Add bearer token authentication support

[kashifpk]

Summary

Add support for bearer token authentication to connect to secured MCP servers.

Background

Many production MCP servers require authentication. The official MCP Inspector supports:

• Bearer token authentication with customizable header names
• Session-based authentication with automatic token generation

Anvil should support authentication to test secured servers.

Proposed Implementation

CLI

# Bearer token via flag
anvil --token "your-api-key" list-tools
anvil --token-header "X-API-Key" --token "your-api-key" list-tools

# Or via environment variable
export ANVIL_TOKEN=your-api-key
anvil list-tools

Web UI

• Add authentication section in connection bar (collapsible)
• Token input field (password type for security)
• Optional custom header name field (default: "Authorization: Bearer")
• Store token in session (not localStorage for security)

Technical Implementation

• Modify AnvilClient to accept optional auth parameters
• Add Authorization: Bearer <token> header to requests
• Support custom header names for non-standard auth schemes

Acceptance Criteria

• CLI supports --token and --token-header options
• ANVIL_TOKEN environment variable support
• Web UI has authentication input fields
• Token is properly included in all MCP requests
• Token is masked in debug output
• Documentation updated with auth examples

Security Considerations

• Never log tokens in plaintext
• Don't persist tokens to disk by default
• Clear tokens from memory when disconnecting