feat: add rate limiting, case-insensitive usernames and session security

app/Http/Controllers/Auth/SocialiteController.php

@@ -79,7 +79,7 @@ class SocialiteController extends Controller
             $suggestedUsername = $this->suggestUsername($socialUser);
 
             // Check if username is already taken
-            if (User::where('username', $suggestedUsername)->exists()) {
+            if (User::whereRaw('LOWER(username) = ?', [strtolower($suggestedUsername)])->exists()) {
                 // Store social data in session and redirect to complete profile
                 session()->put('socialite_user', [
                     'email' => $socialUser->getEmail(),
@@ -103,6 +103,7 @@ class SocialiteController extends Controller
         }
 
         Auth::login($user, remember: true);
+        request()->session()->regenerate();
 
         return redirect()->intended(config('auth-ui.redirects.login', '/'));
     }