add support for two-factor / otp auth

[ThomasWaldmann]

Original report by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann).

The original report had attachments: flaskapp.py

---

add support for apps like google authenticator, use pyotp, oath or just some builtin code.

http://stackoverflow.com/questions/8529265/google-authenticator-implementation-in-python

maybe needs some additional code to generate qr code for the shared secret, e.g.:

https://github.com/lincolnloop/python-qrcode

see also the passlib issue about this:

http://code.google.com/p/passlib/issues/detail?id=44

Note: while not strictly required, it is useful to have a device that can scan a qrcode for this task. otherwise you have to somehow otherwise share the secret.

[ThomasWaldmann]

Original comment by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann).

---

see also issue #380 - maybe better?

[ThomasWaldmann]

Original comment by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann).

---

btw, it is important to also implement a switch to and away from 2fa, so not all users are required to use it (see how google and others handle it).

[ThomasWaldmann]

Original comment by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann).

---

a simple flask demo app for otp / 2factor

[ThomasWaldmann]

Original comment by Thomas Waldmann (Bitbucket: thomaswaldmann, GitHub: thomaswaldmann).

---

here is an existing implementation for wordpress:

http://wordpress.org/extend/plugins/google-authenticator/screenshots/