feat: implement local-files feature with various enhancements and cleanup

k-tv-backend/infra/src/auth/jwt.rs

@@ -179,11 +179,7 @@ impl JwtValidator {
     /// Get the user ID (subject) from a token without full validation
     /// Useful for logging/debugging, but should not be trusted for auth
     pub fn decode_unverified(&self, token: &str) -> Result<JwtClaims, JwtError> {
-        let mut validation = Validation::new(Algorithm::HS256);
-        validation.insecure_disable_signature_validation();
-        validation.validate_exp = false;
-
-        let token_data = decode::<JwtClaims>(token, &self.decoding_key, &validation)
+        let token_data = jsonwebtoken::dangerous::insecure_decode::<JwtClaims>(token)
             .map_err(|_| JwtError::InvalidFormat)?;
 
         Ok(token_data.claims)