Merge branch 'prepare_production' into 'master'

Prepare production See merge request !64

Merge branch 'prepare_production' into 'master'
Prepare production See merge request !64
2f06d63a · Wolfgang Knopki · 5db7787b · bdd54bf0 · 2f06d63a · 2f06d63a
Commit 2f06d63a authored Sep 18, 2020 by Wolfgang Knopki
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
-pages-devel:    
+deploy-testing:    
  stage: deploy
  script:
+    - cat $configfiledev > ./config/config.js
+    - cat $cert > ./routes/cert/cert.pem
+    - cat $certidp > ./routes/cert/cert_idp.pem
+    - cat $key > ./routes/cert/key.pem
    - npm install
    - "pm2 delete --silent account || :"
    - pm2 start ./app.js --name=account
@@ -9,11 +13,14 @@ pages-devel:
    - testing
  only: 
    - testing
-    - test_logoutbutton

-pages-devel:    
+deploy-master:    
  stage: deploy
  script:
+    - cat $configfileprod > ./config/config.js
+    - cat $cert > ./routes/cert/cert.pem
+    - cat $certidp > ./routes/cert/cert_idp.pem
+    - cat $key > ./routes/cert/key.pem
    - npm install
    - "pm2 delete --silent account || :"
    - pm2 start ./app.js --name=account

--- a/app.js
+++ b/app.js
@@ -9,6 +9,8 @@ const session = require('express-session');
 const errorhandler = require('errorhandler');
 const flash = require('express-flash');
 const fileUpload = require('express-fileupload');
+const helmet = require('helmet');
+const compression = require('compression');

 const i18n = require('i18n'); // internationalization
 i18n.configure({
@@ -16,7 +18,7 @@ i18n.configure({
  directory: './locales'
 });

-var env = process.env.NODE_ENV || 'development';
+var env = process.env.NODE_ENV || 'production';
 const config = require('./config/config')[env];

 var app = express();
@@ -33,6 +35,8 @@ app.use(fileUpload({
  }
 }));

+app.use(helmet());
+app.use(compression());
 app.use(morgan('combined'));
 app.use(cookieParser());
 app.use(bodyParser.json());
@@ -69,7 +73,6 @@ app.use(function(req, res, next) {
 });

 require('./routes/routes-account')(app, config, passport, i18n);
-require('./routes/routes-project')(app, config, passport);
 require('./routes/api')(app, config, passport);

 // Handle 404

--- a/config/config.js
+++ b/config/config.js
@@ -2,36 +2,69 @@ module.exports = {
  development: {
    app: {
      name: 'User Account Management',
-      port: process.env.PORT || 9989
+      port: process.env.PORT || 9989,
+      host: 'http://localhost:9989'
    },
    passport: {
      strategy: 'saml',
      saml: {
        path: process.env.SAML_PATH || '/saml/SSO',
-        entryPoint: process.env.SAML_ENTRY_POINT || 'https://transfer.hft-stuttgart.de/idp/saml2/idp/SSOService.php',
-        //issuer: 'sp-account.m4lab.hft-stuttgart.de', //local metadata
-        issuer: 'sp-account-prod.m4lab.hft-stuttgart.de', //production metadata
-        logoutUrl: 'https://transfer.hft-stuttgart.de/idp/saml2/idp/SingleLogoutService.php'
+        entryPoint: process.env.SAML_ENTRY_POINT || 'Saml Entry Point',
+        issuer: 'SAML issuer', //local metadata
+        logoutUrl: 'SAML logout URL'
      }
    },
    database: {
-      host: 'transfer.hft-stuttgart.de',      	  // DB host
-      user: 'DBManager',          // DB username
-      password: 'Stuttgart2019',  // DB password
+      host: 'localhost',      	  // DB host
+      user: 'usernamedb',          // DB username
+      password: 'passworddb',  // DB password
      port: 3306,                 // MySQL port
      dbUser: 'userdb',           // User DB
-      host_project: 'transfer.hft-stuttgart.de', // DB host project db
-      //host_project: 'localhost', // local
-      dbProject: 'projectDB'     // Project DB
+      host_project: 'localhost', // DB host project db
+      dbProject: 'projectdb'     // Project DB
    },
    mailer: {
-      host: 'mail.hft-stuttgart.de',  // hostname
+      host: 'mailhost',  // hostname
      secureConnection: false,        // TLS requires secureConnection to be false
      port: 587,                      // port for secure SMTP
-      authUser: 'ad\\support-transfer',
-      authPass: '6laumri2',
+      authUser: 'mailuser',
+      authPass: 'mailpass',
      tlsCiphers: 'SSLv3',
-      from: 'support-transfer@hft-stuttgart.de',
+      from: 'mailfrom',
+    }
+  },
+  testing: {
+    app: {
+      name: 'User Account Management',
+      port: process.env.PORT || 9989,
+      host: 'https://m4lab.hft-stuttgart.de/account'
+    },
+    passport: {
+      strategy: 'saml',
+      saml: {
+        path: process.env.SAML_PATH || '/saml/SSO',
+        entryPoint: process.env.SAML_ENTRY_POINT || 'saml entry point',
+        issuer: 'SAML issuer', //testing metadata
+        logoutUrl: 'SAML logout URL'
+      }
+    },
+    database: {
+      host: 'dbhost',      	  // DB host
+      user: 'dbuser',          // DB username
+      password: 'dbpass',  // DB password
+      port: 3306,                 // MySQL port
+      dbUser: 'userdb',           // User DB
+      host_project: 'dbhost', // DB host project db
+      dbProject: 'projectdb'     // Project DB
+    },
+    mailer: {
+      host: 'mailhost',  // hostname
+      secureConnection: false,        // TLS requires secureConnection to be false
+      port: 587,                      // port for secure SMTP
+      authUser: 'mailuser',
+      authPass: 'mailpass',
+      tlsCiphers: 'SSLv3',
+      from: 'mailfrom',
    }
  }
 }
\ No newline at end of file
--- a/package-lock.json
+++ b/package-lock.json
@@ -102,9 +102,9 @@
      },
      "dependencies": {
        "lodash": {
-          "version": "4.17.15",
-          "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz",
-          "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A=="
+          "version": "4.17.19",
+          "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz",
+          "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ=="
        }
      }
    },
@@ -158,6 +158,11 @@
        "type-is": "~1.6.17"
      }
    },
+    "bowser": {
+      "version": "2.9.0",
+      "resolved": "https://registry.npmjs.org/bowser/-/bowser-2.9.0.tgz",
+      "integrity": "sha512-2ld76tuLBNFekRgmJfT2+3j5MIrP6bFict8WAIT3beq+srz1gcKNAdNKMqHqauQt63NmAa88HfP1/Ypa9Er3HA=="
+    },
    "boxen": {
      "version": "1.3.0",
      "resolved": "https://registry.npmjs.org/boxen/-/boxen-1.3.0.tgz",
@@ -214,6 +219,11 @@
      "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-1.2.1.tgz",
      "integrity": "sha1-m7UwTS4LVmmLLHWLCKPqqdqlijk="
    },
+    "camelize": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/camelize/-/camelize-1.0.0.tgz",
+      "integrity": "sha1-FkpUg+Yw+kMh5a8HAg5TGDGyYJs="
+    },
    "capture-stack-trace": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/capture-stack-trace/-/capture-stack-trace-1.0.1.tgz",
@@ -293,6 +303,42 @@
      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
      "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
    },
+    "compressible": {
+      "version": "2.0.18",
+      "resolved": "https://registry.npmjs.org/compressible/-/compressible-2.0.18.tgz",
+      "integrity": "sha512-AF3r7P5dWxL8MxyITRMlORQNaOA2IkAFaTr4k7BUumjPtRpGDTZpl0Pb1XCO6JeDCBdp126Cgs9sMxqSjgYyRg==",
+      "requires": {
+        "mime-db": ">= 1.43.0 < 2"
+      },
+      "dependencies": {
+        "mime-db": {
+          "version": "1.44.0",
+          "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz",
+          "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg=="
+        }
+      }
+    },
+    "compression": {
+      "version": "1.7.4",
+      "resolved": "https://registry.npmjs.org/compression/-/compression-1.7.4.tgz",
+      "integrity": "sha512-jaSIDzP9pZVS4ZfQ+TzvtiWhdpFhE2RDHz8QJkpX9SIpLq88VueF5jJw6t+6CUQcAoA6t+x89MLrWAqpfDE8iQ==",
+      "requires": {
+        "accepts": "~1.3.5",
+        "bytes": "3.0.0",
+        "compressible": "~2.0.16",
+        "debug": "2.6.9",
+        "on-headers": "~1.0.2",
+        "safe-buffer": "5.1.2",
+        "vary": "~1.1.2"
+      },
+      "dependencies": {
+        "bytes": {
+          "version": "3.0.0",
+          "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.0.0.tgz",
+          "integrity": "sha1-0ygVQE1olpn4Wk6k+odV3ROpYEg="
+        }
+      }
+    },
    "concat-map": {
      "version": "0.0.1",
      "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
@@ -335,6 +381,11 @@
        "safe-buffer": "5.1.2"
      }
    },
+    "content-security-policy-builder": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/content-security-policy-builder/-/content-security-policy-builder-2.1.0.tgz",
+      "integrity": "sha512-/MtLWhJVvJNkA9dVLAp6fg9LxD2gfI6R2Fi1hPmfjYXSahJJzcfvoeDOxSyp4NvxMuwWv3WMssE9o31DoULHrQ=="
+    },
    "content-type": {
      "version": "1.0.4",
      "resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.4.tgz",
@@ -397,6 +448,11 @@
      "resolved": "https://registry.npmjs.org/crypto-random-string/-/crypto-random-string-1.0.0.tgz",
      "integrity": "sha1-ojD2T1aDEOFJgAmUB5DsmVRbyn4="
    },
+    "dasherize": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/dasherize/-/dasherize-2.0.0.tgz",
+      "integrity": "sha1-bYCcnNDPe7iVLYD8hPoT1H3bEwg="
+    },
    "debug": {
      "version": "2.6.9",
      "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
@@ -453,6 +509,11 @@
      "resolved": "https://registry.npmjs.org/doctypes/-/doctypes-1.1.0.tgz",
      "integrity": "sha1-6oCxBqh1OHdOijpKWv4pPeSJ4Kk="
    },
+    "dont-sniff-mimetype": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/dont-sniff-mimetype/-/dont-sniff-mimetype-1.1.0.tgz",
+      "integrity": "sha512-ZjI4zqTaxveH2/tTlzS1wFp+7ncxNZaIEWYg3lzZRHkKf5zPT/MnEG6WL0BhHMJUabkh8GeU5NL5j+rEUCb7Ug=="
+    },
    "dot-prop": {
      "version": "4.2.0",
      "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-4.2.0.tgz",
@@ -643,6 +704,11 @@
        }
      }
    },
+    "feature-policy": {
+      "version": "0.3.0",
+      "resolved": "https://registry.npmjs.org/feature-policy/-/feature-policy-0.3.0.tgz",
+      "integrity": "sha512-ZtijOTFN7TzCujt1fnNhfWPFPSHeZkesff9AXZj+UEjYBynWNUIYpC87Ve4wHzyexQsImicLu7WsC2LHq7/xrQ=="
+    },
    "fill-range": {
      "version": "7.0.1",
      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz",
@@ -753,6 +819,72 @@
      "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.1.tgz",
      "integrity": "sha512-PLcsoqu++dmEIZB+6totNFKq/7Do+Z0u4oT0zKOJNl3lYK6vGwwu2hjHs+68OEZbTjiUE9bgOABXbP/GvrS0Kg=="
    },
+    "helmet": {
+      "version": "3.23.3",
+      "resolved": "https://registry.npmjs.org/helmet/-/helmet-3.23.3.tgz",
+      "integrity": "sha512-U3MeYdzPJQhtvqAVBPntVgAvNSOJyagwZwyKsFdyRa8TV3pOKVFljalPOCxbw5Wwf2kncGhmP0qHjyazIdNdSA==",
+      "requires": {
+        "depd": "2.0.0",
+        "dont-sniff-mimetype": "1.1.0",
+        "feature-policy": "0.3.0",
+        "helmet-crossdomain": "0.4.0",
+        "helmet-csp": "2.10.0",
+        "hide-powered-by": "1.1.0",
+        "hpkp": "2.0.0",
+        "hsts": "2.2.0",
+        "nocache": "2.1.0",
+        "referrer-policy": "1.2.0",
+        "x-xss-protection": "1.3.0"
+      },
+      "dependencies": {
+        "depd": {
+          "version": "2.0.0",
+          "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
+          "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
+        }
+      }
+    },
+    "helmet-crossdomain": {
+      "version": "0.4.0",
+      "resolved": "https://registry.npmjs.org/helmet-crossdomain/-/helmet-crossdomain-0.4.0.tgz",
+      "integrity": "sha512-AB4DTykRw3HCOxovD1nPR16hllrVImeFp5VBV9/twj66lJ2nU75DP8FPL0/Jp4jj79JhTfG+pFI2MD02kWJ+fA=="
+    },
+    "helmet-csp": {
+      "version": "2.10.0",
+      "resolved": "https://registry.npmjs.org/helmet-csp/-/helmet-csp-2.10.0.tgz",
+      "integrity": "sha512-Rz953ZNEFk8sT2XvewXkYN0Ho4GEZdjAZy4stjiEQV3eN7GDxg1QKmYggH7otDyIA7uGA6XnUMVSgeJwbR5X+w==",
+      "requires": {
+        "bowser": "2.9.0",
+        "camelize": "1.0.0",
+        "content-security-policy-builder": "2.1.0",
+        "dasherize": "2.0.0"
+      }
+    },
+    "hide-powered-by": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/hide-powered-by/-/hide-powered-by-1.1.0.tgz",
+      "integrity": "sha512-Io1zA2yOA1YJslkr+AJlWSf2yWFkKjvkcL9Ni1XSUqnGLr/qRQe2UI3Cn/J9MsJht7yEVCe0SscY1HgVMujbgg=="
+    },
+    "hpkp": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/hpkp/-/hpkp-2.0.0.tgz",
+      "integrity": "sha1-EOFCJk52IVpdMMROxD3mTe5tFnI="
+    },
+    "hsts": {
+      "version": "2.2.0",
+      "resolved": "https://registry.npmjs.org/hsts/-/hsts-2.2.0.tgz",
+      "integrity": "sha512-ToaTnQ2TbJkochoVcdXYm4HOCliNozlviNsg+X2XQLQvZNI/kCHR9rZxVYpJB3UPcHz80PgxRyWQ7PdU1r+VBQ==",
+      "requires": {
+        "depd": "2.0.0"
+      },
+      "dependencies": {
+        "depd": {
+          "version": "2.0.0",
+          "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz",
+          "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw=="
+        }
+      }
+    },
    "http-errors": {
      "version": "1.7.2",
      "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.2.tgz",
@@ -988,9 +1120,9 @@
      "integrity": "sha1-odePw6UEdMuAhF07O24dpJpEbo4="
    },
    "lodash": {
-      "version": "4.17.15",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz",
-      "integrity": "sha1-tEf2ZwoEVbv+7dETku/zMOoJdUg="
+      "version": "4.17.19",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz",
+      "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ=="
    },
    "longest": {
      "version": "1.0.1",
@@ -1101,9 +1233,9 @@
      }
    },
    "minimist": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.0.tgz",
-      "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ="
+      "version": "1.2.5",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
+      "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw=="
    },
    "morgan": {
      "version": "1.9.1",
@@ -1143,6 +1275,11 @@
      "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.2.tgz",
      "integrity": "sha1-/qz3zPUlp3rpY0Q2pkiD/+yjRvs="
    },
+    "nocache": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/nocache/-/nocache-2.1.0.tgz",
+      "integrity": "sha512-0L9FvHG3nfnnmaEQPjT9xhfN4ISk0A8/2j4M37Np4mcDesJjHgEUfgPhdCyZuFI954tjokaIj/A3NdpFNdEh4Q=="
+    },
    "node-forge": {
      "version": "0.7.6",
      "resolved": "https://registry.npmjs.org/node-forge/-/node-forge-0.7.6.tgz",
@@ -1636,6 +1773,11 @@
        "picomatch": "^2.0.4"
      }
    },
+    "referrer-policy": {
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/referrer-policy/-/referrer-policy-1.2.0.tgz",
+      "integrity": "sha512-LgQJIuS6nAy1Jd88DCQRemyE3mS+ispwlqMk3b0yjZ257fI1v9c+/p6SD5gP5FGyXUIgrNOAfmyioHwZtYv2VA=="
+    },
    "regenerator-runtime": {
      "version": "0.11.1",
      "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.11.1.tgz",
@@ -2044,6 +2186,11 @@
        "signal-exit": "^3.0.2"
      }
    },
+    "x-xss-protection": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/x-xss-protection/-/x-xss-protection-1.3.0.tgz",
+      "integrity": "sha512-kpyBI9TlVipZO4diReZMAHWtS0MMa/7Kgx8hwG/EuZLiA6sg4Ah/4TRdASHhRRN3boobzcYgFRUFSgHRge6Qhg=="
+    },
    "xdg-basedir": {
      "version": "3.0.0",
      "resolved": "https://registry.npmjs.org/xdg-basedir/-/xdg-basedir-3.0.0.tgz",

--- a/package.json
+++ b/package.json
 {
  "name": "m4lab-user-account",
  "version": "0.0.1",
-  "description": "Example for PassportJS SAML strategy",
+  "description": "M4_LAB User Account",
  "author": {
    "name": "Rosanny Sihombing",
    "email": "rosanny.sihombing@hft-stuttgart.de",
@@ -9,12 +9,11 @@
  },
  "keywords": [
    "m4_lab",
-    "saml",
-    "sso"
+    "account"
  ],
  "repository": {
    "type": "git",
-    "url": "https://transfer.gitlab.com/tbd.git"
+    "url": "https://transfer.hft-stuttgart.de/gitlab/m4lab_tv1/user-account.git"
  },
  "scripts": {
    "start": "nodemon app.js",
@@ -24,6 +23,7 @@
    "async": "^3.1.0",
    "bcryptjs": "^2.4.3",
    "body-parser": "^1.19.0",
+    "compression": "^1.7.4",
    "cookie-parser": "1.4.3",
    "crypto": "^1.0.1",
    "errorhandler": "1.4.3",
@@ -32,6 +32,7 @@
    "express-flash": "0.0.2",
    "express-session": "^1.17.0",
    "fs": "0.0.1-security",
+    "helmet": "^3.23.3",
    "i18n": "^0.8.5",
    "morgan": "^1.9.1",
    "mysql": "^2.17.1",

--- a/routes/dbconn.js
+++ b/routes/dbconn.js
 const mysql = require('mysql')

-var env = process.env.NODE_ENV || 'development';
+var env = process.env.NODE_ENV || 'testing';
 const config = require('../config/config')[env]

 // ==== USER ACOOUNT DB CONNECTION ====

--- a/routes/mailer.js
+++ b/routes/mailer.js
 const nodemailer = require('nodemailer')

-var env = process.env.NODE_ENV || 'development';
+var env = process.env.NODE_ENV || 'testing';
 const config = require('../config/config')[env]

 var smtpTransport = nodemailer.createTransport({

--- a/routes/methods.js
+++ b/routes/methods.js
@@ -37,6 +37,17 @@ var methods = {
                        user_id: newUserId
                    }
                    dbconn.user.query('INSERT INTO user_project_role SET ?', projectRoleData, function (err, results, fields) {
+                        if (err) {
+                            return dbconn.user.rollback(function() {
+                                throw err
+                            });
+                        }
+                        // MLAB-129: INSERT verification token
+                        let verificationData = {
+                            user_id: newUserId,
+                            token: data.verificationToken
+                        }
+                        dbconn.user.query('INSERT INTO verification SET ?', verificationData, function (err, results, fields) {
                            if (err) {
                                return dbconn.user.rollback(function() {
                                    throw err
@@ -47,9 +58,10 @@ var methods = {
                                if (err) {
                                    return dbconn.user.rollback(function() {
                                        throw err
-                                });
+                                    })
                                }
-                        });
+                            })
+                        })
                    })
                });
            });
@@ -57,7 +69,20 @@ var methods = {
        })
    },
    getUserByEmail: function(email, callback) {
-        dbconn.user.query('SELECT salutation, title, firstname, lastname, industry, organisation, speciality FROM user WHERE email = "' +email+'"', function (err, rows, fields) {
+        dbconn.user.query('SELECT verificationStatus, salutation, title, firstname, lastname, industry, organisation, speciality, m4lab_idp FROM user WHERE email = "' +email+'"', function (err, rows, fields) {
+            if (err) {
+                throw err;
+            }
+            else {
+                if ( rows.length > 0) {
+                    user = rows[0];
+                }
+            }
+            callback(user, err);
+        });
+    },
+    getUserById: function(userId, callback) {
+        dbconn.user.query('SELECT verificationStatus, email, salutation, title, firstname, lastname, industry, organisation, speciality FROM user WHERE id = ' +userId, function (err, rows, fields) {
            if (err) {
                throw err;
            }
@@ -70,7 +95,7 @@ var methods = {
        });
    },
 	checkUserEmail: function(email, callback) {
-        var user;
+        let user
        dbconn.user.query('SELECT id, email FROM user WHERE email = "' +email+'"', function (err, rows, fields) {
            if (err) {
                throw err;
@@ -84,7 +109,7 @@ var methods = {
        });
    },
    getUserByToken: function(token, callback) {
-        var user;
+        let user
        dbconn.user.query('SELECT t1.user_id, t2.email FROM userdb.credential AS t1 INNER JOIN userdb.user AS t2 ON t1.user_id = t2.id AND t1.resetPasswordToken = "'
            +token+'" and resetPasswordExpires > '+Date.now(), function (err, rows, fields) {
                if (err) {
@@ -100,75 +125,92 @@ var methods = {
            }
        );
    },
-	updateUser: function(userData, callback) {
-		dbconn.user.query('UPDATE user SET ? WHERE email = "' +userData.email+'"', userData, function (err, rows, fields) {
-            if (err) throw err;
-            callback(err);
+	updateUserById: function(userData, callback) {
+		dbconn.user.query('UPDATE user SET ? WHERE id = ' +userData.id, userData, function (err, rows, fields) {
+            if (err) throw err
+            callback(err)
        })
    },
    updateCredential: function(data, callback) {
        dbconn.user.query('UPDATE credential SET ? WHERE user_id = ' +data.user_id, data, function (err, rows, fields) {
-            if (err) throw err;
-            callback(err);
+            if (err) throw err
+            callback(err)
        })
    },
    getUserIdByEmail: function(email, callback) {
-        var userId
+        let userId
        dbconn.user.query('SELECT id FROM user WHERE email = "' +email+'"', function (err, rows, fields) {
            if (err) {
-                throw err;
+                throw err
            }
            else {
                if ( rows.length > 0) {
-                    userId = rows[0].id;
+                    userId = rows[0].id
                }
            }
-            callback(userId, err);
+            callback(userId, err)
        });
    },
    getUserProjectRole: function(userId, callback) {
        dbconn.user.query('SELECT project_id, role_id FROM user_project_role WHERE user_id = "' +userId+'"', function (err, rows, fields) {
-            if (err) throw err;
-            callback(rows, err);
+            if (err) throw err
+            callback(rows, err)
        });
    },
    addUserProjectRole: function(data, callback) {
        dbconn.user.query('INSERT INTO user_project_role SET ?', data, function (err, results, fields){
-            if (err) throw err;
-            callback(err);
-        })
-    },
-    // ======================= project db =======================
-    getAllProjects: function(callback) {
-        dbconn.project.query('CALL getAllprojects', function (err, rows, fields){
-            if (err) throw err;
-            callback(rows[0], err);
-        })
-    },
-    getAllMailinglists: function(callback) {
-        dbconn.project.query('CALL getAllLists', function (err, rows, fields){
-            if (err) throw err;
-            callback(rows[0], err);
+            if (err) throw err
+            callback(err)
        })
    },
-    getProjectOverviewById: function(projectId, callback) {
-        dbconn.project.query('CALL GetProjectInformationByProjectID(' + projectId+ ')', function (err, rows, fields){
-            if (err) throw err;
-            callback(rows[0], err);
+    getVerificationTokenByUserId: function(userId, callback) {
+        let token
+        dbconn.user.query('SELECT token FROM verification WHERE user_id = "' +userId+'"', function (err, rows, fields) {
+            if (err) {
+                throw err
+            }
+            else {
+                if (rows.length > 0) {
+                    token = rows[0].token
+                }
+            }
+            callback(token, err)
        })
    },
-    getProjectImagesById: function(projectId, callback) {
-        dbconn.project.query('CALL getImagesByProjectID(' + projectId+ ')', function (err, rows, fields){
-            if (err) throw err;
-            callback(rows[0], err);
+    getUserIdByVerificationToken: function(token, callback) {
+        let userId
+        dbconn.user.query('SELECT user_id FROM verification WHERE token = "' +token+'"', function (err, rows, fields) {
+            if (err) {
+                throw err
+            }
+            else if(rows[0]) {
+                userId = rows[0].user_id
+            }
+            callback(userId, err)
        })
    },
-    addProjectOverview: function(data, callback) {
-        dbconn.project.query('INSERT INTO project_overview SET ?', data, function (err, results, fields){
+    verifyUserAccount: function(userData, callback) {
+        dbconn.user.beginTransaction(function(err) { // START TRANSACTION
+            if (err) { throw err }
+            // update user status
+            dbconn.user.query('UPDATE user SET ? WHERE id =' +userData.id, userData, function (err, rows, fields) {
                if (err) {
-                console.error(err);
+                    return dbconn.user.rollback(function() { throw err })
                }
-            callback(results, err);
+                // delete verification token
+                dbconn.user.query('DELETE FROM verification WHERE user_id = '+userData.id, function (err, rows, fields) {
+                    if (err) {
+                        return dbconn.user.rollback(function() { throw err })
+                    }
+                    // COMMIT
+                    dbconn.user.commit(function(err) {
+                        if (err) {
+                            return dbconn.user.rollback(function() { throw err })
+                        }
+                    })
+                })
+            })
+            callback(err)
        })
    }
 };

--- a/routes/routes-account.js
+++ b/routes/routes-account.js
@@ -22,6 +22,20 @@ module.exports = function (app, config, passport, i18n) {
    done(null, user);
  });

+  const mailSignature = 'Mit den besten Grüßen,<br/>das Transferportal-Team der HFT Stuttgart<br/><br/>' +
+    'Transferportal der Hochschule für Technik Stuttgart<br/>' +
+    'Schellingstr. 24   70174 Stuttgart<br/>' +
+    'm4lab@hft-stuttgart.de<br/>' +
+    '<a href="https://transfer.hft-stuttgart.de">https://transfer.hft-stuttgart.de</a><br/>' +
+    '<a href="http://www.hft-stuttgart.de/Aktuell/"><img border="0" alt="HFT" src="https://m4lab.hft-stuttgart.de/img/signature/hft_logo.png" width="30" height="30"></a>  &nbsp;' +
+    '<a href="http://www.facebook.com/hftstuttgart"><img border="0" alt="Facebook" src="https://m4lab.hft-stuttgart.de/img/signature/fb_bw.png" width="30" height="30"></a>  &nbsp;' +
+    '<a href="https://www.instagram.com/hft_stuttgart/"><img border="0" alt="Instagram" src="https://m4lab.hft-stuttgart.de/img/signature/instagram_bw.png" width="30" height="30"></a>  &nbsp;' +
+    '<a href="https://twitter.com/hft_presse"><img border="0" alt="Twitter" src="https://m4lab.hft-stuttgart.de/img/signature/twitter_bw.png" width="30" height="30"></a>  &nbsp;' +
+    '<a href="https://www.youtube.com/channel/UCi0_JfF2qMZbOhOnNH5PyHA"><img border="0" alt="Youtube" src="https://m4lab.hft-stuttgart.de/img/signature/youtube_bw.png" width="30" height="30"></a>  &nbsp;' +
+    '<a href="http://www.hft-stuttgart.de/Aktuell/Presse-Marketing/SocialMedia/Snapcode HFT_Stuttgart.jpg/photo_view">' +
+    '<img border="0" alt="Snapchat" src="https://m4lab.hft-stuttgart.de/img/signature/snapchat_bw.png" width="30" height="30"></a>' +
+    '<br/><img border="0" src="https://m4lab.hft-stuttgart.de/img/signature/inno_bw.png" width="150" height="100">'
+
  var samlStrategy = new SamlStrategy({
      // URL that goes from the Identity Provider -> Service Provider
      callbackUrl: config.passport.saml.path,
@@ -86,13 +100,13 @@ module.exports = function (app, config, passport, i18n) {

  // ======== APP ROUTES - ACCOUNT ====================
  var updatePasswordMailSubject = "Ihr Passwort für das Transferportal wurde gespeichert."
-  var mailSignature = "Mit den besten Grüßen,\ndas Transferportal-Team der HFT Stuttgart\n\n"+
-    "Transferportal der Hochschule für Technik Stuttgart\n"+
-    "Schellingstr. 24\n"+
-    "70174 Stuttgart\n"+
-    "m4lab@hft-stuttgart.de\n"+
-    "https://transfer.hft-stuttgart.de"
-  var updatePasswordMailContent = "Lieber Nutzer,\n\n"+"Ihr Passwort wurde erfolgreich geändert.\n\n"+mailSignature
+  // var mailSignature = "Mit den besten Grüßen,\ndas Transferportal-Team der HFT Stuttgart\n\n"+
+  //   "Transferportal der Hochschule für Technik Stuttgart\n"+
+  //   "Schellingstr. 24\n"+
+  //   "70174 Stuttgart\n"+
+  //   "m4lab@hft-stuttgart.de\n"+
+  //   "https://transfer.hft-stuttgart.de"
+  var updatePasswordMailContent = '<div>Lieber Nutzer,<br/><br/>Ihr Passwort wurde erfolgreich geändert.<br/><br/>' + mailSignature + '</div>';

  app.get('/', function (req, res) {
    if (req.isAuthenticated()) {
@@ -142,11 +156,19 @@ module.exports = function (app, config, passport, i18n) {
    if (req.isAuthenticated()) {
      methods.getUserByEmail(req.user.email, function(data, err){
        if (!err) {
+          if (data.verificationStatus == 1) {
+            console.log(data)
            res.render(lang+'/account/profile', {
              user: data,
              email: req.user.email
+            })
+          }
+          else {
+            res.render(lang+'/account/home', {
+              user: data
            });
          }
+        }
      })
    } else {
      res.redirect('/login');
@@ -155,6 +177,13 @@ module.exports = function (app, config, passport, i18n) {

  app.get('/services', function (req, res) {
    if (req.isAuthenticated()) {
+      methods.getUserByEmail(req.user.email, function(data, err){
+        if (!err) {
+          if (data.verificationStatus == 1) {
+            res.render(lang+'/account/services', {
+              user: data
+            });
+            /* !!! DO NOT DELETE. TEMPORARILY DISABLED FOR FUTURE USE. !!!
            async.waterfall([
              // get userId by email from userdb
              function(done) {
@@ -207,11 +236,20 @@ module.exports = function (app, config, passport, i18n) {
      
                // render the page
                res.render(lang+'/account/services', {
-            user: req.user,
+                  user: data,
                  project: allProjects
                });
              }
            ])
+            */
+          }
+          else {
+            res.render(lang+'/account/home', {
+              user: data
+            });
+          }
+        }
+      })
    } else {
      res.redirect('/login');
    }
@@ -219,9 +257,20 @@ module.exports = function (app, config, passport, i18n) {

  app.get('/security', function (req, res) {
    if (req.isAuthenticated()) {
+      methods.getUserByEmail(req.user.email, function(data, err){
+        if (!err) {
+          if (data.verificationStatus == 1 && data.m4lab_idp == 1) {
            res.render(lang+'/account/security', {
-        user: req.user // useful for view engine, useless for HTML
+              user: data
+            })
+          }
+          else {
+            res.render(lang+'/account/home', {
+              user: data
            });
+          }
+        }        
+      })
    } else {
      res.redirect('/login');
    }
@@ -316,7 +365,7 @@ module.exports = function (app, config, passport, i18n) {
                          mailer.options.to = req.user.email
                          //mailOptions.subject = "Your M4_LAB Password has been updated."
                          mailer.options.subject = updatePasswordMailSubject
-                          mailer.options.text = updatePasswordMailContent
+                          mailer.options.html = updatePasswordMailContent
                          mailer.transport.sendMail(mailer.options, function(err) {
                            if (err) {
                              console.log(err)
@@ -372,11 +421,16 @@ module.exports = function (app, config, passport, i18n) {
              "Otherwise, you can reset your password using this link: http://m4lab.hft-stuttgart.de/account/reset/" + token + "\n" +
              "This password reset is only valid for 1 hour.\n\n"+
              "Thanks,\nM4_LAB Team" */
-            var emailContent = "Lieber Nutzer,\n\n"+
-              "wir haben Ihre Anfrage zur Erneuerung Ihres Passwortes erhalten. Falls Sie diese Anfrage nicht gesendet haben, ignorieren Sie bitte diese E-Mail.\n\n"+
-              "Sie können Ihr Passwort mit dem Klick auf diesen Link ändern: http://m4lab.hft-stuttgart.de/account/reset/" + token + "\n" + // test server
-              //"Sie können Ihr Passwort mit dem Klick auf diesen Link ändern: http://localhost:9989/reset/" + token + "\n" + // localhost
-              "Dieser Link ist aus Sicherheitsgründen nur für 1 Stunde gültig.\n\n"+mailSignature
+            // var emailContent = "Lieber Nutzer,\n\n"+
+            //   "wir haben Ihre Anfrage zur Erneuerung Ihres Passwortes erhalten. Falls Sie diese Anfrage nicht gesendet haben, ignorieren Sie bitte diese E-Mail.\n\n"+
+            //   "Sie können Ihr Passwort mit dem Klick auf diesen Link ändern: http://m4lab.hft-stuttgart.de/account/reset/" + token + "\n" + // test server
+            //   //"Sie können Ihr Passwort mit dem Klick auf diesen Link ändern: http://localhost:9989/reset/" + token + "\n" + // localhost
+            //   "Dieser Link ist aus Sicherheitsgründen nur für 1 Stunde gültig.\n\n"+mailSignature
+
+            var emailContent = '<div>Lieber Nutzer, Varun<br/><br/>' +
+              '<p>wir haben Ihre Anfrage zur Erneuerung Ihres Passwortes erhalten. Falls Sie diese Anfrage nicht gesendet haben, ignorieren Sie bitte diese E-Mail.<br/><br/>' +
+              'Sie können Ihr Passwort mit dem Klick auf diesen Link ändern: http://m4lab.hft-stuttgart.de/account/reset/' + token + '<br/>' + // test server
+              'Dieser Link ist aus Sicherheitsgründen nur für 1 Stunde gültig.<br/></p>' + mailSignature + '</div>';
            
            var credentialData = {
              user_id: user.id,
@@ -390,7 +444,7 @@ module.exports = function (app, config, passport, i18n) {
            // send email
            mailer.options.to = emailAddress;
            mailer.options.subject = emailSubject;
-            mailer.options.text = emailContent;
+            mailer.options.html = emailContent;
            mailer.transport.sendMail(mailer.options, function(err) {
              done(err, 'done');
            });
@@ -453,7 +507,7 @@ module.exports = function (app, config, passport, i18n) {
                // send notifiaction email
                mailer.options.to = user.email
                mailer.options.subject = updatePasswordMailSubject
-                mailer.options.text = updatePasswordMailContent
+                mailer.options.html = updatePasswordMailContent
                mailer.transport.sendMail(mailer.options, function(err) {
                  if (err) {
                    console.log(err)
@@ -474,16 +528,11 @@ module.exports = function (app, config, passport, i18n) {

  });

-  // todo: user registration with captcha
+  // ============= NEW USERS REGISTRATION ===========================
  app.get('/registration', function(req, res) {
    res.render(lang+'/account/registration')
  })
-
  app.post('/registration', function(req, res) {
-    // TODO:
-    // create gitlab account?
-    // send email to activate profile?
-
    // user data
    var curDate = new Date()
    var userData = {
@@ -497,27 +546,179 @@ module.exports = function (app, config, passport, i18n) {
      speciality: req.body.inputSpeciality,
      createdDate: curDate.toISOString().slice(0,10)
    }
+
+    var userEmail = userData.email
+    var pos = userEmail.indexOf('@')
+    var emailLength = userEmail.length
+    var emailDomain = userEmail.slice(pos, emailLength);
+
+    if ( emailDomain.toLowerCase() == "@hft-stuttgart.de") {
+        req.flash('error', "Fehlgeschlagen: HFT-Account")
+        res.redirect('/account/registration');
+    }
+    else {
+      let token
+      async.waterfall([
+        function(done) {
+          crypto.randomBytes(20, function(err, buf) {
+            token = buf.toString('hex');
+            done(err, token);
+          });
+        },
        // encrypt password
+        function(token, done) {
          bcrypt.genSalt(saltRounds, function(err, salt) {
            bcrypt.hash(req.body.inputPassword, salt, function(err, hash) {
-        // create account
              var newAccount = {
                profile: userData,
-          password: hash
+                password: hash,
+                verificationToken: token
              }
+              done(err, newAccount)
+            });
+          });
+        },
+        // save data
+        function(newAccount, err) {
          methods.registerNewUser(newAccount, function(err){
            if (err) {
-            //req.flash('error', "Failed")
              req.flash('error', "Fehlgeschlagen")
            }
            else {
-            //req.flash('success', 'Your account has been created. Please log in.')
-            req.flash('success', 'Ihr Benutzerkonto wurde angelegt. Bitte melden Sie sich an.')
+              // send email
+              var emailSubject = "Bitte bestätigen Sie Ihr M4_LAB Benutzerkonto"
+              // var emailContent = "Lieber Nutzer,\n\n"+
+              //     "vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart.\n"+
+              //     "Um Ihre Anmeldung zu bestätigen, klicken Sie bitte diesen Link: "+config.app.host+"/verifyAccount?token="+token+"\n"+
+              //     "Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.\n\n"+
+              //     "Sollten Sie sich selbst nicht mit Ihren Daten am Transferportal registriert haben, ignorieren Sie diese E-Mail bitte.\n\n"+mailSignature
+              var emailContent = '<div>Lieber Nutzer,<br/><br/>' +
+                '<p>vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart. <br/>' +
+                'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte diesen Link: ' + config.app.host + '/verifyAccount?token=' + token +
+                '<br/><br/>' +
+                'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.</p><br/>' + mailSignature +
+                '</div>';
+              mailer.options.to = req.body.inputEmail;
+              mailer.options.subject = emailSubject;
+              mailer.options.html = emailContent;
+              mailer.transport.sendMail(mailer.options, function(err) {
+                if (err) {
+                  console.log('cannot send email')
+                  throw err
                }
-          res.redirect('/account/registration');
              })
+              // user feedback
+              req.flash('success', 'Vielen Dank für Ihre Registrierung!'+'\r\n\r\n'+
+                'Wir haben Ihnen eine E-Mail an Ihre verwendete Adresse gesendet. Diese enthält einen Link zur Bestätigung Ihres Accounts.'+'\r\n'+
+                'Wenn Sie die Mail nicht in ihrem Postfach vorfinden, prüfen Sie bitte auch Ihren Spam-Ordner.')
+            }
+            res.redirect('/account/registration')
+          })
+        }
+      ])
+    }
+  })
+
+  // ============= USER VERIFICATION ================================
+  app.get("/verifyAccount", function(req, res){
+    console.log(req.query)
+    methods.getUserIdByVerificationToken(req.query.token, function(userId, err){
+      if (userId) {
+        let userData = {
+          id: userId,
+          verificationStatus: 1
+        }
+        methods.verifyUserAccount(userData, function(err){
+          if (err) {
+            console.log("Error: "+err)
+            res.render(lang+'/account/verification', {
+              status: false
            });
+          }
+          else {
+            // send welcome email after successful account verification
+            methods.getUserById(userId, function(data, err){
+              if (err) {
+                console.log("Error: "+err)
+              }
+              else {
+                // send email
+                var emailSubject = "Herzlich willkommen"
+                // var emailContent = "Lieber Nutzer,\n\n"+
+                //     "herzlich willkommen beim Transferportal der HFT Stuttgart!\n"+ 
+                //     "Sie können nun alle Dienste des Portals nutzen.\n\n"+mailSignature
+                var emailContent = '<div>Lieber Nutzer,<br/><br/>' +
+                  '<p>herzlich willkommen beim Transferportal der HFT Stuttgart!<br/>' +
+                  'Sie können nun alle Dienste des Portals nutzen.<p/><br/>' + mailSignature;
+                mailer.options.to = data.email;
+                mailer.options.subject = emailSubject;
+                mailer.options.html = emailContent;
+                mailer.transport.sendMail(mailer.options, function(err) {
+                  if (err) {
+                    console.log('cannot send email')
+                    throw err
+                  }
+                })
+              }
+            })
+
+            res.render(lang+'/account/verification', {
+              status: true
+            });
+          }
+        })
+      }
+      else {
+        res.render(lang+'/account/verification', {
+          status: null
        });
+      }
+    })
+  })
+  app.get("/resendVerificationEmail", function(req, res){
+    if (req.isAuthenticated()) {
+      var emailAddress = req.user.email
+      
+      methods.getUserIdByEmail(req.user.email, function(userId, err) {
+        if (!err) {
+          // get token
+          methods.getVerificationTokenByUserId(userId, function(token, err){
+            if (!err) {
+              if (token) {
+                // send email
+                var emailSubject = "Bitte bestätigen Sie Ihr M4_LAB Benutzerkonto"
+                // var emailContent = "Lieber Nutzer,\n\n"+
+                //     "vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart. "+ 
+                //     "\nUm Ihre Anmeldung zu bestätigen, klicken Sie bitte diesen Link: "+config.app.host+"/verifyAccount?token="+token+
+                //     "\n\nOhne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.\n\n"+mailSignature
+                var emailContent = '<div>Lieber Nutzer,<br/><br/>' +
+                  '<p>vielen Dank für Ihre Anmeldung am Transferportal der HFT Stuttgart. <br/>' +
+                  'Um Ihre Anmeldung zu bestätigen, klicken Sie bitte diesen Link: ' + config.app.host + '/verifyAccount?token=' + token +
+                  '<br/><br/>' +
+                  'Ohne Bestätigung Ihres Kontos müssen wir Ihr Konto leider nach 7 Tagen löschen.</p><br/>' + mailSignature +
+                  '</div>';
+                mailer.options.to = emailAddress;
+                mailer.options.subject = emailSubject;
+                mailer.options.html = emailContent;
+                mailer.transport.sendMail(mailer.options, function(err) {
+                  if (err) {
+                    console.log('cannot send email')
+                    throw err
+                  }
+                })
+                res.send(true)
+              }
+              else {
+                res.send(false)
+              }
+            }
+            else {
+              console.log(err)
+            }
+          })
+        }
+      })
+    }
  })

  app.get('/email/:email', function(req, res) {

--- a/routes/routes-project.js
+++ b/routes/routes-project.js
-const methods = require('./methods')
-const async = require('async')
-const helpers = require('./helpers')
-
-const pictSizeLimit = 1000000 // 1 MB
-
-module.exports = function (app) {
- 
-  // ======== APP ROUTES - PROJECT ====================
-  var lang = 'DE'
-
-  app.get('/mailinglists', function (req, res) {
-    async.waterfall([
-        function(done) {
-            methods.getAllMailinglists(function(mailinglistOverview, err) {
-                if (!err) {
-                    done(err, mailinglistOverview)
-                }
-            })
-        },
-        // create JSON object of mailinglists for front-end
-        function(mailinglistOverview, done) {
-            var allMailingLists = []  // JSON object
-            for (let i = 0; i < mailinglistOverview.length; i++) {
-                // add data to JSON object
-                allMailingLists.push({
-                    id: mailinglistOverview[i].id,
-                    name: mailinglistOverview[i].name,
-                    src: mailinglistOverview[i].src,
-                    projectstatus: mailinglistOverview[i].projectstatus,
-                    project_title: mailinglistOverview[i].project_title,
-                    keywords: mailinglistOverview[i].keywords
-                });
-            }
-
-            res.render(lang+'/project/mailinglists', {
-                isUserAuthenticated: req.isAuthenticated(),
-                user: req.user,
-                mailinglists: allMailingLists
-            });
-        }
-    ])
-  });
-
-  app.get('/project_', function (req, res) {
-    async.waterfall([
-      // get all projects from projectdb
-      function(done) {
-        methods.getAllProjects(function(projectsOverview, err) {
-          if (!err) {
-            done(err, projectsOverview)
-          }
-        })
-      },
-      // create JSON object for front-end
-      function(projectsOverview, done) {
-        var activeProjects = []
-        var nonActiveProjects = []
-
-        for (var i = 0; i < projectsOverview.length; i++) {
-          var project = {
-            id: projectsOverview[i].id,
-            logo: projectsOverview[i].logo,
-            akronym: projectsOverview[i].pname,
-            title: projectsOverview[i].title,
-            summary: projectsOverview[i].onelinesummary,
-            category: projectsOverview[i].category,
-            cp: projectsOverview[i].contact_email,
-            gitlab: projectsOverview[i].gitlab
-          }
-          if (projectsOverview[i].projectstatus == 0) {
-            nonActiveProjects.push(project)
-          }
-          else if (projectsOverview[i].projectstatus == 1) {
-            activeProjects.push(project)
-          }
-        }
-
-        // render the page
-        if (req.isAuthenticated()) {
-          res.render(lang+'/project/projects', {
-            isUserAuthenticated: true,
-            nonActive: nonActiveProjects,
-            active: activeProjects
-          });
-        }
-        else {
-          res.render(lang+'/project/projects', {
-            isUserAuthenticated: false,
-            nonActive: nonActiveProjects,
-            active: activeProjects
-          });
-        }
-      }
-    ])
-  })
-
-  app.get('/project', function (req, res) {
-    res.render(lang+'/project/project-simplified', {
-       isUserAuthenticated: req.isAuthenticated(),
-       user: req.user
-    });
-  })
-
-  app.get('/addprojectoverview', function (req, res) {
-    if (req.isAuthenticated()) {
-      res.render(lang+'/project/addProjectOverview')
-    }
-    else {
-      res.redirect('/login')
-    }
-  })
-  
-  app.post('/addprojectoverview__', function (req, res) {
-    if (req.isAuthenticated()) {
-      var wiki = 0
-      if (req.body.wiki)
-        wiki = 1
-
-      var projectTerm = req.body.termForm + " - " + req.body.termTo
-      var projectOverviewData = {
-        pname: req.body.pname,
-        title: req.body.title,
-        onelinesummary: req.body.summary,
-        category: req.body.category,
-        logo: req.body.logo,
-        gitlab: req.body.gitlabURL,
-        wiki: wiki,
-        overview: req.body.overview,
-        question: req.body.question,
-        approach: req.body.approach,
-        result: req.body.result,
-        keywords: req.body.keywords,
-        announcement: req.body.announcement,
-        term: projectTerm,
-        further_details: req.body.furtherDetails,
-        website: req.body.website,
-        src: req.body.src,
-        caption: req.body.caption,
-        contact_lastname: req.body.contactName,
-        contact_email: req.body.contactEmail,
-        leader_lastname: req.body.leaderName,
-        leader_email: req.body.leaderEmail
-      }
-      
-      methods.addProjectOverview(projectOverviewData, function(err){
-        if (err) {
-          //req.flash('error', "Failed")
-          req.flash('error', "Fehlgeschlagen")
-          res.redirect('/addProjectOverview');
-        }
-        else {
-          req.flash('success', 'Your project has been created.')
-          res.redirect('/project');
-        }
-      })
-    }
-  })
-
-  app.post('/addprojectoverview', function (req, res) {
-    if (req.isAuthenticated()) {
-      var wiki = 0
-      if (req.body.wiki)
-        wiki = 1
-
-      var projectLogo = req.files.logo
-      var projectPicture = req.files.src
-      var projectLogoPath, projectPicturePath
-      
-      if (projectLogo) {
-        // raise error if size limit is exceeded
-        if (projectLogo.size === pictSizeLimit) {
-          req.flash('error', 'Projektlogo exceeds 1 MB');
-          res.redirect('/addprojectoverview');
-        }
-        else {
-          // TEST PATH FOR DEVELOPMENT (LOCALHOST)
-          projectLogoPath = './folder-in-server-to-save-projektlogo/'+req.body.pname+'/'+projectLogo.name
-          // PATH FOR TEST/LIVE SERVER
-          // var projectLogoPath = to-be-defined
-        }
-      }
-      if (projectPicture) {
-        // raise error if size limit is exceeded
-        if (projectPicture.size === pictSizeLimit) {
-          req.flash('error', 'Projektbild exceeds 1 MB');
-          res.redirect('/addprojectoverview');
-        }
-        else {
-          // TEST PATH FOR DEVELOPMENT (LOCALHOST)
-          projectPicturePath = './folder-in-server-to-save-projektbild/'+req.body.pname+'/'+projectPicture.name
-          // PATH FOR TEST/LIVE SERVER
-          // var projectPicturePath = to-be-defined
-        }
-        
-      }
-      
-      var projectTerm = req.body.termForm + " - " + req.body.termTo
-      var projectOverviewData = {
-        pname: req.body.pname,
-        title: req.body.title,
-        onelinesummary: req.body.summary,
-        category: req.body.category,
-        logo: projectLogoPath,
-        gitlab: req.body.gitlabURL,
-        wiki: wiki,
-        overview: req.body.overview,
-        question: req.body.question,
-        approach: req.body.approach,
-        result: req.body.result,
-        keywords: req.body.keywords,
-        announcement: req.body.announcement,
-        term: projectTerm,
-        further_details: req.body.furtherDetails,
-        website: req.body.website,
-        src: projectPicturePath,
-        caption: req.body.caption,
-        contact_lastname: req.body.contactName,
-        contact_email: req.body.contactEmail,
-        leader_lastname: req.body.leaderName,
-        leader_email: req.body.leaderEmail
-      }
-      
-      // save pictures
-      if (projectLogo) {
-        projectLogo.mv(projectLogoPath, function(err) {
-          if (err) {
-            console.error(err)
-            res.status(500).render(lang+'/500', {
-              error: err
-            })
-          }
-        });
-      }
-      if (projectPicture) {
-        projectPicture.mv(projectPicturePath, function(err) {
-          if (err) {
-            console.error(err)
-            res.status(500).render(lang+'/500', {
-              error: err
-            })
-          }
-        });
-      }
-
-      /* RS: Temporary solution while Project DB is still in early phase.
-              When User DB and Project DB are integrated and quite stabil, this operation should be done in 1 transaction.
-      */
-      var userId // todo: make this global variable?
-      async.waterfall([
-        // get userId by email from userdb
-        function(done) {
-          methods.getUserIdByEmail(req.user.email, function(id, err) {
-            if (!err) {
-              userId = id
-              done(err)
-            }
-          })
-        },
-        // add project overview
-        function(done) {
-          methods.addProjectOverview(projectOverviewData, function(data, err){
-            if (err) {
-              res.status(500).render(lang+'/500', {
-                error: err
-              })
-            }
-            else {
-              done(err, data.insertId)
-            }
-          })
-        },
-        // assign the created overview to logged-in user
-        function(projectOverviewId, done) {
-          var userProjectRoleData = {
-            project_id: projectOverviewId,
-            user_id: userId,
-            role_id: 3 // OVERVIEW_CREATOR
-          }
-          methods.addUserProjectRole(userProjectRoleData, function(userProjects, err) {
-            if (err) {
-              //req.flash('error', "Failed")
-              req.flash('error', "Fehlgeschlagen")
-              res.redirect('/addProjectOverview');
-            }
-            else {
-              req.flash('success', 'Your project has been created.')
-              res.redirect('/project');
-            }
-          })
-        }
-      ])
-    }
-  })
-
-  app.get('/updateprojectoverview', function (req, res) {
-    // only their own project
-  })
-
-  app.post('/updateprojectoverview', function (req, res) {
-    // only their own project
-  })
-
-  app.get('/projectoverview', function(req, res){
-    async.waterfall([
-            function(done) {
-                methods.getProjectOverviewById(req.query.projectID, function(projectOverview, err) {
-                    if (!err) {
-                        done(err, projectOverview)
-                    }
-                })
-            },
-            function(projectOverview,done){
-                methods.getProjectImagesById(req.query.projectID, function(projectImages, err) {
-                    if (!err) {
-                        done(err, projectImages, projectOverview)
-                    }
-                })
-            },
-            // render projectOverview page
-            function(projectImages, projectOverview, done) {
-
-                console.log(projectImages);
-                partnerWebsites = helpers.stringToArray(projectOverview[0].partner_website);
-                partnerNames = helpers.stringToArray(projectOverview[0].partner_name);
-                awardSites = helpers.stringToArray(projectOverview[0].award_website);
-                awardNames = helpers.stringToArray(projectOverview[0].award_name);
-                sponsorWebsites = helpers.stringToArray(projectOverview[0].sponsor_website);
-                sponsorImgs = helpers.stringToArray(projectOverview[0].sponsor_img);
-                sponsorNames = helpers.stringToArray(projectOverview[0].sponsor_name);
-
-                res.render(lang+'/project/projectOverview', {
-                    isUserAuthenticated: req.isAuthenticated(),
-                    user: req.user,
-                    projectOV: projectOverview,
-                    projectImgs: projectImages,
-                    partnerWS: partnerWebsites,
-                    partnerN: partnerNames,
-                    awardWS: awardSites,
-                    awardN: awardNames,
-                    sponsorWS: sponsorWebsites,
-                    sponsorIMG: sponsorImgs,
-                    sponsorN: sponsorNames
-                });
-            }
-        ])
-  })
-
-  app.get('/videoconferences', function(req, res){
-      res.render(lang+'/project/videoconferences', {
-              isUserAuthenticated: req.isAuthenticated(),
-              user: req.user,
-      });
-  })
-
-  app.get('/landingpage', function(req, res){
-        res.render(lang+'/project/landingpage', {
-                isUserAuthenticated: req.isAuthenticated(),
-                user: req.user,
-        });
-    })
-};
\ No newline at end of file
--- a/views/DE/404.pug
+++ b/views/DE/404.pug
@@ -4,7 +4,7 @@ html(lang="de")
    title= "404 - Page not found"
    meta(charset="UTF-8")
    meta(name="viewport", content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no")
-    link(rel="stylesheet", type="text/css", href="https://transfer.hft-stuttgart.de/css/bootstrap/bootstrap.css")
+    link(rel="stylesheet", type="text/css", href="/css/bootstrap.min.css")
    style.
      .container { 
        height: 400px;

--- a/views/DE/500.pug
+++ b/views/DE/500.pug
@@ -4,7 +4,7 @@ html(lang="de")
    title= "500 - Internal Server Error"
    meta(charset="UTF-8")
    meta(name="viewport", content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no")
-    link(rel="stylesheet", type="text/css", href="https://transfer.hft-stuttgart.de/css/bootstrap/bootstrap.css")
+    link(rel="stylesheet", type="text/css", href="/css/bootstrap.min.css")
    style.
      .container { 
        height: 400px;

--- a/views/DE/account/contact.pug
+++ b/views/DE/account/contact.pug
@@ -4,34 +4,13 @@ html(lang="de")
    title= "Kontakt"
    meta(charset="UTF-8")
    meta(name="viewport", content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no")
-    link(rel="stylesheet", type="text/css", href="https://transfer.hft-stuttgart.de/css/bootstrap/bootstrap.css")
    link(rel="stylesheet", type="text/css", href="/css/bootstrap.min.css")
+    link(rel="stylesheet", type="text/css", href="/css/m4lab.css")
    link(rel="stylesheet", type="text/css", href="/fonts/ionicons.min.css")
    link(rel="stylesheet", type="text/css", href="/css/Contact-Form-Clean.css")
    link(rel="stylesheet", type="text/css", href="/css/Testimonials.css")
-    link(rel="stylesheet", type="text/css", href="https://transfer.hft-stuttgart.de/css/custom/login.css")
+    link(rel="stylesheet", type="text/css", href="/css/custom/login.css")
    link(rel="stylesheet", href="https://use.fontawesome.com/releases/v5.8.2/css/all.css", integrity="sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay", crossorigin="anonymous")
-    style.
-        .collapse {
-            display: none;
-        }
-        .collapse.in {
-            display: block;
-        }
-        .collapsing {
-            position: relative;
-            height: 0;
-            overflow: hidden;
-            -webkit-transition-timing-function: ease;
-            -o-transition-timing-function: ease;
-            transition-timing-function: ease;
-            -webkit-transition-duration: .35s;
-            -o-transition-duration: .35s;
-            transition-duration: .35s;
-            -webkit-transition-property: height,visibility;
-            -o-transition-property: height,visibility;
-            transition-property: height,visibility;
-        }
  body
    div(class="container")
        div(class="row")

--- a/views/DE/account/forgotPwd.pug
+++ b/views/DE/account/forgotPwd.pug
@@ -4,30 +4,10 @@ html(lang="de")
    title= "Forgot Password"
    meta(charset="UTF-8")
    meta(name="viewport", content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no")
-    link(rel="stylesheet", type="text/css", href="https://transfer.hft-stuttgart.de/css/bootstrap/bootstrap.css")
-    link(rel="stylesheet", type="text/css", href="https://transfer.hft-stuttgart.de/css/custom/login.css")
+    link(rel="stylesheet", type="text/css", href="/css/bootstrap.min.css")
+    link(rel="stylesheet", type="text/css", href="/css/m4lab.css")
+    link(rel="stylesheet", type="text/css", href="/css/custom/login.css")
    link(rel="stylesheet", href="https://use.fontawesome.com/releases/v5.8.2/css/all.css", integrity="sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay", crossorigin="anonymous")
-    style.
-        .collapse {
-            display: none;
-        }
-        .collapse.in {
-            display: block;
-        }
-        .collapsing {
-            position: relative;
-            height: 0;
-            overflow: hidden;
-            -webkit-transition-timing-function: ease;
-            -o-transition-timing-function: ease;
-            transition-timing-function: ease;
-            -webkit-transition-duration: .35s;
-            -o-transition-duration: .35s;
-            transition-duration: .35s;
-            -webkit-transition-property: height,visibility;
-            -o-transition-property: height,visibility;
-            transition-property: height,visibility;
-        }
  body
    div(class="container-fluid")
        div(class="row")

--- a/views/DE/account/home.pug
+++ b/views/DE/account/home.pug
@@ -4,12 +4,22 @@ html(lang="de")
    title= "User Account"
    meta(charset="UTF-8")
    meta(name="viewport", content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no")
-    link(rel="stylesheet", type="text/css", href="https://transfer.hft-stuttgart.de/css/bootstrap/bootstrap.css")
+    link(rel="stylesheet", type="text/css", href="/css/bootstrap.min.css")
+    link(rel="stylesheet", type="text/css", href="/css/m4lab.css")
    link(rel="stylesheet", href="https://use.fontawesome.com/releases/v5.8.2/css/all.css", integrity="sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay", crossorigin="anonymous")
  body
-    div(class="container-fluid")
+    div(class="container")
+        if user.verificationStatus == 0
+            div.alert.alert-warning.alert-dismissible
+                | Willkommen im Benutzerkonto-Bereich des HFT Transferportals
+                | <br/><br/>
+                | Wir haben Ihnen eine E-Mail an Ihre verwendete Adresse gesendet. Diese enthält einen Link zur Bestätigung Ihres Accounts.
+                | Wenn Sie die Mail nicht in ihrem Postfach vorfinden, prüfen Sie bitte auch Ihren Spam-Ordner.
+                | <br >Falls Sie keine E-Mail von uns erhalten haben, können Sie <a href="javascript:void(0);" onclick="verify();">diese hier</a> erneut anfordern.
+                div(class="spinner-border text-secondary", role="status", style="display: none")
+        else
            div(class="row min-vh-100 flex-column flex-md-row")
-            aside(class="col-12 col-md-2 p-0 flex-shrink-1")
+                aside(class="col-12 col-md-3 p-0 flex-shrink-1")
                    nav(class="navbar navbar-expand flex-md-column flex-row align-items-start py-2")
                        div(class="collapse navbar-collapse")
                            ul(class="flex-md-column flex-row navbar-nav w-100 justify-content-between")
@@ -20,6 +30,7 @@ html(lang="de")
                                    a(class="nav-link pl-0" href="/account/profile")
                                        i(class="fa fa-user fa-fw")
                                        span(class="d-none d-md-inline") Benutzerprofil
+                                if user.m4lab_idp == 1
                                    li(class="nav-item")
                                        a(class="nav-link pl-0" href="/account/security")
                                            i(class="fa fa-lock fa-fw")
@@ -29,7 +40,7 @@ html(lang="de")
                                        i(class="fa fa-tasks fa-fw")
                                        span(class="d-none d-md-inline") Projekte und Dienste
                                li(class="nav-item")
-                                a(class="nav-link pl-0" href="/logout")
+                                    a(class="nav-link pl-0" href="/logout" style="color:red;")
                                        i(class="fa fa-sign-out-alt fa-fw")
                                        span(class="d-none d-md-inline") Logout
                main(class="col bg-faded py-3 flex-grow-1")
@@ -43,4 +54,25 @@ html(lang="de")
    // Bootstrap
    script(src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous")
    // M4_LAB
-    script(src="/js/headfoot.js")
\ No newline at end of file
+    script(src="https://m4lab.hft-stuttgart.de/js/headfoot.js")
+    script.
+        // call verifyAccount
+        function verify() {
+            $(".spinner-border").show()
+            $.get( "/resendVerificationEmail", function( data ) {
+                console.log(data)
+                if (data) {
+                    alert( "Email sent!" )
+                }
+                else {
+                    alert("Please contact support-transfer@hft-stuttgart.de to verify your account.")
+                }
+            })
+            .fail(function() {
+                alert( "Something went wrong. Please try again." ) // todo: to DE
+            })
+            .always(function() {
+                $(".spinner-border").hide()
+            })
+            
+        }
\ No newline at end of file
--- a/views/DE/account/profile.pug
+++ b/views/DE/account/profile.pug
@@ -4,22 +4,24 @@ html(lang="de")
    title= "User Profile"
    meta(charset="UTF-8")
    meta(name="viewport", content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no")
-    link(rel="stylesheet", type="text/css", href="https://transfer.hft-stuttgart.de/css/bootstrap/bootstrap.css")
+    link(rel="stylesheet", type="text/css", href="/css/bootstrap.min.css")
+    link(rel="stylesheet", type="text/css", href="/css/m4lab.css")
    link(rel="stylesheet", href="https://use.fontawesome.com/releases/v5.8.2/css/all.css", integrity="sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay", crossorigin="anonymous")
  body
-    div(class="container-fluid")
+    div(class="container")
        div(class="row min-vh-100 flex-column flex-md-row")
-            aside(class="col-12 col-md-2 p-0 flex-shrink-1")
+            aside(class="col-12 col-md-3 p-0 flex-shrink-1")
                nav(class="navbar navbar-expand flex-md-column flex-row align-items-start py-2")
                    div(class="collapse navbar-collapse")
                        ul(class="flex-md-column flex-row navbar-nav w-100 justify-content-between")
                            li(class="nav-item")
-                                a(class="nav-link pl-0 text-nowrap" href="#")
+                                a(class="nav-link pl-0 text-nowrap" href="/account/")
                                    span(class="font-weight-bold" style="color:black;") #{user.firstname} #{user.lastname}
                            li(class="nav-item")
                                a(class="nav-link pl-0" href="/account/profile")
                                    i(class="fa fa-user fa-fw" style="color:black;")
                                    span(class="d-none d-md-inline" style="color:black;") Benutzerprofil
+                            if user.m4lab_idp == 1
                                li(class="nav-item")
                                    a(class="nav-link pl-0" href="/account/security")
                                        i(class="fa fa-lock fa-fw")
@@ -29,7 +31,7 @@ html(lang="de")
                                    i(class="fa fa-tasks fa-fw")
                                    span(class="d-none d-md-inline") Projekte und Dienste
                            li(class="nav-item")
-                                a(class="nav-link pl-0" href="/logout")
+                                a(class="nav-link pl-0" href="/logout" style="color:red;")
                                    i(class="fa fa-sign-out-alt fa-fw")
                                    span(class="d-none d-md-inline") Logout
            main(class="col bg-faded py-3 flex-grow-1")
@@ -45,7 +47,7 @@ html(lang="de")
                    div(class="form-row")
                        div(class='form-group col-md-2')
                            label(for="title") Anrede
-                            select#inputSalutation(name="inputSalutation", class="form-control", , value=user.salutation)
+                            select#inputSalutation(name="inputSalutation", class="form-control", value=user.salutation)
                                option(value="") - Anrede -
                                option(value="Herr") Herr
                                option(value="Frau") Frau
@@ -99,4 +101,4 @@ html(lang="de")
    // Bootstrap
    script(src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous")
    // M4_LAB
-    script(src="/js/headfoot.js")
\ No newline at end of file
+    script(src="https://m4lab.hft-stuttgart.de/js/headfoot.js")
\ No newline at end of file
--- a/views/DE/account/registration.pug
+++ b/views/DE/account/registration.pug
@@ -4,29 +4,10 @@ html(lang="de")
    title= "Create New Account"
    meta(charset="UTF-8")
    meta(name="viewport", content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no")
-    link(rel="stylesheet", type="text/css", href="https://transfer.hft-stuttgart.de/css/bootstrap/bootstrap.css")
+    link(rel="stylesheet", type="text/css", href="/css/bootstrap.min.css")
+    link(rel="stylesheet", type="text/css", href="/css/m4lab.css")
    link(rel="stylesheet", href="https://use.fontawesome.com/releases/v5.8.2/css/all.css", integrity="sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay", crossorigin="anonymous")
    style.
-        .collapse {
-            display: none;
-        }
-        .collapse.in {
-            display: block;
-        }
-        .collapsing {
-            position: relative;
-            height: 0;
-            overflow: hidden;
-            -webkit-transition-timing-function: ease;
-            -o-transition-timing-function: ease;
-            transition-timing-function: ease;
-            -webkit-transition-duration: .35s;
-            -o-transition-duration: .35s;
-            transition-duration: .35s;
-            -webkit-transition-property: height,visibility;
-            -o-transition-property: height,visibility;
-            transition-property: height,visibility;
-        }
        .warning {
            color: red;
            font-size: 11px;
@@ -34,9 +15,12 @@ html(lang="de")
  body
    div(class="container-fluid")
        div(class="row")
-            div(class="col-md-6 offset-md-2")
+            div(class="pt-4 pb-4 col-md-6 offset-md-2")
                h3(class="mb-3 font-weight-bold") Neues Benutzerkonto anlegen
            div(class="col-md-6 offset-md-3")
+                div(class="alert alert-info" role="alert")
+                    | Auf dieser Seite können sich Benutzer, die keinen Account an der HFT haben, registrieren.<br/>
+                    | Um sich mit ihrem HFT-Account anzumelden, klicken Sie <a class="font-weight-bold" href="https://transfer.hft-stuttgart.de/account/">hier</a>.
                if successes
                    for success in successes
                        div.alert.alert-success.alert-dismissible #{ success }
@@ -46,7 +30,7 @@ html(lang="de")
                        div.alert.alert-danger.alert-dismissible.fade.show #{ error }
                            a(class="close", href="#", data-dismiss="alert", aria-label="close") &times;
                form(method="POST")
-                    h5(class="mb-3 font-weight-bold") Anmeldedaten
+                    h5(class="pt-2 mb-3 font-weight-bold") Anmeldedaten
                    div(class='form-row')
                        div(class='form-group col-md-6')
                            input#inputEmail(name="inputEmail", type="email", class="form-control", placeholder="E-Mail-Adresse*", maxlength="45" required)
@@ -54,7 +38,7 @@ html(lang="de")
                        div(class="form-group col-md-6")
                            input#inputPassword(name="inputPassword", type="password", class="form-control", data-toggle="password", placeholder="Passwort*", maxlength="45" required)
                            span#passwordWarning(class='warning')
-                    h5(class="mb-3 font-weight-bold") Benutzerprofil
+                    h5(class="pt-2 mb-3 font-weight-bold") Benutzerprofil
                    div(class="form-row")
                        div(class='form-group col-md-2')
                            select#inputSalutation(name="inputSalutation", class="form-control")
@@ -94,4 +78,4 @@ html(lang="de")
    // M4_LAB
    script(src="/js/generalFunction.js")
    script(src="/js/registration.js")
-    script(src="/js/headfoot.js")
\ No newline at end of file
+    script(src="https://m4lab.hft-stuttgart.de/js/headfoot.js")
\ No newline at end of file
--- a/views/DE/account/reset.pug
+++ b/views/DE/account/reset.pug
@@ -4,30 +4,10 @@ html(lang="de")
    title= "Reset Password"
    meta(charset="UTF-8")
    meta(name="viewport", content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no")
-    link(rel="stylesheet", type="text/css", href="https://transfer.hft-stuttgart.de/css/bootstrap/bootstrap.css")
-    link(rel="stylesheet", type="text/css", href="https://transfer.hft-stuttgart.de/css/custom/login.css")
+    link(rel="stylesheet", type="text/css", href="/css/bootstrap.min.css")
+    link(rel="stylesheet", type="text/css", href="/css/m4lab.css")
+    link(rel="stylesheet", type="text/css", href="/css/custom/login.css")
    link(rel="stylesheet", href="https://use.fontawesome.com/releases/v5.8.2/css/all.css", integrity="sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay", crossorigin="anonymous")
-    style.
-        .collapse {
-            display: none;
-        }
-        .collapse.in {
-            display: block;
-        }
-        .collapsing {
-            position: relative;
-            height: 0;
-            overflow: hidden;
-            -webkit-transition-timing-function: ease;
-            -o-transition-timing-function: ease;
-            transition-timing-function: ease;
-            -webkit-transition-duration: .35s;
-            -o-transition-duration: .35s;
-            transition-duration: .35s;
-            -webkit-transition-property: height,visibility;
-            -o-transition-property: height,visibility;
-            transition-property: height,visibility;
-        }
  body
    div(class="container-fluid")
        div(class="row")

--- a/views/DE/account/security.pug
+++ b/views/DE/account/security.pug
@@ -4,21 +4,22 @@ html(lang="de")
    title= "User Profile"
    meta(charset="UTF-8")
    meta(name="viewport", content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no")
-    link(rel="stylesheet", type="text/css", href="https://transfer.hft-stuttgart.de/css/bootstrap/bootstrap.css")
+    link(rel="stylesheet", type="text/css", href="/css/bootstrap.min.css")
+    link(rel="stylesheet", type="text/css", href="/css/m4lab.css")
    link(rel="stylesheet", href="https://use.fontawesome.com/releases/v5.8.2/css/all.css", integrity="sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay", crossorigin="anonymous")
    style.
        .warning {
            font-size: 11px;
        }
  body
-    div(class="container-fluid")
+    div(class="container")
        div(class="row min-vh-100 flex-column flex-md-row")
-            aside(class="col-12 col-md-2 p-0 flex-shrink-1")
+            aside(class="col-12 col-md-3 p-0 flex-shrink-1")
                nav(class="navbar navbar-expand flex-md-column flex-row align-items-start py-2")
                    div(class="collapse navbar-collapse")
                        ul(class="flex-md-column flex-row navbar-nav w-100 justify-content-between")
                            li(class="nav-item")
-                                a(class="nav-link pl-0 text-nowrap" href="#")
+                                a(class="nav-link pl-0 text-nowrap" href="/account/")
                                    span(class="font-weight-bold" style="color:black;") #{user.firstname} #{user.lastname}
                            li(class="nav-item")
                                a(class="nav-link pl-0" href="/account/profile")
@@ -33,7 +34,7 @@ html(lang="de")
                                    i(class="fa fa-tasks fa-fw")
                                    span(class="d-none d-md-inline") Projekte und Dienste
                            li(class="nav-item")
-                                a(class="nav-link pl-0" href="/logout")
+                                a(class="nav-link pl-0" href="/logout" style="color:red;")
                                    i(class="fa fa-sign-out-alt fa-fw")
                                    span(class="d-none d-md-inline") Logout
            main(class="col bg-faded py-3 flex-grow-1")
@@ -73,7 +74,7 @@ html(lang="de")
    // M4_LAB
    script(src="/js/security.js")
    script(src="/js/generalFunction.js")
-    script(src="/js/headfoot.js")
+    script(src="https://m4lab.hft-stuttgart.de/js/headfoot.js")
    script.
        // check input fields
        'use strict';

--- a/views/DE/account/services.pug
+++ b/views/DE/account/services.pug
@@ -4,22 +4,24 @@ html(lang="de")
    title= "User Profile"
    meta(charset="UTF-8")
    meta(name="viewport", content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no")
-    link(rel="stylesheet", type="text/css", href="https://transfer.hft-stuttgart.de/css/bootstrap/bootstrap.css")
+    link(rel="stylesheet", type="text/css", href="/css/bootstrap.min.css")
+    link(rel="stylesheet", type="text/css", href="/css/m4lab.css")
    link(rel="stylesheet", href="https://use.fontawesome.com/releases/v5.8.2/css/all.css", integrity="sha384-oS3vJWv+0UjzBfQzYUhtDYW+Pj2yciDJxpsK1OYPAYjqT085Qq/1cq5FLXAZQ7Ay", crossorigin="anonymous")
  body
-    div(class="container-fluid")
+    div(class="container")
        div(class="row min-vh-100 flex-column flex-md-row")
-            aside(class="col-12 col-md-2 p-0 flex-shrink-1")
+            aside(class="col-12 col-md-3 p-0 flex-shrink-1")
                nav(class="navbar navbar-expand flex-md-column flex-row align-items-start py-2")
                    div(class="collapse navbar-collapse")
                        ul(class="flex-md-column flex-row navbar-nav w-100 justify-content-between")
                            li(class="nav-item")
-                                a(class="nav-link pl-0 text-nowrap" href="#")
+                                a(class="nav-link pl-0 text-nowrap" href="/")
                                    span(class="font-weight-bold" style="color:black;") #{user.firstname} #{user.lastname}
                            li(class="nav-item")
                                a(class="nav-link pl-0" href="/account/profile")
                                    i(class="fa fa-user fa-fw")
                                    span(class="d-none d-md-inline") Benutzerprofil
+                            if user.m4lab_idp == 1
                                li(class="nav-item")
                                    a(class="nav-link pl-0" href="/account/security")
                                        i(class="fa fa-lock fa-fw")
@@ -29,7 +31,7 @@ html(lang="de")
                                    i(class="fa fa-tasks fa-fw" style="color:black;")
                                    span(class="d-none d-md-inline" style="color:black;") Projekte und Dienste
                            li(class="nav-item")
-                                a(class="nav-link pl-0" href="/logout")
+                                a(class="nav-link pl-0" href="/logout" style="color:red;")
                                    i(class="fa fa-sign-out-alt fa-fw")
                                    span(class="d-none d-md-inline") Logout
            main(class="col bg-faded py-3 flex-grow-1")
@@ -41,4 +43,4 @@ html(lang="de")
    // Bootstrap
    script(src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous")
    // M4_LAB
-    script(src="/js/headfoot.js")
\ No newline at end of file
+    script(src="https://m4lab.hft-stuttgart.de/js/headfoot.js")
\ No newline at end of file