Fix middleware and schema cache issues

This commit addresses two critical issues in the MCP server:

1. CORS Middleware Fix:
   - Move CORS middleware outside the auth check so it's always enabled
   - CORS is required for browser-based MCP clients, regardless of auth
   - Fixes "OPTIONS /mcp HTTP/1.1 405 Method Not Allowed" error

2. Schema Cache Improvements:
   - Add specific handling for corrupted JSON cache files
   - Automatically remove corrupted cache files and log the action
   - Prevents startup failures due to malformed JSON
   - Better error messages to help diagnose cache issues

3. Configuration Updates:
   - Change default SCHEMA_CACHE_DIR from /app/data/schemas to ./data/schemas
   - Better default for local development (Docker still uses /app/data/schemas)
   - Update .env.example with clearer documentation

These fixes improve robustness and make local development easier.

src/geoguessr_mcp/main.py

@@ -62,21 +62,21 @@ def main():
     # Register all tools
     register_all_tools(mcp)
 
+    # Get the ASGI application
+    mcp_app = mcp.streamable_http_app()
+
+    # Always add CORS middleware for browser compatibility
+    mcp_app.add_middleware(
+        CORSMiddleware,
+        allow_origins=["*"],
+        allow_credentials=True,
+        allow_methods=["*"],
+        allow_headers=["*"],
+    )
+
     # Setup authentication middleware if enabled
     if settings.MCP_AUTH_ENABLED:
         logger.info("Setting up authentication middleware")
-
-        # Récupérez l'application ASGI via streamable_http_app
-        mcp_app = mcp.streamable_http_app()
-
-        # Ajoutez les middlewares
-        mcp_app.add_middleware(
-            CORSMiddleware,
-            allow_origins=["*"],
-            allow_credentials=True,
-            allow_methods=["*"],
-            allow_headers=["*"],
-        )
         mcp_app.add_middleware(AuthenticationMiddleware)
 
     logger.info(