feat: upgrade authentication to JWT with refresh tokens

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

backend/hotel_hacienda/package.json

@@ -13,11 +13,14 @@
   "description": "",
   "dependencies": {
     "axios": "^1.13.2",
+    "bcryptjs": "^2.4.3",
+    "cookie-parser": "^1.4.7",
     "cors": "^2.8.5",
     "csv-parser": "^3.2.0",
     "dotenv": "^17.2.2",
     "express": "^5.1.0",
     "express-validator": "^7.2.1",
+    "jsonwebtoken": "^9.0.2",
     "nodemailer": "^7.0.10",
     "pg": "^8.16.3",
     "stripe": "^20.1.2",