feat: add connection test API

[sowen1023]

What does this PR do

Adds Test Connection for data sources so users can validate credentials before saving.

• New endpoint POST /datasource/_test_connection and per-connector ConnectionTester implementations: MongoDB, PostgreSQL, MySQL, MSSQL, Oracle, Neo4j,
  Milvus, Network Drive.
• New reusable TestConnectionButton integrated into the rdbms, mongodb, neo4j, milvus, network_drive forms with inline ✓/✗ feedback.
• MSSQL additionally verifies DB_NAME() because go-mssqldb silently falls back to master when the configured database is missing.

Incidental fixes pulled in while testing:

• web: persist access_token to localStorage on login and inject Authorization: Bearer in the main request interceptor (previously only set on the
  unused demoRequest).
• core/auth_filter.go: temporary AuthFilter that re-wires JWT/session → r.Context(). Framework's security refactor dropped the equivalent filter;
  remove once it lands upstream.

Rationale for this change

Misconfigured data sources fail silently during the first sync. Surfacing failures at config time saves an iteration cycle.

The MSSQL verification matters because the path-style URI sqlserver://user:pass@host:1433/database reports success while actually connecting to master,
then queries explode with Invalid object name.

The auth fixes blocked the new endpoint itself: every authenticated request was rejected by PermissionFilter after the framework refactor. Including them
here keeps the branch self-buildable.

Standards checklist

• The PR title is descriptive
• The commit messages are semantic
• Necessary tests are added — manual verification only against running containers; follow-up for databaseFromMSSQLURI and TestSQLConnection
• Updated the release notes
• Necessary documents have been added if this is a new feature — follow-up
• Performance tests checked, no obvious performance degradation — N/A (operator-invoked, 15s timeout)

[sowen1023]

CI failure note

The integration_test job fails at "Clone framework enterprise plugin" with
Input required and not supplied: token. This is the standard fork-PR
limitation: secrets.REPO_PAT is not exposed to workflows triggered from
forks, so the private infinilabs/framework-enterprise-plugins and
infinilabs/license repositories can't be cloned.

Locally verified:

• go build ./... passes
• make build-web succeeds and the dashboard loads
• All 8 connector test_connection paths verified against running containers
  (MongoDB / PostgreSQL / MySQL / MSSQL / Oracle / Neo4j / Milvus / SMB)

[sowen1023]

Network.driver.mp4

MongoDB.mp4