Add MCP server authentication and update Docker configuration

This commit implements several key improvements to the GeoGuessr MCP server:

## MCP Server Authentication
- Add Bearer token authentication for MCP server access control
- New middleware in src/geoguessr_mcp/middleware/auth.py
- Configuration via MCP_AUTH_ENABLED and MCP_API_KEYS environment variables
- Support for multiple API keys (comma-separated)
- Optional authentication - can be disabled for trusted deployments
- Clients connect using Authorization: Bearer YOUR_API_KEY header

## Docker Configuration Updates
- Update to use official pre-built image: nyxiumyuuki/geoguessr-mcp:latest
- Remove DOCKER_USERNAME and IMAGE_TAG from environment variables
- Simplify docker-compose.yml and docker-compose.prod.yml
- Remove healthcheck configuration (not necessary for the deployment)

## Deployment Improvements
- Move deploy.sh to scripts/deploy.sh for better organization
- Update deploy.sh to use official Docker image
- Add authentication validation in deployment script
- Improve deployment logging and error messages

## Documentation Updates
- Update README.md with authentication configuration examples
- Add MCP server authentication section with setup instructions
- Update environment variables table
- Simplify deployment instructions
- Update CLAUDE.md with new authentication architecture
- Add .env.example configuration for MCP authentication

## Technical Details
- Authentication middleware integrates with FastMCP's Starlette ASGI app
- Middleware validates Bearer tokens on all requests except /health
- Logs authentication attempts and failures
- Returns proper 401/403 HTTP status codes
- Validates configuration on startup to prevent misconfiguration

Resolves TODO items:
- [x] Fix Docker username in compose files and env vars
- [x] Add authentication to MCP server to allow access only to specific users

.env.example

@@ -31,6 +31,19 @@ MCP_HOST=0.0.0.0
 # Port to expose the server on
 MCP_PORT=8000
 
+# =============================================================================
+# MCP Server Authentication
+# =============================================================================
+# Enable authentication for MCP server access (true/false)
+# When enabled, clients must provide a valid API key in the Authorization header
+MCP_AUTH_ENABLED=false
+
+# Comma-separated list of valid API keys for MCP server access
+# Example: MCP_API_KEYS=key1,key2,key3
+# Clients connect using: Authorization: Bearer YOUR_API_KEY
+# Generate secure keys with: openssl rand -hex 32
+MCP_API_KEYS=
+
 # =============================================================================
 # API Monitoring Configuration
 # =============================================================================
@@ -57,12 +70,3 @@ REQUEST_TIMEOUT=30.0
 
 # Maximum retry attempts for failed requests
 MAX_RETRIES=3
-
-# =============================================================================
-# Docker Configuration (for Docker Compose deployments)
-# =============================================================================
-# Your Docker Hub username (used when pulling pre-built images)
-DOCKER_USERNAME=yourusername
-
-# Docker image tag to use (e.g., latest, v1.0.0, dev)
-IMAGE_TAG=latest