fix: add auth markers to shop endpoints (AUTH-004)

Mark shop endpoints with appropriate auth context:
- messages.py: # authenticated (customer auth + vendor context)
- orders.py: # authenticated (customer auth + vendor context)
- content_pages.py: # public (uses middleware vendor context)

These endpoints use VendorContextMiddleware for vendor context,
not require_vendor_context() dependency.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

app/api/v1/shop/messages.py

@@ -60,7 +60,7 @@ class SendMessageResponse(BaseModel):
 # ============================================================================
 
 
-@router.get("/messages", response_model=ConversationListResponse)
+@router.get("/messages", response_model=ConversationListResponse)  # authenticated
 def list_conversations(
     request: Request,
     skip: int = Query(0, ge=0),