feat: add authentication routes, update environment variables, and enhance error handling

Backend/middleware/auth.ts

@@ -0,0 +1,22 @@
+import type { NextFunction, Request, Response } from 'express';
+
+import { verifyAccessToken } from '../utils/jwt';
+
+export function requireAuth(req: Request, res: Response, next: NextFunction): void {
+  const authorization = req.headers.authorization;
+
+  if (!authorization?.startsWith('Bearer ')) {
+    res.status(401).json({ message: 'Missing or invalid authorization header' });
+    return;
+  }
+
+  const token = authorization.slice(7);
+
+  try {
+    const payload = verifyAccessToken(token);
+    req.user = payload;
+    next();
+  } catch {
+    res.status(401).json({ message: 'Invalid or expired token' });
+  }
+}