feat: Implement host authentication and settings management

Introduces a new authentication flow for the host, requiring a password to access host-specific features. This commit also adds a dedicated settings section within the host view, allowing administrators to configure essential application parameters such as the API key for AI question generation and the join URL for players.

The backend has been updated to include a new `settings` table in the database to persist these configurations. The Gemini service is refactored to accept the API key as a parameter, enhancing flexibility and security. UI components like `HostView` and `App.tsx` are modified to integrate the new authentication and settings management functionalities.

Key changes include:
- Password-based authentication for host access.
- A new settings interface for API key and join URL management.
- Database schema update with a `settings` table.
- Refactoring `geminiService` to accept API key.
- UI adjustments for login and settings screens.

database.sql

@@ -14,5 +14,19 @@ CREATE TABLE IF NOT EXISTS `player_intents` (
   PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
 
--- Initialize with one row
+CREATE TABLE IF NOT EXISTS `settings` (
+  `id` int(11) NOT NULL,
+  `admin_password` varchar(255) NOT NULL,
+  `api_key` varchar(255) DEFAULT '',
+  `join_url` varchar(255) DEFAULT '',
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+
+-- Initialize Game State
 INSERT INTO `game_state` (`id`, `game_data`) VALUES (1, '{}') ON DUPLICATE KEY UPDATE `id`=1;
+
+-- Initialize Settings with plaintext 'admin'. 
+-- api.php will detect this, log you in, and automatically hash it.
+INSERT INTO `settings` (`id`, `admin_password`, `api_key`, `join_url`) 
+VALUES (1, 'admin', '', '') 
+ON DUPLICATE KEY UPDATE `admin_password`='admin';