FEATURE: Implement 2factor login TOTP

implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts

db/migrate/20180109222722_create_user_second_factors.rb

@@ -0,0 +1,12 @@
+class CreateUserSecondFactors < ActiveRecord::Migration[5.1]
+  def change
+    create_table :user_second_factors do |t|
+      t.integer :user_id, null: false
+      t.string :method
+      t.string :data
+      t.boolean :enabled, null: false, default: false
+      t.timestamp :last_used
+      t.timestamps
+    end
+  end
+end