feat: Implement TOTP-based Two-Factor Authentication

- Add django-otp and qrcode dependencies
- Create comprehensive 2FA views and templates in German
- Add 2FA setup, verification, and management interfaces
- Implement backup token system with 10 recovery codes
- Add TwoFactorMiddleware for session enforcement
- Integrate 2FA controls into user navigation menu
- Support QR code generation for authenticator apps
- Add forms for secure 2FA operations with validation
- Configure OTP settings and admin site integration

Features:
- Optional 2FA (users can enable/disable)
- TOTP compatible with Google Authenticator, Authy, etc.
- Backup codes for emergency access
- German language interface
- Session-based 2FA enforcement
- Password confirmation for sensitive operations
- Production-ready with HTTPS support

app/stiftung/urls.py

@@ -331,6 +331,12 @@ urlpatterns = [
     path(
         "administration/users/<int:pk>/delete/", views.user_delete, name="user_delete"
     ),
+    # Two-Factor Authentication URLs
+    path("auth/2fa/setup/", views.two_factor_setup, name="two_factor_setup"),
+    path("auth/2fa/qr/", views.two_factor_qr, name="two_factor_qr"),
+    path("auth/2fa/verify/", views.two_factor_verify, name="two_factor_verify"),
+    path("auth/2fa/disable/", views.two_factor_disable, name="two_factor_disable"),
+    path("auth/2fa/backup-tokens/", views.backup_tokens, name="backup_tokens"),
     # Hilfsbox URLs
     path("help-box/edit/", views.edit_help_box, name="edit_help_box"),
     path("help-box/admin/", views.edit_help_box, name="help_boxes_admin"),