feat: add require_auth prop to hosted file download button

- Defaults to true (authenticated_access required) — no change to existing consumers
- Launcher file buttons set require_auth=false to allow unauthenticated downloads

src/lib/ae_core/ae_comp__hosted_files_download_button.svelte

@@ -29,6 +29,7 @@
         color?: 'primary' | 'secondary' | 'tertiary' | 'success' | 'warning' | 'error' | 'surface';
         show_divider?: boolean;
         show_direct_download?: boolean;
+        require_auth?: boolean;
         classes?: string;
         click?: () => void | Promise<any>;
         label?: import('svelte').Snippet;
@@ -50,6 +51,7 @@
         color = 'primary',
         show_divider = true,
         show_direct_download = false,
+        require_auth = true,
         classes = '',
         click,
         label
@@ -289,7 +291,7 @@
     {:else}
         <button
             type="button"
-            disabled={!$ae_loc.trusted_access}
+            disabled={require_auth && !$ae_loc.authenticated_access}
             class={variant_classes}
             onclick={handle_click}
             title={`Download this file:\n${final_filename}\n[API] SHA256: ${hosted_file_obj?.hash_sha256?.slice(0, 10)}...\nHosted ID: ${file_id}\n Linked to: ${linked_to_type} ID: ${linked_to_id}`}