Sign in details in email

[astyled]

We're sending email notifications about sign ins. However, they only provide a very few details: username and time of email.
With sign ins taking just a few seconds thanks to password managers, it is easy to quickly forget about the sign in, making checking of mailbox scary.

Some info we may want to add to these notifications:

• OS (name, version);
• Browser (name, version);
• IP address;
• Possible geographical location of IP address.

Some things we need to think of and keep in mind if implementing:

• this needs to be included in Privacy Policy;

• resolution of geolocation should happen locally (offline) on the server using some offline database like db-ip.com:

  The free IP to Country Lite database by DB-IP is licensed under a Creative Commons Attribution 4.0 International License.

  • need to choose which DB we're going to use: IP to Country or IP to City;
  • need to choose source:
    • official:
      • country: https://download.db-ip.com/free/dbip-country-lite-<year>-<month>.mmdb.gz;
      • city: https://download.db-ip.com/free/dbip-city-lite-<year>-<month>.mmdb.gz.
    • framasoft. (both country and city available as <year>-<month> or latest, both regular and .gz)
  • need to find a go package to work with mmdb, or use csv. (they seem to take the same space gzipped)

• maybe make this opt-out;

• I guess the email server currently stores all notifications sent. It will be better for privacy not to store these notifications after this is implemented.