Implement VLAN distribution functionality for H3C switches and RFC 2868 compliant devices

[Copilot]

Problem

Users were unable to configure VLAN assignment for H3C switches through the ToughRadius web interface. While the database schema already included vlanid1 and vlanid2 fields in the RadiusUser model, there was no UI to configure these values and no backend logic to send VLAN assignment attributes during RADIUS authentication.

Solution

This PR implements complete VLAN distribution functionality using RFC 2868 tunnel attributes:

UI Enhancements

• User Management Forms: Added VLAN ID 1 and VLAN ID 2 input fields with helpful placeholders
• User Detail View: Added read-only VLAN fields for administrators to view current assignments
• Data Table: Added VLAN ID columns to the user list for easy visibility of VLAN configurations

Backend Implementation

Added VLAN assignment logic in auth_accept_config.go that automatically sends RFC 2868 tunnel attributes when users have configured VLAN IDs:

// Tunnel-Type = VLAN (13) - RFC 2868 standard value for VLAN
rfc2868.TunnelType_Set(radAccept, tag, rfc2868.TunnelType(13))

// Tunnel-Medium-Type = IEEE-802 (6) for Ethernet
rfc2868.TunnelMediumType_Set(radAccept, tag, rfc2868.TunnelMediumType(6))

// Tunnel-Private-Group-ID = VLAN ID (as string)
rfc2868.TunnelPrivateGroupID_SetString(radAccept, tag, fmt.Sprintf("%d", vlanId))

Logic Flow

1. Primary VLAN ID (vlanid1) is used first if configured
2. Falls back to secondary VLAN ID (vlanid2) if primary is not set
3. No VLAN attributes are sent if both fields are empty
4. Works with all vendor-specific authentication flows

Documentation

Added comprehensive documentation in /docs/VLAN_DISTRIBUTION.md covering:

• Configuration instructions for administrators
• Switch compatibility requirements
• Troubleshooting guide
• Example configurations

Testing

Verified functionality with test cases demonstrating proper tunnel attribute configuration:

✓ Tunnel-Type: tag=0, value=13 (VLAN)
✓ Tunnel-Medium-Type: tag=0, value=6 (IEEE-802)
✓ Tunnel-Private-Group-ID: tag=0, value=100 (VLAN ID)

Compatibility

This implementation uses standard RFC 2868 tunnel attributes, making it compatible with:

• H3C switches (primary use case)
• Cisco switches
• Any RFC 2868 compliant network device supporting RADIUS-based VLAN assignment

Impact

• Backward Compatible: No breaking changes to existing functionality
• Standards Compliant: Uses RFC 2868 tunnel attributes
• User Friendly: Simple web interface for VLAN configuration
• Well Documented: Complete setup and troubleshooting guide

Resolves the issue where administrators couldn't configure VLAN distribution for H3C switches through the ToughRadius interface.

Original prompt

---

This section details on the original issue you should resolve

<issue_title>怎么添加下发vlan</issue_title>
<issue_description>在华三的交换机上配置了radius，设备成功认证但是没在toughradius的后台找到在那儿配下发的vlanid，我看数据库里有vlan的字段但是改了没生效，如果大佬看到麻烦解答一下</issue_description>

Comments on the Issue (you are @copilot in this section)

Fixes #186

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.