RSA/ECB/PKCS1Padding Auth Test

GET  /pubkey  → PEM public key
POST /auth    → JSON body: {"token": "<base64-of-RSA-encrypted-bytes>"}
               Returns: {"authenticated": true, "decrypted": "..."}
               Or:      {"authenticated": false, "error": "..."}

Python client example:
  from Crypto.PublicKey import RSA
  from Crypto.Cipher import PKCS1_v1_5
  import base64, requests

  pub = RSA.import_key(requests.get("<URL>/pubkey").text)
  enc = PKCS1_v1_5.new(pub).encrypt(b"hello")
  r = requests.post("<URL>/auth", json={"token": base64.b64encode(enc).decode()})
  print(r.json())