🚨 Critical: Refactor authentication architecture (30K LOC → 500 LOC)

## Problem

We currently have THREE separate security/auth crates with massive overlap:
- `mcp-auth`: **30,232 lines** (bigger than entire core framework!)
- `mcp-security`: ~3,300 lines  
- `mcp-security-middleware`: 3,045 lines

All three implement JWT/API key validation. Only 1 out of 12 examples uses this.

## Proposed Solution

### Phase 1: Create `mcp-auth-simple` (~500 LOC)
- API key validation only
- Simple middleware integration

### Phase 2: Archive enterprise features
- Move RBAC, vault, sessions to optional `mcp-auth-enterprise`

### Phase 3: Delete redundant crates
- Delete `mcp-security-middleware`
- Merge `mcp-security` into `mcp-server`

**Priority**: CRITICAL | **Effort**: 2-4 weeks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

🚨 Critical: Refactor authentication architecture (30K LOC → 500 LOC) #64

Problem

Proposed Solution

Phase 1: Create `mcp-auth-simple` (~500 LOC)

Phase 2: Archive enterprise features

Phase 3: Delete redundant crates

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

🚨 Critical: Refactor authentication architecture (30K LOC → 500 LOC) #64

Description

Problem

Proposed Solution

Phase 1: Create mcp-auth-simple (~500 LOC)

Phase 2: Archive enterprise features

Phase 3: Delete redundant crates

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

Phase 1: Create `mcp-auth-simple` (~500 LOC)