feat: Complete watchlist & auto-download system with UI

Implement comprehensive watchlist system with automatic episode detection
and downloading. Features include per-user watchlists, scheduler-based
periodic checks, and a modern web UI.

**Backend Components:**
- WatchlistManager: JSON-based storage with multi-tenant support
- EpisodeChecker: Detects and downloads new episodes automatically
- AutoDownloadScheduler: APScheduler-based periodic task execution
- Complete REST API for CRUD operations and scheduler control

**Frontend Components:**
- Modern watchlist page with dark theme and animations
- Real-time status updates and progress tracking
- Scheduler controls with next-run display
- Add anime directly from search results

**Models & Configuration:**
- WatchlistItem with status, quality, and auto-download settings
- WatchlistSettings for global configuration
- Per-user statistics and provider tracking

**API Endpoints:**
- GET/POST /api/watchlist - List and add items
- PUT/DELETE /api/watchlist/{id} - Update and delete
- POST /api/watchlist/{id}/check - Manual check trigger
- POST /api/watchlist/check-all - Check all due items
- GET/PUT /api/watchlist/settings - Global settings
- GET /api/watchlist/stats - Statistics
- GET/POST /api/watchlist/scheduler/* - Scheduler control

**Configuration Files:**
- config/watchlist.json - User watchlist data
- config/watchlist_settings.json - Global settings

Generated with [Claude Code](https://claude.ai/code)
Co-Authored-By: Claude <noreply@anthropic.com>

app/auth.py

@@ -7,6 +7,8 @@ from datetime import datetime, timedelta
 from typing import Optional, Dict
 from passlib.context import CryptContext
 import logging
+from fastapi import HTTPException
+from fastapi.security import HTTPAuthorizationCredentials
 
 logger = logging.getLogger(__name__)
 
@@ -42,11 +44,12 @@ class UserManager:
             self.users = {}
 
     def _save_users(self):
-        """Save users to JSON file"""
         try:
             os.makedirs(os.path.dirname(self.db_file), exist_ok=True)
-            with open(self.db_file, 'w', encoding='utf-8') as f:
+            temp_file = f"{self.db_file}.tmp"
+            with open(temp_file, 'w', encoding='utf-8') as f:
                 json.dump(self.users, f, indent=2, ensure_ascii=False, default=str)
+            os.replace(temp_file, self.db_file)
             logger.info(f"Saved {len(self.users)} users to database")
         except Exception as e:
             logger.error(f"Error saving users: {e}")
@@ -162,9 +165,15 @@ def verify_token(token: str) -> Optional[str]:
         return None
 
 
-def get_current_user(token: str) -> Optional[dict]:
+def get_current_user(credentials: HTTPAuthorizationCredentials) -> dict:
     """Get current user from JWT token"""
+    token = credentials.credentials
     username = verify_token(token)
     if username:
-        return user_manager.get_user(username)
-    return None
+        user = user_manager.get_user(username)
+        if not user:
+            raise HTTPException(status_code=401, detail="User not found")
+        if not user.get("is_active", True):
+            raise HTTPException(status_code=401, detail="Inactive user")
+        return user
+    raise HTTPException(status_code=401, detail="Invalid authentication credentials")