Authentication: Google Sign-In (new)
- Added Google OAuth login, implemented in “connect to existing account” mode:
- Google authentication is used to sign in to an existing ManageMyTrust account (no new user creation via Google).
- UI and flow improvements:
- Added a Google button on the login screen.
- Added an account association confirmation page for safer linking.
Account security: Change email address wizard (new)
- Introduced a secure, two-step Change Email Address wizard:
- Step 1: user enters a new email (validated for format, uniqueness, and rate limiting).
- Step 2: a 6-digit OTP is sent to the new address; verifying it updates the users email.
- Security hardening:
- All sessions are invalidated after a successful email change.
- A security alert email is sent to the old address
- Email is now read-only in the profile form and can only be changed via the wizard.
