Implement Secure Token Storage and Encryption

**Description:**  
Encrypt and decrypt access/refresh tokens for each music provider.

**Requirements:**  
- Use crypto module or secure lib (e.g., bcrypt, crypto-js)
- Encrypt before storing in DB
- Decrypt when making API calls

**Acceptance Criteria:**  
- Tokens not stored in plaintext
- Tests verify encryption round-trip