feat(testing): Add foundational Playwright security test

Adds the first successful, stable Playwright integration test for the SvelteKit frontend. This test serves as a template for future UI/UX and integration tests.

Key outcomes and learnings captured in this test:
- Establishes a pattern for running tests against the high-speed 'npm run dev' server.
- Verifies critical API security header logic, including the unauthenticated bypass for lookups and account ID scavenging from localStorage.
- Solves application boot crashes in a test environment by injecting a complete, default 'ae_loc' state object into localStorage before the app hydrates.
- Demonstrates the correct, race-condition-free pattern for waiting on network requests that are handled by API mocks.

This commit also removes the old, unreliable Node.js-based scripts ('verify_jwt_logic.js', 'verify_jwt_sync.js') that these new tests replace.

playwright.config.ts

@@ -2,22 +2,17 @@ import type { PlaywrightTestConfig } from '@playwright/test';
 
 const config: PlaywrightTestConfig = {
     webServer: {
-        command: 'npm run build && npm run preview',
-        port: 4173
-        // url: 'http://scott.localhost:5173',
-        // reuseExistingServer: true,
-        // stderr: 'pipe',
-        // stdout: 'pipe',
+        command: 'npm run dev',
+        port: 5173,
+        reuseExistingServer: true,
     },
     testDir: 'tests',
     testMatch: /(.+\.)?(test|spec)\.[jt]s/,
     reporter: 'list',
     use: {
-        // Collect trace when retrying the failed test.
+        baseURL: 'http://demo.localhost:5173',
         trace: 'on-first-retry'
     }
-    // grep: /@node_modules/,
-    // grepInverse: /@node_modules/,
 };
 
 export default config;