v2.6.2: Enhances session management and adds dynamic expiration support

Introduces a callback for dynamic session expiration based on user identity and adds functionality to list active sessions, terminate specific sessions, and retrieve the current session ID. It also refactors token authentication to ensure the identity is loaded before calculating session expiration.

v2.6.1: Updates clearIdentity to support optional and string identifiers

Allows the clearIdentity method to be called without arguments, which is now utilized during the logout process. It also expands the accepted identifier types to include strings and handles null values.

v2.6.0: Adds protection against brute-force login attempts

Introduces a mechanism to track failed login attempts by IP address and block authentication when a configurable limit is reached within a specified timeframe. This includes a new LoginAttempt entity and a TooManyLoginAttemptsException.

v2.5.4: Makes IP address optional for onetime tokens

Allows the IP address field to be null in the database and handles cases where $_SERVER['REMOTE_ADDR'] is unavailable, such as when executing from the command line.

v2.5.3: Refactors OTP authentication process.

Refactors the OTP authentication flow to improve security and streamline the user experience.
It injects EntityManagerInterface instead of the concrete implementation,
marks onetime token as used upon successful login, and updates SecurityUser.

v2.5.2: Refactors OTP authentication process.

Refactors the OTP authentication flow to improve security and streamline the user experience.
It injects EntityManagerInterface instead of the concrete implementation,
marks onetime token as used upon successful login, and updates SecurityUser.

v2.5.1: Prevents token limit check bypass

Makes the token limit check optional in the saveToken method
and defaults to enabled.

This prevents bypassing the token limit check by setting a
parameter to false.

Also, ensures only unused tokens are considered when checking
the token limit.

v2.5: Improves security of authentication tokens

Hashes authentication tokens for enhanced security. This change stores and retrieves tokens securely by hashing them, mitigating the risk of token compromise. Also fixes an issue related to finding sessions.

v2.4.6: Improves exception messages on authentication

Improves exception messages in the onetime token authenticator to provide more context for debugging authentication failures.
This makes it easier to identify the cause of authentication issues by including the username, token ID, or identifier in the exception message.

v2.4.5: Handles null identity during authentication

Prevents errors when a user identity cannot be found during the authentication process.

Returns null if the identity cannot be found within the repository,
allowing for proper handling of non-existent users.