Refactor credential management by removing deprecated functions

[helylle]

Remove deprecated VCCS credential management functions

This PR removes two deprecated functions from the VCCS authentication module and fixes a bug in account termination.

Changes

Removed deprecated functions

• add_credentials - Dead code with no usages, replaced by more specific functions (add_password, reset_password, change_password)
• revoke_all_credentials - Migrated single call site to use revoke_passwords

Bug fix in account termination

The deprecated revoke_all_credentials function had a critical bug: it revoked passwords in VCCS but did not remove them from the user object before saving to the database. This created an inconsistency where:

• VCCS backend: passwords were revoked (cannot be used for authentication)
• User database: passwords still existed in user.credentials

The replacement function revoke_passwords properly removes credentials from the user object, ensuring consistency between VCCS and the database.

Updated call site

• security/views/security.py - Account termination now uses revoke_passwords with explicit parameters:
  • reason="account termination"
  • application="security"
  • Properly removes credentials from user object before saving

Code reduction

• Removed 87 lines of deprecated code
• Removed unused import of @deprecated decorator
• Updated test mocks to match new function name

Testing

• ✅ Existing test test_account_terminated passes
• ✅ Type checking clean (mypy + ty)
• ✅ Formatting and linting clean

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud