Generate recovery tokens when enabling 2FA on an account

app/Models/RecoveryToken.php

@@ -0,0 +1,39 @@
+<?php
+
+namespace Pterodactyl\Models;
+
+/**
+ * @property int $id
+ * @property int $user_id
+ * @property string $token
+ * @property \Carbon\CarbonImmutable $created_at
+ *
+ * @property \Pterodactyl\Models\User $user
+ */
+class RecoveryToken extends Model
+{
+    /**
+     * There are no updates to this model, only inserts and deletes.
+     */
+    const UPDATED_AT = null;
+
+    /**
+     * @var bool
+     */
+    protected $immutableDates = true;
+
+    /**
+     * @var string[]
+     */
+    public static $validationRules = [
+        'token' => 'required|string',
+    ];
+
+    /**
+     * @return \Illuminate\Database\Eloquent\Relations\BelongsTo
+     */
+    public function user()
+    {
+        return $this->belongsTo(User::class);
+    }
+}

app/Models/User.php

@@ -39,6 +39,7 @@ use Pterodactyl\Notifications\SendPasswordReset as ResetPasswordNotification;
  * @property \Pterodactyl\Models\ApiKey[]|\Illuminate\Database\Eloquent\Collection $apiKeys
  * @property \Pterodactyl\Models\Server[]|\Illuminate\Database\Eloquent\Collection $servers
  * @property \Pterodactyl\Models\DaemonKey[]|\Illuminate\Database\Eloquent\Collection $keys
+ * @property \Pterodactyl\Models\RecoveryToken[]|\Illuminate\Database\Eloquent\Collection $recoveryCodes
  */
 class User extends Model implements
     AuthenticatableContract,
@@ -251,4 +252,12 @@ class User extends Model implements
         return $this->hasMany(ApiKey::class)
             ->where('key_type', ApiKey::TYPE_ACCOUNT);
     }
+
+    /**
+     * @return \Illuminate\Database\Eloquent\Relations\HasMany
+     */
+    public function recoveryCodes()
+    {
+        return $this->hasMany(RecoveryToken::class);
+    }
 }