📝 docs: add comprehensive SOLID analysis and code review findings

- Documented SOLID principle violations across codebase
- Identified security best practice improvements needed
- Analyzed performance optimization opportunities
- Added detailed refactoring recommendations
- Updated ADR-0018 with JWT secret rotation reference
- Enabled gitea-client skill for programmer agent

This commit captures the current state analysis before implementing improvements.

pkg/server/server.go

@@ -145,7 +145,18 @@ func (s *Server) setupRoutes() {
 func (s *Server) registerApiV1Routes(r chi.Router) {
 	greetService := greet.NewService()
 	greetHandler := greet.NewApiV1GreetHandler(greetService)
+
+	// Create auth middleware if available
+	var authMiddleware *AuthMiddleware
+	if s.authService != nil {
+		authMiddleware = NewAuthMiddleware(s.authService)
+	}
+
 	r.Route("/greet", func(r chi.Router) {
+		// Add optional authentication middleware
+		if authMiddleware != nil {
+			r.Use(authMiddleware.Middleware)
+		}
 		greetHandler.RegisterRoutes(r)
 	})