Improve OTP code to handle session data in OneTimePasswordVerifyTrait not in LoginTrait

[rochamarcelo]

This is related to #988 and more items.

• Move session delete $this->getRequest()->getSession()->delete(AuthenticationService::TWO_FACTOR_VERIFY_SESSION_KEY);
  from LoginTrait::login to OneTimePasswordVerifyTrait
• On verification page instead of redirecting to login after invalid code submit we should ask the code again