feat: add organization membership infrastructure

[greatKhalifa-code]

To address the requirement, this PR implements the infrastructure from scratch, including:

• Data Layer: Extended the in-memory database to support hierarchical organization and membership mappings.
• Authentication: Centralized JWT verification and identity extraction.
• API Routes: Implemented secure endpoints for listing and managing organization members.

Security Improvements
This implementation fixes the vulnerability where organizational access was predicated on potentially spoofable headers.

• Removed Header Trust: Replaced insecure Actor-Wallet-Address logic with verified JWT sub (subject) claims.
• JWT Authentication: Implemented a new, reusable authentication helper (app/lib/auth.ts) using jsonwebtoken for robust verification.
• Enforced RBAC:
  • GET (List Members): Requires the authenticated user to be a member of the requested organization.
  • POST (Add Member): Strictly restricted to the organization owner (verified via JWT against the owner wallet stored in the org record).
• Error Handling: Implemented consistent 401 (Unauthorized) and 403 (Forbidden) responses using the project's standard error envelope.

Testing & Coverage

• Added a comprehensive unit test suite in app/api/orgs/[orgId]/members/route.test.ts.
• Tests cover edge cases including spoofed headers (by forcing JWT validation), valid non-owner access (403), and valid owner access (201).

Documentation

• Updated README.md to document the new /api/orgs/[orgId]/members endpoints and the prerequisite JWT authentication.

closes #225

[drips-wave]

@greatKhalifa-code Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits