fix(server): trim username whitespace on login like register does

register() strips leading/trailing whitespace from the username before
storing it; login() was not, so a user who typed " alice " at login
would get a 401 even though their account existed as "alice". Now both
handlers trim consistently.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

solitaire_server/src/auth.rs

@@ -173,10 +173,11 @@ pub async fn login(
     State(pool): State<SqlitePool>,
     Json(body): Json<AuthRequest>,
 ) -> Result<Json<AuthResponse>, AppError> {
+    let username = body.username.trim().to_string();
     let row = sqlx::query_as!(
         UserRow,
         "SELECT id, password_hash FROM users WHERE username = ?",
-        body.username
+        username
     )
     .fetch_optional(&pool)
     .await?;