Implement 2FA

[VictorNine]

Implemented in https://github.com/VictorNine/bitwarden-go/tree/2fa

Ready to be tested

[leonghui]

Just a bug to report, after enabling 2FA using the latest Vault (1.2.2), 2FA status becomes disabled but the 2FA prompt is still present. Had to clear tfasecret in the db file to fully disable 2FA.

Steps:

1. Login to Vault
2. Go to Settings -> Two-step Login -> Authenticator App
3. Setup 2FA (I used FreeOTP)
4. Status is "Enabled" (green) for Authenticator App
5. Re-login to vault
6. Vault requests for 2FA
7. Status is "Disabled" (grey) for Authenticator App (!)

Excellent implementation by the way. I am running your server and the official Vault on a simple NAS using alpine containers. Works great!

[VictorNine]

Should be fixed now

[leonghui]

Thanks, 2FA enabling/disabling works now.

Two new bugs

1. Wrong code during 2FA setup results in Vault showing "An unexpected error has occurred" and forced session logout. The server prints "invalid code".

The error message in the official Vault is "Invalid token" and there was no session logout.

2. Wrong code during 2FA login results in logout message. The server prints "a@b.com is trying to login". The 2FA prompt at subsequent login attempts shows "An unexpected error has occurred." but login is successful when the correct code is entered.

The error message in the official Vault is "Two-step token is invalid. Try again."

[VictorNine]

Thanks should be fixed now