perf: cache auth user-lookup and admin list_users

The per-request SELECT users WHERE uuid=? in require_role was the
hidden tax behind every authed endpoint — it kept _execute at ~60%
across the profile even after the page caches landed. Even /health
(with its DB and Docker probes cached) was still 52% _execute from
this one query.

- dependencies.py: 10s TTL cache on get_user_by_uuid, well below JWT
  expiry. invalidate_user_cache(uuid) is called on password change,
  role change, and user delete.
- api_get_config.py: 5s TTL cache on the admin branch's list_users()
  (previously fetched every /config call). Invalidated on user
  create/update/delete.
- api_change_pass.py + api_manage_users.py: invalidation hooks on
  all user-mutating endpoints.

tests/api/conftest.py

@@ -62,8 +62,10 @@ async def setup_db(monkeypatch) -> AsyncGenerator[None, None]:
     from decnet.web.router.bounty import api_get_bounties as _b
     from decnet.web.router.logs import api_get_histogram as _lh
     from decnet.web.router.fleet import api_get_deckies as _d
+    from decnet.web import dependencies as _deps
     _h._reset_db_cache()
     _c._reset_state_cache()
+    _deps._reset_user_cache()
     _s._reset_stats_cache()
     _l._reset_total_cache()
     _a._reset_total_cache()