fix: resolve WebAuthn passkey compatibility with py_webauthn 2.7.0

- Fix aaguid type (str not bytes) in registration verification
- Fix missing credential_backup_eligible field (use credential_device_type)
- Remove invalid credential_id param from verify_authentication_response
- Fix origin detection to use browser Origin header for WebAuthn verification
- Add async database engine support (aiosqlite) for passkey operations
- Convert UserDatabase to async-compatible with sync/async session detection
- Update Database class to support both sync and async context managers

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

backend/src/module/database/engine.py

@@ -1,7 +1,14 @@
+from sqlalchemy.ext.asyncio import AsyncSession, create_async_engine
+from sqlalchemy.orm import sessionmaker
 from sqlmodel import Session, create_engine
 
 from module.conf import DATA_PATH
 
+# Sync engine (for legacy code)
 engine = create_engine(DATA_PATH)
-
 db_session = Session(engine)
+
+# Async engine (for passkey and new async code)
+ASYNC_DATA_PATH = DATA_PATH.replace("sqlite:///", "sqlite+aiosqlite:///")
+async_engine = create_async_engine(ASYNC_DATA_PATH)
+async_session_factory = sessionmaker(async_engine, class_=AsyncSession, expire_on_commit=False)