* added regulation validator
* made regulations find_time and ban_time values duration notation strings
* added DefaultRegulationConfiguration for the validator
* made session expiration and inactivity values duration notation strings
* TOTP period does not need to be converted because adjustment should be discouraged
* moved TOTP defaults to DefaultTOTPConfiguration and removed the consts
* arranged the root config validator in configuration file order
* adjusted tests for the changes
* moved duration notation docs to root of configuration
* added references to duration notation where applicable
* project wide gofmt and goimports:
* run gofmt
* run goimports -local github.com/authelia/authelia -w on all files
* Make jwt_secret error uniform and add tests
* now at 100% coverage for internal/configuration/validator/configuration.go
* Add period TOPT config key to define the time in seconds each OTP is rotated
* Add skew TOTP config to define how many keys either side of the current one should be considered valid
* Add tests and set minimum values
* Update config template
* Use unix epoch for position calculation and Fix QR gen
* This resolves the timer resetting improperly at the 0 seconds mark and allows for periods longer than 1 minute
* Generate QR based on period
* Fix OTP timer graphic
Session fixation attacks were prevented because a session ID was
regenerated at each first factor authentication but this commit
generalize session regeneration from first to second factor too.
Fixes#180
* Remove unused mongo docker-compose file.
* Default redirection URL was not taken into account.
* Fix possible storage options in config template.
* Remove useless checks in u2f registration endpoints.
* Add default redirection url in config of duo suite.
* Fix log line in response handler of 2FA methods.
* Fix integration tests.
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>