Implement additional security and functionality in authentication with the introduction of docstrings, type hints, and extended verification logic in the TOTP model to prevent repeated token use, improving robustness against replay attacks. Simultaneously, established the groundwork for RADIUS (Remote Authentication Dial-In User Service) support by creating models and management commands essential for handling authentication, accounting packets, and web-based authentication challenges, broadening the system's capability to integrate with network access servers and services.
Resolves issues with token replay attacks and sets the stage for scalable network authentication mechanisms.
Added meaningful inline comments to each dependency in requirements.txt to explain their purpose, improving maintainability. Also introduced 'pyrad' for RADIUS support and 'django-cidrfield' to handle subnet storage requirements. These additions equip the application for better network authentication and IP address management.
Introduce support for Central Authentication Service (CAS) alongside existing OIDC and SAML by integrating a new CAS server app and custom CAS authentication user model. Streamline sign-in infrastructure with updated URL patterns. As part of the update, refactor user model `username` resolution to leverage the email field directly. Includes necessary Django migrations to support new authentication features and removes a deprecated OIDC provider dependency.
