28 files changed, 777 insertions, 52 deletions

diff --git a/app/AppKernel.php b/app/AppKernel.php
index 40726f05..7d19e9ab 100644
--- a/app/AppKernel.php
+++ b/app/AppKernel.php
@@ -1,6 +1,7 @@
 <?php
 
 use Symfony\Component\Config\Loader\LoaderInterface;
+use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\HttpKernel\Kernel;
 
 class AppKernel extends Kernel
@@ -32,6 +33,7 @@ class AppKernel extends Kernel
             new WhiteOctober\PagerfantaBundle\WhiteOctoberPagerfantaBundle(),
             new FOS\JsRoutingBundle\FOSJsRoutingBundle(),
             new BD\GuzzleSiteAuthenticatorBundle\BDGuzzleSiteAuthenticatorBundle(),
+            new OldSound\RabbitMqBundle\OldSoundRabbitMqBundle(),
 
             // wallabag bundles
             new Wallabag\CoreBundle\WallabagCoreBundle(),
@@ -39,25 +41,32 @@ class AppKernel extends Kernel
             new Wallabag\UserBundle\WallabagUserBundle(),
             new Wallabag\ImportBundle\WallabagImportBundle(),
             new Wallabag\AnnotationBundle\WallabagAnnotationBundle(),
-            new OldSound\RabbitMqBundle\OldSoundRabbitMqBundle(),
         ];
 
         if (in_array($this->getEnvironment(), ['dev', 'test'], true)) {
             $bundles[] = new Symfony\Bundle\DebugBundle\DebugBundle();
             $bundles[] = new Symfony\Bundle\WebProfilerBundle\WebProfilerBundle();
             $bundles[] = new Sensio\Bundle\DistributionBundle\SensioDistributionBundle();
-            $bundles[] = new Sensio\Bundle\GeneratorBundle\SensioGeneratorBundle();
             $bundles[] = new Doctrine\Bundle\FixturesBundle\DoctrineFixturesBundle();
-            $bundles[] = new Symfony\Bundle\WebServerBundle\WebServerBundle();
 
             if ('test' === $this->getEnvironment()) {
                 $bundles[] = new DAMA\DoctrineTestBundle\DAMADoctrineTestBundle();
             }
+
+            if ('dev' === $this->getEnvironment()) {
+                $bundles[] = new Sensio\Bundle\GeneratorBundle\SensioGeneratorBundle();
+                $bundles[] = new Symfony\Bundle\WebServerBundle\WebServerBundle();
+            }
         }
 
         return $bundles;
     }
 
+    public function getRootDir()
+    {
+        return __DIR__;
+    }
+
     public function getCacheDir()
     {
         return dirname(__DIR__) . '/var/cache/' . $this->getEnvironment();
@@ -70,7 +79,8 @@ class AppKernel extends Kernel
 
     public function registerContainerConfiguration(LoaderInterface $loader)
     {
-        $loader->load($this->getProjectDir() . '/app/config/config_' . $this->getEnvironment() . '.yml');
+        $loader->load($this->getRootDir() . '/config/config_' . $this->getEnvironment() . '.yml');
+
         $loader->load(function ($container) {
             if ($container->getParameter('use_webpack_dev_server')) {
                 $container->loadFromExtension('framework', [
@@ -86,5 +96,11 @@ class AppKernel extends Kernel
                 ]);
             }
         });
+
+        $loader->load(function (ContainerBuilder $container) {
+            // $container->setParameter('container.autowiring.strict_mode', true);
+            // $container->setParameter('container.dumper.inline_class_loader', true);
+            $container->addObjectResource($this);
+        });
     }
 }
diff --git a/app/DoctrineMigrations/Version20180405182455.php b/app/DoctrineMigrations/Version20180405182455.php
new file mode 100755
index 00000000..50fe97c7
--- /dev/null
+++ b/app/DoctrineMigrations/Version20180405182455.php
@@ -0,0 +1,51 @@
+<?php
+
+namespace Application\Migrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Wallabag\CoreBundle\Doctrine\WallabagMigration;
+
+/**
+ * Add archived_at column and set its value to updated_at for is_archived entries.
+ */
+class Version20180405182455 extends WallabagMigration
+{
+    /**
+     * @param Schema $schema
+     */
+    public function up(Schema $schema)
+    {
+        $entryTable = $schema->getTable($this->getTable('entry'));
+
+        $this->skipIf($entryTable->hasColumn('archived_at'), 'It seems that you already played this migration.');
+
+        $entryTable->addColumn('archived_at', 'datetime', [
+            'notnull' => false,
+        ]);
+    }
+
+    public function postUp(Schema $schema)
+    {
+        $entryTable = $schema->getTable($this->getTable('entry'));
+        $this->skipIf(!$entryTable->hasColumn('archived_at'), 'Unable to add archived_at colum');
+
+        $this->connection->executeQuery(
+            'UPDATE ' . $this->getTable('entry') . ' SET archived_at = updated_at WHERE is_archived = :is_archived',
+            [
+                'is_archived' => true,
+            ]
+        );
+    }
+
+    /**
+     * @param Schema $schema
+     */
+    public function down(Schema $schema)
+    {
+        $entryTable = $schema->getTable($this->getTable('entry'));
+
+        $this->skipIf(!$entryTable->hasColumn('archived_at'), 'It seems that you already played this migration.');
+
+        $entryTable->dropColumn('archived_at');
+    }
+}
diff --git a/app/DoctrineMigrations/Version20181128203230.php b/app/DoctrineMigrations/Version20181128203230.php
new file mode 100644
index 00000000..d1b09fc7
--- /dev/null
+++ b/app/DoctrineMigrations/Version20181128203230.php
@@ -0,0 +1,45 @@
+<?php
+
+namespace Application\Migrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Wallabag\CoreBundle\Doctrine\WallabagMigration;
+
+/**
+ * Fix varchar field from vendor to work with utf8mb4.
+ */
+class Version20181128203230 extends WallabagMigration
+{
+    /**
+     * @param Schema $schema
+     */
+    public function up(Schema $schema)
+    {
+        $this->skipIf('mysql' !== $this->connection->getDatabasePlatform()->getName(), 'This migration can only be applied on \'mysql\'.');
+
+        $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_access_tokens') . ' CHANGE `token` `token` varchar(191) NOT NULL');
+        $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_access_tokens') . ' CHANGE `scope` `scope` varchar(191)');
+        $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_auth_codes') . ' CHANGE `token` `token` varchar(191) NOT NULL');
+        $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_auth_codes') . ' CHANGE `scope` `scope` varchar(191)');
+        $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_refresh_tokens') . ' CHANGE `token` `token` varchar(191) NOT NULL');
+        $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_refresh_tokens') . ' CHANGE `scope` `scope` varchar(191)');
+        $this->addSql('ALTER TABLE ' . $this->getTable('craue_config_setting') . ' CHANGE `name` `name` varchar(191)');
+        $this->addSql('ALTER TABLE ' . $this->getTable('craue_config_setting') . ' CHANGE `section` `section` varchar(191)');
+        $this->addSql('ALTER TABLE ' . $this->getTable('craue_config_setting') . ' CHANGE `value` `value` varchar(191)');
+    }
+
+    public function down(Schema $schema)
+    {
+        $this->skipIf('mysql' !== $this->connection->getDatabasePlatform()->getName(), 'This migration can only be applied on \'mysql\'.');
+
+        $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_access_tokens') . ' CHANGE `token` `token` varchar(255) NOT NULL');
+        $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_access_tokens') . ' CHANGE `scope` `scope` varchar(255)');
+        $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_auth_codes') . ' CHANGE `token` `token` varchar(255) NOT NULL');
+        $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_auth_codes') . ' CHANGE `scope` `scope` varchar(255)');
+        $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_refresh_tokens') . ' CHANGE `token` `token` varchar(255) NOT NULL');
+        $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_refresh_tokens') . ' CHANGE `scope` `scope` varchar(255)');
+        $this->addSql('ALTER TABLE ' . $this->getTable('craue_config_setting') . ' CHANGE `name` `name` varchar(255)');
+        $this->addSql('ALTER TABLE ' . $this->getTable('craue_config_setting') . ' CHANGE `section` `section` varchar(255)');
+        $this->addSql('ALTER TABLE ' . $this->getTable('craue_config_setting') . ' CHANGE `value` `value` varchar(255)');
+    }
+}
diff --git a/app/DoctrineMigrations/Version20181202073750.php b/app/DoctrineMigrations/Version20181202073750.php
new file mode 100644
index 00000000..5978291e
--- /dev/null
+++ b/app/DoctrineMigrations/Version20181202073750.php
@@ -0,0 +1,76 @@
+<?php
+
+namespace Application\Migrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Wallabag\CoreBundle\Doctrine\WallabagMigration;
+
+/**
+ * Add 2fa OTP stuff.
+ */
+final class Version20181202073750 extends WallabagMigration
+{
+    public function up(Schema $schema): void
+    {
+        switch ($this->connection->getDatabasePlatform()->getName()) {
+            case 'sqlite':
+                $this->addSql('DROP INDEX UNIQ_1D63E7E5C05FB297');
+                $this->addSql('DROP INDEX UNIQ_1D63E7E5A0D96FBF');
+                $this->addSql('DROP INDEX UNIQ_1D63E7E592FC23A8');
+                $this->addSql('CREATE TEMPORARY TABLE __temp__' . $this->getTable('user', true) . ' AS SELECT id, username, username_canonical, email, email_canonical, enabled, salt, password, last_login, confirmation_token, password_requested_at, roles, name, created_at, updated_at, authCode, twoFactorAuthentication FROM ' . $this->getTable('user', true) . '');
+                $this->addSql('DROP TABLE ' . $this->getTable('user', true) . '');
+                $this->addSql('CREATE TABLE ' . $this->getTable('user', true) . ' (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, username VARCHAR(180) NOT NULL COLLATE BINARY, username_canonical VARCHAR(180) NOT NULL COLLATE BINARY, email VARCHAR(180) NOT NULL COLLATE BINARY, email_canonical VARCHAR(180) NOT NULL COLLATE BINARY, enabled BOOLEAN NOT NULL, password VARCHAR(255) NOT NULL COLLATE BINARY, last_login DATETIME DEFAULT NULL, password_requested_at DATETIME DEFAULT NULL, name CLOB DEFAULT NULL COLLATE BINARY, created_at DATETIME NOT NULL, updated_at DATETIME NOT NULL, authCode INTEGER DEFAULT NULL, emailTwoFactor BOOLEAN NOT NULL, salt VARCHAR(255) DEFAULT NULL, confirmation_token VARCHAR(180) DEFAULT NULL, roles CLOB NOT NULL --(DC2Type:array)
+                , googleAuthenticatorSecret VARCHAR(255) DEFAULT NULL, backupCodes CLOB DEFAULT NULL --(DC2Type:json_array)
+                )');
+                $this->addSql('INSERT INTO ' . $this->getTable('user', true) . ' (id, username, username_canonical, email, email_canonical, enabled, salt, password, last_login, confirmation_token, password_requested_at, roles, name, created_at, updated_at, authCode, emailTwoFactor) SELECT id, username, username_canonical, email, email_canonical, enabled, salt, password, last_login, confirmation_token, password_requested_at, roles, name, created_at, updated_at, authCode, twoFactorAuthentication FROM __temp__' . $this->getTable('user', true) . '');
+                $this->addSql('DROP TABLE __temp__' . $this->getTable('user', true) . '');
+                $this->addSql('CREATE UNIQUE INDEX UNIQ_1D63E7E5C05FB297 ON ' . $this->getTable('user', true) . ' (confirmation_token)');
+                $this->addSql('CREATE UNIQUE INDEX UNIQ_1D63E7E5A0D96FBF ON ' . $this->getTable('user', true) . ' (email_canonical)');
+                $this->addSql('CREATE UNIQUE INDEX UNIQ_1D63E7E592FC23A8 ON ' . $this->getTable('user', true) . ' (username_canonical)');
+                break;
+            case 'mysql':
+                $this->addSql('ALTER TABLE ' . $this->getTable('user') . ' ADD googleAuthenticatorSecret VARCHAR(191) DEFAULT NULL');
+                $this->addSql('ALTER TABLE ' . $this->getTable('user') . ' CHANGE twoFactorAuthentication emailTwoFactor BOOLEAN NOT NULL');
+                $this->addSql('ALTER TABLE ' . $this->getTable('user') . ' DROP trusted');
+                $this->addSql('ALTER TABLE ' . $this->getTable('user') . ' ADD backupCodes LONGTEXT DEFAULT NULL COMMENT \'(DC2Type:json_array)\'');
+                break;
+            case 'postgresql':
+                $this->addSql('ALTER TABLE ' . $this->getTable('user') . ' ADD googleAuthenticatorSecret VARCHAR(191) DEFAULT NULL');
+                $this->addSql('ALTER TABLE ' . $this->getTable('user') . ' RENAME COLUMN twofactorauthentication TO emailTwoFactor');
+                $this->addSql('ALTER TABLE ' . $this->getTable('user') . ' DROP trusted');
+                $this->addSql('ALTER TABLE ' . $this->getTable('user') . ' ADD backupCodes TEXT DEFAULT NULL');
+                break;
+        }
+    }
+
+    public function down(Schema $schema): void
+    {
+        switch ($this->connection->getDatabasePlatform()->getName()) {
+            case 'sqlite':
+                $this->addSql('DROP INDEX UNIQ_1D63E7E592FC23A8');
+                $this->addSql('DROP INDEX UNIQ_1D63E7E5A0D96FBF');
+                $this->addSql('DROP INDEX UNIQ_1D63E7E5C05FB297');
+                $this->addSql('CREATE TEMPORARY TABLE __temp__' . $this->getTable('user', true) . ' AS SELECT id, username, username_canonical, email, email_canonical, enabled, salt, password, last_login, confirmation_token, password_requested_at, roles, name, created_at, updated_at, authCode, emailTwoFactor FROM "' . $this->getTable('user', true) . '"');
+                $this->addSql('DROP TABLE "' . $this->getTable('user', true) . '"');
+                $this->addSql('CREATE TABLE "' . $this->getTable('user', true) . '" (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, username VARCHAR(180) NOT NULL, username_canonical VARCHAR(180) NOT NULL, email VARCHAR(180) NOT NULL, email_canonical VARCHAR(180) NOT NULL, enabled BOOLEAN NOT NULL, password VARCHAR(255) NOT NULL, last_login DATETIME DEFAULT NULL, password_requested_at DATETIME DEFAULT NULL, name CLOB DEFAULT NULL, created_at DATETIME NOT NULL, updated_at DATETIME NOT NULL, authCode INTEGER DEFAULT NULL, twoFactorAuthentication BOOLEAN NOT NULL, salt VARCHAR(255) NOT NULL COLLATE BINARY, confirmation_token VARCHAR(255) DEFAULT NULL COLLATE BINARY, roles CLOB NOT NULL COLLATE BINARY, trusted CLOB DEFAULT NULL COLLATE BINARY)');
+                $this->addSql('INSERT INTO "' . $this->getTable('user', true) . '" (id, username, username_canonical, email, email_canonical, enabled, salt, password, last_login, confirmation_token, password_requested_at, roles, name, created_at, updated_at, authCode, twoFactorAuthentication) SELECT id, username, username_canonical, email, email_canonical, enabled, salt, password, last_login, confirmation_token, password_requested_at, roles, name, created_at, updated_at, authCode, emailTwoFactor FROM __temp__' . $this->getTable('user', true) . '');
+                $this->addSql('DROP TABLE __temp__' . $this->getTable('user', true) . '');
+                $this->addSql('CREATE UNIQUE INDEX UNIQ_1D63E7E592FC23A8 ON "' . $this->getTable('user', true) . '" (username_canonical)');
+                $this->addSql('CREATE UNIQUE INDEX UNIQ_1D63E7E5A0D96FBF ON "' . $this->getTable('user', true) . '" (email_canonical)');
+                $this->addSql('CREATE UNIQUE INDEX UNIQ_1D63E7E5C05FB297 ON "' . $this->getTable('user', true) . '" (confirmation_token)');
+                break;
+            case 'mysql':
+                $this->addSql('ALTER TABLE `' . $this->getTable('user') . '` DROP googleAuthenticatorSecret');
+                $this->addSql('ALTER TABLE `' . $this->getTable('user') . '` CHANGE emailtwofactor twoFactorAuthentication BOOLEAN NOT NULL');
+                $this->addSql('ALTER TABLE `' . $this->getTable('user') . '` ADD trusted TEXT DEFAULT NULL');
+                $this->addSql('ALTER TABLE `' . $this->getTable('user') . '` DROP backupCodes');
+                break;
+            case 'postgresql':
+                $this->addSql('ALTER TABLE ' . $this->getTable('user') . ' DROP googleAuthenticatorSecret');
+                $this->addSql('ALTER TABLE ' . $this->getTable('user') . ' RENAME COLUMN emailTwoFactor TO twofactorauthentication');
+                $this->addSql('ALTER TABLE ' . $this->getTable('user') . ' ADD trusted TEXT DEFAULT NULL');
+                $this->addSql('ALTER TABLE ' . $this->getTable('user') . ' DROP backupCodes');
+                break;
+        }
+    }
+}
diff --git a/app/DoctrineMigrations/Version20190117131816.php b/app/DoctrineMigrations/Version20190117131816.php
new file mode 100644
index 00000000..6548b9fa
--- /dev/null
+++ b/app/DoctrineMigrations/Version20190117131816.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace Application\Migrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Wallabag\CoreBundle\Doctrine\WallabagMigration;
+
+/**
+ * Add updated_at fields to site_credential table.
+ */
+final class Version20190117131816 extends WallabagMigration
+{
+    public function up(Schema $schema): void
+    {
+        $siteCredentialTable = $schema->getTable($this->getTable('site_credential'));
+
+        $this->skipIf($siteCredentialTable->hasColumn('updated_at'), 'It seems that you already played this migration.');
+
+        $siteCredentialTable->addColumn('updated_at', 'datetime', [
+            'notnull' => false,
+        ]);
+    }
+
+    public function down(Schema $schema): void
+    {
+        $siteCredentialTable = $schema->getTable($this->getTable('site_credential'));
+
+        $this->skipIf(!$siteCredentialTable->hasColumn('updated_at'), 'It seems that you already played this migration.');
+
+        $siteCredentialTable->dropColumn('updated_at');
+    }
+}
diff --git a/app/DoctrineMigrations/Version20190129120000.php b/app/DoctrineMigrations/Version20190129120000.php
new file mode 100644
index 00000000..3632e762
--- /dev/null
+++ b/app/DoctrineMigrations/Version20190129120000.php
@@ -0,0 +1,147 @@
+<?php
+
+namespace Application\Migrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Wallabag\CoreBundle\Doctrine\WallabagMigration;
+
+/**
+ * Add missing entries in craue_config_setting.
+ */
+final class Version20190129120000 extends WallabagMigration
+{
+    private $settings = [
+        [
+            'name' => 'carrot',
+            'value' => '1',
+            'section' => 'entry',
+        ],
+        [
+            'name' => 'share_diaspora',
+            'value' => '1',
+            'section' => 'entry',
+        ],
+        [
+            'name' => 'diaspora_url',
+            'value' => 'http://diasporapod.com',
+            'section' => 'entry',
+        ],
+        [
+            'name' => 'share_shaarli',
+            'value' => '1',
+            'section' => 'entry',
+        ],
+        [
+            'name' => 'shaarli_url',
+            'value' => 'http://myshaarli.com',
+            'section' => 'entry',
+        ],
+        [
+            'name' => 'share_mail',
+            'value' => '1',
+            'section' => 'entry',
+        ],
+        [
+            'name' => 'share_twitter',
+            'value' => '1',
+            'section' => 'entry',
+        ],
+        [
+            'name' => 'show_printlink',
+            'value' => '1',
+            'section' => 'entry',
+        ],
+        [
+            'name' => 'export_epub',
+            'value' => '1',
+            'section' => 'export',
+        ],
+        [
+            'name' => 'export_mobi',
+            'value' => '1',
+            'section' => 'export',
+        ],
+        [
+            'name' => 'export_pdf',
+            'value' => '1',
+            'section' => 'export',
+        ],
+        [
+            'name' => 'export_csv',
+            'value' => '1',
+            'section' => 'export',
+        ],
+        [
+            'name' => 'export_json',
+            'value' => '1',
+            'section' => 'export',
+        ],
+        [
+            'name' => 'export_txt',
+            'value' => '1',
+            'section' => 'export',
+        ],
+        [
+            'name' => 'export_xml',
+            'value' => '1',
+            'section' => 'export',
+        ],
+        [
+            'name' => 'piwik_enabled',
+            'value' => '0',
+            'section' => 'analytics',
+        ],
+        [
+            'name' => 'piwik_host',
+            'value' => 'v2.wallabag.org',
+            'section' => 'analytics',
+        ],
+        [
+            'name' => 'piwik_site_id',
+            'value' => '1',
+            'section' => 'analytics',
+        ],
+        [
+            'name' => 'demo_mode_enabled',
+            'value' => '0',
+            'section' => 'misc',
+        ],
+        [
+            'name' => 'demo_mode_username',
+            'value' => 'wallabag',
+            'section' => 'misc',
+        ],
+        [
+            'name' => 'wallabag_support_url',
+            'value' => 'https://www.wallabag.org/pages/support.html',
+            'section' => 'misc',
+        ],
+    ];
+
+    /**
+     * @param Schema $schema
+     */
+    public function up(Schema $schema)
+    {
+        foreach ($this->settings as $setting) {
+            $settingEnabled = $this->container
+                ->get('doctrine.orm.default_entity_manager')
+                ->getConnection()
+                ->fetchArray('SELECT * FROM ' . $this->getTable('craue_config_setting') . " WHERE name = '" . $setting['name'] . "'");
+
+            if (false !== $settingEnabled) {
+                continue;
+            }
+
+            $this->addSql('INSERT INTO ' . $this->getTable('craue_config_setting') . " (name, value, section) VALUES ('" . $setting['name'] . "', '" . $setting['value'] . "', '" . $setting['section'] . "');");
+        }
+    }
+
+    /**
+     * @param Schema $schema
+     */
+    public function down(Schema $schema)
+    {
+        $this->skipIf(true, 'These settings are required and should not be removed.');
+    }
+}
diff --git a/app/DoctrineMigrations/Version20190401105353.php b/app/DoctrineMigrations/Version20190401105353.php
new file mode 100644
index 00000000..d27962db
--- /dev/null
+++ b/app/DoctrineMigrations/Version20190401105353.php
@@ -0,0 +1,42 @@
+<?php
+
+namespace Application\Migrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Wallabag\CoreBundle\Doctrine\WallabagMigration;
+
+/**
+ * Add hashed_url in entry.
+ */
+class Version20190401105353 extends WallabagMigration
+{
+    /**
+     * @param Schema $schema
+     */
+    public function up(Schema $schema)
+    {
+        $entryTable = $schema->getTable($this->getTable('entry'));
+
+        $this->skipIf($entryTable->hasColumn('hashed_url'), 'It seems that you already played this migration.');
+
+        $entryTable->addColumn('hashed_url', 'text', [
+            'length' => 40,
+            'notnull' => false,
+        ]);
+
+        $entryTable->addIndex(['user_id', 'hashed_url'], 'hashed_url_user_id', [], ['lengths' => [null, 40]]);
+    }
+
+    /**
+     * @param Schema $schema
+     */
+    public function down(Schema $schema)
+    {
+        $entryTable = $schema->getTable($this->getTable('entry'));
+
+        $this->skipIf(!$entryTable->hasColumn('hashed_url'), 'It seems that you already played this migration.');
+
+        $entryTable->dropIndex('hashed_url_user_id');
+        $entryTable->dropColumn('hashed_url');
+    }
+}
diff --git a/app/DoctrineMigrations/Version20190425115043.php b/app/DoctrineMigrations/Version20190425115043.php
new file mode 100644
index 00000000..4c5c49cc
--- /dev/null
+++ b/app/DoctrineMigrations/Version20190425115043.php
@@ -0,0 +1,58 @@
+<?php
+
+namespace Application\Migrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Wallabag\CoreBundle\Doctrine\WallabagMigration;
+
+/**
+ * Rename rss_token & rss_limit to feed_token & feed_limit.
+ */
+final class Version20190425115043 extends WallabagMigration
+{
+    public function up(Schema $schema): void
+    {
+        switch ($this->connection->getDatabasePlatform()->getName()) {
+            case 'sqlite':
+                $this->addSql('DROP INDEX UNIQ_87E64C53A76ED395');
+                $this->addSql('CREATE TEMPORARY TABLE __temp__' . $this->getTable('config', true) . ' AS SELECT id, user_id, theme, items_per_page, language, rss_token, rss_limit, reading_speed, pocket_consumer_key, action_mark_as_read, list_mode FROM ' . $this->getTable('config', true));
+                $this->addSql('DROP TABLE ' . $this->getTable('config', true));
+                $this->addSql('CREATE TABLE ' . $this->getTable('config', true) . ' (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, user_id INTEGER DEFAULT NULL, theme VARCHAR(255) NOT NULL COLLATE BINARY, items_per_page INTEGER NOT NULL, language VARCHAR(255) NOT NULL COLLATE BINARY, reading_speed DOUBLE PRECISION DEFAULT NULL, pocket_consumer_key VARCHAR(255) DEFAULT NULL COLLATE BINARY, action_mark_as_read INTEGER DEFAULT 0, list_mode INTEGER DEFAULT NULL, feed_token VARCHAR(255) DEFAULT NULL, feed_limit INTEGER DEFAULT NULL, CONSTRAINT FK_87E64C53A76ED395 FOREIGN KEY (user_id) REFERENCES "wallabag_user" (id) NOT DEFERRABLE INITIALLY IMMEDIATE)');
+                $this->addSql('INSERT INTO ' . $this->getTable('config', true) . ' (id, user_id, theme, items_per_page, language, feed_token, feed_limit, reading_speed, pocket_consumer_key, action_mark_as_read, list_mode) SELECT id, user_id, theme, items_per_page, language, rss_token, rss_limit, reading_speed, pocket_consumer_key, action_mark_as_read, list_mode FROM __temp__' . $this->getTable('config', true));
+                $this->addSql('DROP TABLE __temp__' . $this->getTable('config', true));
+                $this->addSql('CREATE UNIQUE INDEX UNIQ_87E64C53A76ED395 ON ' . $this->getTable('config', true) . ' (user_id)');
+                break;
+            case 'mysql':
+                $this->addSql('ALTER TABLE ' . $this->getTable('config') . ' CHANGE rss_token feed_token VARCHAR(255) DEFAULT NULL');
+                $this->addSql('ALTER TABLE ' . $this->getTable('config') . ' CHANGE rss_limit feed_limit INT DEFAULT NULL');
+                break;
+            case 'postgresql':
+                $this->addSql('ALTER TABLE ' . $this->getTable('config') . ' RENAME COLUMN rss_token TO feed_token');
+                $this->addSql('ALTER TABLE ' . $this->getTable('config') . ' RENAME COLUMN rss_limit TO feed_limit');
+                break;
+        }
+    }
+
+    public function down(Schema $schema): void
+    {
+        switch ($this->connection->getDatabasePlatform()->getName()) {
+            case 'sqlite':
+                $this->addSql('DROP INDEX UNIQ_87E64C53A76ED395');
+                $this->addSql('CREATE TEMPORARY TABLE __temp__' . $this->getTable('config', true) . ' AS SELECT id, user_id, theme, items_per_page, language, feed_token, feed_limit, reading_speed, pocket_consumer_key, action_mark_as_read, list_mode FROM "' . $this->getTable('config', true) . '"');
+                $this->addSql('DROP TABLE "' . $this->getTable('config', true) . '"');
+                $this->addSql('CREATE TABLE "' . $this->getTable('config', true) . '" (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, user_id INTEGER DEFAULT NULL, theme VARCHAR(255) NOT NULL, items_per_page INTEGER NOT NULL, language VARCHAR(255) NOT NULL, reading_speed DOUBLE PRECISION DEFAULT NULL, pocket_consumer_key VARCHAR(255) DEFAULT NULL, action_mark_as_read INTEGER DEFAULT 0, list_mode INTEGER DEFAULT NULL, rss_token VARCHAR(255) DEFAULT NULL COLLATE BINARY, rss_limit INTEGER DEFAULT NULL)');
+                $this->addSql('INSERT INTO "' . $this->getTable('config', true) . '" (id, user_id, theme, items_per_page, language, rss_token, rss_limit, reading_speed, pocket_consumer_key, action_mark_as_read, list_mode) SELECT id, user_id, theme, items_per_page, language, feed_token, feed_limit, reading_speed, pocket_consumer_key, action_mark_as_read, list_mode FROM __temp__' . $this->getTable('config', true));
+                $this->addSql('DROP TABLE __temp__' . $this->getTable('config', true));
+                $this->addSql('CREATE UNIQUE INDEX UNIQ_87E64C53A76ED395 ON "' . $this->getTable('config', true) . '" (user_id)');
+                break;
+            case 'mysql':
+                $this->addSql('ALTER TABLE ' . $this->getTable('config') . ' CHANGE feed_token rss_token');
+                $this->addSql('ALTER TABLE ' . $this->getTable('config') . ' CHANGE feed_limit rss_limit');
+                break;
+            case 'postgresql':
+                $this->addSql('ALTER TABLE ' . $this->getTable('config') . ' RENAME COLUMN feed_token TO rss_token');
+                $this->addSql('ALTER TABLE ' . $this->getTable('config') . ' RENAME COLUMN feed_limit TO rss_limit');
+                break;
+        }
+    }
+}
diff --git a/app/DoctrineMigrations/Version20190510141130.php b/app/DoctrineMigrations/Version20190510141130.php
new file mode 100644
index 00000000..524aa452
--- /dev/null
+++ b/app/DoctrineMigrations/Version20190510141130.php
@@ -0,0 +1,96 @@
+<?php
+
+namespace Application\Migrations;
+
+use Doctrine\DBAL\Migrations\SkipMigrationException;
+use Doctrine\DBAL\Schema\Schema;
+use Wallabag\CoreBundle\Doctrine\WallabagMigration;
+
+/**
+ * Enable cascade delete when deleting a user on:
+ *     - oauth2_access_tokens
+ *     - oauth2_clients
+ *     - oauth2_refresh_tokens
+ *     - oauth2_auth_codes.
+ */
+final class Version20190510141130 extends WallabagMigration
+{
+    public function up(Schema $schema): void
+    {
+        switch ($this->connection->getDatabasePlatform()->getName()) {
+            case 'sqlite':
+                $this->addSql('DROP INDEX IDX_368A4209A76ED395');
+                $this->addSql('DROP INDEX IDX_368A420919EB6921');
+                $this->addSql('DROP INDEX UNIQ_368A42095F37A13B');
+                $this->addSql('CREATE TEMPORARY TABLE __temp__' . $this->getTable('oauth2_access_tokens', true) . ' AS SELECT id, client_id, user_id, token, expires_at, scope FROM ' . $this->getTable('oauth2_access_tokens', true));
+                $this->addSql('DROP TABLE ' . $this->getTable('oauth2_access_tokens', true));
+                $this->addSql('CREATE TABLE ' . $this->getTable('oauth2_access_tokens', true) . ' (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, client_id INTEGER NOT NULL, user_id INTEGER DEFAULT NULL, expires_at INTEGER DEFAULT NULL, token VARCHAR(191) NOT NULL, scope VARCHAR(191) NULL, CONSTRAINT FK_368A420919EB6921 FOREIGN KEY (client_id) REFERENCES ' . $this->getTable('oauth2_clients', true) . ' (id) NOT DEFERRABLE INITIALLY IMMEDIATE, CONSTRAINT FK_368A4209A76ED395 FOREIGN KEY (user_id) REFERENCES "wallabag_user" (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE)');
+                $this->addSql('INSERT INTO ' . $this->getTable('oauth2_access_tokens', true) . ' (id, client_id, user_id, token, expires_at, scope) SELECT id, client_id, user_id, token, expires_at, scope FROM __temp__' . $this->getTable('oauth2_access_tokens', true));
+                $this->addSql('DROP TABLE __temp__' . $this->getTable('oauth2_access_tokens', true));
+                $this->addSql('CREATE INDEX IDX_368A4209A76ED395 ON ' . $this->getTable('oauth2_access_tokens', true) . ' (user_id)');
+                $this->addSql('CREATE INDEX IDX_368A420919EB6921 ON ' . $this->getTable('oauth2_access_tokens', true) . ' (client_id)');
+
+                $this->addSql('DROP INDEX IDX_635D765EA76ED395');
+                $this->addSql('CREATE TEMPORARY TABLE __temp__' . $this->getTable('oauth2_clients', true) . ' AS SELECT id, user_id, random_id, secret, redirect_uris, allowed_grant_types, name FROM ' . $this->getTable('oauth2_clients', true));
+                $this->addSql('DROP TABLE ' . $this->getTable('oauth2_clients', true));
+                $this->addSql('CREATE TABLE ' . $this->getTable('oauth2_clients', true) . ' (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, user_id INTEGER DEFAULT NULL, random_id VARCHAR(255) NOT NULL COLLATE BINARY, secret VARCHAR(255) NOT NULL COLLATE BINARY, name CLOB NOT NULL COLLATE BINARY, redirect_uris CLOB NOT NULL, allowed_grant_types CLOB NOT NULL, CONSTRAINT FK_635D765EA76ED395 FOREIGN KEY (user_id) REFERENCES "wallabag_user" (id) NOT DEFERRABLE INITIALLY IMMEDIATE)');
+                $this->addSql('INSERT INTO ' . $this->getTable('oauth2_clients', true) . ' (id, user_id, random_id, secret, redirect_uris, allowed_grant_types, name) SELECT id, user_id, random_id, secret, redirect_uris, allowed_grant_types, name FROM __temp__' . $this->getTable('oauth2_clients', true));
+                $this->addSql('DROP TABLE __temp__' . $this->getTable('oauth2_clients', true));
+                $this->addSql('CREATE INDEX IDX_635D765EA76ED395 ON ' . $this->getTable('oauth2_clients', true) . ' (user_id)');
+
+                $this->addSql('DROP INDEX IDX_20C9FB24A76ED395');
+                $this->addSql('DROP INDEX IDX_20C9FB2419EB6921');
+                $this->addSql('DROP INDEX UNIQ_20C9FB245F37A13B');
+                $this->addSql('CREATE TEMPORARY TABLE __temp__' . $this->getTable('oauth2_refresh_tokens', true) . ' AS SELECT id, client_id, user_id, token, expires_at, scope FROM ' . $this->getTable('oauth2_refresh_tokens', true));
+                $this->addSql('DROP TABLE ' . $this->getTable('oauth2_refresh_tokens', true));
+                $this->addSql('CREATE TABLE ' . $this->getTable('oauth2_refresh_tokens', true) . ' (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, client_id INTEGER NOT NULL, user_id INTEGER DEFAULT NULL, expires_at INTEGER DEFAULT NULL, token VARCHAR(191) NOT NULL, scope VARCHAR(191) NULL, CONSTRAINT FK_20C9FB2419EB6921 FOREIGN KEY (client_id) REFERENCES ' . $this->getTable('oauth2_clients', true) . ' (id) NOT DEFERRABLE INITIALLY IMMEDIATE, CONSTRAINT FK_20C9FB24A76ED395 FOREIGN KEY (user_id) REFERENCES "wallabag_user" (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE)');
+                $this->addSql('INSERT INTO ' . $this->getTable('oauth2_refresh_tokens', true) . ' (id, client_id, user_id, token, expires_at, scope) SELECT id, client_id, user_id, token, expires_at, scope FROM __temp__' . $this->getTable('oauth2_refresh_tokens', true));
+                $this->addSql('DROP TABLE __temp__' . $this->getTable('oauth2_refresh_tokens', true));
+                $this->addSql('CREATE INDEX IDX_20C9FB24A76ED395 ON ' . $this->getTable('oauth2_refresh_tokens', true) . ' (user_id)');
+                $this->addSql('CREATE INDEX IDX_20C9FB2419EB6921 ON ' . $this->getTable('oauth2_refresh_tokens', true) . ' (client_id)');
+
+                $this->addSql('DROP INDEX IDX_EE52E3FAA76ED395');
+                $this->addSql('DROP INDEX IDX_EE52E3FA19EB6921');
+                $this->addSql('DROP INDEX UNIQ_EE52E3FA5F37A13B');
+                $this->addSql('CREATE TEMPORARY TABLE __temp__' . $this->getTable('oauth2_auth_codes', true) . ' AS SELECT id, client_id, user_id, token, redirect_uri, expires_at, scope FROM ' . $this->getTable('oauth2_auth_codes', true));
+                $this->addSql('DROP TABLE ' . $this->getTable('oauth2_auth_codes', true));
+                $this->addSql('CREATE TABLE ' . $this->getTable('oauth2_auth_codes', true) . ' (id INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, client_id INTEGER NOT NULL, user_id INTEGER DEFAULT NULL, redirect_uri CLOB NOT NULL COLLATE BINARY, expires_at INTEGER DEFAULT NULL, token VARCHAR(191) NOT NULL, scope VARCHAR(191) NULL, CONSTRAINT FK_EE52E3FA19EB6921 FOREIGN KEY (client_id) REFERENCES ' . $this->getTable('oauth2_clients', true) . ' (id) NOT DEFERRABLE INITIALLY IMMEDIATE, CONSTRAINT FK_EE52E3FAA76ED395 FOREIGN KEY (user_id) REFERENCES "wallabag_user" (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE)');
+                $this->addSql('INSERT INTO ' . $this->getTable('oauth2_auth_codes', true) . ' (id, client_id, user_id, token, redirect_uri, expires_at, scope) SELECT id, client_id, user_id, token, redirect_uri, expires_at, scope FROM __temp__' . $this->getTable('oauth2_auth_codes', true));
+                $this->addSql('DROP TABLE __temp__' . $this->getTable('oauth2_auth_codes', true));
+                $this->addSql('CREATE INDEX IDX_EE52E3FAA76ED395 ON ' . $this->getTable('oauth2_auth_codes', true) . ' (user_id)');
+                $this->addSql('CREATE INDEX IDX_EE52E3FA19EB6921 ON ' . $this->getTable('oauth2_auth_codes', true) . ' (client_id)');
+                break;
+            case 'mysql':
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_access_tokens') . ' DROP FOREIGN KEY FK_368A4209A76ED395');
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_access_tokens') . ' ADD CONSTRAINT FK_368A4209A76ED395 FOREIGN KEY (user_id) REFERENCES `wallabag_user` (id) ON DELETE CASCADE');
+
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_clients') . ' DROP FOREIGN KEY IDX_user_oauth_client');
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_clients') . ' ADD CONSTRAINT FK_635D765EA76ED395 FOREIGN KEY (user_id) REFERENCES `wallabag_user` (id)');
+
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_refresh_tokens') . ' DROP FOREIGN KEY FK_20C9FB24A76ED395');
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_refresh_tokens') . ' ADD CONSTRAINT FK_20C9FB24A76ED395 FOREIGN KEY (user_id) REFERENCES `wallabag_user` (id) ON DELETE CASCADE');
+
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_auth_codes') . ' DROP FOREIGN KEY FK_EE52E3FAA76ED395');
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_auth_codes') . ' ADD CONSTRAINT FK_EE52E3FAA76ED395 FOREIGN KEY (user_id) REFERENCES `wallabag_user` (id) ON DELETE CASCADE');
+                break;
+            case 'postgresql':
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_access_tokens') . ' DROP CONSTRAINT FK_368A4209A76ED395');
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_access_tokens') . ' ADD CONSTRAINT FK_368A4209A76ED395 FOREIGN KEY (user_id) REFERENCES "wallabag_user" (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE');
+
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_clients') . ' DROP CONSTRAINT idx_user_oauth_client');
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_clients') . ' ADD CONSTRAINT FK_635D765EA76ED395 FOREIGN KEY (user_id) REFERENCES "wallabag_user" (id) NOT DEFERRABLE INITIALLY IMMEDIATE');
+
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_refresh_tokens') . ' DROP CONSTRAINT FK_20C9FB24A76ED395');
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_refresh_tokens') . ' ADD CONSTRAINT FK_20C9FB24A76ED395 FOREIGN KEY (user_id) REFERENCES "wallabag_user" (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE');
+
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_auth_codes') . ' DROP CONSTRAINT FK_EE52E3FAA76ED395');
+                $this->addSql('ALTER TABLE ' . $this->getTable('oauth2_auth_codes') . ' ADD CONSTRAINT FK_EE52E3FAA76ED395 FOREIGN KEY (user_id) REFERENCES "wallabag_user" (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE');
+                break;
+        }
+    }
+
+    public function down(Schema $schema): void
+    {
+        throw new SkipMigrationException('Too complex ...');
+    }
+}
diff --git a/app/Resources/static/themes/_global/index.js b/app/Resources/static/themes/_global/index.js
index ae598e56..9ad96fc0 100644
--- a/app/Resources/static/themes/_global/index.js
+++ b/app/Resources/static/themes/_global/index.js
@@ -70,4 +70,41 @@ $(document).ready(() => {
       retrievePercent(x.entryId, true);
     });
   }
+
+  document.querySelectorAll('[data-handler=tag-rename]').forEach((item) => {
+    const current = item;
+    current.wallabag_edit_mode = false;
+    current.onclick = (event) => {
+      const target = event.currentTarget;
+
+      if (target.wallabag_edit_mode === false) {
+        $(target.parentNode.querySelector('[data-handle=tag-link]')).addClass('hidden');
+        $(target.parentNode.querySelector('[data-handle=tag-rename-form]')).removeClass('hidden');
+        target.parentNode.querySelector('[data-handle=tag-rename-form] input').focus();
+        target.querySelector('.material-icons').innerHTML = 'done';
+
+        target.wallabag_edit_mode = true;
+      } else {
+        target.parentNode.querySelector('[data-handle=tag-rename-form]').submit();
+      }
+    };
+  });
+
+  // mimic radio button because emailTwoFactor is a boolean
+  $('#update_user_googleTwoFactor').on('change', () => {
+    $('#update_user_emailTwoFactor').prop('checked', false);
+  });
+
+  $('#update_user_emailTwoFactor').on('change', () => {
+    $('#update_user_googleTwoFactor').prop('checked', false);
+  });
+
+  // same mimic for super admin
+  $('#user_googleTwoFactor').on('change', () => {
+    $('#user_emailTwoFactor').prop('checked', false);
+  });
+
+  $('#user_emailTwoFactor').on('change', () => {
+    $('#user_googleTwoFactor').prop('checked', false);
+  });
 });
diff --git a/app/Resources/static/themes/baggy/css/article.scss b/app/Resources/static/themes/baggy/css/article.scss
index 9094ad55..d203ce31 100644
--- a/app/Resources/static/themes/baggy/css/article.scss
+++ b/app/Resources/static/themes/baggy/css/article.scss
@@ -85,7 +85,7 @@ blockquote {
   color: #999;
 }
 
-.icon-rss {
+.icon-feed {
   background-color: #000;
   color: #fff;
   padding: 0.2em 0.5em;
@@ -101,8 +101,8 @@ blockquote {
     margin-bottom: 0.5em;
   }
 
-  .icon-rss:hover,
-  .icon-rss:focus {
+  .icon-feed:hover,
+  .icon-feed:focus {
     background-color: #fff;
     color: #000;
     text-decoration: none;
diff --git a/app/Resources/static/themes/baggy/css/layout.scss b/app/Resources/static/themes/baggy/css/layout.scss
index cb14e62d..0293ebe5 100644
--- a/app/Resources/static/themes/baggy/css/layout.scss
+++ b/app/Resources/static/themes/baggy/css/layout.scss
@@ -295,6 +295,15 @@ div.pagination ul {
   }
 }
 
-.hide {
+.card-tag-form {
+  display: inline-block;
+}
+
+.card-tag-form input[type="text"] {
+  min-width: 20em;
+}
+
+.hide,
+.hidden {
   display: none;
 }
diff --git a/app/Resources/static/themes/baggy/css/pictos.scss b/app/Resources/static/themes/baggy/css/pictos.scss
index 2ff01937..b6ebf311 100644
--- a/app/Resources/static/themes/baggy/css/pictos.scss
+++ b/app/Resources/static/themes/baggy/css/pictos.scss
@@ -136,7 +136,7 @@
   content: "\ea3a";
 }
 
-.icon-rss::before {
+.icon-feed::before {
   content: "\e808";
 }
 
diff --git a/app/Resources/static/themes/material/css/cards.scss b/app/Resources/static/themes/material/css/cards.scss
index 0cdc7457..9ae1be82 100644
--- a/app/Resources/static/themes/material/css/cards.scss
+++ b/app/Resources/static/themes/material/css/cards.scss
@@ -197,6 +197,17 @@ a.original:not(.waves-effect) {
   flex-grow: 1;
 }
 
+.card-tag-form {
+  display: flex;
+  min-width: 100px;
+  flex-grow: 1;
+}
+
+.card-tag-form input {
+  margin-bottom: 0;
+  height: 2rem;
+}
+
 .card-tag-rss {
   display: flex;
 }
diff --git a/app/Resources/static/themes/material/index.js b/app/Resources/static/themes/material/index.js
index 96310d81..2926cad1 100755
--- a/app/Resources/static/themes/material/index.js
+++ b/app/Resources/static/themes/material/index.js
@@ -8,7 +8,7 @@ import 'materialize-css/dist/js/materialize';
 import '../_global/index';
 
 /* Tools */
-import { initExport, initFilters } from './js/tools';
+import { initExport, initFilters, initRandom } from './js/tools';
 
 /* Import shortcuts */
 import './js/shortcuts/main';
@@ -32,8 +32,10 @@ $(document).ready(() => {
     format: 'dd/mm/yyyy',
     container: 'body',
   });
+
   initFilters();
   initExport();
+  initRandom();
 
   const toggleNav = (toShow, toFocus) => {
     $('.nav-panel-actions').hide(100);
@@ -48,25 +50,30 @@ $(document).ready(() => {
     $('#tag_label').focus();
     return false;
   });
+
   $('#nav-btn-add').on('click', () => {
     toggleNav('.nav-panel-add', '#entry_url');
     return false;
   });
+
   const materialAddForm = $('.nav-panel-add');
   materialAddForm.on('submit', () => {
     materialAddForm.addClass('disabled');
     $('input#entry_url', materialAddForm).prop('readonly', true).trigger('blur');
   });
+
   $('#nav-btn-search').on('click', () => {
     toggleNav('.nav-panel-search', '#search_entry_term');
     return false;
   });
+
   $('.close').on('click', (e) => {
     $(e.target).parent('.nav-panel-item').hide(100);
     $('.nav-panel-actions').show(100);
     $('.nav-panels').css('background', 'transparent');
     return false;
   });
+
   $(window).scroll(() => {
     const s = $(window).scrollTop();
     const d = $(document).height();
diff --git a/app/Resources/static/themes/material/js/tools.js b/app/Resources/static/themes/material/js/tools.js
index 39398fd8..0b3d3038 100644
--- a/app/Resources/static/themes/material/js/tools.js
+++ b/app/Resources/static/themes/material/js/tools.js
@@ -8,6 +8,7 @@ function initFilters() {
     $('#clear_form_filters').on('click', () => {
       $('#filters input').val('');
       $('#filters :checked').removeAttr('checked');
+
       return false;
     });
   }
@@ -21,4 +22,15 @@ function initExport() {
   }
 }
 
-export { initExport, initFilters };
+function initRandom() {
+  // no display if export (ie: entries) not available
+  if ($('div').is('#export')) {
+    $('#button_random').show();
+  }
+}
+
+export {
+  initExport,
+  initFilters,
+  initRandom,
+};
diff --git a/app/autoload.php b/app/autoload.php
deleted file mode 100644
index c5f664dc..00000000
--- a/app/autoload.php
+++ /dev/null
@@ -1,13 +0,0 @@
-<?php
-
-use Composer\Autoload\ClassLoader;
-use Doctrine\Common\Annotations\AnnotationRegistry;
-
-/**
- * @var ClassLoader
- */
-$loader = require __DIR__ . '/../vendor/autoload.php';
-
-AnnotationRegistry::registerLoader([$loader, 'loadClass']);
-
-return $loader;
diff --git a/app/config/config.yml b/app/config/config.yml
index 8bef8312..078f277a 100644
--- a/app/config/config.yml
+++ b/app/config/config.yml
@@ -46,7 +46,6 @@ twig:
 doctrine:
     dbal:
         driver: "%database_driver%"
-        driver_class: "%database_driver_class%"
         host: "%database_host%"
         port: "%database_port%"
         dbname: "%database_name%"
@@ -55,7 +54,6 @@ doctrine:
         charset: "%database_charset%"
         path: "%database_path%"
         unix_socket: "%database_socket%"
-        server_version: 5.6
 
     orm:
         auto_generate_proxy_classes: "%kernel.debug%"
@@ -79,10 +77,13 @@ doctrine_migrations:
 
 # Swiftmailer Configuration
 swiftmailer:
-    transport: "%mailer_transport%"
-    host: "%mailer_host%"
-    username: "%mailer_user%"
-    password: "%mailer_password%"
+    transport:   "%mailer_transport%"
+    username:    "%mailer_user%"
+    password:    "%mailer_password%"
+    host:        "%mailer_host%"
+    port:        "%mailer_port%"
+    encryption:  "%mailer_encryption%"
+    auth_mode:   "%mailer_auth_mode%"
     spool:
         type: memory
 
@@ -197,10 +198,17 @@ fos_oauth_server:
             refresh_token_lifetime: 1209600
 
 scheb_two_factor:
-    trusted_computer:
+    trusted_device:
         enabled: true
         cookie_name: wllbg_trusted_computer
-        cookie_lifetime: 2592000
+        lifetime: 2592000
+
+    backup_codes:
+        enabled: "%twofactor_auth%"
+
+    google:
+        enabled: "%twofactor_auth%"
+        template: WallabagUserBundle:Authentication:form.html.twig
 
     email:
         enabled: "%twofactor_auth%"
@@ -357,3 +365,8 @@ jms_serializer:
         # see: https://github.com/schmittjoh/JMSSerializerBundle/pull/494
         datetime:
             default_format: "Y-m-d\\TH:i:sO" # ATOM
+
+# see https://github.com/symfony/symfony-standard/pull/1133
+sensio_framework_extra:
+   router:
+        annotations: false
diff --git a/app/config/config_test.yml b/app/config/config_test.yml
index fc067ff4..216f8431 100644
--- a/app/config/config_test.yml
+++ b/app/config/config_test.yml
@@ -1,6 +1,7 @@
 imports:
     - { resource: config_dev.yml }
     - { resource: parameters_test.yml }
+    - { resource: services_test.yml }
 
 framework:
     test: ~
@@ -23,7 +24,6 @@ swiftmailer:
 doctrine:
     dbal:
         driver: "%test_database_driver%"
-        driver_class: "%test_database_driver_class%"
         host: "%test_database_host%"
         port: "%test_database_port%"
         dbname: "%test_database_name%"
diff --git a/app/config/parameters.yml.dist b/app/config/parameters.yml.dist
index 6b0cb8e8..13e2584f 100644
--- a/app/config/parameters.yml.dist
+++ b/app/config/parameters.yml.dist
@@ -11,8 +11,6 @@ parameters:
     # database_password: %env.database_password%
 
     database_driver: pdo_mysql
-    database_driver_class: ~
-    # database_driver_class: Wallabag\CoreBundle\Doctrine\DBAL\Driver\CustomPostgreSQLDriver
     database_host: 127.0.0.1
     database_port: ~
     database_name: wallabag
@@ -27,10 +25,13 @@ parameters:
 
     domain_name: https://your-wallabag-url-instance.com
 
-    mailer_transport: smtp
-    mailer_host: 127.0.0.1
-    mailer_user: ~
-    mailer_password: ~
+    mailer_transport:  smtp
+    mailer_user:       ~
+    mailer_password:   ~
+    mailer_host:       127.0.0.1
+    mailer_port:       false
+    mailer_encryption: ~
+    mailer_auth_mode:  ~
 
     locale: en
 
diff --git a/app/config/parameters_test.yml b/app/config/parameters_test.yml
index 64e51976..257d2ace 100644
--- a/app/config/parameters_test.yml
+++ b/app/config/parameters_test.yml
@@ -8,4 +8,3 @@ parameters:
     test_database_path: "%env(TEST_DATABASE_PATH)%"
     env(TEST_DATABASE_PATH): "%kernel.project_dir%/data/db/wallabag_test.sqlite"
     test_database_charset: utf8
-    test_database_driver_class: ~
diff --git a/app/config/routing.yml b/app/config/routing.yml
index 0bd2d130..d4defca0 100644
--- a/app/config/routing.yml
+++ b/app/config/routing.yml
@@ -51,3 +51,47 @@ craue_config_settings_modify:
 
 fos_js_routing:
     resource: "@FOSJsRoutingBundle/Resources/config/routing/routing.xml"
+
+2fa_login:
+    path: /2fa
+    defaults:
+        _controller: "scheb_two_factor.form_controller:form"
+
+2fa_login_check:
+    path: /2fa_check
+
+# redirect RSS feed to Atom
+rss_to_atom_unread:
+    path: /{username}/{token}/unread.xml
+    defaults:
+        _controller: FrameworkBundle:Redirect:redirect
+        route: unread_feed
+        permanent: true
+
+rss_to_atom_archive:
+    path: /{username}/{token}/archive.xml
+    defaults:
+        _controller: FrameworkBundle:Redirect:redirect
+        route: archive_feed
+        permanent: true
+
+rss_to_atom_starred:
+    path: /{username}/{token}/starred.xml
+    defaults:
+        _controller: FrameworkBundle:Redirect:redirect
+        route: starred_feed
+        permanent: true
+
+rss_to_atom_all:
+    path: /{username}/{token}/all.xml
+    defaults:
+        _controller: FrameworkBundle:Redirect:redirect
+        route: all_feed
+        permanent: true
+
+rss_to_atom_tags:
+    path: /{username}/{token}/tags/{slug}.xml
+    defaults:
+        _controller: FrameworkBundle:Redirect:redirect
+        route: tag_feed
+        permanent: true
diff --git a/app/config/security.yml b/app/config/security.yml
index 02afc9ea..760b2550 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -31,12 +31,15 @@ security:
             fos_oauth: true
             stateless: true
             anonymous: true
+            provider: fos_userbundle
 
         login_firewall:
+            logout_on_user_change: true
             pattern: ^/login$
             anonymous:  ~
 
         secured_area:
+            logout_on_user_change: true
             pattern: ^/
             form_login:
                 provider: fos_userbundle
@@ -53,17 +56,27 @@ security:
                 path:   /logout
                 target: /
 
+            two_factor:
+                provider: fos_userbundle
+                auth_form_path: 2fa_login
+                check_path: 2fa_login_check
+
     access_control:
-        - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/api/user, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/api/(doc|version|info|user), roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        # force role for logout otherwise when 2fa enable, you won't be able to logout
+        # https://github.com/scheb/two-factor-bundle/issues/168#issuecomment-430822478
+        - { path: ^/logout, roles: [IS_AUTHENTICATED_ANONYMOUSLY, IS_AUTHENTICATED_2FA_IN_PROGRESS] }
         - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: /(unread|starred|archive|all).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/locale, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: /tags/(.*).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/feed, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: /(unread|starred|archive).xml$, roles: IS_AUTHENTICATED_ANONYMOUSLY } # For backwards compatibility
         - { path: ^/share, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/settings, roles: ROLE_SUPER_ADMIN }
         - { path: ^/annotations, roles: ROLE_USER }
+        - { path: ^/2fa, role: IS_AUTHENTICATED_2FA_IN_PROGRESS }
         - { path: ^/users, roles: ROLE_SUPER_ADMIN }
         - { path: ^/, roles: ROLE_USER }
diff --git a/app/config/services.yml b/app/config/services.yml
index 7b85d846..25bbe5dc 100644
--- a/app/config/services.yml
+++ b/app/config/services.yml
@@ -2,12 +2,6 @@ parameters:
     lexik_form_filter.get_filter.doctrine_orm.class: Wallabag\CoreBundle\Event\Subscriber\CustomDoctrineORMSubscriber
 
 services:
-    # used for tests
-    filesystem_cache:
-        class: Doctrine\Common\Cache\FilesystemCache
-        arguments:
-            - "%kernel.cache_dir%/doctrine/metadata"
-
     twig.extension.text:
         class: Twig_Extensions_Extension_Text
         tags:
diff --git a/app/config/services_test.yml b/app/config/services_test.yml
new file mode 100644
index 00000000..1b3aff63
--- /dev/null
+++ b/app/config/services_test.yml
@@ -0,0 +1,38 @@
+services:
+    # see https://github.com/symfony/symfony/issues/24543
+    fos_user.user_manager.test:
+        alias: fos_user.user_manager
+        public: true
+
+    fos_user.security.login_manager.test:
+        alias: fos_user.security.login_manager
+        public: true
+
+    wallabag_core.entry_repository.test:
+        alias: wallabag_core.entry_repository
+        public: true
+
+    wallabag_user.user_repository.test:
+        alias: wallabag_user.user_repository
+        public: true
+
+    filesystem_cache:
+        class: Doctrine\Common\Cache\FilesystemCache
+        arguments:
+            - "%kernel.cache_dir%/doctrine/metadata"
+
+    # fixtures
+    Wallabag\UserBundle\DataFixtures\:
+        resource: '../../src/Wallabag/UserBundle/DataFixtures/*'
+        tags: ['doctrine.fixture.orm']
+        autowire: true
+
+    Wallabag\CoreBundle\DataFixtures\:
+        resource: '../../src/Wallabag/CoreBundle/DataFixtures/*'
+        tags: ['doctrine.fixture.orm']
+        autowire: true
+
+    Wallabag\AnnotationBundle\DataFixtures\:
+        resource: '../../src/Wallabag/AnnotationBundle/DataFixtures/*'
+        tags: ['doctrine.fixture.orm']
+        autowire: true
diff --git a/app/config/tests/parameters_test.mysql.yml b/app/config/tests/parameters_test.mysql.yml
index 0b7b82eb..36b227fb 100644
--- a/app/config/tests/parameters_test.mysql.yml
+++ b/app/config/tests/parameters_test.mysql.yml
@@ -1,6 +1,5 @@
 parameters:
     test_database_driver: pdo_mysql
-    test_database_driver_class: ~
     test_database_host: localhost
     test_database_port: 3306
     test_database_name: wallabag_test
diff --git a/app/config/tests/parameters_test.pgsql.yml b/app/config/tests/parameters_test.pgsql.yml
index ea249324..60f51df6 100644
--- a/app/config/tests/parameters_test.pgsql.yml
+++ b/app/config/tests/parameters_test.pgsql.yml
@@ -1,6 +1,5 @@
 parameters:
     test_database_driver: pdo_pgsql
-    test_database_driver_class: Wallabag\CoreBundle\Doctrine\DBAL\Driver\CustomPostgreSQLDriver
     test_database_host: localhost
     test_database_port:
     test_database_name: wallabag_test
diff --git a/app/config/tests/parameters_test.sqlite.yml b/app/config/tests/parameters_test.sqlite.yml
index 64cd984b..2b92d579 100644
--- a/app/config/tests/parameters_test.sqlite.yml
+++ b/app/config/tests/parameters_test.sqlite.yml
@@ -1,6 +1,5 @@
 parameters:
     test_database_driver: pdo_sqlite
-    test_database_driver_class: ~
     test_database_host: localhost
     test_database_port:
     test_database_name: ~