fix links to prevent 404 after e.g. submitting a faulty form (#3982)

templates/user/settings/security_twofa.tmpl

@@ -5,12 +5,12 @@
 	<p>{{.i18n.Tr "settings.twofa_desc"}}</p>
 	{{if .TwofaEnrolled}}
 	<p>{{$.i18n.Tr "settings.twofa_is_enrolled" | Str2html }}</p>
-	<form class="ui form" action="{{.Link}}/two_factor/regenerate_scratch" method="post" enctype="multipart/form-data">
+	<form class="ui form" action="{{AppSubUrl}}/user/settings/security/two_factor/regenerate_scratch" method="post" enctype="multipart/form-data">
 		{{.CsrfTokenHtml}}
 		<p>{{.i18n.Tr "settings.regenerate_scratch_token_desc"}}</p>
 		<button class="ui blue button">{{$.i18n.Tr "settings.twofa_scratch_token_regenerate"}}</button>
 	</form>
-	<form class="ui form" action="{{.Link}}/two_factor/disable" method="post" enctype="multipart/form-data" id="disable-form">
+	<form class="ui form" action="{{AppSubUrl}}/user/settings/security/two_factor/disable" method="post" enctype="multipart/form-data" id="disable-form">
 		{{.CsrfTokenHtml}}
 		<p>{{.i18n.Tr "settings.twofa_disable_note"}}</p>
 		<div class="ui red button delete-button" id="disable-twofa" data-type="form" data-form="#disable-form">{{$.i18n.Tr "settings.twofa_disable"}}</div>
@@ -18,7 +18,7 @@
 	{{else}}
 	<p>{{.i18n.Tr "settings.twofa_not_enrolled"}}</p>
 	<div class="inline field">
-		<a class="ui green button" href="{{.Link}}/two_factor/enroll">{{$.i18n.Tr "settings.twofa_enroll"}}</a>
+		<a class="ui green button" href="{{AppSubUrl}}/user/settings/security/two_factor/enroll">{{$.i18n.Tr "settings.twofa_enroll"}}</a>
 	</div>
 	{{end}}
 </div>