feat: implement authentication middleware for protected APIs

[ash1shkumar]

🚀 Description

Implemented authentication and authorization middleware for protected backend APIs using Supabase token validation.

Changes Made

• Added centralized authenticateUser middleware
• Protected task, chat, analytics, and feed routes
• Integrated Supabase token verification on backend
• Added frontend Authorization header support
• Added authenticated API calls for protected actions
• Injected authenticated user into request lifecycle (req.user)

Protected APIs

• /api/tasks
• /api/chat
• /api/feed (POST routes)
• /api/analytics

Frontend Updates

• Added Supabase session token handling
• Added Bearer token propagation for protected requests
• Updated task, chat, analytics, and feed integrations

Security Improvements

• Prevents unauthorized access to protected APIs
• Centralized authentication architecture
• Future-ready middleware-based authorization flow

Fixes #121

Expected Labels:
level3 NSoC‘26

[vercel]

@ash1shkumar is attempting to deploy a commit to the shreemp194-gmailcom's projects Team on Vercel.

A member of the Team first needs to authorize it.

[github-actions]

👋 Thank you for opening this pull request! I will review your changes and assist you soon.