Release Confirmation should use 2FA for access

[dd32]

If an account has Two Factor enabled on their account, Release Confirmation should require revalidating their 2FA prior to confirming the release.

To streamline things, if the user has Two Factor enabled, an emailed link should not be required either. ie. They should be able to re-validate their 2FA to access the confirm button.

When a user has 2FA setup, we should rely upon that instead of email.

This is more secure, and for those who are using Keys, likely more streamlined.

This is a work in progress, and requires a few more steps.

See https://meta.trac.wordpress.org/ticket/7704

[dd32]

In 13929:

Plugin Directory: Release Confirmation: Rename a function to make it clearer it's purpose.

See ​https://github.com/WordPress/wordpress.org/pull/344.
See #7704.

[dd32]

In 13930:

Plugin Directory: Release Confirmation: Simplify the UI by moving the page-headers to the shortcode.

See ​https://github.com/WordPress/wordpress.org/pull/344.
See #7704.

[dd32]

In 13931:

Plugin Directory: Release Confirmation: Move the front-end notice logic from the theme to the Shortcode.

See ​https://github.com/WordPress/wordpress.org/pull/344.
See #7704.

Rather than having a prompt to 2FA, this would be better implemented if the buttons were just shown as clickable, but upon click the JS handler for revalidation prompted it at that point.

[dd32]

In 13933:

Plugin Directory: Allow plugin reviewers to force approve releases.

This was broken in [13931].

See #7704.

[dd32]

In 14245:

Plugin Directory: Replace button markup with the new button classes.

This resolves the buttons being dark-text-on-dark-background when in a visited state.

See #7704.

[dd32]

In 14262:

Plugin Directory: Require 2FA verification to confirm a plugin release.

This replaces the email access links.
All plugin committers are required to have 2FA enabled now.

Closes ​https://github.com/WordPress/wordpress.org/pull/344.
Fixes #7704.