[MFA] enable/disable MFA from EUMAPI

We are adding support for creating/removing/reseting MFA from EUMAPI

Proposal:

Create user with MFA

Request body

{
  "username": "org-user",
  "viewer": true,
  "org_admin": false,
  "email": "org-user@sample-org.com",
  "password": "secret!",
  "api_key": "1a9eda3a51e43f8aa52e1fbcb949aaddee3b1d9f",
  "multifactor_auths": [{ "type": "totp" }]
}

MFA is created with enabled = false any other attributes are ignored. Using an array in case we support more types in the future.

Update user and create MFA

Request body

{
  "username": "org-user",
  "viewer": true,
  "org_admin": false,
  "email": "org-user@sample-org.com",
  "password": "secret!",
  "api_key": "1a9eda3a51e43f8aa52e1fbcb949aaddee3b1d9f",
  "multifactor_auths": [{ "type": "totp" }]
}

MFA is created with enabled = false any other attributes are ignored.

Show user

Response contains the available MFAs for the user and the status

{
  "id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
  "username": "org-user",
  "email":"org-user@sample-org.com",
  "avatar_url":"//example.com/avatars/avatar_stars_blue.png",
  "base_url":"http://sample-org.carto.com/u/org-user",
  "quota_in_bytes":104857600,
  "db_size_in_bytes":0,
  "table_count":0,
  "public_visualization_count":0,
  "all_visualization_count":0,
  "viewer":false,
  "org_admin":false,
  "multifactor_auths": [{ "type": "totp", "enabled": false }]
}

Reset MFA

A specific action for a user that resets all the available MFAs.

<org>.carto.com/u/<org_owner>/api/v2/organization/<org>/users/org-user/reset_multifactor_auths

EDIT: Forgot how to disable MFA

Disable MFA

A specific action for a user that disables all the available MFAs.

<org>.carto.com/u/<org_owner>/api/v2/organization/<org>/users/org-user/disable_multifactor_auths