[Security] Implement Two-Factor Authentication (2FA) and Email Verification System

[AntGa]

Problem

Currently, users can log in with any email, which allows them to impersonate others. This creates a security risk, as unverified users can access the platform and potentially abuse it. We need to introduce a system where:

• Users must verify their email address before accessing any features.
• Unverified accounts should be restricted from any actions.
• If an account remains unverified for a certain period, it should be deleted.

Objectives

• Implement email verification during the signup or login process.
• Restrict access to unverified users (e.g., no access to game features or profile updates).
• Send reminder emails for account verification.
• Automatically delete unverified accounts after a specified period (e.g., 24 or 48 hours).
• Introduce optional two-factor authentication (2FA) to further enhance account security for verified users.

Acceptance Criteria

• Users cannot access features or perform any actions until they verify their email.
• Unverified accounts are automatically deleted after a specified period if the email is not verified.
• 2FA system is introduced to allow verified users to add an extra layer of security.
• Email reminders are sent to users with unverified accounts.
• PR reviewed and tested to ensure functionality and security.
• Documentation updated to reflect changes in the account login and security flow.