Peter Thomassen

Let's test it (not remove). I use the endpoint myself for scripting simplicity.

Clarified with the OP: The observation was that when clicking "add a new value" within the GUI to add a value for the same subdomain, the new record is restricted...

closed accidentally during master branch rename

I don't think we should include this functionality in the GUI, as it is _very_ confusing to most users when slashes appear in domain names (i.e. they don't signify the...

Why do we want this again?

Yes, there is: https://docs.djangoproject.com/en/3.0/topics/conditional-view-processing/ This topic (conditionals) as well as RR-level access is entangled with [RFC2136 prerequisites](https://tools.ietf.org/html/rfc2136#page-6) and #357. It may make sense to think these through together, so leverage...

same holds for the supermaster name in the nsmaster supermaster table

The two cases above (dbmaster and supermaster settings) are no longer relevant. The string `dedyn.io` currently is only found within the API tests. The string `desec.io` is still found in...

We should require an email confirmation link for enabling 2FA so that someone guessing a login password cannot persist their access by enabling 2FA. (see https://krebsonsecurity.com/2020/06/turn-on-mfa-before-crooks-do-it-for-you/)

TOTP, WebAuthn and others are supported by https://pypi.org/project/django-mfa2/. It seems to be rather simple to integrate, but we should do at least a cursory review of their code.