fix(tasks): enforce authenticated task mutations [NSoC'26]

[saurabhhhcodes]

Summary

• remove duplicate unauthenticated task mutation route registrations
• require authenticated users for task listing and task creation
• persist owner_id on created tasks and scope task status/edit/delete mutations to the authenticated owner
• preserve the existing project_id payload used by the Kanban frontend

Closes #152

Validation

• node --check backend/controllers/tasks.controller.js
• node --check backend/routes/tasks.routes.js
• node --check backend/server.js
• git diff --check

Notes

• The backend package currently does not define a test script, so validation is syntax and diff hygiene focused.
• Ownership is enforced using the existing owner_id convention already used for owned resources in this repo Supabase project routes.

[vercel]

Someone is attempting to deploy a commit to the shreemp194-gmailcom's projects Team on Vercel.

A member of the Team first needs to authorize it.

[github-actions]

👋 Thank you for opening this pull request! I will review your changes and assist you soon.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
flow-forge	Ready	Preview, Comment	Jun 11, 2026 6:25pm

[Shriii19]

@saurabhhhcodes having the conflict pls fix it.

[Shriii19]

@saurabhhhcodes resolve conflicts.

[Shriii19]

@saurabhhhcodes fix the conflicts.

[Shriii19]

@saurabhhhcodes fix the conflicts.??