* web fonts
* session expiration
* solve open redirect bug (also use Origin: and Referer: header)
* factorize templates
* add oauth2 login option
* 2FA?
* improve user page:
  - display all sessions and more info about them (location, OS, etc, cf.
	ipinfo)
  - ...
* ssh key management?
* admin interface?