Refactor JWT config and enhance security, improve file download, and fix refresh token cleanup

- Restricted public auth endpoints to only /login and /register in SecurityConfig
- Added contentLength header and improved error response in FileController download API
- Refactored JwtService to load secret key and expiration from application properties
- Improved signing key handling using Base64 decoding
- Updated RefreshTokenRepository with @Transactional @Modifying delete query
- Ensured proper refresh token cleanup with flush() in RefreshTokenService
- Annotated refresh token methods with @Transactional for consistency

src/main/java/com/skycrate/backend/skycrateBackend/controller/FileController.java

@@ -53,10 +53,12 @@ public class FileController {
 
             return ResponseEntity.ok()
                     .header(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + filename + "\"")
+                    .contentLength(decryptedData.length)
                     .contentType(MediaType.APPLICATION_OCTET_STREAM)
                     .body(decryptedData);
         } catch (Exception e) {
-            return ResponseEntity.status(500).body("File download failed: " + e.getMessage());
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR)
+                    .body("File download failed: " + e.getMessage());
         }
     }