backup codes

- add hotp_secret to user model
- view to create backup codes in user prefs
- check backup code if otp doesn't work
- increment hotp count if used
- show correct errors if code wrong

bookwyrm/templates/preferences/2fa.html

@@ -17,9 +17,28 @@
         </span>
     </div>
     {% endif %}
-    {% if request.user.two_factor_auth %}
-    <p>Two Factor Authentication is active on your account.</p>
-    <a class="button is-danger" href="{% url 'disable-2fa' %}">{% trans "Disable 2FA" %}</a>
+    {% if backup_codes %}
+    <div class="block">
+        <h3>Backup codes</h3>
+        <div class="block">
+            <p>{% trans "Write down or copy and paste these codes somewhere safe." %}</p>
+            <p>{% trans "You must use them in order, and they will not be displayed again." %}</p>
+        </div>
+        <ul class="content" style="list-style: none;">
+            {% for code in backup_codes %}
+            <li>{{ code }}</li>
+            {% endfor%}
+        </ul>
+    </div>
+    {% elif request.user.two_factor_auth %}
+    <div class="block">
+        <p>Two Factor Authentication is active on your account.</p>
+        <a class="button is-danger" href="{% url 'disable-2fa' %}">{% trans "Disable 2FA" %}</a>
+    </div>
+    <div class="block">
+        <p>{% trans "You can generate backup codes to use in case you do not have access to your authentication app. If you generate new codes, any backup codes previously generated will no longer work." %}</p>
+        <a class="button" href="{% url 'generate-2fa-backup-codes' %}">{% trans "Generate backup codes" %}</a>
+    </div>
     {% elif password_confirmed %}
     <form name="confirm-2fa" action="{% url 'conf-2fa' %}" method="post" enctype="multipart/form-data">
     {% csrf_token %}