feat(auth): implement site-based passcode-to-JWT endpoint

- Add POST /api/authenticate_passcode to verify site access codes
- Refactor sign_jwt to support arbitrary role flags (super, admin, etc.)
- Update dependencies_v3 to extract role flags from JWT payloads
- Add E2E test for passcode auth verification

app/lib_jwt.py

@@ -20,6 +20,7 @@ def sign_jwt(
         user_id: str = None,
         json_str: str = None,
         b64_str: str = None,
+        **kwargs # Allow arbitrary claims (e.g. administrator, manager, super)
         ) -> str:
     log.setLevel(logging.WARNING) # DEBUG, INFO, WARNING, ERROR, EXCEPTION, CRITICAL
     log.debug(locals())
@@ -43,6 +44,11 @@ def sign_jwt(
         'json_str': json_str,
         'b64_str': b64_str,
     }
+    
+    # Merge any additional claims provided via kwargs
+    if kwargs:
+        payload.update(kwargs)
+
     secret = secret_key
     algorithm = 'HS256'
     token = jwt.encode(payload, secret, algorithm=algorithm)