A single-credential HTTP Basic AuthBackend, the browser-promptable companion to
StaticBearerBackend, for human-facing internal pages (admin/diagnostics views)
guarded by one shared password. Mirrors StaticBearerBackend's design:

- Username and password held in secrecy::SecretString (redacted from Debug,
  zeroized on drop); both compared in constant time via subtle, both evaluated
  before deciding so timing reveals neither which half failed nor the secrets.
- Parses Authorization: Basic base64(user:pass) per RFC 7617 (case-insensitive
  scheme, split on first ':'; password may contain colons). Chain contract:
  defers (Ok(None)) when no Basic credential is present, definitive
  InvalidCredentials when one is present but wrong.
- Behind the existing auth feature; adds base64. Re-exported from
  rusty_gasket::auth and the prelude.

13 backend tests (correct/wrong user+pass, defer cases, malformed base64,
missing separator, colon-in-password, case-insensitive scheme, no secret leak
in Debug). Version bumped 0.1.2 -> 0.1.3 (workspace). fmt + clippy --all-features
-D warnings + test --all-features + cargo deny all green locally.

Does not emit a WWW-Authenticate challenge header on 401 (response-layer
concern) — noted as a follow-up for a browser-native login prompt.