🔒 SECURITY: Emergency fixes and hardening

EMERGENCY FIXES:
✅ DELETE MockSilverPayService.cs - removed fake payment system
✅ REMOVE mock service registration - no fake payments possible
✅ GENERATE new JWT secret - replaced hardcoded key
✅ FIX HttpClient disposal - proper resource management

SECURITY HARDENING:
✅ ADD production guards - prevent mock services in production
✅ CREATE environment configs - separate dev/prod settings
✅ ADD config validation - fail fast on misconfiguration

IMPACT:
- Mock payment system completely eliminated
- JWT authentication now uses secure keys
- Production deployment now validated on startup
- Resource leaks fixed in TeleBot currency API

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

LittleShop/appsettings.Development.json

@@ -1,8 +1,24 @@
 {
+  "ConnectionStrings": {
+    "DefaultConnection": "Data Source=littleshop-dev.db"
+  },
+  "Jwt": {
+    "Key": "DEV_8aiNFkRrOao7/vleviWM8EP5800dMOh2hlaKGJoQOQvaxxOVHM3eLAb3+5KN8EcjKZKREHttGKUfvtQrV3ZM4A==",
+    "Issuer": "LittleShop-Dev",
+    "Audience": "LittleShop-Dev",
+    "ExpiryInHours": 2
+  },
+  "SilverPay": {
+    "BaseUrl": "http://localhost:8001",
+    "ApiKey": "sp_test_key_development",
+    "WebhookSecret": "webhook_secret_dev",
+    "DefaultWebhookUrl": "http://localhost:5000/api/orders/payments/webhook",
+    "AllowUnsignedWebhooks": true
+  },
   "Logging": {
     "LogLevel": {
       "Default": "Debug",
-      "Microsoft.AspNetCore": "Debug",
+      "Microsoft.AspNetCore": "Information",
       "LittleShop": "Debug"
     }
   },
@@ -16,7 +32,8 @@
       "http://localhost:5173",
       "http://localhost:5000",
       "http://localhost:5001",
-      "https://localhost:5001"
+      "https://localhost:5001",
+      "http://localhost:8080"
     ]
   },
   "TeleBot": {