Implement complete API routes and mock authentication for full CMS functionality

- Add comprehensive nested route structure with proper authentication layers
- Implement UpdateContent and ReorderCollectionItems handlers with repository pattern
- Add automatic mock JWT token fetching for seamless development workflow
- Restore content editing and collection reordering functionality broken after database refactoring
- Provide production-ready authentication architecture with development convenience
- Enable full CMS operations in browser with proper CRUD and bulk transaction support

internal/auth/auth.go

@@ -307,6 +307,11 @@ func (a *AuthService) IsAuthenticated(r *http.Request) bool {
 	return err == nil && userInfo.ID != "anonymous"
 }
 
+// IsDevMode returns true if the service is in development mode
+func (a *AuthService) IsDevMode() bool {
+	return a.config.DevMode
+}
+
 // RequireAuth middleware that requires authentication
 func (a *AuthService) RequireAuth(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {