Implement JWT token decoding from cookies as a secondary authentication method in webdav_auth, falling back to Basic Auth then session cookie. Add full test suite (735 lines) covering OPTIONS, PROPFIND, and authorization scenarios for WebDAV endpoints.