Adding requirement for password confirmation for: activating a plugin, deactivating a plugin, uninstalling a plugin. And for CorePluginsAdmin.setSystemSettings.
Is it common for asking password as a URL parameter when we already have the token validation? Is it necessary? I can't remember using API like this.
@flamisz if you grep through API files for 'passwordConfirmation', you'll find similar methods. It is an extra security precaution for sensitive settings and changes.
Also just realized I forgot to the UI related changes, will move this back to a draft.
Added the UI changes. Also noticed we were using the old
ready: event for materializecss modals, should be using