Disable or hide the MFA link in the nav bar if MFA isn't enabled

[dantownsend]

I'm not sure how best to do this at the moment, but it would be good to hide the MFA link in the nav bar, if no MFA providers are configured.

Related to #405

[sinisaos]

@dantownsend I don't know if this is a good approach, but in my opinion this is the simplest way to add an MFA status for the enable/disable link in the navbar. Branch is here

[dantownsend]

@sinisaos It's a good idea.

I thought about adding an attribute to the /api/user/ endpoint, but that felt like a hack.

We can't reuse the meta endpoint, because that's public, and we don't want to disclose whether MFA is enabled publicly.

I see you created an endpoint like this:

   def get_mfa_status(self) -> JSONResponse:
        """
        Returns the status of MFA providers.
        """
        return JSONResponse(
            {"mfa_enabled": True if self.mfa_providers else False}
        )

Which I think is good. I'm just weighing up if it's worth doing this:

   def get_mfa_providers(self) -> JSONResponse:
        """
        Returns the names of MFA providers.
        """
        return JSONResponse(
            [{"name": provider.name} for provider in providers]
        )

And we mount it as /api/mfa, so we have the foundations of some Restful endpoints, which we can build upon in the future if needed.

What do you think?

And then in the Vue code, we make sure that the length of the providers is > 0.

[dantownsend]

Or, we always the show the link, and it links to a page which lists all of the providers. If there are no providers, we say something like 'MFA isn't currently enabled - speak to your admin to set it up'.

Just trying to think if we can 'kill two birds with one stone', and solve the problem of multiple MFA providers at the same time.

[sinisaos]

I like both of your ideas and know you will find the optimal solution. If you find something useful in the branch from the previous comment, feel free to use it.