Add optional support for 2FA

[ldilley]

@mobbyg mentioned adding support for 2FA in Discord recently. We should allow the optional use of 2FA for increased security. We can leverage the well-known Google or Microsoft authentication apps for this purpose. There are several decent Google Auth libraries implemented in PHP that take care of the heavy lifting already:

https://github.com/PHPGangsta/GoogleAuthenticator (somewhat dated)
https://github.com/Dolondro/google-authenticator (somewhat active)
https://github.com/chregu/GoogleAuthenticator.php (dated)
https://github.com/sonata-project/GoogleAuthenticator (actively maintained)

The web forms will require updating to enable users to enroll/associate and detach an authenticator with/from their account along with challenging them for a one-time PIN after username and password authentication.

[ldilley]

https://github.com/multiOTP/multiotp, which supports SMS, may also be an option. This project is bulkier than the aforementioned libs that only focus on Google's [H|T]OTP implementation however.