Hash password

[jwidess]

Added password hashing using PBKDF2. Handles migrating from old non-hashed passwords in auth.json to the new hashed format in auth_hash.json. Updated README and README_zh-CN to reflect these changes.

---

AI Overview Below:

This pull request introduces secure password storage using salted PBKDF2 hashing, migrates existing plaintext credentials to the new format, and improves error logging throughout the authentication module. It also updates the mod version and refines initialization logic.

Security and Data Storage Improvements

• Passwords are now stored as salted PBKDF2 hashes rather than plaintext, with new hashPassword and verifyPassword methods implemented in JsonAuthStorage. All registration, authentication, and password change operations now use these secure hashes.
• Migration logic is added: On first run, if only the old plaintext auth.json exists, its credentials are automatically converted to hashed format and saved in auth_hash.json; the old file is renamed after migration.
• The credentials file name changes from auth.json to auth_hash.json to reflect the new storage format.

Error Handling and Logging

• Replaces e.printStackTrace() with structured logging using SLF4J in JsonAuthStorage and OfflineAuthHandler, improving error visibility for file operations and password verification. [1] [2] [3] [4]

Other Updates

• The mod version is incremented from 1.0.1 to 1.0.3 in gradle.properties.
• Initialization in OfflineAuthHandler now explicitly loads the config at static initialization, and an unnecessary call to AuthConfig().save() is removed from the main mod class. [1] [2]