Add 6 new tools: Hasher, Base64, JWT Decoder, Password Gen, Timestamp, Text Diff

- backend/tools/hasher.py: POST /api/hash/sha256 and /api/hash/bcrypt (bcrypt added to requirements)
- backend/tools/base64tool.py: POST /api/base64/encode and /api/base64/decode
- backend/tools/jwtdecoder.py: POST /api/jwt/decode (signature verification disabled)
- backend/tools/passwordgen.py: POST /api/password/generate with charset and length options
- backend/tools/timestamp.py: POST /api/timestamp/convert (unix<->date, ISO 8601 + German format)
- backend/tools/textdiff.py: POST /api/text/diff returning structured added/removed/unchanged lines
- All blueprints registered in app.py and tools/__init__.py
- React components with copy button, dark/light mode support via CSS variables
- ToolOverview rebuilt as card grid; App.jsx routes added for all tools

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

backend/tools/jwtdecoder.py

@@ -0,0 +1,29 @@
+from flask import Blueprint, request, jsonify
+import jwt
+from datetime import datetime, timezone
+from util.logger import logger
+from auth.token import verify_token
+
+jwt_decoder_blueprint = Blueprint('jwt_decoder_tool', __name__)
+
+
+@jwt_decoder_blueprint.route('/api/jwt/decode', methods=['POST'])
+def decode_jwt():
+    user = verify_token()
+    if not user:
+        return jsonify({"message": "Nicht autorisiert"}), 401
+    try:
+        data = request.get_json()
+        token = data.get("token", "").strip()
+        header = jwt.get_unverified_header(token)
+        payload = jwt.decode(token, options={"verify_signature": False})
+
+        expired = False
+        if "exp" in payload:
+            expired = payload["exp"] < datetime.now(timezone.utc).timestamp()
+
+        logger.info(f"JWT dekodiert von {user['username']}")
+        return jsonify({"header": header, "payload": payload, "expired": expired})
+    except Exception as e:
+        logger.error(f"Fehler JWT decode: {e}")
+        return jsonify({"message": "Ungültiger JWT Token"}), 400