feat: implement secure file upload system with JWT authentication

- Add JWT-based secure file access for local storage with 1-hour expiry
- Implement GORM repository methods for attachment CRUD operations
- Add secure file serving endpoint with token validation
- Update storage interface to support user context in URL generation
- Add comprehensive security features including path traversal protection
- Update documentation with security model and configuration examples
- Add utility functions for hex/byte conversion and UUID validation
- Configure secure file permissions (0600) for uploaded files

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

core/storage/interface_test.go

@@ -54,19 +54,13 @@ func TestNewStorage(t *testing.T) {
 		}
 	})
 	
-	t.Run("B2 Storage", func(t *testing.T) {
+	t.Run("Invalid Backend", func(t *testing.T) {
 		config := Config{
-			Backend: "b2",
-			B2: B2Config{
-				AccountID:      "test-account",
-				ApplicationKey: "test-key",
-				Bucket:         "test-bucket",
-			},
+			Backend: "invalid",
 		}
 		
-		// This will fail because we don't have real B2 credentials
 		storage, err := NewStorage(config)
-		assert.Error(t, err) // Expected to fail without credentials
+		assert.Error(t, err)
 		assert.Nil(t, storage)
 	})