Add auth service for signup, login, and token handling

[harsh-hak]

Adds user authentication service supporting signup, login, and secure token handling. Refactors server to allow clean exports and easier testing.

[elanlaw1206]

Hey Harsh ,

thanks for the update. I can’t approve this PR yet because it currently has a merge conflict in server.js (CORS section).

Fix suggestion: when resolving, please combine the two CORS approaches: keep the whitelist callback logic from master (so Postman/curl + localhost variants still work), but also include FRONTEND_ORIGIN as the primary allowed origin.

Also small improvement: can we avoid hardcoding FRONTEND_ORIGIN = "http://localhost:3000" and instead use process.env.FRONTEND_ORIGIN || "http://localhost:3000"?

Once the conflict is resolved and pushed (and CORS is consistent), tag me again , I’ll re-review and approve.

Thanks
King Hei

[elanlaw1206]

Hi Harsh,

CI is currently failing because the workflow expects Vulnerability_Scanner_V1.4.py and the file is missing. I’d prefer to keep Vulnerability_Scanner_V1.4.py as it is currently referenced by the CI workflow, and removing it causes the checks to fail.

To avoid breaking the pipeline for this multi-trimester project, please restore/revert the deletion of Vulnerability_Scanner_V1.4.py. Once checks are green, I’m happy to approve.

Thanks
King Hei