feat(card): OTP Authentication (#21451)

<!--
Please submit this PR as a draft initially.
Do not mark it as "Ready for review" until the template has been
completely filled out, and PR status checks have passed at least once.
-->

## **Description**

<!--
Write a short description of the changes included in this pull request,
also include relevant motivation and context. Have in mind the following
questions:
1. What is the reason for the change?
2. What is the improvement/solution?
-->

This PR introduces OTP verification for users who have two-factor
authentication enabled. During the authentication flow, users with OTP
activated will now be prompted to enter their code to complete the
process.

## **Changelog**

<!--
If this PR is not End-User-Facing and should not show up in the
CHANGELOG, you can choose to either:
1. Write `CHANGELOG entry: null`
2. Label with `no-changelog`

If this PR is End-User-Facing, please write a short User-Facing
description in the past tense like:
`CHANGELOG entry: Added a new tab for users to see their NFTs`
`CHANGELOG entry: Fixed a bug that was causing some NFTs to flicker`

(This helps the Release Engineer do their job more quickly and
accurately)
-->

CHANGELOG entry: Added OTP verification for users with two-factor
authentication enabled.

## **Related issues**

Fixes:

## **Manual testing steps**

```gherkin
Feature: OTP verification

  Scenario: user verifies OTP during login
    Given the user has OTP enabled on their account
    And the user has entered valid login credentials

    When the user is prompted for the OTP code
    And the user enters a valid OTP

    Then the user should be successfully authenticated
    And redirected to the Card Home
```

## **Screenshots/Recordings**

<!-- If applicable, add screenshots and/or recordings to visualize the
before and after of your change. -->

### **Before**

<!-- [screenshots/recordings] -->

### **After**

Since there's no test account with OTP enabled right now, this flow is
simulated, which causes the loading behavior to appear inconsistent.


https://github.com/user-attachments/assets/b1efbba6-3d80-49d1-a759-a067e91e9090

<!-- [screenshots/recordings] -->

## **Pre-merge author checklist**

- [x] I’ve followed [MetaMask Contributor
Docs](https://github.com/MetaMask/contributor-docs) and [MetaMask Mobile
Coding
Standards](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/CODING_GUIDELINES.md).
- [x] I've completed the PR template to the best of my ability
- [x] I’ve included tests if applicable
- [x] I’ve documented my code using [JSDoc](https://jsdoc.app/) format
if applicable
- [x] I’ve applied the right labels on the PR (see [labeling
guidelines](https://github.com/MetaMask/metamask-mobile/blob/main/.github/guidelines/LABELING_GUIDELINES.md)).
Not required for external contributors.

## **Pre-merge reviewer checklist**

- [ ] I've manually tested the PR (e.g. pull and build branch, run the
app, test code being changed).
- [ ] I confirm that this PR addresses all acceptance criteria described
in the ticket it closes and includes the necessary testing evidence such
as recordings and or screenshots.

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> Introduce OTP verification to Card login, update SDK/hooks/types for
OTP and location-aware requests, add i18n strings, and expand tests;
plus minor UI/style tweaks.
> 
> - **Card Authentication UI**:
> - Add OTP step with 6-digit `CodeField`, resend timer/button,
back-to-login, and loading/disabled states.
> - New layout styles (`containerSpaceAround`, `buttonDisabled`), focus
handling, and accessibility props.
> - **Hooks**:
> - Extend `useCardProviderAuthentication` to support OTP
(`sendOtpLogin`, `otpLoading`, `otpError`, `clearOtpError`) and optional
`otpCode` on `login`.
> - Preserve location across steps and return early when OTP is
required.
> - **SDK (`CardSDK`)**:
> - Make requests location-aware (propagate `x-us-env` via new
`location` param).
>   - Update `login` to accept `location` and optional `otpCode`.
>   - Add `sendOtpLogin` endpoint (`POST /v1/auth/login/otp`).
> - Pass `location` to `initiateCardProviderAuthentication`,
`authorize`, and `exchangeToken`.
> - **Types**:
> - Add `CardUserPhase`, `CardVerificationState`; update
`CardLoginResponse` accordingly; extend `CardErrorType`.
> - **Tests**:
> - Large test suite updates for OTP flows (rendering, input,
auto-submit, resend, back, errors/loading, location persistence) and
SDK/hook behaviors.
>   - Snapshot updated for login screen.
> - **Localization**:
> - Add `card.card_otp_authentication.*` strings and interpolation
support.
> - **Misc**:
>   - Minor formatting fix in `PredictMarketOutcome`.
> 
> <sup>Written by [Cursor
Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit
61cd753. This will update automatically
on new commits. Configure
[here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

Author: Brunonascdev

app/components/UI/Card/Views/CardAuthentication/CardAuthentication.styles.ts

@@ -14,6 +14,12 @@ const createStyles = (theme: Theme) =>
       backgroundColor: theme.colors.background.default,
       paddingHorizontal: 16,
     },
+    containerSpaceAround: {
+      flex: 1,
+      backgroundColor: theme.colors.background.default,
+      justifyContent: 'space-around',
+      paddingHorizontal: 16,
+    },
     title: {
       marginTop: 24,
       textAlign: 'center',