a6d9bfc5a3
Critical security fix: 5 financial POST endpoints were missing authentication checks. Added requireAuth() middleware to: - /api/flh/hibah/send - /api/flh/hibah/accept - /api/flh/sadaqah/send - /api/flh/waqf/contribute - /api/flh/zakat/pay These involve FLH token transfers and must verify user identity.