refactor: Clean up logging system with LOG_LEVEL filtering

- Add LOG_LEVEL env variable support (debug, info, warn, error)
- Default to 'info' level for production-ready logs
- Integrate Morgan HTTP logging with custom logger
- Remove console.logs and replace with custom logger
- Remove sensitive password debug logs from email service
- Remove noisy warn logs from email sync and event notifier
- Add gray color for timestamps to improve readability

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

src/app.js

@@ -10,6 +10,7 @@ import { validateBody } from './middlewares/global/validateBody.js';
 import { notFound } from './middlewares/global/notFound.js';
 import { errorHandler } from './middlewares/global/errorHandler.js';
 import { apiRateLimiter } from './middlewares/security/rateLimiter.js';
+import { logger } from './utils/logger.js';
 
 // Import routes
 import authRoutes from './routes/auth.routes.js';
@@ -29,8 +30,9 @@ import eventRoutes from './routes/event.routes.js';
 
 const app = express();
 
-// Security middleware
-app.use(morgan('dev'));
+// HTTP request logging via Morgan -> custom logger
+const morganStream = { write: (message) => logger.http(message.trim()) };
+app.use(morgan(':method :url :status :response-time ms', { stream: morganStream }));
 app.use(
   helmet({
     contentSecurityPolicy: {