feat(auth): enhance authentication system with login attempt tracking and configuration options

- Added a new `LoginAttempt` model to track login attempts, including rate limiting and lockout functionality.
- Introduced environment variables for configuring login rate limits and maximum failures.
- Updated the authentication middleware to handle login attempts and enforce rate limits.
- Enhanced the user model with indexing for username and email for improved lookup performance.
- Modified the `.env.example` file to include new optional authentication settings.
- Updated integration tests to cover new login attempt features and authentication state management.

frontend/src/api/index.ts

@@ -93,6 +93,20 @@ api.interceptors.request.use(
   (error) => Promise.reject(error)
 );
 
+// Reset auth state when auth is disabled
+api.interceptors.response.use(
+  (response) => response,
+  async (error) => {
+    if (
+      error.response?.status === 404 &&
+      error.response?.data?.message?.includes("Authentication is disabled")
+    ) {
+      unauthorizedHandler?.();
+    }
+    return Promise.reject(error);
+  }
+);
+
 // Add response interceptor to handle CSRF token errors
 api.interceptors.response.use(
   (response) => response,