Add JWT-based security and /me endpoint

Introduced JWT-based authentication with role handling using Keycloak. Added the `/me` endpoint to return user information and roles. Configured testing, Keycloak integration, and public-facing `/public/info` endpoint enhancements.

keycloak/realm-hemhub.json

@@ -0,0 +1,56 @@
+{
+  "realm": "hemhub",
+  "enabled": true,
+  "displayName": "HemHub",
+  "users": [
+    {
+      "username": "maria",
+      "email": "maria@example.com",
+      "enabled": true,
+      "emailVerified": true,
+      "attributes": { "household_id": ["H-ANDERSSON"] },
+      "credentials": [{ "type": "password", "value": "Passw0rd!", "temporary": false }],
+      "realmRoles": ["OWNER","MEMBER"]
+    },
+    {
+      "username": "ulf",
+      "email": "ulf@example.com",
+      "enabled": true,
+      "emailVerified": true,
+      "attributes": { "household_id": ["H-ANDERSSON"] },
+      "credentials": [{ "type": "password", "value": "Passw0rd!", "temporary": false }],
+      "realmRoles": ["MEMBER"]
+    }
+  ],
+  "roles": {
+    "realm": [
+      {"name":"OWNER","composite":false},
+      {"name":"MEMBER","composite":false},
+      {"name":"ADMIN","composite":false}
+    ]
+  },
+  "clients": [
+    {
+      "clientId": "hemhub-public",
+      "publicClient": true,
+      "redirectUris": ["http://localhost:5173/*","http://localhost:8080/swagger-ui/*"],
+      "standardFlowEnabled": true,
+      "implicitFlowEnabled": false,
+      "directAccessGrantsEnabled": true,
+      "attributes": { "pkce.code.challenge.method": "S256" }
+    },
+    {
+      "clientId": "hemhub-service",
+      "serviceAccountsEnabled": true,
+      "secret": "dev-secret",
+      "publicClient": false,
+      "redirectUris": [],
+      "directAccessGrantsEnabled": false,
+      "standardFlowEnabled": false
+    }
+  ],
+  "clientScopes": [
+    {"name":"roles","protocol":"openid-connect"}
+  ],
+  "defaultDefaultClientScopes": ["roles", "profile", "email"]
+}