feat: NAS storage for invoices/offers, code cleanup, date/time fixes

- NAS storage for created invoices (PDF via puppeteer), received invoices,
  and offers with auto-save on create/edit
- Deterministic file paths derived from DB fields (no file_path column needed)
- Separate NAS mount points: NAS_FINANCIALS_PATH, NAS_OFFERS_PATH
- Invoice language field (cs/en) stored per invoice, replaces lang modal
- Invoices list filtered by month/year matching KPI card selection
- Centralized date helpers (src/utils/date.ts) replacing all .toISOString()
  calls that returned UTC instead of local time
- Attendance project switching uses exact time (not rounded)
- Comment cleanup: removed ~100 unnecessary/Czech comments
- Removed as-any casts in orders and attendance
- Prisma migrations: add invoice language, drop received_invoices BLOB columns

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

src/routes/admin/auth.ts

@@ -128,7 +128,6 @@ export default async function authRoutes(
         return error(reply, "Neplatný TOTP kód", 401);
       }
 
-      // Delete used login token
       await prisma.totp_login_tokens.delete({ where: { id: storedToken.id } });
 
       // Reset failed attempts and update last login (TOTP verified = successful login)
@@ -149,7 +148,6 @@ export default async function authRoutes(
         return error(reply, "Chyba načítání uživatele", 500);
       }
 
-      // Create tokens manually since password was already verified
       const jwt = await import("jsonwebtoken");
       const accessToken = jwt.default.sign(
         {