fix: rebuild-projections doesn't require CSRF_SECRET

The CLI command only needs DB_PATH for database operations, not web
settings like csrf_secret. Read DB_PATH directly from environment.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

src/animaltrack/cli.py

@@ -121,8 +121,8 @@ def main():
         uvicorn.run(app, host=args.host, port=args.port)
     elif args.command == "rebuild-projections":
         import json
+        import os
 
-        from animaltrack.config import Settings
         from animaltrack.db import get_db
         from animaltrack.events.processor import process_event
         from animaltrack.migrations import run_migrations
@@ -135,12 +135,13 @@ def main():
         from animaltrack.projections.intervals import IntervalProjection
         from animaltrack.projections.products import ProductsProjection
 
-        settings = Settings()
+        # Get db_path directly - this command doesn't need web settings
+        db_path = os.environ.get("DB_PATH", "animaltrack.db")
 
         # Run migrations first
         print("Running migrations...")
         success = run_migrations(
-            db_path=settings.db_path,
+            db_path=db_path,
             migrations_dir="migrations",
             verbose=False,
         )
@@ -148,7 +149,7 @@ def main():
             print("Migration failed", file=sys.stderr)
             sys.exit(1)
 
-        db = get_db(settings.db_path)
+        db = get_db(db_path)
 
         # Projection tables to truncate
         projection_tables = [