Merge branch "ui" into branch "dev"

.gitleaksignore

@@ -0,0 +1 @@
+src/ui/templates/profile.html:hashicorp-tf-password:343

src/common/db/Database.py

@@ -1674,18 +1674,43 @@ def get_plugin_template(self, plugin: str) -> Optional[Any]:
     def get_ui_user(self) -> Optional[dict]:
         """Get ui user."""
         with self.__db_session() as session:
-            user = session.query(Users).with_entities(Users.username, Users.password).filter_by(id=1).first()
+            user = session.query(Users).with_entities(Users.username, Users.password, Users.is_two_factor_enabled, Users.secret_token, Users.method).filter_by(id=1).first()
             if not user:
                 return None
-            return {"username": user.username, "password_hash": user.password.encode("utf-8")}
+            return {
+                "username": user.username,
+                "password_hash": user.password.encode("utf-8"),
+                "is_two_factor_enabled": user.is_two_factor_enabled,
+                "secret_token": user.secret_token,
+                "method": user.method,
+            }
 
-    def create_ui_user(self, username: str, password: bytes) -> str:
+    def create_ui_user(self, username: str, password: bytes, *, secret_token: Optional[str] = None, method: str = "manual") -> str:
         """Create ui user."""
         with self.__db_session() as session:
             if self.get_ui_user():
                 return "User already exists"
 
-            session.add(Users(id=1, username=username, password=password.decode("utf-8")))
+            session.add(Users(id=1, username=username, password=password.decode("utf-8"), secret_token=secret_token, method=method))
+
+            try:
+                session.commit()
+            except BaseException:
+                return format_exc()
+
+        return ""
+
+    def update_ui_user(self, username: str, password: bytes, is_two_factor_enabled: bool = False, secret_token: Optional[str] = None) -> str:
+        """Update ui user."""
+        with self.__db_session() as session:
+            user = session.query(Users).filter_by(id=1).first()
+            if not user:
+                return "User not found"
+
+            user.username = username
+            user.password = password.decode("utf-8")
+            user.is_two_factor_enabled = is_two_factor_enabled
+            user.secret_token = secret_token
 
             try:
                 session.commit()

src/common/db/model.py

@@ -257,6 +257,9 @@ class Users(Base):
     id = Column(Integer, primary_key=True, default=1)
     username = Column(String(256), nullable=False, unique=True)
     password = Column(String(60), nullable=False)
+    is_two_factor_enabled = Column(Boolean, nullable=False, default=False)
+    secret_token = Column(String(32), nullable=True, unique=True)
+    method = Column(METHODS_ENUM, nullable=False, default="manual")
 
 
 class Metadata(Base):