refactor(backend): replace python-jose and passlib with PyJWT and bcrypt for security and simplicity

- Migrated JWT token handling from `python-jose` to `PyJWT`, reducing dependencies and improving error clarity.
- Replaced `passlib` bcrypt integration with direct `bcrypt` usage for password hashing.
- Updated `Makefile`, removing unused CVE ignore based on the replaced dependencies.
- Reflected changes in `ARCHITECTURE.md` and adjusted function headers in `auth.py`.
- Cleaned up `uv.lock` and `pyproject.toml` to remove unused dependencies (`ecdsa`, `rsa`, etc.) and add `PyJWT`.
- Refactored tests and services to align with the updated libraries (`PyJWT` error handling, decoding, and validation).

backend/pyproject.toml

@@ -43,9 +43,8 @@ dependencies = [
     "pytz>=2024.1",
     "pillow>=12.1.1",
     "apscheduler==3.11.0",
-    # Security and authentication (pinned for reproducibility)
-    "python-jose==3.4.0",
-    "passlib==1.7.4",
+    # Security and authentication
+    "PyJWT>=2.9.0",
     "bcrypt==4.2.1",
     "cryptography>=46.0.5",
     # OAuth authentication