Implement secure storage for JWT keys using secret files

[coderabbitai]

Background

The application currently uses placeholder JWT keys in appsettings.json and appsettings.Development.json files, which poses a security risk if these placeholders are not replaced before deployment to production.

Objective

Implement a secure method to store and access JWT keys that doesn't rely on configuration files that might be committed to version control.

Proposed Solution

• Implement secret file storage for JWT keys
• Configure the application to load JWT keys from secret files or environment variables
• Document the process for developers to set up their local environments
• Add validation to prevent the application from starting if secure JWT keys are not properly configured in production environments

Benefits

• Prevents accidental exposure of sensitive keys in version control
• Follows security best practices for handling sensitive configuration
• Simplifies key rotation processes

This issue is created as a follow-up to security recommendations in PR #15.

References

• PR: feat: implement token based authentication and authorization #15
• Comment: feat: implement token based authentication and authorization #15 (comment)