Add key access controls

[keenanjohnson]

To address #14

[Copilot]

Pull request overview

This PR adds API key enforcement for the /data endpoint to limit public access, with SQLite-backed key storage and CLI key management.

Changes:

• Adds internal/auth store, middleware, and tests for issuing, revoking, listing, and verifying API keys.
• Wires /data through API key middleware and adds a keygen subcommand.
• Updates deployment/configuration docs, Fly volume/env setup, Docker/Go versions, and dependency files.

Reviewed changes

Copilot reviewed 11 out of 12 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
TODO.md	Marks Go version and API key access-control tasks as completed/partially completed.
README.md	Documents API key usage, key management commands, and updated prerequisites/configuration.
main.go	Initializes the key store and protects /data with auth middleware.
keygen.go	Adds CLI commands for issuing, listing, and revoking API keys.
internal/auth/middleware.go	Adds HTTP middleware for API key extraction and verification.
internal/auth/auth.go	Adds SQLite-backed API key storage and hashing logic.
internal/auth/auth_test.go	Adds auth store and middleware tests.
go.mod	Updates Go/tooling requirements and adds SQLite/test dependencies.
go.sum	Adds dependency checksums.
fly.toml	Configures persistent storage and API key DB path for Fly.io.
Dockerfile	Updates the Go builder image.
.env.example	Adds local API key database path configuration.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.