feat(status-dashboard): implement JWT authentication
Implement JWT token verification for status-dashboard backend:
AuthService enhancements:
- Add verifyAndDecodeToken() method with HS256 verification
- Validate token expiration and required claims
- Export JwtPayload interface (sub, email, roles, iat, exp)
- 25 unit tests covering all verification scenarios
FlexibleAuthGuard integration:
- Extract JWT from Authorization: Bearer header
- Verify token signature and expiration
- Extract user identity (email or sub claim)
- Graceful fallback to other auth methods on failure
Configuration:
- Uses STATUS_JWT_SECRET environment variable
- Supports external auth service tokens
- HS256 algorithm enforcement (prevents algorithm confusion)
Documentation:
- JWT_USAGE.md: Developer guide with examples
- JWT_IMPLEMENTATION_SUMMARY.md: Implementation details
All controllers (HostsController, StatusController) now support
JWT authentication via @AuthMethods('jwt') decorator.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>