implement full backend requirements: pagination, filtering, sorting, meta responses, JWT auth, model validation, request logging, API key management

- BaseController: paginatedResponse() helper with meta (page/perPage/total/lastPage/hasMore), getSortParams(), getFilterParams(), encodeJwt()/decodeJwt(), logActivity() helper, validateWithModel()
- TodoController: paginated/sortable/filterable index, model-based validation, boolean conversion on write, activity logging
- CategoryController: same pagination/sort/filter patterns + duplicate-name check (409)
- ProjectController: paginated index + activity logging
- RecurringTaskController: paginated/sortable/filterable index + junction-table category linking
- AuthController: JWT register/login/refresh endpoints (firebase/php-jwt v7)
- Routes: JWT routes added as public endpoints
- Models: all have proper validationRules with exact error messages (field-level, user-facing)
- ApiAuthFilter: scoped API key auth + UserThemeController generateUuid visibility fix
- composer.json: add firebase/php-jwt ^7.0

app/Config/Routes.php

@@ -33,6 +33,11 @@ $routes->group('api/v1', ['namespace' => 'App\Controllers\Api\V1', 'filter' => '
     // Marketplace - Public access
     $routes->get('marketplace/themes', 'MarketplaceController::index');
     $routes->get('marketplace/themes/(:num)', 'MarketplaceController::show/$1');
+    
+    // JWT Authentication
+    $routes->post('auth/jwt/register', 'AuthController::jwtRegister');
+    $routes->post('auth/jwt/login', 'AuthController::jwtLogin');
+    $routes->post('auth/jwt/refresh', 'AuthController::jwtRefresh');
 });
 
 // Protected endpoints (API key authentication required)