feat: global Docker health indicator and graceful degradation

- GET /api/health endpoint returning Docker connectivity status
- Sidebar shows Docker connection dot (green=connected, red=disconnected)
- Stale scanner returns store-only results when Docker is unavailable
- Polls health every 30s

web/src/lib/auth.ts

@@ -0,0 +1,30 @@
+/** Shared auth helpers for token management. */
+
+const TOKEN_KEY = 'auth_token';
+
+/** Returns the stored JWT token, or null if not authenticated. */
+export function getAuthToken(): string | null {
+	if (typeof localStorage !== 'undefined') {
+		return localStorage.getItem(TOKEN_KEY);
+	}
+	return null;
+}
+
+/** Returns true if the user has a stored auth token. */
+export function isAuthenticated(): boolean {
+	return getAuthToken() !== null;
+}
+
+/** Stores the JWT token after successful login. */
+export function setAuthToken(token: string): void {
+	if (typeof localStorage !== 'undefined') {
+		localStorage.setItem(TOKEN_KEY, token);
+	}
+}
+
+/** Removes the stored token and redirects to login. */
+export function clearAuth(): void {
+	if (typeof localStorage !== 'undefined') {
+		localStorage.removeItem(TOKEN_KEY);
+	}
+}