* chore(deps): add pyotp
* feat(auth): implement TOTP verification
feat(auth): implement TOTP verification and email verification services
- Added TOTP keys management with a new database model `TotpKeys`.
- Introduced `EmailVerification` and `LoginSession` models for email verification.
- Created `verification_service` to handle email verification logic and TOTP processes.
- Updated user response models to include session verification methods.
- Implemented routes for TOTP creation, verification, and fallback to email verification.
- Enhanced login session management to support new location checks and verification methods.
- Added migration script to create `totp_keys` table in the database.
* feat(config): update config example
* docs(totp): complete creating TOTP flow
* refactor(totp): resolve review
* feat(api): forbid unverified request
* fix(totp): trace session by token id to avoid other sessions are forbidden
* chore(linter): make pyright happy
* fix(totp): only mark sessions with a specified token id
* feat(relationship): support legacy-compatible response format
* feat(score): add support for legacy score response format in API
* fix(score): avoid missing greenlet
* fix(score): fix missing field for model validation
* feat(user): apply legacy score format for user
* feat(api): use `int` to hint `APIVersion`
Introduces created_at and updated_at fields to the Playlist model for tracking creation and modification times. Refactors room user removal logic to handle owner transfer and participant count updates more robustly. Updates room query logic for more accurate filtering by category and status. Adds migration stubs for updated_at column in room playlists.
Introduces asset proxy configuration and services to enable replacement of osu! resource URLs with custom domains. Updates API endpoints and caching services to process and rewrite resource URLs when asset proxy is enabled. Adds documentation and environment variables for asset proxy setup.
