feat: Implement MFA authentication, add ride statistics model, and update various services, APIs, and tests across the application.

backend/config/django/base.py

@@ -15,6 +15,7 @@ Structure:
 
 import sys
 from pathlib import Path
+
 from decouple import config
 
 # =============================================================================
@@ -85,10 +86,11 @@ THIRD_PARTY_APPS = [
     "django_fsm_log",  # FSM transition logging
     "allauth",
     "allauth.account",
+    "allauth.mfa",  # MFA/TOTP support
     "allauth.socialaccount",
     "allauth.socialaccount.providers.google",
     "allauth.socialaccount.providers.discord",
-    "django_turnstile",  # Cloudflare Turnstile CAPTCHA
+    "turnstile",  # Cloudflare Turnstile CAPTCHA (django-turnstile package)
     "django_cleanup",
     "django_filters",
     "django_htmx",
@@ -239,13 +241,9 @@ TEST_RUNNER = "django.test.runner.DiscoverRunner"
 # These imports add/override settings defined above.
 
 # Database configuration (DATABASES, GDAL_LIBRARY_PATH, GEOS_LIBRARY_PATH)
-from config.settings.database import *  # noqa: F401,F403,E402
-
 # Cache configuration (CACHES, SESSION_*, CACHE_MIDDLEWARE_*)
 from config.settings.cache import *  # noqa: F401,F403,E402
-
-# Security configuration (SECURE_*, CSRF_*, SESSION_COOKIE_*, AUTH_PASSWORD_VALIDATORS)
-from config.settings.security import *  # noqa: F401,F403,E402
+from config.settings.database import *  # noqa: F401,F403,E402
 
 # Email configuration (EMAIL_*, FORWARD_EMAIL_*)
 from config.settings.email import *  # noqa: F401,F403,E402
@@ -256,12 +254,15 @@ from config.settings.logging import *  # noqa: F401,F403,E402
 # REST Framework configuration (REST_FRAMEWORK, CORS_*, SIMPLE_JWT, REST_AUTH, SPECTACULAR_SETTINGS)
 from config.settings.rest_framework import *  # noqa: F401,F403,E402
 
-# Third-party configuration (ACCOUNT_*, SOCIALACCOUNT_*, CLOUDFLARE_IMAGES, etc.)
-from config.settings.third_party import *  # noqa: F401,F403,E402
+# Security configuration (SECURE_*, CSRF_*, SESSION_COOKIE_*, AUTH_PASSWORD_VALIDATORS)
+from config.settings.security import *  # noqa: F401,F403,E402
 
 # Storage configuration (STATIC_*, MEDIA_*, STORAGES, WHITENOISE_*, FILE_UPLOAD_*)
 from config.settings.storage import *  # noqa: F401,F403,E402
 
+# Third-party configuration (ACCOUNT_*, SOCIALACCOUNT_*, CLOUDFLARE_IMAGES, etc.)
+from config.settings.third_party import *  # noqa: F401,F403,E402
+
 # =============================================================================
 # Post-Import Overrides
 # =============================================================================

backend/config/django/local.py

@@ -10,6 +10,7 @@ This module extends base.py with development-specific configurations:
 """
 
 import logging
+
 from .base import *  # noqa: F401,F403
 
 # =============================================================================

backend/config/django/production.py

@@ -10,6 +10,7 @@ This module extends base.py with production-specific configurations:
 """
 
 from decouple import config
+
 from .base import *  # noqa: F401,F403
 
 # =============================================================================
@@ -244,8 +245,8 @@ SENTRY_DSN = config("SENTRY_DSN", default="")
 
 if SENTRY_DSN:
     import sentry_sdk
-    from sentry_sdk.integrations.django import DjangoIntegration
     from sentry_sdk.integrations.celery import CeleryIntegration
+    from sentry_sdk.integrations.django import DjangoIntegration
     from sentry_sdk.integrations.redis import RedisIntegration
 
     sentry_sdk.init(