Revisit and refresh 2FA

[hellopablo]

Consider re-writing this from scratch

• Configure using the database
• Use MFA drivers; drivers provide interface for configuring as well as delivering codes
  • Email
  • Authenticator
• Enforce using the events system
  • listen for EVENT_PRE_SUCCESSFULL_LOGIN or similar and require login code if configured for the user
  • listen for SYSTEM_READY event and require 2FA set up if required for the group
• support backup codes/account recovery

Other features to consider:

• Use nails/module-barcode rather than Google Charts
• Extract model methods into a 2FA service
• Support opt-in behaviour
• Allow to be configured per group
• Power settings via the database
• Support backup codes / otherwise gain access to a locked account