[FEATURE] Introduce MFA in Core

A new API is introduced, providing multi-factor
authentication for the Core. The API is furthermore
directly used to add two MFA providers by default:

* TOTP (time-based one-time passwords)
* Recovery codes

Even if the API is designed to allow MFA in both,
backend and frontend, it is currently only implemented
into the backend. Users can therefore configure their
available MFA providers in a new backend module,
accessible via their user settings.

There are also some configuration options for
administrators to e.g. define a recommended provider
or to disallow available providers for specific users
or user groups.

Administration of the users' MFA providers is possible
for administrators in the corresponding user records.

New providers can be introduced by implementing the
MfaProviderInterface and tagging the service with the
`mfa.provider` tag.

Note that the API is currently marked as internal since
changes in upcoming patches are to be expected.

Following dependencies are introduced:

* bacon/bacon-qr-code "^2.0"
* christian-riesen/base32 "^1.5"

Possible features that could follow later-on:

* MFA frontend integration
* Webauthn core provider for FIDO2 and U2F.
* Forcing users to set up MFA on login
* Password-recovery with active MFA

Resolves: #93526
Releases: master
Change-Id: I4e902be624c80295c9c0c3286c90a6a680feeb5d
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/67548


Reviewed-by: Benjamin Franzke <bfr@qbus.de>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: core-ci <typo3@b13.com>
Tested-by: Benjamin Franzke <bfr@qbus.de>
Tested-by: Benni Mack <benni@typo3.org>