feat: implement PIN authentication with PBKDF2-SHA256 (#46)

- Create lib/auth.ts with PIN hashing and validation functions
- Use PBKDF2-SHA256 with 100,000 iterations for secure hashing
- Implement generateSalt() for 16-byte cryptographic salt generation
- Implement hashPin() with proper error handling and validation
- Implement validatePin() with constant-time comparison to prevent timing attacks
- Implement validatePinStrength() to enforce PIN requirements (4-20 chars, letters + numbers)
- Add generateRandomPin() utility for generating secure test PINs
- Create comprehensive test suite with 30 unit tests covering all functions
- Ensure edge runtime compatibility for Cloudflare Workers
- Update TODO.md to mark PIN authentication tasks as completed

Closes #38

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-authored-by: Claude <noreply@anthropic.com>

Author: nullcoder

docs/TODO.md

@@ -85,10 +85,10 @@ This document tracks the implementation progress of GhostPaste. Check off tasks
 
 ### PIN Authentication (`lib/auth.ts`)
 
-- [ ] Implement PBKDF2 PIN hashing - [#38](https://github.com/nullcoder/ghostpaste/issues/38)
-- [ ] Create PIN validation function - [#38](https://github.com/nullcoder/ghostpaste/issues/38)
-- [ ] Add salt generation utility - [#38](https://github.com/nullcoder/ghostpaste/issues/38)
-- [ ] Create PIN strength validation - [#38](https://github.com/nullcoder/ghostpaste/issues/38)
+- [x] Implement PBKDF2 PIN hashing - [#38](https://github.com/nullcoder/ghostpaste/issues/38)
+- [x] Create PIN validation function - [#38](https://github.com/nullcoder/ghostpaste/issues/38)
+- [x] Add salt generation utility - [#38](https://github.com/nullcoder/ghostpaste/issues/38)
+- [x] Create PIN strength validation - [#38](https://github.com/nullcoder/ghostpaste/issues/38)
 
 ### Integration Testing