Added authentication

.env.example

@@ -4,3 +4,11 @@ CLIENT_SECRET=your-client-secret
 MONGO_URI=mongodb://root:example@mongo:27017/
 ENABLE_PERIODIC_FETCH=false
 FETCH_INTERVAL_MINUTES=60
+AUTH_ENABLED=false
+AUTH_TENANT_ID=your-tenant-id
+AUTH_CLIENT_ID=your-api-client-id
+# Optional scope for SPA login (e.g., api://<client-id>/access_as_user)
+AUTH_SCOPE=
+# Comma-separated lists (optional):
+AUTH_ALLOWED_ROLES=
+AUTH_ALLOWED_GROUPS=