Security improvements, role in user creation, todo filters fix

- Remove better-auth dependency (unused)
- Update JWT secrets to stronger values
- Add ENCRYPTION_SALT env variable for password encryption
- Add role field to createUserSchema validator
- Accept role from body in admin.controller createUser
- Fix todo filters: add priority filter, handle completed param
- Remove .env.example (merged into .env)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

src/controllers/admin.controller.js

@@ -12,7 +12,7 @@ import * as emailAccountService from '../services/email-account.service.js';
  * POST /api/admin/users
  */
 export const createUser = async (req, res) => {
-  const { username, email, emailPassword, firstName, lastName } = req.body;
+  const { username, email, emailPassword, firstName, lastName, role } = req.body;
   const adminId = req.userId;
   const ipAddress = req.ip || req.connection.remoteAddress;
   const userAgent = req.headers['user-agent'];
@@ -33,13 +33,16 @@ export const createUser = async (req, res) => {
     const tempPassword = generateTempPassword(12);
     const hashedTempPassword = await hashPassword(tempPassword);
 
+    // Validuj role - iba 'admin' alebo 'member'
+    const validRole = role === 'admin' ? 'admin' : 'member';
+
     // Vytvor usera
     const [newUser] = await db
       .insert(users)
       .values({
         username,
         tempPassword: hashedTempPassword,
-        role: 'member', // Vždy member, nie admin
+        role: validRole,
         firstName: firstName || null,
         lastName: lastName || null,
         changedPassword: false,
@@ -74,7 +77,7 @@ export const createUser = async (req, res) => {
     }
 
     // Log user creation
-    await logUserCreation(adminId, newUser.id, username, 'member', ipAddress, userAgent);
+    await logUserCreation(adminId, newUser.id, username, validRole, ipAddress, userAgent);
 
     res.status(201).json({
       success: true,