From 18a711ef7d2c4557e87bbce14a333537708afff8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=89loi=20Rivard?= <eloi@yaal.coop>
Date: Mon, 13 May 2024 16:44:02 +0200
Subject: [PATCH] doc: features and use cases documentation

---
 CONTRIBUTING.rst                             |   4 +-
 TODO.md                                      |   5 +
 canaille/app/configuration.py                |  20 +-
 canaille/translations/README.rst             |   2 +-
 doc/_static/group-edition.webp               | Bin 0 -> 19192 bytes
 doc/_static/password-recovery.webp           | Bin 0 -> 8582 bytes
 doc/_static/user-invite.webp                 | Bin 0 -> 14574 bytes
 doc/changelog.rst                            |  54 ----
 doc/conf.py                                  |  50 ++-
 doc/contributing.rst                         |   1 -
 doc/development/changelog.rst                |   9 +
 doc/development/contributing.rst             |   1 +
 doc/development/index.rst                    |   8 +
 doc/{ => development}/specifications.rst     |   0
 doc/features.rst                             | 314 +++++++++++++++++++
 doc/index.rst                                |  94 +++---
 doc/{ => references}/commands.rst            |  16 +
 doc/{ => references}/configuration.rst       |  29 +-
 doc/references/index.rst                     |   8 +
 doc/{reference.rst => references/models.rst} |   4 +-
 doc/{ => tutorial}/databases.rst             |  21 +-
 doc/{ => tutorial}/deployment.rst            |  27 +-
 doc/tutorial/index.rst                       |  10 +
 doc/{ => tutorial}/install.rst               |   5 +-
 doc/{ => tutorial}/troubleshooting.rst       |   0
 poetry.lock                                  |  40 ++-
 pyproject.toml                               |   2 +
 27 files changed, 582 insertions(+), 142 deletions(-)
 create mode 100644 TODO.md
 create mode 100644 doc/_static/group-edition.webp
 create mode 100644 doc/_static/password-recovery.webp
 create mode 100644 doc/_static/user-invite.webp
 delete mode 100644 doc/changelog.rst
 delete mode 100644 doc/contributing.rst
 create mode 100644 doc/development/changelog.rst
 create mode 100644 doc/development/contributing.rst
 create mode 100644 doc/development/index.rst
 rename doc/{ => development}/specifications.rst (100%)
 create mode 100644 doc/features.rst
 rename doc/{ => references}/commands.rst (85%)
 rename doc/{ => references}/configuration.rst (60%)
 create mode 100644 doc/references/index.rst
 rename doc/{reference.rst => references/models.rst} (94%)
 rename doc/{ => tutorial}/databases.rst (90%)
 rename doc/{ => tutorial}/deployment.rst (90%)
 create mode 100644 doc/tutorial/index.rst
 rename doc/{ => tutorial}/install.rst (98%)
 rename doc/{ => tutorial}/troubleshooting.rst (100%)

diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst
index 6da50793..a53ce1c9 100644
--- a/CONTRIBUTING.rst
+++ b/CONTRIBUTING.rst
@@ -148,7 +148,7 @@ The dynamical parts of the interface use `htmx <https://htmx.org/>`_.
 Translations
 ------------
 
-.. include:: ../canaille/translations/README.rst
+.. include:: ../../canaille/translations/README.rst
 
 Documentation
 -------------
@@ -173,7 +173,7 @@ Publish a new release
 1. Check that dependencies are up to date with ``poetry show --outdated --with dev,doc,demo`` and update dependencies accordingly in separated commits.
 2. Check that tests are still green for every supported python version, and that coverage is still at 100%, by running ``tox``
 3. Check that the demo environments are still working
-4. Check that the :ref:`changelog:Release notes` section is correctly filled up
+4. Check that the :ref:`development/changelog:Release notes` section is correctly filled up
 5. Increase the version number in ``pyproject.toml``
 6. Commit with ``git commit``
 7. Publish with ``poetry publish --build``
diff --git a/TODO.md b/TODO.md
new file mode 100644
index 00000000..484f6ade
--- /dev/null
+++ b/TODO.md
@@ -0,0 +1,5 @@
+- screenshots partout
+- s'assurer qu'on reste pas trop techniques dans features.html
+- s'assurer que les concepts techniques pas mentionnés dans features.html sont bien mentionnés quelque part
+- écrire les usecases
+- s'assurer qu'il ne reste pas de TODO ou de TBD
diff --git a/canaille/app/configuration.py b/canaille/app/configuration.py
index bddee471..75e2dc4e 100644
--- a/canaille/app/configuration.py
+++ b/canaille/app/configuration.py
@@ -25,6 +25,18 @@ class RootSettings(BaseSettings):
     - :doc:`Flask-WTF <flask-wtf:config>`
     - :doc:`Flask-Babel <flask-babel:index>`
     - :doc:`Authlib <authlib:flask/2/authorization-server>`
+
+    .. code-block:: toml
+        :caption: config.toml
+
+        SECRET_KEY = "very-secret"
+        SERVER_NAME = "auth.mydomain.example"
+        PREFERRED_URL_SCHEME = false
+        DEBUG = false
+
+        [CANAILLE]
+        NAME = "My organization"
+        ...
     """
 
     model_config = SettingsConfigDict(
@@ -55,8 +67,12 @@ class RootSettings(BaseSettings):
     DEBUG: bool = False
     """The Flask :external:py:data:`DEBUG` configuration setting.
 
-    This enables debug options. This is useful for development but
-    should be absolutely avoided in production environments.
+    This enables debug options.
+
+    .. danger::
+
+        This is useful for development but should be absolutely
+        avoided in production environments.
     """
 
 
diff --git a/canaille/translations/README.rst b/canaille/translations/README.rst
index a158ef38..9c8101e7 100644
--- a/canaille/translations/README.rst
+++ b/canaille/translations/README.rst
@@ -1,4 +1,4 @@
-Translations are done with [Weblate](https://hosted.weblate.org/projects/canaille/canaille/).
+Translations are done with `Weblate <https://hosted.weblate.org/projects/canaille/canaille>`_.
 
 The following commands are there as documentation, only the message extraction is needed for contributors.
 All the other steps are automatically done with Weblate.
diff --git a/doc/_static/group-edition.webp b/doc/_static/group-edition.webp
new file mode 100644
index 0000000000000000000000000000000000000000..49837859957f5ab9247b83dd241b14775a4861b5
GIT binary patch
literal 19192
zcmZ^KbBt%f67FxjW82n_XUDc}+qP}nwr9t-ZQHi}_THD5+<)GelTN47U0+pqSM^EG
zDFty6ky{A>Kvh^kPDPGQ>fm3W4k&O9pd33OrZ8~4i~oMZ?suhxfQZZ|WFjEJp5Q1X
zM8=-L=?E%XJG*78=Mvj_dT|)vqzYhq!M&Y~lx)F++h5?B-&)*LjP1&Ot%D^PBaS7#
z^AI{^NB~V&Hr~Jp1ZwZ#rhf&jDv3wFEl~aa8V*%fZr+NXQF!=E0%X=rAa2GxRgm%Z
zV<~P95ji0T<$}vjp*79_kmumU>_5eRlI3_j`8mKIy7TkWGZ2dtIXX7X12<Lz*^y9G
z<_BCuL`_1vD+6>829<ndVHE>=xXXl%O|bNLrhNens^@vVsRjDHx0Z-gq@Y%p>tfcj
zw3yOg3c3z-bI~uV2Wwf8uN$@sJ94V8G`_MK-~b|TbH0n<kr#pk<xiwiur=IVO;zb%
zduMy}(u=_1lt*dgv}Z#|DfD<a%#u*ldWJWf8ueQMA?KYAGU2M#`h8$J$IF9V9XLl$
z08XXaTC=$gav>=Ff5D!Ro{p)xv_#YU<GsDRF|BH{gsWGB#oAq=yjfbbe@at{sjQ^_
zL|HgqcFA|98ctQ=8%@{H?+X#pLhTBXGY>a=a(-TD0v*A5`%#9e`?*;rvLvgtSyo`N
z>#V$4!DX!QdeisHNNt1a_*Lccxl+cV@>*NQSjq7|Y&r#}MLM+k{#j9`F?4xeux~mA
zo+N*yD*UI0O1Doqc^g&PWJqhMdM1KS)gJ$D$yNAq2h~W^x;|BibZFae&X;qhnI`k#
zGyay5>Hp$?TuZ$1&UwN1%vs6t(#IRy8ZR!UPgaa+hGJTvV6H6hk5ZN}2}u}R|3PRr
zl12?rM_$nfmn@`bT5zJo+yblAT%XQxD5h_XQi#?Pjx=T?R@F~qoE%fqH~F2;TWoMl
zIS};?l9D1q+y)bSNHrPW!8bH{xD3UVNNPEeJds>uXVGX>yy-AbPp(+~JD44F>}XuU
zt$)(WI&=NKUsJ^3c+i+iX8f#wav^v@*cLN}`3E=vN%)6!wwb1Qs+%uhVSmV0^U#p|
zkEQzDw{H{4$PAAgS)-qui3#uI|A6Zx%hThU{iogeWbr}j?RBGKJy>E1SfEAQ4#-t4
zTEaHp6o|DIAXA<<E*r#d<L0$uc5J`*x_76qS`Dt84CVN_BMe)q!-pa1oMsQ=7MiZj
z=Hmu*1{RbqZy+iRyPju}OJU+-DsU87e4Ih=I38>dG!XH29(My4v}SJstM4*-hx4Ks
zNbA;LwU43Q1f?kagcj3Y91x=zD<G0k^jyjjk-CRbgTk0Va?-A{hr<(b!TVb*0Y!N&
za^rdnNOn4ou6p68N43(@cal=}rt4+f^S{l``Pu*LKN@<fUwnMjG$FC5KX8(!QNRRp
z&;*9}8_CHEB06iBV4|47Lj?k(HW*7S;yP<6703vBg9on5mkJxx%VU5CLY>!81+GC2
z=rxc3Zdfw+q?b>FkqvLhg=!!tgBr+_5%lM<mR&S2%gaFnqcVY~0#7bBkV{W1^DJLz
zhB{|f3MtLor<a$SR7ry|p_DpiRss)<7#qw>QAZ9Q(`)WGqL*jDTr^K_;n!!RfT5Ci
z)ucUdggI|4%ezKP?z2Kwl0qrNKylPq)cGfyoDtGz#8`B3ja*0mr$w(|Uyk9QK@90(
z-;#V*nl_p4!vusAtRF<h?r2|7vr|95UD+`BJ=gyQnyc#zwJh8ZGWQQxtSN*=$ZZDh
zHSOsZMD1EHbxX$j^{;Zf(<>#)ha!WJ#zi>AO{ErzA(-pwvo-#MdI611Z3z)O*V9!(
z1$W^q7XEsEszW&c3EaI#d>jM8O>$!@G`*nRdLT;0eMS%vInGbkJO|fwLgHN(VCY$4
z1At#J$<t1dHTI9;Mzg84F~Ki@8VlOeQkwjRh{8wIcY{8*czo^~9!E&Enea!Cj?H6G
z`rZFT<9{>Goov1%%cMLX-tFcIRm02PVNN13LD{a`FZI>%2#V3kIRyCX5DfzOI|N91
zdB~<-Br#xd0_b=-9^ifb8x_7eA+Wz8O>#<n;QRhchux2Lv+9T!ds3uMq$r)cR1{PM
zu+#-ej30ErR?CC4HOj!kfB*<)_0}6M4b~gY)*B|x7yYNa$j$LMZ=U!*@DNjdR#CNc
ze<JL9I111V%_NRZd^#1i5ddi@m6vGa<1~>bH~fK1LK)yDn-E;g@UOKAW4=b{)V&p^
zr&vzu2FYiPDJe#ZfwLb&PAOUyXBuME;jZR2foZKyAu46Yj2hF1$Ek5&7R<y&_LTgr
zX7*1?+>2iAAw-X192EFNlzOn?D~n;`U&izEY)eK)i><6WJ`g-2@^VnKaPvs!3FGTw
zNR2EB2E*p4RVBrMt&#_Ykm6U2sy=}QNg{dbVjQY#4{-o%$)Ko6Y{RGqt!Y8)%KT%K
zs#c=S-kW)|0CC|jn(pWL+c5D@OHQa+0}R~QIYA3;iNew78gUXP35ViJB*J9$k$7hF
zR+91>6H6Nj0>5i$amM&?u@L7d2+C-RQZG_qXyr&m(nc0T3aLS|6O&4M^{VQyN@1=d
z_Jl*m{RH8J<1@l9R3%Y!NRKbkc?{x-Ch*B-%yT4Mzp!)M*<XnAc8GtFuU9CXqq|tV
zQ%HFH_jve)!Z%V<2CZ1-sc3*5)EB8VbP}#9w#Z))$6&?<uKTGJgpzKQnig7-bK&wU
z-Xg=GWW}=S>f}8pYz9kvNjW7tV)ErT{3`yeNBa$<?}Uk&2+R|3#Ly;?Csx;ONd+gC
zp@5ll9a1C8FC)&$7C(?yuQ(_EDvJNyOoP%~$xMHUpDa~Ur*qn8)RmK0XZlkuZw*3H
zNLoG>UWB74BroO}vC<V0j&rdoh!k@_4g>uDOFqIgYqMz##sJwYbChJFew2);CDV)6
zpObRjax6|CQde;S&0K3*j+0V&0hCV{twrZaP998eQT#mTuu;Wg%V3ceh$cKL;kiZ4
zV7{K9pgr<bq<)2rGfXN^G*{zlO~gimY-BP#%>YbcPb&zQZGBn3NWSv1CDIfM5d$y_
zcSnxsy?=+R1Kg3=o9HzJ>9(CPA<`M|6-3cg{HNfrz&nX!`u1J~GV(sSy*RtgxQ$7@
z6_usa=FMQbd55tC2*R+E9r?2vS|3IeYTBcqoqg#}p~x4oL7adZeZ}4k*?XS_2&to@
zobsO^W++KiInFV?sMAEy-Ti5|XjlQ%HtGw>Nig6_*}-7^AW}JS_9l&qMkrt|97Nq4
z7t0}Q4$&ay0vrfHslL%Bc{(Vn_prww_$eW2^o%fQqBcsw=oJ@n3uNjoZt2&C@}XfW
zKD>DWW>t7|pn#m}-{OftfFv?;jC4;Kp=a@V4j2hJU_o<h8LUh^XtJe*#IWBJ;zt4)
z^63D-HmWnd6>gx0CX)7e>kUbZaW=N_>bis#us=147_u1($5Xw`g@0J)T7*xC#L@NW
zSJuf<!#BAG2j!!Oa1v(L$?;lW@K}}?;4NFE=J%WXFX89?(8k5op)v^X*`;g}X=9gb
zx_L`r_G`u5VC9^MB%DYs{@hRO+YjmqCG8F`*b627kYoqi<B5M2NnzTE1xyb{S+5ld
zTY43T#~7zCLb|E#23gg38<Z9(`mr%hms-Xa2YI{KL@ln&f-W7V6%eszE?t(`9ks{*
zUiS35Qt3*cT<hlUz7R1*BNtRA!uiTe$Rq(h2unz_=0EuIORi2>b=F2mKp<XC$>eSf
zvs!Sf$3>E|*HHGyc1pGgq&y2aY{(lcM6?J5b-g@>wyMFAKTSL&9D~s)l(&u2K453*
zIM-d;a2fgCiyDj^n6~Iei#2e<@)e9T;9bm9zEUHh7s%L8fkp}X5)O(dNw)E3lF@8q
zlG$#<zQBQBROfmKFV!iO+@JFae|5SFANoDTtQ|wNdedjxoI|9^?pT{B9YI9HUb;50
zX6?`)ub!^4%&8qNSyYOcSPc!snMs12E>A&<)ZXc_eNLlUS(j!FqD{M^93HNsuh|Br
z&()Xn^V4HRKC?v;Dt<qmA^w1ryn%S78ZCAf)@UqV79*m?0$M2<7alyy#4ho^O1i`|
zpP_LfbDXeDm~}KnbS2)l7GeOa3#7UK`j00{c1U7Y6arQ`&6Z=mJKadbBXMT?09aAR
z{q<J&tf6b>IJ-(kUx5b@)YlpRgT%rgk)|%^3*>CEo&;ISCWL>g=(-zCxF^Ij_FO+X
zP1|gdzvZ&HU*9l6;0v5%^eQyy%x;?6OYRossBom5$}Jkf5-l-!8GV<`FuE&RN2W{3
zGP>wH)x0HRs%PVD>x-Y37UZIol{m_w+t{-O->()BC<|&>*qwDuZ911U^6D(YySS#b
zGSn2wX-{`5l1}HQjJ|(3pE#5D-R+G+RH4c@ASBcmd=ozs696e5xt3e*eW16Vefa{6
zkZi>3EAt?+hgfZr>KWA9YhEccMON^81xlYHWm&8FkLr-0H6`MUp($m54G^imNzk!L
z5Zqsbo76mCG{b3tA33tTT(jzPPS8#A6>)UI8$1}J?%(uy*F#<10rLcv67m9MK{q)N
zM4J8=phZbcR-MwTYy9Co5s}!;S-;^!jzG^<6rvU)77~C@GPk2v(?`s%=do5G19(lL
zi&eYZ779y!p0|Sk{r)7M$^BQr#-E@E?CQC2?yKf6LBAoU*5RrZ(H#HUQXl4~41SkF
zz;&uk5-IRq!t{Cc@STwEEIA*hCqKpP&CoK%W|L2qhMmcLHDNpY>aDlJ*W?FzgE!n@
zV}pX}y%6!ik{B;Io&d^GsvjQ?5f(zv4|g+)co4N|l=HlFR3VaY?ONX4J(h3sEAH<J
zig8r0n@MH3abcD~tft#o`MKDUFY5u-W7Whqo^tpXCeBRj#F`6##th=vga)7Ac6sgF
zZr@Wuk)V(O`+}EZHy<BB1w}*kDz^BNZTf!OuIp_}<HGpEi;hp-2<84q(R=zINtx2-
z=;r?N^HpYG6_R3z9gdAbF9A(#gMf((keyGJ@arS4AC>H~thCOifD<)E6#QPGaH~km
zcdwTRF|?N|eP`?8Oh^F9j}il2(GeF&&38T{mF1-`{E%vuh{}uPFQ7>U;$CiG<ao+6
z)7?0}$*xpe8q<{`Z{+pDB_YWC_7d^2n%YW)+U+GnLLkCsu7lqb@xyJqc(i|cBXo=(
z+?*+jP+paaX+r;^OUO)qEN;_DP4wmPbD4Bsh<eYYq6Pc$?FgZCPDl=c5`gwvY5bso
z4E1<?N~Huw7jkf1J=NO(etyJxM%5S(F{3#e$`<5BlNX|zsy!Ky2bt(2v)7n_2SohF
zR?yos^#RMjLO~U?bT`Hk(<_0UfdTaC+cacdA|u)6{gA94c$;}5DDXVeEiR_`7v`)K
zUHL<QMxXYFerkR<vi>H=4pIYSV)^LWjcc8n3I9%bXl#74!-I^`o`-CLc7_c*G6T8Y
zz0x+!q$EiSSUY29>5>aN!)sv!P$v7r)FoyV_Fy1|?20sYq<OB4TcAmXZQuDJP@{+{
zKj7wn)%NSC`>UilM`1G4g5ARDvw|!%s=mOLlXP%Bzqto1IcdD=W~&K&3YL=qvI2Nu
z;K|M@$pG*y()P}{DByFa%jONv8J#SZw5^mN0_Ogg@Z0apEwfQn8?JTTp}DJsqL|cD
z?ni$F%qy(G?wau@KB6Y?`6Qb9EjL+oDPP=Tum|1*-AD*p;{qhbVlrn@3D{16MGzr-
zPoa{VKYD>hg4MWOS{PrKL4RG5yNJ*DQ`wO9`n}*?jf;R$Bo}S~5YnzHRJX>2oP;F%
z{HJEGOM^fGf@`}au-C4>W3KcUzo0$Dx7zPNXihnQUPHYBBF-<c&mxwFFNhkjr4Lgp
zZ=9Lk$S^k1Q+<xm*dZ%N3D;Sq&c@x%G(lnJKb0GVrvXww_Uu8hmmc%kkVmYg8EV7H
zq1Tlv?4q&U#%d{Qm#vw2nvL{YswEBvHd{R>Rh(Me&}i1U*?e2{UDC?AO$<-MXH`C=
zU21RBQcYBH;zx2;+XZQsVgs%zMGPfZT3$}P(P6d4h4i|RTo-v8=?8v(Ji&p+gPED&
zo~`tUnUirATaw*^jX01iQVbNP(X+AXC16+gKd`h~9VK+=SNG+!&iz2t8R<y00LVZF
zufZ=Ya1Zg(dmU2_ms0bbaU|rD9-tRvu4%_;GhO0Kx8Z6Quw!3^4mm63uMf0GaF403
z_6cy`SdW%qNKUZSa+*=q0;~$B<{=D05aYBR=%Zltv1Hs@|0ZeV%7-3H!OO6}PMeR-
zRjUQUbxh~fbcyM7o`Wh2KF!h6-$Rda{G_f6bkj|s<;ugGgV`EERAG^6p7}D-aBMwa
zk2RgmZ5FfJ44+^$D3Q+i90Paeg6&&%u|!aBWQup?owv6H;Q!ooza>NO1_mX1mzR6Y
z+y(~JIJIi4GtVdz>iv$1zv`J^)XOvZRh9_{q8ANGZcDBSkW<o+)`WqUxi~_`Q^TvC
z;X48%)C~aqV5HzNHi1EcNF}-qxBB)*ki&!x>fudepN`axfUc&kYv^dgH=Fr;2^sDP
zwaCl1P$*lMdu`WN#1=M_3}`DanX;GZ7yL{Jq7Knc08M(8gwwlRPOfbFXUh}xy30jT
z0JLT({+WJYu;(A&3GOGwgo+Dl1Yt?;aq+o;%Aku;0PF%Rh9MQWnvR|)kN3Ad)3T8!
zqrPgw`=pfj>kND1j}0Nnb;h4hGr%sp=`iNWuTm=Q9!IHemf>l$Q<$u|={k%jK|s@H
zIiNQZEn>iW)-iBllYZ#)OxE{&S058>Hv-M%7=Of&wj2jmQhBSWp%Ed+a<O0^zTCA!
z+cKQRjNh$8d-ESm$-}(i*;Sau^<qqu?h@)E1-i#}!~b;Jce7wQOer}b0C??T5fg|V
zzJ9pp0F?U7@qlf&PY}B`T%%}Hb^)cfj7VO5fK_(L(E%7v0`MImh{J`ThQ-<snUk3r
z2xk0b5TLa=1F!doTsx+Z2LZs>k4h8OZp>kUIX@_&{K02!W4eeo2I**he76z%g~$Nf
zN(WH7@H)aarY_#il*$uQflM3yv%oHzvX|@}6@B?xB8#0cg}p;QW5vG&H&*%nfbE%V
z+&;s)IMae^<Qt+GU5CHNiYqizS%U?$wGdS)JuGuc<({QZ5wzp`1UzfH#I6m#{)@)U
zx78tC=H1#0?kMW|>-B8`Lu;-dLw6cme?a4CW~H@`YY0O(16JStMt9_lYtc8UGUwH4
zz7JKkeyxd1t82?-$>qcyg<;b9A^}pjbDhzvfT*HjH{~yrbibptN%kDBAq~a&1)$A@
zL;9sG>^*xV58r7#r}`6bJS@(R4s$H|XwMFDl34a`Y*^RWo!#`><;sCP%5#b}!--|P
z`T9cdj=7r!llLdWJv-wN99L(5MkR=*>?`eV5ZLEv!oyAIGeYo`Q@@$>E%YonWJWI%
z%}i2@bYsR1J(nL=^5!pwMd(IZgA>b>t|M%g;7Dho$$g?3r1O}>qKQ8G>-vsLupOde
zGbKtTg_)hB6U9kl05N65amM7G0pQ#t0N7y)<wK|6#enyifv@$*cB9YHoh-#0EBcPe
zwMWc0N(*%W(17)R0liVckhSKZ^<%$tzIXB$rxVe=>tzS(3qqbHZ+)N#<5T#X_=hy$
zY;(mG+!<My#ntKZD0WnCp{-NLHcS;gRdB|9s~!AL_KGMMcdel9O}n$?l9PPb_M<@I
zsgN;E!d6PUZxx)+<_&FpZ+vNbyAU07ld2npMHwXsFkS@@YOjfeikMtW#!L4fg7x6q
zn^8@!r-o?dNaN!t8SHPQc6G0<V9G+0De4L5ELpEr=+0hfrE1L;Ld^w3YWD6mtQLCX
zvWbS+qxT4f3$eQ^3xXS*^V^j$tk3+fA&(0y3G2I6i6IG^L7*l*+}h?}!91xy+r47x
zxwyP{A5xd7oBr)o`-7fO<pY#W6Iv*Ss<~;-6Zq|k97jh>f<O0ZqZP@r6cCGFT$1a-
z0aLw`xuBB|7Ij=(i`1<k&Wl^M_R%Ivjw^bOuEi6Q2DWdh=~W2~#g^m}xJL)7_cTgd
z_TCqsF&TC4qDe0Ihhv({)gNv3f0XZ2XhA%B^6)Az(q`I0UGrixzOYu@!ta;Twdv}8
zH#tk}v4_pOz<A%rWO>|9RRf58EsvmUXghs{MBS5zF1k89r%9If7nwtL;TDe}i+y_9
zGnMl(G<7DPQ4@ow9}C!@U%sX;McK!#d_e)908_6f<f>}&#dF~#4*T<OUZZkibae46
zd;Vfte6Cmp=#kfs!rx9`4sB?hFFA@&Y`Ck?&v1+Kk=AYl5V;4E*d`5W8DUbnx%2El
z)yO`d?MxKTVmAd6T`Qg%p~{xMhAEC<HxPhR)o!!VC2n}iACWGE&Atb~Wnx7BcV>SF
z$~U&O@vE%>O}2n<Iq^NULRl?iy~lYBgL3%C(@&+QAJI?zkDj6NBHddSnsGV89kud$
zyTe)(hsE6rLJu16d1*anqb#G|U@bwqjjuHrv9ECP2k0uDSoiR$?n2n7=(l8Rb1ntY
zdo*WHVhFXv`=!HOy!X~Ow0W+lQ*aOJk)%)$CSW}i(=zNbLr8=JA1P^T42HT~__zh+
zZ>b%?4_|)W$X?!tYs}4>5fSkVlp4~fROZ|m2KXex_B6Q6><Xq}fOipmc7<)--B?q+
zUn1Ww-XZ>v&_!$jO=j2M`R)p}F~Y1<+FMHwuv6LJcIhCeJ4AN^yG=D{Z4UgMA_Xmg
z62-KV&(V6O>Ce>X&)imCueEr6G?DhJ%js&G-*g2CUM=B+l_JODK9{#lCD<~}6WS$U
z#qJxI{XIEdze-cW1W?;=hlLJ9qv#DTqLYzqCWJDwd-a(D(=@UP7dmpn%(}u)$P_4?
zSQ(D)<-l?E719C*S-FK+`3UP1(?h5VULzKqvxQ2N`5W{1Lu-jNXi(}i%WjuFIl?6T
zOpxQR&Qf*7x#G8kvbXNX4b|{SJZ_JC$KVR4yI|H`45mSZn1)zQ!||$v2Dqn|G8P9=
z%s_T2=9D5C8JqZY3Fb`vb)}q80WR^WV3e1ksc+D30HjGD=;7Z55CVW!L}vzI0Y499
zQrIwi6%c^Hs%$m}9RT1iBp)|tOKc%8LJQC$vOu6mUK;JflLsY(a=20rrkS$`{33NI
zPr?QVz#~Z`ZAB4kjE(M&CsUJPfdEbks8rXrg~&l`5KDbrN#ez8>sbn7!F!7&b}^(E
zY1-FBlTaW57%B+`d=PWyB2aS}#czmjkdtKV!^`NIN<xirR1ZWF##uz~X7;j2Rt2o!
znp;p_@YhTB#l}cazp{ubPPqE13Y06b$GWJHUUtz6dX0`grLHdt+z`Bdjd2JaP+#GM
z9@uQB&4nzL(RwqxsuT_v+H*&lOHuty%7L$3l8$G#tEK`l3icQiV}Es3Pi`P(Q=+m-
zG#b$YAYxsPVav2iZeVl?iqG6V+*vJyMj>Qa5#r4+`sdKafI7+Ky>6#!&51I=g0zS|
zq<2y^#0B<h+Zt)3%@9E!nZn_8eC92O7gFK;A>>~pJXPEfcVLD3ey-67Cvb(pVrk%s
z&!rH)^zv@$AuIGyR703tHJN3Y5SL@o&W#*UO!?HV!3LMR{FXz-XH!O5L&7L1ac%Pl
zo6YXvXFE^31I;;A(b_Hgz`iP9FA=X}K_@+D8^>FVXM}f`hm}i!1Hn6?+~4*lq=<Vg
zK@<0)S&OH_tg-Y*jLX&L+wQAKKto61cFZ}Hm*D;&Wl7#Hn+N;yyuB$y00h5M(~A2>
zl|U*tVX<0XfR1BOzl}6xfK#V3Y7PR!mVpVlOGS)BIFjLD>q!dMIK@?-xLl)wyhb1&
zWhwSE7)!Pp!`$3Py`1u2^p4mhgbKj`b^yR}bfChYwN@|;A)Q_jDOedSQ^c6(>;9XB
z6=J4ozXn{9!Z}=k2<AoIjr>_Gl%r-$>@*`*G`LZ1*m*@6_%r*nvb)KI0J{fmwlBl^
zIV#`BYz1y@8_vo8VcXj2TpcIb=Ziuw{pG-Z`*kvaFHP3wZLDfl?slKsDO9S<KFK?E
z&dkew_%jpU4ZH*T`GUuX@0(=puWZA&%1Bi-aigCpCSZVV_ajDI!|mHUV-Rb@F`*%l
zjDB^+z|Lt=_yX^O-LGlb6(R#`<dqZlVtly!uc0Km>NOLb<7{@VLp2Peh~DLJ%IwO8
z1u)Bat%Xqvr>~lGf5ysU|1Otl!<6MPBikE{c8E*n1OyfP9b4L)p4RX1=UUDQ4jon9
zH+>OLnh$1H=J)nebi9-GR>K_HF1x7HesvXF|2K6}pd{)sHb54W4|B$$4UZnsV+>ua
z_plM*BdWO9uol?v(Qg~L>JPYm*D(fQZJL2T3v|}j2>_7c5kv)K*99ZXvZDcRY_cZp
zJW=)P?V0{D1-AjOuIx?!f$b%Cf(fHp7ZenPpdV8!iclaJY>jO)0Rwb)7IMYRGP9<0
zfTTIp9F;TEg8NYp=#?RJp=LSM7!RB_==?`9VAizC<nv{f%z6z7`eTunwFKCX_1V$d
zQ~)iU3At@}k)KqBG-Vw%eI!Z?6L<jy;ShP2%@>$F$04I;^TLf!?>i}4m3lottX9A?
zx_m$CPDD4|99ULisK=0uk&cR-t(h*cje{)94jUwI+r0`nzzf)Wm`A5G4GubPN>#(m
zY()m?^r-=Wpf(}(=qe_5cI25{gAi}RIaokN9$I$-hSmP=)ij=g?K~&`vg6uHU3y!b
zcXJb`uE^Mv&M^LFRy1{#hz0g<b2zmcUR1Qf>2f+8(}k(xA?<w><a4!}=CBD_p%>Xg
zj|R1C5V@xCkS{MpanrytaEPgGuM#>qDz;fG_^Z~?wjO!dA;z~=b~n{$cALfn9t(1`
z`()%|zUn3?82T8u6dmp#9m?1<oxjBs^8w_!gtdg^=SPx#k)hv)oS&cAqCm#%irZ*_
zS<O?Ie$I&er_7e-ZC{zfoMK(C-@lKP8+&^r%0M1s#*eyWW%f|J(z<vPdKf@^MNQT7
zj3CJX44DH##Rq~&It}PVJV7-Sk6fCS=rgb-U-2RDvHz~$OvYla#I8y9bHs<afV+KO
ziN(n8dNVLX9sjeEUqU3_yG`LAF~Kd-fNLG3ZVqLXmbd4DZpIYO8;|mhX2JlIYo-$K
zg%sij8rf2*oe`_q$UUMDEx6}8WNsyV{-f5+YkqiZm*@JtTq_~_RT<au)sd^00++Uy
zycS_RQka&=*dD&_eYQh{Cs14$&2BOOtibE|_%(zvX&zy2Jg3ED5wLCU^4t87hhidj
zq2Cvnt-RK*Ik@=aP*T>h-gtgp4D^e>iifC!ADtoVO|m#*(DP${3@!a?!r9c7B4A90
zFQcOp5K%h^c<Qwb2QO~0J@#fmc4fE{v9X!V7K?|5!Ezp18QeFWm*r6Uj}*G)?l`Qv
z<yyE=cxRW;_MZYQ)o=o_wdbbTKlhRcR$sMA{HJ$%%kuD4fwKpEr66~>p=f~6c7jK<
zvqgp25pLt>C_l@-rahWpnCLqxjF=29_`1mpSgg+C%Ee+H;yuk_5+fSQw2s2^R5jZz
z%L$BN3?(1q@7ty(Vj|tE?Y0RzXtnkyfY7HmzOqObGI8Mh^@Jxs3J-f|t2>6bBAb%x
z4wtJ81_Vb8K9Sp!Ksvev9j6b{D6mObyXGQc5C8_iVnsBv2z~0DRt*}y12Or5@llm^
zzi16NQ76K92LfA>BF^b_>HNGspmUBGyd*0FQ6(0phb1+@)xf(y1QWg!#jk20TQ?Lz
zmhPWp|G$T-$U^9Lg1f$cMc}jBNU3U@#K!VzMt;7MwNHV@=Leh@`fm(F;?I2q!4JdR
zj~hjJnd88e2ddBvi`{7xU-gQ?-P-U9wR>Dm1;MBdqNoz8UGTQJ*E6KwkQjXMy)smc
zwK4#lKtd4TId6Nxc)`&BifQ__sKBJ%{K)0ECbP$q&Um1;f%fMpV)EUf5=?<=?%FdC
z)+$dsvGwr6kb%bn?E43tPygLhq~MC~maFX(du>2rh+fbJ>LBT;{6W=5N_92i%=I-_
zM0&?bUp;yr!(Y-7YDu)P(E>{N)g?2*=C)qnQZ&FXUpWvFu35=Q!7?Z}=!iGhL+DNR
z!0-dnlfi><%`s}8Z6{tGC(P*SXX5ZZ$QZA6+Q(rOD515pBeZxK5}l$zymhJA=%}bH
z_(r@^%^1ac14;AWH&mFb?V$U0(X}tY*kuT6-gf3|!_*0eKXXOuPdZ@4_gqgnE{@v;
z)`}tBj+T)sCZ9Q(;{oPTVNs(_ifwpotoj9#1=1bWl3v+p{Gw8&CjJA|_G@;wdehTj
zXN<Sqz9*yTOJQx`qHDvI&8#76Hf2Atq4iI$y70xTU%GC4c&M?V3Xe4ufnVV~X@Q<`
zyi2f550-~Ll)S{v*AeVoX2ptOVN#_JrB@tVerfQ(@(}?!roEEUT#h^-t2_sJYa#Lp
z>GSHeZb3;ItJV<VSu^s$^j5ruUd86EtiS1Wt9||G>8g+f<8{jyntozj+h;@7si`q1
z$h-uKb`cd=P#O&;&7f5+lU;{fIrV^kYP%KU&{e`qc+=>?T(_b1#?Xc(xK9ujblmj-
zkr918z;X>d1Hh>$r@_hv<&@E88(o$wH5<c>Dj@x$V&TCZFRsB<2#xl~xXe4iwf`Aq
zP=O5#01)mG7e#f?f&vmLRZp!C9{#k!<m;%B7Eo;{1->6(3jCYQ-ebLnS-T{I!445$
zh)Hb&s*^*w2wmCv*!D|uFB=bO`*|4W->@?@Xc(?{#st-AvEROOG8sN60<laE0$qQ{
zQ#N`+I$MVSMmG^Sz3ACq0NjH)Y%MnEZ`=XTqXTk3M{6cPCe|ZABZ6b`U~XJVFNd)I
z+C$#^9h5q$<cj%~ISmMMyy|U{p6helE{L8gOdEK#bi&!ANj_BNwaj8&`#Zl5+mw@F
zArEuRD!;WBRCr(Sc(GE+h0sr}pUh~XZ#`aBsqf5sG8*v|<EJ1k{NyF3@(R6=J~!cf
zN@#!`l2!l_6UWXeTlTfCvPU3xpSv?B<wb|#w)uDrR~cn;fzRQi2-dS5rzBM~L1G$4
zTWNd_Ljs`*$8=$CJ*U)DVKpteASs}zVj-=YUco}*>7z}1zUv2Zp3jyeW?<*6MA73)
z9(RV|FaM4%8;Z}NOAPU>7afVPX2i(Wm5C2h3xV!611u);&vCbzJw?UX)mFy$Qik4I
zdqLS(U+IixWNEcXio%3#JJE8^!!c0GHY*V9>m{e1o%it4op@8gnqkPXtF~Q#O#%ms
zM9nV^5VTmzjv;^;@AT3|?^y7O^{cLe1}lOC&n~bzVDQs)RJ=PYy7Y3$&5n~VQc(Z=
zMRyd_IhkHi#B^{*LcWsE*^~57Pk@Np`e^Sr?1;SfHhxCY8+@PHu<!Sn>-$>x!>uXD
z*#~=ppaZjNwXWIBn?8Vam*?F@87FPOd~qwm;HRY>cO+G(`Mn>X$`G(F*E9ki_={9p
z1IZhKuNg@g$^$1MIQCKbl<)lqb~FnM7?ea32sFDZMLbJpclS9{<c9{Y;!k#LxuJmu
z9q7W4(u`#s>)}@=X`nJvxDeToM;>JQgbWho<z^duQQipQQXJ;3rgz<w9X7$iC5)d{
zJC#5{Go1)vg~SSXYLO??ycD%#yJRAcJAQw+<vmaOfi7&Pn!IR7fxqF403bJe5LXku
z0qG}#WbB7vHM{`V-5MGGinqjI&oP=z=ya#!vveV{7=>Cb>v#`iH#igyh;C(%5c9g2
zK@2H|2pm73u*|P-`E$jnffK=W0~K8VB7Zc-t0U>~w_ZZEC<*Z!eGB&%HHR#`eV5jE
zEv$piOR7`s1D>Fmj<UzKGGKJq*B_v|^jcB5auu%liQ(6;@Z_$d(~zQoXDR#KZLjq@
z0nbK~UP@6iOvqih9Rq{Xz(XSKpPaID-KLAmMyPK4@!jVhMAw5bZ8M6^L~I`upz6h+
zqL$!T6eC0w6Sxz#=J=L1C49Tz)qXgKAvJ)M>c@Mb5OwIZ9|(EyLu_6Ds=xU*RT>b_
zintrgCH17+pDdGFBD4Dw)y4gI8TQlAyyL#7voQGSc@(3bOO92&tz_KWqH2rv*=f?s
zi>3$0OZI~p{tWq7H|}>X&?j#u+n;A~@U+?`-m~YQ&Mw;fT=@b@C6>Yx<?kX5^t+3S
zPgqsjO!49|I)t8t;w7tI_27EI$<jD5%9|}ignHml-@ROq#*u81N!0g~oZk;s`hVZR
zqIM)v$dJ~(_APOwKCE=FLmR`M88?B&<&G`vw-3*RglIEekPxR(PMi_s_jBige|E`h
z3tCW*+K}Y4Z(Drd1(IBe=Wwy?E*QO^<LX1xqAH@-TPGR`4$o3eTz#5aj=B-kiF`i1
zX>(7!^V(jEr7K-l=^tTVW>~gv3rDEYrSz_~p`|)tH2{8!$4CoQ_^QHzqBSh`F6&YF
ztF$`l_+pCy;nO;CA<ecz78%OJF(HZe%n$uTNk)0vdi$3kV2UUG#Fi#%^r*W0Xz@Bk
zz_mSLiH;wy+ab)L(yK0VbrEuWQ5r6y@tvr3mV()N#x6vd3hZs1_4mFair9y*>Xj;y
zN7AHnLA7l>zGs@qKSfjZ4cDe?Nb)>!v*Ov2&r==Q6d|l`hZ!7alYd*hyS_x33z9v<
z;4V-LAGUv5mHWz~6^C!h^uDcy@VJ<sdVduZ$>qhGfy*TcbqE4Lk)su;Fo=2ly`i5#
z9m2LDd$s7^OFH|AQ)QDN0Ulv`X`I}XtxY5^irC}^7=TXrIb~s8DOO}@usqp9K0UCx
z3Blpa(>e*T0~*E%Gb*Y9^JZ`WhZ&~r?Wi!av^8Q2+FOHA5-i}gg6rm2);gO$aaeZ_
z(Us5!fFSFa8Hr4_JQc<aKt5qP#BFID6IebaSxD(Gk;34<9??5Jz|T@VTwD*+{~vi(
z%Bf5;8?yGs@M1YQsxgAR2y?tSw&p@pCqJLE6EdRwi9MpFaI;V$Aq5@be<oZ)#m7o0
zg!v%%f-B0C%rPn<a|4=DVAJc?`?G~EM8j3TNf4hX$UH0#gsKQ5l*QTShWQVX!<vC}
z6PGWNaDQn$aEDU~Rdq42Ak8INwDrtVk~mu&WYL1mY7<z<ix-7o5~a0N8KG{L12OAn
zmO;2l7yO0=lye1H)`0s_%jblV4y1%7Kw05)2a1WEFAlSlx~KG<{wes#N9tsVADgqg
zxkAw?;>!4j*12I2LLUaX_6)mbv%m8qFTP!E&1z@gw}z&mRGnO>*4%Ln0d>w#CH)US
zM>-C%pt8{zVY8P;GAmbj*yy7Zz${%_%Gn2a=9$D`T=wvNEUPU<&^o)MIi|Q;Z!CMA
zEtK6S6L{l%SwOf~K9}3&uDP}#bpA5u+GDVh{5QH(TW;6Xp~FY3#rI`cE118I?oV0k
z>q2_W%=E?93^_0F5kRl(XVkZ`N=1_Q2Wx*h-GV=CF>8IHv2pQyJVGU^jTAbu>sp>u
zQkDLIwaumRVW+X6wacOuvw&@F%{Sb$BHwB}pQFe-Igap7Lis=uO({62RtpKSA$BcM
ziAu0u6+~P_TBMj@MTmif>Q7S`wWrd(Xz00e{tZ3?9ct9MDm!E1*Hd{)RNC^p31`*^
zHCDU|nL-0>3-Fon6sf^|EI1&naXvl+UdymdT~eyu6<;stvS|kiD(KR>P8N)X6`fR4
z;|J}di}2lN>;CW>!Cv9GOg(~HdT|pmakzt5pw$1l(E2eY%*sd-D>UV9_47J$Sd~RI
z=yYU4$keR!B_c5*3af|8?@x9`N_Z=J=A~_qFcYgfw2%l0z=759K@`Mer!6adlxDvu
z!##c7P~WRT;b=s6Q8U6vIC<<ker#)NYr-*q?r3@S!?1xhZf<8h9+yPHCKThhd3lzV
z{FEAQgcv-4e@&W3ucD+4$y429r)i&@odTl2%wm5`@J4YdYBAr9C_@tW^NQv@OsU$(
zI+3RhGFelNLL<lj9VmaE2ij@ruM`z3_RDBxL`D1&9FrfVC~CCebw^K!D`niA>Cg2x
z$gK64^k2kTl(m+_kYCxJt`LXE{d-$8;c*{D4idRtl3#|#u4&xDdnokU0S!M$tY56v
z6xU@Mv~7kQdq3m2)iqo-s6Li#Blyp?yDPV&k~F;>!&3h~q#TtSfke35Og+IrO+-q3
z!+ljc<nTi8a^B;=#eSaPcF&Sjizo(txf>$XjI=8HtA)C{hG7{e6jM&GrWQz<VSGt)
z4-!%!>P*cthtY*4wc^l8-}=XqC&CGw_vTyp{oQp5MQN1c7dh3fM;t7NztgCZiBWU6
zs*EYjS56-0-|xGwz2>9&1sQQwf_i@bp30PC-?yrS&Q-(n3k2JUWJD;`yPfx}Rgmzw
zNYM)u5U>v2XW{<?|8S%~9-svYjf5<^B6_pqGECGL-8&RoM_M|MdCW>ZDuN(ss9vAV
zaD(8PMU#{Er^2r6*<o@2!S}*yU@+NT#%O4WfEiq{qEGPZQz(}yYVDUA8*dA|BHtsl
zF+jcCs*fbfTiW8GB?%M6j*;8qxmB>u*+*>PQQOd%{gZGjsm8f3<kinpXN;AQ@Yn$?
zJC_>@$D1T(=*aLxQ^0G?*ypzqxr+6q<Gm)_Lng8f=w`$)DqOlQ6sgNpfa%XY6%uzK
zpFP6)`Crdwrj_Wis8EiwJ=3>CA%v1&E|9o){zs<1+yMqyMn~zirrvTrb`-~}Oz)a^
zm#SJJP~x;2cJ%=uuD{@D(LzjOIZ>ic;{Eh|F_u@1r7;8B)xP~@iH<SdR3Ur6=^^@-
z;)&e}yD_B(@7XOT>10do3BaTJn&+`9Q)mXiH|s>>5P4lG47@Y#wf%-}<>aWszT?|P
zDsPYsj~*bc0xGA7@tx+&v<r3ed8~Ldtr(#{0V6?F{maA{X&`@q7aks41^po_A)W)j
zCC4*zqBzpQmIE<RIa)-3Hd20%8uG`D1%Fuh4t`_O&b+^c-Ac(&ThEAU#lW<B>os8H
zdtGW4gb7N!3a3C;U)|s#s^ZW;Fc7}G2G=YI_(kgMY4?sb*cJQFe!6+!NQQthe4gk@
zqTzNek?nu)YA142N))HV;6hER0Ipxf-SmV#RLg?e3doVNQu}aM;l7M%A7hvQXz<P^
zH%Z>^&HZ}*Mi4}o^{ds<&q*`xI}|Zx+5*y<=owl#VE(Jj!PUvPvi>(WH@DQb@yp!_
zQO_nT8-x%2#h$`WGYW3^5<8t#iE3i4nYVjH_gm@`6CQq`^T$xTzoP#L%23DD!;SFW
ze+S-VZ&el^nXl%)a{%M$%<*TI+zP0GAn}V|^ynfYQN*U9#e<z{(+oO#VE4>ELtzXx
zz}C359WC>{?Xub+hD{QoX3Q?z+u9MMBXI6ltn)}-Ed2bBcQXnU#@CxBqgUAGNbRik
z^|!@yuInse>JyJ?V+-q)7~2}C>PJ?ke-lmM4T;K|V2J9C4e@&reV~;;Dx0<E>VSeX
zi*8T+?W$%33%Fpzh<Urm$(+^Kl|X51^qucV29*kYZbxL{cPScu(=tB(Sf`%fRP_U&
zXpUkphWqrtG|}YKIj!}Qs{``6);#O^18bZRbGKI7@%0CYZk~bX!wHOW<j^f{`kxHD
z<v|gz$kFTh49ez22Aq5=kyp!GTx(?3;`?V95lPubzUp`r9y!9X@Ka6jNc7~GAdC^}
zV@imB`s>_Wwz!Hu-_;#*jAZ>0h76JPkAbvu;ow_({yQ=&?`Xa*_f>fYDp4o7j7EaX
z0<%9wbdxgWzY-MD@sDVwCv5Y!s$T>#`+OP?b^7UCi?gL6g53_7%3mgpS}NdplUZZG
z())6xa15f4%(QfSt~-C*{rVB{=^`HdTe0CYZvU?uh+4Z{L-_YkC6J$w-A?M*=?jOG
ziG8%@5e9ymlWuu5cER~HcZixZlol3x>F+Iei0Njxi-R<o)t9?5W5R-3fI1uo2BF~t
zTUCavw2;ow+X}Wi_oidLzzY4vI5WPb*r!X%Qko9F%_DBPz@I^LbH<l3q|}tL)m4ua
zSF*(Q#EguLuS=K}(egT1O*$Ali>^I358|V7%PAkvwG=95x@|Y3Zc*hs9UCivf+iGT
z0d7OfR?QIEc^StUuqM$+c3Au?8s#pvqQ1t9P)APpFqx9bDE0A&Y^q;tfmqINjN+Fv
zqZx83wl=p3k>C&6bR%5;7)o!bRbfMurRalxp=SZ`xr50Wn^;^P_Q&kLz%j}!hYAHB
zW{RGX){s|Q1a$7+Cok9~>!9yi%hAH1ZfM*Dv1;{oh+dwSI^_~<Fi_ppye>An9O`Ug
zhf;jgz|!3;JZ(ZmZc&HRz9z)sP$VmFnWc!3jD9%DT6fN)hyFBg-Mej)(<Mb}&Z9SV
z)V35HX;?G$(Wxt3Stg1lOXgQZS8<Pm78$a|Ei?FsCa2FbHYlS?+9%V#i~W33w0~UX
zPsi)W*(Mk|{zD51c(p-SOZkKUv6S^);UdwqLz{=N*M3zZCN%0D&xz&uCB5QAE*DB(
ze1cT;?KOc!^Sg(VM`-dYLWYDy;^_^I@k4+wr9*FIwJq_<YtrjZj&C2597~S3Za(Q$
zq;yVt|KHVk`yotuRhANX!ABu%+D-fre7ix)1M%E89eTN%DwI<EmerRyeymjFB;V5=
z#vXgezwY)^`3~$4@K72Sc<K3V@8Pv@^7%tr&nr2!OVQNtr?z|lek89F<xMn1aMNw?
zy7$W=Qq^`|gxo6HUr7ux4j#w3(cn4z;9kyP0C=pnGU-4hJ$+!`=XssuGklb^VoJKM
zPUQ>0KTf5O^H-|XK5_@w`-Kf$znBYO9wnp7M_9H#H+G9<%y_SW@=cFX&h@m&`I%tq
zlqF~e%*M?kQ*;)TZz99(@|VVCke@>G$;QG&$K_*N<PZz871Vs10Jp9Wyfh7byRYAX
z{Jj_N_jfQ}BEzBM^e!~7hfMb+cTZC+9)=q3Nwk=>w0hR9y?m^L@&-DYATQP#kBFRj
zPnMN%N=U;A3<!9Rah?=UEuvT(q|q<u94Eyb@oR0ZVQtnyn@ccSp$2ie;Q{_zm7z6>
z2VNr~5AU|~i(yEvZhIDaXD@e0`ShPV&kG`9Hymsirv^sg4mfV97WisV(sFphD=5jX
z(?HR{5_Mb#&P{0yu;S#P#0L^=DOvk)*XvD|KajN6pU(M8B#EyB!3P)PRFGRa>589)
z8+6Ik)lwGe4R+BM-4Gw<N;d8?DZU16Tw{q5q~T+8HK2ViyeSFq3h6vFQM|rqU=hfN
zGT(BRX3gUr#ZiEfIw2CI@-6B7W=J=4c)=l$k%=nDTd_7K7iS(s&#kMI?*8?aqKhr}
zS;~Rk>1n2;vgfmp7m}Zszt?;mJzn<o#0L?j{pxo_N1@ig{SA#>uz#D+so2EBcRZ4R
zLG#K<h`(9(P|J%W8fMpgbXSC1|E`es;{HL*#P<69svj=lZPtvL$_JfuIr8DqPkK|K
zoUYbPFqk4IX>+}A`=HzWY+jzaT-65u%;j?c2lR&J8+2_h%@UAafz#}3=4=iK>V}Hh
zN?Q(mVJvfD36<S)T6U9Ndo~NQiIfD$0ol}vG}-Qu;0-Mo!9a)?tr6<#xI(A>JO9Y%
zPgEJpx+~M_@l&$Dm;vc8!W!dU=U^a5;}YfJjxL@D@JRtsoH9mK=0b+{<M^u59((->
zl(jFWxX6V(QWiRkh`TMS|JQQkBHr6fj+yclEZ~CnV#H%75odQ*dy{%+!R@2)1UBCo
zdsAx$4n!GhdV?}Gx>`q(P|=o#gYeZ0mmkxhhF~qMGQ*D;>p5YSBxVR>wbg;zIE7wI
zPa~Yo6dhUVae<0d`nmX#nU$?3SJMB4u0IV^*E6$3Cyjmh8$f`^?l7lz1-6f`4NJi`
zlGfg^Sy)q*`aCKXmJ{4q@@B>XhYsHFzr;KBZ=UR2yq;UrWHsg}L}uZ|hu>Ym&%<Tn
zpIsJ<JmpK4j#%Zg6*b;Hpw>I4KogO|hZe<>5KN{-R24P-4^UWfqfWA9vt3LOx;m^n
zDzJW=yzY|z;S|fiueT9PE|>1AA{TyzQ{4Y`y7D|dkWm-asQ)qVKitz=$SwwZH#sGB
z$igNJ6n~0u2S38LjiwlF`_EOFg!<cY$@_`{JwhsJ*MdUi>ne2maSp4_se4`~74M-O
z(=(cyW5hJ~dRix|Nqgk=a>2XlrUaVxZueZ8WB8xk<wvCnK>f<_7MrsOcJ{qs>4*8)
zEpf=Zc=ux-8%R+|Q*pN&VOfmLI-Jos!r$FIG*acZ>7@-~K9485j+WPWZ%-^8M|Nf3
z-CQ=T!eb+Xj3em@0{|3V@M}r;COxm3`BPri%>^i~8zzF4Hja=%%bCaiF-H+@C-<gN
zpW-FGRoq4QJ^*@x$eYLOnDD<E-P2H1^u7|b;bbL=*T}L&1){pD>mUhLNqFS~%&xQO
zi}kNqkpeMX-MM6YJDOv#a(J3L*bTuS2#-iNgODK=uKyuDH37nE5jx-}w=u%{DWXUM
zGduM7d^Ix*DQ>|)Dp3nZR(EQA<$+!~8Y<y0P1@WALyMwVQiz1y9YA|L`%sN{?I`;5
z9V4c;VF+sd>eMlT$?JHeg$KjbMC4tv(kz@DAQM-eLD1s&&_J?PoXY$6mi(-!UO=-&
zejfg{w{@^#ii(o)MS|v7qZ#=yrNXa&XUO_a4fP{p>NrtW_BZ^;l9dfhy$_$1XD9BG
zXNNA^uCVgBAdrSd<jk3-m|C7V4(Gxx3k48AX^-coOR7suKWIJ9t7}KRLHz7ncwEQ~
zr?I0f8}`iigE~9jqsSesc$1*}{7Y>lDwl4PZC7wm6F1xyS5EwwTwCFVLf?^On+&Za
zlLE9vP&R=kO}RS0n&S}HK7J<dk6Ufq<Vxvs54rI8=G`Mk?o}Z00%X1PD*aFWKB!FO
zNQL&6_46|KmR9T6)>?}eztI&S`B_Z`r`JhVnNL&tJU_MR1VG;$pqNLIgcc)dM$sV{
zJ4xRP5}c~UXl6(*=Nk|=G;!~j$MtVjU;fo$HF4`aDueyY02{ery1Yj!oBx(v1(K7$
zSz|cEo0RgJBl~Sfe7-;T{eFjnmbSE#<DrV=$}N}Q{|xl)CBt!_jIG5^gG*%!b!~8A
zilKiqV07IV`rpB!M$kq#!-VGV)D0hIpC?VnlA2K>q-fPE<GB|YGO&L9y{9jV4_5(7
zLvuBdWMmm|Uv#7Eh*;k|qKd6PF|8F0ydYJrT4>ZfYs61Jsv-$PtXA_rE1T;=p@b(=
zb3tByXq$<>I+Jt!Tk9co(pN}6awL$ip1y^k{#n&e!m~<-4tuABq0S4IR2V<Bmt@uE
zL=pf1y@^hD9quDm4nJKOAuzIzMfZm7OP(5B@PcC^%iHGxsG1b^uR+l!tUvkten-5u
zTukDtH7tHU667-Y=3hSM$>H82XG}~rNs*71=O~}Oxyy8-#VR{2cCPA*q-i3kf5?LT
z3k{CGKfVevW0VDg^-;8zI#8vfdOnf4iJu#VdKMoN2I@}221je*?aU$+d`*i*S*+!G
z5*XdM+V2=aRabS<<|)J6H@eAH!)Ud<gPQVE{#L?2y+_5&`5(Snf02!-o5k8S`3^Y6
z>(|uPStaN9`v)QMSt!Je)z#4>E!Sk?T3Wpqsv=>UT@8~zuaX4Ojf2|OM&JJvvK+S)
zqzn~De(3fk+5oo2UYN|V`E1n+ib!D;a5%)?P@`FvOXz}zLWo6Mf}v%;!xY6RsZ<_t
zLQBu6Qr|Zw-K4Iy{qRH-n{eoiHVGFd{eS!7AY8w;{F?HA0zC@C^*AF>d#rW<QQBkU
zy-g~Z(jFTvq)B_6uPx%Su6A7?+!#n{j}7-8`Y=j+Y`U|wU`^WNAgZA)s<EziT^-z*
znooP2kdpS8{Kw>f+G9JA_L%-e{zIMapZ3^iVi==b+GGD&SPU=I9>;Oy8F-oYIF2)(
zftYEJ<JdD`oA%h0z&7o%DFJTUV?zSmw8w@7x@nKyh7q6i)j};w@F60Xuk`P<Lr&05
zd+gJ?nwoS=XJ_e$n4p{X*rzoDz+X9hdWZ?|X^&}-Z8;oha69hPGvY>qL|-oq98h>g
zYshI6rc0~?avV78%FcOa92r!1#UGqdFY|MbxXj!vJlMuu2%8B(!^eV?OV?l|o7*_|
zEi(2X=%zhZ!znaIJTw%bXJcTrneDM(m1OEDwB>*o$Iuu&kOVXZDFXwIGyj!^imOX~
zb_fr)G2fz95Hx%&Jh^mPJ&V{$V}UI)_8{n{Jyydd)&=k(^WYlMAwatRW9R#TfI?6a
zbF?)!19CJZ+m!;@l*>$<-Uh+JHdbH{1PvbxPcB`9k7RD++_%Wsi@ycBX^+(i1*lzM
z@nge2@i_Q#7K?SDs+6OxLuit~@tt_5bpT+xhtd0aAUMpld|5LgZ1`Aka_Jg;By$@d
zmHQSMd+-(H(;ojswIcv<=8?H4+{aBKIs^d7;g^-Nt5%?%{)#Gc?M`zVKEBZ~m=}@E
zZ5-#mMaCZdX~?HNh5$aeL^_^qTTa&DCGV8QFP#f5X|@E@Sh>!9?6Wfsu9cDQw8xf$
zDu>buUqi1DXGPT>d$RPxhL43Om#)EgGs)b>0$XJ4L6A>-jE|!?y0@+b-5^c-kYwwP
zM5%Um;7@He;YOxG11_kHbf-N=b=Nxi%@k6wC63eZvGC;5HN;vGaMK<e(ycMzn)cYF
zZj%bzw8y3d;nE)aPz+<prad;Nd*}l;?Xf}4(t>kok9{bHG5MeNI3XqNG5L?l|Fp+;
zAnh>;i~Psr{~jA_=ekQ)sNCmj)v|7np}%W9`bf!&Ris`m>-HG<JBRd7Br8{I#n)qO
z9BK7Ls%hOG!+r<BtYE2W-5whzHLcrY!=$ctdu*1}wQi5il3LpB@skY?ChwEJ4#KgV
z{v6j1*bJFOm>)XmsioZ>-`6s(s;8!DZiI2?pB!>Byr^o_)ozcgdYI+2mRN?E>Qtnb
zc6$sCcuCVfFmL_cxsl1*wP}xd>>L|c@}ScMxhGto7V>;mctr!RoY7F6X$J#odk-<X
z<;A9#;{b+_Y>NFadTM0)<=Z~b>p|GkF?+79<;tZ$B<u|tx{l9wD$m+I#>P_Sn!<p2
zKjE9k{c$N_k#km0s^mK*;D?$YDu|w0ky+?J$Fn0(`jKX{IiHQDGaDLjNq0On#g|8I
z>-Jb)P|15{%1`;{Y?IXO6K$`2_DxZ$6(+ke*vshY5tiya87?{LmzR!9(|aP{oE;fp
z{K%#_ig)t57t0UZ2wOU4&$YE&|2*(X!rqWGR=R2C-qCCA9%JLo3EsWtpWeLDO<HsQ
zPxgnskAGNf_bl^61<^AvjVW7R;@fMkt&TdOt7fC=%nQr&V~-`|PvTMAx;>T$06qRE
zJlbXKGC<vXFhq_60EQm2-R_aaHzWX%A+jlS^jCoRw-B~;%$#d$6|fs7><zg#trciU
zw04iNapqYm$m}Y;XpU22xg@RFG1i<fpAbaPJjwpO$}!K9qFz)IMAMn4Nz%{sDRJd4
zqPBH=EU$gMs+9L>5=mfe2HI)@%*4ch`><Fnai(<$Ok^9Muj_mrtwe^%rii2jU}`S}
zEgduG+FHK7lrQWJ*`reyZTcbW=@=U;5yk4NHTTQOq6?qgguIj}vj<NX^FE>a6H0te
z^RCpkZja^lF*bv5aY_X=UIuj8t7>w-48YitO`!m{rQ_Q5(OjNOEW+N9llS~9>+2XB
zt08^h`IbK%){{_t%cTEqeyAY2T*di>Zkaf@Zb3B0*irtC7kRVQwr-E5u{&oTT=8Ud
z1r%D+yDz}LFR&5{E}55tN<I{z5gjtr$P56+j%*4Age@Jje@sv~E2;_m4ECJfkTqX^
zO{+G)-+DU6#)|xHc9B=f@;n~!P&PW_o~*9xQaqUd$`oughQZnPM<np5ZQUNrzlvw7
zN_nh><5mC`y>j;^E&qHrmbuX>#n%MD;E_$iCv54M`D22@+Y)!M&<32|kRf?a+_^g4
zN*!TfDRnGbE$#OB-z5L`xT^Kh7(;66Xt&2RHPO*xcD2=c3F>OM$JJIu)MISy;(KSR
zW!)Yd=RNe*v2Kr{KTC_&3jQlCV(Bq9cJ)kML%Z+x*aEEJ$K*eH(nh5JI0byGo}K+i
zA!^2KrC}&(k<9$-A!AkH?UmI0KtrkeWDsU;_@g9dYhxW1++KAEWuFY9d?=Y|V8DE+
z?p3dWsL2S`)PPN<i!~KRNsR%cx>!B(Ut*L%Gl^!ER@F(w+%+qCY9bp7m03b{?}(X_
zl{QVDhh-Y$_+|pg87p0J@5h;_U`Ze@rzq|I`E|7+&L+Gut5hp0lxIeYrE)>A17-7P
zV<DJDH|r+T5!YqYOWvY%x}qg{h#s{dt@-w|inQ4X6-sVgaZqgt4zay1qZ9-etrtpX
zO;6H?KuSNW98s)|P(1E-i6uuHqC;GzY0VW=Ot?0!<e#dsD2h@t^tCzU3>VxVrI{r!
z<;fXxRt@Byhi9GMDZSm$87ksxB?ARVdDsi`k;QTx6P5Ffx1uQd!yQnyb93Y6s*QkG
zlne!P7eUc7Wi%EWQB_I0>4EZ@wS1HfRmZ)9`iNcyw^Mqj+j@A^-ZwnKcV7E1%d8cl
zM6N8iTe~zsmdhdigfk7DD`jyzB{I!Jf3BQL$tbQJY7D4a*@)3NouL1R5Z0`xH*V{L
zV%mW*r<gp8N*|tPE;^LL94Ii#8Yy)-4&Bxml-^vKm0m~rXSq_2^8%^h0F$hBbxs|&
zm80l=E_f<a7JQaxK-DTm!xS<IzElVmQv`*Zhw%%~sY(ov7)l`hjxtnWH)l|CP>0fh
ziWt8`Go^Jf^bfOCA7juLc&E#Oci17%fT~@J5mSgD`XZ{p^LTlAy{?ZV&dTp~?cSSG
zO8HUhSqAOCPBJ)}(pfW4j}@zC9y10lF>`y>ikWXf)xMN05{SJJ@Six&(Hh>V?6N#O
zUob)V2$#=a6~J%gZJy_M2QC%~!3h<Q6GoW36=g<IlnHXn4m1W-AxbS0NQ}(1-$9eh
zMg{U9c0(9?oo_v+lF;>j@>|}YmHByn@(h2P`cx7EdOPoM1+bxMX1&j9ydHKtr6e>5
zRIPK$QlSFrX;3yoZ55t1NqplY-Mig<GIG^?rw=blf1K1?oG6@kF4~Gyz;p@DoO248
zW3N-dT-%*4mfV5X#}T;nrbc-NVr${@I9<E+rmZ}~DPS3v&i+eeRAri#^zTCTMEZA_
Nt_N%~(!Spg2msE5RPO))

literal 0
HcmV?d00001

diff --git a/doc/_static/password-recovery.webp b/doc/_static/password-recovery.webp
new file mode 100644
index 0000000000000000000000000000000000000000..015b968a64d87e988dc07a23bc346d57ad0430cf
GIT binary patch
literal 8582
zcmV;1A$i_XNk&F~ApihZMM6+kP&iC-Apig`0mDK7^$LT4ZQIzg`IGM50T2-rAbDTU
z;}7dKlJ$0gCK5IQ5H^sONn0gt*;s~Yn1*SXh7hJ9fsAB$TL15tx2?|msI1r9e%tSM
zGi`0ZO_Gv_q}8_RPyfHRZT|X>nVFfHnddMwGujR_2^@K3eYL9w_9!qW-PM<pekfDG
z)#zJB#|545zMnEX%;3pa$dY86w$?s-FFnj`jQGj6ZQHhO8&~f@kR;i(Ehy(c+qS-K
z+rR&g*hW$$S84Z{nMU{Z$N&E+H~#<Ce%XH2wr$()+O}=mw(7NQ+qTW(k2B{?r!y~}
z7nAzD=9P5ySmW`^d2L=><&{;E?dhJq1U0AG%e41ov$LBuGM#1Ji2gfb8%dE|N3+z&
zwDkA?|Nr{5+5i13-QmYkcc;|taBY$KI(K(>cXxL;I(K*KJ|8_?)?bgjp3i53%&i71
zm)9#WAW*}bHG>`ZLa`hyP<d66c7Y2)n^L3BXh_;pD#QfzUxFh^iX>Sr9Y;mhan}dr
z*0#26QBB$mmCyhg9Y98IIdxbIEE*vFzI*Qb;qLBZnQQord*mV6D4veHWeV9yg6fZP
zBu8>0uYt5}lMUR&W!%L355bKjMN%x&U1q6{FFqh)+qOef{--tH+TP8!ZQHhOTfe25
z_np2)w%wi0X(zik+wRG>Ymu$_pMd^5awAERJTnWo>R5&sRDd#&1Q7)h4uSU5r6(F9
z2ULT4fb>%!q(bBag8Z|u2B3dui0D7jf0h~rxNO5pN#aG<zMX!$hIat1WOuD`-b_D?
zW+cg1x(%xAezJN(=9sP+nh?9o&YWx?sIofUS%*2crm;O1vsGiw?#;Xw6d9eWSLHZ%
z)>vb9X)L+|E|+jnWpgSP<v@)!&8~fCopaAzVXWP5I9T~Ws4_VfCu-hy*4XZ{?hgRl
zvrBYQOM0g+n=8-WtT9`;B1Fl_R%T7}=Jlb-;&faXXt!(3Y}Ja7{CM8E7U-8rb1`dd
zwP!Z*#F<!}?0<+9q9$?-Mc;_MH3QaI67jXrH0xW?e+O(#7YNp(t7J&JuBu84#fe!p
zfu`B5*1))dfq`$v3$(h#SA-iuHPN^`gxqB=Gm6xcA*nhfxv_{Ai|tlBw;?X8X7|=c
zD)*V_a+os(MY79}bl~PI&N^hLe$(dpK{Ro<pN2p9Wz*LW?|Q&4Lq_EO4l{elVNXD9
zJIyMm9u;yF0H2IkPV?EyxFqO3BBHdwscs&r%I*N{o`Z~JNuXhQTh{rn1GcAiqq4b|
zJYK@b<KlUO)69Mopf{|VF2h2%1NS^t#Ae;#K4}3rT2)YO@E*V&S?N;T8&x#rLvue4
zTtE#@D{VUf=TF@^TU35o<>ZYHKS`iTer?2Z#rBx*;9HHqFh6Nn_q)t7Ryyz^w3YRV
zat71j$v}20O?3awd8wRRXBzxIj<nGi!-<x{vF{Uw%s67I#5C22oiH-7UyZ_4B2?f<
z1Jjc28VL$^&qCA<ScE7z2~7nok=Uc=IO-}b@F|4@R}y^={FlPfYO2J(9X_Mriv-W-
zA#z?8OtvC}Nlvj(OvAYLSh1}x(X{6PaA`97^;2p<i<Z^;k`6q+oUh?3&8?~?4}#$z
z&<G%mvfL%`U2>=M8d3;w0M&<DnC5PQeTYuRJ7j3|CPU-pRDP#H{Wonbur<Ri9mrE^
zQg1XOItjZ~^TG*4=d}KU&P3>OkQV4obOUxITV@q2(TWJ9w5Q_5>hymBc|`5fe_kpU
zj`K&!DL#u9JBB8TJ!YJhyUxRN0%tSx0JH!yF@L52$Yo#clwKSG(``b90o-OIryvYK
zV{!wIq%P<zdZD2T-QNalQ_W94`D84;FDMD%F&ZYd7l3^9B}6Ggk?^1~{Q(#$P@49}
zOeuQN$*4$2<9&Jzz@e0Ml3+g=UZ6Y6EuA?!YZ@EG<c<LRJ1)2Dje<3xsCbS!yL#U7
zx98m!7h((_Yl^eq5rSbfgZL-*=8~6A|0y){m>kp`J?RSw7NqIhpcjc#RboksFm3`Z
zW1!qrmUhM}M5$&u9YzW~LQCH_s`kD#^0s6iEnuZBAo@1;n&2DYdZOdy7I9sYOM%?s
zn(`&~2Y%wf=oA4r0y=!NW%9*~KLFq;SMZphzG!;qg=t2yhb3?j_3^402{a`SF~2rg
znCi4Q<Q!9Vp)gGHFO!Ujb_ODAB%zdN8Yyr*^?RGT-Qid5K*I=yX-ly)#I7OwLT;f(
zdoz|0!_fX+c6y{^OXZfktL|d#m&WLje;y6o)Di7NL%dD5si<+gjhqrs`wYBSbd63E
zH>$O<u^IJ)C?;z05RJI21XbHOvWV!b6khH}YZxh@W*NK~or}83pQA>Ao2b#122T<T
zaHm)07T4w!O+8kzd1Hi4ExINTEMMR`+$SDe#TyUYELm8|ts9%nFvxb$4TDHb8ceD4
z79X^OE*_*k(J2V<rPr?y=uh;>b<QiFq+sB!Wv@0xm<~@$bHfod90({TIP7I$3XL~X
z01=cn9}r9#28RQU$?G$`Sc3*Z3|+{r71}>3t4!!=&*=vZd*v*=9_{1Bm4Hy7TND7r
z*bKV(5m4Y%)DB&ux7~yu%4nF7gzDz&M?^Fdef=nHE}}62%93A-_243#`*?T~Wgbqn
zr70+DJ|cfy@qurzu%fAH=Z@}AhSc%(=q)V(G$VQzc#EhqV3-gMw^8s#Qcj{m<)6$h
ztIUa$7HA*+{+Ze|lUmUM==$ilp#!1#Pe|K9&q|;5>Gn3HR-sp*hc8RD#B<`xjL-$6
z%B6X6Kb+LhtKvaGq;N%RM8XuSs$Tgw)q$R_ltmui=YyTmv|4AM_s@or0_gvNZ&v_T
ziUNRuD642roD>=suzh&^Q}W94NG%nmg`&WRH+i)0Cp)%ss!pt&X^vO#6kR7(eAVtg
z4PGyHVwf*A=^y|jX)%~FEE|#WmdaLtRPmhr1z!Qs5;HP!yi(oXlPs$W=vAl6eQ=*~
zX0%n}WL4fTK~t`hRVjFb&%{tfZYnr{n_t#r9P{%_9<2hnqtjW~^X5R_4Q9+sHPb)Y
zVVQ8qt0%2{{_4la-}7dy2cYWsinjrj$&a%&916Pf&yK;~TvV64*G<!L(l2-{b2li^
zl{t89-q7KRl0B&F3g$`hYmUnUua(2s&b;}{d3Ve5Tk(Q-9{=i>uja$I8b-V&q33O*
z2WW~MzJ|UI00;1rXklz61XWj1H~M)109_8>PLZxC_hDAv8c=jqQA90Z4EsY7BA;)s
zR8=bT$M*ud;&dtiZgTKKQ04ah7N|koeUt0O*Wt1rk?apuhTn6?L3ud#6t~4cZjh1r
z>DQn_ey0KxgF44z9viX5Ss*n)02sZAi2f7DBLIko5CT#Gf&L@<?=%02{u6k_e{YwZ
z?k$veQ9NB{|61z92?Il3OrfJ1jVY6GKa^rZ$S8)YPnpxp6_<^pYSQHL-4iZu)-i}J
zs%ekq|6aN(z0Ad7#`EHOdT2)WHHst5M{XH2!)X!f9M^oiUT7JDVO@WP9dkpA`XTUI
z-zkUZjN0r!L-k`avAKDc7jEs96gsNR=#=&scupxPuUK0mIDcN1gZs;E>6{dss~ye}
zFX$9RWO_TGAi0jVFv3v;$#oP5=)%z%mUA5N$T5rUIeE<fMb<CetSXhnFP#_YAX&Cx
zZOXpE>0{yeYr`x6aL6r!@YISN8~`UJYqmW&)g?Rot<oF^0NMaJ*xNW)$hvxgi0EIK
zzqDA*O#mytZd$E^*J}T<@W2Y~yxw70JTLY900PU&*X}^%&lZ{gd!6IiybA_4Ro!$Q
zKt>J4Wt%K($_+urH0(@Xi+@LL)>Z%gIYdg=I-)n~&iU(^C1&=f!Xt+$nz7j@3S9kt
z&EFlZ_=afD56~%(YE0GcOyWkvzE_*~U;A!zP+ke(zUfNp%>p7!1m7>aLG|?K0>(wO
z`xdCpTo;I&SK5;ON{neG-}9?5+_TB$A=|(uovX2w3$hGWC3tLsG3=NsGMm(@QQJ@$
zxFp2Fvw_Put{um_VUq{O&?(2BS;kj_#J`&{N$hC{^geE+kZ5xr0Ep_Po~g06ASSO1
ztA@(ek*_V_Kl83B84uMCN@8dvYErW*dnMkgy*k%#2dz~z{DPe}%2!w0Gl>Y49c)<Q
z+JX8Wx2#B<@M^r4ZwEMMGn`$?frtgmfW7Pv#zhQR7VKF(ddQ%Lvq7bhbRm~ZT-p5F
z>0F>^EUGW+tS;!BKuz+V&G^+@$H>6GHJqhSjPNn83Ix80W|*}k^Vc3oO^m5^<$?}a
zU3{Bw<_;)*665E46XEgxVQQXV!`LyfF$v*$=XPB8HOAq{mH-UN0)}#Lb{6|)ab5xp
zrA=5=3;=s0ej#3ek3rUaII0l?(O#zj6*agbo&JIGL&=zis%&9YIYV)lT4;|p_6S`N
z=evSJ;oitqFU9j$<svQdiQ>@}MQHq-01FPhVF28V<PDuoXmFqUH@0+D4kOrpaeG@M
z9C$6;jDf;BbvSm{Lbrc=GQN9#%#K`M-=>5*cIr!$Dp`oj4_A?8uqx>~|KdWYo(3|T
z)T-H)ERM_)&R*WDv(&E0QQIZ(hYiZAZY%(dtwDv?rVgg|Aq8)t`xKu!5P7q!b#$)K
z{R07&2@+I0EU7~yFedfIY{=!{SUD*2o{U630%QcrwC|k;M1H6D+*L}7yugd8?MxMp
ztSCW|;_g!DvS81Cr7jn|Zv`?1XPIv}F#Sw)5`da9JrM#m$$Rp1kz_nF{+FDKYmV(b
zx1!rIUBA2s7Y!asPmHN$<pyg)QVND~=#!XXBADrizBSln?byO>5{3TJa9ms22Vh#z
zDNDw<D8Q6oWEk!Ru;_r*W;voU`n3Q<D;fZMY7<0Eg9V_U8_*7)NLkT;ej)WIn%V-q
z08Igaot=#MlU1jD_x3|)Yuh&tm~R~sfe7h-Q@&TA&?|GO-uE`dA7FIreJgNri7$Hw
z1{@iHna7i5uqs(O0Kn1;xNI_1&8|T7O#m?bJNNvT;{HYzAsN7gU2rm1&4-^AdLPp0
zfC%0s^4DhVb6tpluQiY$+c70MG=Md!aK*0buuIsml@0&`5rMJBje;&DC}2Sl;LS%c
zi6KMLaFP~}4iTj~ebVgN-T(lM6x<<b?o?Ql`er%_0BXkcL;%Jlx$fOd9SkULM8w&+
zf$2{)06<R+sRd$%rg7+#m|-HsTolDs<$$$g2eXO%Lr42~Ij%%?8AhXVfrh1X-v5u3
z%DPev79dr>5@OGfpQWDV%23w@xi;3q;11HY74)GYQudou+HNv9!uVRMITLn}s8lMO
zIS#>{&vgLqeC}mal}hEp4RR16(eKeE1#3%nVd`3w9lKyrkNh;k)hhuh8GtrMsZ`c~
zcd`stC8M?`@p!)Xp~<pT&91=2w<lqJ7(#1lrnPVSWY~qA2<$gUl{l2K59#vw9Ff<t
z_NlMQx91<}l0&t_lG)G*V^TOcZvbK9PRjDUJAsTq)2YMTG$5%e08me7g4e!nnMa;S
z;3!B{DYs|W<NzxL=fZi|%P2+?32MglM8KLPr<ivGYUl@-&@cTfiDq)1#GxmK)XLkh
zJ=)*w5DtA3GfadPtD1?FWM=Ky!E7R5L;qYjuG0(wfMA7+LHv=y004Uc-nh}ptT*Wr
ziznLy&_P{i1G(D%-oY!$#11Q9q8F%z2p*e?D18K5xbdPvn7Bw-?>B_I`id;sWCLUw
ztV&kK5`RX3Y}l1&{qHUjlZy&;0A%py(iS(z+Q;;X(s=OU60BSpp!6FD4%H4zu3vp*
zpeNN{{Fw%IKmdf5ZUiy{>mNRMGw78FSP%z<^MiZmBNztOHQ>ldPmi%71Gi^;X#gt)
zCn$4ZrUxSl0Aj{WtVy!@@4*{wvW+zW06nn;nqRX8S9@sl|5A2b6y1KCwClL?&cG>*
z4<<aGpY~Gh!&0xXb#)faoVRwwq`IcywX@wYe7?%VOP6_f*_ql#P?IqLuxuf6)h1Ip
z!TPwEF$@D1dwa)eOwuLvH%+7I=Nvq)DC+(kMDUy_8#oi&viw4f{E<bN)uu}LmUnll
zC=}lQl&Q5m6X6#W$TC=!jLE;c-qcLGge+CFtGPS2SUkTm9FtSy<D0p=bl5-NkF}3Z
zlXH+$4P}_n*V1H2uyUbT9X60awZoD+G!iu_F>*ZiGC<Fn`+6jqN5+>aZXy}M=0!=j
z;S&JSb8i_z6Vkj;$Ei@9MiPwL2t2zMqe>>+vks{*ukSU>i%dcOq8XSM$;ibaX3WHz
zBvX<4!6>euEotHkc=*y2BeHUqRzmQxhqL|2h!IQ9z}RtNiZ*XWbWHcnC;!B~I|~GH
zT>c-#2^wv_XA+C8ddoR7lih^Gy4nn9kbE;^Gr@hz&TW=+*ujf9i-tHidUfFO1;&cx
zJu`e>L3Ot>880eb;n;lZBAspGR#uf^VI(2~5j+zY4%oPNCX-&?_(qRvVG&HNRJ8Ek
z@!jLwhN~JEY@YgAm9%6~ZRrA82CEW0`u9SJZ<Z`e)$D3scE~y^YHc=dq%7=HrCBJ0
z+tj3D?E~i=)^}I?rR*VW(AMli<aNwk7+qHpQ8?8OOPZkp^rU7i6w$l$NjN8qarXBB
zqVt>Vn2fOh>PW*E*aFbw=rHb^A)rBL>*sF{#G1hUD2?s_vcaCkUFVc#KATEGvc-Ed
za{=UxSs0UK!<o!(Fk$~}UT1L5TzG$aVnkN%+rAcj&KW7Q&b2)P1HU(pvE!nkP`SHz
z|EDpWJHWf|%2KAlWo!F~^wrAg?DId{PI!e=CvWA3@!qmLD#?XDbk2L?^GI(!FW!X-
z`(08?!!uOUJ$h!!JJQ8pNpM-E!+Xp+f1}a$?x@#~0G>(3XZ{<Pi@}2ZY0T?!|5_Yf
zuxOCM9C^Zr1r|ogV6j34Sh_bjAs6cC&4i<4lqQSgC5j>kr{r-j@_1AX@|LSXshOxa
z1<YQ^!4ci}cLPSx0^HRhXBk2>vM5nOIgt|RsDBRN)u=apd%5v!;MQ6v5ur*l3|`^u
z&e!|f@N&hsh4iZOvK4PtaHV)_Y+@9g&3bCyI;xI@e0=p`UeH(P3M@4b^4czSK{%>!
ze5mq6f;Z&-4nt|a`n!McHqG8<;cS2_f-1{=J<c5q1}BRG3d%ku03RP<Q8fY;iY-3Y
zVT@qm<<AG#x==4yeOpSenYQD_TMDkg*~DqJ<p^g`7h@b=KDMiVJfaj+fYs^rwO!(Z
zaF;)lt!mHwhX?3S)G`CJ*I-J+=U;#AjY(%>v9hQ_LD{DS;E_BA?kAx`No5ROrAk2w
zIQMOx^co*mym(8&6{t;2@B_SN&c`?s^6`cZSZtcvsSrPfzP3wT5cZqHed5ChVfDc5
zHDo0x`dl++oLzOdELIj(C@A}s+;ZQ4#E3W3p`>z#E<SK50jqCIjX1-Kw?=R^B!dM_
zo&w`Y$j6uWEUK=@lGE5U!??C9@;YGN=0B{UX0HR0%V)auZk+T>U@@{Np`dJ267C)^
z-!B-U*1EFaI71ge0;X@fa~Mcy#akn|cCmJ=2%<3<4r@X_eyeZ40+hrqJ|yGXE<w}U
zhX}}9t`wNPA_og6)6NFIh&~mQkwpmwWt);*a~5<7MyQ=^R4;rG)Juh-ON^H*zAdF!
zN$A8|s=+GWdX$NRrn(G_BPAbO*PauiB5wub+AiVI3v!U7*aZg5-}u4*J0fqnQegI~
z9Guf>sq27XzH>GsivkGBHYH{MTLBoMLRzU|db2*~sFw;um)|_m%T@K3(yJtN;w=PM
zino@@YfD@BQo4?me0*tjF|b(6xVB4O5<5$Y^FC%IU~V}be3<n#hFzlvoW$xK@ixuR
zQJ=>6Fw2RozzJFW|Ei~a1n@*2KJ%aGKhbF65CT91fd9Y*(SM@<ME?!1VbjD1n&94I
zv&#PN^r<ELLqJP8-q|5v6dJAIqvGyF!{IX>-0IHcSKu%?-OUk`_Fj`VzTI!3Gv`in
zya+8exnLeS-Hvn&Q03X{d^f@xwtGc<fK};68Qp4hCGbD@*1=@U)C5xgbd{`rax4&9
z5EUcN4}c6W$lu@pnk?mpK1H6GDlsJqKT>{Y$Q>TFN9FILctkY&V855Amcg}6`qQpw
zw2xTF=+YSSyH=0nvlZ^5`~_f%Jp99d!}h6g-plq}zNZQy?ksyhO9kR+=!HDtsSGj7
z6xxm6$p+>~mBo#JrkErEfW8})j+=HvEI{FXF&8&a6#_uvJ%hf1CIA3U007zt3sraQ
zR414bs_rh1W6TIe_rlq?xxAs{gNL44;%W=gt2~8%`^CJDpcfpYXK*ad7P0Prav{0^
z-AED@@-2JM>~J{db6TcRs%|ApQ!Yn23i<YwWd!SAU>R{jq2)DZl2PeA>BMXb#XCj^
z0_-JTL<1ZPIHvDt5y67)X=YNfigfZA2PG<%gjqqBGZq;HEA-dXXtCoPIX-x1jy`M&
zX^QTB0cMOrIFpD9auy4==CeV7J^5<au8w0}m!4sn2|d9mH<Kb|n$DOHIV{wA*YNjb
zFaUcp3bEcZ0zGa3y^3%q0zA_Ia*)SOe|&a$1mqa!ePc-+YGP24&csBNqcRQ}T^d<p
z^W-v+<IxhG;m8+&`;K`hwhnkFq8*H|wy=xiXp7B<z;BD&N$c}Wub^2H(R`fATq;;M
z<q7=F1eOoa!z0cN0)PAr@Rh^55t7hWSm87Z`JYDEyJBQy#tw{wMj5b;;R2B>Al7l7
zmQ#pL#hpF4Q0R;Z3%4xs0lMnI!>+KDR23*<MGM{-AlBmMpkm8mU|k5H7oB>Q&H7{j
zU$_M`Zb&BKj_RI)46+yZ&8ICHbF~1doxd>-8pWP~XxHk#zX0IyGTfQR05<&uaA-T)
z`fQSA$d55aQ7%LmAw^McCAq2@P7m6xuK6^2)w$Z&XSdru!{AsA6GaN<WfEApY<=f%
zG`<Pykh<nG4jN_2G0NwitDEfaq1)QzXFyc7q*s{2lDmj$M%8hw1v*%a=?wY-I^>r7
zT6T4eoj$DM&NjwGrcD?JjdkL3Q<I<2m#~QzbQNKvWGa)k^vSTLj|Fz_m9cvaj`hGo
z@1gk~#}NQWgd^ka)XLlCmKiHB587TI_;kkqaO4lzZdLJCn~K1MO|%?^RlG0>AMy?l
z+F8K*LlZW~7Qo&kEC=p$yUy^qZ7f@39<(4U#sT<=eQPL8*hGuD1hGm~>_%K1-icf7
z{YM2*xBi11KbT=D{^CAzFJb0IhE2?8FqikDmpMFM`?3~5jx{HA9ZdiLng9Sa0RU(M
z0MG;gpa}p#699n5UAsOO67P$-xCzJ*oeWTT12b?_fu7G3mc|$ZbsG*z7ZQi#=uM=I
zyqg1skKiW&jAKkh|B3#a>x@c>bYF@emO<te{eL)earMXD!{>&dJRegHdV4KNl5|<!
zdr2V6!({qlX_6kEJmg`L{jfM)QuD#X^je%G(SLKX)9!RRWuCn$ZT)~q1C^?Mg($x@
zr3#~-7(dQ=sa8i)Mc?^%H&+)`d^OKC4KE~ccgk}$Sqd@Dc;YRJpOLcbZ`jgJ3u_z}
zlpKW%n;scCBk2!~H&(YIPY1P;xV7V+m+P~;CX|tgTHSdg#W0MiJ;DU)K7~!O=RNYd
zBwbkXE%9>Un9EJzNSYoTt<;=M8(Nd3_EOg~s98F<MM48`f!dx>UCU~(nTKhi+@0cK
zm1#HbcxBe|`ZKB?l<r{eh(xhn(tTP@6BBs!_k+%hk}p5%SrG;0(}bE5+2AWB_iyH`
zu`OMTX6XPL9SYcDV*FkKNaiyf;}^ob6q$F)&kJ+g%$1^Er`JvZzqwXs6?QZtZ?CUu
z>t0ay^ZwSN^e<N)$ozhJ&AasU<YDc9^7`^t$#3p#!gc5J>UU{Q@&AUhzwC6x@sRJ@
zhOF@-&Lr|l0;gQ6>9v4F^}YIb?9~nWbYc0tHb-kN?JM`utSWYRmd!KX=^fvVS9vU*
zlyl6(BF@P@lQdMBW?|}^{rR7x87g^&r?zh!9#l4MD7YF-Df?8Ew(E=VabC|u0b9iF
zcX-XDZtRxv3t``kY1{I8B`D%b<<o>s4Lo9D-MLm~b#v=OMKDtj&PJd0Z|k^g+MAk4
z^3>$f-M!cOZ{_rdhP03ryqBJtJbZ0=n}i%rq!;J*NZ8@%!NCg;|CJ@4RF`QY(nNFy
ztybnpF6PiH`ATVVhA3^C+WY@~yOCa^6oP-lwi}DcrQdyK9xES}L0pxG5Y9;nHS4I&
z@~njmg)6?r5fA4?yL6gl{6bh2Bbtv+bEUF*Ww%I@A;GmW?;z@H%iCE`HB#rtUEMcV
z)xD9R{i!59HhMy?X?R&k9v(iEB;!{h_q8Gwyq8LUv*(ul^4}%3L}0wJMB!kz2KBnA
z@p4ngI!3OUQFOt)*GigaQm7OoP1vkxdOAOA_$#h_C0U;EpNNEcM~En<h*q~5X$lp-
zMT=fVM10<@;1|MLtu)ximFo5kQ!Lb~uF}ff6MAOqupR{NPw(o!A++4qaYs}5QTj}(
zjYQ@{jSp|cMU+_9=H@dZafq4b>d|ALlF2C@D#;J|5&Ifn*nVibc?qoh68xpn%t;w>
zLFLuLB`Glr*F&9ekx%{JW<f@Z;f83gRQ<1%xaBX@TA9<$Z4Z}Le@fCV?f3QI-Hqi{
z^>0MCy`UWorsD6M;j74pcc|V+5u-Z~tQjj5G<8ZotDMKAor@aX-X(ivf2B&>=5ww(
zb*YjW{HaJMp6rfqKTO7~4sVsc!_;bLH`URaq0&u`^NM*GUFCG4!1M))|B|&0YRZTd
zz6oKcc6N4JV2eutEQ;+8BgFDe?vO0vN;O*t%<`)4Tq|=rzx1apkgW)20{5nGudnr=
z#hOTRee<&vemrV<WpU?$!Hd_Hw<Au5`<VQ9X5{syt^4{e6RtbF7qw{OQ}eVmZ6?N?
zEIAk9?nkPuHa@0#+|XC~4I0WTwLMA4EDWrcikABnajmFUsymm!DZg|5`7eolx-{Oq
zO46qn)<`|*x+rRtrPsa*qW!0TABw4(IWP3j?G9P_;VoM9`pDI~*K|L286m<EL#gg2
zU+PX&ox>w-h!@w&tdrZj?&2=G<$+8^Fq3-QJlV9h_coS>ui|g{@8xG_4p=5N@vXJp
zJx5J>%OglW=F{aXiC@ytY+m`I`okQ5MRmI|_C@1Mr{{A>_5YD7>8CZXVpL-auI6tu
zq%WT*h6em2Z>0Z_oKI!_VsC~|0QlARN?>u0+)*0H@UhXG92tICl%qG@J#=pP%?kh{
M_z}^6qW^}Y1W&20LI3~&

literal 0
HcmV?d00001

diff --git a/doc/_static/user-invite.webp b/doc/_static/user-invite.webp
new file mode 100644
index 0000000000000000000000000000000000000000..9487ea589a48d18bea8696a85c77171a155df7d8
GIT binary patch
literal 14574
zcmV<KI1$HENk&HIH~;`wMM6+kP&iE4H~;`I0mF*`6^r9Ya^q%pA><!4zzZ(_BVqz*
z1rfH*QZK!fK!<<?a08$K-dO^jJ8i51BmhYO>O*3p2S;VOMH^@7``zRpxa_Gr+~RlR
zE}>`@5kysg?XX)j-%rn?a)av$IUSEnfCI*Q`+E*(C#-j$k9mJ)=i!B%UGTi&nd#9{
zG1GH@#^2WRJAVX}=y;=tKu5N<MUu0f5m{(y54->^LY`ciw228>@)#Dt%vdnk%-o`;
z%s=z1o~$n``WFw0l_HxP22#vS=~M~4YP5I@qZlTy*}`EI>yH%kFq2p*D47${WMvG5
z+t{{MWqsF>%n7YzQY!)?da~%SjU*{<x(D<nBa0A(r~boXBuSAJb<B5d&g}L+8Wx}b
zU+<>+M{sv{cXziAog41%?(RB4X1Ke%ySqE(;+)_2`#XpA`@?mTUTJ#CQr4meXL4;@
zc6V>*5*FVwKE!Q7JJMN)OX0#CTQj<0XNnD%H!jVZMO&m<m?S&bI&4CkQuH=={wJXS
zkRVBt+GGO`<ZEWpt(E=9!2JJnr>(m8-g{(0Av?K{)zXl?lM6R{@4ffld++YO_uhLi
zxFLJ5?nU>=xZ}M4_dQOq?zwuqz_Q3ztmF`RC3GMVh+mu`)DYyT@JFs*wb;7oA}U8c
z5Lsaegk??;Cz$G`g9t>3L0H5=AO}ZBSixAa>MzKbWmUL?sLU&in(9PwQaPPQrGx4m
zK}7!{v5}-maxPpCT^&Qu!L;UO|NZ~<ZKHps+pi~$nYUx+yD=Q!&&<rs%*=QFb<Diu
zF*7s%?9b=@_Sfl{SBhF6CXy@5Z8FT{R8^v;6jc-@1COjL9OPBzCaWwRIciD+SIKyR
zF}SI!i<AzmL~0Z@Zk6$Js+wy?mX@omNX~Jj^l*@vfc{HxBuSAZD`^=bqIUQ21(a>u
zHf>2?AGU4Vwr$(yv)^m?+`Z4mE1h84M%XrIsFplw+s=|g4{6&d**0d{wr$&CHirQK
z5KaI8U}Lsz+qRkMAOHZeP0zM%8@J8=J8&CGk-SWIwTv&2`~LrFJ^z2L&BkWi?ql0F
z+wu6M+qd>jYID@YwaH2D$%E;PwT(MHNsZ}O8<Xvxq;9`Ujn%f>yVmWU;7F3BNDf<f
zB`)ZU(p~i54I4>{RMW>8@<WBOL}Ss}IzzahbzFUp{7B$Z94A`{FouoqQg2~bAdKNY
zV0t3>ZzZGtqjs?XEcW5h23ym=o!pUX(sdJKdk|(*465}xS&({e<25<hWjza?zp@j4
ztd7v#HLXDcqy&4jXcIbtZ|W6c4@T6hU-^8}cr!&zj1O)JU@eoT`R+jV8F*;IcM7mJ
zZA+@O`YI?vVP+&vI19lFk^=0^<|>1t@zzx{-t$J+H{EuG*`NF&K<_v;Hff%*kj-ya
zqPm_p+YzjDB69F<Y@v}R?ib%iG(0h>@3l~XxnZmy<5vt*i&H~S)ATewHSv({fRL8t
zD{E3^3MH*v+q0$w3h?xCZ+tz8+-I4VP*umM#|}sUv#MjF245Pze~C>`#a5WkUlwsK
zLab<#UMDVHB`FYVVFa}<^I&W1+WL$xz5ua<xfN?bMB@ZZDG^;DqTo0XlhI<2X00a{
zpMq@tIp;UDnuOfI8qN9bHwD!HqP}i4lC`OF7}Co`GK;d1gRlmWh<pt^>_B`r1Mn*m
z^_P$~uhFU9yPf#F*v!;c>!C7Sz#A$nBcSc5cOsJ6khF+Sk0;!UyRlQO(aZ!t&Zqep
zRL6%7NFZ`&u8`e{nsQ@y<Y`iAZhNM~#VXHypU6B0cRmwEkQq=>Eg{p>T;L9pQ6BR}
zQVNUcHBz4eEnb<dM`<h@ih9ok0&*p4;WBbZlUc;3V0+HpxXEPVR?c~JG&h-e^i6pB
z>`--tYQMB4sT9=@uTlgNfUO1hxXO2;dV?{RSPwZXi1A|lRzQhKldRsk#3T|#G=@Yk
z$R1605t)K#ayKhCnK+N;Hyd#n&Y6qpM|^y}q8nHz8A(zZI@>qvULl&Bso^L7OGMw;
zHaV~UZ3NzUlM}h%pmi;8^jwKrz0Ha2gj9w3ncwD1!-Tj+T&lYN?V_2h$;ziIh{y|u
z7B<UVR)OL;`6=&?gdjCzIKjjixVqYh+f>F6a3+Na&-jr4HqlSURPyWq_)VqXAfOd#
ze@4lO0P;963`zj2zTX4efy)DdjT>>{7hx&*7w#uaHMyBG02V!V`Dt{taEW&F+Zn23
z)WZPqD5ImQFo_TS%zR$#yN(Si0+R<X*(*cMFRx_SSnV7n;lB-o#PX*t09eJUCTN!y
zk{Mu17(&UI$~<!-vMQu@nI%Cf$Rd2tNnqt|!DK=1$2m8d{P>Je93xYvgqBy*$xVL;
zush~NFC<yMvz2jj;|J&AjfrnmUm{KtcUg?O?&QZre>TrR$rdn}qgF+c$bLt}q{jj#
z=ALVozTi#Ie}?<B{;;&kjSGo3-LeE!M<|$#mQ>IVk;i>K&)iMFVkfrX6B)w)AmL4E
zvlCJ3=w@o}NSBsg>1<#>ZH<V0%skD@C?FYMW$IuvL3fN{n(b;LtQO6sV=}q%$3U+G
z8nP*t*QVbT;H$rRt=Q=UJ#cXutvy+S3dc0n@bh4HNq_eCc;(##{rcuSy5EAN|H+dn
z=e{K1*oO0zT*k;Q`D7VXwgA|YBudim+Y2En%1$@Del&Y;;@s-y=ErtOFc&}5e9$}6
zMP??ol75hU8aNWBG`Zk%%`VvNLB9$8CHG5WIBrDS64Prgl5)=mM7)(LU@gFLCMLBX
z0+kaSh)F<CX@6->YOB90uy7izVo?=EuZaq@y`CG}`R3+k72R0fMBQ?3rtzUV?hOqa
znCu2r&A+*x>QSyzu-)GqlP9nrz$dnoz}V5W+llW;P0E#sM`B*9#3wGv{@L`zB``rE
zCKD+z+#HdK%qkRBg(wMG7rwq#m||kqy-CH26>rIz2otQPQ5D7UNj=d2|FM;iexds%
zeH4w!Y(Zt8z4p&TVA__{B{7zUGIqMaMh!9vFY=BTrH_Vca1Y(wrv4?zf|IhoNqt%>
zwiW9H1-uf+uR>9Q_txwFf=8@2>sWUew#{Uy%<De$?5?h^zQ-oN;$aJqadTmU8y^#Z
z;>ffuKZJo)#7+bM2KXh4IzffaS3>U`y$ifk8cO6ZS>6ck?>KO{N4<YxupAxF9XSCn
z3nvf}H|3nIz+(}db(H6g05%mh{*XQ_=4_0rr^w(}u{Oz*wr~@FnSH|>`1$>4wB_II
z4J}E0)MS2~n|}C~Hys4UaajcLdD_SbA7cqA=TfgHQOcZDW&EHb>eZFFWBNj8U+`*M
zatzws$J%?kauCtj0h3Ea7YIKik6i`R>8{N7+}zx((aiUqtWN--%rSh&k<6-cu(D;^
z(LJ96)Smy2R?hiwM?nF_JQ|lQaTNnf1LCeb2NT;1C<(J8v^v&g0<6$o+J45(00Drq
zL=>N$m3@csv$8#;RWvsKBjyWiX3sl*$CXyU3l}a0Ip-HZv0xF-dA~!vfff1v)?U^c
z{T0ArPnxG5_-NI%*~KWnDSox@Ycl``Deuf_X7!p}Y?ueeDcnTu%2Z@@$E%?Qos$Y&
z^;Ha+jhmmg7s9!j@J%PS9c?|Q6R^j<o9w?g(*5YC{MCXb-C9`J1Q2<TvhM+6Zkp;-
zaP;~Ca0O$Iu@r;?c~@+%4(i|IDmarEL{!oRZ1_2;2hQ(LX8RmC^L<wSIJN4o_$clb
zh}N8!O#u|Vh;#l1{Oxae-JZ(PGwih$e-s=Khx$C7X8HN5%07c+nz%^t%fiOYTNc@P
zYy<=c<1#<p@GSo@nVXYZ>cH9EtyV7Tdf@l1`A<`)ehsj|a=kvV{m})X0ziw(ul$&P
z>@fk%GwpU^dG1g|GOeZMr?yhd=?9ksw=oqt{G8MSXB%=qKVcnVfm+LWpxnNyYQYS3
zw0wqkJdDt*djr?~Zpvs!<7B<d18IlO&6)I`rL*az$;;^h6=^10fBZ;`%F<gtJ@vLR
z9|r(c|K3UBIX(j#|LVlK*0Q%jvT2PYQlKcn?27_=ivo$fkN**RsDN>rnN1iC001cO
zFs(C1q8?0Cc6reRCE={LPyt2x@M-7C()4;oZ_z6#!Iz(RV<aR(RTWt0+`JQ8l&a<9
zly?J;*auMVF+%82|3BijP@v#doOAP;4UGU41z=WP`J^{?YuxSrh)s`$c<s<8&tcm&
zZy2)K12{i&rl-^t?~AAu%v9vr-{PwvHWjr^MF3#J>7gpf{C_(m@gWoah#xs=3#h>9
zcP#?|=3BPJ>@zBU&TZY#j^qWPsA`-0@%26o`2WC-7l2;DAkG{33>t?Q17?GwI5GQX
z_kkWNTK<XizmI$`e)FRbR-wn4d@P};CQwitfR`6&lK<98s={pa)gFnS6SW%%Kvh3>
zPM~te;+1~_6(C4|Il7bYRLkP;O<8jNfXg~k9IN2tMy~zu?Djx`2C%CbF#@Cj&rXtK
zjJiI3{B}o4e4eWi&u{&vM%ca=OY3`fsZ;={!G8@4q~637zyc2*Evn3sn5JFWl*|-K
zo%8$@1rW*{ruEw5tzIxYEON*)pWZw$7Q4&pdjem5HIQv-svzH{J$*zqX8sSQN_DoN
zt*=yXu~Z1W@gHDO0Y$H<ie81P$D?=%6un-rz_EA<z{&np!>qQK4`SJoThkz<#`yjN
zW25JEh2m~kjgP(ay*<zrpj6h-08o&napN;2I-*rY51hh>bA<{3j!HUz>T7v+TfB*3
z`E&!9J8=)Tp!Lbk(=)9xV`&^yw{0{d=SmlIHqXad-7>rbz5R4Gzf;ByflJY*(hbtH
zd~X>q>*TcGEePT#4CPrAcFo=NkK7E3NB$=7s3n1+LzlH=<tQ*8xXN`kHEh#hlpIWO
zGEU{wPC2;o{gxsEca=xAcAq@E3cfDEjWZN+1FCnMHI;>F<$6Eaz28u+{FqjaW*Ps+
zIFknSc0QOt`(minrNly}G#jRJZbT_0+}RYfloi1Jr8givZJRa?1K7Lfl@+hITpUE5
zaKOH0cv4rWaAfqZ4#o6TF6~tt6Y30`==sfIDE$ODGRimw2dj0$`WdxhYi|BVtx)Bi
z_{C2dZS`bO@m)#hU5r!4vuzeZrnk<n`mTP|vL=D{ejrT!7spjkK=Q10F<cQHeIIsv
z^_BY#=GGaqSg=h)5rtmjS(=XJe7bPsD}(Y~dqb-aAvexI6gG9i$ej#qMD0(_9$XPu
zh3>=*G;kuUgu`(R>mZrEnJb4V_%E3m%kP3xmU;<yHs#@40(bx@*k#P?-LCRw%>kg%
zx6ZmgpDqpx92e_`PFr=Rpr>F0qua3ng40m)hBqUCei|>M<{X~0xV8QSkdjtUPgel}
zEeB)I@cRIn-Yg#iHh?yRvAmJ5J{y2UZ<_C0z>r+00h<ykiFq+wuuTIpGXMfebU!T9
z$c?WI2LN~J*jAzN`Je$N9?|hoyE8jXYd2F=AZs|rYXF-5F>!EHhM@I#1Sc8<K;~>J
zIw(*dk%sf$qfRuz2)E??fiD15I5IhJb^%nb0{Z?%mF1!+vWmL7yStaa$f%{Q?d@fq
z@E!m-%?0DJrh?6=*}3K9dt=;8$1(8O1=e2}0>Dt`2LKmJgskbD(nY_4K5=(<Z~hYI
zuK{e+a4Oi`&H#XXDi6txuNsN}%eD%{xAsL$O-((97nQv!$ATgPP4$?Ja%YHxn-XRJ
zRo=&&q9S)T6&(~nf59T2x8S_u7%K(<|E9vRc?sZ+Zdd>zxD~R_Od&*<7Z(|5W(aK-
z*JC$;t)bQ80hr%hQMumK0oLXE$pRppM_vGV95w>L#gC-W*M3x{90}Jn7~>VHkSu<D
zqfjO}#;wn_3WKpD0F=zS2QPG^GH_EyZTN@5MDA=l7Y!}LQTiA=W`#lp$t*$n|Hw0G
z;F4x8K`dnCT?W;`$5v~R#d4_i`L%{Tk->5wcuVskj&m~MdXq7{7d%|X#0pQ`QxO2$
zF4N^%ktt0$)Yt=4n|;Xq1<vpOEr9!{46bP~^pB)IV`DaBF3J~Y@Z*bUpTWXXIyrHY
z51T$7*D4HgCsJ~Dk&<CN-o?9F1vgQv>RdvmytbLGD<pjFb3pEF8r|Vtyz5pP#`H?2
zk={d?ryEN3q=Gyw*VFa?@?SRB=)1hCr%dgOU39kUiH!H8Z{uZgyuS5=#P=q{y{hTR
zMND^nxnWBJVFcBX;cD{8Rll)CiGHhk{r&GC_V9Yvbz7dmV4DV1!6avdEfS-R2dgZD
zA73nPvFi&?&FQG-Fr;pIPE5kJ3PRyf>{+3IU&AEDx&Hhrf@>kpa>$gqoq?UWE<PZ4
zHpN|uZ>(IpG?4GAkrt&l+cV)ryvu412O(qXMQ1%s{`DJZ9t>xa!p_sNA`Uzt-i*AX
z{73yKMacnS&VOt=Kh%HJfAXT__vmIXe|*FX@S+GdSL$@G&#$NJRavZeJKbzZy3kPH
zP*H~Hbp1jn(e3=Vy3eickJQaVHQp^2s?#kKI-X9~!eAfOZhyUQ77`j-s>1jpA*{_G
zWD!J;v-K-S>7>g=&@;rI{9yVCcB9mu)^4A1Zu@PlB6r+gyA?+A*Im5h;(FnTI5ys_
zHr<XAyr8J>ZvXQEU2clWGV4e+!_TqXm)gQ^54If!RTr_@mJiZVCKYb}B)XXlZ04Io
zF!RFDm9e(UojdnGhbC&)E0#rqk9lCxdb-d@3k_|z-?mtb-gbL+Ne;@?LArEu+puGS
z{e~KZWU7FgzZz}a`grzODh?TP9q_!2I>@6!rE-;o%1feFKL7{jO%t+26!`?ZLFyE@
z+wFI{u(oDtdu2&0&D-D_>S8-3$=_z%;m*5mGPZ4^BQH)m!ItN8N}pc`v1+Gg*cj+C
zJ_N=euCDi=;#oFxRx~tB2GrU}2YJ~LDVIq6z2RVIH1zBR{RB-u@!<uc$S2tC@x<HM
z?e>fFylZs3MtNy>d$j-0Dt5Qt%iU&ME|X2eHc)f(uXn0yJN14px`lhIR#kCaD>m*B
z<&>@mA7m)cXq&1R@XXmUS2L{AdEoxWn4NS{v)AdTpZ@1iSIv4Aq?Qf=R9AO&4@dwm
zj3S?4x5qw<f5jebZj{L`C@U?*X0ru0wRM=vmO{^w5MIh=vsJr9w}@`l>g#xd$Wz5q
zQos25NeK-1q}bTlY39V!Lk=C%CcJ)~nmTilDUv)rJ<ZjTe;^nECA(EGwm!V8Eu6WY
zVbyMgQ*2ppS2`jlLBgeBadC0!zpVosKnJJu27~dIjw(}0Lg0XD@w&`4y68$iMg0MM
zpj+ub1Rl)zL!d=>ZK$f95o~i1+r<4sylfIqQgmle+-0fFJ}mv@m-ITc;UM6=aUKJU
zVTg;aRQW6bK!X|;Iu^nYBcs4R0v%;0`(2w1rCHN~o)nX(3M<1^dx!3FuRhtWSMQ`-
z%*1MK^v6`Ie0~RsOgtr6uzD06p+OelTC*=uBM~~wI0-o!8q=Gt#`BYJj7#VA0#|^2
z1UkxXqHQT(|5JSj$~WvUZLElkySdxyjDOFIXWK)5-Y4}TL7xlwxr8tIZ(q}$B@O@C
z<R|=B{IokB+?TRXEX5Pg)k@q?{byx>Q2$Z?NgFYseuOEj8;VuLPjT~JeH+5`l7+>H
zpDSMazadnQ-m5Ugk8*FthMvr0$e$1@A62lQa_?e>{s|QIAN8M0FEu>oBE8IQO`?*A
z&8bB6LYZH8jh6z52yl|^!K;5iRpTm>xg9PkCI9p8CVTUyfTnvo1$RsI@`iB~8m%Vd
zZxnC<Jc+y$PV^)u0Mz!s8`<pIC7<Mf09$C<dgi!OA|-eb9VHl(C<QpQYR|N3Cf%lj
zpu#s3e1d!CvS@5TqkF$-BJ&k8B61y(gj54+5M3wOgXni)1&~<t!o(!;K(VZ25tFl2
zhbl=-T#Z1^;>4tZQ9zvoh%(8ED6GTPD~Ay^#12H02{s|}V<G2-MAPn^oD2*mimcS|
zJKg9+v2dc;&Dy0VdaeVtC5k)u70p810p4*$O<r~7uZWs4oQbHGoT%te0IW^44v>#%
zZ;dDlZZ3jB#7+(kpg3;;#fV%)KKPAm06dkbqyyz9dOiRZz;Q%_0U(w<Edu)U$u)b)
zi8?~#9HQR<|4Y;g=u7l-X!kv$LeMyws57KflW1ZGYDzR+2{4(3XeU8=qHF^7-vG#t
z$`V}x_;#ZSfObTuIzR`K$R*moNktUpKsn7sVGXW50>BWG$SVa`L%xJx676>A5Gt-Z
z!0|*wqL}n=FLuzm9YQ>v9S+wRh=?wKJ5ZV^icP6K1-ax*FCgkMh$sjSP?_iq?fYv8
zt0fr@103OZX*Z&D&C#FegAhgbWE_QhwxfWS4iP~VuFVHVAkSPSv^2g;^fO5STKW^c
z1s+7_%BE0*x=ld8gA`|?Sb?vZhV>C#6CiRfQ856gOKL{cMI&bngZXgt9U>p}Cd!Z<
zz!C0=GAI`!B0ov*BMLjIT4&&VBJ<HrdrVAe_hz*vaykOFGfO&oC`!}xvO=CD$WLW@
zC%5;cbO%G7mMHx{uKu=x{JrH*$VU|1ToNuNB1&?F<sxEJxEHH=6j4zZ8j?>63NV$G
z_SX>AKt-<v;2J_~dO!yCP@<nh+J_4mlBRYCfZl~WIvbqMP$A0x9tLwpuk7chl42}&
zOwl4ozxyd+8fuG6J36PoC>a3YUFe8l^Dzaof%Q3npHIe@{73yq{g=U~ndhdH;<$v`
z8QVUSm~u+kQiNiK+VNOZn?dTr)Lpsg9h(-C`XW;J&GQARrMU>6rPP1>`ES3f^c?$Y
zg*E$E|70vzF<Y67l~if=-2{!Q7)|N*=6`|L_*HAhYfpFkUQL6<hD0wZVMtVK-4pq2
z41Z1d<f({R1FssJZRZs&*}@9dTg9jD7L~EgoxkA`)hgZwL(hI);aQ&A46{X%xj#MU
zJFgBTXjH{$O3j6RIG@4mxIdop)m0S@r5Qf4T8c{Kb<$Y4A&nBX23|F`#=?C0mTX}W
zh52f3li4bxo+C@KJF4P9MEb+s(8jFt2z`K+T%au2)5_EyIcm8-b7u9E?F>$O4$93j
zBtpr#56uA}93dL(=Zjs=>E{KOK0ZiCF<{q3?q}MP&IL{nt!}p)b$0tUxBiMo`;E83
z{X#bm`d9#A<8axB+H}LZxE^QK_-5VaQRRUqbx9f^M{S9k59m1i>mkQ<KZ{`skLJwL
zPJf|-l+tG^(R1|^VuqGZqpBH;4>mr?+<^k0MxnX$#f(Cm**{h$X9&6AOK)}jR1bW*
zHfa`40HhHa14|74@qK6D$)gbR5FZ-txO&t0pkTo7DYK`YPP@oMsnj&a0IPR73&U=0
z=6?-v{~181GB;_v;O=QA3Gu-QIr}ZMV@1ma?jPIIl!*9X+U%%j^h_uWtGwSbZ?=D<
z+?j-v+-LwgjTjB&KMy>kWXd;^Q;0h_@kEutmNk?aCRWA_Eth;NY?e>fS_+O5Xw3OX
zHcY;C$zl7K#sdp3uuS6);GihRr{C)EUO3kJ%*Let>!+#ZdkcU0n`3h}E?P=)*s}_M
zMDV%yZ$C*_oombu52jvW-MEsUt)7g=Su-^ixdr5_l;))IBT7%Q+wILFf#V81ZQtBX
z8xriLGbZG(Tc}`{dty*+765|N$xr@g`PIg4HzvY;WdBiP0N_QW2eWS;KAT#C`N%3*
z(JBEFH6ku8YvHjWa!hxd<)QUBLJ%KKEz#2)Y2m^<6%^{b!)dt#-(KRxV<iu<y{U1B
zxPM<T=Qi=6Ol$b+C)Ed^pZ&dPKSQ&M+=z^^#zBA42iBJ8qJD7H3}05z*L(4-1Md1_
zrpt@S5A>7i14QK@ze~FQ&g$(Ly0-sLlQAuOhh~_Y<qEXfm-pGMGwxDsP}hlG1PLdZ
zr^AeD#+OC0@m`M7jYw)?bZ9%^k`{C(05Mhnr;oaexm9qt9-_Me=X<K*7Z*5@Sw(-h
zr5)>Qt1q%R=(wyyZ%j!s6a<je^1TIFo2L}i71%EodL!wURbq%Gg=<WQ7ihiw;G>Eg
zuUQ_AyJmbvb^+-s$(%HPS>l0jB+^}<s`ok6O&fA(65)o4`Cu2UXH%ePgb!z{Cv^vk
zT*dBs0f2-)^Y6COje4Rs2ry=31@HnnkYc+1f%4UX8oFd+nH9gVko=y=-Xs997KpE|
zcR^}HV3j&Qb?7tw6X9JAz%-UBsTaVEk?9QpDsn*IFd-o{2Kd8lX%`CblUp3_S)wg8
z0YJSwIbR9Ln3fH%17MJ3dV`)Pbqh>qIh@2co)Fyk`F1R^nT?}xBPNCT1~~gY@V`MD
zr!$dr)=7GDt9(qch@UP9FqS2ybA+&-$O-^WMuY=_x=u7TbB8Tb1@=pY-iV)TBo^v1
zvyJKS^f*Fn6%zoE`MGPxS7aBEu9BbA5yJR~C~!wJdc_=?MCI?<L$C{$Y>D-FJR_`}
zqjZf-CX+VB?GLrePe!`Nr4F|Y_hD%NqVg_x!R-&(KqKJP`4K38-I33ArSwa|DbYzS
zFf_?zGDTLF`01QVB^qGAZ<EQi|9l~p;l_9tgBs@!5^4@InM`?eq+J-B_0;xFMUier
zDu1fWe)UjH%Nzg0AkBWz;+RI+Q3BJMh7;%Tmt0;ha+e*}8XRRCaVdmP%*6|}rZY*F
z_*?~dk#CanrF=|bjIIVyS{|#n&gfSoMzOS~3+K0yzKSm;sbv8JJ2q+?%qU+fFgMa7
zI&vn92HThnFOYggI;S9w#<ynWOF7!pWoe*ul9d>(uU0upw^`DVMU%LXbUX`o$=)j%
z03wWLhAlJ*0H6WjfVrN*Js7N#e})Etm1u`SJ_%zF`iGp@3uMSyW!xB<scNJT5Soln
z`c+Z^49=)`H*6K>t8(ANaF?$JtbgGiq)Hk+Um$WMOlRv~I90Tjt6}iq`)<rpxDl5^
z2zOL*9L&rFVD82RW_4olF<I?ApB#=jUSGHTAO>is3sS@Cy*&78U_5DR8mmF-*(!!G
zqorLlzWTZ;Iwx6)d+;miH)+s_zq91uyJWfVCltm;NS3O*Xe64>Vx3rC1CI5&6P+w`
z4}HM1JQw4KB?kwjIp(WeQ3Apru!k^uB%GF_qH#oI#q?M$!#h7PFveOWNExVeqt8OS
zkJnRl45y`i*0A&dVXWsCkBt5hA?vzVjVbQFP)Zs~5@^XS243h_V{9Kgj&?YFu37qg
zrIt8i2!<F1(k#o;1Y`D(!j;DktYMQolW;QqIP9HpO|-|%QoNCzLjEb#G`9=rOv3MH
z1hil=p?RZSg*YyhcYfU8ac~3Mp;fO8@1Gh#$oJOrAJEs*z!`&LV<Ycn8mmF;wayzB
z5OEwCjk9KIDsl^`FmuxQ38A+o3%y+pvWg-HYX~QKx+BPNz%J8*U2BIp&*Lw#^>aO5
zjNWQ@9eO@zdD9+8HC9SuvNoq3L-lT+$OtG`W4N~Mt;NEqVC{egz)1z3I72++hs`Ec
zyU6p&f|P-|p!4tl$M(S-G6v>-og+6xe(<uBXqH(l{k75BdzQrdA4f?;K|0rE04RL*
zsl?6X8ld@%CUZ$yE`<<ZI<=;m;@xPo7HyA7eAy@<%JqONmpe1zq|-kVz<{A(Dcy*q
zkS$MF6LcmaKF|BFH61(>lb2<<ZLV+Z&kJ}zts^gA^=@s%yAkreUB176tq<>_SXrjR
zotmwATw@-sx7p`0#vQbJc{J{tsj0{<VAG{BbJF;QeX}!cDp+DcGu69k3f)RPH;iK?
zyXF5I<JHT-=3ey=7QZdI61y+Xdzn)3gR5V5kI4T=I<XISu4eU4*quRt)2-3>ooU_+
z;D6*{KmSqxA%v5|ga4hpFG%0w|JEGDb4pl~2e;jANo|S909$n<18mzCqyD4*qyF2c
zh*j@j55NYL<%<RJohv58UlF;<z)_a_B%F?4A^2<!pKx2MOb23z21(;Q1MpckA<ZKm
zZ>X0W*r~eN|8=sn@KLUOb{}jQ7Lg}(EjT%kxxj$}m+dZ0)d8(b=C9^_0DRKFEXcWL
z!!s#coTqZ?Drw&*6Z<!nllkiAv8x$-+X)CN0;kkgK;QvH<^zDNWEZONrL~cT+?!H1
z7*ky+6B{yUaFT}yori^0gSKIE41-(@hUBnAoeYo=`(PZ~&U*}U7o^ZXkc}d`kilRG
z3zCW5K4>o(t1Ku;fUya?(*<ouO8WZxW`{PX8)mvJj}}j)vo-Y@<>H>W?*{F`=9WQY
zS^eX$?a5BCTb;MLVB=<5B~m-rc3LzlSpAH;9s}iKvD{Pe<h^Scs~<RRXZ~Obv>GSy
zv{!3|)-Hx0SCNKY^9FYe|HS72_Qt@M{Fh;^*xE6BhaVk$hT0ij^%G6e{CVWT8B3wF
z=mF*?2tFZFXT(zDZF50H=#J4-EPaB{2;V9GCzc0@@SO+njc&>SbW;YPn_`3MJge~A
z4_7dqr^KInxPs^G{hP-e`1JVhdlswFCWi^CU!gZU7l^;;{P-VNi(kD&4l*aV5;GCg
z%CW$k5`M?W$Hy=AiX7F5XhtodDkXgiyy?4!#@2h~D0W%Es4_;#&3@l3T)0X6&*SGl
zE(b9VlY-_Yq}8^&7zC!$(gJ9F3Lo9QZhZH1JZhE5G2F_eYIq5&CH%|*fF|pEtWS-9
zi*^5<a@2<MnI^qLivo%bkS-7%KPU(GLy(Hete!=!MSiL+FJpLZP<7SVcBBaIWxd`C
zDx%f``kLEGV42$W*NexswPKrYWL3?~B0`v8G$B!(snZgpJ>kQL@1}!Ft!+#4VYi0>
z^VuY^D0xgxP0S>u=3C)gen^!S!x->&<<*TkBi9AQ+fNikgZUstMqH)5fTOaBpZU6h
z3=DdDKlaBMo=B2pJQf3!3y3O>xLDv>{+6y6tEDhnpJm8gnV1%EVjup|W@7<`*n%Ft
zP3iXCWRUE(r$T)E87d>9WaQ)wKg}fh;i=Xfi_sfsJ=Zs2*(;tJ$)%iPS8)?=Lc6~g
zxIUNxZ`m~YJ3(-bpuoCJ8Gvre0CZCZpqnxP-IM|7rVKzgh0rJH4B(kfs^-i3itwG2
zHb_OY=)c(`<OJLNed^k&3&h=<E=H>I55B*_PX_2?%&7mU|D>KvNDk&3t|gLy5szUg
z+Hj;dTr(o%$In+RzT)SexPu8LjBt1+f@osV@Y--AQayNSUJOa+`_6mmXZOAHHt<j1
z;YdxJS^0AmTIw{|xhsfDf}N_MwBa+olMF4b7?XUhBquj02yM7gJZYwqc4kf@yHXvF
z&$L)wU#xJY_?-ZeT(qGtIvZ}x``O^m&%Gcz+Mr=GE%&|FncQiuAUk@NOV#}uPK!Gd
z9hQSvM!mGM-B?-3TatykOE|3M_!^$3UFKzF1xnvZDi7)vZZC<|;Qee>piZqEp-wFa
zYTlu{cFp<#)6|m-3^y7w<KUA{AK8t;1AvE?Je*0?YN75pyb>%UD4y^vpG+XUg1@e1
z(vRN<c*=vi&XN<BZbwCRwWNMhar3k-(R}S8Bb01}vXh=L?gIli7;nr+0^VOUjI;dd
z8d4=REEN+UdnU?HiGPgblDHHe|3mZCCu^J&HR5760ed1!i#)k{+7rv^Gdv8y%HIXp
zS}oLcDi@_CBrAmHE1+zbDV6J2(4m7ydslVduT`0lh9vI9K8vJ~+Fd-J^Wf#1o@y24
zVAge!ZwEYMv_0_jA4Xaz>Z#o=bZMJU7G4OYz1rB6KcX!4MqSSy*s)tq49?u>;L2wT
z#3dXU7!euj%0TOqK(E#(8^1OM%97WoOH8zyKy)HXvkHIU6BmW3k1G<1l%&!CTdVj9
z6;&v9V*kFDVunMVQ^f&O7s3@^LkiV{_*o={)bKScl`(LqvX<;%HGfWj>k6QH4*(gm
zTBxz;lc8&)n8FI3$b2I8ZYm8JDjgBl5GavG0U$2ngvo`51ST<IMy3%lwm@_uN=q~f
zQk5e{Z;uoH2A0$lDymSz2|yL9iOC*<lam^WNIZ+AkQ%=C^==;A7b)pt;qG=c<S&?J
zC0Lh94*3eknIJYcw$xWF)Lmr2m{1%4CR5au3|}e-6dBNxA~od|w*e5BP`Q>??^t2l
zDd-c7N-hG?i6|{0g?7LRryZ2OtccVTDymT0yD2A*bHyryAtrtnNg*}-WPvPR&7H;F
zaC-$Dhw!7QyGDuB0{|FXjf}ia0RUQfRo@f2w6LVwRs6-YxCE~<+SD;L)YlU^B}5=P
z5v3*crF>`<Tw^jg07<CcCzJCeXOqDVkujvke-9BRE3FM&X)Wxo096V(7TqIl`D`zm
zpr?Y~`A|0_T3jB35B4!?5#I{NtF%DB`1he;egF`caQ3i$(bvH8IxQjR_woXd&={(P
zGVt<T0?~;m&HAI!KfWY@wP=8VtyPR9R1f_!_5{QDsytWdxgnB5YWR22QT$S<a!@lT
zC7l;^K2mh4qJ}jq0NYJaJd+PlccQf8oUhFrOEtJES5GaBUWsW!>Ix)EC|{&_zaUn@
z{+>Oo(^RkKo?M}9|Del92~vdBL?@y&BOq6ti$?;03&uJ~z}6~85-PAKxwCM_vF)(|
z+z?42wfy%;;qsl&hT^ocA=5?=O|DE&=cMNCECcP6+IOBWGmtcV-udYDZi3?|2SV%F
zquJ!3pG#Oh&rh|P?|rVS>gVreW?FQ;AFcE7ec80WcL(deD>Bbu*hk+KUSU^}yR{PI
zmru@(;_eWFH2L$%H+b)E$Tfx|{W>ag`!*CusJNkTuAvRb|Me8P@UN?mF~%5UjQWrI
zk4~gM3AxSzj6bY}D>`cbmH(6i02XR3GYfxY`SRHupt&JdMt2Py7^7ZpSAXR1j4;uz
zWz0Rx!S}oM>a|l~a1x2ko#^5e2jkIcGsbFM<{Hz1TC?NM$&M|ja?<FA@LtTQbjq~`
z`1;yVpT03DDwS7TPbWNQnhU*XfRvmQT=ztmGvP(We&$LkDZ&0Nz9w)Uvt%}QY&p-R
zN586vo*9)+8F!JRHOk>=Ivs@*nQD@1h=_7t9MWZC8hz*wun5dnh{l%lN#x}VFr(5b
z*J@R#&K```^cgrA(EPeG{R5gv8gNCNInhE(GMZ5pmH`lrEoU!}ux^77Wk#h_&Ydjn
z(#x;RnJj60=ZHNEC&KeQMtRCAL1Jt<eOILJ?5K3gv<BC&U%#)UM2qhLXGu-cR_Q)g
zA}$JSpWi?!<-&gXl_nyhvE^*&)wfw#OJ-C$W!;`QNlzawc<@=0YG({A^T%WGzPw4X
z52F-B7z%ctlqDKl&W2M2M)|R$()l@ny)p2`Vp0G7`oB-3%Gt<&tDKGex5|kK?^Zd5
z1=_803JkDY<rEkow#q3oAyzs05#t;Z60LHIONdoY5ro%OW@9wFZ5bRc>y`j(m9wtb
z-Q7-7QSq|z#Bg}$1VpQxz*Ji?=ws8VylQL@BTCNHJgK!$aY*G<jP@z!@!7S|iu2Ct
zrs1t0`Wh8`4wvWp2P69A&TswZ=fCyVAdqF16C_8*5Kr${QM1-Bq@$j&rE(4#fY^4f
zW)(VdvncPJ&s%>c0oj1tcHdQ8)LJFF1Ts~&7}9OH0kW)ef<#yAQ>ckY42n+6mdg44
z6gtZs>Z$KI<cKKmoRR~PD)MA8B3>KAkQ2GKFXH8GFlCh!u)D7$&Hfk$THRE(RL;3m
zQU3vlc?#pli1N-k{0>bs-BgMb2~0Lq3;-&toM5T)oo*;|z?RB+`IPdc+jjZ$-D|2~
z@0^^i{io<wU+_XVq1y07!3|G1U`yq^lYsHRFULHbdjo}g=R9ISgZvk748d(0m27UU
z!WX&;6uJES?JJ1`wp32?`v$T~xOdLo6A=4yF9u-fCJ=|)sB%vIy-Y<^H!p*HtDMT1
zxetF!W4hIIwaVGZf2*90{I|+kZ@?;NBmbfPqyF2+h|fM`lGG!Xd4-(s;0E{4xMKKN
zMSW#_<;lYc7<Yt>Z?d8v6depx$0v>SFw2%vp0jj9S*nDO(gsM|<*ekXLctvBq>L@l
z6+l8t%0cxhxmuo}p@J&;r~8<MqPeREX9jbqlQK55z@O-v`qUdp|2v>9)s=7+a3<N9
zL!Fed^&B=ku=93;axl_hU~l@h1P>rL6=4o_QpVPYmO2Ee!$SJJz#pjnWz<+ghoOz^
zp-#%zl#(>X`NbxqJdB`#RxLu(eJn2Uyth;qgg)o%W)Jp6n31!4;*>r;T|B3``e247
z=$M!?^?)abrtcA@G3mr3mdwr`>ZDx1H-?XgR6m64KHy9KbHStd9$k#udDN#6Q*2=O
zABMMb?<9?s8^QlDyuAUCs!;HoGKth;hTvID{YU+maiH~6lJi?8=8I)OaZ+9v{0u<n
zb?m?R*}ZvJ2Dk~M{-gerP~?xbwvVpF@Xj6B-@VCbCGXzEjQ8-ngP#o0$Cy$7QU7J^
zAx_<+$#JvK<(EX+_qw~jR_N!Eyo{zMC&wd?9Ps!e|CiL&GdV#XIq3aLUDo6b+3&Wc
zt|n*5Bh-KN5Gy`bzB0(WZ!fn(#q=F2u1!0c@GwDp8LzxH;`n#ouC+k5{Lx628eMcG
zeXdhsD-uoLto6n6?dzOn7Y%Vz(NPh(i<x|ye;HUbLlOClgN&7)x+WQyfJp(sKM<b1
zE%eng7Qc_QgF5cR@1>#B(8La);Lh^2z}2fCw4#Hs!qR%&NkfC7Z|lh4NgCV)i)6^R
z%v!0vQv~+vs>3z{`EALucVy05VVQ*CwHE*chQH>C>N>fZaFwlLlCT7VVeh4hA}clZ
zZ(_l23`B9B-A$<aUehqv-@jT@oldvxtF56y6x>f9CU{IN?;b!1>=ngvf_2on$d*A+
z^aJmdtx_>*YykvCK3`ZSZ#y#=f*>E5QH%iM2RBr6(MSb0{X)Z-Z*2sw0-uc0+r2nz
zYdzjxOEE%M>(+Q26D5tXbXJM9T5Uev{P(XH`!t9Wt{jHh!0B`W($2ANR{JVx--TGm
zl{@1G1>aBo7Bb~)r(6|M5ihuHco&v7`><)VJ>auUwY}zHLAC;svCsmi7a4>O3htz$
zqry;k=(AF%ht_|x@spceY!vvo8Sq_ue&Iv1+D=1w=C+Kh0ow{h!CtKF1b`SvrGvT@
zT2ygm&Wan{T9eL)1_}W(6`NLns&BoE7|XkdJ}XZ%TX$)VqZ)?11Iglx=MJv2(O(jb
znnfN1pH@Gr_{d*ZZK)WACLb)fu;rL>16zIz+<8oynKOy{etVFN;XU-KyfK_K^vL&v
zW3O1gy|ac=C`yh!KyUKmj%oI0GM5|R{pX7G!-J3fEFk#P5CW>5FrGoa8qP%@Mzfik
z$D#vfHP^AG>)zgYR_EF)u_7<OLr)Fy0#CL!vxF^2-f9~(#H9kiKd#(+wO%Scp&?V{
zwZTN;m2!0+l6YQwZ9wQZ#nS@2#|>`twlXG;EaBs210~1aqz_h)z+F*wt9MGD?-GR9
z%|Fb6(AlZhQ8^)TblLR9W~)~EjUOPg<Lsg%_eXaf!?U+dZ3W`F|K=WZf{_?Ul^ohA
zbE#pDS_y0V<1D^j?<&p(X0mWE`mW!Nm+Nftr8DN++|8V2<}PBm4_-E~Tk_<5x`zb`
z!ZP>TXPGg5hp$X76`34!s=bU~fuTH8F}YAbW~NdT-E|BCfAY1{chcv&yv>wj1Hr$P
z$%&<B?yzD1DKeKEmYq8<mYjObUM&q+^QffB4CR+L(`9>2VS;#lwEDUg){c=*7kurq
zOLdH__8eVrsCM4gu9Qya&lFOjTsg8X>5=}N|MizC_i_coo~g7pxixS;$&rf~mc9c6
z-WN_AXE8-`8pu*p517k{+(nm9PVX})^1+Qt$E!@88G)fbfJz(=4XudgI=Y!~XDfH!
zs@FKEvv?J*Y5AprU8w8a1h5gvsVF(|yZ~UBO2;xv2luBUkz-~l)m{LQB)UYi58L?3
z2}@u<xx=U7jmI!59Rn46FI3Jq*Ep(};#x#tuPi?FHH3N94ivAir2Aq_7H-`GIaC>X
zR=e7a2uvwMCgIAF-wB}Cv_3TE%e~y|!phUg*cX@;Ke(A-a2H8(h9FI5;0GU5C}R6|
z!bTkk{ykfLuMKcDU|uU&Rmii)7f^}Ap`qd9X@jeKSkU>fa-rNK&l>QBmkp34bJh#N
zvdg08QQ`I`aDOTiIp*?xN5%5)nX%BSxjbJxt$UHWu0B=GtOEhO!#|A1@Bl3_iXXKz
ztg`%0jEdTEXQ~;YyYF=!NzU5^S6`>o$(6%$PQ%hgn|mMniZ54iV_XgR;Ha(>fZWa8
zVEqR|;!gmOg=cRpIt+yy1Hq_c^o{P7q|5b8mRLY2q&P~o_|gf(t3B#n#X!*4YJ_X6
zsLqqJBRgqm!y6BqKY70}x3cmJiv!h}u~bZg?;fW-9u)nkxX9*Du9+mZys7n{RJFIA
zL@2dSom3RsgKoj^)(+BmzuhZ+WhK#>n@#2HPvMBIbEVK%FI)x{KlM=%m*2@t5oRga
zBb8Xfl*1}*Hmj-qyT5FspLt<3e8ZP3I3!QZojR49+qoKfk$z|+kcNx)37zgrk(xeu
zC3$jI*?I2m^lsAlB6l;du(E={A3?JZyKETxvH1YSb1$XM_CMXa_gbS*D>e%9w-Z2$
zqtsMf%A&*2s;cibPYbNHGAGwPOB{{kIW$>(abDG}9*Mume&>@3!t28+Dm`=g?nv%W
z#k3gS13Q%%`w*nf^enq@lExOH$S03FK4o(1I~C!W8*88CIDuUt_-B-*T(iu~x$raQ
zs1{m;&h_`+G$_#+U7};G^#u9u^P>OJ&1NDm4eAv3$o@j?Rj*B{Zh;4`7kgv)mtTb|
zhq259cJ}~I{rPiz$^FjGX_uWZS9sWSf{j3Wn4q1A*E%U50C9ucdKdAS8!NAk@a#>+
z>4keyYk?ZM=6MjjXe$t%-pSp}y=>rGOmdJhM+LhG1E2iI&4lY+#rUBOAjeS*B}P6c
zSyMRnc7V^)rY}|p3}v%7)5%UE4&Pp7SIXB;hpv>roh&1Y>O38GOutUfPsKDey7QbZ
zI=$9W+2e?RSH00iL(0wVUata$`_VBwCy6eN@a%T32E69X0N`KNHsEWFj{b9z<odG4
z-X0+XthGH3XQ*>W)c=&c-J5JS{gBRoZ|eG7q2EUa=-|hw|0s#%fd6EF?^WXee=|XU
Y9=%t=d`1v9!fEZL>yiJz8e(q&07d{ws{jB1

literal 0
HcmV?d00001

diff --git a/doc/changelog.rst b/doc/changelog.rst
deleted file mode 100644
index 2569d171..00000000
--- a/doc/changelog.rst
+++ /dev/null
@@ -1,54 +0,0 @@
-Roadmap and changelog
-#####################
-
-Roadmap
-*******
-
-Bêta version
-============
-
-To go out of the current Alpha version we want to achieve the following tasks:
-
-- :issue:`Configuration validation using pydantic <138>`
-
-Stable version
-==============
-
-Before we push Canaille in stable version we want to achieve the following tasks:
-
-Security
---------
-
-- :issue:`Password hashing configuration <175>`
-- :issue:`Authentication logging policy <177>`
-- :issue:`Intruder lockout <173>`
-- :issue:`Password expiry policy <176>`
-- :issue:`Password compromission check <179>`
-- :issue:`Multi-factor authentication: Email <47>`
-- :issue:`Multi-factor authentication: SMS <47>`
-- :issue:`Multi-factor authentication: OTP <47>`
-
-Packaging
----------
-
-- :issue:`Nix package <190>`
-- :issue:`Docker / OCI package <59>`
-
-And beyond
-==========
-
-- :issue:`OpenID Connect certification <182>`
-- :issue:`SCIM support <116>`
-
-Release notes
-*************
-
-All notable changes to this project will be documented in there.
-
-The format is based on `Keep a Changelog <https://keepachangelog.com/en/1.0.0/>`_,
-and this project adheres to `Semantic Versioning <https://semver.org/spec/v2.0.0.html>`_.
-
-Alpha versions
-==============
-
-.. include:: ../CHANGES.rst
diff --git a/doc/conf.py b/doc/conf.py
index e6c2b73c..05f20da0 100644
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -34,9 +34,11 @@ extensions = [
     "sphinx.ext.todo",
     "sphinx.ext.viewcode",
     "sphinx_click",
+    "sphinx_design",
     "sphinx_issues",
     "sphinx_sitemap",
     "sphinxcontrib.autodoc_pydantic",
+    "sphinxcontrib.images",
 ]
 
 templates_path = ["_templates"]
@@ -54,7 +56,8 @@ version = metadata.version("canaille")
 language = "en"
 exclude_patterns = []
 pygments_style = "sphinx"
-todo_include_todos = False
+todo_include_todos = True
+toctree_collapse = False
 
 intersphinx_mapping = {
     "python": ("https://docs.python.org/3", None),
@@ -63,6 +66,7 @@ intersphinx_mapping = {
     "flask-babel": ("https://python-babel.github.io/flask-babel", None),
     "flask-wtf": ("https://flask-wtf.readthedocs.io", None),
     "pydantic": ("https://docs.pydantic.dev/latest", None),
+    "pytest-iam": ("https://pytest-iam.readthedocs.io/en/latest/", None),
 }
 
 issues_uri = "https://gitlab.com/yaal/canaille/-/issues/{issue}"
@@ -75,20 +79,45 @@ html_theme = "shibuya"
 html_static_path = ["_static"]
 html_baseurl = "https://canaille.readthedocs.io/"
 html_theme_options = {
+    "globaltoc_expand_depth": 3,
     "accent_color": "yellow",
     "light_logo": "_static/canaille-label-black.webp",
     "dark_logo": "_static/canaille-label-white.webp",
     "gitlab_url": "https://gitlab.com/yaal/canaille",
     "mastodon_url": "https://toot.aquilenet.fr/@yaal",
+    "discussion_url": "https://matrix.to/#/#canaille-discuss:yaal.coop",
     "nav_links": [
         {
-            "title": "Homepage",
-            "url": "https://canaille.yaal.coop",
-            "summary": "The homepage for the Canaille project",
+            "title": "Demo",
+            "children": [
+                {
+                    "title": "Canaille demo server",
+                    "url": "https://demo.canaille.yaal.coop",
+                },
+                {
+                    "title": "OIDC Client 1",
+                    "url": "https://demo.client1.yaal.coop",
+                },
+                {
+                    "title": "OIDC Client 2",
+                    "url": "https://demo.client2.yaal.coop",
+                },
+            ],
+        },
+        {"title": "PyPI", "url": "https://pypi.org/project/Canaille"},
+        {
+            "title": "Weblate",
+            "url": "https://hosted.weblate.org/projects/canaille/canaille",
         },
-        {"title": "PyPI", "url": "https://pypi.org/project/Canaille/"},
     ],
 }
+html_context = {
+    "source_type": "gitlab",
+    "source_user": "yaal",
+    "source_repo": "canaille",
+    "source_version": "main",
+    "source_docs_path": "/doc/",
+}
 
 # -- Options for HTMLHelp output ------------------------------------------
 
@@ -125,7 +154,7 @@ texinfo_documents = [
 autosectionlabel_prefix_document = True
 autosectionlabel_maxdepth = 2
 
-# -- Options for autodo_pydantic_settings -------------------------------------------
+# -- Options for autodoc_pydantic_settings -------------------------------------------
 
 autodoc_pydantic_settings_show_json = False
 autodoc_pydantic_settings_show_config_summary = False
@@ -133,4 +162,13 @@ autodoc_pydantic_settings_show_config_summary = False
 autodoc_pydantic_settings_show_validator_summary = False
 autodoc_pydantic_settings_show_validator_members = False
 autodoc_pydantic_settings_show_field_summary = False
+autodoc_pydantic_settings_signature_prefix = ""
+autodoc_pydantic_field_signature_prefix = ""
 autodoc_pydantic_field_list_validators = False
+
+# -- Options for images
+
+images_config = {
+    "override_image_directive": True,
+    "download": False,
+}
diff --git a/doc/contributing.rst b/doc/contributing.rst
deleted file mode 100644
index e582053e..00000000
--- a/doc/contributing.rst
+++ /dev/null
@@ -1 +0,0 @@
-.. include:: ../CONTRIBUTING.rst
diff --git a/doc/development/changelog.rst b/doc/development/changelog.rst
new file mode 100644
index 00000000..e1d739b1
--- /dev/null
+++ b/doc/development/changelog.rst
@@ -0,0 +1,9 @@
+Release notes
+#############
+
+All notable changes to this project will be documented in there.
+
+The format is based on `Keep a Changelog <https://keepachangelog.com/en/1.0.0/>`_,
+and this project adheres to `Semantic Versioning <https://semver.org/spec/v2.0.0.html>`_.
+
+.. include:: ../../CHANGES.rst
diff --git a/doc/development/contributing.rst b/doc/development/contributing.rst
new file mode 100644
index 00000000..ac7b6bcf
--- /dev/null
+++ b/doc/development/contributing.rst
@@ -0,0 +1 @@
+.. include:: ../../CONTRIBUTING.rst
diff --git a/doc/development/index.rst b/doc/development/index.rst
new file mode 100644
index 00000000..8a881b3d
--- /dev/null
+++ b/doc/development/index.rst
@@ -0,0 +1,8 @@
+Development
+===========
+
+.. toctree::
+
+   specifications
+   contributing
+   changelog
diff --git a/doc/specifications.rst b/doc/development/specifications.rst
similarity index 100%
rename from doc/specifications.rst
rename to doc/development/specifications.rst
diff --git a/doc/features.rst b/doc/features.rst
new file mode 100644
index 00000000..16c43110
--- /dev/null
+++ b/doc/features.rst
@@ -0,0 +1,314 @@
+.. This page should list the functional perimiter of Canaille,
+   without mentioning too much technical details. We should avoid giving
+   explicit configuration parameters for instance. However, we should put as
+   much links to other sections of the documentation as possible.
+
+   TODO: replace 'users with user management permission' by 'administrators'?
+
+Features
+########
+
+Here are the different features that Canaille provides.
+You can enable any of those features with the :doc:`configuration <references/configuration>` to fit any :doc:`use cases <usecases>` you may meet.
+Check our  :ref:`roadmap <features:Roadmap>` to see what is coming next.
+
+Users can interact with Canaille through its :ref:`web interface <features:Web interface>` and administrators can also use its :ref:`command line interface <features:Command line interface>`.
+Canaille can handle data stored in different :ref:`database backends <features:Backends>`.
+
+Web interface
+*************
+
+Canaille web interface can be used either in :doc:`production environments <tutorial/deployment>` or locally for development purposes.
+
+.. _feature_profile_management:
+
+Profile management
+==================
+
+.. image:: _static/profile.webp
+   :width: 200px
+   :alt: Profile
+   :align: right
+
+Canaille provides an interface to manage user profiles.
+
+The exact list of displayed fields, and wether they are :attr:`writable <canaille.core.configuration.ACLSettings.WRITE>` or :attr:`read-only <canaille.core.configuration.ACLSettings.READ>` depends on the user :class:`Access Control List settings (ACL) <canaille.core.configuration.ACLSettings>`.
+
+Depending on their ACL :class:`permissions <canaille.core.configuration.Permission>`, users can either be allowed to edit their own profile, edit any user profile, or do nothing at all.
+
+.. _feature_email_confirmation:
+
+Email confirmation
+==================
+
+If the :attr:`email confirmation feature <canaille.core.configuration.CoreSettings.EMAIL_CONFIRMATION>` is enabled, any modification or addition of a profile email will send a confirmation mail to the new address. The mail will contain a link that users will need to click on to confirm their email address.
+
+Users with :attr:`user management permission <canaille.core.configuration.Permission.MANAGE_USERS>` can set user emails without confirmation though.
+
+.. _feature_group_management:
+
+Group management
+================
+
+.. image:: _static/group-edition.webp
+   :width: 200px
+   :alt: Group edition
+   :align: right
+
+In a similar fashion than :ref:`profile management <feature_profile_management>` Canaille provides an interface to manage user groups.
+
+The group management is quite simple at the moment and consists in a group name and description, and the list of its members.
+Group membership can be use as :attr:`ACL Filter <canaille.core.configuration.ACLSettings.FILTER>` to define user permissions.
+
+.. todo::
+   At the moment adding an user to a group can only be achieved by the user settings page, but we are :issue:`working to improve this <192>`.
+
+Group management can be enable with a :attr:`dedicated user permission <canaille.core.configuration.Permission.MANAGE_GROUPS>`.
+
+.. important::
+   Due to limitations in the :ref:`LDAP backend <tutorial/databases:LDAP>`, groups must have at least one member.
+   Thus it is not possible to remove the last user of a group without removing the group.
+
+.. _feature_user_authentication:
+
+User authentication
+===================
+
+Unless their account is :ref:`locked <feature_account_locking>`, users can authenticate with a login and a password.
+
+.. important::
+
+   For security reasons, it won't be told to users if they try to sign in with an unexisting logging, unless explicitly :attr:`set in the configuration <canaille.core.configuration.CoreSettings.HIDE_INVALID_LOGINS>`.
+
+.. todo:: :ref:`LDAP backend <tutorial/databases:LDAP>` users can define which :class:`user field <canaille.core.models.User>` should be used as the login (such as :attr:`~canaille.core.models.User.user_name` or :attr:`~canaille.core.models.User.emails`) using a :attr:`configuration parameter <canaille.backends.ldap.configuration.LDAPSettings.USER_FILTER>`, but other backends can only login using :attr:`~canaille.core.models.User.user_name`. We are :issue:`working to improve this <196>`.
+
+.. _feature_user_registration:
+
+User registration
+=================
+
+Users can create accounts on Canaille if the feature :attr:`registration feature <canaille.core.configuration.CoreSettings.ENABLE_REGISTRATION>` is enabled. They will be able to fill a registration form with the fields detailed in the default :class:`ACL settings <canaille.core.configuration.ACLSettings>`.
+
+If :attr:`email confirmation <canaille.core.configuration.CoreSettings.EMAIL_CONFIRMATION>` is also enabled, users will be sent a confirmation link to their email address, on which they will need to click in order to finalize their registration.
+
+.. _feature_user_invitation:
+
+User invitation
+===============
+
+.. image:: _static/user-invite.webp
+   :width: 200px
+   :alt: User invitation
+   :align: right
+
+If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is configured, users with :attr:`user management permission <canaille.core.configuration.Permission.MANAGE_USERS>` can create an invitation link for one user.
+
+The link goes to a registration form, even if regular :ref:`user registration <feature_user_registration>` is disabled.
+
+It can be automatically sent by email to the new user.
+
+.. _feature_account_locking:
+
+Account locking
+===============
+
+If Canaille is plugged to a :ref:`backend <features:Backends>` that supports it, user accounts can be locked by users with :attr:`user management permission <canaille.core.configuration.Permission.MANAGE_USERS>`.
+The lock date can be set instantly or at a given date in the future.
+
+At the moment a user account is locked:
+
+- their open sessions will be closed;
+- they won't be able to sign in again;
+- no new OIDC token will be issued;
+
+User accounts must be manually unlocked by an administrator for the users to regain access to those actions.
+
+.. _feature_account_deletion:
+
+Account deletion
+================
+
+Users with the :attr:`account deletion permission <canaille.core.configuration.Permission.DELETE_ACCOUNT>` are allowed to delete their own account.
+
+Users that also have the :attr:`user management permission <canaille.core.configuration.Permission.MANAGE_USERS>` are also allowed to delete other users accounts.
+
+.. _feature_password_recovery:
+
+Password recovery
+=================
+
+.. image:: _static/password-recovery.webp
+   :width: 200px
+   :alt: Group edition
+   :align: right
+
+If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is configured and the :attr:`password recovery feature <canaille.core.configuration.CoreSettings.ENABLE_PASSWORD_RECOVERY>` is enabled, then users can ask for a password reset email if they cannot remember their password.
+
+The email will be sent to the email addresses filled in their profile, and will contain a link that will allow them to choose a new password. .
+
+.. todo::
+
+    Check that password recovery is disabled on locked accounts.
+
+.. _feature_password_reset:
+
+Password reset
+==============
+
+If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is configured, :attr:`user management permission <canaille.core.configuration.Permission.MANAGE_USERS>` can send password reset mails to users.
+The mails contains a link that allow users to choose a new password without having to retrieve the old one.
+
+.. _feature_password_initialization:
+
+Password initialization
+=======================
+
+User :attr:`passwords <canaille.core.models.User.password>` are optional.
+If a :class:`mail server <canaille.core.configuration.SMTPSettings>` is configured, when users with no password attempt to sign in, they are invited to click a button that will send them a password initialization mail.
+The mail contains a link that leads to a form that allows users to choose a password.
+
+.. _feature_i18n:
+
+Internationalization
+====================
+
+.. image:: https://hosted.weblate.org/widgets/canaille/-/canaille/multi-blue.svg
+   :alt: Translation state
+   :align: right
+   :width: 600px
+
+Canaile will display in your :attr:`preferred language <canaille.core.models.User.preferred_language>` if available, or your browser language if available (and if it is not you can :ref:`help us with the translation <development/contributing:Translations>`).
+If you prefer, you can also :attr:`force a language <canaille.core.configuration.CoreSettings.FAVICON>` for every users.
+
+.. _feature_ui:
+
+Lightweight
+===========
+
+The web interface is lightweight, so everything should load quickly.
+There is a few Javascript here and there to smooth the experience, but no Javascript at all is needed to use Canaille.
+
+Customizable
+============
+
+The default theme should be good enough for most usages.
+It has a dark theme, display well on mobile, and let you choose a :attr:`logo <canaille.core.configuration.CoreSettings.LOGO>` and a :attr:`favicon <canaille.core.configuration.CoreSettings.FAVICON>`.
+
+If you need more you can also use a :attr:`custom theme <canaille.core.configuration.CoreSettings.THEME>`.
+
+.. _feature_oidc:
+
+OpenID Connect
+**************
+
+Canaille implements a :ref:`subset<development/specifications:State of the specs in Canaille>` of the OAuth2/OpenID Connect specifications .
+This allows to provide :abbr:`SSO (Single Sign-On)` and :abbr:`SLO (Single Log-On)` to applications plugged to Canaille.
+
+Consent management
+==================
+
+.. image:: _static/consent.webp
+   :width: 200px
+   :alt: Profile
+   :align: right
+
+
+Users can give their consent to application requesting access to their personal information,
+and then revoke those consent at their will.
+
+Application management
+======================
+
+Users with the right :attr:`permission <canaille.core.configuration.Permission.MANAGE_OIDC>` can manager OIDC clients through the web interface.
+
+In some cases, it might be useful to avoid the consent page for some trusted applications, so clients can be pre-consented.
+
+Discovery
+=========
+
+Canaille implements the :doc:`Discovery specifications <development/specifications>` so most of the applications plugged to Canaille can auto-configure themselves.
+
+Dynamic Client Registration
+===========================
+
+Canaille implements the :doc:`Dynamic Client Registration specifications <development/specifications>`, so when the :attr:`feature is enabled <canaille.oidc.configuration.OIDCSettings.DYNAMIC_CLIENT_REGISTRATION_OPEN>`, clients can register themselves on Canaille without an administrator intervention.
+
+.. _feature_cli:
+
+Command Line Interface
+**********************
+
+Canaille comes with a :abbr:`CLI (Command Line Interface)` to help administrators in hosting and management.
+
+There are tools to :ref:`check your configuration <cli_check>` or to :ref:`install missing parts <cli_install>`.
+You can use the CLI to :ref:`create <cli_create>`, :ref:`read <cli_get>`, :ref:`update <cli_set>` and :ref:`delete <cli_delete>` models such as :class:`users <canaille.core.models.User>`, :class:`groups <canaille.core.models.Group>` or  :class:`OIDC clients <canaille.oidc.basemodels.Client>`.
+
+There are also tools to :ref:`fill your database <cli_populate>` with random objects, for tests purpose for instance.
+
+.. _feature_backends:
+
+Backends
+********
+
+Canaille can handle data from the most :ref:`common SQL databases <tutorial/databases:SQL>` such as PostgreSQL, MariaDB or SQLite, as well as :ref:`OpenLDAP <tutorial/databases:LDAP>`.
+It also comes with a no-dependency :ref:`in-memory database <tutorial/databases:Memory>` that can be used in unit tests suites.
+
+Miscellaneous
+*************
+
+.. _feature_logging:
+
+Logging
+=======
+
+Canaille writes :attr:`logs <canaille.core.configuration.CoreSettings.LOGGING>` for every important event happening, to help administrators understand what is going on and debug funky situations.
+
+.. _feature_development:
+
+A tool for your development and tests
+=====================================
+
+Thanks to its lightweight :ref:`in-memory database <tutorial/databases:Memory>` and its curated :ref:`dependency list <tutorial/install:Get the code>`, Canaille can be used in the unit test suite of your application, so you can check how it behaves against a real world OpenID Connect server. If you work with python you might want to check :doc:`pytest-iam:index`.
+
+It can also being launched in your development environment, if you find that launching a Keycloak in a Docker container is too heavy for your little web application.
+
+It also fits well in continuous integration scenarios. Thanks to its :ref:`CLI <feature_cli>`, you can prepare data in Canaille, let your application interract with it, and then check the side effects.
+
+Roadmap
+*******
+
+Bêta version
+============
+
+To go out of the current Alpha version we want to achieve the following tasks:
+
+- :issue:`Configuration validation using pydantic <138>`
+
+Stable version
+==============
+
+Before we push Canaille in stable version we want to achieve the following tasks:
+
+Security
+--------
+
+- :issue:`Password hashing configuration <175>`
+- :issue:`Authentication logging policy <177>`
+- :issue:`Intruder lockout <173>`
+- :issue:`Password expiry policy <176>`
+- :issue:`Password compromission check <179>`
+- :issue:`Multi-factor authentication: Email <47>`
+- :issue:`Multi-factor authentication: SMS <47>`
+- :issue:`Multi-factor authentication: OTP <47>`
+
+Packaging
+---------
+
+- :issue:`Nix package <190>`
+- :issue:`Docker / OCI package <59>`
+
+And beyond
+==========
+
+- :issue:`OpenID Connect certification <182>`
+- :issue:`SCIM support <116>`
diff --git a/doc/index.rst b/doc/index.rst
index 301fa196..c2e5a0be 100644
--- a/doc/index.rst
+++ b/doc/index.rst
@@ -1,3 +1,5 @@
+:layout: landing
+
 .. figure:: _static/canaille-full-black.webp
   :width: 400
   :figclass: light-only
@@ -8,53 +10,71 @@
   :figclass: dark-only
   :align: center
 
+.. rst-class:: lead
+
+    Lightweight Identity and Autorization Management
+
+----
+
 **Canaille** is a French word meaning *rascal*. It is roughly pronounced **Can I?**,
 as in *Can I access your data?* Canaille is a lightweight identity and authorization management software.
-
 It aims to be very light, simple to install and simple to maintain. Its main features are :
 
-- User profile and groups management;
-- Authentication, registration, email confirmation, "I forgot my password" emails;
-- OpenID Connect identity provider;
-- postgresql, mariadb and OpenLDAP first-class citizenship;
-- Customizable, themable;
-- The code is easy to read and easy to edit!
+.. grid:: 3
+    :gutter: 2
+    :padding: 0
 
-Screenshots
-===========
+    .. grid-item-card:: Profile management
+        :link-type: ref
+        :link: feature_profile_management
 
-.. image:: _static/login.webp
-  :width: 225
-  :alt: Login
+        User profile and groups management,
+        Basic permissions
 
-.. image:: _static/profile.webp
-  :width: 225
-  :alt: Profile
+    .. grid-item-card:: User authentication
+        :link-type: ref
+        :link: feature_user_authentication
 
-.. image:: _static/consent.webp
-  :width: 225
-  :alt: Consent
+        Authentication, registration, email confirmation, "I forgot my password" emails
 
-Table of contents
-=================
+    .. grid-item-card:: :abbr:`SSO (Single Sign-On)`
+        :link-type: ref
+        :link: feature_oidc
+
+        OpenID Connect identity provider
+
+    .. grid-item-card:: Multi-database support
+        :link-type: ref
+        :link: feature_backends
+
+        PostgreSQL, Mariadb and OpenLDAP first-class citizenship
+
+    .. grid-item-card:: Customization
+        :link-type: ref
+        :link: feature_ui
+
+        Put Canaille at yours colors by choosing a logo or use a custom theme!
+
+    .. grid-item-card:: Developers friendliness
+        :link-type: ref
+        :link: feature_development
+
+        Canaille can easily fit in your unit tests suite or in your Continuous Integration.
+
+.. container:: buttons
+
+    :doc:`Full feature list <features>`
+
+.. rst-class:: lead
+
+    Documentation
+
+----
 
 .. toctree::
    :maxdepth: 2
 
-   install
-   deployment
-   databases
-   configuration
-   commands
-   troubleshooting
-   reference
-   specifications
-   contributing
-   changelog
-
-Indices and tables
-==================
-
-* :ref:`genindex`
-* :ref:`modindex`
-* :ref:`search`
+   features
+   tutorial/index
+   references/index
+   development/index
diff --git a/doc/commands.rst b/doc/references/commands.rst
similarity index 85%
rename from doc/commands.rst
rename to doc/references/commands.rst
index 4350fc1c..9b613952 100644
--- a/doc/commands.rst
+++ b/doc/references/commands.rst
@@ -3,34 +3,50 @@ Command Line Interface
 
 Canaille provide several commands to help administrator manage their data.
 
+.. _cli_check:
+
 .. click:: canaille.app.commands:check
    :prog: canaille check
    :nested: full
 
+.. _cli_clean:
+
 .. click:: canaille.oidc.commands:clean
    :prog: canaille clean
    :nested: full
 
+.. _cli_install:
+
 .. click:: canaille.app.commands:install
    :prog: canaille install
    :nested: full
 
+.. _cli_populate:
+
 .. click:: canaille.core.commands:populate
    :prog: canaille populate
    :nested: full
 
+.. _cli_get:
+
 .. click:: doc.commands:get
    :prog: canaille get
    :nested: full
 
+.. _cli_set:
+
 .. click:: doc.commands:set
    :prog: canaille set
    :nested: full
 
+.. _cli_create:
+
 .. click:: doc.commands:create
    :prog: canaille create
    :nested: full
 
+.. _cli_delete:
+
 .. click:: doc.commands:delete
    :prog: canaille delete
    :nested: full
diff --git a/doc/configuration.rst b/doc/references/configuration.rst
similarity index 60%
rename from doc/configuration.rst
rename to doc/references/configuration.rst
index c6339c59..c78b0107 100644
--- a/doc/configuration.rst
+++ b/doc/references/configuration.rst
@@ -1,12 +1,15 @@
 Configuration
 #############
 
-Canaille can be configured either by a environment variables, or by a `toml` configuration file which path is passed in the ``CONFIG`` environment variable.
+Canaille can be configured either by a environment variables, environment file, or by a configuration file.
 
-Toml file
-=========
+Configuration file
+==================
 
-::
+The configuration can be written in `toml` configuration file which path is passed in the :envvar:`CONFIG` environment variable.
+
+.. code-block:: toml
+    :caption: config.toml
 
     SECRET_KEY = "very-secret"
 
@@ -17,7 +20,7 @@ Toml file
     DATABASE_URI = "postgresql://user:password@localhost/database"
     ...
 
-You can have a look at the :ref:`configuration:Example file` for inspiration.
+You can have a look at the :ref:`example file <references/configuration:Example file>` for inspiration.
 
 Environment variables
 =====================
@@ -25,17 +28,20 @@ Environment variables
 In addition, parameters that have not been set in the configuration file can be read from environment variables.
 The way environment variables are parsed can be read from the `pydantic-settings documentation <https://docs.pydantic.dev/latest/concepts/pydantic_settings/#parsing-environment-variable-values>`_.
 
-Settings will also be read from a local ``.env`` file if present.
+Environment file
+================
+
+Any environment variable can also be written in a ``.env``, and will be read if present.
 
 .. TODO: Uncomment this when pydantic-settings implements nested secrets directories
    https://github.com/pydantic/pydantic-settings/issues/154
 
-Secret parameters
-=================
+    Secret parameters
+    =================
 
-    A ``SECRETS_DIR`` environment variable can be passed as an environment variable, being a path to a directory in which are stored files named after the configuration settings.
+        A :envvar:`SECRETS_DIR` environment variable can be passed as an environment variable, being a path to a directory in which are stored files named after the configuration settings.
 
-    For instance, you can set ``SECRETS_DIR=/run/secrets`` and put your secret key in the file ``/run/secrets/SECRET_KEY``.
+        For instance, you can set ``SECRETS_DIR=/run/secrets`` and put your secret key in the file ``/run/secrets/SECRET_KEY``.
 
 Parameters
 ==========
@@ -61,5 +67,6 @@ Example file
 
 Here is a configuration file example:
 
-.. literalinclude :: ../canaille/config.sample.toml
+.. literalinclude :: ../../canaille/config.sample.toml
    :language: toml
+   :caption: config.toml
diff --git a/doc/references/index.rst b/doc/references/index.rst
new file mode 100644
index 00000000..62d4d298
--- /dev/null
+++ b/doc/references/index.rst
@@ -0,0 +1,8 @@
+References
+==========
+
+.. toctree::
+
+   configuration
+   commands
+   models
diff --git a/doc/reference.rst b/doc/references/models.rst
similarity index 94%
rename from doc/reference.rst
rename to doc/references/models.rst
index 28be1303..a54d097d 100644
--- a/doc/reference.rst
+++ b/doc/references/models.rst
@@ -1,5 +1,5 @@
-Reference
-#########
+Data models
+###########
 
 This reference details the data models used by Canaille.
 This is mostly useful for developers.
diff --git a/doc/databases.rst b/doc/tutorial/databases.rst
similarity index 90%
rename from doc/databases.rst
rename to doc/tutorial/databases.rst
index 63ccbe64..33c1d0a3 100644
--- a/doc/databases.rst
+++ b/doc/tutorial/databases.rst
@@ -4,9 +4,6 @@ Databases
 Canaille can read and save data in different databases.
 This page presents the different database backends and their specificities:
 
-.. contents::
-   :local:
-
 Memory
 ======
 
@@ -21,7 +18,10 @@ SQL
 Canaille can use any database supported by `SQLAlchemy <https://www.sqlalchemy.org/>`_, such as
 sqlite, postgresql or mariadb.
 
-It is used when the ``CANAILLE_SQL`` configuration parameter is defined. For instance::
+It is used when the ``CANAILLE_SQL`` configuration parameter is defined. For instance:
+
+.. code-block:: toml
+    :caption: config.toml
 
     [CANAILLE_SQL]
     SQL_DATABASE_URI = "postgresql://user:password@localhost/database"
@@ -32,7 +32,10 @@ LDAP
 ====
 
 Canaille can use OpenLDAP as its main database.
-It is used when the ``CANAILLE_LDAP`` configuration parameter is defined. For instance::
+It is used when the ``CANAILLE_LDAP`` configuration parameter is defined. For instance:
+
+.. code-block:: toml
+    :caption: config.toml
 
     [CANAILLE_LDAP]
     URI = "ldap://ldap"
@@ -67,11 +70,11 @@ overlays are needed for the Canaille group membership to work correctly.
 
 Here is a configuration example compatible with canaille:
 
-.. literalinclude :: ../demo/ldif/memberof-config.ldif
+.. literalinclude :: ../..//demo/ldif/memberof-config.ldif
    :language: ldif
    :caption: memberof-config.ldif
 
-.. literalinclude :: ../demo/ldif/refint-config.ldif
+.. literalinclude :: ../..//demo/ldif/refint-config.ldif
    :language: ldif
    :caption: refint-config.ldif
 
@@ -90,11 +93,11 @@ If the `ppolicy <https://www.ietf.org/archive/id/draft-behera-ldap-password-poli
 
 Here is a configuration example compatible with canaille:
 
-.. literalinclude :: ../demo/ldif/ppolicy-config.ldif
+.. literalinclude :: ../../demo/ldif/ppolicy-config.ldif
    :language: ldif
    :caption: ppolicy-config.ldif
 
-.. literalinclude :: ../demo/ldif/ppolicy.ldif
+.. literalinclude :: ../../demo/ldif/ppolicy.ldif
    :language: ldif
    :caption: ppolicy.ldif
 
diff --git a/doc/deployment.rst b/doc/tutorial/deployment.rst
similarity index 90%
rename from doc/deployment.rst
rename to doc/tutorial/deployment.rst
index 1ef793bb..8b20add3 100644
--- a/doc/deployment.rst
+++ b/doc/tutorial/deployment.rst
@@ -10,7 +10,9 @@ Here are some WSGI server configuration examples you can pick. Do not forget to
 gunicorn
 --------
 
-TBD
+.. todo::
+
+   Write a gunicorn configuration sample file.
 
 uwsgi
 -----
@@ -111,7 +113,9 @@ Nginx
 Apache
 ------
 
-TBD
+.. todo::
+
+   Write a Apache configuration file.
 
 Recurrent jobs
 ==============
@@ -131,10 +135,10 @@ You may want to configure a `WebFinger`_ endpoint on your main website to allow
 
 The difficulty here is that the WebFinger endpoint must be hosted at the top-level domain (i.e. ``mydomain.tld``) while the authentication server might be hosted on a sublevel (i.e. ``auth.mydomain.tld``). Canaille provides a WebFinger endpoint, but if it is not hosted at the top-level domain, a web redirection is required on the ``/.well-known/webfinger`` path.
 
-Nginx
------
+Here are configuration examples for Nginx or Apache:
 
 .. code-block:: nginx
+   :caption: Nginx webfinger configuration for a top level domain
 
     server {
         listen 443;
@@ -142,10 +146,8 @@ Nginx
         rewrite  ^/.well-known/webfinger https://auth.mydomain.tld/.well-known/webfinger permanent;
     }
 
-Apache
-------
-
 .. code-block:: apache
+   :caption: Apache webfinger configuration for a top level domain
 
     <VirtualHost *:443>
         ServerName mydomain.tld
@@ -156,10 +158,11 @@ Apache
 Create the first user
 =====================
 
-Once canaille is installed, you have several ways to populate the database. The obvious one is by adding
-directly users and group into your LDAP directory. You might also want to temporarily enable then the
-:attr:`~canaille.core.configuration.CoreSettings.ENABLE_REGISTRATION` configuration parameter to allow you to create your first users. Then, if you
-have configured your ACLs properly then you will be able to manage users and groups through the Canaille
-interface.
+Once canaille is installed, soon enough you will need to add users.
+To create your first user you can use the :ref:`canaille create <cli_create>` CLI.
+
+.. code-block:: bash
+
+   canaille create user --user-name admin --password admin --emails admin@mydomain.example --first-name George --last-name Abitbol
 
 .. _WebFinger: https://www.rfc-editor.org/rfc/rfc7033.html
diff --git a/doc/tutorial/index.rst b/doc/tutorial/index.rst
new file mode 100644
index 00000000..27abe826
--- /dev/null
+++ b/doc/tutorial/index.rst
@@ -0,0 +1,10 @@
+Tutorial
+########
+
+.. toctree::
+   :maxdepth: 2
+
+   install
+   deployment
+   databases
+   troubleshooting
diff --git a/doc/install.rst b/doc/tutorial/install.rst
similarity index 98%
rename from doc/install.rst
rename to doc/tutorial/install.rst
index d2972811..fd3af07f 100644
--- a/doc/install.rst
+++ b/doc/tutorial/install.rst
@@ -7,9 +7,6 @@ Installation
 
 The installation of canaille consist in several steps, some of which you can do manually or with command line tool:
 
-.. contents::
-   :local:
-
 Get the code
 ============
 
@@ -45,7 +42,7 @@ Choose a path where to store your configuration file. You can pass any configura
     sudo mkdir --parents "$CANAILLE_CONF_DIR"
     sudo cp $CANAILLE_INSTALL_DIR/env/lib/python*/site-packages/canaille/config.sample.toml "$CANAILLE_CONF_DIR/config.toml"
 
-You should then edit your configuration file to adapt the values to your needs. Look at the configuration details in the :doc:`configuration` page.
+You should then edit your configuration file to adapt the values to your needs. Look at the configuration details in the :doc:`configuration <../references/configuration>` page.
 
 Install and check
 =================
diff --git a/doc/troubleshooting.rst b/doc/tutorial/troubleshooting.rst
similarity index 100%
rename from doc/troubleshooting.rst
rename to doc/tutorial/troubleshooting.rst
diff --git a/poetry.lock b/poetry.lock
index b0e21174..cdc5f0a1 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -1913,6 +1913,29 @@ click = ">=8.0"
 docutils = "*"
 sphinx = ">=4.0"
 
+[[package]]
+name = "sphinx-design"
+version = "0.5.0"
+description = "A sphinx extension for designing beautiful, view size responsive web components."
+optional = false
+python-versions = ">=3.8"
+files = [
+    {file = "sphinx_design-0.5.0-py3-none-any.whl", hash = "sha256:1af1267b4cea2eedd6724614f19dcc88fe2e15aff65d06b2f6252cee9c4f4c1e"},
+    {file = "sphinx_design-0.5.0.tar.gz", hash = "sha256:e8e513acea6f92d15c6de3b34e954458f245b8e761b45b63950f65373352ab00"},
+]
+
+[package.dependencies]
+sphinx = ">=5,<8"
+
+[package.extras]
+code-style = ["pre-commit (>=3,<4)"]
+rtd = ["myst-parser (>=1,<3)"]
+testing = ["myst-parser (>=1,<3)", "pytest (>=7.1,<8.0)", "pytest-cov", "pytest-regressions"]
+theme-furo = ["furo (>=2023.7.0,<2023.8.0)"]
+theme-pydata = ["pydata-sphinx-theme (>=0.13.0,<0.14.0)"]
+theme-rtd = ["sphinx-rtd-theme (>=1.0,<2.0)"]
+theme-sbt = ["sphinx-book-theme (>=1.0,<2.0)"]
+
 [[package]]
 name = "sphinx-issues"
 version = "4.1.0"
@@ -1996,6 +2019,21 @@ lint = ["docutils-stubs", "flake8", "mypy"]
 standalone = ["Sphinx (>=5)"]
 test = ["html5lib", "pytest"]
 
+[[package]]
+name = "sphinxcontrib-images"
+version = "0.9.4"
+description = "Sphinx extension for thumbnails"
+optional = false
+python-versions = "*"
+files = [
+    {file = "sphinxcontrib-images-0.9.4.tar.gz", hash = "sha256:f6c237d0430793e65d91dbddb13b1fb26a2cf838040a9deeb52112969fbc4a4b"},
+    {file = "sphinxcontrib_images-0.9.4-py2.py3-none-any.whl", hash = "sha256:8863e8e8533a116f45cb92523938ab25879cc31dc594f5de4c3dbd9ab3d440b0"},
+]
+
+[package.dependencies]
+requests = ">2.2,<3"
+sphinx = {version = ">=2.0", markers = "python_version >= \"3.0\""}
+
 [[package]]
 name = "sphinxcontrib-jsmath"
 version = "1.0.1"
@@ -2463,4 +2501,4 @@ sql = ["passlib", "sqlalchemy", "sqlalchemy-json", "sqlalchemy-utils"]
 [metadata]
 lock-version = "2.0"
 python-versions = "^3.9"
-content-hash = "c0cd43822b196a493e086b80389c22e1be6a488ae2ce8bcc21354895b2c10e67"
+content-hash = "ba6d179f761bb617fb6f4f435b71a8a98d9267bb656aa0f24520a931b0f3effe"
diff --git a/pyproject.toml b/pyproject.toml
index 12fbb967..9081f651 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -73,9 +73,11 @@ optional = true
 autodoc-pydantic = "^2.0.1"
 shibuya = "^2024.3.1"
 sphinx = "^7.0.0"
+sphinx-design = "^0.5.0"
 sphinx-sitemap = "^2.5.1"
 sphinx-issues = "^4.0.0"
 sphinx-click = "^6.0.0"
+sphinxcontrib-images = "^0.9.4"
 
 [tool.poetry.group.dev.dependencies]
 coverage = {version = "*", extras=["toml"]}