feat: 后端用户认证和权限过滤

- 新增 auth 模块：jumpToken 代理交换、用户信息获取、JWT 签发
- 三级权限：full(所有权限/数智中心/BI-Leader)、department(BI-Leader-Dep)、personal
- 添加 managerId 到车辆数据模型，支持个人级别按 userId 精确过滤
- auth 中间件保护所有 /api/* 端点（跳过 /api/health 和 /api/auth/*）
- 所有路由集成 filterByPermission 权限过滤

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

package.json

@@ -13,8 +13,10 @@
   },
   "dependencies": {
     "@hono/node-server": "^1.13.0",
+    "@types/jsonwebtoken": "^9.0.10",
     "dotenv": "^16.4.0",
     "hono": "^4.7.0",
+    "jsonwebtoken": "^9.0.3",
     "lucide-react": "^0.546.0",
     "motion": "^12.23.24",
     "mysql2": "^3.11.0",