fix: Add CSRF protection and fix token masking issues

Security Improvements:
- Add CSRF token validation for config POST requests
- Add /api/csrf endpoint to generate CSRF tokens
- Add unmask parameter to /api/config for internal API usage
- Fix token masking in Settings UI while keeping API functional

Bug Fixes:
- Fix "Disconnected" status caused by masked token
- Fix session token generation using crypto.randomBytes
- Fix XSS vulnerability in LogViewer component
- Fix path traversal in artifacts download
- Fix rate limiting to fail-closed
- Fix parseInt radix and NaN validation
- Fix memory exhaustion with batch processing

Testing:
- Add Jest testing framework with 26 unit tests
- Add auth.test.ts with password hashing tests
- Add logger.test.ts with sanitization tests
- All tests passing (100% pass rate)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

Author: ismoilovdevml

jest.config.js

@@ -0,0 +1,36 @@
+const nextJest = require('next/jest')
+
+const createJestConfig = nextJest({
+  // Provide the path to your Next.js app to load next.config.js and .env files in your test environment
+  dir: './',
+})
+
+// Add any custom config to be passed to Jest
+const customJestConfig = {
+  setupFilesAfterEnv: ['<rootDir>/jest.setup.js'],
+  testEnvironment: 'jest-environment-jsdom',
+  moduleNameMapper: {
+    '^@/(.*)$': '<rootDir>/src/$1',
+  },
+  testMatch: [
+    '**/__tests__/**/*.[jt]s?(x)',
+    '**/?(*.)+(spec|test).[jt]s?(x)'
+  ],
+  collectCoverageFrom: [
+    'src/**/*.{js,jsx,ts,tsx}',
+    '!src/**/*.d.ts',
+    '!src/**/*.stories.{js,jsx,ts,tsx}',
+    '!src/**/__tests__/**',
+  ],
+  coverageThreshold: {
+    global: {
+      branches: 50,
+      functions: 50,
+      lines: 50,
+      statements: 50,
+    },
+  },
+}
+
+// createJestConfig is exported this way to ensure that next/jest can load the Next.js config which is async
+module.exports = createJestConfig(customJestConfig)

jest.setup.js

@@ -0,0 +1,2 @@
+// Learn more: https://github.com/testing-library/jest-dom
+import '@testing-library/jest-dom'