feat: add DEV_MODE configuration and implement dev-token endpoint for authentication

qwen3-tts-backend/config.py

@@ -25,6 +25,7 @@ class Settings(BaseSettings):
     WORKERS: int = Field(default=1)
     LOG_LEVEL: str = Field(default="info")
     LOG_FILE: str = Field(default="./app.log")
+    DEV_MODE: bool = Field(default=False)
 
     RATE_LIMIT_PER_MINUTE: int = Field(default=50)
     RATE_LIMIT_PER_HOUR: int = Field(default=1000)
@@ -60,7 +61,10 @@ class Settings(BaseSettings):
         return v
 
     def validate(self):
-        if self.SECRET_KEY == "your-secret-key-change-this-in-production":
+        if self.DEV_MODE:
+            import warnings
+            warnings.warn("DEV_MODE is enabled — authentication is bypassed. Do NOT use in production.")
+        elif self.SECRET_KEY == "your-secret-key-change-this-in-production":
             raise ValueError("Insecure default SECRET_KEY is not allowed. Please set a strong SECRET_KEY in environment.")
 
         Path(self.CACHE_DIR).mkdir(parents=True, exist_ok=True)