 0 00-3.42 0zM12 9v4M12 17h.01"/></svg>
\ No newline at end of file
diff --git a/resources/web/static/img/icons/check.svg b/resources/web/static/img/icons/check.svg
new file mode 100644
index 0000000..adad94c
--- /dev/null
+++ b/resources/web/static/img/icons/check.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" class="feather feather-check" viewBox="0 0 24 24"><path d="M20 6L9 17l-5-5"/></svg>
\ No newline at end of file
diff --git a/resources/web/static/img/icons/clock.svg b/resources/web/static/img/icons/clock.svg
new file mode 100644
index 0000000..ac0340d
--- /dev/null
+++ b/resources/web/static/img/icons/clock.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" class="feather feather-clock" viewBox="0 0 24 24"><circle cx="12" cy="12" r="10"/><path d="M12 6v6l4 2"/></svg>
\ No newline at end of file
diff --git a/resources/web/static/img/icons/globe.svg b/resources/web/static/img/icons/globe.svg
new file mode 100644
index 0000000..e82050e
--- /dev/null
+++ b/resources/web/static/img/icons/globe.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" class="feather feather-globe" viewBox="0 0 24 24"><circle cx="12" cy="12" r="10"/><path d="M2 12h20M12 2a15.3 15.3 0 014 10 15.3 15.3 0 01-4 10 15.3 15.3 0 01-4-10 15.3 15.3 0 014-10z"/></svg>
\ No newline at end of file
diff --git a/resources/web/static/img/icons/help-circle.svg b/resources/web/static/img/icons/help-circle.svg
new file mode 100644
index 0000000..325deb4
--- /dev/null
+++ b/resources/web/static/img/icons/help-circle.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" class="feather feather-help-circle" viewBox="0 0 24 24"><circle cx="12" cy="12" r="10"/><path d="M9.09 9a3 3 0 015.83 1c0 2-3 3-3 3M12 17h.01"/></svg>
\ No newline at end of file
diff --git a/resources/web/static/img/icons/refresh-cw.svg b/resources/web/static/img/icons/refresh-cw.svg
new file mode 100644
index 0000000..62959df
--- /dev/null
+++ b/resources/web/static/img/icons/refresh-cw.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" class="feather feather-refresh-cw" viewBox="0 0 24 24"><path d="M23 4v6h-6M1 20v-6h6"/><path d="M3.51 9a9 9 0 0114.85-3.36L23 10M1 14l4.64 4.36A9 9 0 0020.49 15"/></svg>
\ No newline at end of file
diff --git a/resources/web/static/img/icons/user.svg b/resources/web/static/img/icons/user.svg
new file mode 100644
index 0000000..3ae4cff
--- /dev/null
+++ b/resources/web/static/img/icons/user.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" class="feather feather-user" viewBox="0 0 24 24"><path d="M20 21v-2a4 4 0 00-4-4H8a4 4 0 00-4 4v2"/><circle cx="12" cy="7" r="4"/></svg>
\ No newline at end of file
diff --git a/resources/web/static/img/icons/users.svg b/resources/web/static/img/icons/users.svg
new file mode 100644
index 0000000..517dfa4
--- /dev/null
+++ b/resources/web/static/img/icons/users.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" fill="none" stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" class="feather feather-users" viewBox="0 0 24 24"><path d="M17 21v-2a4 4 0 00-4-4H5a4 4 0 00-4 4v2"/><circle cx="9" cy="7" r="4"/><path d="M23 21v-2a4 4 0 00-3-3.87M16 3.13a4 4 0 010 7.75"/></svg>
\ No newline at end of file
diff --git a/.static/robots.txt b/resources/web/static/robots.txt
similarity index 100%
rename from .static/robots.txt
rename to resources/web/static/robots.txt
diff --git a/.static/script.js b/resources/web/static/script.js
similarity index 89%
rename from .static/script.js
rename to resources/web/static/script.js
index 72f66fc..7ef43b7 100644
--- a/.static/script.js
+++ b/resources/web/static/script.js
@@ -2,6 +2,8 @@ function reveal(elem, str) {
   if (elem.innerText != str) {
     elem.classList.remove('text-unrevealed');
     elem.innerText = str;
+
+    elem.onclick = undefined;
   }
 }
 
@@ -114,22 +116,24 @@ function toggleDarkMode(event) {
   }
 
   setActiveTheme(!isCurrDarkMode);
+  console.info('Dark theme has been set to', !isCurrDarkMode);
 }
 
 /**
- * @param {Boolean} darkTheme 
+ * @param {Boolean} darkTheme
  */
 function setActiveTheme(darkTheme) {
-  document.cookie = `darkTheme=${darkTheme ? 1 : 0}; expires=${new Date(Date.now() + (90 * 24 * 60 * 60 * 1000)).toUTCString()}; path=/`;
+  document.cookie = `darkTheme=${darkTheme ? 1 : 0}; ` +
+    `expires=${new Date(Date.now() + (90 * 24 * 60 * 60 * 1000)).toUTCString()}; path=/; SameSite=Strict${location.protocol == 'https:' ? '; Secure' : ''}`;
 }
 
 /* run when DOM is ready */
 window.addEventListener('load', () => {
-  for (const elem of document.querySelectorAll('[data-remaining]')) {
-    updateRemainingChars(elem);
+  if (document.cookie.indexOf('darkTheme') == -1 && matchMedia('(prefers-color-scheme: dark)').matches) {
+    toggleDarkMode(null);
   }
 
-  if (document.cookie.indexOf('darkTheme') < 0 && matchMedia('(prefers-color-scheme: dark)').matches) {
-    toggleDarkMode(null);
+  for (const elem of document.querySelectorAll('[data-remaining]')) {
+    updateRemainingChars(elem);
   }
 });
\ No newline at end of file
diff --git a/.static/sitemap.xml b/resources/web/static/sitemap.xml
similarity index 100%
rename from .static/sitemap.xml
rename to resources/web/static/sitemap.xml
diff --git a/.static/style.css b/resources/web/static/style.css
similarity index 96%
rename from .static/style.css
rename to resources/web/static/style.css
index 6c271fa..4da82d2 100644
--- a/.static/style.css
+++ b/resources/web/static/style.css
@@ -1,3 +1,7 @@
+main {
+  margin: 2rem 0;
+}
+
 .langDropdown .flag-icon {
   border-radius: 3px;
 }
@@ -22,10 +26,6 @@
   cursor: pointer;
 }
 
-.langDropdown .flag-icon {
-  border-radius: 3px;
-}
-
 .hidden {
   display: none;
 }
diff --git a/.static/uploads/default.png b/resources/web/static/uploads/default.png
similarity index 100%
rename from .static/uploads/default.png
rename to resources/web/static/uploads/default.png
diff --git a/routes/login.js b/routes/login.js
deleted file mode 100644
index 63202bd..0000000
--- a/routes/login.js
+++ /dev/null
@@ -1,57 +0,0 @@
-const Utils = require('../utils'),
-  db = require('../db/DB');
-
-const router = require('express').Router();
-
-router.get('/', (req, res, _next) => {
-  if (req.session['loggedIn']) {
-    const returnTo = (req.query['returnTo'] || '').toLowerCase();
-
-    return res.redirect(returnTo.startsWith(Utils.Storage.BASE_URL) ? returnTo : Utils.Storage.BASE_URL);
-  }
-
-  return Utils.Express.handleStaticDynamic(req, res, Utils.Storage.LOGIN);
-});
-
-router.get('/verify', (req, res, next) => {
-  if (req.session['loggedIn']) return next(Utils.createError(400, 'You are already logged in!'));
-
-  let uuid = req.query.uuid,
-    otp = req.query.otp;
-
-  if (!uuid || !Utils.isUUID(uuid)) return next(Utils.createError(400, 'Missing or invalid parameter: uuid'));
-  if (!otp || typeof otp != 'string' || (otp = otp.replace(/ /g, '')).length != 6) return next(Utils.createError(400, 'Missing or invalid parameter: otp'));
-
-  db.invalidateOneTimePassword(uuid, otp, (err, success) => {
-    if (err) return next(Utils.logAndCreateError(err));
-
-    if (success) {
-      Utils.Minecraft.getUsername(uuid, (err, username) => {
-        if (err) return next(Utils.logAndCreateError(err));
-
-        req.session['loggedIn'] = true;
-        req.session['mc_UUID'] = uuid;
-        req.session['mc_Name'] = username;
-
-        const keepLogin = !Utils.toBoolean(req.query.keepLogin) && req.query.keepLogin != 'on';
-        if (!keepLogin) {
-          req.session.cookie.expires = false; // false makes it a session-cookie (duration or user-agent)
-        }
-
-        const returnTo = (req.query['returnTo'] || '').toLowerCase();
-        let returnURL = returnTo.startsWith(Utils.Storage.BASE_URL) ? returnTo : Utils.Storage.BASE_URL;
-
-        return res.send({
-          verified: success,
-          url: returnURL
-        });
-      });
-    } else {
-      return res.send({
-        verified: false
-      });
-    }
-  });
-});
-
-module.exports = router;
\ No newline at end of file
diff --git a/routes/logout.js b/routes/logout.js
deleted file mode 100644
index 4932995..0000000
--- a/routes/logout.js
+++ /dev/null
@@ -1,11 +0,0 @@
-const Utils = require('../utils');
-
-const router = require('express').Router();
-
-router.get('/', (req, res, _next) => {
-  delete req.session;
-
-  res.redirect(Utils.Storage.BASE_URL); //TODO Zur Ursprungs-URL zurück und nur fallback ist BASE_URL
-});
-
-module.exports = router;
\ No newline at end of file
diff --git a/routes/oAuth2.js b/routes/oAuth2.js
deleted file mode 100644
index bb56245..0000000
--- a/routes/oAuth2.js
+++ /dev/null
@@ -1,107 +0,0 @@
-const Utils = require('../utils'),
-  db = require('../db/DB');
-
-const router = require('express').Router();
-
-router.get('/authorize/:grantID', (req, res, next) => {
-  if (!req.session['loggedIn']) return res.redirect(`${Utils.Storage.BASE_URL}/login?returnTo=${encodeURIComponent(Utils.Storage.BASE_URL + req.originalUrl)}`);
-
-  if (!Utils.isNumber(req.params.grantID)) return next(Utils.createError(404, 'Resource Not Found'));
-
-  db.getUnusedGrant(req.params.grantID, req.session['mc_UUID'], (err, grant) => {
-    if (err && err.code != 22003 /* numeric_value_out_of_range */) return next(Utils.logAndCreateError(err));
-    if (!grant) return next(Utils.createError(404, 'Resource Not Found'));
-
-    const clientID = req.query['client_id'],
-      redirectURI = req.query['redirect_uri'],
-      state = req.query['state'],
-      responseType = (req.query['response_type'] || '').toLowerCase(),
-      scope = (req.query['scope'] || '').toLowerCase().split(' ').filter((elem) => { return elem; }),
-      agreed = Utils.toBoolean(req.query['agreed']);
-
-    if (!clientID || !Utils.isNumber(clientID)) return next(Utils.createError(400, 'ToDo: Invalid or Missing ClientID (notify user - do not redirect)'));
-
-    db.getApplication(clientID, (err, app) => {
-      if (err && err.code != 22003 /* numeric_value_out_of_range */) return next(Utils.logAndCreateError(err));
-      if (!app) return next(Utils.createError(400, 'ToDo: Invalid or Missing ClientID (notify user - do not redirect)'));
-
-      const uriParamPrefix = responseType == 'token' ? '#' : redirectURI.indexOf('?') == -1 && !redirectURI.trimRight().endsWith('?') ? '?' : '&',
-        stateSuffix = state ? '&state=' + encodeURIComponent(state) : '';
-
-      const compareableRedirectURI = redirectURI && redirectURI.indexOf('?') != -1 ? redirectURI.substring(0, redirectURI.indexOf('?')) : redirectURI;
-
-      if (!redirectURI || !Utils.includesIgnoreCase(app.redirect_uris, compareableRedirectURI)) return next(Utils.createError(400, 'ToDo: Invalid redirect_uri (notify user - do not redirect)'));
-      if (responseType != 'code' && responseType != 'token') return res.redirect(redirectURI + `${uriParamPrefix}error=unsupported_response_type${stateSuffix}`);
-
-      for (const elem of scope) {
-        if (elem != 'profile') {
-          return res.redirect(redirectURI + `${uriParamPrefix}error=invalid_scope&error_description=${elem}${stateSuffix}`);
-        }
-      }
-
-      if (responseType == 'token') {
-        db.generateAccessToken(clientID, req.session['mc_UUID'], redirectURI, state, scope, (err, token) => {
-          if (err) return res.redirect(redirectURI + `${uriParamPrefix}error=server_error&error_description=${Utils.logAndCreateError(err).message}${stateSuffix}`);
-
-          return res.redirect(redirectURI + `${uriParamPrefix}access_token=${encodeURIComponent(token)}&token_type=${'Bearer'}&expires_in=${3600}&scope=${encodeURIComponent(scope.sort().join(' '))}${stateSuffix}`);
-        });
-      } else {
-        db.setGrantResult(grant.id, agreed, (err) => {
-          if (err) return res.redirect(redirectURI + `${uriParamPrefix}error=server_error&error_description=${Utils.logAndCreateError(err).message}${stateSuffix}`);
-
-          if (!agreed) return res.redirect(redirectURI + `${uriParamPrefix}error=access_denied&error_description=resource_owner_denied_request${stateSuffix}`);
-
-          return res.redirect(redirectURI + `${uriParamPrefix}code=${encodeURIComponent(grant.exchange_token)}&expires_in=${300}${stateSuffix}`);
-        });
-      }
-    });
-  });
-});
-
-router.get('/authorize', (req, res, next) => {
-  if (!req.session['loggedIn']) return res.redirect(`${Utils.Storage.BASE_URL}/login?returnTo=${encodeURIComponent(Utils.Storage.BASE_URL + req.originalUrl)}`);
-
-  const clientID = req.query['client_id'],
-    redirectURI = req.query['redirect_uri'],
-    state = req.query['state'],
-    responseType = (req.query['response_type'] || '').toLowerCase(),
-    scope = (req.query['scope'] || '').toLowerCase().split(' ').filter((elem) => { return elem; });
-
-  if (!clientID || !Utils.isNumber(clientID)) return next(Utils.createError(404, 'client_id is invalid'));
-
-  db.getApplication(clientID, (err, app) => {
-    if (err && err.code != 22003 /* numeric_value_out_of_range */) return next(Utils.logAndCreateError(err));
-    if (!app || app.deleted) return next(Utils.createError(404, 'client_id is invalid'));
-
-    const compareableRedirectURI = redirectURI && redirectURI.indexOf('?') != -1 ? redirectURI.substring(0, redirectURI.indexOf('?')) : redirectURI;
-
-    if (!redirectURI || !Utils.includesIgnoreCase(app.redirect_uris, compareableRedirectURI)) return next(Utils.createError(400, 'redirect_uri is not listed for client_id'));
-    if (responseType != 'code' && responseType != 'token') return next(Utils.createError(400, 'ToDo: unsupported_response_type'));
-
-    for (const elem of scope) {
-      if (elem != 'profile') {
-        return next(Utils.createError(400, 'ToDo: invalid_scope'));
-      }
-    }
-
-    db.generateGrant(clientID, req.session['mc_UUID'], redirectURI, state, scope, (err, grant) => {
-      if (err) return next(Utils.logAndCreateError(err)); // server_error, error_description=err.message
-
-      Utils.Minecraft.getUsername(req.session['mc_UUID'], (err, username) => {
-        if (err) Utils.logAndCreateError(err);
-
-        Utils.Minecraft.getUsername(app.owner, (err, appOwner) => {
-          if (err) return next(Utils.logAndCreateError(err));
-
-          res.send(
-            Utils.HTML.formatHTML(req, Utils.HTML.replaceVariables(req, username, Utils.Storage.AUTHORIZE, (str, args) => {
-              return Utils.HTML.appVariableCallback(str, args[0]) || Utils.HTML.grantVariableCallback(str, args[1]);
-            }, [[app, appOwner, false], [grant]]))
-          );
-        });
-      });
-    });
-  });
-});
-
-module.exports = router;
\ No newline at end of file
diff --git a/routes/oAuth2_post.js b/routes/oAuth2_post.js
deleted file mode 100644
index 5f0bf93..0000000
--- a/routes/oAuth2_post.js
+++ /dev/null
@@ -1,57 +0,0 @@
-const Utils = require('../utils'),
-  db = require('../db/DB');
-
-const router = require('express').Router();
-
-router.post('/token', (req, res, next) => {
-  const clientID = req.body['client_id'],
-    clientSecret = req.body['client_secret'],
-    code = req.body['code'],
-    redirectURI = req.body['redirect_uri'],
-    grantType = req.body['grant_type'];
-
-  if (!clientID || !clientSecret || !Utils.isNumber(clientID)) return next(Utils.createError(400, 'client_id does not exist or does not match client_secret'));
-
-  db.getApplication(clientID, (err, app) => {
-    if (err && err.code != 22003 /* numeric_value_out_of_range */) return next(Utils.logAndCreateError(err));
-
-    if (!app || app.secret != clientSecret) return next(Utils.createError(400, 'client_id does not exist or does not match client_secret'));
-
-    if (!grantType || grantType.toLowerCase() != 'authorization_code') return next(Utils.createError(400, 'Invalid grant_type'));
-
-    db.invalidateExchangeToken(clientID, code, redirectURI, (err, grant) => {
-      if (err) return next(Utils.logAndCreateError(err));
-      if (!grant) return next(Utils.createError(400, 'Invalid code! expired? Wrong redirect_uri?'));
-
-      const result = {
-        access_token: grant.access_token,
-        token_type: 'Bearer',
-        expires_in: 3600, /* 1h */
-        data: {
-          uuid: grant.mc_uuid
-        }
-      };
-      if (grant.state) {
-        result.state = grant.state;
-      }
-      if (grant.scope) {
-        Utils.Minecraft.getProfile(grant.mc_uuid, (err, profile) => {
-          if (err) return next(Utils.logAndCreateError(err));
-          if (!profile) return next(Utils.createError(500, 'Could not request minecraft-profile'));
-
-          result.scope = grant.scope.sort().join(' ');
-
-          if (grant.scope.includes('profile')) {
-            result.data.profile = profile;
-          }
-
-          return res.send(result);
-        });
-      } else {
-        return res.send(result);
-      }
-    });
-  });
-});
-
-module.exports = router;
\ No newline at end of file
diff --git a/routes/settings.js b/routes/settings.js
deleted file mode 100644
index def7de8..0000000
--- a/routes/settings.js
+++ /dev/null
@@ -1,118 +0,0 @@
-const Utils = require('../utils'),
-  db = require('../db/DB');
-
-const request = require('request');
-
-const router = require('express').Router();
-
-router.post('/create', (req, res, next) => {
-  if (!req.session['loggedIn']) return next(Utils.createError(401, 'You are not logged in!'));
-
-  if (!req.body.name) return next(Utils.createError(400, 'Missing Application-Name', false));
-  if (req.body.name.length > 128) return next(Utils.createError(400, 'Application-Name exceed 128 characters', false));
-  if (req.body.desc && req.body.desc.length > 512) return next(Utils.createError(400, 'Application-Description exceed 512 characters', false));
-  if (!req.body['g-recaptcha-response']) return next(Utils.createError(400, 'reCAPTCHA failed', false));
-
-  request('https://www.google.com/recaptcha/api/siteverify', {
-    method: 'POST',
-    formData: {
-      secret: require('.././storage/config')['reCAPTCHA']['private'],
-      response: req.body['g-recaptcha-response']
-    }
-  }, (err, _httpRes, httpBody) => {
-    if (err) return next(Utils.logAndCreateError(err));
-
-    httpBody = JSON.parse(httpBody);
-    if (!httpBody['success']) return next(Utils.createError(400, 'reCAPTCHA failed', false));
-
-    db.createApplication(Utils.toNeutralString(req.body.name), Utils.toNeutralString(req.body.desc), req.session['mc_UUID'], (err, app) => {
-      if (err) return next(Utils.logAndCreateError(err));
-
-      res.redirect(`${Utils.Storage.BASE_URL}/settings/${app.id}`);
-    });
-  });
-});
-
-router.post('/:appID', (req, res, next) => {
-  if (!req.session['loggedIn']) return next(Utils.createError(401, 'You are not logged in!'));
-
-  const appID = req.body.client_id,
-    name = Utils.toNeutralString(req.body.name || ''),
-    desc = (req.body.desc || '').trim().replace(/\r\n/g, '\n'),
-    icon = Utils.toNeutralString(req.body.icon || '').toLowerCase(),
-    redirectURIs = (req.body.redirect_uris || '').split(/\r?\n/).filter((el) => { return el; });
-
-  if (!appID || !Utils.isNumber(appID)) return next(Utils.createError(404, 'ToDo: Invalid client_id'));
-  if (!icon || (!Utils.isNumber(icon) && icon != 'default')) return next(Utils.createError(404, 'ToDo: Invalid icon'));
-
-  if (!name) return Utils.createError(400, 'Missing Application-Name');
-  if (name.length > 128) return Utils.createError(400, 'Application-Name exceed 128 characters');
-  if (desc && desc.length > 512) return Utils.createError(400, 'Application-Description exceed 512 characters');
-
-  let removedURIs = 0;
-  const newRedirectURIs = redirectURIs.filter((el) => {
-    if (!Utils.isAbsoluteURL(el)) {
-      removedURIs++;
-
-      return false;
-    }
-
-    return true;
-  });
-
-  db.getApplicationForOwner(appID, req.session['mc_UUID'], (err, app) => {
-    if (err && err.code != 22003 /* numeric_value_out_of_range */) return next(Utils.logAndCreateError(err));
-    if (!app || app.deleted) return next(Utils.createError(403, 'ToDo: Invalid client_id or not the owner'));
-
-    db.updateApplication(app.id, name, desc, icon != 'default' ? icon : null, newRedirectURIs, (err) => {
-      if (err) return next(Utils.logAndCreateError(err));
-
-      const note = removedURIs > 0 ? (`&note=${encodeURIComponent('Removed ' + removedURIs + ' invalid redirect URI' + (removedURIs != 1 ? 's' : ''))}`) : '';
-      res.redirect(`${Utils.Storage.BASE_URL}/settings/${app.id}?success=true${note}`);  //TODO: Beim Seitenaufruf mit ?success und note auch eine Meldung zeigen
-    });
-  });
-});
-
-router.get('/:appID?', (req, res, next) => {
-  if (!req.session['loggedIn']) return next(Utils.createError(401, 'You are not logged in!'));  // TODO: HTML
-
-  const appID = req.params.appID;
-
-  if (appID) {
-    if (appID.toLowerCase() == 'create') {
-      return Utils.Express.handleStaticDynamic(req, res, Utils.Storage.SETTINGS_CREATE);
-    }
-
-    if (!Utils.isNumber(appID)) return next(Utils.createError(404, 'ToDo: Invalid client_id'));
-
-    db.getApplication(appID, (err, app) => {
-      if (err && err.code != 22003 /* numeric_value_out_of_range */) return next(Utils.logAndCreateError(err));
-      if (!app || app.deleted) return next(Utils.createError(404, 'ToDo: Invalid client_id'));
-
-      Utils.Minecraft.getUsername(req.session['mc_UUID'], (err, username) => {
-        if (err) Utils.logAndCreateError(err);
-
-        return res.send(
-          Utils.HTML.formatHTML(req,
-            Utils.HTML.replaceVariables(req, username, Utils.Storage.SETTINGS_APP, Utils.HTML.appVariableCallback, [app, username, true])
-          )
-        );
-      });
-    });
-
-  } else {
-    db.getActiveApplications(req.session['mc_UUID'], (err, apps) => {
-      if (err) return next(Utils.logAndCreateError(err));
-
-      Utils.Minecraft.getUsername(req.session['mc_UUID'], (err, username) => {
-        if (err) Utils.logAndCreateError(err);
-
-        res.send(
-          Utils.HTML.formatHTML(req, Utils.HTML.replaceVariables(req, username, Utils.Storage.SETTINGS), Utils.HTML.appsFormatCallback, [apps])
-        );
-      });
-    });
-  }
-});
-
-module.exports = router;
\ No newline at end of file
diff --git a/routes/uploads.js b/routes/uploads.js
deleted file mode 100644
index 7e35617..0000000
--- a/routes/uploads.js
+++ /dev/null
@@ -1,55 +0,0 @@
-const sharp = require('sharp');
-
-const Utils = require('../utils'),
-  db = require('../db/DB');
-
-const router = require('express').Router();
-
-router.get('/:fileName', (req, res, next) => {
-  const fileName = req.params['fileName'].toLowerCase();
-  let imgID = fileName.substring(0, fileName.length - 4);
-
-  if (!fileName || !imgID || !fileName.endsWith('.png') || !Utils.isNumber(imgID)) return res.sendStatus(404);
-
-  if (imgID.startsWith('0')) {
-    while (imgID.startsWith('0')) {
-      imgID = imgID.substring(1);
-    }
-
-    if (imgID.length > 0) {
-      return res.redirect(301, `${Utils.Storage.BASE_URL}/uploads/${imgID}.png`);
-    }
-
-    return res.sendStatus(404);
-  }
-
-  db.getOptimizedImage(imgID, (err, img) => {
-    if (err) return next(Utils.logAndCreateError(err));
-    if (!img) return res.sendStatus(404);
-
-    res.type('png').send(img);
-  });
-});
-
-router.post('/new', (req, res, next) => {
-  if (!req.session['loggedIn']) return next(Utils.createError(401, 'You are not logged in!'));
-
-  if (!req.body || !(req.body instanceof Buffer) || req.body.length == 0) return next(Utils.createError(400, 'Missing or invalid image'));
-
-  sharp(req.body).png().resize(128, 128, { fit: 'contain', kernel: 'nearest', background: { r: 0, g: 0, b: 0, alpha: 0 } }).toBuffer((err, buffer, info) => {
-    if (err) return next(Utils.createError(400, 'Invalid image', true));
-    if (info.width < 64 || info.height < 64) return next(Utils.createError(400, 'Invalid image dimensions', true));
-
-    db.createImage(buffer, req.body, (err, imageID) => {
-      if (err) return next(Utils.logAndCreateError(err));
-
-      const imgURL = `${Utils.Storage.BASE_URL}/uploads/${imageID}.png`;
-
-      res.status(201) // TODO: Differ 'Created'(201) and 'Found/OK'(200)
-        .location(imgURL)
-        .send({ id: imageID, url: imgURL });
-    });
-  });
-});
-
-module.exports = router;
\ No newline at end of file
diff --git a/server.js b/server.js
deleted file mode 100644
index 47c0472..0000000
--- a/server.js
+++ /dev/null
@@ -1,163 +0,0 @@
-const Utils = require('./utils');
-
-const express = require('express'),
-  morgan = require('morgan');
-
-const logFormat = '[:date[web]] :remote-addr by :remote-user | :method :url :status with :res[content-length] bytes | ":user-agent" referred from ":referrer" | :response-time[3] ms';
-const accessLogStream = require('rotating-file-stream').createStream('access.log', {
-  interval: '1d',
-  maxFiles: 7,
-  path: require('path').join(__dirname, 'logs', 'access')
-}),
-  errorLogStream = require('rotating-file-stream').createStream('error.log', {
-    interval: '1d',
-    maxFiles: 90,
-    path: require('path').join(__dirname, 'logs', 'error')
-  });
-
-accessLogStream.on('error', (err) => {
-  console.error(err); // Don't crash whole application, just print
-  // once this event is emitted, the stream will be closed as well
-});
-errorLogStream.on('error', (err) => {
-  console.error(err); // Don't crash whole application, just print
-  // once this event is emitted, the stream will be closed as well
-});
-
-const app = express();
-
-app.disable('x-powered-by');
-app.set('trust proxy', require('./storage/config.json')['trustProxy']);
-
-// Log to console and file
-app.use(morgan('dev', { skip(req, res) { return res.statusCode < 400 || res.hideFromConsole || req.originalUrl.startsWith('/.well-known/acme-challenge/'); } }));
-app.use(morgan(logFormat, { stream: accessLogStream }));
-app.use(morgan(logFormat, { skip(req, res) { return res.statusCode < 400 || res.hideFromConsole || req.originalUrl.startsWith('/.well-known/acme-challenge/'); }, stream: errorLogStream }));
-
-app.use(express.json());
-app.use(express.urlencoded({ extended: true }));
-app.use(require('body-parser').raw({ type: ['image/png', 'image/jpeg', 'image/gif', 'image/svg+xml', 'image/webp'], limit: '3MB' }));
-
-// Remove duplicate query-params (Last one wins)
-app.use((req, _res, next) => {
-  for (const key in req.query) {
-    if (req.query.hasOwnProperty(key)) {
-      const elem = req.query[key];
-
-      if (Array.isArray(elem)) {
-        req.query[key] = elem.pop();
-      }
-    }
-  }
-
-  next();
-});
-
-// Default response headers
-app.use((_req, res, next) => {
-  res.set({
-    // 'Access-Control-Allow-Origin': '*',
-    // 'Access-Control-Allow-Headers': 'User-Agent,Content-Type',
-
-    'Cache-Control': 'private, max-age=0'
-  });
-
-  next();
-});
-
-/* Non-Cookie Routes */
-app.use('/oauth2', require('./routes/oAuth2_post'));
-
-/* Cookie Routes */
-app.use(require('cookie-parser')());
-app.use(require('express-session')({
-  name: 'sessID',
-  store: new (require('connect-pg-simple')(require('express-session')))({
-    pool,
-    pruneSessionInterval: 60 * 60 * 24 /* 24h */
-  }),
-  secret: require('./storage/misc').CookieSecret,
-  resave: false,
-  saveUninitialized: false,
-  rolling: true,
-  unset: 'destroy',
-  cookie: { secure: require('./storage/config.json')['secureCookies'], httpOnly: true, maxAge: 30 * 24 * 60 * 60 * 1000 /* 30d */ }
-}));
-
-// Set language on first visit
-app.use((req, res, next) => {
-  if (!req.cookies['lang']) {
-    let newLang;
-
-    if (req.header('Accept-Language')) {
-      for (const arg of req.header('Accept-Language').split(',')) {
-        const langKey = arg.split(';')[0].substring(0, 2).toLowerCase();
-
-        if (Utils.Localization.isLanguageSupported(langKey)) {
-          newLang = langKey;
-          break;
-        }
-      }
-    } else {
-      newLang = Utils.Localization.defaultLang;
-    }
-
-    if (newLang) {
-      res.cookie('lang', newLang, { secure: require('./storage/config.json')['secureCookies'], httpOnly: true, maxAge: 90 * 24 * 60 * 60 * 1000 /* 90d */ });
-      req.cookies['lang'] = newLang;
-    }
-  }
-
-  next();
-});
-
-// ToDo Set caching headers on routes
-/** static **/
-app.use('/', Utils.Express.staticDynamicRouter(Utils.Storage.INDEX));
-app.use('/legal', Utils.Express.staticDynamicRouter(Utils.Storage.LEGAL));
-app.use('/privacy', Utils.Express.staticDynamicRouter(Utils.Storage.PRIVACY));
-
-/** dynamic **/
-app.use('/login', require('./routes/login'));
-app.use('/logout', require('./routes/logout'));
-app.use('/oauth2', require('./routes/oAuth2'));
-app.use('/settings', require('./routes/settings'));
-app.use('/uploads', require('./routes/uploads'));
-app.get('/language', (req, res, _next) => {
-  if (req.query['lang'] && Utils.Localization.isLanguageSupported(req.query['lang']) && req.cookies['lang'] != req.query['lang']) {
-    res.cookie('lang', req.query['lang'].toLowerCase(), { secure: require('./storage/config.json')['secureCookies'], httpOnly: true, maxAge: 90 * 24 * 60 * 60 * 1000 /* 90d */ });
-  }
-
-  const returnTo = (req.query['returnTo'] || '');
-  res.redirect(returnTo.toLowerCase().startsWith(Utils.Storage.BASE_URL) ? returnTo : Utils.Storage.BASE_URL);
-});
-
-// Prepare 404
-app.use((_req, _res, next) => {
-  next(Utils.createError(404, 'The requested resource could not be found.'));
-});
-
-// Send Error
-app.use((err, _req, res, _next) => {
-  if (!err || !(err instanceof Error)) {
-    if (err) console.error('Invalid Error provided:', err);
-
-    err = Utils.createError();
-  }
-
-  if (!err.hideFromConsole && (!err.status || (err.status >= 500 && err.status < 600))) {
-    console.error(err); // Log to file
-  }
-
-  if (err.hideFromConsole) res.hideFromConsole = true;
-
-  if (!res.headersSent) {
-    res.status(err.status || 500)
-      .json({
-        status: err.status,
-        msg: err.message
-      });
-  }
-});
-
-module.exports = app;
\ No newline at end of file
diff --git a/src/dynamicEmailGenerator.ts b/src/dynamicEmailGenerator.ts
new file mode 100644
index 0000000..85ee8f9
--- /dev/null
+++ b/src/dynamicEmailGenerator.ts
@@ -0,0 +1,53 @@
+import { readFileSync } from 'fs';
+import { join as joinPath } from 'path';
+
+import { getLocalization } from './localization';
+import { pageGenerator } from '.';
+
+const dynamicMailPath = joinPath(__dirname, '..', 'resources', 'email');
+
+export class DynamicMailGenerator {
+  readonly mailTemplates: { [key in MailTemplate]: { html: string, txt: string } };
+  readonly mailCache: { [key: string]: { html: string, txt: string } } = {};
+
+  constructor() {
+    this.mailTemplates = {
+      CONFIRM_EMAIL: {
+        html: pageGenerator.renderEjs(readFileSync(joinPath(dynamicMailPath, 'confirm_email.html'), 'utf-8'), 0),
+        txt: pageGenerator.renderEjs(readFileSync(joinPath(dynamicMailPath, 'confirm_email.txt'), 'utf-8'), 0)
+      }
+    };
+
+    // Generate HTML templates and cache them
+    for (const langKey in getLocalization().languages) {
+      for (const key in MailTemplate) {
+        const html = this.mailTemplates[key as MailTemplate];
+
+        this.mailCache[langKey + key] = { html: pageGenerator.renderEjs1(html.html, langKey), txt: pageGenerator.renderEjs1(html.txt, langKey) };
+      }
+    }
+    Object.freeze(this.mailCache);  // Protect cache from accidental modification
+  }
+
+  renderMail(template: MailTemplate, langKey: string, mailData: MailData = {}): { html: string, txt: string } {
+    const data: { page: MailData, con: { lang: string } } = {
+      page: mailData,
+      con: {
+        lang: langKey
+      }
+    }
+
+    return {
+      html: pageGenerator.renderEjs(this.mailCache[data.con.lang + template].html, 2, data),
+      txt: pageGenerator.renderEjs(this.mailCache[data.con.lang + template].txt, 2, data)
+    };
+  }
+}
+
+export enum MailTemplate {
+  CONFIRM_EMAIL = 'CONFIRM_EMAIL'
+}
+
+interface MailData {
+  confirm_mail?: { mcProfile: { id: string, name: string }, token: string }
+}
\ No newline at end of file
diff --git a/src/dynamicPageGenerator.ts b/src/dynamicPageGenerator.ts
new file mode 100644
index 0000000..088b015
--- /dev/null
+++ b/src/dynamicPageGenerator.ts
@@ -0,0 +1,192 @@
+import * as ejs from 'ejs';
+import * as express from 'express';
+import moment, { Moment } from 'moment';
+import { readFileSync } from 'fs';
+import { join as joinPath } from 'path';
+
+import { cfg } from '.';
+import { stripLangKeyFromURL, stripParamsFromURL } from './utils/utils';
+import { getLocalization, Localization } from './localization';
+import { OAuthApp, Grant, mcAuthAccount } from './global';
+
+const dynamicWebPath = joinPath(__dirname, '..', 'resources', 'web', 'dynamic');
+
+export class DynamicPageGenerator {
+  readonly globals: { url: { base: string, static: string, mcServer: string, docs: string }, reCaptchaPublic: string };
+  readonly pageTemplates: { [key in PageTemplate]: string };
+  readonly pagePartTemplates: { [key: string]: string };
+  readonly htmlCache: { [key: string]: string } = {};
+
+  constructor(localization: Localization) {
+    this.globals = {
+      url: {
+        base: DynamicPageGenerator.generateUrlPrefix(cfg.web.urlPrefix.dynamicContentHost),
+        static: DynamicPageGenerator.generateUrlPrefix(cfg.web.urlPrefix.staticContentHost),
+
+        mcServer: 'mc-auth.com',
+        docs: 'https://github.com/Mc-Auth-com/Mc-Auth-Web/wiki'
+      },
+
+      reCaptchaPublic: cfg.reCAPTCHA.public
+    };
+
+    /* Read HTML and apply level 0 rendering */
+
+    this.pagePartTemplates = {
+      _HEAD: this.renderEjs(readFileSync(joinPath(dynamicWebPath, '_head.html'), 'utf-8'), 0, { global: this.globals }),
+      _HEADER: this.renderEjs(readFileSync(joinPath(dynamicWebPath, '_header.html'), 'utf-8'), 0, { global: this.globals }),
+      _FOOTER: this.renderEjs(readFileSync(joinPath(dynamicWebPath, '_footer.html'), 'utf-8'), 0, { global: this.globals }),
+      _SETTINGS_SIDEBAR: this.renderEjs(readFileSync(joinPath(dynamicWebPath, 'settings/_sidebar.html'), 'utf-8'), 0, { global: this.globals })
+    };
+
+    this.pageTemplates = {
+      INDEX: this.renderEjs(readFileSync(joinPath(dynamicWebPath, 'index.html'), 'utf-8'), 0),
+      LEGAL: this.renderEjs(readFileSync(joinPath(dynamicWebPath, 'legal.html'), 'utf-8'), 0),
+      PRIVACY: this.renderEjs(readFileSync(joinPath(dynamicWebPath, 'privacy.html'), 'utf-8'), 0),
+
+      DEMO: this.renderEjs(readFileSync(joinPath(dynamicWebPath, 'demo.html'), 'utf-8'), 0),
+
+      LOGIN: this.renderEjs(readFileSync(joinPath(dynamicWebPath, 'login.html'), 'utf-8'), 0),
+      AUTHORIZE: this.renderEjs(readFileSync(joinPath(dynamicWebPath, 'authorize.html'), 'utf-8'), 0),
+
+      SETTINGS_ACCOUNT: this.renderEjs(readFileSync(joinPath(dynamicWebPath, 'settings/account.html'), 'utf-8'), 0),
+      SETTINGS_SECURITY: this.renderEjs(readFileSync(joinPath(dynamicWebPath, 'settings/security.html'), 'utf-8'), 0),
+      SETTINGS_NOTIFICATIONS: this.renderEjs(readFileSync(joinPath(dynamicWebPath, 'settings/notifications.html'), 'utf-8'), 0),
+
+      SETTINGS_APPS: this.renderEjs(readFileSync(joinPath(dynamicWebPath, 'settings/apps/apps.html'), 'utf-8'), 0),
+      SETTINGS_APPS_APP: this.renderEjs(readFileSync(joinPath(dynamicWebPath, 'settings/apps/edit.html'), 'utf-8'), 0),
+      SETTINGS_APPS_CREATE: this.renderEjs(readFileSync(joinPath(dynamicWebPath, 'settings/apps/create.html'), 'utf-8'), 0)
+    };
+
+    // Apply level 0 and 1 rendering to localization
+    for (const langKey in localization.languages) {
+      const lang = localization.languages[langKey];
+
+      for (const locKey in lang) {
+        lang[locKey] = this.renderEjs1(this.renderEjs(lang[locKey], 0), langKey);
+      }
+    }
+
+    // Generate HTML templates and cache them
+    for (const langKey in getLocalization().languages) {
+      for (const key in PageTemplate) {
+        this.htmlCache[langKey + key] = this.renderEjs1(this.pageTemplates[key as PageTemplate], langKey);
+      }
+    }
+    Object.freeze(this.htmlCache);  // Protect cache from accidental modification
+  }
+
+  renderPage(template: PageTemplate, req: express.Request, res: express.Response, pageData: PageData = {}): string {
+    const data: { page: PageData, con: { query: { [key: string]: string }, isDarkTheme: boolean, lang: string, isLoggedIn: boolean, mcProfile: object /* FIXME type */, /*isAdmin: boolean, session: object, url: string, urlEncoded: string*/ currPath: string }, currLocalizedURL: { [key: string]: string }, currNonLocalizedURL: string, moment: Moment } = {
+      page: pageData,
+      con: {
+        query: {},
+        isDarkTheme: req.cookies.darkTheme == '1',
+        lang: res.locals.lang,
+        isLoggedIn: req.session && req.session.loggedIn,
+        mcProfile: req.session?.loggedIn ? req.session.mcProfile : null,
+        // isAdmin: req.session && req.session.data && req.session.data.id == '407b28ede7bd451693d93361fecb7889',
+        // session: req.session ? req.session.data : null,
+        currPath: stripParamsFromURL(req.originalUrl).toLowerCase()
+      },
+      currLocalizedURL: {},
+      currNonLocalizedURL: this.globals.url.base + stripLangKeyFromURL(stripParamsFromURL(req.originalUrl)),
+      moment: moment().locale(res.locals.lang)
+    }
+
+    for (const langKey in getLocalization().languages) {
+      data.currLocalizedURL[langKey] = this.globals.url.base + '/' + langKey + stripLangKeyFromURL(stripParamsFromURL(req.originalUrl));
+    }
+
+    for (const key in req.query) {
+      if (req.query.hasOwnProperty(key)) {
+        const value = req.query[key];
+
+        if (typeof value == 'string') {
+          data.con.query[key] = value;
+        }
+      }
+    }
+
+    return this.renderEjs(this.htmlCache[data.con.lang + template], 2, data);
+  }
+
+  /**
+   * * **Level 0**: Used when inserting `global`s or `_HEAD`, `_HEADER`, ...
+   * * **Level 1**: Used when inserting localization string
+   * * **Level 2**: Used when inserting/generating dynamic content
+   */
+  renderEjs(str: string, level: 0 | 1 | 2, data?: ejs.Data): string {
+    if (level == 0 && data == undefined) {
+      data = {
+        global: this.globals,
+
+        _HEAD: this.pagePartTemplates._HEAD,
+        _HEADER: this.pagePartTemplates._HEADER,
+        _FOOTER: this.pagePartTemplates._FOOTER,
+        _SETTINGS_SIDEBAR: this.pagePartTemplates._SETTINGS_SIDEBAR
+      };
+    }
+
+    return ejs.render(str, data, { delimiter: `%${level}` }) as string;
+  }
+
+  /**
+   * Calls #renderEjs(str, 1, data) with default data based on langKey
+   *
+   * @param langKey The language to use for localization
+   */
+  renderEjs1(str: string, langKey: string): string {
+    // TODO: Provide getString(key: string): string {} as function that automatically calls loc.getString with langKey
+
+    return this.renderEjs(str, 1, {
+      loc: getLocalization(),
+      langKey,
+      global: {
+        url: {
+          baseLocalized: this.globals.url.base + (langKey != getLocalization().defaultLanguage ? `/${langKey}` : '')
+        }
+      },
+    });
+  }
+
+  /**
+   * Takes `host` and applies the chosen protocol from `cfg.web.urlPrefix.https`
+   *
+   * If the host is set to `auto`, host and port from `cfg.listen` are taken and used instead.
+   * The port is automatically emitted when it is the default port for the chosen protocol
+   *
+   * @param host Should be `auto` or a hostname with optional port (`host[:port]`)
+   */
+  private static generateUrlPrefix(host: string | 'auto') {
+    return `http${cfg.web.urlPrefix.https ? 's' : ''}://${host != 'auto' ? host : `${cfg.listen.host}${((cfg.web.urlPrefix.https && cfg.listen.port != 443) ||
+      (!cfg.web.urlPrefix.https && cfg.listen.port != 80)) ? `:${cfg.listen.port}` : ''}`}`;
+  }
+}
+
+export enum PageTemplate {
+  INDEX = 'INDEX',
+  LEGAL = 'LEGAL',
+  PRIVACY = 'PRIVACY',
+
+  DEMO = 'DEMO',
+
+  LOGIN = 'LOGIN',
+  AUTHORIZE = 'AUTHORIZE',
+
+  SETTINGS_ACCOUNT = 'SETTINGS_ACCOUNT',
+  SETTINGS_SECURITY = 'SETTINGS_SECURITY',
+  SETTINGS_NOTIFICATIONS = 'SETTINGS_NOTIFICATIONS',
+
+  SETTINGS_APPS = 'SETTINGS_APPS',
+  SETTINGS_APPS_APP = 'SETTINGS_APPS_APP',
+  SETTINGS_APPS_CREATE = 'SETTINGS_APPS_CREATE'
+}
+
+interface PageData {
+  apps?: OAuthApp[],
+  appOwner?: object, // TODO: rename or move into apps
+  grant?: Grant,
+  demo?: { err?: { name: string, info?: string }, mcProfile?: object },
+  account?: mcAuthAccount
+}
\ No newline at end of file
diff --git a/src/global.ts b/src/global.ts
new file mode 100644
index 0000000..a8cdeaf
--- /dev/null
+++ b/src/global.ts
@@ -0,0 +1,134 @@
+/* SpraxAPI */
+export interface mcAuthCfg {
+  readonly listen: {
+    readonly usePath: boolean,
+    readonly path: string,
+
+    readonly host: string,
+    readonly port: number
+  }
+
+  readonly trustProxy: boolean;
+
+  readonly logging: {
+    readonly accessLogFormat: string;
+    readonly discordErrorWebHookURL: string | null;
+  }
+
+  readonly web: {
+    readonly serveStatic: boolean;
+
+    readonly urlPrefix: {
+      readonly https: boolean;
+      readonly dynamicContentHost: string | 'auto';
+      readonly staticContentHost: string | 'auto';
+    }
+  }
+
+  readonly cookies: {
+    readonly secure: boolean;
+  }
+
+  readonly demo: {
+    readonly mcAuth: {
+      readonly client_id: string;
+      readonly client_secret: string;
+    }
+  }
+
+  readonly reCAPTCHA: {
+    readonly public: string;
+    readonly private: string;
+  }
+
+  readonly smtp: {
+    readonly host: string;
+    readonly port: number;
+
+    readonly secure: boolean;
+
+    readonly auth: {
+      readonly username: string;
+      readonly password: string;
+    };
+
+    readonly from: string;
+  }
+
+  readonly secret: string;
+}
+
+export interface mcAuthDbCfg {
+  readonly host: string;
+  readonly port: number;
+  readonly ssl: boolean;
+  readonly connectionPoolSize: number;
+
+  readonly user: string;
+  readonly password: string;
+  readonly database: string;
+}
+
+export interface OAuthApp {
+  readonly id: string;
+  readonly owner: string;
+
+  readonly name: string;
+  readonly description: string | null;
+  readonly website: string;
+
+  readonly iconID: string | null;
+  readonly redirectURIs: string[];
+
+  readonly secret: string | null;
+
+  readonly verified: boolean;
+  readonly deleted: boolean;
+
+  readonly created: Date;
+}
+
+export interface mcAuthAccount {
+  readonly id: string;
+  readonly name: string;
+
+  readonly email: string | null;
+  readonly emailPending: string | null;
+  readonly emailPendingSince: Date | null;
+
+  readonly lastLogin: Date | null;
+}
+
+export interface OAuthAppIcon {
+  readonly id: string;
+
+  readonly optimizedImg: Buffer | null;
+  readonly originalImg: Buffer | null;
+
+  readonly duplicateOf: string | null;
+
+  readonly addedBy: string;
+  readonly added: Date;
+}
+
+export interface Grant {
+  readonly id: string;
+  readonly appId: string;
+  readonly mcAccountId: string;
+  readonly result: GrantType | null;
+  readonly scopes: string[];
+  readonly responseType: string;
+  readonly state: string | null;
+  readonly accessToken: string | null;
+  readonly exchangeToken: string | null;
+  readonly redirectUri: string;
+  readonly issued: Date;
+
+  readonly issuedDuringLast24Hours: boolean | null;
+}
+
+export enum GrantType {
+  GRANTED = 'GRANTED',
+  DENIED = 'DENIED',
+  REVOKED = 'REVOKED'
+}
\ No newline at end of file
diff --git a/src/index.ts b/src/index.ts
new file mode 100644
index 0000000..069c975
--- /dev/null
+++ b/src/index.ts
@@ -0,0 +1,213 @@
+import fs = require('fs');
+import rfs = require('rotating-file-stream');
+
+import { join as joinPath } from 'path';
+import { Server, createServer } from 'http';
+
+import { mcAuthCfg, mcAuthDbCfg } from './global';
+import { ApiError } from './utils/errors';
+import { dbUtils } from './utils/database';
+import { DynamicMailGenerator } from './dynamicEmailGenerator';
+import { DynamicPageGenerator } from './dynamicPageGenerator';
+import { getLocalization } from './localization';
+import { loadConfig } from './utils/config';
+import { mailUtils } from './utils/mail';
+
+export let cfg: mcAuthCfg = {
+  listen: {
+    usePath: false,
+    path: './mcAuth.unixSocket',
+
+    host: '127.0.0.1',
+    port: 8091
+  },
+  trustProxy: false,
+
+  logging: {
+    accessLogFormat: '[:date[web]] :remote-addr by :remote-user | :method :url :status with :res[content-length] bytes | ":user-agent" referred from ":referrer" | :response-time[3] ms',
+    discordErrorWebHookURL: null
+  },
+  web: {
+    serveStatic: true,
+    urlPrefix: {
+      https: false,
+      dynamicContentHost: 'auto',
+      staticContentHost: 'auto'
+    }
+  },
+  cookies: {
+    secure: false
+  },
+  demo: {
+    mcAuth: {
+      client_id: 'Create an app at Mc-Auth.com/settings/apps',
+      client_secret: ''
+    }
+  },
+  reCAPTCHA: {
+    public: '',
+    private: ''
+  },
+  smtp: {
+    host: '127.0.0.1',
+    port: 465,
+
+    secure: true,
+
+    auth: {
+      username: 'user007',
+      password: 's3cr3t!'
+    },
+
+    from: 'Mc-Auth <mc-auth@localhost>'
+  },
+  secret: require('crypto').randomBytes(1024).toString('base64')
+};
+export let dbCfg: mcAuthDbCfg = {
+  host: '127.0.0.1',
+  port: 5432,
+  ssl: false,
+  connectionPoolSize: 6,
+
+  user: 'user007',
+  password: 's3cr3t!',
+  database: 'skindb'
+};
+
+let server: Server | null;
+export let db: dbUtils;
+export let mailer: mailUtils;
+
+export let pageGenerator: DynamicPageGenerator;
+export let mailGenerator: DynamicMailGenerator;
+
+export const appVersion: string = JSON.parse(fs.readFileSync(joinPath(__dirname, '..', 'package.json'), 'utf-8')).version ?? 'UNKNOWN_APP_VERSION';
+
+/* Init configuration files */
+cfg = loadConfig(cfg, joinPath(process.cwd(), 'storage', 'config.json')) as mcAuthCfg;
+dbCfg = loadConfig(dbCfg, joinPath(process.cwd(), 'storage', 'db.json')) as mcAuthDbCfg;
+
+/* Register shutdown hook */
+function shutdownHook() {
+  console.log('Shutting down...');
+
+  const ready = async () => {
+    try {
+      if (db) {
+        await db.shutdown();
+      }
+    } catch (ex) {
+      console.error(ex);
+    }
+
+    process.exit();
+  };
+
+  if (server != null) {
+    server.close((err) => {
+      if (err && err.message != 'Server is not running.') console.error(err);
+
+      ready();
+    });
+    server = null;
+  }
+}
+
+process.on('SIGTERM', shutdownHook);
+process.on('SIGINT', shutdownHook);
+process.on('SIGQUIT', shutdownHook);
+process.on('SIGHUP', shutdownHook);
+process.on('SIGUSR2', shutdownHook);  // The package 'nodemon' is using this signal
+
+/* Prepare webserver */
+db = new dbUtils(dbCfg);
+mailer = new mailUtils(cfg.smtp);
+
+pageGenerator = new DynamicPageGenerator(getLocalization());
+mailGenerator = new DynamicMailGenerator();
+
+export const webAccessLogStream = rfs.createStream('access.log', { interval: '1d', maxFiles: 14, path: joinPath(process.cwd(), 'logs', 'access'), compress: true }),
+  errorLogStream = rfs.createStream('error.log', { interval: '1d', maxFiles: 90, path: joinPath(process.cwd(), 'logs', 'error') });
+
+webAccessLogStream.on('error', (err) => {
+  ApiError.log(500, 'webAccessLogStream called error-event', true, { err });
+});
+errorLogStream.on('error', (err) => {
+  ApiError.log(500, 'errorLogStream called error-event', true, { err });
+});
+
+(async () => {
+  try {
+    await db.isReady();
+  } catch (err) {
+    console.error(`Database is not ready! (${err.message})`);
+    process.exit(2);
+  }
+
+  server = createServer(require('./server').app);
+
+  server.on('error', (err: { syscall: string, code: string }) => {
+    if (err.syscall != 'listen') {
+      throw err;
+    }
+
+    const errPrefix = cfg.listen.usePath ? `path ${cfg.listen.path}` : `port ${cfg.listen.port}`;
+    switch (err.code) {
+      case 'EACCES':
+        console.error(`${errPrefix} requires elevated privileges`);
+        process.exit(1);
+        break;
+      case 'EADDRINUSE':
+        console.error(`${errPrefix} is already in use`);
+        process.exit(1);
+        break;
+      default:
+        throw err;
+    }
+  });
+  server.on('listening', () => {
+    console.log(`Listening on ${cfg.listen.usePath ? `path ${cfg.listen.path}` : `port ${cfg.listen.port}`}`);
+  });
+
+  if (cfg.listen.usePath) {
+    const unixSocketPath = cfg.listen.path,
+      unixSocketPIDPath = cfg.listen.path + '.pid',
+      parentDir = require('path').dirname(unixSocketPath);
+
+    if (!fs.existsSync(parentDir)) {
+      fs.mkdirSync(parentDir, { recursive: true });
+    }
+
+    const isProcessRunning = (pid: number): boolean => {
+      try {
+        process.kill(pid, 0);
+        return true;
+      } catch (ex) {
+        return ex.code == 'EPERM';
+      }
+    };
+
+    if (fs.existsSync(unixSocketPath)) {
+      let isRunning: boolean = false;
+      let runningPID: number = -1;
+      if (!fs.existsSync(unixSocketPIDPath) || !(isRunning = isProcessRunning(runningPID = parseInt(fs.readFileSync(unixSocketPIDPath, 'utf-8'))))) {
+        fs.unlinkSync(unixSocketPath);
+      }
+
+      if (isRunning) {
+        console.error(`The process (PID: ${runningPID}) that created '${unixSocketPath}' is still running!`);
+        process.exit(1);
+      }
+    }
+
+    fs.writeFileSync(unixSocketPIDPath, process.pid.toString());
+    server.listen(unixSocketPath);
+    fs.chmodSync(unixSocketPath, '0777');
+  } else {
+    server.listen(cfg.listen.port, cfg.listen.host);
+  }
+})();
+
+export function getSecret(maxLength: number = 1024): Buffer {
+  return Buffer.from(cfg.secret, 'base64').subarray(0, maxLength);
+}
\ No newline at end of file
diff --git a/src/localization.ts b/src/localization.ts
new file mode 100644
index 0000000..d5c756c
--- /dev/null
+++ b/src/localization.ts
@@ -0,0 +1,121 @@
+// TODO: Think of a new file structure for en.json. It needs to be easily translatable and contain info like 'de', 'de_DE', 'Deutsch'
+import { join as joinPath } from 'path';
+import { readFileSync, readdirSync, statSync } from 'fs';
+
+import { ApiError } from './utils/errors';
+import { formatStr } from './utils/utils';
+
+let loc: Localization | null = null;
+
+/**
+ * `langKey` and `defaultLanguage` are expected to be based on 'ISO 639-1'
+ *
+ * @see https://en.wikipedia.org/wiki/List_of_ISO_639-1_codes
+ */
+export class Localization {
+  readonly languages: { [key: string /* langKey */]: { [key: string /* strKey/term */]: string /* localized string */ } };
+
+  defaultLanguage: string;
+
+  constructor(languages: { [key: string]: { [key: string]: string } }, defaultLanguage: string, langPath: string) {
+    if (!languages[defaultLanguage]) {
+      throw new ApiError(500, 'Could not find localization for default language', true,
+        {
+          defaultLanguage,
+          expectedPath: joinPath(langPath, defaultLanguage + '.json'),
+          providedLangs: Object.keys(languages)
+        });
+    }
+
+    this.languages = languages;
+    this.defaultLanguage = defaultLanguage;
+  }
+
+  getString(langKey: string, strKey: string): string {
+    let result: string | undefined;
+
+    if (this.languages[langKey]) {
+      result = this.languages[langKey][strKey];
+    }
+
+    if (!result) {
+      result = this.languages[this.defaultLanguage][strKey];
+    }
+
+    if (!result) {
+      result = '<i>[missing translation]</i>';
+
+      // Log error
+      ApiError.log(500, 'Could not find a matching localization', true, {
+        langKey,
+        strKey,
+        defaultLanguage: this.defaultLanguage,
+        languages: Object.keys(this.languages)
+      });
+    }
+
+    return result;
+  }
+
+  isAvailable(langKey: string): boolean {
+    return !!this.languages[langKey];
+  }
+}
+
+export function getLocalization(): Localization {
+  if (!loc) {
+    /* Read language files and instantiate Localization */
+    const langPath = joinPath(__dirname, '..', 'resources', 'lang');
+    const locArgs = JSON.parse(readFileSync(joinPath(langPath, 'arguments.json'), 'utf-8'));
+
+    const tempLoc: { [key: string]: { [key: string]: string } } = {};
+    for (const fileName of readdirSync(langPath)) {
+      const fileNameLower = fileName.toLowerCase();
+      const filePath = joinPath(langPath, fileName);
+
+      if (fileNameLower.endsWith('.json') &&
+        fileNameLower != 'arguments.json' &&
+        statSync(filePath).isFile()) {
+        const langKey = fileName.substring(0, fileName.length - 5).toLowerCase(),
+          lang = JSON.parse(readFileSync(filePath, 'utf-8'));
+
+        if (langKey.length != 2) {
+          ApiError.log(500, 'Language key needs to be 2 characters long (e.g. en.json)', true, { file: filePath });  // log error
+          continue;
+        } else if (tempLoc[langKey]) {
+          ApiError.log(500, 'Duplicate language file for the same language', true, { langKey, file: filePath });  // log error
+          continue;
+        }
+
+        const duplicateTerms = [];
+        tempLoc[langKey] = {};
+
+        for (const langElem of lang) {
+          if (tempLoc[langKey][langElem.term]) {
+            duplicateTerms.push(langElem.term);
+            continue;
+          }
+
+          let langArgs = [];
+
+          for (const locArgElem of locArgs) {
+            if (locArgElem.term == langElem.term) {
+              langArgs = locArgElem.args;
+              break;
+            }
+          }
+
+          tempLoc[langKey][langElem.term] = formatStr(langElem.definition, langArgs);
+        }
+
+        if (duplicateTerms.length > 0) {
+          ApiError.log(500, 'Duplicate localization terms', true, { file: filePath, duplicates: duplicateTerms });  // log error
+        }
+      }
+    }
+
+    loc = new Localization(tempLoc, 'en', langPath);
+  }
+
+  return loc;
+}
\ No newline at end of file
diff --git a/src/routes/demo.ts b/src/routes/demo.ts
new file mode 100644
index 0000000..ac25234
--- /dev/null
+++ b/src/routes/demo.ts
@@ -0,0 +1,119 @@
+import { CookieOptions, Router } from 'express';
+import { post as httpPost } from 'superagent';
+import jwt from 'jsonwebtoken';
+
+import { ApiError, ApiErrs } from '../utils/errors';
+import { cfg, getSecret, pageGenerator } from '..';
+import { PageTemplate } from '../dynamicPageGenerator';
+import { restful } from '../utils/utils';
+
+const cookieOptions: CookieOptions = { httpOnly: true, path: '/', sameSite: 'strict' };
+
+const router = Router();
+export const demoRouter = router;
+
+const redirectURI = pageGenerator.globals.url.base + '/demo/login';
+
+router.all('/', (req, res, next) => {
+  restful(req, res, next, {
+    get: () => {
+      // Error? => Failed login
+      if (req.query.error) {
+        if (req.cookies.demoSession) {  // delete old login if needed
+          res.clearCookie('demoSession', cookieOptions);
+        }
+
+        // Send html with error message
+        res.type('html')
+          .send(pageGenerator.renderPage(PageTemplate.DEMO, req, res, {
+            demo: {
+              err: {
+                name: req.query.error as string,
+                info: req.query.error_description as string || undefined
+              }
+            }
+          }));
+      } else {
+        let demoData;
+
+        try {
+          // Verify if logged in (cookie exists) and is valid (we don't want to render user-input on the client)
+          demoData = req.cookies.demoSession ?
+            jwt.verify(req.cookies.demoSession, getSecret(256), { algorithms: ['HS256'] }) as { iat: number, mcProfile: object } :
+            undefined;
+        } catch (err) {
+        }
+
+        res.type('html')
+          .send(pageGenerator.renderPage(PageTemplate.DEMO, req, res, { demo: { mcProfile: demoData?.mcProfile || undefined } }));
+      }
+    }
+  });
+});
+
+router.all('/login', (req, res, next) => {
+  restful(req, res, next, {
+    get: () => {
+      if (req.query.error) {  // User did authenticate but Mc-Auth sends us an error
+        return res.redirect(`${pageGenerator.globals.url.base}/demo?error=${req.query.error}${req.query.error_description ? `&error_description=${req.query.error_description}` : ''}`);
+      } else if (!req.query.code) {  // User did not authenticate yet, redirecting to Mc-Auth.com
+        const authReqURL =
+          pageGenerator.globals.url.base + // use 'https://Mc-Auth.com' instead
+          '/oAuth2/authorize' +
+          '?client_id=' + // Your client_id from https://mc-auth.com/de/settings/apps
+          cfg.demo.mcAuth.client_id +
+          '&redirect_uri=' + // Where should Mc-Auth.com redirect the client to (needs to be whitelisted inside your app settings)
+          encodeURIComponent(redirectURI) +
+          '&scope=profile' + // Optional. Tells Mc-Auth that we want the public profile (so we don't have to contact Mojang ourself)
+          '&response_type=code'; // 'token' is supported too
+
+        res.redirect(authReqURL);
+      } else {
+        const exchangeReqURL =
+          pageGenerator.globals.url.base + // use 'https://Mc-Auth.com' instead
+          '/oAuth2/token';
+
+        httpPost(exchangeReqURL)
+          .set('Accept', 'application/json')
+          .set('Content-Type', 'application/json')
+          // .set('User-Agent', '') // TODO
+          .send({
+            // client_secret from Mc-Auth to authenticate our request
+            client_id: cfg.demo.mcAuth.client_id,
+            client_secret: cfg.demo.mcAuth.client_secret,
+
+            code: req.query.code,             // The code that Mc-Auth told the user to give us (redirect)
+            redirect_uri: redirectURI,        // The same URL we redirected the user to
+            grant_type: 'authorization_code'  // REQUIRED. See oAuth2 specs
+          })
+          .end((err, httpBody) => {
+            if (err) return next(err);  // An error occurred
+            if (!httpBody.body.access_token) return next(ApiError.create(ApiErrs.INTERNAL_SERVER_ERROR)); // Should not be possible but just in case
+
+            // Authentication was successful!!
+
+            // I use a temporary cookie as it hold no sensitive data and this is supposed to be a demo page
+            res.cookie('demoSession',
+              jwt.sign({
+                mcProfile: {
+                  id: httpBody.body.data.profile.id,
+                  name: httpBody.body.data.profile.name
+                }
+              }, getSecret(256), { algorithm: 'HS256' }), cookieOptions);
+
+            return res.redirect(`${pageGenerator.globals.url.base}/demo`);
+          });
+      }
+    }
+  });
+});
+
+router.all('/logout', (req, res, next) => {
+  restful(req, res, next, {
+    get: () => {
+      res.clearCookie('demoSession', cookieOptions);
+
+      res.redirect(`${pageGenerator.globals.url.base}/demo`);
+    }
+  });
+});
\ No newline at end of file
diff --git a/src/routes/login.ts b/src/routes/login.ts
new file mode 100644
index 0000000..7c20d27
--- /dev/null
+++ b/src/routes/login.ts
@@ -0,0 +1,54 @@
+import { Router } from 'express';
+
+import { ApiError } from '../utils/errors';
+import { db, pageGenerator } from '..';
+import { MojangAPI } from '../utils/spraxapi';
+import { PageTemplate } from '../dynamicPageGenerator';
+import { restful, isNumber, getReturnURL } from '../utils/utils';
+
+const router = Router();
+export const loginRouter = router;
+
+router.all('/', (req, res, next) => {
+  restful(req, res, next, {
+    get: () => {
+      if (req.session?.loggedIn) return res.redirect(getReturnURL(req) ?? pageGenerator.globals.url.base);
+
+      res.type('html')
+        .send(pageGenerator.renderPage(PageTemplate.LOGIN, req, res));
+    },
+    post: () => {
+      const username: string | undefined = req.body.username,
+        keepLoggedIn: boolean = typeof req.body.keepLogin == 'string' && req.body.keepLogin == 'on';
+      let otp: string | undefined = req.body.otp; // valid otp may have up to 1 space: '### ###'
+
+      if (typeof username != 'string' || username.length > 16) return next(new ApiError(401, 'You have to provide a valid username', false, { body: req.body }));
+      if (typeof otp != 'string' || (otp = otp.replace(/ /, '')).length != 6 || !isNumber(otp)) return next(new ApiError(401, 'Invalid One-Time-Password', false, { body: req.body }));
+
+      MojangAPI.getProfile(username)
+        .then(async (profile: any /* FIXME TYPE */): Promise<void> => {
+          if (profile) db.updateAccount(profile.id, profile.name); // non-blocking
+
+          const success = profile != null && await db.invalidateOneTimePassword(profile.id, otp as string);
+
+          if (!success) return next(new ApiError(400, 'Username or One-Time-Passwort do not match', false, { username, otp, keepLoggedIn, profile }));
+          if (req.session == undefined) return next(new ApiError(500, 'Session could be initialized', true, { originalUrl: req.originalUrl, username }));
+
+          if (!keepLoggedIn) {
+            req.session.cookie.expires = false; // Should delete the cookie when terminating the User-Agent process
+          }
+
+          req.session.loggedIn = true;
+          req.session.mcProfile = {
+            id: profile.id,
+            name: profile.name  // TODO: update periodically
+          };
+
+          req.session.save(() => {
+            return res.redirect(getReturnURL(req) ?? pageGenerator.globals.url.base);
+          });
+        })
+        .catch(next);
+    }
+  });
+});
\ No newline at end of file
diff --git a/src/routes/logout.ts b/src/routes/logout.ts
new file mode 100644
index 0000000..b365316
--- /dev/null
+++ b/src/routes/logout.ts
@@ -0,0 +1,37 @@
+import { Router } from 'express';
+import { pageGenerator } from '..';
+
+import { restful, getReturnURL } from '../utils/utils';
+
+const router = Router();
+export const logoutRouter = router;
+
+router.all('/', (req, res, next) => {
+  restful(req, res, next, {
+    get: () => {
+      if (!req.session) return res.redirect(getReturnURL(req) ?? pageGenerator.globals.url.base);
+
+      // Store cookie properties for manual deletion
+      const cookie = req.session.cookie;
+      cookie.maxAge = 0;
+
+      // Destroy session
+      req.session.destroy((err) => {
+        if (err) return next(err);
+
+        // Delete cookie
+        res.clearCookie('sessID', {
+          domain: cookie.domain,
+          httpOnly: cookie.httpOnly,
+          maxAge: 0,
+          path: cookie.path,
+          sameSite: cookie.sameSite,
+          secure: cookie.secure
+        });
+
+        // Redirect User-Agent
+        return res.redirect(getReturnURL(req) ?? pageGenerator.globals.url.base);
+      });
+    }
+  });
+});
\ No newline at end of file
diff --git a/src/routes/oAuth.ts b/src/routes/oAuth.ts
new file mode 100644
index 0000000..d4c4d88
--- /dev/null
+++ b/src/routes/oAuth.ts
@@ -0,0 +1,225 @@
+import { Router } from 'express';
+
+import { ApiError, ApiErrs } from '../utils/errors';
+import { db, pageGenerator } from '..';
+import { PageTemplate } from '../dynamicPageGenerator';
+import { MojangAPI } from '../utils/spraxapi';
+import { restful, isNumber, stripLangKeyFromURL, stripParamsFromURL, appendParamsToURL } from '../utils/utils';
+
+// TODO Add rate limiting
+//  No confirmed mail: 5/second (burst, status 429), 100/hour (status 429)
+//  Confirmed mail: 50/second (burst, 429), 15000/hour (status 429)
+//  Verified mail: no rate limit (Don't make me regret this)
+
+const validScopes = ['profile'];
+
+const router = Router(),
+  routerNoCookie = Router();
+export const oAuthRouter = router,
+  oAuthNoCookieRouter = routerNoCookie;
+
+routerNoCookie.all('/token', (req, res, next) => {
+  res.locals.sendJSON = true; // Used by Error-Handler
+
+  restful(req, res, next, {
+    post: () => {
+      const clientID = req.body['client_id'],
+        clientSecret = req.body['client_secret'],
+        code = req.body['code'],
+        redirectURI = req.body['redirect_uri'],
+        grantType = req.body['grant_type'];
+
+      if (!clientID || !clientSecret || !isNumber(clientID)) return next(ApiError.create(ApiErrs.INVALID_CLIENT_ID_OR_SECRET));
+
+      db.getApp(clientID)
+        .then((app) => {
+          if (!app || app.deleted || app.secret != clientSecret) return next(ApiError.create(ApiErrs.INVALID_CLIENT_ID_OR_SECRET));
+          if (!grantType || grantType.toLowerCase() != 'authorization_code') return next(ApiError.create(ApiErrs.INVALID_GRANT_TYPE));
+
+          db.invalidateExchangeToken(clientID, code, redirectURI)
+            .then(async (grant) => {
+              if (!grant) return next(ApiError.create(ApiErrs.INVALID_CODE_FOR_TOKEN_EXCHANGE));
+              if (!grant.accessToken) return next(ApiError.create(ApiErrs.SRV_GENERATING_ACCESS_TOKEN));
+
+              const result = {
+                access_token: grant.accessToken,
+                token_type: 'Bearer',
+                expires_in: 3600, /* 1h */
+                scope: grant.scopes.join(' '),
+                state: grant.state || undefined,
+                data: {
+                  uuid: grant.mcAccountId,
+                  profile: undefined as any // TODO: use interfaces
+                }
+              };
+
+              if (grant.scopes.includes('profile')) {
+                try {
+                  result.data.profile = await MojangAPI.getProfile(grant.mcAccountId) as object; // TODO: handle null value
+                } catch (err) {
+                  return next(ApiError.create(ApiErrs.SRV_FETCHING_MINECRAFT_PROFILE, { uuid: grant.mcAccountId }));
+                }
+              }
+
+              return res.send(result);
+            })
+          // .catch(next);  // Not required as Proimises go down the chain when catch is missing?
+        })
+        .catch(next);
+    }
+  });
+});
+
+router.all('/authorize', (req, res, next) => {
+  restful(req, res, next, {
+    get: () => {
+      if (!req.session?.loggedIn) return res.redirect(`${pageGenerator.globals.url.base}/login?return=${encodeURIComponent(stripLangKeyFromURL(req.originalUrl))}`);
+
+      const clientID = req.query.client_id,
+        redirectURI = req.query.redirect_uri,
+        state = req.query.state as string || null,
+        responseType = (typeof req.query.response_type == 'string' ? req.query.response_type : '').toLowerCase(),
+        scope = (typeof req.query.scope == 'string' ? req.query.scope : '').toLowerCase().split(' ').filter((elem) => { return !!elem; });
+
+      /* Basic input validation */
+      if (typeof clientID != 'string' || !isNumber(clientID)) return next(ApiError.create(ApiErrs.invalidQueryArg('client_id'), { typeof: typeof clientID, clientID }));
+      if (typeof redirectURI != 'string' ||
+        redirectURI.length == 0) return next(ApiError.create(ApiErrs.invalidQueryArg('redirect_uri'), { typeof: typeof redirectURI, redirectURI }));
+      if (typeof state != 'string' && state != null) return next(ApiError.create(ApiErrs.invalidQueryArg('state'), { typeof: typeof redirectURI, redirectURI }));
+
+      for (const str of scope) {
+        if (!validScopes.includes(str)) {
+          return next(ApiError.create(ApiErrs.invalidQueryArg('scope')));
+        }
+      }
+      // Done with basic validation
+
+      db.getApp(clientID)
+        .then((app) => {
+          if (!app || app.deleted) return next(ApiError.create(ApiErrs.UNKNOWN_APPLICATION, { clientID, exists: !!app, deleted: app ? app.deleted : '?' }));
+
+          let validRedirectURI = false;
+          const compareableURI = stripParamsFromURL(redirectURI).toLowerCase();
+          for (const uri of app.redirectURIs) {
+            if (stripParamsFromURL(uri).toLowerCase() == compareableURI) {
+              validRedirectURI = true;
+              break;
+            }
+          }
+
+          if (!validRedirectURI) return next(ApiError.create(ApiErrs.INVALID_REDIRECT_URI_FOR_APP));
+          if (responseType != 'code' && responseType != 'token') {
+            return res.redirect(303,
+              appendParamsToURL(redirectURI, [{ key: 'error', value: 'unsupported_response_type' }, { key: 'state', value: state }]));
+          }
+
+          db.createGrant(clientID, req.session?.mcProfile.id, redirectURI, responseType, state, scope.sort())
+            .then((grant) => {
+              MojangAPI.getProfile(app.owner)
+                .then((appOwner) => {
+                  res.type('html')
+                    .send(pageGenerator.renderPage(PageTemplate.AUTHORIZE, req, res, { apps: [app], grant, appOwner: appOwner || undefined }));
+                })
+                .catch(next);
+            })
+            .catch(next);
+        })
+        .catch(next);
+    },
+    post: () => {
+      res.locals.sendJSON = true; // Used by Error-Handler
+
+      if (!req.session?.loggedIn) return res.redirect(`${pageGenerator.globals.url.base}/login?return=${encodeURIComponent(stripLangKeyFromURL(req.originalUrl))}`);
+
+      const grantID = req.body.authenticity_token,
+        clientID = req.body.client_id,
+        state = req.body.state || null,
+        agreed = req.body.result == '1';
+
+      /* Basic input validation */
+      if (typeof grantID != 'string' || !isNumber(grantID)) return next(new ApiError(400, 'Invalid body parameter: authenticity_token', false, { body: req.body }));
+      if (typeof clientID != 'string' || !isNumber(clientID)) return next(new ApiError(400, 'Invalid body parameter: client_id', false, { body: req.body }));
+      if (typeof state != 'string' && state != null) return next(new ApiError(400, 'Invalid body parameter: state', false, { body: req.body }));
+      if (typeof req.body.result != 'string') return next(new ApiError(400, 'Invalid body parameter: result', false, { body: req.body }));
+      // Done with basic validation
+
+      db.getGrant(grantID)
+        .then((grant) => {
+          if (!grant) return next(ApiError.create(ApiErrs.NOT_FOUND));
+          if (grant.result != null || grant.issuedDuringLast24Hours != true) return next(new ApiError(400, 'Grant already fulfilled or expired', false, { grantID: grant.id }));
+
+          db.getApp(clientID)
+            .then(async (app): Promise<void> => {
+              if (!app || app.deleted) return next(ApiError.create(ApiErrs.UNKNOWN_APPLICATION, { clientID }));
+
+              try {
+                await db.setGrantResult(grant.id, agreed);
+
+                if (!agreed) {
+                  return res.redirect(303,
+                    // TODO: Write own URL-class to chain method calls to add params and reduce duplicate code/string (Use this class in multiples places below)
+                    grant.responseType == 'token' ?
+                      `${grant.redirectUri}#error=access_denied&error_description=resource_owner_denied_request&state=${encodeURIComponent(state ?? '')}` :
+                      appendParamsToURL(grant.redirectUri,
+                        [{ key: 'error', value: 'access_denied' },
+                        { key: 'error_description', value: 'resource_owner_denied_request' },
+                        { key: 'state', value: state }]));
+                }
+
+                if (grant.responseType == 'code') {
+                  const token = await db.generateExchangeToken(grant.id);
+
+                  if (!token) {
+                    ApiError.log(500, 'Error generating exchange_token', true, { grantID: grant.id });  // log error
+
+                    return res.redirect(303,
+                      appendParamsToURL(grant.redirectUri,
+                        [{ key: 'error', value: 'server_error' },
+                        { key: 'state', value: state }]));
+                  }
+
+                  return res.redirect(303,
+                    appendParamsToURL(grant.redirectUri,
+                      [{ key: 'code', value: token },
+                      { key: 'expires_in', value: '300' },
+                      { key: 'state', value: state }]));
+                } else if (grant.responseType == 'token') {
+                  const token = await db.generateAccessToken(grant.id);
+
+                  if (!token) {
+                    ApiError.log(500, 'Error generating exchange_token', true, { grantID: grant.id });  // log error
+
+                    return res.redirect(303, `${grant.redirectUri}#error=server_error&state=${encodeURIComponent(state ?? '')}`);
+                  }
+
+                  return res.redirect(303, `${grant.redirectUri}#access_token=${encodeURIComponent(token)}&token_type=${'Bearer'}` +
+                    `&expires_in=${3600}&scope=${encodeURIComponent(grant.scopes.join(' '))}&state=${encodeURIComponent(state ?? '')}`);
+                } else {
+                  ApiError.log(500, 'Could not handle response_type', true, { grantID: grant.id, response_type: grant.responseType });  // Log error
+
+                  return res.redirect(303,
+                    grant.responseType == 'token' ?
+                      `${grant.redirectUri}#error=server_error&error_description=${encodeURIComponent('Unsupported response_type - Please report this bug!')}` +
+                      `&state=${encodeURIComponent(state ?? '')}` :
+                      appendParamsToURL(grant.redirectUri,
+                        [{ key: 'error', value: 'server_error' },
+                        { key: 'error_description', value: 'Unsupported response_type - Please report this bug!' },
+                        { key: 'state', value: state }]));
+                }
+              } catch (err) {
+                ApiError.fromError(err, 500, true, { appID: app.id, grantID: grant.id, response_type: grant.responseType });  // Log error
+
+                return res.redirect(303,
+                  grant.responseType == 'token' ?
+                    `${grant.redirectUri}#error=server_error&state=${encodeURIComponent(state ?? '')}` :
+                    appendParamsToURL(grant.redirectUri,
+                      [{ key: 'error', value: 'server_error' },
+                      { key: 'state', value: state }]));
+              }
+            })
+            .catch(next);
+        })
+        .catch(next);
+    }
+  });
+});
\ No newline at end of file
diff --git a/src/routes/settings.ts b/src/routes/settings.ts
new file mode 100644
index 0000000..7470b21
--- /dev/null
+++ b/src/routes/settings.ts
@@ -0,0 +1,272 @@
+import jwt from 'jsonwebtoken';
+import { Router } from 'express';
+import { post as httpPost } from 'superagent';
+
+import { db, cfg, getSecret, mailer, pageGenerator } from '..';
+import { PageTemplate } from '../dynamicPageGenerator';
+import { restful, stripLangKeyFromURL, isNumber, toNeutralString, isHttpURL, isValidEmail } from '../utils/utils';
+import { ApiError, ApiErrs } from '../utils/errors';
+
+const router = Router();
+export const settingsRouter = router;
+
+router.all('/', (req, res, next) => {
+  restful(req, res, next, {
+    get: () => res.redirect(`${pageGenerator.globals.url.base}/settings/account`)
+  });
+});
+
+router.all('/confirm-email/:token', (req, res, next) => {
+  jwt.verify(req.params.token, getSecret(256), { algorithms: ['HS256'] }, (err, data: any) => {
+    if (err || data instanceof Buffer ||
+      !data || !data.id || !data.email) return next(ApiError.create(ApiErrs.INVALID_OR_EXPIRED_MAIL_CONFIRMATION));
+
+    db.getAccount(data.id)
+      .then((account) => {
+        if (!account || !account.emailPending ||
+          account.emailPending.toLowerCase() != data.email.toLowerCase()) return next(ApiError.create(ApiErrs.INVALID_OR_EXPIRED_MAIL_CONFIRMATION, { account, data }));
+
+        db.setAccountEmailAddress(data.id, data.email)
+          .then(() => {
+            if (account.email) {
+              // TODO: Send information mail to old email
+            }
+
+            res.send('Your email has been successfully updated'); // TODO: Send html
+          })
+          .catch(next);
+      })
+      .catch(next);
+  });
+});
+
+router.all('/account', (req, res, next) => {
+  restful(req, res, next, {
+    get: () => {
+      if (!req.session?.loggedIn) return res.redirect(`${pageGenerator.globals.url.base}/login?return=${encodeURIComponent(stripLangKeyFromURL(req.originalUrl))}`);
+
+      db.getAccount(req.session?.mcProfile.id)
+        .then((account) => {
+          if (!account) return next(ApiError.create(ApiErrs.INTERNAL_SERVER_ERROR, { 'req.session?.mcProfile.id': req.session?.mcProfile.id }));
+
+          res.type('html')
+            .send(pageGenerator.renderPage(PageTemplate.SETTINGS_ACCOUNT, req, res, { account }));
+        })
+        .catch(next);
+    },
+    post: () => {
+      if (req.body.updateMail == '1' && req.body.mailAddr) {
+        if (!isValidEmail(req.body.mailAddr)) return next(new ApiError(400, 'Invalid email address', true, { body: req.body.mailAddr }));
+
+        db.getAccount(req.session?.mcProfile.id)
+          .then((account) => {
+            if (!account) return next(ApiError.create(ApiErrs.INTERNAL_SERVER_ERROR, { 'req.session?.mcProfile.id': req.session?.mcProfile.id }));
+            if (account.email?.toLowerCase() == req.body.mailAddr.toLowerCase()) return res.redirect(`${pageGenerator.globals.url.base}/settings/account`);  // nothing changed
+
+            db.setAccountPendingEmailAddress(req.session?.mcProfile.id, req.body.mailAddr)
+              .then(() => {
+                mailer.sendConfirmEmail(account, req.body.mailAddr, res.locals.lang)
+                  .then(() => {
+                    res.redirect(`${pageGenerator.globals.url.base}/settings/account`);
+                  })
+                  .catch(next);
+              })
+              .catch(next);
+          })
+          .catch(next);
+      } else {
+        return next(new ApiError(400, 'Invalid request body', false, { body: req.body }));
+      }
+    }
+  });
+});
+
+router.all('/security', (req, res, next) => {
+  restful(req, res, next, {
+    get: () => {
+      if (!req.session?.loggedIn) return res.redirect(`${pageGenerator.globals.url.base}/login?return=${encodeURIComponent(stripLangKeyFromURL(req.originalUrl))}`);
+
+      res.type('html')
+        .send(pageGenerator.renderPage(PageTemplate.SETTINGS_SECURITY, req, res));
+    },
+    // post: () => { } // TODO
+  });
+});
+
+router.all('/notifications', (req, res, next) => {
+  restful(req, res, next, {
+    get: () => {
+      if (!req.session?.loggedIn) return res.redirect(`${pageGenerator.globals.url.base}/login?return=${encodeURIComponent(stripLangKeyFromURL(req.originalUrl))}`);
+
+      res.type('html')
+        .send(pageGenerator.renderPage(PageTemplate.SETTINGS_NOTIFICATIONS, req, res));
+    },
+    // post: () => { } // TODO
+  });
+});
+
+router.all('/apps/create', (req, res, next) => {
+  restful(req, res, next, {
+    get: () => {
+      if (!req.session?.loggedIn) return res.redirect(`${pageGenerator.globals.url.base}/login?return=${encodeURIComponent(stripLangKeyFromURL(req.originalUrl))}`);
+
+      res.type('html')
+        .send(pageGenerator.renderPage(PageTemplate.SETTINGS_APPS_CREATE, req, res));
+    },
+    post: () => {
+      if (cfg.reCAPTCHA.private.length == 0) return next(ApiError.create(ApiErrs.NO_RECAPTCHA));
+      if (!req.session?.loggedIn) return next(ApiError.create(ApiErrs.UNAUTHORIZED));
+
+      const appName = req.body.name,
+        appWebsite = req.body.website,
+        appDesc = req.body.description ?? '',
+        captcha = req.body['g-recaptcha-response'];
+
+      /* User input validation */
+      if (typeof appName != 'string' || appName.trim().length == 0) return next(new ApiError(400, 'Missing application name', false, { body: req.body }));
+      if (toNeutralString(appName).length > 128) return next(new ApiError(400, 'Application name exceeds 128 characters', false, { body: req.body }));
+
+      if (typeof appWebsite != 'string' || appWebsite.trim().length == 0) return next(new ApiError(400, 'Missing application website', false, { body: req.body }));
+      if (toNeutralString(appWebsite).length > 512) return next(new ApiError(400, 'Application website exceeds 512 characters', false, { body: req.body }));
+      if (!isHttpURL(toNeutralString(appWebsite))) return next(new ApiError(400, 'Application website is not a valid URL', false, { body: req.body }));
+
+      if (typeof appDesc != 'string') return next(new ApiError(400, 'Invalid application description', false, { body: req.body }));
+      if (toNeutralString(appDesc).length > 512) return next(new ApiError(400, 'Application description exceeds 512 characters', false, { body: req.body }));
+
+      if (typeof captcha != 'string' || captcha.length == 0) return next(new ApiError(400, 'reCAPTCHA failed', false, { body: req.body }));
+
+
+      // Check if reCAPTCHA has been solved
+      httpPost('https://www.google.com/recaptcha/api/siteverify')
+        .field('secret', cfg.reCAPTCHA.private)
+        .field('response', captcha)
+        .end((err, httpRes) => {
+          if (err) return next(err);
+
+          if (httpRes.body?.success != true) return next(new ApiError(400, 'reCAPTCHA failed', false, { body: req.body, reCAPTCHA_body: httpRes.body }));
+
+          db.createApp(req.session?.mcProfile.id, toNeutralString(appName), toNeutralString(appWebsite), toNeutralString(appDesc) || null)
+            .then((app) => res.redirect(`${pageGenerator.globals.url.base}/settings/apps/${app.id}`))
+            .catch(next);
+        });
+    }
+  });
+});
+
+router.all('/apps/:appID?', (req, res, next) => {
+  const appID = req.params.appID || null;
+
+  restful(req, res, next, {
+    get: () => {
+      if (!req.session?.loggedIn) return res.redirect(`${pageGenerator.globals.url.base}/login?return=${encodeURIComponent(stripLangKeyFromURL(req.originalUrl))}`);
+
+      if (appID == null) {
+        db.getApps(req.session.mcProfile.id)
+          .then((apps) => {
+            res.type('html')
+              .send(pageGenerator.renderPage(PageTemplate.SETTINGS_APPS, req, res, { apps }));
+          })
+          .catch(next);
+      } else if (isNumber(appID)) {
+        db.getApp(appID)
+          .then((app) => {
+            if (!app || app.deleted) return next(ApiError.create(ApiErrs.UNKNOWN_APPLICATION));
+            if (app.owner != req.session?.mcProfile.id) return next(ApiError.create(ApiErrs.FORBIDDEN));
+
+            res.type('html')
+              .send(pageGenerator.renderPage(PageTemplate.SETTINGS_APPS_APP, req, res, { apps: [app] }));
+          })
+          .catch(next);
+      } else {
+        return next(ApiError.create(ApiErrs.NOT_FOUND));
+      }
+    },
+    post: () => {
+      if (!req.session?.loggedIn) return next(ApiError.create(ApiErrs.UNAUTHORIZED));
+
+      if (typeof appID != 'string' || !isNumber(appID)) return next(ApiError.create(ApiErrs.UNKNOWN_APPLICATION));
+
+      db.getApp(appID)
+        .then(async (app) => {
+          if (!app || app.deleted) return next(ApiError.create(ApiErrs.UNKNOWN_APPLICATION));
+          if (app.owner != req.session?.mcProfile.id) return next(ApiError.create(ApiErrs.FORBIDDEN));
+
+          if (req.body.regenerateSecret == true) {
+            db.regenerateAppSecret(app.id)
+              .then((secret) => {
+                if (!secret) return next(ApiError.create(ApiErrs.INTERNAL_SERVER_ERROR, { appID: app.id }));
+
+                return res.send({ secret });
+              })
+              .catch(next);
+          } else if (req.body.deleteApp == '1') {
+            let otp = req.body.deleteAppOTP;
+
+            if (typeof otp != 'string' ||
+              !isNumber(otp = otp.replace(/ /g, ''))) return next(new ApiError(400, 'Invalid One-Time-Password', false, { appID: app.id, otp }));
+
+            db.invalidateOneTimePassword(app.owner, otp)
+              .then((valid) => {
+                if (!valid) return next(new ApiError(400, 'Invalid One-Time-Password', false, { appID: app.id, otp }));
+
+                db.setAppDeleted(app.id)
+                  .then(() => {
+                    res.redirect(`${pageGenerator.globals.url.base}/settings/apps`)
+                  })
+                  .catch(next);
+              })
+              .catch(next);
+          } else {
+            const appName = req.body.name,
+              appWebsite = req.body.website,
+              appDesc = req.body.description,
+              iconID = req.body.icon,
+              rawRedirectURIs = req.body.redirect_uris;
+            let redirectURIs: string[] = [];
+
+            /* User input validation */
+            if (typeof appName != 'string' || appName.trim().length == 0) return next(new ApiError(400, 'Missing application name', false, { body: req.body }));
+            if (toNeutralString(appName).length > 128) return next(new ApiError(400, 'Application name exceeds 128 characters', false, { body: req.body }));
+
+            if (typeof appWebsite != 'string' || appWebsite.trim().length == 0) return next(new ApiError(400, 'Missing application website', false, { body: req.body }));
+            if (toNeutralString(appWebsite).length > 512) return next(new ApiError(400, 'Application website exceeds 512 characters', false, { body: req.body }));
+            if (!isHttpURL(toNeutralString(appWebsite))) return next(new ApiError(400, 'Application website is not a valid URL', false, { body: req.body }));
+
+            if (typeof appDesc != 'string') return next(new ApiError(400, 'Invalid application description', false, { body: req.body }));
+            if (toNeutralString(appDesc).length > 512) return next(new ApiError(400, 'Application description exceeds 512 characters', false, { body: req.body }));
+
+            if (typeof iconID != 'string' || (iconID.length != 0 && !isNumber(iconID))) return next(new ApiError(400, 'Invalid iconID', false, { body: req.body }));
+
+            if (typeof rawRedirectURIs != 'string') return next(new ApiError(400, 'Invalid redirectURI', false, { body: req.body }));
+            for (let uri of rawRedirectURIs.split(/\r?\n/)) {
+              uri = toNeutralString(uri);
+
+              if (uri.length == 0) continue;
+              if (!isHttpURL(uri)) return next(new ApiError(400, `Invalid redirectURI: ${uri}`));
+
+              if (!redirectURIs.includes(uri)) {
+                redirectURIs.push(uri);
+              }
+            }
+
+            try {
+              if (iconID.length != 0 && !(await db.doesIconExist(iconID))) return next(new ApiError(400, 'Invalid iconID'));
+            } catch (err) {
+              return next(err);
+            }
+
+            // Update app
+            const descLines: string[] = appDesc.trim().split(/\r?\n/);
+            descLines.forEach(toNeutralString);
+
+            db.setApp(app.id, toNeutralString(appName), toNeutralString(appWebsite), redirectURIs, descLines.join('\n') || null, iconID || null)
+              .then(() => {
+                res.redirect(`${pageGenerator.globals.url.base}/settings/apps/${app.id}`);
+              })
+              .catch(next);
+          }
+        })
+        .catch(next);
+    }
+  });
+});
\ No newline at end of file
diff --git a/src/routes/staticPages.ts b/src/routes/staticPages.ts
new file mode 100644
index 0000000..c3c2d9c
--- /dev/null
+++ b/src/routes/staticPages.ts
@@ -0,0 +1,29 @@
+import { Request, Response, NextFunction, Router } from 'express';
+import { pageGenerator } from '..';
+
+import { PageTemplate } from '../dynamicPageGenerator';
+import { restful } from '../utils/utils';
+
+const router = Router();
+export const staticPagesRouter = router;
+
+const pages: { [key: string]: PageTemplate } = {
+  '/': PageTemplate.INDEX,
+  '/legal': PageTemplate.LEGAL,
+  '/privacy': PageTemplate.PRIVACY
+};
+
+for (const path in pages) {
+  router.all(path, createHandler(path));
+}
+
+function createHandler(path: string): (req: Request, res: Response, next: NextFunction) => void {
+  return (req, res, next) => {
+    restful(req, res, next, {
+      get: () => {
+        res.type('html')
+          .send(pageGenerator.renderPage(pages[path], req, res));
+      }
+    });
+  };
+}
\ No newline at end of file
diff --git a/src/routes/uploads.ts b/src/routes/uploads.ts
new file mode 100644
index 0000000..df3ae58
--- /dev/null
+++ b/src/routes/uploads.ts
@@ -0,0 +1,84 @@
+import { Router } from 'express';
+import { readFileSync } from 'fs';
+import { join as joinPath } from 'path';
+import sharp from 'sharp';
+
+import { restful, isNumber } from '../utils/utils';
+import { ApiError, ApiErrs } from '../utils/errors';
+import { db, pageGenerator } from '..';
+
+const router = Router(),
+  routerNoCookie = Router();
+export const uploadsRouter = router,
+  uploadsNoCookieRouter = routerNoCookie;
+
+const DEFAULT_ICON: Buffer = readFileSync(joinPath(__dirname, '..', '..', 'resources', 'web', 'static', 'uploads', 'default.png'));
+
+// TODO Add rate limit to upload
+
+routerNoCookie.all('/:fileID?', (req, res, next) => {
+  restful(req, res, next, {
+    get: async () => {
+      let fileID = req.params.fileID?.toLowerCase() || null;
+
+      // Validate user input
+      if (typeof fileID != 'string' || !fileID.endsWith('.png') || fileID == '.png') return next(new ApiError(404, 'Not Found', false));
+
+      // Prepare user input
+      fileID = fileID.substring(0, fileID.lastIndexOf('.png'));
+
+      let status = 200;
+
+      if (isNumber(fileID)) {
+        try {
+          const file = await db.getOptimizedIconBuffer(fileID);
+
+          if (file != null && file.length != 0) {
+            return res.type('png')
+              .send(file);
+          } else {
+            status = 404;
+          }
+        } catch (err) {
+          return next(err);
+        }
+      }
+
+      return res.status(status)
+        .type('png')
+        .send(DEFAULT_ICON);
+    },
+    post: next  // Fallthrough and call non-noCookie router
+  });
+});
+
+router.all('/', (req, res, next) => {
+  restful(req, res, next, {
+    post: () => {
+      if (!req.session?.loggedIn) return next(ApiError.create(ApiErrs.UNAUTHORIZED));
+
+      if (!req.body || !(req.body instanceof Buffer) || req.body.length == 0) return next(new ApiError(400, 'Invalid image', false));
+
+      sharp(req.body)
+        .png()
+        .resize(128, 128, { fit: 'contain', kernel: 'nearest', background: { r: 0, g: 0, b: 0, alpha: 0 } })
+        .toBuffer((err, buffer, info) => {
+          if (err) return next(new ApiError(400, 'Invalid image', false));
+          if (info.width < 64 || info.height < 64) return next(new ApiError(400, 'Unsupported image dimensions', false));
+
+          db.createImage(req.session?.mcProfile.id, req.body, buffer)
+            .then((appIcon) => {
+              const imgURL = `${pageGenerator.globals.url.base}/uploads/${appIcon.iconID}.png`;
+
+              if (!appIcon.found) {
+                res.location(imgURL);
+              }
+
+              res.status(appIcon.found ? 200 : 201)
+                .send({ id: appIcon.iconID, url: imgURL });
+            })
+            .catch(next);
+        });
+    }
+  });
+});
\ No newline at end of file
diff --git a/src/server.ts b/src/server.ts
new file mode 100644
index 0000000..8ce240f
--- /dev/null
+++ b/src/server.ts
@@ -0,0 +1,193 @@
+import express from 'express';
+import expressSession from 'express-session';
+import expressSessionPG from 'connect-pg-simple';
+import cookieParser from 'cookie-parser';
+import morgan from 'morgan';
+import { join as joinPath } from 'path';
+
+import { cfg, webAccessLogStream, dbCfg, pageGenerator } from '.';
+import { ApiError, ApiErrs } from './utils/errors';
+import { loginRouter } from './routes/login';
+import { oAuthNoCookieRouter, oAuthRouter } from './routes/oAuth';
+import { staticPagesRouter } from './routes/staticPages';
+import { stripLangKeyFromURL } from './utils/utils';
+import { getLocalization } from './localization';
+import { logoutRouter } from './routes/logout';
+import { dbUtils } from './utils/database';
+import { settingsRouter } from './routes/settings';
+import { uploadsRouter, uploadsNoCookieRouter } from './routes/uploads';
+import { demoRouter } from './routes/demo';
+
+export const app = express();
+app.disable('x-powered-by');
+app.set('trust proxy', cfg.trustProxy);
+
+/* Logging webserver request */
+app.use(morgan(cfg.logging.accessLogFormat, { stream: webAccessLogStream }));
+if (process.env.NODE_ENV == 'production') {
+  app.use(morgan('dev', { skip: (_req, res) => res.statusCode < 500 }));
+} else {
+  app.use(morgan('dev'));
+}
+
+// Force the last query param instead of allowing multiple as string[]
+app.use((req, _res, next) => {
+  for (const key in req.query) {
+    if (req.query.hasOwnProperty(key)) {
+      const value = req.query[key];
+
+      if (Array.isArray(value)) {
+        let newValue = value.pop();
+
+        if (typeof newValue != 'undefined') {
+          req.query[key] = newValue;
+        } else {
+          delete req.query[key];
+        }
+      }
+    }
+  }
+
+  next();
+});
+
+// Default response headers
+// app.use((_req, res, next) => {
+//   res.set({
+//     'Access-Control-Allow-Origin': '*',
+//     'Access-Control-Allow-Headers': 'User-AgentIf-None-Match,Content-Type,If-Unmodified-Since',
+
+//     'Cache-Control': 'private, max-age=0'
+//   });
+
+//   next();
+// });
+
+/* Prepare Request (only call the ones needed by the NoCookie-Routes for now) */
+app.use(express.json());
+
+/* Non-Cookie Routes */
+app.use('/oauth2', oAuthNoCookieRouter);
+app.use('/uploads', uploadsNoCookieRouter);
+
+// Optional: Serving static files too
+if (cfg.web.serveStatic) {
+  app.use(express.static(joinPath(__dirname, '..', 'resources', 'web', 'static')));
+}
+
+/* Prepare Request (calling the other middlewares) */
+app.use(express.urlencoded({ extended: false }));
+app.use(express.raw({ type: ['image/png', 'image/jpeg', 'image/gif', 'image/svg+xml', 'image/webp'], limit: '3MB' }));
+app.use(cookieParser());
+app.use(expressSession({
+  name: 'sessID',
+  store: new (expressSessionPG(expressSession))({
+    tableName: 'sessions',
+    pruneSessionInterval: 60 * 60 * 24, /* 24h */
+    pool: new dbUtils({
+      host: dbCfg.host,
+      port: dbCfg.port,
+      ssl: dbCfg.ssl,
+      connectionPoolSize: 12,
+
+      user: dbCfg.user,
+      password: dbCfg.password,
+      database: dbCfg.database
+    }).getPool() ?? undefined
+  }),
+  secret: cfg.secret,
+  resave: false,
+  saveUninitialized: false,
+  rolling: true,
+  unset: 'destroy',
+  cookie: { secure: cfg.cookies.secure, httpOnly: true, sameSite: 'strict', maxAge: 60 * 24 * 60 * 60 * 1000 /* 60d */ }
+}));
+
+// Determin language to use
+app.use((req, res, next) => {
+  res.locals.lang = getLocalization().defaultLanguage;
+
+  const redirect = req.method == 'GET';
+
+  if (req.url.match(/^\/[a-z]{2}(\/|$)/gi)) {
+    const langKey = req.url.substring(1, 3);
+
+    if (getLocalization().isAvailable(langKey)) {
+      res.locals.lang = langKey;
+      res.cookie('lang', res.locals.lang, { httpOnly: true, path: '/', sameSite: 'strict', secure: cfg.cookies.secure, maxAge: 12 * 30 * 24 * 60 * 60 * 1000 /* 12mo */ });
+
+      req.url = req.url.length == 3 ? '/' : req.url.substring(3);
+    }
+  } else if (req.cookies.lang) {
+    const langKey = req.cookies.lang;
+
+    if (typeof langKey == 'string' &&
+      langKey != getLocalization().defaultLanguage &&
+      getLocalization().isAvailable(langKey)) {
+      return redirect ? res.redirect(pageGenerator.globals.url.base + '/' + langKey + stripLangKeyFromURL(req.originalUrl)) : next();
+    }
+  } else {
+    const acceptedLanguages = req.header('Accept-Language');
+
+    if (typeof acceptedLanguages == 'string') {
+      for (const arg of acceptedLanguages.split(',')) {
+        const langKey = arg.split(';')[0].substring(0, 2).toLowerCase();
+
+        if (getLocalization().isAvailable(langKey)) {
+          if (getLocalization().defaultLanguage == langKey) break;
+
+          return redirect ? res.redirect(pageGenerator.globals.url.base + '/' + langKey + stripLangKeyFromURL(req.originalUrl)) : next();
+        }
+      }
+    }
+  }
+
+  next();
+});
+
+/* Try fulfilling request */
+
+// Handle all the basic pages (index.html, legal.html, ...)
+app.use(staticPagesRouter);
+
+app.use('/oauth2', oAuthRouter);
+app.use('/login', loginRouter);
+app.use('/logout', logoutRouter);
+app.use('/settings', settingsRouter);
+app.use('/uploads', uploadsRouter);
+app.use('/demo', demoRouter);
+
+/* Error handling */
+app.use((req, _res, next) => {
+  next(ApiError.create(ApiErrs.NOT_FOUND, { url: `${req.protocol}://${req.hostname}/${req.originalUrl}` }));
+});
+
+app.use((err: ApiError /* is 'any' or 'unknown' (using ApiError for IntelliSense etc.) */, _req: express.Request, res: express.Response, next: express.NextFunction) => {
+  if (err == undefined || err == null) {
+    err = new ApiError(500, 'The error handler has been called without providing an error', true, { typeof: typeof err, err });
+  } else if (typeof err != 'object' || !(err instanceof Error)) {
+    err = new ApiError(500, 'The error handler has been called with an invalid error', true, { typeof: typeof err, err });
+  } else if (!(err instanceof ApiError)) {
+    err = ApiError.fromError(err);
+  }
+
+  if (res.headersSent) return next(err);  // Calls express default handler
+
+  res.status(err.httpCode)
+    .send(
+      res.locals.sendJSON ?
+        { error: err.httpCode, message: err.message } :
+        `<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><title>Error ${err.httpCode}</title></head><body><h1>${err.httpCode} - ${err.message.replace(/</g, '&lt;').replace(/>/g, '&gt;').replace(/\n/g, '<br>\n')}</h1></body></html>`);
+  // TODO: Send html based on templates
+});
+
+/* Original code below */
+
+// // ToDo Set caching headers on routes
+
+// /** dynamic **/
+// app.use('/login', require('./routes/login'));
+// app.use('/logout', require('./routes/logout'));
+// app.use('/oauth2', require('./routes/oAuth2'));
+// app.use('/settings', require('./routes/settings'));
+// app.use('/uploads', require('./routes/uploads'));
\ No newline at end of file
diff --git a/src/utils/config.ts b/src/utils/config.ts
new file mode 100644
index 0000000..93fe2ef
--- /dev/null
+++ b/src/utils/config.ts
@@ -0,0 +1,19 @@
+import objectAssignDeep from 'object-assign-deep';
+
+import { readFileSync, writeFileSync, mkdirSync, existsSync } from 'fs';
+import { dirname } from 'path';
+
+export function loadConfig(defaultCfg: object, path: string): object {
+  // Create directory if it does not exist
+  if (!existsSync(dirname(path))) {
+    mkdirSync(dirname(path), { recursive: true });
+  }
+
+  // Parse file at 'path' and merge with 'defaultCfg'
+  const result = objectAssignDeep({}, defaultCfg, existsSync(path) ? JSON.parse(readFileSync(path, 'utf-8')) : {});
+
+  // Write current config (+ missing default values) into file
+  writeFileSync(path, JSON.stringify(result, null, 4));
+
+  return result;
+}
\ No newline at end of file
diff --git a/src/utils/database.ts b/src/utils/database.ts
new file mode 100644
index 0000000..8d9c845
--- /dev/null
+++ b/src/utils/database.ts
@@ -0,0 +1,462 @@
+import { Pool, PoolClient } from 'pg';
+
+import { mcAuthDbCfg, OAuthApp, Grant, GrantType, OAuthAppIcon, mcAuthAccount } from '../global';
+import { ApiError, ApiErrs } from './errors';
+
+export class dbUtils {
+  private pool: Pool | null = null;
+
+  constructor(dbCfg: mcAuthDbCfg) {
+    this.pool = new Pool({
+      host: dbCfg.host,
+      port: dbCfg.port,
+      user: dbCfg.user,
+      password: dbCfg.password,
+      database: dbCfg.database,
+      ssl: dbCfg.ssl ? { rejectUnauthorized: false } : false,
+      max: dbCfg.connectionPoolSize
+    });
+
+    this.pool.on('error', (err, _client) => {
+      ApiError.fromError(err, 500, true); // Log error
+    });
+  }
+
+  /* Account */
+  async updateAccount(mcUUID: string, mcName: string): Promise<void> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('INSERT INTO accounts(id,name,last_login) VALUES($1,$2,CURRENT_TIMESTAMP) ON CONFLICT(id) DO UPDATE SET name=$2,last_login=CURRENT_TIMESTAMP;',
+        [mcUUID, mcName], (err, _res) => {
+          if (err) return reject(err);
+
+          resolve();
+        });
+    });
+  }
+
+  async setAccountEmailAddress(mcUUID: string, email: string | null): Promise<void> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('UPDATE accounts SET email =$2,email_pending =NULL,email_pending_since =NULL WHERE id=$1;',
+        [mcUUID, email], (err, _res) => {
+          if (err) return reject(err);
+
+          resolve();
+        });
+    });
+  }
+
+  async setAccountPendingEmailAddress(mcUUID: string, email: string | null): Promise<void> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('UPDATE accounts SET email_pending =$2,email_pending_since =CURRENT_TIMESTAMP WHERE id=$1;', [mcUUID, email], (err, _res) => {
+        if (err) return reject(err);
+
+        resolve();
+      });
+    });
+  }
+
+  async getAccount(id: string): Promise<mcAuthAccount | null> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('SELECT * FROM accounts WHERE id =$1;', [id], (err, res) => {
+        if (err) return reject(err);
+
+        resolve(res.rows.length > 0 ? RowUtils.toAccount(res.rows[0]) : null);
+      });
+    });
+  }
+
+  /* Apps */
+
+  async createApp(mcUUID: string, name: string, website: string, description: string | null): Promise<OAuthApp> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('INSERT INTO apps(owner,name,website,description) VALUES($1,$2,$3,$4) RETURNING *;', [mcUUID, name, website, description], (err, res) => {
+        if (err) return reject(err);
+
+        resolve(RowUtils.toApp(res.rows[0]));
+      });
+    });
+  }
+
+  async setApp(id: string, name: string, website: string, redirectURIs: string[], description: string | null, iconID: string | null): Promise<void> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('UPDATE apps SET name =$2,website =$3,redirect_uris =$4,description =$5,icon =$6 WHERE id=$1;',
+        [id, name, website, JSON.stringify(redirectURIs), description, iconID], (err, _res) => {
+          if (err) return reject(err);
+
+          resolve();
+        });
+    });
+  }
+
+  async setAppDeleted(id: string, deleted: boolean = true): Promise<void> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('UPDATE apps SET deleted =$2 WHERE id=$1;', [id, deleted], (err, _res) => {
+        if (err) return reject(err);
+
+        resolve();
+      });
+    });
+  }
+
+  async getApp(id: string): Promise<OAuthApp | null> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('SELECT * FROM apps WHERE id =$1;', [id], (err, res) => {
+        if (err) return reject(err);
+
+        resolve(res.rows.length > 0 ? RowUtils.toApp(res.rows[0]) : null);
+      });
+    });
+  }
+
+  async getApps(mcUUID: string, includeDeletedApps: boolean = false): Promise<OAuthApp[]> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query(`SELECT * FROM apps WHERE owner =$1 ${!includeDeletedApps ? 'AND deleted =FALSE' : ''};`, [mcUUID], (err, res) => {
+        if (err) return reject(err);
+
+        const result = [];
+
+        for (const row of res.rows) {
+          result.push(RowUtils.toApp(row));
+        }
+
+        resolve(result);
+      });
+    });
+  }
+
+  async regenerateAppSecret(id: string): Promise<OAuthApp['secret'] | null> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('UPDATE apps SET secret =DEFAULT WHERE id =$1 RETURNING secret;', [id], (err, res) => {
+        if (err) return reject(err);
+
+        resolve(res.rows.length != 0 ? RowUtils.toApp(res.rows[0]).secret : null);
+      });
+    });
+  }
+
+  /* Icons */
+  async createImage(mcUUID: string, orgImg: Buffer, optImg: Buffer): Promise<{ found: boolean, iconID: OAuthAppIcon['id'] }> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.connect((err, client, done) => {
+        if (err) return reject(err);
+
+        client.query('BEGIN', (err) => {
+          if (this.shouldAbortTransaction(client, done, err)) return reject(err);
+
+          client.query('LOCK TABLE icons IN ACCESS EXCLUSIVE MODE;', (err) => {
+            if (this.shouldAbortTransaction(client, done, err)) return reject(err);
+
+            client.query('SELECT id as original_id,' +
+              '(SELECT i.id as added_by_duplicate_id FROM icons i WHERE (icons.id =i.id OR icons.id =i.duplicate_of) AND added_by =$1)' +
+              'FROM icons WHERE original =$2 LIMIT 1;',
+              [mcUUID, orgImg], (err, res) => {
+                if (this.shouldAbortTransaction(client, done, err)) return reject(err);
+
+                let insertQuery: string | null = null,
+                  queryArgs: any[] | null = null;
+
+                try {
+                  if (res.rows.length == 0) { // image not in database
+                    insertQuery = 'INSERT INTO icons(optimized,original,added_by) VALUES($1,$2,$3) RETURNING id;';
+                    queryArgs = [optImg, orgImg, mcUUID];
+                  } else if (!res.rows[0].added_by_duplicate_id) {  // image in database but not uploaded by given user
+                    insertQuery = 'INSERT INTO icons(duplicate_of,added_by) VALUES($1,$2) RETURNING id;';
+                    queryArgs = [res.rows[0].added_by_duplicate_id, mcUUID];
+                  }
+                } catch (err) {
+                  return reject(err);
+                }
+
+                if (insertQuery != null && queryArgs != null) {
+                  client.query(insertQuery, queryArgs, (err, insertRes) => {
+                    if (this.shouldAbortTransaction(client, done, err)) return reject(err);
+
+                    client.query('COMMIT', (err) => {
+                      done();
+                      if (err) return reject(err);
+
+                      resolve({ found: false, iconID: insertRes.rows[0].id });
+                    });
+                  });
+                } else {  // image already exists
+                  client.query('ROLLBACK', (err) => {
+                    done();
+                    if (err) return reject(err);
+
+                    resolve({ found: true, iconID: res.rows[0].added_by_duplicate_id });
+                  });
+                }
+              });
+          });
+        });
+      });
+    });
+  }
+
+  async getIcon(id: string): Promise<OAuthAppIcon | null> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('SELECT * FROM icons WHERE id =$1;', [id], (err, res) => {
+        if (err) return reject(err);
+
+        resolve(res.rows.length > 0 ? RowUtils.toAppIcon(res.rows[0]) : null);
+      });
+    });
+  }
+
+  async getOptimizedIconBuffer(id: string): Promise<OAuthAppIcon['optimizedImg'] | null> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('SELECT icons.optimized as img1,i.optimized as img2 FROM icons LEFT JOIN icons i ON icons.duplicate_of =i.id WHERE icons.id =$1;', [id], (err, res) => {
+        if (err) return reject(err);
+
+        resolve(res.rows.length > 0 ? res.rows[0].img1 || res.rows[0].img2 : null);
+      });
+    });
+  }
+
+  async doesIconExist(id: string): Promise<boolean> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('SELECT EXISTS(SELECT FROM icons WHERE id =$1);', [id], (err, res) => {
+        if (err) return reject(err);
+
+        resolve(res.rows.length > 0 ? res.rows[0].exists : false);
+      });
+    });
+  }
+
+  /* OTPs */
+  async invalidateOneTimePassword(mcUUID: string, otp: string): Promise<boolean> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query(`DELETE FROM otps WHERE account =$1 AND code =$2 AND issued >= CURRENT_TIMESTAMP - INTERVAL '5 MINUTES' RETURNING *;`, [mcUUID, otp], (err, res) => {
+        if (err) return reject(err);
+
+        resolve(res.rows.length > 0);
+      });
+    });
+  }
+
+  /* Grants */
+
+  async createGrant(clientID: string, mcUUID: string, redirectURI: string, responseType: string, state: string | null, scopes: string[]): Promise<Grant> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('INSERT INTO grants(app,account,redirect_uri,response_type,state,scopes) VALUES ($1,$2,$3,$4,$5,$6) RETURNING *;',
+        [clientID, mcUUID, redirectURI.toLowerCase(), responseType, state, JSON.stringify(scopes)], (err, res) => {
+          if (err) return reject(err);
+
+          resolve(RowUtils.toGrant(res.rows[0]));
+        });
+    });
+  }
+
+  async setGrantResult(grantID: string, granted: boolean): Promise<void> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query(`UPDATE grants SET result ='${granted ? 'GRANTED' : 'DENIED'}'::"GrantResult" WHERE id =$1;`, [grantID], (err, res) => {
+        if (err) return reject(err);
+
+        return resolve();
+      });
+    });
+  }
+
+  async getGrant(grantID: string): Promise<Grant | null> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query(`SELECT *,(issued >= CURRENT_TIMESTAMP - INTERVAL '24 HOURS') as issued_during_last_24_hours FROM grants WHERE id =$1;`,
+        [grantID], (err, res) => {
+          if (err) return reject(err);
+
+          return resolve(res.rows.length > 0 ? RowUtils.toGrant(res.rows[0]) : null);
+        });
+    });
+  }
+
+  async generateExchangeToken(grantID: string): Promise<Grant['exchangeToken']> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query('UPDATE grants SET exchange_token=random_string(32) WHERE id =$1 RETURNING exchange_token;', [grantID], (err, res) => {
+        if (err) return reject(err);
+
+        return resolve(RowUtils.toGrant(res.rows[0]).exchangeToken);
+      });
+    });
+  }
+
+  async generateAccessToken(grantID: string): Promise<Grant['accessToken']> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+
+      this.pool.query(`UPDATE grants SET access_token=random_string(32),result='GRANTED'::"GrantResult" WHERE id =$1 RETURNING access_token;`, [grantID], (err, res) => {
+        if (err) return reject(err);
+
+        return resolve(RowUtils.toGrant(res.rows[0]).accessToken);
+      });
+    });
+  }
+
+  async invalidateExchangeToken(appId: string, exchange_token: string, redirect_uri: string): Promise<Grant | null> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject(ApiError.create(ApiErrs.NO_DATABASE, { pool: this.pool }));
+
+      this.pool.query(`UPDATE grants SET access_token =random_string(32) WHERE app =$1 AND access_token IS NULL AND exchange_token =$2 AND redirect_uri =$3 AND result ='GRANTED'::"GrantResult" AND issued >= CURRENT_TIMESTAMP - INTERVAL '5 MINUTES' RETURNING *;`,
+        [appId, exchange_token, redirect_uri], (err, res) => {
+          if (err) return reject(err);
+
+          resolve(res.rows.length > 0 ? RowUtils.toGrant(res.rows[0]) : null);
+        });
+    });
+  }
+
+  /* Helper */
+
+  isAvailable(): boolean {
+    return this.pool != null;
+  }
+
+  async isReady(): Promise<void> {
+    return new Promise((resolve, reject) => {
+      if (this.pool == null) return reject();
+
+      this.pool.query('SELECT NOW();')
+        .then(() => resolve())
+        .catch((err) => reject(err));
+    });
+  }
+
+  getPool(): Pool | null {
+    return this.pool;
+  }
+
+  async shutdown(): Promise<void> {
+    if (this.pool == null) return new Promise((resolve, _reject) => { resolve(); });
+
+    const result = this.pool.end();
+    this.pool = null;
+
+    return result;
+  }
+
+  private shouldAbortTransaction(client: PoolClient, done: (release?: any) => void, err: Error): boolean {
+    if (err) {
+      client.query('ROLLBACK', (rollbackErr) => {
+        done();
+
+        if (rollbackErr) {
+          ApiError.log(500, 'Error rolling back pg-client', true, { rollbackErr, lastQueryErr: err });  // log error
+        }
+      });
+    }
+
+    return !!err;
+  }
+}
+
+class RowUtils {
+  static toApp(row: any): OAuthApp {
+    return {
+      id: row.id,
+      owner: row.owner,
+      name: row.name,
+      description: row.description,
+      website: row.website,
+      iconID: row.icon,
+      redirectURIs: row.redirect_uris,
+      secret: row.secret,
+      verified: row.verified,
+      deleted: row.deleted,
+      created: row.created
+    };
+  }
+
+  static toAccount(row: any): mcAuthAccount {
+    return {
+      id: row.id,
+      name: row.name,
+      email: row.email,
+      emailPending: row.email_pending,
+      emailPendingSince: row.email_pending_since,
+      lastLogin: row.last_login
+    };
+  }
+
+  static toAppIcon(row: any): OAuthAppIcon {
+    return {
+      id: row.id,
+      optimizedImg: row.optimized,
+      originalImg: row.original,
+      duplicateOf: row.duplicate_of,
+      addedBy: row.added_by,
+      added: row.added
+    };
+  }
+
+  static toGrant(row: any): Grant {
+    return {
+      id: row.id,
+      appId: row.app,
+      mcAccountId: row.account,
+      result: row.result as GrantType | null,
+      scopes: row.scopes,
+      responseType: row.response_type,
+      state: row.state,
+      accessToken: row.access_token,
+      exchangeToken: row.exchange_token,
+      redirectUri: row.redirect_uri,
+      issued: row.issued,
+      issuedDuringLast24Hours: row.issued_during_last_24_hours
+    };
+  }
+}
+
+
+// original code below
+// setInterval(async () => {
+  // pool.query(`DELETE FROM grants WHERE issued < CURRENT_TIMESTAMP - INTERVAL '24 HOUR' RETURNING *;`,
+  //   [], (err, res) => {
+  //     if (err) return Utils.logAndCreateError(err);
+
+  //     console.log(`Deleted ${res.rowCount} stale grants`);
+  //   });
+
+  // pool.query(`DELETE FROM otp WHERE issued < CURRENT_TIMESTAMP - INTERVAL '24 HOUR' RETURNING *;`,
+  //   [], (err, res) => {
+  //     if (err) return Utils.logAndCreateError(err);
+
+  //     console.log(`Deleted ${res.rowCount} stale one-time-passwords`);
+  //   });
+// }, 3 * 24 * 60 * 60 * 1000 /* 3d */);
\ No newline at end of file
diff --git a/src/utils/errors.ts b/src/utils/errors.ts
new file mode 100644
index 0000000..0031a65
--- /dev/null
+++ b/src/utils/errors.ts
@@ -0,0 +1,128 @@
+import { post as httpPost } from 'superagent';
+import { cfg, appVersion } from '..';
+
+import { type as osType } from 'os';
+
+export const httpUserAgent = `MC-Auth.org/${appVersion} (${osType()}; ${process.arch}; ${process.platform}) (+https://github.com/Mc-Auth-com/Mc-Auth-Web#readme)`;
+
+export class ApiError extends Error {
+  private static webhookRequestsLeft: number = 10;
+
+  readonly httpCode: number;
+  readonly internalDetails: object | null;
+
+  constructor(httpCode: number, message: string, logErr: boolean | 'console' | 'discord' = false, internalDetails: object | null = null, stack?: string) {
+    super(message);
+
+    if (typeof stack == 'string') {
+      this.stack = stack;
+    }
+
+    this.httpCode = httpCode;
+    this.internalDetails = internalDetails;
+
+    ApiError.log(this.httpCode, this.message, logErr, this.internalDetails, this.stack)
+      .catch(console.error);
+  }
+
+  static fromError(err: Error, httpCode: number = 500, logErr: boolean | 'console' | 'discord' = true, internalDetails: object | null = null): ApiError {
+    if (err.message) {
+      if (!internalDetails) {
+        internalDetails = { message: err.message };
+      } else {
+        const key = (internalDetails as any).message ? `message_${Date.now()}` : 'message';
+
+        (internalDetails as any)[key] = err.message;
+      }
+    }
+
+    return new ApiError(httpCode, 'An error occurred', logErr, internalDetails, err.stack);
+  }
+
+  static create(err: ApiErrTemplate, internalDetails: object | null = null): ApiError {
+    return new ApiError(err.httpCode, err.message, err.logErr, internalDetails);
+  }
+
+  static async log(httpCode: number, message: string, logMode: boolean | 'console' | 'discord' = false, internalDetails: object | null = null, stack?: string): Promise<void> {
+    return new Promise((resolve, _reject) => {
+      if (!logMode) return resolve();
+
+      if (logMode == true || logMode == 'console') {
+        console.error(`[Error] ${message} (${JSON.stringify({ srvTime: new Date().toUTCString(), stack: stack?.split('\n'), details: internalDetails }, null, 2)})`);
+      }
+
+      if (logMode == true || logMode == 'discord') {
+        if (ApiError.webhookRequestsLeft > 0 && cfg && cfg.logging.discordErrorWebHookURL) {
+          httpPost(cfg.logging.discordErrorWebHookURL)
+            .set('Content-Type', 'application/json')
+            .set('Accept', 'application/json')
+            .set('User-Agent', httpUserAgent)
+            .send({
+              username: 'Mc-Auth.org (Error-Reporter)',
+              avatar_url: 'https://cdn.discordapp.com/attachments/541917740135350272/743868648611119204/Mc-Auth-4096px.png',
+              embeds: [
+                {
+                  title: 'An error occurred',
+                  fields: [
+                    {
+                      name: 'HTTP-Code',
+                      value: httpCode,
+                      inline: true
+                    },
+                    {
+                      name: 'Message',
+                      value: message,
+                      inline: true
+                    },
+                    {
+                      name: 'Details',
+                      value: internalDetails ? '```JS\n' + JSON.stringify(internalDetails, null, 2).replace(/\\r?\\n/g, '\n') + '\n```' : '-'
+                    }
+                  ]
+                }
+              ]
+            })
+            .end((err, res) => {
+              if (err) return console.error('Discord WebHook err:', err);
+              // TODO: write to 'webhookRequestsLeft' and use setTimeout() to automatically set it when RateLimit is over (https://discord.com/developers/docs/topics/rate-limits#header-format)
+              console.log(`Discord WebHook (${res.status}):`, res.text); // TODO: remove debug
+            });
+        }
+      }
+    });
+  }
+}
+
+export class ApiErrs {
+  /* 4xx */
+  static readonly NOT_FOUND: ApiErrTemplate = { httpCode: 404, message: 'The requested page does not exist', logErr: false };
+  static readonly UNAUTHORIZED: ApiErrTemplate = { httpCode: 401, message: 'Unauthorized', logErr: false };
+  static readonly FORBIDDEN: ApiErrTemplate = { httpCode: 403, message: 'Forbidden', logErr: false };
+  static readonly METHOD_NOT_ALLOWED: ApiErrTemplate = { httpCode: 405, message: 'Method Not Allowed (check Allow-Header)', logErr: false };
+
+  static readonly UNKNOWN_APPLICATION: ApiErrTemplate = { httpCode: 404, message: 'Unknown application', logErr: false };
+  static readonly INVALID_CLIENT_ID_OR_SECRET: ApiErrTemplate = { httpCode: 400, message: 'client_id does not exist or does not match client_secret', logErr: false };
+  static readonly INVALID_REDIRECT_URI_FOR_APP: ApiErrTemplate = { httpCode: 400, message: 'Invalid redirect_uri - Please contact the administrator of the page that sent you here', logErr: false };
+  static readonly INVALID_GRANT_TYPE: ApiErrTemplate = { httpCode: 400, message: 'Invalid grant_type', logErr: false };
+  static readonly INVALID_CODE_FOR_TOKEN_EXCHANGE: ApiErrTemplate = { httpCode: 400, message: 'Invalid code! expired? Wrong redirect_uri?', logErr: false };
+
+  static readonly INVALID_OR_EXPIRED_MAIL_CONFIRMATION: ApiErrTemplate = { httpCode: 400, message: 'Invalid or expired email confirmation token', logErr: false };
+
+  /* 5xx */
+  static readonly INTERNAL_SERVER_ERROR: ApiErrTemplate = { httpCode: 500, message: 'An unknown server error occurred', logErr: true };
+  static readonly NO_DATABASE: ApiErrTemplate = { httpCode: 500, message: 'No database connection', logErr: true };
+  static readonly NO_RECAPTCHA: ApiErrTemplate = { httpCode: 500, message: 'reCAPTCHA has not been configured', logErr: true };
+  static readonly SRV_GENERATING_ACCESS_TOKEN: ApiErrTemplate = { httpCode: 500, message: 'Failed generating access_token', logErr: true };
+  static readonly SRV_FETCHING_MINECRAFT_PROFILE: ApiErrTemplate = { httpCode: 500, message: 'Failed fetching minecraft profile', logErr: true };
+
+  /* dynamic errors */
+  static invalidQueryArg(queryArg: string): ApiErrTemplate {
+    return { httpCode: 400, message: `Invalid value for query argument ${queryArg}`, logErr: false };
+  }
+}
+
+export interface ApiErrTemplate {
+  httpCode: number;
+  message: string;
+  logErr: boolean;
+}
\ No newline at end of file
diff --git a/src/utils/mail.ts b/src/utils/mail.ts
new file mode 100644
index 0000000..c4bd406
--- /dev/null
+++ b/src/utils/mail.ts
@@ -0,0 +1,59 @@
+import jwt from 'jsonwebtoken';
+import Mail from 'nodemailer/lib/mailer';
+import nodemailer from 'nodemailer';
+
+import { mcAuthAccount } from '../global';
+import { getLocalization } from '../localization';
+import { getSecret, mailGenerator } from '..';
+import { MailTemplate } from '../dynamicEmailGenerator';
+
+/*
+TODO: Allow users to add their email to a blacklist and only be removed when
+        contacting admin using that email
+        (in case you are getting 'confirm your e-mail address'
+        but did not request them yourself)
+
+TODO: temporarily blacklist mails when returned with 'hard bounce'?
+        A bounce is an email that can’t be delivered.
+        There are two kinds: a hard bounce, which means the email address is not valid,
+        and a soft bounce, which means the mailbox is temporarily rejecting messages,
+        perhaps due to a full mailbox or a server problem.
+*/
+
+export class mailUtils {
+  private mailer: Mail;
+
+  constructor(options: { host: string, port: number, secure: boolean, auth: { username: string, password: string } }) {
+    this.mailer = nodemailer.createTransport({
+      host: options.host,
+      port: options.port,
+      secure: options.secure,
+      auth: {
+        user: options.auth.username,
+        pass: options.auth.password
+      }
+    }, { from: 'no-reply@mc-auth.com' });
+  }
+
+  async send(name: string, email: string, subject: string, html: string, text?: string): Promise<{ accepted: string[], rejected: string[], response: string, messageId: string }> {
+    return new Promise((resolve, reject) => {
+      this.mailer.sendMail({ to: `${name} <${email}>`, subject, html, text }, (err, info) => {
+        if (err) return reject(err);
+
+        console.log(`[INFO] Sent mail ${info.messageId} to ${name} with subject ${subject}`);
+        resolve(info);
+      });
+    });
+  }
+
+  async sendConfirmEmail(account: mcAuthAccount, newEmail: string, langKey: string): Promise<object> {
+    const content = mailGenerator.renderMail(MailTemplate.CONFIRM_EMAIL, langKey, {
+      confirm_mail: {
+        mcProfile: { id: account.id, name: account.name },
+        token: jwt.sign({ id: account.id, email: newEmail }, getSecret(256), { expiresIn: '2d' })
+      }
+    });
+
+    return this.send(account.name, newEmail, getLocalization().getString(langKey, 'email.confirm_email.subject'), content.html, content.txt);
+  }
+}
\ No newline at end of file
diff --git a/src/utils/spraxapi.ts b/src/utils/spraxapi.ts
new file mode 100644
index 0000000..d88a34b
--- /dev/null
+++ b/src/utils/spraxapi.ts
@@ -0,0 +1,21 @@
+// TODO: Move this to own (public) npm package
+import { get as getHttp } from 'superagent';
+import { httpUserAgent } from './errors';
+
+export class MojangAPI {
+  // TODO: Define multiple backends (SpraxAPI (+Fallback), MojangAPI)
+  // TODO: handle User-Agent, 429, connection errs, ...
+
+  static async getProfile(uuid: string): Promise<object | null> {
+    return new Promise((resolve, reject) => {
+      getHttp(`https://api.sprax2013.de/mc/profile/${uuid}`)
+        .set('User-Agent', httpUserAgent)
+        .end((err, res) => {
+          if (res.status == 200) return resolve(res.body);
+          if (res.status == 204 || res.status == 404 || !err) return resolve(null);
+
+          reject(err);
+        });
+    });
+  }
+}
\ No newline at end of file
diff --git a/src/utils/utils.ts b/src/utils/utils.ts
new file mode 100644
index 0000000..dbde422
--- /dev/null
+++ b/src/utils/utils.ts
@@ -0,0 +1,176 @@
+import { isIPv4, isIPv6 } from 'net';
+import { Request, Response, NextFunction } from 'express';
+
+import { ApiError, ApiErrs } from './errors';
+import { pageGenerator } from '..';
+
+const FQDN_PATTERN = /^(?=.{1,253})(?!.*--.*)(?:(?![0-9-])[a-z0-9-]{1,63}(?<!-)\.){1,}(?:(?![0-9-])[a-z0-9-]{1,63}(?<!-))\.?$/i,
+  EMAIL_PATTERN = /^[-!#$%&'*+\/0-9=?A-Z^_a-z`{|}~](\.?[-!#$%&'*+\/0-9=?A-Z^_a-z`{|}~])*@[a-zA-Z0-9](-*\.?[a-zA-Z0-9])*\.[a-zA-Z](-?[a-zA-Z0-9])+$/;
+
+/**
+ * **Example usage**
+ *
+ * ```
+ * formatStr('{0} ({0}) is {{0}} **{2}** using {1}!', ['Sprax', 'TypeScript']);
+ * // Sprax (Sprax) is {0} **undefined** using TypeScript!
+ * ```
+ *
+ * @param str The string to replace. Use `{i}` with `i` as the index. Escape using double brackes `{{i}}`
+ * @param args An array of arguments to replace. Index 0 is used to replace `{0}`
+ * @param fallbackValue The string to use if an index is not present in args-array. Defaults to `'undefined'`
+ *
+ * @author 0i0 (https://gist.github.com/0i0/1519811/5490acd26f8257189a3026f852d010a20636316c)
+ */
+export function formatStr(str: string, args: string[], fallbackValue?: string) {
+  return str.replace(/\{\{|\}\}|\{(\d+)\}/g, (curlyBrack, index) => {
+    return ((curlyBrack == '{{') ? '{' : ((curlyBrack == '}}') ? '}' : args[index] ?? fallbackValue));
+  });
+}
+
+/**
+ * Checks if string only contains numbers (negative numbers are not allowed)
+ */
+export function isNumber(str: string): boolean {
+  if (typeof str == 'number') return !Number.isNaN(str) && Number.isFinite(str);
+  if (typeof str != 'string') return false;
+
+  return /^[0-9]+$/.test(str);
+}
+
+export function isHttpURL(str: string): boolean {
+  if (/^https?:\/\/.*$/i.test(str)) { // Starts with 'http(s)://'?
+    let host = str.toLowerCase().substring(7 + (str.startsWith('https') ? 1 : 0));  // normalize and remove protocol
+
+    if (host.indexOf('/') != -1) {
+      host = host.substring(0, host.indexOf('/'));  // Remove path from url
+    }
+
+    // Valid port range?
+    if (host.lastIndexOf(':') != -1) {
+      const port = host.substring(host.lastIndexOf(':') + 1);
+      host = host.substring(0, host.lastIndexOf(':'));
+
+      if (!isNumber(port) || port == '0' || parseInt(port) > 65535 /* unsigned int2 */) return false;
+    }
+
+    return isIPv4(host) || isIPv6(host) || isValidFQDN(host);
+  }
+
+  return false;
+}
+
+/**
+ * Checks if a given string is a valid FQDN (Domain) based on RFC1034 and RFC2181
+ *
+ * @author https://regex101.com/library/SuU6Iq
+ */
+export function isValidFQDN(str: string): boolean {
+  return FQDN_PATTERN.test(str);
+}
+
+export function isValidEmail(str: string): boolean {
+  return str.length > 5 && str.length < 256 && EMAIL_PATTERN.test(str);
+}
+
+/**
+ * Replaces all multiple spaces, tabs, etc. with a single space
+ *
+ * **Replaces new lines (e.g. `\n`) with a space**
+ */
+export function toNeutralString(str: string) {
+  return str.trim().replace(/\s\s+/g, ' ');
+}
+
+/**
+ * This shortcut function responses with HTTP 405 to the requests having
+ * a method that does not have corresponding request handler.
+ *
+ * For example if a resource allows only GET and POST requests then
+ * PUT, DELETE, etc. requests will be responsed with the 405.
+ *
+ * HTTP 405 is required to have Allow-header set to a list of allowed
+ * methods so in this case the response has "Allow: GET, POST, HEAD" in its headers.
+ *
+ * Example usage
+ *
+ *    // A handler that allows only GET (and HEAD) requests and returns
+ *    app.all('/path', (req, res, next) => {
+ *      restful(req, res, {
+ *        get: () => {
+ *          res.send('Hello world!');
+ *        }
+ *      });
+ *    });
+ *
+ * Orignal author: https://stackoverflow.com/a/15754373/9346616
+ */
+export function restful(req: Request, res: Response, next: NextFunction, handlers: { [key: string]: () => void }): void {
+  const method = (req.method || '').toLowerCase();
+
+  if (method in handlers) return handlers[method]();
+  if (method == 'head' && 'get' in handlers) return handlers['get']();
+
+  const allowedMethods: string[] = Object.keys(handlers);
+  if (!allowedMethods.includes('head')) {
+    allowedMethods.push('head');
+  }
+
+  res.set('Allow', allowedMethods.join(', ').toUpperCase());
+  return next(ApiError.create(ApiErrs.METHOD_NOT_ALLOWED, { allowedMethods }));
+}
+
+export function urlContainsLangKey(url: string): boolean {
+  return url.match(/^\/[a-z]{2}(\/|$)/i) != null;
+}
+
+export function stripLangKeyFromURL(url: string): string {
+  return urlContainsLangKey(url) ? (url.length == 3 ? '/' : url.substring(3)) : url;
+}
+
+export function stripParamsFromURL(url: string): string {
+  return url.indexOf('?') == -1 ? url : url.substring(0, url.indexOf('?'));
+}
+
+export function appendParamToURL(url: string, key: string, value: string | null): string {
+  if (value == null) return url;
+
+  if (url.indexOf('?') == -1) {
+    url += '?';
+  } else if (!url.endsWith('?')) {
+    url += '&';
+  }
+
+  return `${url}${encodeURIComponent(key)}=${encodeURIComponent(value)}`;
+}
+
+export function appendParamsToURL(url: string, params: { key: string, value: string | null }[]): string {
+  params = params.filter((elem) => elem.value != null);
+  if (params.length == 0) return url;
+
+  if (url.indexOf('?') == -1) {
+    url += '?';
+  }
+
+  let isFirstParam = url.endsWith('?');
+  for (const param of params) {
+    if (!isFirstParam) {
+      url += '&';
+    }
+
+    url += `${encodeURIComponent(param.key)}=${encodeURIComponent(param.value as string)}`;
+    isFirstParam = false;
+  }
+
+  return url;
+}
+
+export function getReturnURL(req: Request): string | null {
+  let returnStr = req.query.return;
+
+  if (typeof returnStr != 'string') return null;
+
+  returnStr = returnStr.trim();
+  if (returnStr.length == 0 || returnStr.charAt(0) != '/') return null;
+
+  return pageGenerator.globals.url.base + stripParamsFromURL(returnStr);
+}
\ No newline at end of file
diff --git a/storage.js b/storage.js
deleted file mode 100644
index fa6e64d..0000000
--- a/storage.js
+++ /dev/null
@@ -1,40 +0,0 @@
-const BASE_URL = 'https://mc-auth.com',  // lowercase and no trailing '/' !
-  STATIC_CONTENT_URL = 'https://mc-auth.com',
-  DEMO_URL = 'https://demo.mc-auth.com',
-  DOCS_URL = 'https://github.com/Mc-Auth-com/Mc-Auth-Web/wiki',
-  MINECRAFT_HOST = 'mc-auth.com';
-
-const ERR = require('fs').readFileSync('./html/err.html', { encoding: 'UTF-8' }),
-
-  HEAD_TOP = (require('fs').readFileSync('./html/_head_top.html', { encoding: 'UTF-8' })),
-  HEAD_BOTTOM = (require('fs').readFileSync('./html/_head_bottom.html', { encoding: 'UTF-8' })),
-
-  HEADER = require('fs').readFileSync('./html/_header.html', { encoding: 'UTF-8' }),
-  FOOTER = require('fs').readFileSync('./html/_footer.html', { encoding: 'UTF-8' }),
-
-  INDEX = require('fs').readFileSync('./html/index.html', { encoding: 'UTF-8' }),
-  LOGIN = require('fs').readFileSync('./html/login.html', { encoding: 'UTF-8' }),
-  AUTHORIZE = require('fs').readFileSync('./html/authorize.html', { encoding: 'UTF-8' }),
-  SETTINGS = require('fs').readFileSync('./html/settings.html', { encoding: 'UTF-8' }),
-  SETTINGS_CREATE = require('fs').readFileSync('./html/settings_create.html', { encoding: 'UTF-8' }),
-  SETTINGS_APP = require('fs').readFileSync('./html/settings_app.html', { encoding: 'UTF-8' }),
-
-  LEGAL = require('fs').readFileSync('./html/legal.html', { encoding: 'UTF-8' }),
-  PRIVACY = require('fs').readFileSync('./html/privacy.html', { encoding: 'UTF-8' });
-
-module.exports = {
-  BASE_URL, STATIC_CONTENT_URL, DEMO_URL, DOCS_URL, MINECRAFT_HOST,
-
-  ERR,
-
-  HEAD_TOP, HEAD_BOTTOM,
-  HEADER, FOOTER,
-
-  INDEX,
-  LOGIN,
-  AUTHORIZE,
-  SETTINGS, SETTINGS_CREATE, SETTINGS_APP,
-
-  LEGAL,
-  PRIVACY
-};
\ No newline at end of file
diff --git a/tables.sql b/tables.sql
deleted file mode 100644
index e2e6d8c..0000000
--- a/tables.sql
+++ /dev/null
@@ -1,173 +0,0 @@
-CREATE EXTENSION IF NOT EXISTS "pgcrypto";
-CREATE EXTENSION IF NOT EXISTS "plpgsql";
-
-/* Sequences */
-CREATE SEQUENCE "public"."application_id_sequence" 
-INCREMENT 1
-MINVALUE  1
-MAXVALUE 9223372036854775807
-START 1
-CACHE 1;
-
-CREATE SEQUENCE "public"."secret_id_sequence" 
-INCREMENT 1
-MINVALUE  1
-MAXVALUE 9223372036854775807
-START 1
-CACHE 1;
-
-CREATE SEQUENCE "public"."grant_id_sequence" 
-INCREMENT 1
-MINVALUE  1
-MAXVALUE 9223372036854775807
-START 1
-CACHE 1;
-
-/* Function: id_generator_apps */
-CREATE OR REPLACE FUNCTION "public"."id_generator_apps"(OUT "result" int8)
-  RETURNS "pg_catalog"."int8" AS $BODY$
-DECLARE
-    our_epoch bigint := 1314220021721;
-    seq_id bigint;
-    now_millis bigint;
-    -- the id of this DB shard, must be set for each
-    -- schema shard you have - you could pass this as a parameter too
-    shard_id int := 1;
-BEGIN
-    SELECT nextval('public.application_id_sequence') % 1024 INTO seq_id;
-
-    SELECT FLOOR(EXTRACT(EPOCH FROM clock_timestamp()) * 1000) INTO now_millis;
-    result := (now_millis - our_epoch) << 23;
-    result := result | (shard_id << 10);
-    result := result | (seq_id);
-END;
-$BODY$
-  LANGUAGE plpgsql VOLATILE
-  COST 100;
-
-/* Function: id_generator_secrets */
-CREATE OR REPLACE FUNCTION "public"."id_generator_secrets"(OUT "result" int8)
-  RETURNS "pg_catalog"."int8" AS $BODY$
-DECLARE
-    our_epoch bigint := 1314220021721;
-    seq_id bigint;
-    now_millis bigint;
-    -- the id of this DB shard, must be set for each
-    -- schema shard you have - you could pass this as a parameter too
-    shard_id int := 1;
-BEGIN
-    SELECT nextval('public.secret_id_sequence') % 1024 INTO seq_id;
-
-    SELECT FLOOR(EXTRACT(EPOCH FROM clock_timestamp()) * 1000) INTO now_millis;
-    result := (now_millis - our_epoch) << 23;
-    result := result | (shard_id << 10);
-    result := result | (seq_id);
-END;
-$BODY$
-  LANGUAGE plpgsql VOLATILE
-  COST 100;
-
-
-/* Function: id_generator_grants */
-CREATE OR REPLACE FUNCTION "public"."id_generator_grants"(OUT "result" int8)
-  RETURNS "pg_catalog"."int8" AS $BODY$
-DECLARE
-    our_epoch bigint := 1314220021721;
-    seq_id bigint;
-    now_millis bigint;
-    -- the id of this DB shard, must be set for each
-    -- schema shard you have - you could pass this as a parameter too
-    shard_id int := 1;
-BEGIN
-    SELECT nextval('public.grant_id_sequence') % 1024 INTO seq_id;
-
-    SELECT FLOOR(EXTRACT(EPOCH FROM clock_timestamp()) * 1000) INTO now_millis;
-    result := (now_millis - our_epoch) << 23;
-    result := result | (shard_id << 10);
-    result := result | (seq_id);
-END;
-$BODY$
-  LANGUAGE plpgsql VOLATILE
-  COST 100;
-
-/* Function: random_string */
-CREATE OR REPLACE FUNCTION "public"."random_string"("length" int4)
-  RETURNS "pg_catalog"."varchar" AS $BODY$
-declare
-  chars text[] := '{0,1,2,3,4,5,6,7,8,9,A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,a,b,c,d,e,f,g,h,i,j,k,l,m,n,o,p,q,r,s,t,u,v,w,x,y,z}';
-  result varchar := '';
-  i integer := 0;
-begin
-  for i in 1..length loop
-    result := result || chars[1+random()*(array_length(chars, 1)-1)];
-  end loop;
-  return result;
-end;
-$BODY$
-  LANGUAGE plpgsql VOLATILE
-  COST 100;
-
-/* otp */
-CREATE TABLE "public"."otp" (
-  "minecraft" uuid NOT NULL,
-  "code" int4 NOT NULL,
-  "issued" timestamptz(0) NOT NULL DEFAULT CURRENT_TIMESTAMP,
-  CONSTRAINT "otp_pkey" PRIMARY KEY ("minecraft")
-);
-
-/* session */
-CREATE TABLE "public"."session" (
-  "sid" varchar COLLATE "pg_catalog"."default" NOT NULL,
-  "sess" json NOT NULL,
-  "expire" timestamp(6) NOT NULL,
-  CONSTRAINT "session_pkey" PRIMARY KEY ("sid")
-);
-CREATE INDEX "IDX_session_expire" ON "public"."session" USING btree("expire" "pg_catalog"."timestamp_ops" ASC NULLS LAST);
-
-/* images */
-CREATE TABLE "public"."images" (
-  "id" int8 NOT NULL GENERATED BY DEFAULT AS IDENTITY (INCREMENT 1 MINVALUE 1 MAXVALUE 9223372036854775807 START 1),
-  "optimized" bytea NOT NULL,
-  "original" bytea NOT NULL,
-  CONSTRAINT "images_pkey" PRIMARY KEY ("id")
-);
-CREATE UNIQUE INDEX "idx_image_hash" ON "public"."images" USING btree(digest(original, 'sha1' :: text) "pg_catalog"."bytea_ops" ASC NULLS LAST);
-
-/* applications */
-CREATE TABLE "public"."applications" (
-  "id" int8 NOT NULL DEFAULT id_generator_apps(),
-  "owner" uuid NOT NULL,
-  "name" varchar(128) COLLATE "pg_catalog"."default" NOT NULL,
-  "description" varchar(512) COLLATE "pg_catalog"."default",
-  "icon" int8,
-  "redirect_uris" json,
-  "secret" varchar(255) COLLATE "pg_catalog"."default" DEFAULT concat(random_string(8), '.', id_generator_secrets(), '.', random_string(4)),
-  "verified" bool NOT NULL DEFAULT false,
-  "deleted" bool NOT NULL DEFAULT false,
-  "created" timestamptz(0) NOT NULL DEFAULT CURRENT_TIMESTAMP,
-  CONSTRAINT "applications_pkey" PRIMARY KEY ("id"),
-  CONSTRAINT "applications_icon_fkey" FOREIGN KEY ("icon") REFERENCES "public"."images" ("id") ON DELETE NO ACTION ON UPDATE NO ACTION
-);
-
-/* grants */
-CREATE TYPE "public"."GrantResult" AS ENUM (
-  'NONE',
-  'GRANTED',
-  'DENIED',
-  'REVOKED'
-);
-
-CREATE TABLE "public"."grants" (
-  "id" int8 NOT NULL DEFAULT id_generator_grants(),
-  "application" int8 NOT NULL,
-  "mc_uuid" uuid NOT NULL,
-  "result" "public"."GrantResult" NOT NULL DEFAULT 'NONE'::"GrantResult",
-  "scope" json,
-  "state" varchar(128) COLLATE "pg_catalog"."default",
-  "access_token" varchar(32) COLLATE "pg_catalog"."default",
-  "exchange_token" varchar(32) COLLATE "pg_catalog"."default" NOT NULL DEFAULT random_string(32),
-  "redirect_uri" varchar(255) COLLATE "pg_catalog"."default" NOT NULL,
-  "issued" timestamptz(0) DEFAULT CURRENT_TIMESTAMP,
-  CONSTRAINT "grants_pkey" PRIMARY KEY ("exchange_token"),
-  CONSTRAINT "grants_application_access_token_key" UNIQUE ("application", "access_token")
-);
\ No newline at end of file
diff --git a/tsconfig.json b/tsconfig.json
new file mode 100644
index 0000000..e72e4ee
--- /dev/null
+++ b/tsconfig.json
@@ -0,0 +1,20 @@
+{
+  "compilerOptions": {
+    "target": "ES2018", /* Specify ECMAScript target version */
+    "module": "commonjs", /* Specify module code generation */
+    "skipLibCheck": true,
+    "sourceMap": true, /* Generates corresponding '.map' file. */
+    "outDir": "./build", /* Redirect output structure to the directory. */
+    "strict": true, /* Enable all strict type-checking options. */
+    "esModuleInterop": true, /* Enables emit interoperability between CommonJS and ES Modules via creation of namespace objects for all imports. */
+    "forceConsistentCasingInFileNames": true /* Disallow inconsistently-cased references to the same file. */
+  },
+  "exclude": [
+    "**/*.test.ts",
+    "**/*.spec.ts",
+    "src/index-debug.ts"
+  ],
+  "include": [
+    "src/**/*.ts"
+  ]
+}
\ No newline at end of file
diff --git a/utils.js b/utils.js
deleted file mode 100644
index d9fc147..0000000
--- a/utils.js
+++ /dev/null
@@ -1,492 +0,0 @@
-const request = require('request'),
-  NodeCache = require('node-cache'),
-  htmlEscape = require('escape-html');
-
-const UUID_PATTERN = /^[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[0-9a-f]{4}-[0-9a-f]{12}$/i,
-  UUID_PATTERN_ADD_DASH = /(.{8})(.{4})(.{4})(.{4})(.{12})/,
-  ABSOLUTE_URL_PATTERN = /^[a-z][a-z\d+\-.]*:/i;
-
-const errLogStream = require('rotating-file-stream').createStream('error.log', {
-  interval: '1d',
-  maxFiles: 90,
-  path: require('path').join(__dirname, 'logs', 'runtime-error')
-});
-errLogStream.on('error', (err) => {
-  console.error(err); // Don't crash whole application, just print
-  // once this event is emitted, the stream will be closed as well
-});
-
-const mcUsernameCache = new NodeCache({ stdTTL: 60, checkperiod: 120 });
-
-/* StackOverflow ftw: https://stackoverflow.com/a/4673436/9346616 */
-String.prototype.format = function () {
-  const args = arguments.length == 1 && Array.isArray(arguments[0]) ? arguments[0] : arguments;
-
-  return this.replace(/{(\d+)}/g, (match, number) => {
-    return typeof args[number - 1] != 'undefined' ? args[number - 1] : match;
-  });
-};
-
-module.exports = {
-  Storage: require('./storage'),
-  Localization: require('./localization'),
-
-  /**
-   * @param {Number} HTTPStatusCode The HTTP-StatusCode
-   * @param {String} message A short description (or message)
-   *
-   * @returns {Error}
-   */
-  createError(HTTPStatusCode = 500, message = 'An unknown error has occurred', hideFromConsole = false) {
-    let err = new Error(message);
-    err.status = HTTPStatusCode;
-    err.hideFromConsole = hideFromConsole;
-
-    return err;
-  },
-
-  /**
-   * @param {Error} error
-   *
-   * @returns {Error}
-   */
-  logAndCreateError(error) {
-    console.error(error);
-
-    errLogStream.write(JSON.stringify({
-      time: new Date().toUTCString(),
-      error: {
-        name: error.name,
-        message: error.message,
-        stack: error.stack,
-
-        error
-      }
-    }) + module.exports.EOL, 'utf-8', console.error);
-
-    return module.exports.createError(undefined, undefined, true);
-  },
-
-  /**
-   * @param {String[]} arr
-   * @param {String} str
-   *
-   * @returns {Boolean}
-   */
-  includesIgnoreCase(arr, str) {
-    if (arr && str && typeof str === 'string') {
-      str = str.toLowerCase();
-
-      for (const elem of arr) {
-        if (typeof elem === 'string' && elem.toLowerCase() == str) {
-          return true;
-        }
-      }
-    }
-
-    return false;
-  },
-
-  /**
-   * @param {String} input
-   *
-   * @returns {Boolean}
-   */
-  toBoolean(input) {
-    if (input) {
-      if (typeof input === 'string') return input === '1' || input.toLowerCase() === 'true' || input.toLowerCase() === 't';
-      if (typeof input === 'number') return input === 1;
-      if (typeof input === 'boolean') return input;
-    }
-
-    return false;
-  },
-
-  /**
-   * @param {String} str
-   *
-   * @returns {Boolean}
-   */
-  isUUID(str) {
-    if (typeof str !== 'string') return false;
-
-    str = str.toLowerCase();
-
-    return str.length >= 32 && str.length <= 36 && (UUID_PATTERN.test(str) || UUID_PATTERN.test(str.replace(/-/g, '').replace(UUID_PATTERN_ADD_DASH, '$1-$2-$3-$4-$5')));
-  },
-
-  /**
-   * Acording to RFC3986 (https://tools.ietf.org/html/rfc3986#section-4.3)
-   *
-   * This function only checks for the layout. Not the actual content (illegal characters etc.)
-   *
-   * @param {String} str
-   *
-   * @returns {Boolean}
-   */
-  isAbsoluteURL(str) {
-    return typeof str === 'string' && str.length < 2083 && ABSOLUTE_URL_PATTERN.test(str);
-  },
-
-  /**
-   * @param {String} str
-   *
-   * @returns {Boolean}
-   */
-  isNumber(str) {
-    return /^\+?([0-9]\d*)$/.test(str);
-  },
-
-  /**
-   * @param {String|Number} str
-   *
-   * @returns {Number} A finite integer or NaN
-   */
-  toInteger(str) {
-    if (typeof str === 'string') {
-      let result = Number.parseInt(str);
-
-      if (!Number.isNaN(result) && Number.isFinite(result)) return result;
-    }
-
-    return (typeof str === 'number') ? str : Number.NaN;
-  },
-
-  /**
-   * Replaces all multiple spaces, tabs, etc. with a single space
-   *
-   * @param {string} str
-   *
-   * @returns {string}
-   */
-  toNeutralString(str) {
-    if (typeof str !== 'string') return null;
-
-    return str.trim().replace(/\s\s+/g, ' ');
-  },
-
-  /**
-   * @callback ReplacerCallback
-   * @param {String} str
-   */
-  /**
-   *
-   * @param {String} text
-   * @param {String} startToken
-   * @param {String} endToken
-   * @param {ReplacerCallback} callback
-   *
-   * @author NudelErde
-   */
-  replacer(text, startToken, endToken, callback) {
-    let startIndex = text.indexOf(startToken);
-
-    while (startIndex != -1) {
-      startIndex += startToken.length;
-      let tmp = text.substring(startIndex);
-      let endIndex = tmp.indexOf(endToken);
-
-      tmp = callback(tmp.substring(0, endIndex));
-
-      text = text.substring(0, startIndex - startToken.length) + tmp + text.substring(startIndex + endIndex + endToken.length);
-      startIndex = text.indexOf(startToken);
-    }
-
-    return text;
-  },
-
-  Minecraft: {
-    getUsername(uuid, callback) {
-      if (!uuid || typeof uuid != 'string') return callback(null, null);
-
-      uuid = uuid.toLowerCase().replace(/-/g, '');
-
-      const cached = mcUsernameCache.get(uuid);
-
-      if (cached !== undefined) {
-        if (cached instanceof Error) {
-          callback(cached);
-        } else {
-          callback(null, cached);
-        }
-      } else {
-        request('https://api.sprax2013.de/mc/profile/' + uuid, (err, res, body) => {
-          if (err) {
-            mcUsernameCache.set(uuid, err);
-            return callback(err);
-          }
-
-          if (res.statusCode == 200) {
-            const json = JSON.parse(body);
-
-            mcUsernameCache.set(uuid, json.name);
-
-            return callback(null, json.name);
-          } else if (res.statusCode == 204) {
-            mcUsernameCache.set(uuid, null);
-
-            return callback(null, null);
-          } else {
-            const error = module.exports.createError(500, `Api.Sprax2013.de responded with HTTP-StatusCode ${res.statusCode}`);
-
-            mcUsernameCache.set(uuid, error);
-            return callback(error);
-          }
-        });
-      }
-    },
-
-    getProfile(uuid, callback) {
-      if (!uuid) return callback(null, null);
-
-      uuid = uuid.toLowerCase().replace(/-/g, '');
-
-      request('https://api.sprax2013.de/mc/profile/' + uuid, (err, res, body) => {
-        if (err) {
-          return callback(err);
-        }
-
-        if (res.statusCode == 200) {
-          return callback(null, JSON.parse(body));
-        } else if (res.statusCode == 204) {
-          return callback(null, null);
-        }
-
-        return callback(module.exports.createError(500, `Api.Sprax2013.de responded with HTTP-StatusCode ${res.statusCode}`));
-      });
-    }
-  },
-
-  HTML: {
-    /* Replace */
-
-    /**
-     * @param {String} str
-     * @param {any[]} args
-     */
-    appVariableCallback(str, args) {
-      const app = args[0],
-        appOwnerName = args[1],
-        reqByAppOwner = args[2];
-
-      try {
-        switch (str) {
-          /* App */
-          case 'APP_ID': return app.id;
-          case 'APP_NAME': return htmlEscape(app.name);
-          case 'APP_SECRET': return app.secret;
-          case 'APP_DESCRIPTION_RAW': return app.description || '';
-          case 'APP_DESCRIPTION': return htmlEscape(app.description).replace(/\n/g, '<br>\n') || (reqByAppOwner ? '<i>Du hast keine Beschreibung verfasst</i>' : '<i>Der Besitzer dieser Anwendung hat keine Beschreibung angegeben</i>');
-          case 'APP_OWNER_NAME': return appOwnerName;
-          case 'APP_PUBLISHED': return new Date(app.created).toDateString().substring(4);
-          case 'APP_REDIRECT_URIs': return (app.redirect_uris || []).join('\r\n');
-          case 'APP_ICON': return `${module.exports.Storage.BASE_URL}/uploads/${app.icon || 'default'}.png`;
-          case 'APP_ICON_ID': return app.icon || 'default';
-
-          default: break;
-        }
-      } catch (err) {
-        module.exports.logAndCreateError(err);
-      }
-
-      return null;
-    },
-
-    /**
-     * @param {String} str
-     * @param {any[]} args
-     */
-    grantVariableCallback(str, args) {
-      const grant = args[0];
-
-      try {
-        switch (str) {
-          /* Grant */
-          case 'GRANT_ID': return `${grant.id}`;
-
-          default: break;
-        }
-      } catch (err) {
-        module.exports.logAndCreateError(err);
-      }
-
-      return null;
-    },
-
-    /**
-     * @param {String} str
-     * @param {any[]} args
-     */
-    localizationCallback(str, args) {
-      const req = args[0],
-        mcUsername = args[1],
-        customCallback = args[2],
-        customCallbackArgs = args[3];
-
-      try {
-        if (str.startsWith('LOC:')) {
-          const locTerm = str.split(':')[1];
-
-          let result = module.exports.Localization.getString(locTerm, req.cookies['lang']);
-
-          if (!result) console.error(`HTML requires unknow translation: ${locTerm}`);
-
-          const locArgs = module.exports.Localization.getArguments(locTerm);
-          if (locArgs && locArgs.length > 0) {
-            for (let i = 0; i < locArgs.length; i++) {
-              const arg = locArgs[i];
-
-              locArgs[i] = module.exports.HTML.replaceVariables(req, mcUsername, arg, customCallback, customCallbackArgs) || arg;
-            }
-
-            result = result.format(locArgs);
-          }
-
-          return result;
-        }
-      } catch (err) {
-        module.exports.logAndCreateError(err);
-      }
-
-      return null;
-    },
-
-    replaceVariables(req, mcUsername = undefined, html, customCallback = undefined, customCallbackArgs = []) {
-      return module.exports.replacer(html, '${', '}', (str) => {
-        try {
-          switch (str) {
-            /* Static */
-            case 'HTML_HEADER': return module.exports.Storage.HEADER;
-            case 'HTML_FOOTER': return module.exports.Storage.FOOTER;
-            case 'HTML_HEAD_TOP': return module.exports.Storage.HEAD_TOP;
-            case 'HTML_HEAD_BOTTOM': return module.exports.Storage.HEAD_BOTTOM;
-
-            case 'URL_STATIC_CONTENT': return module.exports.Storage.STATIC_CONTENT_URL;
-            case 'URL_BASE': return module.exports.Storage.BASE_URL;
-            case 'URL_DOCS': return module.exports.Storage.DOCS_URL;
-            case 'URL_DEMO': return module.exports.Storage.DEMO_URL;
-            case 'MINECRAFT_HOST': return module.exports.Storage.MINECRAFT_HOST;
-
-            case 'reCAPTCHA_public': return require('./storage/config')['reCAPTCHA']['public'];
-
-            /* Dynamic */
-            case 'GET_ReturnTo_ENCODED': return encodeURIComponent(req.query['returnTo'] || '');
-            case 'QUERY_PARAMS': return req.originalUrl.indexOf('?') >= 0 ? req.originalUrl.substring(req.originalUrl.indexOf('?')) : '';
-            case 'URL_CURRENT_ENCODED': return encodeURIComponent(module.exports.Storage.BASE_URL +
-              (req.originalUrl.indexOf('?') >= 0 ? req.originalUrl.substring(0, req.originalUrl.indexOf('?')) : req.originalUrl));
-
-            /* Session */
-            case 'Minecraft_Username': return (mcUsername || req.session['mc_Name']) || '';
-            case 'Minecraft_UUID': return req.session['mc_UUID'] || '';
-
-            default: break;
-          }
-
-          const localization = module.exports.HTML.localizationCallback(str, [req, mcUsername, customCallback, customCallbackArgs]);
-          if (localization) {
-            return localization;
-          }
-
-          if (customCallback) {
-            return customCallback(str, customCallbackArgs) || '';
-          }
-        } catch (err) {
-          module.exports.logAndCreateError(err);
-        }
-
-        return '';
-      });
-    },
-
-    /* Format */
-    appsFormatCallback(str, args) {
-      const apps = args[0];
-
-      if (str.startsWith('HasApps:')) {
-        if (apps && apps.length > 0) {
-          let result = '';
-          const template = str.substring('HasApps:'.length, str.lastIndexOf('?:'));
-
-          for (const app of apps) {
-            result += module.exports.replacer(template, '$?{', '}', (str) => {
-              try {
-                switch (str) {
-                  case 'APP_ID': return app.id;
-                  case 'APP_NAME': return htmlEscape(app.name);
-                  case 'APP_ICON': return `${module.exports.Storage.BASE_URL}/uploads/${app.icon || 'default'}.png`;
-                  case 'APP_ICON_ID': return app.icon || 'default';
-
-                  default: break;
-                }
-              } catch (err) {
-                module.exports.logAndCreateError(err);
-              }
-
-              return '';
-            });
-          }
-
-          return result;
-        } else {
-          let index = str.lastIndexOf('?:');
-
-          return index >= 0 ? str.substring(index + 2) : '';
-        }
-      }
-
-      return null;
-    },
-
-    formatHTML(req, html, customCallback = undefined, customCallbackArgs = []) {
-      return module.exports.replacer(html, '?{', '?}', (str) => {
-        if (str.startsWith('LoggedIn:')) {
-          if (req.session['loggedIn']) {
-            return str.substring('LoggedIn:'.length, str.lastIndexOf('?:'));
-          }
-
-          let index = str.lastIndexOf('?:');
-
-          return index >= 0 ? str.substring(index + 2) : '';
-        } else if (str.startsWith('DarkTheme:')) {
-          if (req.cookies['darkTheme'] && req.cookies['darkTheme'] == 1) {
-            return str.substring('DarkTheme:'.length, str.lastIndexOf('?:'));
-          }
-
-          let index = str.lastIndexOf('?:');
-
-          return index >= 0 ? str.substring(index + 2) : '';
-        } else if (customCallback) {
-          return customCallback(str, customCallbackArgs) || '';
-        }
-
-        return '';
-      });
-    }
-  },
-
-  Express: {
-    staticDynamicRouter(html) {
-      const router = require('express').Router();
-
-      router.get('/', module.exports.Express.staticDynamicHandler(html));
-
-      return router;
-    },
-
-    staticDynamicHandler(html) {
-      return (req, res, _next) => {
-        module.exports.Express.handleStaticDynamic(req, res, html);
-      };
-    },
-
-    handleStaticDynamic(req, res, html) {
-      module.exports.Minecraft.getUsername(req.session['mc_UUID'], (err, username) => {
-        if (err) module.exports.logAndCreateError(err);
-
-        return res.send(module.exports.HTML.formatHTML(req, module.exports.HTML.replaceVariables(req, username, html)));
-      });
-    }
-  },
-
-  EOL: require('os').EOL
-};
\ No newline at end of file