feat: add match slugs for security and fix message history loading

Security improvements:
- Add random CUID slugs to Match model to prevent ID enumeration attacks
- Update all match URLs from /matches/:id to /matches/:slug
- Keep numeric IDs for internal Socket.IO operations only

Backend changes:
- Add slug field to matches table with unique index
- Update all match endpoints to use slug-based lookups (GET, PUT, DELETE)
- Add GET /api/matches/:slug/messages endpoint to fetch message history
- Include matchSlug in all Socket.IO notifications

Frontend changes:
- Update all match routes to use slug parameter
- Update MatchesPage to use slug for accept/reject/navigate operations
- Update MatchChatPage to fetch match data by slug and load message history
- Update RatePartnerPage to use slug parameter
- Add matchesAPI.getMatchMessages() function

Bug fixes:
- Fix MatchChatPage not loading message history from database on mount
- Messages now persist and display correctly when users reconnect

frontend/src/App.jsx

@@ -128,7 +128,7 @@ function App() {
             }
           />
           <Route
-            path="/matches/:matchId/chat"
+            path="/matches/:slug/chat"
             element={
               <ProtectedRoute>
                 <MatchChatPage />
@@ -136,7 +136,7 @@ function App() {
             }
           />
           <Route
-            path="/matches/:matchId/rate"
+            path="/matches/:slug/rate"
             element={
               <ProtectedRoute>
                 <RatePartnerPage />