Add multi-user auth system and admin panel

- User model with email/hashed_password/is_admin/notification_prefs
- JWT auth: POST /api/auth/register, /login, /me
- First registered user auto-promoted to admin
- Migration 0005: users table + user_id FK on follows (clears global follows)
- Follows, dashboard, settings, admin endpoints all require authentication
- Admin endpoints (settings writes, celery triggers) require is_admin
- Frontend: login/register pages, Zustand auth store (localStorage persist)
- AuthGuard component gates all app routes, shows app shell only when authed
- Sidebar shows user email + logout; Admin nav link visible to admins only
- Admin panel (/settings): user list with delete + promote/demote, LLM config,
  data source settings, and manual celery controls

Authored-By: Jack Levy

backend/app/api/dashboard.py

@@ -6,17 +6,24 @@ from sqlalchemy import desc, select
 from sqlalchemy.ext.asyncio import AsyncSession
 from sqlalchemy.orm import selectinload
 
+from app.core.dependencies import get_current_user
 from app.database import get_db
 from app.models import Bill, BillBrief, Follow, TrendScore
+from app.models.user import User
 from app.schemas.schemas import BillSchema
 
 router = APIRouter()
 
 
 @router.get("")
-async def get_dashboard(db: AsyncSession = Depends(get_db)):
-    # Load all follows
-    follows_result = await db.execute(select(Follow))
+async def get_dashboard(
+    db: AsyncSession = Depends(get_db),
+    current_user: User = Depends(get_current_user),
+):
+    # Load follows for the current user
+    follows_result = await db.execute(
+        select(Follow).where(Follow.user_id == current_user.id)
+    )
     follows = follows_result.scalars().all()
 
     followed_bill_ids = [f.follow_value for f in follows if f.follow_type == "bill"]