* Config now added, accessible via config.Config
* Admin can now be generated via a randomized URL if there are no admins
in the system
* Added a shared floor to login attempts to block enumeration attacks
* Some requests may be sensitive enough to require a secondary
two-factor authorization on the spot
* Examples: changing password, changing email address, viewing API
tokens etc
* This creates a core handler that can attach to any Auth-able method
which will require a "twofactorcode" query param before processing
* Now, if a known email is used, it will still return the same result
* If a known email is used, we will ping the email address to know that
there was a signup attempt
* Signup -> Login -> JWT-Doot flow now works for users
* Administrators cannot currently sign up for obvious reasons
* Segmented the main.go methods into a core controller package
