Add tests for authentication and security features

- Implement unit tests for password handling in `auth_test.ts`, covering bcrypt and legacy password hashes.
- Create a fake database for user management to facilitate testing of the `AdminHandler`.
- Validate JWT-based identity verification against database records.
- Introduce tests for credential encryption and registry management in `security_test.ts`.
- Ensure registry passwords are securely stored and can be decrypted correctly, including legacy support.
- Add utility functions for password hashing and verification in `auth.ts`.

ts/classes/onebox.ts

@@ -6,6 +6,7 @@
 
 import { logger } from '../logging.ts';
 import { getErrorMessage } from '../utils/error.ts';
+import { hashPassword } from '../utils/auth.ts';
 import { OneboxDatabase } from './database.ts';
 import { OneboxDockerManager } from './docker.ts';
 import { OneboxServicesManager } from './services.ts';
@@ -226,8 +227,7 @@ export class Onebox {
       if (!adminUser) {
         logger.info('Creating default admin user...');
 
-        // Simple base64 encoding for now - should use bcrypt in production
-        const passwordHash = btoa('admin');
+        const passwordHash = await hashPassword('admin');
 
         await this.database.createUser({
           username: 'admin',