Consolidate #/reset web APIs for U2F, 2FA authentication

[alex-kovoy]

We need to unify Gravity and Teleport web APIs for handling #s by bringing Gravity changes to Teleport.

For example, in Gravity we use the same endpoint for U2F/2FA/OFF registrations https://github.com/gravitational/gravity/blob/master/lib/webapi/webapi.go#L683 whereas in Teleport we have separate for U2F and 2FA.

Also, by taking Gravity changes, will automatically address these tickets #1294 #2280

This will also increase a portability of web components between Gravity and Teleport.

[benarent]

I've a few open questions about this ticket, it is good that we'll provide Local user DB needs reset/passwd capability and the ability to Reset/regenerate TOTP 2fa "master key.

My questions are

1. What will happen for a user upgrading from a previous version?
2. Has this work had a security audit from Gravity? and or will we need to retest this once completed?
3. Can we extended the copy / content to be flexible for customers using other OTP apps, and not hard code in Google Authenticator?

[alex-kovoy]

1. It should not impact existing users because most of the changes will be around API (no DB changes).
2. Yes, it went through security audit before.
3. We can discuss the Solidify project infrastructure #3 separately but from my opinion it should simplify adding new features because this work is about reducing the number of exposed endpoints. So when we are to add a new type, we would start from here https://github.com/gravitational/gravity/blob/2b928af8e017039ec3056bd44f6b23ac9208c86b/lib/users/usersservice/usersservice.go#L1357

[benarent]

@alex-kovoy Can we merge this with #3265 ?

[alex-kovoy]

Closing it as it has been implemented #3287 in the hornet branch which is the dev branch for V5 release.