fix: add security hardening and documentation for deployment

- Add document validation to prevent NoneType crash when document not configured
- Add SQL query validation (SELECT only, no multi-statement)
- Add 30-second HTTP request timeout
- Fix filter parameter JSON encoding for get_records
- Add return type annotation to get_document
- Add tests for document lookup and SQL validation
- Add comprehensive README with usage instructions

tests/test_auth.py

@@ -82,3 +82,18 @@ def test_get_accessible_documents(sample_config):
     assert len(docs) == 2
     assert {"name": "budget", "permissions": ["read", "write"]} in docs
     assert {"name": "expenses", "permissions": ["read"]} in docs
+
+
+def test_get_document_returns_document(sample_config):
+    auth = Authenticator(sample_config)
+
+    doc = auth.get_document("budget")
+
+    assert doc.doc_id == "abc123"
+
+
+def test_get_document_raises_on_unknown(sample_config):
+    auth = Authenticator(sample_config)
+
+    with pytest.raises(AuthError, match="Document 'unknown' not configured"):
+        auth.get_document("unknown")