feat(auth): enhance authentication system with login attempt tracking and configuration options

- Added a new `LoginAttempt` model to track login attempts, including rate limiting and lockout functionality.
- Introduced environment variables for configuring login rate limits and maximum failures.
- Updated the authentication middleware to handle login attempts and enforce rate limits.
- Enhanced the user model with indexing for username and email for improved lookup performance.
- Modified the `.env.example` file to include new optional authentication settings.
- Updated integration tests to cover new login attempt features and authentication state management.

backend/prisma/migrations/20260120000100_add_login_attempts/migration.sql

@@ -0,0 +1,19 @@
+-- CreateTable
+CREATE TABLE "LoginAttempt" (
+    "id" TEXT NOT NULL PRIMARY KEY,
+    "identifier" TEXT NOT NULL,
+    "ip" TEXT NOT NULL,
+    "count" INTEGER NOT NULL DEFAULT 0,
+    "failures" INTEGER NOT NULL DEFAULT 0,
+    "resetTime" DATETIME NOT NULL,
+    "lockoutUntil" DATETIME,
+    "lastAttempt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "createdAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    "updatedAt" DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
+
+-- CreateIndex
+CREATE UNIQUE INDEX "LoginAttempt_identifier_ip_key" ON "LoginAttempt"("identifier", "ip");
+
+-- CreateIndex
+CREATE INDEX "LoginAttempt_lastAttempt_idx" ON "LoginAttempt"("lastAttempt");

backend/prisma/migrations/20260120000100_add_user_lookup_indexes/migration.sql

@@ -0,0 +1,5 @@
+-- CreateIndex
+CREATE INDEX "User_username_idx" ON "User"("username");
+
+-- CreateIndex
+CREATE INDEX "User_email_idx" ON "User"("email");

backend/prisma/schema.prisma

@@ -42,14 +42,17 @@ model Library {
 }
 
 model User {
-  id                      String   @id @default(uuid())
-  username                String?  @unique
-  email                   String?  @unique
-  passwordHash            String
-  mustResetPassword       Boolean  @default(false)
-  role                    String   @default("USER")
-  createdAt               DateTime @default(now())
-  updatedAt               DateTime @updatedAt
+  id                String   @id @default(uuid())
+  username          String?  @unique
+  email             String?  @unique
+  passwordHash      String
+  mustResetPassword Boolean  @default(false)
+  role              String   @default("USER")
+  createdAt         DateTime @default(now())
+  updatedAt         DateTime @updatedAt
+
+  @@index([username])
+  @@index([email])
 }
 
 model SystemConfig {
@@ -58,3 +61,19 @@ model SystemConfig {
   createdAt           DateTime @default(now())
   updatedAt           DateTime @updatedAt
 }
+
+model LoginAttempt {
+  id           String   @id @default(uuid())
+  identifier   String
+  ip           String
+  count        Int      @default(0)
+  failures     Int      @default(0)
+  resetTime    DateTime
+  lockoutUntil DateTime?
+  lastAttempt  DateTime @default(now())
+  createdAt    DateTime @default(now())
+  updatedAt    DateTime @updatedAt
+
+  @@unique([identifier, ip])
+  @@index([lastAttempt])
+}