Add Backend Support for Two-Factor Authentication (2FA)

[camillegonzales]

Is your feature request related to a problem? Please describe. The CARE project currently lacks backend support for Two-Factor Authentication (2FA). Frontend work (Issue #6715) is in progress, but backend enhancements are essential for generating, verifying, and securely storing Time-Based One-Time Password (TOTP) tokens. Without backend support, 2FA cannot function, leaving accounts vulnerable to unauthorized access.

Describe the solution you'd like Add backend functionality to complement frontend implementation:

• Database Updates: Add fields for encrypted TOTP secrets and 2FA status.
• API Endpoints:
  • Generate and verify TOTP tokens
  • Enable/disable 2FA
  • Provide backup codes for recovery
• Security Measures:
  • Encrypt TOTP secrets
  • Implement rate limiting for token verification
• Testing: Create unit and integration tests for all 2FA features

Describe alternatives you've considered

• Relying only on frontend logic for 2FA is insecure
• Using external 2FA services increases dependency on third-party tools and raises privacy concerns

Additional context The frontend issue mentions integrating a library compatible with TOTP, such as pyotp.

[shobhit8797]

@camillegonzales or maintainers, I would like to work on this issue. Please assign me this issue

[yash-learner]

@camillegonzales Thanks for creating the backend issue.

@shobhit8797 I had started working on MFA and created a Proposal and waiting for review.