[Glense] Security hardening & inter-service auth improvements

[bogdans55]

Summary

• Move all hardcoded secrets (JWT keys, DB passwords, RabbitMQ credentials) from docker-compose.yml to .env file with
  .env.example template
• Add inter-service API key authentication (INTERNAL_API_KEY):
  • gRPC server interceptor on Account Service validates x-internal-api-key header
  • gRPC client interceptor on Video Catalogue attaches the key automatically
  • Donation Service HTTP client sends the key when calling Account Service
• Restrict CORS on all backend services from AllowAnyOrigin to config-driven whitelist
• Fix GetCurrentUserId() crash in Account Service (Guid.Parse → TryParse)
• Remove hardcoded JWT fallback in Chat Service
• Clean up README: fix architecture diagram alignment, remove incorrect database schema section and SVG
• Update DEV_QUICKSTART.md to reflect new .env-based setup