feat: optional auth + backup/restore reliability fixes

Auth is now optional: when `auth.api_keys` is empty, all endpoints are
open (no login screen, no Bearer tokens). Health endpoint reports
`auth_required` so the frontend knows which mode to use.

Backup/restore fixes:
- Auto-backup uses atomic writes (was `write_text`, risked corruption)
- Startup backup skipped if recent backup exists (<5 min cooldown),
  preventing rapid restarts from rotating out good backups
- Restore rejects all-empty backups to prevent accidental data wipes
- Store saves frozen after restore to prevent stale in-memory data
  from overwriting freshly-restored files before restart completes
- Missing stores during restore logged as warnings
- STORE_MAP completeness verified at startup against StorageConfig

server/src/wled_controller/api/routes/system.py

@@ -14,7 +14,7 @@ import psutil
 from fastapi import APIRouter, Depends, HTTPException, Query
 
 from wled_controller import __version__
-from wled_controller.api.auth import AuthRequired
+from wled_controller.api.auth import AuthRequired, is_auth_enabled
 from wled_controller.api.dependencies import (
     get_audio_source_store,
     get_audio_template_store,
@@ -107,6 +107,7 @@ async def health_check():
         timestamp=datetime.now(timezone.utc),
         version=__version__,
         demo_mode=get_config().demo,
+        auth_required=is_auth_enabled(),
     )