Add MFA support

app/models/auth/MFAToken.model.js

@@ -0,0 +1,25 @@
+const { Model } = require('flitter-orm')
+const speakeasy = require('speakeasy')
+
+class MFATokenModel extends Model {
+    static get services() {
+        return [...super.services, 'MFA']
+    }
+
+    static get schema() {
+        return {
+            secret: String,
+            otpauth_url: String,
+        }
+    }
+
+    verify(value) {
+        return speakeasy.totp.verify({
+            secret: this.secret,
+            encoding: 'base32',
+            token: value,
+        })
+    }
+}
+
+module.exports = exports = MFATokenModel

app/models/auth/User.model.js

@@ -2,6 +2,7 @@ const AuthUser = require('flitter-auth/model/User')
 const LDAP = require('ldapjs')
 
 const ActiveScope = require('../scopes/ActiveScope')
+const MFAToken = require('./MFAToken.model')
 
 /*
  * Auth user model. This inherits fields and methods from the default
@@ -21,6 +22,8 @@ class User extends AuthUser {
             email: String,
             ldap_visible: {type: Boolean, default: true},
             active: {type: Boolean, default: true},
+            mfa_token: MFAToken,
+            mfa_enabled: {type: Boolean, default: false},
         }}
     }