mod_sasl2_fast: Fix harmless off-by-one error (invalidates existing tokens!) Problem: This was causing the key to become "<token>--cur" instead of the expected "<token>-cur". As the same key was used by the code to both set and get, it still worked. Rationale for change: Although it worked, it's unintended, inconsistent and messy. It increases the chances of future bugs due to the unexpected format. Side-effects of change: Existing '--cur' entries will not be checked after this change, and therefore existing FAST clients will fail to authenticate until they attempt password auth and obtain a new FAST token. Existing '--cur' entries in storage will not be cleaned up by this commit, but this is considered a minor issue, and okay for the relatively few FAST deployments.

---
summary: Serve PEP avatars from HTTP
---

# Introduction

This module serves avatars from local users who have published
[XEP-0084: User Avatar] via [PEP][doc:modules:mod_pep].

# Configuring

Simply load the module. Avatars are then available at
`http://<host>:5280/pep_avatar/<username>`

    modules_enabled = {
        ...
        "http_pep_avatar";
    }

# Access

Users must [configure] their Avatar PEP nodes to be public, otherwise
access is denied.

# Compatibility

  ------- ---------------
  trunk   Works
  0.11    Works
  0.10    Does not work
  ------- ---------------

[configure]: https://xmpp.org/extensions/xep-0060.html#owner-configure