Refactor frontend components and enhance API integration

- Updated frontend-nuxt.mdc to specify usage of composables for API calls.
- Added new AuthCard and ConfirmModal components for improved UI consistency.
- Introduced UserAvatar component for user profile display, replacing previous Gravatar implementation.
- Implemented useFormSubmit composable for handling form submissions with loading and error states.
- Enhanced vitest.config.ts to include coverage reporting for composables and components.
- Removed deprecated useAdminApi and useAuth composables to streamline API interactions.
- Updated login and setup pages to utilize new components and composables for better user experience.

internal/app/handlers/handlers.go

@@ -35,6 +35,25 @@ func New(
 	}
 }
 
+// requireMethod writes 405 and returns false if req.Method != method; otherwise returns true.
+func (h *Handlers) requireMethod(rw http.ResponseWriter, req *http.Request, method string) bool {
+	if req.Method != method {
+		JSONError(rw, http.StatusMethodNotAllowed, "method not allowed", "METHOD_NOT_ALLOWED")
+		return false
+	}
+	return true
+}
+
+// requireSession returns session or writes 401 and returns nil.
+func (h *Handlers) requireSession(rw http.ResponseWriter, req *http.Request) *app.Session {
+	s := h.Auth.GetSession(req.Context(), req)
+	if s == nil {
+		JSONError(rw, http.StatusUnauthorized, "Unauthorized", "UNAUTHORIZED")
+		return nil
+	}
+	return s
+}
+
 // requireAdmin returns session if admin, or writes 401 and returns nil.
 func (h *Handlers) requireAdmin(rw http.ResponseWriter, req *http.Request) *app.Session {
 	s := h.Auth.GetSession(req.Context(), req)