VFS/DataProvider/Config refactoring + SSH public key authentication

Phase 1-6 of refactoring plan:
- VFS abstraction (VfsBackend trait + LocalFs + OpenFlags builder)
- DataProvider trait (SqliteProvider + PgProvider, SFTPGo-compatible)
- Config refactoring (AppConfig unified sections, env overrides)
- SSH handlers (sftp/scp/rsync) migrated to VFS + DataProvider
- SSH public key authentication (Ed25519 signature verification)
- SSH stderr → CHANNEL_EXTENDED_DATA support
- Web auth uses DataProvider instead of direct SQL
- User home directory from provider (per-user isolation)
- PostgreSQL auth provider for SFTPGo compatibility

markbase-core/src/ssh2_server/server.rs

@@ -1,9 +1,9 @@
 // ssh2 Server核心实现
 // 替代russh，提供完整的SSH/SFTP/SCP/rsync支持
 
-use crate::sftp::auth::SftpAuth;
+use crate::provider::sqlite::SqliteProvider;
 use crate::sftp::config::SftpConfig;
-use anyhow::{Result, anyhow};
+use anyhow::{Result, anyhow, Context};
 use log::{info, warn, error};
 use ssh2::Session;
 use std::net::{TcpListener, TcpStream};
@@ -106,9 +106,10 @@ fn authenticate_client(session: &Session, config: &Arc<SftpConfig>) -> Result<St
         let user = "warren";
         let password = "demo123";
         
-        // 使用SftpAuth验证（复用现有认证系统）
-        let auth = SftpAuth::new(&config.auth_db_path)?;
-        if auth.verify_password(user, password)? {
+        // 使用SqliteProvider验证（复用现有认证系统）
+        let provider = SqliteProvider::new(&config.auth_db_path)
+            .context("Failed to init SqliteProvider for ssh2_server")?;
+        if provider.check_password(user, password)? {
             info!("Password auth successful for user: {}", user);
             session.userauth_password(user, password)?;
             return Ok(user.to_string());