add registration security: bcrypt secret key, length validation, duplicate check, rate limiting

bin/database/database_provider.dart

@@ -127,6 +127,11 @@ class DatabaseProvider {
   }
 
   Future<User> createUser(String login, String password) async {
+    final existingUser = await findUserByLogin(login);
+    if (existingUser != null) {
+      throw Exception('User already exists');
+    }
+
     final hashedPassword = BCrypt.hashpw(password, BCrypt.gensalt());
 
     final results = await _dbConnection.execute(