Adding admin creation, conf and other items

* Config now added, accessible via config.Config
* Admin can now be generated via a randomized URL if there are no admins
in the system
* Added a shared floor to login attempts to block enumeration attacks

models/auth.go

@@ -7,15 +7,16 @@ import (
 
 	"github.com/google/uuid"
 	"github.com/pquerna/otp/totp"
+	"github.com/yxzzy-wtf/gin-gonic-prepack/util"
 	"golang.org/x/crypto/bcrypt"
 )
 
 type Auth struct {
 	Base
-	PasswordHash      string
-	TwoFactorSecret   string
-	TwoFactorRecovery string
-	Verified          bool
+	PasswordHash      string `json:"-"`
+	TwoFactorSecret   string `json:"-"`
+	TwoFactorRecovery string `json:"-"`
+	Verified          bool   `json:"-"`
 }
 
 func (a *Auth) SetPassword(pass string) error {
@@ -85,3 +86,7 @@ func (a *Auth) ValidateTwoFactor(tfCode string, stamp time.Time) error {
 		return errors.New("unlock invalid")
 	}
 }
+
+func (a *Auth) GenerateNewTwoFactorSecret() {
+	a.TwoFactorSecret = string(util.GenerateHmac(20))
+}