Refactor App Passwords

[julien731]

For reasons that are stated in #29 the app passwords component needs a refactoring. What seems to be the best solution is the creation of a custom database table.

This would have multiple advantages:

• easy to store app passwords and backup codes in the same table
• super simple to lookup an app password
• no messy array to play with to invalidate a code
• no weird process to make sure that a key of a hash is unique (yeah it sounds weird)

The custom table should be something like this:

ID |user_id | key | type | count

If we go that way, though, it would make sense that the access log has its own custom table as well. The current access log has the following information:

• key (the app password hash key. Yeah, the weird thing)
• last_used
• ip
• user_agent
• method

It goes without saying that an upgrade routine will be necessary...